Part A

Question 1
There are four major steps in business performance management (BPM). In addition of being
able to measure, using the right indicator to measure the right thing are two fundamental
requirements for managing business performance.
a. Name and discuss the FOUR major steps in business performance management (BPM).
The major steps in business performance management are:
Step 1. Decide on desired performance levels. Specific metrics are set for desired
performance levels so that the company can evaluate its success.
Step 2. Determine how to attain the performance levels. The issue is how to get there? This
is determined by the corporate strategies and plans.
Step 3. Periodically assess where the organization stands with respect to its goals,
objectives, and measures. This is accomplished by monitoring performance and comparing it
to the values set in Step 1.
Step 4. Adjust performance or goals. If performance is too low, corrective actions need to be
taken to close the gap.

b. Explain why it is challenging to comply with each of the two fundamental requirements
for managing business performance.
In order to manage performance, two fundamental requirements are:
1. Being able to measure. You cannot manage what you cannot measure. Stated in reverse, if
you cannot measure a process, you cannot manage or control it. To be reliable, measuring
needs to be fact-based and/or data-driven
2. Knowing that your indicator is measuring the right thing. Not all performance metrics are
clearly linked to the desired outcome. You often need to find surrogate quantitative measures for
qualitative metrics that can reliably measure what you want measured. Even for quantitative
metrics, measuring is challenging. Adding to the challenge is that managers rarely agree on
which sets of indicators are the right ones to track.

Question 2
Although having high-quality data are essential for business success, many organisational and
technical issues make it difficult to achieve this objective.
a. Discuss TWO organisational and technical issues that hampered organisations from
achieving high-quality data.
Organizational and technical issues that may hamper organizations from achieving high-quality
data are:
1. One problem is data ownership and responsibility. Data ownership issues arise from the lack
of policies defining responsibility and accountability in managing data.
2. Inconsistent data quality requirements due to various stand-alone applications create
problems as organizations try to combine individual applications into integrated enterprise
systems.
3. Inter-organizational information systems add complexity to managing data quality. Companies
must resolve the issues of administrative authority to ensure that each partner complies with the
data quality standards.
4. Delegating data quality responsibilities to technical teams instead of to the business users
who actually have control over data quality

b. Suggest ONE solution to solve each of the organisational and technical issue
mentioned in (a).
One solution to solve each of the organizational and technical issue mentioned in (a) above:
1. Data ownership and responsibility issues establish clear policies which define
responsibility and accountability in managing data.
2. Inconsistent data quality requirements issues consolidate applications into integrated
enterprise systems.
3. Inter-organizational information systems complexity and data quality management issues
impose common data format and quality standards with partner companies.
c. Delegating data quality responsibilities to technical teams instead of to the business users
who actually have control over data quality let the business unit handle the IT of the
business.
Part B
Question 1
The internet is integral to success. Companies no longer use the internet as merely a place to
post billboards. Companies increasingly realise the internet as a resource to be exploited for
maximum gain. To be competitive and relevant, companies have to continuously seek out new
ways to export their ideas.
Discuss FOUR challenges faced by many companies due to the proliferation of internet.
Most companies face significantly powerful challenges and competitors that depress traditional
business models. Among others are:
1. Consumers and employees can counteract marketing strategies by posting harsh criticisms in
blogs.
2. Online companies (such as eBay shops) can under-price.
3. Intranets, extranets, and social networks are diminishing perimeters between companies and
individuals livesand making them more transparent.
4. People check Internet resources for ratings and prices before they buy books, vacations,
cars, and so on.
5. In places such as Tanzania, political activists worked on a new constitution using a wiki.
6. Communication and collaboration tools can collectively create a compelling force whose
impacts are not yet known.

Question 2
The use of social networks and cloud computing have increased vulnerabilities of information
due to a single point of failure and unprecedented threat from attackers. Critical, sensitive, and
private information is at risk. This escalates concern for Information Technology (IT) security
amongst organisations.
The following are the strategies of IT security defense strategies:
1. Prevention and deterrence. Properly designed controls may prevent errors from occurring,
deter criminals from attacking the system, and, better yet, deny access to unauthorized people.
These are the most desirable controls. Example: use IPS.
2. Detection. Like a fire, the earlier an attack is detected, the easier it is to combat, and the less
damage is done. Detection can be performed in many cases by using special diagnostic
software, at a minimal cost. Example: use IDS.
3. Containment (contain the damage). This objective is to minimize or limit losses once a
malfunction has occurred. It is also called damage control. This can be accomplished, for
example, by including a faulttolerant system that permits operation in a degraded mode until
full recovery is made. If a fault-tolerant system does not exist, a quick and possibly expensive
recovery must take place. Users want their systems back in operation as fast as possible.
4. Recovery. A recovery plan explains how to fix a damaged information system as quickly as
possible. Replacing rather than repairing components is one route to fast recovery. Example:
System Recovery Planning.
5. Correction. Correcting the causes of damaged systems can prevent the problem from
occurring again. Example: Trouble shooting and correction.
6. Awareness and compliance. All organization members must be educated about the hazards
and must comply with the security rules and regulations. Example: Awareness program and
Training.
Question 3
There are three levels of managers: operational, middle, and strategic managers. These
managers have different, but related, responsibilities and information need for making decisions.
Discuss.
1. At the strategic level, senior or top level management plan and make decisions that set or
impact the long-term direction of the entire organization. These decisions are visionary,
futureoriented, and define the mission, objectives, and strategy. External data about the
economy, competitors, and business trends are essential to their SWOT (strengths,
weaknesses, opportunities, and threats) analysis, planning, and decisions.
2. At the managerial or administrative level, middle-level managers make tactical decisions
that focus on intermediateterm issues to fulfill the organizations mission, objectives, and
strategy. Control is important at this level. Middle level managers set goals for their departments
or business units that are consistent with organizational goals set by senior management.
External and internal data are important for decision making, which often has a one to three
year time horizon.
3. At the operational level, lower-level managers, supervisors, and workers need detailed data,
in real-time or near real-time, and the ability to respond to what they learn from functional ISs.
Decisionmaking is for the immediate or short-term because decisions are made to control the
day-to-day activities or operations. The purpose of control is to identify deviations from
objectives and plans as soon as possible in order to take corrective action.
Question 4
Enterprise systems are integrated Information System (ISs) that support core business
processes and functions.
Discuss how ISs integration is achieved?
ISs Integration is achieved by linking databases and data warehouses so they can share data
hypothetical attacks.
Enterprise information systems, or enterprise systems for short, are systems that
help managers and companies improve their performance by enabling them to seamlessly
share data among departments and with external business partners.
Enterprise systems allow workers to access and analyze real-time information and
transaction processes across the entire organization. These systems integrate the functional
systems, such as accounting, finance, marketing, and operations.
Another advantage of enterprise systems is that processes become more automated or
totally automated, which increases efficiency. For example, by automating finance processes, a
company can do things such as accept online orders and do business-to-business (B2B)
transactions electronically, instead of via e-mail or offline methods such as telephone or fax.
Prior to selecting and implementing an ERP or other enterprise system, its essential that
a company identify the problems to be solved, the goals to be achieved, and the type of support
the IS is to provide. For example. Under Armours management wanted real-time or near
realtime data and sufficient agility to respond quickly to operational and market conditions.
Agility is the ability to thrive and prosper in an environment of constant and
unpredictable change. Agility is a result of streamlining processes on the shop floor to speed up
order fulfillment, which in turn maximizes capacity for increased productivity.
Question 5
Transforming the way people and businesses use Information Technology (IT) could reduce
annual human-caused global emissions by 15 per cent by 2020. Do you agree with this
statement? Justify with reasonable discussion.
Yes, agree. The efforts are many with IT. Among beneficial efforts are.
1. Use IT to monitor and maximize energy efficiency both within and outside of its own industry
sector to cut CO2 emissions.
2. Build smart buildings which minimizes wasted-energy and materials; and procurement,
manufacturing, distribution, service, and recycling are done in an environmentally friendly
manner.
3. Deploy cloud computing which allows any part of the IT to be sourced from the Internet,
ultimately offering a more flexible model that aligns better with business objectives.
4. Use IT appropriately to create organizations that have the characteristics of elasticity,
scalability, flexibility, adaptive and sustainable.
5. Deploy virtualization technology which optimizes the capacity and processing power of
servers so that fewer servers are needed to provide the necessary processing power.
6. Start using ENERGY STAR qualified products which use less energy.
7. Support telecommutes or virtual work, which offers many green benefits, including reducing
rush-hour traffic, improving air quality, improving highway safety, and even improving
healthcare.
8. Support smart meters to smart grids, where Climate Group is working with members and
partners, such as Google and Cisco, to build on the enormous potential and economic
opportunities of IT in the low carbon economy.