6102015 1 McGraw-Hill-Ryerson ©2015 The McGraw-Hill .docx

6/10/2015
1
McGraw-Hill-Ryerson ©2015 The McGraw-Hill Companies, All
Rights Reserved
Opening Case:
The Privacy Commissioner
of Canada’s Work
10-2 Copyright © 2015 McGraw-Hill Ryerson Limited
Chapter Ten Overview
• SECTION 10.1 – INFORMATION ETHICS AND PRIVACY
– Introduction
– Information Ethics
– Information Privacy
– Developing Information Management Policies
• SECTION 10.2 – INFORMATION SECURITY
– Introduction
– Protecting Information
– Protecting Data
– People: The First Line of Defence
– The Second Line of Defence: Technology

Learning Outcomes
1. Explain what information ethics is and its importance in the
workplace.
2. Describe what information privacy is and the differences in
privacy legislation around the world.
3. Identify the differences between various information ethics
and privacy policies in the workplace.
4. Describe information security, and explain why people are
the first line of defence for protecting information.
5. Describe how information technologies can be used to
enhance information security.
6/10/2015
2
Rights Reserved
INFORMATION
ETHICS AND
PRIVACY
Learning

Outcome • Ethics
– The principles and standards that guide our
behaviour towards other people
• Privacy is a major ethical issue
– Privacy is the right to be left alone when
you want to be, to have control over your
own personal possessions, and not to be
observed without your consent
– Confidentiality is the assurance that
messages and information are available only
to those who are authorized to view them
Introduction
10.1
Learning
Outcome
Copyright © 2015 McGraw-Hill Ryerson Limited 10-6
Technology-Related Ethical Issues & Concepts
Figure 10.1
10.1
Intellectual Property Intangible creative work that is embodied
in
physical form

Copyright The legal protection afforded an expression
of an idea, such as a song, video game, and
some types of proprietary documents
Fair Dealing The principle by which, in certain situations,
it is legal to use copyrighted material
Pirated Software Copyrighted software that is used,
duplicated, or sold without authorization by
the copyright holder
Counterfeit Software Software that is manufactured to look like
the real thing and sold as such
6/10/2015
3
Learning
Outcome
Trust Supports Business
1. There is a loss of personal privacy.
2. Internet users are more inclined to purchase a product on a
website
that has a privacy policy.
3. Effective privacy would convert more Internet users to
Internet

buyers.
From Figure 10.2
10.1
Trust between companies, partners, and suppliers is the
support structure of business, in particular, e-business
Primary Reasons Privacy Issues Reduce Trust for E-Business
Learning
Outcome
Information Ethics
Acting Ethically and Legally Are
Not Always the Same
Figure 10.4
10.1
Ethics
• The principles and
standards that guide our
behaviour towards other
people

Information Ethics
• The ethical and moral issues
arising from the
development and use of
information technologies,
as well as the creation,
duplication, processing and
distribution of information
itself.
Learning
Outcome
Information Has No Ethics
10.1
From Figure 10.3
Individuals copy, use and distribute software.
Employees search organizational databases for sensitive
corporate
and personal information.
Organizations collect, buy, and use information without
checking
validity or accuracy of the information.
Individuals create and spread viruses that cause trouble for
those
using and maintaining information systems.

Individuals hack into computers to steal proprietary
information.
Employees destroy or steal proprietary organizational
information
such as schematics, sketches, customer lists and reports.
Examples of Ethically Questionable or Unacceptable Use of
Information Systems
6/10/2015
4
Learning
Outcome • Information Ethics in the Workplace
– Replacing people with computers, one set of boring jobs with
a new set of boring jobs
• Systems & Respect for Human Dignity
– “Dehumanizing” jobs, making jobs overly regimented &
inflexible, disrespecting human intelligence
– Health & safety concerns from poorly designed interfaces

• Tracking People’s Activities
– Monitoring Web browsing and social media use at work
– Cyberstalking—tracking individuals through social media for
malicious or criminal reasons
– Spyware—unauthorized tracking of browsing
Information & Ethical Concerns
10.1
Learning
Outcome
Employee Monitoring
10.1
From Figure 10.5
Employee absenteeism reached its highest point in several years
in
2009.
Studies indicate that electronic monitoring results in lower job
satisfaction, in part, because people begin to believe the
quantity of
their work is more important than the quality.
Electronic monitoring also induces what psychologists call
“psychological reactance”: the tendency to rebel against

constraint.
Effects of Employee Monitoring
Learning
Outcome Canada’s Copyright Modernization Act
received royal assent on June 29, 2012. Key
changes include:
• Legalizing format shifting
• Legalizing time shifting
• Allowing back up copies of content to be
made against loss or damage
• Allowing “mash ups” (create blend of
copies) if not for re-sale
• Enacting a system where copyright
holders can inform ISPs of possible
privacy by their customers
Protecting Digital Content
10.1
6/10/2015

5
Learning
Outcome Additional changes from Canada’s Copyright
Modernization Act include:
• Protecting search engines and ISPs from
copyright violations of their users
• Differentiating commercial and individual
copyright violations in terms of penalties
• Expanding the meaning of fair dealing to
include purposes of parody, satire and
education
• Criminalizing cracking a digital lock placed on a
device, disc, or file
Protecting Digital Content
10.1
Learning
Outcome How personal information is collected and shared
• Personal Information
– Data or information that can be directly related to an
identified person

– Regardless of data format and content
• Breaches of Information Privacy
– Not about preventing collection of information to
complete business transactions
– Breaches occur with inappropriate disclosure or
unauthorized access
• Protecting Personal Data
– Just as steps are taken to protect physical assets,
personal information must be proactively protected
Information Privacy
10.2
Learning
Outcome • Strong Privacy Laws
– Directives indicate the required results but allow EU
members to determine their own methods
• Citizens are granted the following rights:
– To know the source of the personal data processing
and the purpose of such processing
– To access and/or rectify inaccuracies in one’s
personal data

– To disallow the use of personal data with the
proviso that personal data can only be transferred
outside the borders to countries offering the same
level of protection
– Based on eight key principles that have also been
adopted in Canada
Information Privacy in Europe
10.2
6/10/2015
6
Learning
Outcome • Less Centralized approach than in Canada or Europe
– No single encompassing law
– Access to public information is culturally acceptable
• Exceptions:
– California legislates an individual’s inalienable right to
privacy
and 2003 Online Privacy & Protection Act ensures websites post
privacy policies

– COPPA, US Federal law established in 1998, governs
collection of
personal information from children under 13
– HIPAA, 1996, governs protects personal health care
information
Information Privacy in the US
10.2
Learning
Outcome • Federal Legislation
– PIPEDA Personal Information Protection and Electronic
Documents Act
follows the European model and governs all organizations
dealing with
the federal government and all for-profit commercial
organizations
except those operating entirely within a specific province.
– The Privacy Act protects personal information collected and
used by
the Federal Government
– The Bank Act is an example of a federal law with specific
privacy
protections, in this case, financial data held by financial
institutions.
• Provincial Legislation

– Each province has its own ‘public-sector’ legislation
– Almost all provinces have the equivalent of PIPEDA to
govern those
enterprises operating only within provincial boundaries
Information Privacy Canada
10.2
Learning
Outcome
Ten Guiding Principles of PIPEDA for
Organizations
Figure 10.6
10.2
1. Accountability An organization is responsible for personal
information
under its control and shall designate an individual or
individuals who are accountable for the organization’s
compliance with the following principles.
2. Identifying
Purpose
The purposes for which personal information is collected
shall be identified by the organization at or before the
time the information is collected.

3. Consent The knowledge and consent of the individual are
required for collection, use, or disclosure of personal
information, except when inappropriate.
4. Limiting
Collection
The collection of personal information shall be limited to
that which is necessary for the purposes identified by the
organization. Information shall be collected by fair and
lawful means.
6/10/2015
7
Learning
Outcome
Organizations
Figure 10.6
10.2 5. Limiting Use,
disclosure,
and retention
Personal information shall not be used or disclosed for
purposes other than those for which it was collected,
except with the consent of the individual or as required by

the law. Personal information shall be retained only as long
as necessary for fulfillment of those purposes.
6. Accuracy Personal information shall be as accurate,
complete, and
up to date as is necessary for the purposes for which it is to
be used.
7. Safeguards Personal information shall be protected by
security
safeguards appropriate to the sensitivity of the
information.
Learning
Outcome
Organizations
Figure 10.6
10.2
8. Openness The collection of personal information shall be
limited to
that which is necessary for the purposes identified by the
organization. Information shall be collected by fair and
lawful means.
9. Individual
Access
Upon request, an individual shall be informed of the

existence, use, and disclosure of his or her personal
information and shall be given access to that information.
An individual shall be able to challenge the accuracy and
completeness of the information and have it amended as
appropriate.
10. Challenging
Compliance
An individual shall be able to address a challenge
concerning compliance with the above principles to the
designated individual or individuals for the organization’s
compliance.
Learning
Outcome
Developing Information Management Policies
10.3
Overview of E-Policies
Figure 10.7
E-Policies are guidelines and procedures that encourage
ethical use of computers and the Internet in business.
6/10/2015

8
Learning
Outcome • Ethical Computer Use Policy
– Established as an essential step in creating an ethical
corporate
culture
– Ensures that employees know how to behave, communicates
expectations and penalties
– Control should be by informed consent through corporate
training or other forms of education and direction
• Information Privacy Policy
– Contains general principles regarding information privacy
– Processes and penalties should prevent unauthorized access to
information for malicious or fraudulent reasons but also
accidental, non-malicious access that may have equally serious
repercussions
Ethical Computer Use and
Information Privacy E-Policies
10.3
Learning

Outcome • Acceptable Use Policy
– Requires the user to agree to follow it to be provided access
to
corporate email, information systems, and the Internet
– Nonrepudiation occurs when a user denies their action.
Acceptable Use Policies often have nonrepudiation clauses
– Also included are stipulations for lawful use, respect of others
in
the community and outside
• Internet Use Policy
– Describes the Internet services available to the user
– Defines the purpose of Web access and any restrictions to it
– Describes guidelines for protecting the user and the company
– States penalties if the policy is violated
Acceptable Use and Internet Use E-Policies
10.3
Learning
Outcome • Email Privacy Policy
– Details the extent to which email may be read by others

– Defines legitimate email uses and responsibly manages
accounts after employee has left the company
– Explains backup procedures to employees
– Discourages junk mail or SPAM
– Prohibits disruptive email behaviour
– Describes legitimate grounds for reading employee mail
– Limits the organization’s responsibility for mail leaving
the organization
– Some companies include a specific Anti-Spam policy to
restrict the sending of unsolicited mail
Email Privacy
10.3
6/10/2015
9
Learning
Outcome
Managing Email Privacy
Figure 10.8

10.3 Email Is Stored on Multiple Computers
Learning
Outcome • Social Media is public communication not
controlled by a company, but concerning it, that
can be beneficial or risky
– Social Media Policy outlines guidelines or
principles that should govern employee online
communications about the company
– Should include blog and personal blog policies
– Cover employee social network and personal social
network policies including Facebook, Twitter,
LinkedIn and You Tube
– Control communications detailing brand activity and
organizational proprietary information of any kind
Social Media Policy
10.3
Learning
Outcome • Is a risk management obligation
– Ensures that actions and activities harmful to the
organization are discovered and terminated or deterred

– Is virtually unregulated, employees should act as though
they are being observed
– Workplace MIS monitoring tracks computer activity by
number of keystrokes, error rate, transactions
processed etc.
– Employee Monitoring Policy provides transparency and
informs employees when, how, why and where the
company is watching
– Should provide specific details as appropriate, indicate
consequences of violating the policy and enforce the
policy evenly
Workplace Monitoring Policy
10.3
6/10/2015
10
Learning
Outcome
Internet Monitoring Technologies
Key logger or key
trapper, software

A program that records every keystroke and
mouse click a user makes.
Hardware key logger A device that captures keystrokes from
keyboard
to motherboard.
Cookie A small file deposited in the user’s hard drive to
record browsing information.
Adware Software attached to a download that generates
ads on a user’s machine.
Spyware(sneakware or
stealthware)
An unauthorized app hidden within legitimate
software to record browsing behaviour.
Web log Browser data stored on a web server.
Clickstream Records user browsing sessions including what
websites, how long, what was viewed/purchased
10.3
Figure 10.9
OPENING CASE QUESTIONS
The Privacy Commissioner of Canada’s Work
1. Why is protecting personal information in the best interests

of both Canadians and the Government of Canada?
2. What policies has the Government of Canada implemented
to protect citizen information privacy?
3. What lessons can be learned from the opening case study
that will help other organizations better protect the personal
information they collect?
4. How does the recent trend of governments allowing public
access to data raise awareness of the need for governments
to embrace privacy planning as part of normal, everyday
business practice?
Rights Reserved
Data Warehousing
6/10/2015
11
Learning
Outcome

Sources of Unplanned Downtime
Figure 10.10
10.4
Learning
Outcome
The Cost of Downtime
Figure 10.11
10.4
Learning
Outcome • Vulnerabilities to an organization can occur for
reasons that have nothing to do with IS decisions.
– Moving smoking outside opened a security door
– Loss of CDs sent through internal mail caused a
breach of customer information
– Poor hiring practices lead to negligent and
malicious employees
• Data and information are intangible. Difficult to

know what is not secure, stolen or re-directed.
• Solid security processes & practices are critical.
• Information security is a broad term
encompassing protection of information assets
from accidental or intentional misuse
Protecting Information
10.4
6/10/2015
12
Learning
Outcome
Data Backup and Recovery
Figure 10.12
10.4
Data Backup and Recovery, Disaster Recovery, and Business
Continuity Planning

Learning
Outcome • Disaster
– Natural: such as flood, fire, earthquake; Malicious: such as
hackers;
Negligence: due to employee ignorance, fatigue, or human
fallibility
• Fault Tolerance
– A system that has a back up component when it does collapse.
• Failover
– Provides a secondary system to take over the duties of one
that
becomes unavailable.
• Disaster Recover Plan
– Detailed process regaining data and making the system
operationally available again
• Hot Site A fully equipped failover facility
• Cold Site A separate wired facility to which a company can
move
Disaster Recovery
10.4
Learning

Outcome A Plan for the recovery and restoration of partly or
completely
interrupted critical business functions within a pre-determined
time after a disaster or extended disruption.
1. Establish a committee that makes sure control is established
after a disaster.
2. Ensure a business impact analysis exists to identify the
organization’s goals and priorities.
3. Ensure plans, measures and arrangements are available for
the business to continue operating.
4. Establish quality assurance techniques to assess the plan’s
accuracy, relevance effectiveness and identify weak spots.
Business Continuity Planning
10.4
6/10/2015
13
Learning
Outcome
Disaster Recovery Cost Curve

Figure 10.13
10.4
Learning
Outcome
• Prevent system intrusion
– Network security management
– Anti-SPAM
– Content filtering
– Upgrade encryption
• Apply patches which are sent out by
software companies to correct
anomalies in the applications that
otherwise could be exploited
• Train employees in safe computing
practices such as password protection
Securing Data
10.4
Learning

Outcome • Computer Security Survey reported 41.1% of
respondents had experienced a security incident
• Insiders
– Legitimate users who maliciously or accidentally
create a computer incident
– Most computer incidents are due to insiders
• Social Engineering
– Techniques to persuade people to do something
against policy or the law
– Used by hackers to get insiders to give access to the
system to them
– Employees need to be trained to resist these
techniques
People: The First Line of Defence
10.4
6/10/2015
14
Learning
Outcome

Information Security Plan Objectives
Figure 10.14
10.4
Learning
Outcome
Information Security Plan Objectives
Figure 10.15
10.4
Learning
Outcome
Top 10 Questions Managers Should Ask
Regarding Information Security
Figure 10.16
10.5
6/10/2015

15
Learning
Outcome • Authentication
– Method for confirming user identity
– Something a user knows (password), something a user has
(smart
card, ID), something that is a part of a user (biometric)
– Biometrics IDs user through a unique physical attribute of
user such
as a fingerprint or retinal scan
– Identity Theft is fraud that occurs when the perpetrator uses a
victim’s personal information to fraudulently acquire their
assets
• Authorization
– Giving someone permission to do something
– Different degrees of data access
– Read, Read-Write, Read-Write-Copy privileges
Authentication and Authorization
10.5
Learning

Outcome
Examples of Identity Theft
Figure 10.17
10.5
Learning
Outcome • Prevention & Resistance
– Intrusion Detection System (IDS) monitors incoming network
traffic and flags any communication, usually at the packet level,
that does not conform to the usual patterns
• Content Filtering
– An application that reviews the content of network incoming
and outgoing traffic to prevent transmission of confidential
information, SPAM, and viruses
• Encryption
– Systems that encode and decode messages
– Public Key Encryption (PKE) provides a public key for
anyone
wishing to send a message to a recipient whose private key is
the only one that can decrypt the message
Methods to Secure Data

10.5
6/10/2015
16
Learning
Outcome
Public Key Encryption (PKE) System
Figure 10.18
10.5
Learning
Outcome • Firewalls
– Hardware or software that guards a
private network by analyzing data entering
and leaving it
– Detects machine-to-machine interaction
as well as human-sourced transmissions
• Detection and Response
– Based on the premise that prevention is

never 100%
– Provides corrective procedures for
unauthorized intrusion into the system
once an event happens
Methods to Secure Data
10.5
Learning
Outcome
Public Key Encryption (PKE) System
Figure 10.19
10.5
Sample Firewall Architecture Connecting Systems Located in
Toronto, New York and Munich
6/10/2015
17
Learning

Outcome
Types of Hackers
Figure 10.20
10.5
Learning
Outcome
Types of Malicious Software (Malware)
Figure 10.21
10.5
Learning
Outcome
Technology-Related Ethical Issues & Concepts
From Figure 10.22
10.5
Elevation of Privilege A user misleads a system into granting

unauthorized rights.
Hoaxes A real virus is transmitted in a message appearing
to be a harmless hoax virus.
Malicious Code The broad term describing a variety of threats
including virus, worms and Trojans.
Sniffer A program or device that can monitor data
travelling over a network.
Packet tampering Consists of altering content of packets as they
travel over the Internet.
Pharming Reroutes requests for legitimate websites to false
ones to collect user information.
6/10/2015
18
The Privacy Commissioner of Canada’s Work
5. In the example, how can the company’s embrace of privacy
mitigate future information security problems?
6. What is the biggest information security roadblock facing
organizations attempting to achieve compliance with privacy
legislation?

7. Can technology alone guarantee that information is kept
secure? Why or why not?
8. Unfortunately, privacy and security breaches are a common
occurrence in organizations today. What recent privacy and
security breaches have been in the media lately? Do you
think things will get worse before they get better? How can
organizations better prepare themselves against future
privacy and security breaches?
CLOSING CASE ONE:
WestJet Accepts Blame for Spying on Air Canada
1. Was WestJet’s access to Air Canada’s website information
ethical? Legal? Explain.
2. How common in organizations is unauthorized access to
private competitor information?
3. Does Air Canada have any responsibility in WestJet’s ability
to
access Air Canada’s private information? Explain.
4. What people measures could Air Canada implement to
prevent future unauthorized access to private information?
5. What technology measures might Air Canada implement to
prevent future unauthorized access to private information?

CLOSING CASE TWO:
Information Ethics and Privacy Issues with Facebook
Make Headlines
1. Was Nationale Suisse justified in its online monitoring of
employees who called in sick? If companies want to
conduct such monitoring activities, what steps can they
take to lesson negative backlash from the public and their
employees? What steps can employees take?
2. Do you think the Privacy Commissioner went to far in her
demands? Is this a bit of “much ado about nothing”?
3. Will the changes that Facebook implements to address the
Commissioner’s concerns negatively affect the site in any
way? What do you think the average Facebook user thinks
of the new features?
6/10/2015
19
CLOSING CASE TWO:
Information Ethics and Privacy Issues with Facebook
Make Headlines
4. Do you know of any other examples in the popular press
that showcase information ethics or privacy issues with the

use of social networking sites like Facebook?
5. Does the above case make you wish to change how you use
Facebook in any way?
CLOSING CASE THREE:
Thinking Like the Enemy
1. How could an organization benefit from attending one of
the courses offered at the Intense School?
2. What are the two primary lines of security defence, and
how can organizational employees use the information
taught by the Intense School when drafting an information
security plan?
3. If your employer sent you to take a course at the Intense
School, what type of course would interest you and why?
4. What ethical dilemmas are involved in having such a
course offered by a private company?
Throughout the course, various elements of professional,
collegiate, and Olympic sports have been studied and evaluated.
Some of the issues and concerns that were identified in each

level of sports significantly impact the sports organizations’ and
academic institutions’ operations, financial management, and
business practices. Complete a thorough review of factors that
influence an organization or institution that operates at each
level of sports based on the course text and five scholarly
sources. Organize your eight- to ten-page paper according to
appropriate APA style (excluding the title page and reference
page). In a narrative format, the paper must include:
1. Evaluation of three factors that impact the management of a
collegiate, professional, and Olympic organization/institution.
2. Comparison of the factors that impact the various
organizations at the different levels of sports.
3. Prediction of what factors will influence each level of sports
over the next ten years.
6/10/2015
1
Rights Reserved
Opening Case:
Twitter: A Social CRM Tool
Chapter Nine Overview
• SECTION 9.1 – CRM FUNDAMENTALS
– Introduction

– Using Information to Drive Operational CRM
– Using Information to Drive Analytical CRM
• SECTION 9.2 – CRM BEST PRACTICES AND TRENDS
– Implementing CRM
– CRM Metrics
– CRM Applications and Vendors
– Managing Other Relationships
– Future CRM Trends
Learning Outcomes
1. Explain the difference between customer relationship
management and customer relationship management
systems.
2. Describe the business benefits of customer relationship
management and how customer relationship management
systems can help achieve those benefits.
3. Explain the difference between: operational and analytical
customer relationship management; the operational
customer relationship management systems used by
marketing departments, sales departments, and customer
service departments; and the various analytical customer
relationship management systems used by organizations.
6/10/2015
2

Learning Outcomes
4. Identify and explain best practices in implementing CRM
in organizations, including the tracking of common
customer relationship management metrics by
organizations.
5. Describe the benefits of expanding customer relationship
management to include suppliers, partners, and
employees, as well as other future trends in CRM.
Rights Reserved
CRM Fundamentals
Learning
Outcome Customer Relationship Management involves
managing all aspects of a customer’s relationship
with an organization.
• Enterprise must switch from Sale-focused to
Customer-focused strategies
• CRM provides insight into each customer’s
shopping and buying behaviours
• Allows an organization to treat each customer
individually tailoring offers to each individual
specifically thereby increasing spending

• Flexibility is key
• http://www.youtube.com/watch?v=YEa_RNSX5Xo
Introduction
9.1
http://www.youtube.com/watch?v=YEa_RNSX5Xo
6/10/2015
3
Learning
Outcome
CRM as a Business Strategy
Figure 9.1
9.1
Customer
Relationship
Management
Overview

https://www.youtube.com/watch?v=wJ63PqPIj
cM
Learning
Outcome
Business Benefits of CRM
Figure 9.2
9.2
Benefits of a Customer Relationship Management System
Better customer service Ability of sales staff to close
deals faster.
Improved call centre efficiency Simplification of marketing
and sales processes
Ability to cross-sell products
more effectively
Ability to discover new
customers
Learning
Outcome Organizations ask and track the following customer
metrics to
determine their most valuable customer:

• R - Recency
– How recently has a customer purchased items?
• F - Frequency
– How frequently does a customer purchase items?
• M - Monetary
– How much does a customer spend on each purchase occasion?
• RFM – Spells customer value
– At one time the data from each component was added or
multiplied
together. Today more sophisticated algorithms are used to
extract
patterns of behaviour that indicate loyalty and profitability.
RFM—Finding the Most Valuable Customer
9.2
6/10/2015
4
Learning

Outcome • Reporting
– Identifying most valuable
customers
• Analyzing
– Ranking customers from best to
worst
– Profiling, determining attributes of
each customer segment
• Predicting
– Applying profiles to potential
business opportunities
– Selecting customers with highest
probability of profitability &
retention
– http://www.eweek.com/c/a/Ent
erprise-Applications/10-Cool-
CRM-Developments/
Evolution of CRM
9.3
Figure 9.3
The Evolution of CRM
Abilities

Learning
Outcome
Examples of Reporting, Analyzing and
Predicting Behaviours
Figure 9.4
9.3
Reporting: What
Happened?
Analyzing: Why Did It
Happen?
Predicting: What Will
Happen
What was the total
revenue by customer?
Why did sales not meet
forecast?
What customers are at
risk of leaving?
How many units did we
manufacture?
Why was production so

low?
What products will the
customer buy?
Where did we sell the
most products?
Why did we not sell as
many units as last year?
Who are the best
prospect for a sales call?
What are total sales by
product?
Who are our customers? What is the best way to
reach customers?
How many customers did
we serve?
Why was customer
revenue so high?
What is the lifetime
value of a customer?
What are our inventory
levels?
Why are inventory levels
so low?
What transactions might

be fraudulent?
Learning
Outcome
Operational and Analytical CRM
Components of an Enterprise CRM
Figure 9.5
9.3
Operational CRM
• Supports traditional
TPS for day-to-day
front office operations
& systems that deal
with customers.
Analytical CRM
• Supports back-office
operations and
analysis and systems
that do not deal with
customers.
http://www.eweek.com/c/a/Enterprise-Applications/10-Cool-

CRM-Developments/
CRM-Developments/
CRM-Developments/
CRM-Developments/
CRM-Developments/
CRM-Developments/
CRM-Developments/
CRM-Developments/
CRM-Developments/
CRM-Developments/
6/10/2015
5
Learning
Outcome
3 Primary Components of Operational CRM
Figure 9.6
9.3

Components of an Operational CRM
Marketing Sales Customer Service
List Generator Sales Management Contact Centre
Campaign
Management
Contact
Management
Web-based self-
service
Cross-selling and
Upselling
Opportunity
Management
Call scripting
Learning
Outcome • List Generation
– List Generators compile data from a number of sources and
segment
it for marketing campaigns.
• Campaign Management Systems
– Guide users through marketing campaign planning, execution

and success
analysis
– Can provide quantified ROI and a de-brief including
suggestions to
improve future performance
– For a quick example of campaign management systems go to
Canada Post
business at http://www.canadapost.ca/web/business/precision-
targeter.page
• Cross-Selling and Upselling
– Cross-selling adds additional products and services to current
purchases
– Upselling increases the value of the sale by moving purchases
to premium
levels, increasing volume, adding additional uses etc.
Marketing CRM
9.3
Learning
Outcome • Sales Force Automation (SFA)
– Automatically tracks all steps taken in the sales process
including
prospects, calls, call results, next steps, successful closures and
reasons
why, and unsuccessful sales calls

– Goal is analysis and improvement at every step
– With all the Sales Force automation software that is available,
a useful
website is http://www.softwareadvice.com/crm/sales-force-
automation-
comparison/ that provides a comparison of the applications and
what they
can do.
• Sales Management CRM Systems
– Automates steps in the sales process and displays
prospect/customer
history and records and prompts next steps for each sales call
– Improves efficiency and effectiveness of performance,
increases
management visibility of sales efforts, measures performance
cycle times
• Opportunity Management CRM
– Determines potential customers and competitors and defines
the
appropriate level of selling effort including budgets and
schedules
Sales CRM
9.3
6/10/2015

6
Learning
Outcome
Sales Management CRM
9.3
Overview of the Sales Process
Figure 9.7
Learning
Outcome
Pointers for Gaining Prospective
Customers
9.3
From Figure 9.8
Get Their Attention Make your appearance professional and do
something positive to stand out.
Value Their Time In exchange for your customers’ time, you

need to provide them something of value.
Over-deliver Do more than just keep your word.
Contract frequently Send updates and provide value
continuously.
Generate a
trustworthy mailing list
Ensure mailing list names are genuine
contacts with authority to deal.
Follow up Send thank you notes for meetings…to
everyone you contacted in the company.
http://boss.blogs.nytimes.com/2011/07/25/my-top-10-sales-
tips/?_r=0
Learning
Outcome • Contact Centres or Call Centres
– CSRs (customer service representatives) answer customer
inquiries or
problems
– Knowledge-management systems can support CSRs by
providing
suggested responses. Applications can provide call history
– CSRs need training to use software effectively

• Web-Based Self-Service Systems
– Company web-site provides an interface for common problems
to
allow users to find the solution
– Live chat and email improve and personalize the service
• Call Scripting Systems
– Use a database of previous solutions to match to new inquiries
– Can provide diagnostic questions a CSR might ask
Customer Service CRM
9.3
6/10/2015
7
Learning
Outcome
Customer Service CRM
9.3
From Figure 9.9

Automatic call
distribution
A phone switch routes inbound calls to
available agents.
Interactive Voice
Response (IVR)
Directs customers to use touch-tone phones
or keywords to navigate or provide
information
Predictive dialing Automatically dials outbound calls, and when
someone answers a call, it is forwarded to an
available agent.
Common Features included in Contact Centres
Learning
Outcome Used to enhance and support decision-making and
works by
identifying patterns in customer data collected from operational
CRM
• Personalization
– Knowledge of preferences in product attributes,
communications and
other product/service aspects to provide customized offerings

– Individuals are analyzed to match marketing effort with
profitability
potential
• Enhances Employee performance
– Customer feedback forms are used to decide on training
requirements
for front-line personnel
• Takes advantage of thousands (millions) of transactions stored
in
Data Warehouses
Analytical CRM
9.3
Learning
Outcome
Analytical CRM Examples
9.3
From Figure 9.10
Give Customers more of
what they want
Communications made more personal with personal
solutions. CRM matches customer requests with new
production & notifies customer.

Find new customers similar
to your best customers
CRM matches the profiles of your best customers to
select prospects out of a mass mailing list.
Find out what the
organization does best
CRM can find the top performing segments and what
your most popular offering is to them.
Beat competitors to the
punch
Determine sales trends offering best customers deals
ahead of the competition.
Reactivate inactive
customers
Periodically select lapsed customer and send
targeted promotions to bring them back.
Let customers know they
matter
CRM lists best customers and makes suggestions for
personalized rewards.
6/10/2015
8

1. Summarize the evidence of CRM and provide an example of
a reporting, analyzing, and predicting questions that a
company using a Social CRM tool might ask its customers or
followers?
2. How has BMC Racing effectively used Social CRM systems
to
improve its operations? What other CRM systems could a
company like WestJet employ to improve its operations?
3. Define analytical CRM. How could a company effectively use
analytical CRM in the context of using Social CRM? How
important is analytical CRM to companies using Social CRM?
4. What is the difference between customer data, customer
information, and business intelligence?
Rights Reserved
Data Warehousing

Learning
Outcome 1. Creating a CRM vision that provides a “Big
Picture” of what the customer-centric
organization should look like.
2. Defining and weaving a CRM strategy that
aligns with broader marketing and sales
strategies, and informs operational and
production strategies.
3. Understand and engaging the customer.
4. Ensuring organizational collaboration
between internal groups and external
business partners.
Implementing CRM
9.4
6/10/2015
9
Learning
Outcome

5. Focusing on improving customer
processes.
6. Achieving data integrity across the
enterprise.
7. Leveraging information systems to
implement CRM.
8. Defining, collecting and analyzing
CRM metrics.
Implementing CRM
9.4
Learning
Outcome
Industry Best Practices for CRM
Implementation
1. Clearly communicate the CRM Strategy. Gartner Dataquest
indicates
that enterprises with CRM success had committed senior
executives
who set goals for CRM, match strategies with corporate
objectives
and tied measurement to goals and strategies.
2. Define Data needs and flows. Have a clear understanding of
how
data flows in and out of the organization because it tends to

come in
many different forms from many different touch points.
3. Build an integrated view of the customer. Choose the correct
CRM
solution that can meet strategic goals and be successfully
implemented including integration into current systems.
http://events.asug.com/2013AC/CM/0101%20SAP%20CRM%20
Success%20s
tory%20at%20Day%20and%20Zimmermann.pdf
9.4
Learning
Outcome
Industry Best Practices for CRM
Implementation
4. Implement in manageable pieces which makes it easier to
manage, measure and track the design, building and
deployment of the system. Allows an early warning of fatal
flaws.
5. Make the CRM system scalable, able to grow and contract as
needed to be adaptable to current and future needs.
Understand the organization and its growth strategies. Take
time to answer tough questions up front to get the most out of
the CRM system.
http://www.sap.com/solution/lob/customer-svc/customer-

reviews.html
9.4
6/10/2015
10
Learning
Outcome
CRM Metrics
9.4
From Figure 9.12
Sales Metrics Service Metrics Marketing Metrics
Number of prospective
customers
Cases closed same day Number of marketing
campaigns
Number of new customers Number of cases handled
per agent
New customer retention
rates

Number of retained
customers
Number of service calls Number of responses by
marketing campaign
Number of open leads Average number of
service requests by type
Number of purchases by
marketing campaign
Number of sales calls per
lead
Average number of
service calls per day
Cost per interaction by
marketing campaign
Learning
Outcome
CRM Metrics
9.4
From Figure 9.12
Sales Metrics Service Metrics Marketing Metrics

Amount of new revenue Percentage compliance
with service-level
agreement
Number of new customers
acquired by marketing
campaign
Amount of recurring
revenue
Percentage of service
renewals
Customer retention rate
Number of proposals
given
Customer satisfaction
level
Number of new leads by
product
An important source of CRM metrics comes from external
communities
such as social media. CRM analytics collect and determine
quantity and
quality of Facebook message, Tweets, blog comments among
others.
Learning
Outcome

Customer Power
9.4
Figure 9.13
6/10/2015
11
Learning
Outcome • Gartner predicts worldwide CRM markets will be
around
US$36.5 billion by 2017.
• Top three providers of CRM in early 2014 were:
– Salesforce.com
– Oracle Sales Cloud
– Microsoft Dynamics CRM
• CRM applications will continue to be developed for the
SME market and to take greater advantage of mobile
devices
CRM Applications and Vendors

9.4
Learning
Outcome Supplier Relationship Management (SRM)
• Evaluates and categorizes suppliers for different projects to
optimize supplier selection
• SRM system analyzes vendors based on key variables such as
strategy, business goals, prices and markets to find
complementary
partners
• SRM systems provide seamless communication channels where
data can be shared by all parties
• Benefits include:
– Single consolidated view of all suppliers
– Consistent, detail management information with multiple
views
– Elimination of duplicate suppliers.
Managing Other Relationships—SRM
9.5
Learning

Outcome • Alliance Partners Competitor organizations that
cooperate to
compete more successfully
• Dealers Agents who sell product on behalf of an organization,
usually a manufacturer or distributor
• Retailer Stores operating at the end of the supply chain from
the
manufacturer selling directly to consumers
• Resellers Bulk purchasers who add a margin and sell in
smaller lots
for profit.
• Partner Relationship Management (PRM) has a goal to select
and
foster relationships with effective partners.
• PRM systems facilitate communication with partners and
monitor
partner activities
Managing Other Relationships—
Partner Relationships
9.5
6/10/2015
12

Learning
Outcome • Unhappy employees may upset or anger customers
leading to customer attrition
• Employee Relationship Management (ERM)
focusses on increasing employee morale,
productivity, communications and change
readiness
• ERM systems
– Subset of CRM systems
– Assist employees in dealing with customers by
providing just in time information on the
company, policies, products, services etc.
Managing Other Relationships—
Employee Relationship Management
9.5
Learning
Outcome • Will integrate with RFID, wireless, SaaS
and other information technological
developments to improve in providing a
360-degree view of the customer
• Already support mobile sales and
communications by integrating wireless
into CRM systems

• Greater incorporation of RFID (and
other coding systems) to track sales,
shipping, product uptake, productivity
and providing a richer source of CRM
metrics
Future CRM Trends
9.5
5. Describe some best practices evident in the CRM industry.
Discuss to what extent a company using Social CRM can
follow these best practices.
6. Describe the trends found in the CRM industry. Discuss to
what extent a company using Social CRM can follow these
trends.
7. Explain SRM. Do you see potential for Social SRM, and if
so,
how could it be used to improve its business?
8. Explain PRM. Do you see a potential for Social PRM, and if
so, how could it be used to improve its business?

9. Explain ERM. Do you see a potential for Social ERM, and if
so, how could it be used to improve its business?
6/10/2015
13
CLOSING CASE ONE:
Harnessing Customer Relationships at Fairmont Hotels
& Resorts
1. How can Fairmont’s marketing department use operational
CRM to strengthen its relationships with its customers?
2. How can Fairmont’s customer service department use
operational CRM to strengthen its relationships with its
customers?
3. Review all of the operational CRM technologies and
determine which ones would add the greatest value to
Fairmont’s business?
4. What benefits does Fairmont gain from using analytical
CRM?
5. How does Fairmont use CRM to increase efficiency in its
business?

CLOSING CASE TWO:
Target: CRM and Big Data
1. How is Target using CRM to drive customers to its stores?
2. How would you classify what Target is doing in terms of the
types of CRM systems?
3. In your opinion, what types of best practices need to be
adopted when companies like Target start using predictive
analytics in the CRM system?
4. Read Kashmir Hill’s February 16, 2012 article, “How Target
Figured Out a Teen Girl was Pregnant Before Her Father
Did”. (www.forbes.com/sites/kashmirhill/2012/02/16/how-
targe-figured-out-
a-teen-girl-was-pregnant-before-her-father-did). What would
your
reaction be?
CLOSING CASE THREE:
Revving Up Customer Relationships at Harley-Davidson
1. What are the two different types of CRM, and how has
Harley-Davidson used them to become a customer-centric
business?
2. Which of Harley-Davidson’s customer-centric strategies is
most important for its business? Why?
3. Evaluate the HOG’s CRM strategy, and recommend an

additional benefit Harley-Davidson could provide to its
HOG members to increase customer satisfaction.
http://www.forbes.com/sites/kashmirhill/2012/02/16/how-targe-
figured-out-a-teen-girl-was-pregnant-before-her-father-did

6/10/2015
14
CLOSING CASE THREE:
Intuitive ERP
4. Describe three ways Harley-Davidson can extend its
customer reach even further by performing CRM functions
over the Internet.

5. What benefits might Harley-Davidson gain from using
analytical CRM?
6. Explain ERM, and describe how Harley-Davidson might use
it to increase efficiency in its business.
WRITING A CRITICAL REVIEW
What is a critical review?
A critical review is much more than a simple summary; it is an
analysis and evaluation of a book, article,
or other medium. Writing a good critical review requires that
you understand the material, and that you
know how to analyze and evaluate that material using
appropriate criteria.
Steps to writing an effective critical review:
Reading
Skim the whole text to determine the overall thesis, structure
and methodology. This will help you better
understand how the different elements fit together once you
begin reading carefully.
Read critically. It is not enough to simply understand what the
author is saying; it is essential to
challenge it. Examine how the article is structured, the types of
reasons or evidence used to support the
conclusions, and whether the author is reliant on underlying
assumptions or theoretical frameworks. Take
copious notes that reflect what the text means AND what you
think about it.

Analyzing
Examine all elements. All aspects of the text—the structure,
the methods, the reasons and evidence, the
conclusions, and, especially, the logical connections between all
of these—should be considered.
The types of questions asked will vary depending on the
discipline in which you are writing, but the
following samples will provide a good starting point:
Structure What type of text is it? (For example: Is it a primary
source or secondary
source? Is it original research or a comment on original
research?)
What are the different sections and how do they fit together?
Are any of the sections particularly effective (or ineffective)?
Methodology Is the research quantitative or qualitative?
Does the methodology have any weaknesses?
How does the design of the study address the hypothesis?
Reasons/Evidence What sources does the author use (interviews,
peer-reviewed journals,
government reports, journal entries, newspaper accounts, etc.)?
What types of reasoning are employed (inductive, deductive,
abductive)?
What type of evidence is provided (empirical, statistical,
logical, etc.)?
Are there any gaps in the evidence (or reasoning)?
Conclusions Does the data adequately support the conclusion
drawn by the researcher(s)?
Are other interpretations plausible?
Are the conclusions dependent on a particular theoretical

formulation?
What does the work contribute to the field?
Logic What assumptions does the author make?
Does the author account for all of the data, or are portions left
out?
What alternative perspectives remain unconsidered?
Are there any logical flaws in the construction of the argument?
© Allyson Skene. The Writing Centre, University of Toronto at
Scarborough. See terms and conditions for use at
http://www.utsc.utoronto.ca/~tlsweb/TWC/webresources/terms.
htm
Writing
Formulate a thesis based on your overall evaluation. A strong
thesis will acknowledge both strengths
and limitations.
E.g. While the article reports significant research supporting the
view that certain types of computer
use can have a positive impact on a student’s GPA, the
conclusion that game playing alone can
improve student achievement is based on a misinterpretation of
the evidence.
Not: This article misinterprets key evidence to support the
conclusion that game playing can improve GPA.
Ensure that your thesis answers the assignment. If you are asked
to write a review of a single text, with
no outside sources, then your essay should focus strictly on the
material in the text and your analysis and

evaluation of it. If you are asked to write about more than one
work, or to draw connections between an
article or book and the course material, then your review should
address these concerns.
Choose a structure that will best allow you to support your
thesis within the required page constraints.
The first example below works well with shorter assignments,
but the risk is that too much time will be
spent developing the overview, and too little time on the
evaluation. The second example works better for
longer reviews because it provides the relevant description with
the analysis and evaluation, allowing the
reader to follow the argument easily.
Two common structures used for critical reviews:
Example 1 Example 2
Introduction
Overview of the text
Evaluation of the text
� Point 1
� Point 2
� Point 3
� Point 4 …(continue as necessary)
Conclusion
Introduction (with thesis)
Point 1: Explanation and evaluation

(continue elaborating as many points as
necessary)
Conclusion
Important: Avoid presenting your points in a laundry-list style.
Synthesize the information as much as
possible.
“Laundry-List” Style of Presentation Synthesized Argument.
The article cites several different studies in support
of the argument that playing violent video games can
have a positive impact on student achievement.
These studies refer to educational games and other
types of computer use. The argument is not logically
well constructed. Educational games are not the same
as violent video games. The article also ignores data
indicating that people with the highest GPA are those
that reported low computer use. Also, different types
of computer use could include things like researching
or word-processing, and these activities are very
different from playing violent video games.
The evidence cited in the article does not support the
overall conclusion that playing violent games improves
GPA. One study only examines educational games in
relation to GPA, so it is questionable whether the same
findings will hold true for other types of games. Another
study does not distinguish between different types of
computer use, making it difficult to assess whether it is

game playing or activities such as research and writing
that contributed to improvements in GPA. Further, the
author disregards relevant data that indicates that students
with the highest GPAs are those who report low
computer use, which means that a direct correlation
between game playing and GPA cannot be supported.

6102015 1 McGraw-Hill-Ryerson ©2015 The McGraw-Hill .docx

Recommended

Recommended

More Related Content

Similar to 6102015 1 McGraw-Hill-Ryerson ©2015 The McGraw-Hill .docx

Similar to 6102015 1 McGraw-Hill-Ryerson ©2015 The McGraw-Hill .docx (20)

More from evonnehoggarth79783

More from evonnehoggarth79783 (20)

Recently uploaded

Recently uploaded (20)

6102015 1 McGraw-Hill-Ryerson ©2015 The McGraw-Hill .docx