ISQA header logo

The following questions were contained in the Fall 2008 Comprehensive Exam.

ISQA 8060 - RESEARCH IN MIS

  1. You are asked to develop a research proposal and design for the US Government. Please cover the following in your presentation.
    1. What is the phenomenon you observe in this case… 10%
    2. What concepts would you use to help you understand this phenomenon?... 20%
    3. Please design a research project to investigate the problem being posed in this company… 30%
    4. Present an outline of a research proposal you would submit to Signal International. Explain each section of the outline… 30%
    5. What would be the deliverables(s) of this research project …10%

    Information Technology at the FBI

    Experts are disputing Attorney General John Ashcroft's claims that a decade of deficient information technology funding hampered the FBI's intelligence gathering prior to the Sept. 11, 2001, attacks. In a high-profile appearance Tuesday before the commission charged with investigating the deadly assaults, Ashcroft warned that through the 1990s, "the FBI's information infrastructure had been starved, and by Sept. 11, it collapsed from budgetary neglect." The analysis drew a skeptical response from government watchdogs, who painted it as a typical bureaucratic reflex: Blame the budget rather than management. Ashcroft's comments come, as President George W. Bush is seeking an FBI funding increase of about $500 million, or 11.4 percent, for next year--part of a request for $22.1 billion in total Department of Justice funding.

    "The bureau essentially had 42 separate information systems, none of which were connected. Agents lacked even the most basic Internet technology...(These problems) hindered information sharing with the Justice Department, the intelligence community, and state and local law enforcement," Ashcroft told the National Commission on Terrorist Attacks Upon the United States. Longtime observers of the FBI acknowledge that the bureau's hardware and networks were indeed shabby in 2001, but they argue that the real explanation is more complicated than Ashcroft indicated: The bureau's top management just didn't care about IT. For more than a decade, they say, the FBI's experiences with IT have been plagued by budget overruns, slipped deadlines and devastating critiques from outside auditors.

    Trilogy

    A massive FBI technology upgrade called Trilogy is designed to usher the bureau into the 21st century. The push, which has been in the planning stages since the mid-1990s, specifies that FBI employees will receive new hardware, better software and speedier communication links. A Web-based portion called the Virtual Case File is designed to provide access to more commercial and internal government databases, along with one easy-to-use search engine for all FBI files in the system.

    But internal Justice Department reports show that Congress was worried about giving the FBI a blank check because of the bureau's "lack of credibility," after projects like the Integrated Automated Fingerprint Identification System and the National Crime Information Center were completed millions of dollars over budget and years behind schedule. "The FBI's inability to effectively complete IT projects within budget and schedule reduced the FBI's credibility in the eyes of Congress," a December 2002 audit from the Justice Department's inspector general said. "The lack of credibility contributed to delays in the FBI receiving congressional funding to upgrade its IT infrastructure."

    In November 2000, Congress wrote a check for $100.7 million to pay for the first year of the $379.8 million Trilogy project. in January 2002, responding to the Sept. 11 attacks, Congress handed over the remainder and an extra $78 million to speed things up. Other portions of the FBI's budget also jumped after the attacks. The FBI's budget had gradually grown from $680.7 million in 1981 to $1.79 billion in 1991 to $3.4 billion in 2001. Immediately after the Sept. 11 attacks, though, it leaped to $4.49 billion for the federal government's 2002 fiscal year.

    Post 9/11

    One big change at the FBI took place on Sept. 5, 2001, when Robert Mueller succeeded Freeh as the sixth director of the largest federal police agency. Through his work as the U.S. Attorney in San Francisco, Mueller had gained a reputation as being more tech-savvy. "Every FBI manager--indeed, every agent--needs to be computer-literate," Mueller said at his Senate confirmation hearing. "Not a computer programmer--but aware of what computers can and cannot do to assist them with their jobs."

    But even Mueller and the influx of cash hasn't seemed to help the FBI fix its IT problems. A September 2003 report from Congress' auditing arm said "the FBI has yet to develop (a master IT architecture plan), and it does not have the requisite means in place to effectively develop, maintain and implement one. The state of the bureau's architecture efforts is attributable to the level of management priority and commitment that the bureau has assigned to this effort."

    Trilogy's deadlines kept slipping, the General Accounting Office (GAO) noted, and the FBI did not meet its July 2002 deadline. The GAO gave the FBI a 1-out-of-5 rating, with 5 being highest. The FBI, the auditors concluded, had failed to appoint a chief information architect, create a master IT plan and establish an "architecture-steering committee"--all of which are required to achieve even a modest rating of 2 out of 5. Now, the FBI is racing to meet a revised April 30 deadline for upgrading its antique computers. The portion of Trilogy that dealt with upgrading networks was finally finished in March 2003, but the Virtual Case File software currently in development has been repeatedly delayed.

    Excerpts are from: "Critics: Management, not IT money, is FBI problem"By Declan McCullagh, CNET News.com, Published on ZDNet News: April 14, 2004, 2:37 PM PT

  2. Please answer all parts of this question. Clearly state and explain all assumptions. Appended on the following page is the introduction section of a proposed research project that you are planning to conduct. Based on this proposal, your assignment is to answer the following questions:
    1. State or define the problem under investigation… 10%.
    2. Specify all concepts and explain why you consider them to be a dependent variable, independent variable(s), intervening variable(s), and moderating variable(s)… 20%.
    3. Based on the answers above, now develop a complete theoretical framework and draw a schematic diagram. Provide a brief rationale for any relationships you may establish in your model… 10%.
    4. Develop four testable hypotheses and state each, both in the null and in the alternate forms... 20%.
    5. How would you establish the "scientific" quality of this research? … 10%.
    6. Would this be basic or applied research? Briefly state how, or under what circumstances, this very same research could become the opposite of whatever your answer is… 10%.
    7. Which research design would you use? Be sure to clearly explain your reasoning… 20%.

    PROPOSED RESEARCH STUDIES USER ACCEPTANCE OF INFORMATION TECHNOLOGY

    Understanding why people accept or reject computers has proven to be one of the most challenging issues in information systems (IS) research. Researchers and practitioners alike are working on finding some way to predict and explain future user behavior from simple measures taken after a very brief period of interaction with a system. Researchers have posited that two particular user-related beliefs, perceived usefulness and perceived ease of use are key determinants of attitude towards using a system, which in turn influences actual system use. Perceived usefulness is defined as the "prospective user's subjective probability that using a specific application system will increase his or her job performance within an organizational context." Perceived ease of use refers to "the degree to which the prospective user expects the target system to be free of effort."

    Studies have also found evidence to show that people's actual system use can be predicted reasonably well from their behavioral intentions (to use the system) and that perceived usefulness is also a major determinant of people's intention to use the system. In fact, there is empirical evidence to show that attitudes (towards computer use) mediate the effects of beliefs on intentions. In other words, attitudes towards use influences people's behavioral intention to use the system, which in turn impacts actual system use, in that causal sequence. It has also been found that perceived ease of use is a significant secondary determinant of people's intentions to use systems. Finally, IS researchers have also reported that any other external variables that influence user behavior do so indirectly by influencing perceived usefulness and perceived ease of use. [This description is based on published research works including Davis et al. (1989), Davis (1989), and Vishwanath & Davis (1996).] The description has been designed as an exercise and is the authors' interpretation of the cited works.

    References:

    Davis, F.D., Bagozzi, R.P. and Warshaw, P.R. (1989). "User Acceptance of Computer Technology: A Comparison of Two Theoretical Models," Management Science, 35:8 (August), pp. 982-1003.

    Davis, F.D. (1989). "Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology," MIS Quarterly, 13:3, pp. 319-341. Vishwanath, V. and Davis, F.D. (1996). "A Model of the Antecedents of Perceived Ease of Use: Development and Test," Decision Sciences, 27:3, pp. 451-481.

ISQA 8110 - MODERN SOFTWARE DESIGN

  1. Describe the Jacobson interaction diagram (called a message-trace diagram by Price). Describe its use in CRC Analysis and Design, coding, testing, and maintenance.
  2. Define and describe structured programming; be sure to cite Djikstra. Compare and contrast the advantages of structured programming over unstructured programming (that is programming that does not adhere to structured principles) from the design phase throughout the software life cycle until the retirement of the software.

ISQA 8210 - SOFTWARE PROJECT MANAGEMENT & ISQA 8220 - SYSTEMS ANALYSIS AND DESIGN (take home portion)

  • After graduation, you obtained a job in the IT department at one of the most prestigious and largest financial institutions in the country, HighRiskBank. Unfortunately, HighRiskBank became over-extended in subprime mortgages, and in March 2008, the organization collapsed. HighRiskBank's stock price plummeted and a competitor, StableBank purchased HighRiskBank for pennies on the dollar. You still have your job, and you are now an employee at StableBank. Within the next year, StableBank plans to eliminate most of the IT staff from HighRiskBank; however, given your reputation and performance at HighRiskBank, the CIO of StableBank has given you an assignment. You know that completing this assignment well could mean you will keep your job and you may receive a promotion.

    StableBank must integrate the IT systems of HighRiskBank with those that currently exist at StableBank. As StableBank considers how to integrate these systems, there has been much discussion about the approach that should be used. Some people in your department feel that this is a prime opportunity to introduce service-oriented architecture at StableBank. (For a brief introduction to SOA, see http://www.cio.com/article/40941/.)

    Both HighRiskBank and StableBank have large transaction processing systems used to capture and record financial transactions of customers. These systems need to be integrated into a single cohesive information system for StableBank. Integrating these systems (with or without the use of SOA) is going to be a large undertaking requiring careful consideration to systems analysis and design as well as management of the software development effort.

    The CIO of StableBank has asked you personally to prepare a report for her to help her decide if SOA is something that should be considered as they integrate the systems across the two banks. This report should include:

    1. A clear explanation of service oriented architecture (SOA) that can be shared with non-IT personnel.
    2. A discussion of the advantages and disadvantages of using SOA within this particular organization. This discussion should consider the nature of the organization and the likely context of systems to be integrated and enhanced. Include at least four advantages and four disadvantages. You may make any assumptions, but be specific in stating your assumptions.
    3. A discussion of at least three potential issues that may arise (positive or negative) for the systems analysis and design process if SOA is adopted. Explain how you would address these issues.
    4. A discussion on how the use of SOA will impact the project management process. Identify at least three potential issues that may arise (positive or negative) when managing software development if SOA is adopted. Explain how you would address these issues.
    5. A description of at least three criteria you would use to decide when SOA would be an appropriate choice for the organization.
    6. A recommendation as to whether or not your organization should use SOA.

    IMPORTANT NOTE FOR PREPARING YOUR ANSWER: Remember to put your own analysis and argumentation into this answer. You may certainly use the Internet and any sources from your classes or elsewhere to complete the assignment (and of course you must cite those sources thoroughly and correctly); however, that research is just background for your own analysis and application of the question to the scenario presented. You should not just write long descriptions of facts, but you should apply those facts in a diagnostic way - show what YOU know and what you can say about these issues, and do not just repeat what somebody else knows.

ISQA 8310 - DATA COMMUNICATIONS

  1. The Domain Name System (DNS) is an important component of the TCP/IP architecture. Answer the following questions about DNS.
    1. What is the purpose of DNS? Why is it needed?
    2. Give some examples of domain names within organizations. Identify the components (levels) of a domain name. What do the different levels signify? Why do some domain names have more levels than others?
    3. Organizations may choose different DNS server architectures based on organization size, structure, and other contextual factors. Some organizations, for example, use only a single DNS server. Others may use multiple servers. Explain why this is the case. On what bases do organizations make this type of decision?
    4. Discuss the process of name resolution using DNS. Provide examples. Distinguish between iterative resolution and recursive resolution.
    5. What is DNS caching? DNS replication? Why are they used?
    6. DNS uses several different types of records. First, describe the contents of a basic DNS record (i.e., the data elements). Second, explain what is meant by each of the following DNS record types: type-A record, MX record, and CNAME record. Give examples of each type.
  2. You have been asked to create a distributed environment that would support a home-based call center operation. You will have 100-150 operators working from their homes across the U.S. The purpose is to take advantage of time zones as well as communications. Each operator will have a PC and a high-speed line (you specify the capacity) in their homes. They will have to access customer and product information located at your headquarters in Omaha, NE. You need to design the network that would support the allocation of calls to theses individuals and support their access to the systems. Please explain the elements that would have to be in place to make this environment functional, including: application location, synchronization, fault tolerance, speed and type of connections,… etc.

ISQA 8380 - MANAGING THE DISTRIBUTED COMPUTING ENVIRONMENT

  1. Service oriented architecture (SOA) involves the concept of service orchestration. What is service orchestration and how does it help in developing a services oriented architecture for a company with multiple applications running on multiple systems? Explain the major enabling standards used in service orchestration. Sketch a sample service oriented architecture implementation and how service orchestration works in this example.
  2. Orthopedic Inc, a supplier of specialized orthopedic medical equipment, is growing and needs the help of a system integrator to streamline their systems and processes so they can be more responsive to their customers and lower their costs. Their clients are physical therapists, physicians and other medical professionals that order custom braces and other orthopedic devices. Today the current process is as follows:
    • A customer from a physician's office calls the company to order a device. The customer service agent first checks to see if they are an existing customer. If not, they are enrolled in the customer information and billing system.
    • Once they have the billing information, they take the order for the device. In some cases these devices are simple and the customer service agents just need to know the size of the device requested. In other cases, they are custom and the customer is emailed a form that must filled out and faxed back to the company. This information is keyed into an order entry and configuration system.
    • Generally the customer pays via a corporate credit card and the customer service agent must get on the Payfuse credit card payment site website to complete the payment transaction.
    • After the call with a new customer, the customer service agent is instructed to complete a credit bureau check on a new customer. Assuming the score is OK, they send the order on to the fulfillment department.
    • The order fulfillment department checks the inventory system to ensure the parts are available, if they are; the parts are selected, boxed and labeled for shipping. They generally use UPS for shipping so the order fulfillment specialist goes onto the UPS website and enters the information needed for shipping to the customer.
    • If parts are needed to complete the orthopedic device, the fulfillment specialist must order the parts from one of two parts dealers. Again, they must sign on to the systems below and order the parts to be shipped to Orthopedic Inc before the device can be assembled and shipped. These two companies and order entry systems they use are:
      • Custom Plastics system
      • ABC Medical supply system
    • Finally when a product is shipped to the customer, an email with the tracking number is sent by a fulfillment specialist. They use Microsoft Exchange.
    You are on the project team a to design a system which allows physicians or other customers to place the order for these orthopedic devices directly over the web or through the call center. The call center staff will use essentially the same web interface but from inside the company. The system should take advantage of a services based approach to automate many of the routine steps which today are manual such as credit look ups, credit card billing without logging on to a web site. Listed below are the systems you will need to integrate:
    1. Customer information and billing system is a Java based system running on a Weblogic server and uses an Oracle database. It can be accessed by a browser interface and using a web service.
    2. Order entry and configuration system is a system that is written in COBOL and runs in CICS on an IBM mainframe and uses a 3270 interface.
    3. Payfuse credit card payment is a service of First National Bank of Omaha and can be accessed through a browser and through a secure web service.
    4. Credit bureau system can be accessed over the web via a browser and through a web service.
    5. UPS package delivery system can be accessed over the web via a browser and through a web service.
    6. Orthopedic Inc uses Microsoft Exchange Server
    7. Custom plastics system runs on a mainframe and uses a COBOL based application. Orthopedics Inc. has a 3270 terminal access to their system today. The systems also uses MQ messaging.
    8. ABC Medical Supply System can be accessed over the web via browser and via a standard EDI connection and through a web service.
    Draw a diagram of how you would integrate these systems and accomplish the goals described above. Don't forget about security. Be sure to show all firewalls needed to protect data for this system. Show the high level integration protocols on the arrows such as "web service" "odbc sql" etc… Try to minimize human intervention for routine activities. Describe how data moves from one system to another in a paragraph and defend your approach.

ISQA 8410 - DATABASE MANAGEMENT

  1. WSIS Stock-Taking Database

    The World Summit on the Information Society (WSIS) is a United Nations sponsored summit that developed a plan of action to promote the use of information and communication technologies (ICT) products, networks, services, and applications to help countries overcome the digital divide. To facilitate the tracking of projects that address the goals of the plan of action, the WSIS has set up a database in which to record activities and the goals they address.

    Each activity in the database is represented by a unique identify. Each activity also has a title, which may or may not be unique, and a description on the order of a short paragraph. Each activity is recorded as being local, national, regional, or international in scope. The current status of the project - completed, planned for future, or ongoing - is noted, as well as the start and, possibly, finish dates of the project. The date on which the information about an activity was last updated is also recorded, although the history of updates is not. An activity is also classified according to its type: project, program, WSIS Thematic Meeting, conference, publication, training initiative, guidelines, tool-kit, website, database, or other. A given activity can be classifed as one or more activity types.

    Each activity is sponsored by precisely one organization and an organization may sponsor multiple activities. The database is to store the name, country, URL, and contact person for the organization. Each organization also has a type (government, international organization, business sector, and civil society), and is associated with a country (or is recorded as 'international'). Each country (e.g. Poland) is located within a region (e.g. Eastern Europe) and a continent (e.g. Europe). In the case of government organizations, data also is collected that will indicate whether the government is pursuing an e-Strategy and whether the government has any organization coordination WSIS activities.

    Each activity may address one or more WSIS action lines. An action line (e.g. 'Enabling Environment') is associated with one or more descriptors (e.g. 'consumer protection', 'dispute settlement', 'domain name management', 'e-commerce', 'e-government strategy', etc. Each activity may also address one or more of the United Nations' Millenium Development Goals (MDG). The eight MDGs include "eradicate poverty and hunger', 'achieve univeral primary education', 'promote gender equality & empower women', and others.

    1. Create a conceptual data model using E-R or UML notation for the WSIS Stock-taking effort.
    2. Create a relational schema (a set of appropriately normalized tables) based on your diagram.
    3. Provide SQL queries that will provide the solution to the following questions
      1. List the titles, description, and start date for all activities sponsored by an organization located in Finland addressing the MDG 'eradicate hunger and povery'
      2. For each region of the world, list the number of activities sponsored by an organization located within that region. Sort the results by continent and region.
      3. List the name and URL of the organization sponsoring the most activities.
      4. List each MDG having fewer than 50 activities addressing it.
      5. Create the ORGANIZATION table. Be sure to create all relevant constraints.
  2. Data Integrity

    Data integrity is a principle that is foundational to the management and use of data. Define the term 'data integrity' and discuss its many facets in the world of data management. In doing so, elaborate on the ways in which data integrity can be compromised and the ways in which mechanisms in the DBMS and database models, and techniques in database design and data management can serve to ensure and preserve data integrity. Include a discussion of data governance in your answer. The best answer will demonstrate a broad and holistic understanding of data integrity.

ISQA 8420 - MANAGING THE IS FUNCTION

  1. When you interviewed for the position of CIO of a medium-sized long haul trucking company, some company executives asked you to express your views about information systems strategic planning.

    You are now on board and have been tasked to develop a strategic information systems plan for this company. You have also been meet with the company officers to discuss the direction of the company. Before this meeting, they have asked that you provide a list of questions with some explanation about the "why" of the question so they can be prepared, thus maximizing the output from this meeting.

    Develop a list of questions you would ask the officers of the company and give an explanation and justification for each question.

  2. You are the CIO of a publicly traded company. This year the company has decided to include the Board of Directors in the annual strategic planning conference. .Several of the board members are fairly new and do not have a thorough understanding of the company.

    In a recent staff meeting, the CEO explained that to educate the Board members, he is planning to use Porter's Five Forces Model and structure each of the five areas as a question. For example, he plans to pose the question: "What are substitute goods for our products?" and then provide a discussion of the potential substitutes.

    The CEO asks each of you as senior staff members to follow a similar format in the presentation that each of you will make to the board.

    You have been allotted 30 minutes for your presentation and the CEO has asked to see the questions you plan to present together with a justification of why you chose this question. He also asked that you help him understand better the IS function by including several key points that you will make under each question.

    You are to prepare the questions, justification, and key points detailed in the preceding paragraph.

ISQA 8810 - IT PROJECT FUNDAMENTALS

  1. Describe the risk management process. Be sure to include each separate process and how to perform each process. List possible outcomes of the risk management process.
  2. Project risks are identified within a context. What is the impact on a project if the context within which you identify risks is incorrect?
blue bar image