MIS Chapter 13 [Final] – Flashcards

TJX's handling of its serious data breach is consistent with which one of the following? a) Stakeholder theory b) Stockholder theory c) Social normative d) Social contract theory e) Corporate social responsibility

Which normative theory of business ethics would TJX have displayed if it had informed customers as soon as the breach was corrected and told other retailers how to prevent future security breaches? a) Stakeholder b) Stockholder c) Social contract d) Investor e) Corporate social responsibility

This is the term used to describe ethical dilemmas that arise with the development and application of IT. a) Stockholder theory b) PAPA principles c) Information ethics d) Normative theories e) IT dilemmas

All of the following are examples of green computing EXCEPT: a) Virtualization b) Cloud computing c) Tidal powered servers d) Server workloads moved to off-peak hours e) Cookies

Green computing is often associated with supporting the triple bottom line known as: a) Economic, environmental and social b) Stockholder, stakeholder and society c) People, Privacy and Property d) Google, Facebook and Microsoft e) Data, information and knowledge

This is a text message that is stored on a user's computer by a Web server that helps trace the user's browsing habits. a) Script b) Cookie c) Id theft d) Firewall e) Data file

In the chapter, there is the statement, "Internet companies are in business for the money and hence they really would prefer to keep their customers in the dark about how their personal data is being used to generate profits". Assuming this statement is true, with which ethical theory would you say these Internet companies are most aligned? a) Stockholder theory b) Stakeholder theory c) Property theory d) Fiduciary theory e) Normative theory

"Who owns information?" and "What are the just and fair prices for its exchange?" are part of this ethical issue: a) Privacy b) Accuracy c) Ownership d) Property e) Accessibility

What principles, developed in 2000 by the US Department of Commerce (DOC) in consultation with the European Commission, allow U.S. companies to be placed on a list maintained by the DOC? a) Safe Harbor framework b) Approved Business framework c) PAPA framework d) Property Harbor framework e) Safe Business framework

The European Union Directive on Data Protection does all of the following EXCEPT: a) Expect accurate and up-to-date data on collected personal information b) Allow companies to only keep data as long as necessary c) Set standards for the collection, storage and processing of personal information d) Regulate data standards for publically traded companies e) Prohibit the transfer of personal data to non-European Union nations that do not meet certain standards

Questions like "Who is responsible for the reliability of information?" and "Who will be accountable for errors in the information?" are part of this ethical issue. a) Privacy b) Accuracy c) Authenticity d) Perfection e) Purpose

The question "What information does a person or an organization have a right or a privilege to obtain?" is part of this ethical issue. a) Privacy b) Accuracy c) Accessibility d) Perfection e) Property

In today's digital word, individuals can control their privacy through choice, ______, and correction. a) Protection b) Consent c) Property d) Communication e) Consideration

A company should examine this area of the control of information if it wants to determine what data it has the right to monitor and capture from its employees. a) Privacy b) Accuracy c) Accessibility d) Perfection e) Property

Today's managers must ensure that information about their employees and customers is only available to those who have a right to see it and use it, an issue referred to as: a) Privacy b) Accuracy c) Accessibility d) Perfection e) Property

A manager that primarily focuses on the shareholders of the corporation rather than all of the vested parties in the businesses operations and activities is practicing which theory of normative business ethics? a) Stakeholder theory b) Investor theory c) Stockholder theory d) Shareholder theory e) Social contract theory

This theory of normative business ethics seeks to create value for people in a manner that is just and nondiscriminatory. a) Stakeholder theory b) Investor theory c) Social contract theory d) Shareholder theory e) Stockholder theory

This act of 1996 is designed to safeguard the electronic exchange of patient records in the health care industry. a) SoX b) HIPAA c) IETF d) COBIT e) PAPA

Information privacy guidelines should come from what level in a company? a) CEO and top-level executives b) Middle management c) Employees d) Federal regulations e) State laws

The European Union relies on a government data protection agency and specific privacy protection standards outlined in the ___________. a) Safe Harbor Framework b) PAPA Principles c) Directive on Data Protection d) HIPPA e) SoX Act

In TJX's case, the security breach made its customers vulnerable to this. a) Loss of personal property b) Inaccurate personal data c) Identity theft d) Loss of access to personal data e) Credit card fees

Google Flu Trends aggregates personal search data in order to estimate world-wide flu activity. Google's site has drawn criticism due to the sharing of users' online behavior without getting their consent. This, in essence, violates the user's right to: a) Privacy b) Property c) Accuracy d) Accessibility e) Identity

An Internet web site that wishes to abide by fair privacy practices will do all of the following EXCEPT: a) Allow the consumer the choice to participate in the site or not b) Post policies about how personal information gathered from consumers will be used c) Afford the consumer the opportunity to view and contest the accuracy of the data collected d) Secure collected consumer information e) All of the above.

Many organizations and even consumers use this to control access to a network like the Internet, allowing only authorized traffic to pass. a) Encryption b) VPN c) Firewall d) Anonymizing tools e) Filtering