December 2022 – Page 1978 – Homework Handlers

Networking Essentials.

December 4, 2022/in Uncategorized /by SK

Read Case Projects 3-1, 3-2, & 3-3 of the Guide to Networking Essentials.

Determine what type of physical and logical topology will be used for each scenario. Substantively explain the reasoning for your answer.

Create a visual representation of each chosen topology by copying and pasting the shapes provided in Appendix D—such as a bus, ring, star, or mesh—into a Microsoft® Word document. Note that you will need to use the Draw feature in Microsoft® Word to create lines between the shapes, and you may have to use some shapes more than once. Refer to the Figures 3-1 through 3-4 of Guide to Networking Essentials for examples.

FYI: DO NOT AGREE TO COMPLETE THIS ASSIGNMENT UNLESS YOU CAN DO IT CORRECTLY! IF YOU DO NOT HAVE ANY IT EXPERIENCE O

chapter3

Network Topologies and Technologies

After reading this chapter and completing the exercises, you will be able to:

● Describe the primary physical networking topologies in common use ● Describe the primary logical networking topologies in common use ● Describe major LAN networking technologies

109 Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).

Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.

Not so long ago, there was a real choice to be made between available network topologies and technologies when designing and building a new internetwork. Thankfully, this area of networking has gotten simpler rather than more complex, mainly because the choices have narrowed, with inferior or costly solutions becoming obsolete.

This chapter discusses network topologies, which describe both the physical arrangement of cabling or pathways between network devices and the logical manner in which data is trans- ferred from device to device. Next, you learn about network technologies or architectures that describe the methods computers use to transmit data to the networking medium in an orderly fashion. As you’ll see, the topology and technology are often tightly coupled, as certain technologies can be used only with certain topologies. The choices have been limited because only a few technologies and topologies remain as viable options. As is often the case, however, it helps to know where networking started to get an idea of where it might be heading. So even though some information covered in this chapter is obsolete or nearly so, your understanding of these older technologies will help you better understand current and future technologies.

Physical Topologies The word “topology,” for most people, describes the lay of the land. A topographic map, for example, shows the hills and valleys in a region, whereas a street map shows only the roads. A network topology describes how a network is physically laid out and how signals travel from one device to another. However, because the physical layout of devices and cables doesn’t necessarily describe how signals travel from one device to another, network topologies are categorized as physical and logical.

The arrangement of cabling and how cables connect one device to another in a network are considered the network’s physical topology, and the path data travels between computers on a network is considered the network’s logical topology. You can look at the physical topology as a topographic map that shows just the lay of the land along with towns, with only simple lines showing which towns have pathways to one another. The logical topology can be seen as a street map that shows how people actually have to travel from one place to another. As you’ll see, a network can be wired with one physical topology but pass data from machine to machine by using a different logical topology.

All network designs today are based on these basic physical topologies: bus, star, ring, and point-to-point. A bus consists of a series of computers connected along a single cable segment. Computers connected via a central device, such as a hub or switch, are arranged in a star topology. Devices connected to form a loop create a ring. Two devices connected directly to one another make a point-to-point topology. Keep in mind that these topologies describe the physical arrangement of cables. How the data travels along these cables might represent a dif- ferent logical topology. The dominant logical topologies in LANs include switching, bus, and ring, all of which are usually implemented as a physical star (discussed later in “Logical Topologies”).

Physical Bus Topology The physical bus topology, shown in Figure 3-1, is by far the simplest and at one time was the most common method for connecting computers. It’s a continuous length of cable

110 Chapter 3

Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).

connecting one computer to another in daisy-chain fashion. One of this topology’s strengths is that you can add a new computer to the network simply by stringing a new length of cable from the last computer in the bus to the new machine. However, this strength is countered by a number of weaknesses:

● There’s a limit of 30 computers per cable segment. ● The maximum total length of cabling is 185 meters. ● Both ends of the bus must be terminated. ● Any break in the bus brings down the entire network. ● Adding or removing a machine brings down the entire network temporarily. ● Technologies using this topology are limited to 10 Mbps half-duplex communication

because they use coaxial cabling, discussed in Chapter 4.

Because of the preceding limitations, a physical bus topology is no longer a practical choice, and technology has moved past this obsolete method of connecting computers. However, the original Ethernet technology was based on this topology, and the basis of current LAN technol- ogy has its roots in the physical bus. So your understanding of bus communication aids your general understanding of how computers communicate with each other across a network.

How Data Travels in a Physical Bus Two properties inherent in a physical bus are signal propagation and signal bounce. In any network topology, computers communicate with each other by sending information across the media as a series of signals. When copper wire is the medium, as in a typical physical bus, these signals are sent as a series of electrical pulses that travel along the cable’s length in all directions. The signals continue traveling along the cable and through any connecting devices until they weaken enough that they can’t be detected or until they encounter a device that absorbs them. This traveling across the medium is called signal propagation. However, even if a signal encounters the end of a cable, it bounces back and travels in the other direction until it weakens or is otherwise impeded.

When a signal hits the end of a cable and bounces back up the cable’s length, it interferes with signals following it, much like an echo. Imagine if you were trying to communicate

Figure 3-1 A physical bus topology network Courtesy of Course Technology/Cengage Learning

Physical Topologies 111

in an empty room with hard walls that caused your voice to echo continuously. The echo from the first words out of your mouth would garble the sound of words that followed, and your message would be unintelligible. The term used when electricity bounces off the end of a cable and back in the other direction is called signal bounce or reflection. To keep signal bounce from occurring, you do what you would to keep excessive echo from occurring; you install some type of material at both ends of the medium to absorb the signal. In a physical bus, you install a terminator, which is an electrical component called a resistor that absorbs the signal instead of allowing it to bounce back up the wire.

Physical Bus Limitations Now that you know more about how a physical bus works, the previous list of weaknesses needs some additional explanation. The limitation of 30 sta- tions per cable segment means only 30 computers can be daisy-chained together before the signal becomes too weak to be passed along to another computer. As an electrical signal encounters each connected workstation, some of its strength is absorbed by both the cabling and the connectors until the signal is finally too weak for a computer’s NIC to interpret. For the same reason, the total length of cabling is limited to 185 meters, whether there’s 1 con- nected station or 30 connected stations. The network can be extended in cable length and number of workstations by adding a repeater to the network, which, as you know, regener- ates the signal before sending it out.

At all times, both ends of the bus must be terminated. An unterminated bus results in signal bounce and data corruption. When a computer is added or removed from the network, both ends are no longer terminated, resulting in an interruption to network communication.

For a small network of only a few computers, you might think a bus topology is fine, until you consider the last weakness listed: maximum bandwidth of 10 Mbps half-duplex com- munication. A physical bus uses coaxial cable (a cabling type discussed in Chapter 4, similar to what’s used in cable TV connections), which is limited to a top speed of 10 Mbps and communication in only half-duplex mode. Most of today’s networks use twisted-pair cabling, which can operate at 100 Mbps or faster and run in full-duplex mode, so communi- cation between devices is much faster.

For all these reasons, the physical bus topology has long since fallen out of favor and been replaced largely by the star topology, discussed next.

Physical Star Topology The physical star topology uses a central device, such as a hub or switch, to interconnect computers in a LAN (see Figure 3-2). Each computer has a single length of cable going from its NIC to the central device.

Some advantages of a physical star topology are the following:

● Much faster technologies are used than in a bus topology. ● Centralized monitoring and management of network traffic is possible. ● Network upgrades are easier.

A physical star is the topology of choice for these reasons and more. With a central device, communication options are available that simply aren’t possible with a physical bus. For example, the central device can be a 100 Mbps hub, which increases a physical bus’s top

112 Chapter 3

speed tenfold, or a switch, making it possible for multiple communication sessions to occur simultaneously and in full-duplex mode.

As a budding network administrator, being able to monitor and manage your network with a central device is a big advantage over what was possible with a physical bus topology. Today’s hubs and switches can include software that collects statistics about your network traffic patterns and even alerts you when excessive errors or unusually high traffic rates are occurring on your network. You don’t get these features in a $19.99 hub or switch, but enterprise-level devices can be equipped with several network management tools.

As long as your current cabling and installed NICs support it, your network can be upgraded quickly and easily from a ponderous 10 Mbps hub-based LAN to a blazing fast 100 Mbps or even 1000 Mbps switched network simply by replacing the central device. In addition, if your NICs must also be upgraded, you can upgrade in steps because most devices support multiple speeds. So if you want to upgrade from 100 Mbps to 1000 Mbps, you can replace the central device with a switch that supports both speeds, and then upgrade NICs as time and money allow. The switch transmits and receives on each port at the speed supported by the NIC connected to that port.

What happens if the number of workstations you need to connect exceed the number of ports on the central device? In this case, you can connect hubs or switches, as you learned in Chapter 2. When several hubs or switches must be connected, usually one device is used as the central connecting point, forming an extended star.

Extended Star The extended star topology, shown in Figure 3-3, is the most widely used in networks containing more than just a few computers. As the name implies, this topology is a star of stars. A central device, usually a switch, sits in the middle. Instead of attached computers forming the star’s arms, other switches (or hubs) are connected to the central switch’s ports. Computers and peripherals are then attached to these switches or

Switch

Figure 3-2 A physical star topology network Courtesy of Course Technology/Cengage Learning

Physical Topologies 113

hubs, forming additional stars. The extended star is sometimes referred to as a “hierarchical star” because there are two or more layers of stars, all connecting back to the central star.

The extended star can be used to connect many computers, with the central device running at a very fast speed to shuttle data between the LAN’s outer stars. This topology is most effective when the center of the star is running at a much faster speed than other devices; for example, the central device can run at 1000 Mbps while other devices run at 100 Mbps.

How Data Travels in a Physical Star The details of how data travels from com- puter to computer in a physical star depend on the type of central device. Data transmission starts at a device at the end of one of the central device’s arms. From there, it travels along the network medium’s length until it arrives at the central device. As you know from learn- ing how hubs and switches work, the transmission path differs, depending on the device. Other devices, such as multistation access units (MAUs) used in token ring networks, move data differently. The type of central device, therefore, determines the logical topology, discussed later in this chapter.

Physical Star Disadvantages With all the clear advantages of a physical star, you might wonder whether there are any disadvantages. None outweigh the advantages, but it’s worth mentioning that the central device represents a single point of failure. In other words, if the hub or switch fails or someone kicks the power cord out of the outlet, down goes the entire network. Thankfully, these devices tend to be reliable and are usually placed out of the way of everyday foot traffic. That being said, they do fail from time to time, and having a spare on hand is a good idea.

When a physical bus was still the norm and the physical star was just coming on the net- working scene in the late 1980s, it was often argued that because each computer must be

Switch

SwitchSwitch

Switch

Figure 3-3 An extended star topology network Courtesy of Course Technology/Cengage Learning

114 Chapter 3

cabled directly to the central device, instead of a bus’s daisy-chain arrangement, more cable was required to connect computers. This point is indeed true, and at the time, the amount of cabling needed was a factor in designing a network with a bus or star arrangement. By the time the star network’s advantages were fully realized in the mid-1990s, however, the cabling cost difference had diminished substantially, and the advantages clearly outweighed the minor cost disadvantage.

Physical Ring Topology A physical ring topology is like a bus, in that devices are daisy-chained one to another, but instead of terminating each end, the cabling is brought around from the last device back to the first device to form a ring. This topology had little to no following in LANs as a way to connect computers. It was used, however, to connect LANs with a technology called Fiber Distributed Data Interface (FDDI). FDDI was most often used as a reliable and fast network backbone, which is cabling used to communicate between LANs or between hubs or switches. In Figure 3-4, the devices used to connect buildings form a ring, but computers on each LAN are connected with a physical star topology.

The physical ring also had reliability issues because data had to be forwarded from one station to the next. Unlike a bus, inwhich data travels in all directions and is terminated at both ends, a ring doesn’t have any beginning or end. So each station must reproduce data and pass it along to the next station until it reaches the destination or the originator of the data. In other words, data always travels in one direction. If any station in the ring fails, data can no longer be passed along, and the ring is broken.

Technologies such as FDDI overcome some problems with a physical ring network by creating a dual ring, in which data can travel in both directions so that a single device failure doesn’t break the entire ring. However, this technology is costly, and although it was used extensively in the 1990s and early 2000s because it was fast (100 Mbps) and reliable, 100 Mbps and 1000 Mbps Ethernet have largely supplanted it with an extended star technology.

Building A Building B

Building C

LAN switch FDDI hub

Figure 3-4 A physical ring topology is usually used to connect LANs Courtesy of Course Technology/Cengage Learning

Physical Topologies 115

Point-to-Point Topology As its name implies, a point-to-point topology is a direct link between two devices. It’s most often used in WANs, in which a device on a business’s network has a dedicated link to a telecommunication provider, such as the local phone company. The connection then hooks into the phone company’s network to provide Internet access or a WAN or MAN link to a branch office. The advantage of this type of topology is that data travels on a dedicated link, and its bandwidth isn’t shared with other networks. The disadvantage is that this topology tends to be quite expensive, particularly when used as a WAN link to a distant branch office.

Point-to-point topologies are also used with wireless networks in what’s called a wireless bridge. This setup can be used to connect two buildings without using a wired network (see Figure 3-5) or to extend an existing wireless network.

A rudimentary LAN can also be set up with a point-to-point topology by connecting a cable between the NICs on two computers. Of course, this method allows only two computers on the network, but it can be used effectively for transferring files from one computer to another in the absence of a hub or switch.

So as you can see, point-to-point topologies are used for specialized purposes. They aren’t commonly used in LANs; they’re used more often in WANs and large internetworks.

Mesh Topology Amesh topology connects each device to every other device in a network. You can look at a mesh topology as multiple point-to-point connections for the purposes of redundancy and fault tolerance. Figure 3-6 shows a full mesh topology between four locations, with the switch in each location providing connectivity to multiple computers. Each switch is connected to every other switch, which is called a “full mesh.” If each switch were connected to only two other switches, it would be called a “partial mesh.” In either case, the purpose of creating a mesh topology is to ensure that if one or more connections fail, there’s another path for reaching all devices on the network. For example, in Figure 3-6, two connections could fail, but all devices could still communicate with one another. This type of topology is used mostly commonly in large internetworks andWANs, where routers or switches in multiple buildings or towns are connected in a partial or full mesh. Parts of the Internet are also designed with a partial mesh topology, in which major ISPs are connected so that even if one ISP’s network fails, data can bypass this part of the network to get to its destination.

Mesh topologies, although reliable, are also expensive because of the additional cabling and ports required. In most cases, the ports used to connect devices are the highest speed available, such as 1 Gbps or 10 Gbps, and they often use expensive fiber-optic cabling for connecting buildings.

Figure 3-5 A point-to-point wireless topology Courtesy of Course Technology/Cengage Learning

116 Chapter 3

Logical Topologies As mentioned, a network’s logical topology describes how data travels from computer to com- puter. In some cases, as with a physical bus and physical ring, the logical topology mimics the physical arrangement of cables. In other cases, as with a physical star, the electronics in the central device determine the logical topology.

A network’s logical topology reflects the underlying network technology (covered later in “Network Technologies”) used to transfer frames from one device to one another. Table 3-1 summarizes the main logical topologies, the technologies using them, and the physical topolo- gies for implementing them.

Chicago

Los Angeles Phoenix

New York

WAN link

Figure 3-6 Switches in each building are connected in a full mesh topology Courtesy of Course Technology/Cengage Learning

Table 3-1 Logical topologies and associated network technologies and physical topologies

Logical topology

Network technology

Physical topology Description

Bus Ethernet Bus or star A logical bus topology can be implemented as a physical bus (although this topology is nowobsolete).When a logical bus is implemented as a physical star usingwired Ethernet, the center of thestar is anEthernethub.Whatever thephysical topology is, data transmitted from a computer is received by all other computers.

Wireless LANs Star Wireless LANs use a physical star topology because they connect through a central access point. However, only one device can

Logical Topologies 117

You have seen what a logical bus looks like when implemented as a physical bus. All computers are daisy-chained to one another, and network signals travel along the cable’s length in all directions, much like water flowing through interconnected pipes. When a logical bus is implemented as a physical star, the sameprocess occurs, but the pathways are hidden inside the central hub. Figure 3-7 shows what a logical bus might look like when implemented with a hub.

transmit at a time and all devices hear the transmission, so a wireless LAN can be considered a logical bus topology.

Ring Token ring Star Token ring networks use a central device called a multistation access unit (MAU or MSAU). Its electronics form a logical ring, so data is passed from computer to computer in order, until it reaches the destination device.

FDDI Ring As discussed, FDDI devices are connected in a physical ring, and data passes from device to device until it reaches the destination.

Switched Ethernet Star A switched logical topology using a physical star topology running Ethernet is by far themost common topology/technology combination now and likely will be well into the future. A switched topology creates dynamic connections or circuits between two devices whenever data is sent. This topology is sometimes considered a switched point-to-point topology because a circuit is established between two points as needed to transfer data (like turning on a switch), and then the circuit is broken when it’s no longer needed (like turning off a switch).

Signal Signal

Logical bus inside a network hub

Figure 3-7 A logical bus implemented as a physical star Courtesy of Course Technology/Cengage Learning

Table 3-1 Logical topologies and associated network technologies and physical topologies (continued )

Logical

topology Network technology

Physical topology Description

118 Chapter 3

A logical bus is sometimes called a “shared media topology” because all stations must share the bandwidth the media provides.

A logical ring using a physical star implements the ring inside the central device’s electronics, which is an MAU in the token ring technology. Data is passed from one node or computer to another until it reaches the destination device (see Figure 3-8). When a port has no device connected to it, it’s simply bypassed, and data is sent out the next connected port.

A switched topology works something like what’s shown in Figure 3-9. Although there’s always an electrical connection between the computer and switch, when no data is being transferred, there’s no logical connection or circuit between devices. However, when the switch receives a frame, a logical circuit is made between the source and destination devices until the frame is transferred.

Figure 3-8 A logical ring implemented as a physical star Courtesy of Course Technology/Cengage Learning

PC 6PC 5PC 4

No packets being transmitted

PC 1 PC 2

PC 1 and PC 6 communicate while PC 2 and PC 5 communicate

PC 3

Figure 3-9 The logical functioning of a switch Courtesy of Course Technology/Cengage Learning

Logical Topologies 119

To better understand how these logical topologies work, it helps to know the network technology that drives each topology (discussed later in “Network Technologies”).

Hands-On Project 3-1: Building a Physical Star Topology Network

Time Required: 20 minutes

Objective: Build a physical star topology network.

Required Tools/Equipment: Three workstations named Computer1, Computer2, and Com- puter3; a hub; and three patch cables. Workstations should be configured with an IP address or automatic IP address assignment. Each station should have Wireshark installed.

Description: In this project, you build a small physical star topology; this task can be done in groups of three or more or as an instructor demonstration. After each station is connected to the hub, you ping another station to verify connectivity. Next, you use Wireshark to cap- ture ping packets so that you can determine the network’s logical topology.

1. Power on the hub.

2. Connect each workstation to the hub with the supplied cables.

3. Inspect the hub and the workstation NIC to verify that you have a good connection with the hub. Write down how you determined whether the connection with the hub is good:

4. On each workstation, open a command prompt window, and then type ipconfig and press Enter to determine your IP address. Write down the IP address of each computer: ● IP address of Computer1:

● IP address of Computer2:

● IP address of Computer3:

5. Ping each computer to verify that you can communicate with it. If the pings aren’t suc- cessful, check that the IP addresses you wrote down are correct and the connection with the hub is good, and then try again.

6. Make sure you coordinate the rest of the project, starting with this step, with students at the other computers. Start Wireshark, and start a capture session by clicking the inter- face name listed in the Interface List section.

7. At the command prompt, ping the next computer. For example, if you’re at Computer1, ping Computer2; if you’re at Computer2, ping Computer3; and if you’re at Computer3, ping Computer1.

120 Chapter 3

8. Based on which packets Wireshark captured, what’s your logical topology?

9. Exit Wireshark, close all open windows, and leave the computers running if you’re con- tinuing to the next project.

Network Technologies A network technology, as the phrase is used here, can best be described as the method a net- work interface uses to access the medium and send data frames and the structure of these frames. Other terms include network interface layer technologies, network architectures, and Data Link layer technologies. What it comes down to is whether your network uses Ethernet, 802.11 wireless, token ring, or some combination of these and other technologies to move data from device to device in your network. Most LANs are now based on a combination of Ethernet and 802.11 wireless. WANs use technologies specifically designed to carry data over longer distances, such as frame relay, FDDI, Asynchronous Transfer Mode (ATM), and others.

The network technology sometimes, but not always, defines frame format and which media types can be used to transfer frames. For example, different Ethernet speeds specify a mini- mum grade of copper or fiber-optic cabling that must be used as well as the connectors attached to the ends of cables. FDDI requires fiber-optic cabling, but other technologies, such as frame relay, can run on a variety of media types.

This book focuses on LAN technologies with particular emphasis on Ethernet and 802.11 wireless because they’re the most commonly used. Some WAN technologies are also described briefly in this chapter and in more detail in Chapter 12.

Network Technologies and Media Because some of the network technologies discussed in this chapter specify the types of media they require to operate, the following sections summarize the most common media types. However, you can find more details on network media in Chapter 4.

Unshielded Twisted Pair Unshielded twisted pair (UTP) is the most common media type in LANs. It consists of four pairs of copper wire, with each pair tightly twisted together and contained in a plastic sheath or jacket (Figure 3-10).

Sheath

Figure 3-10 UTP cabling Courtesy of Course Technology/Cengage Learning

Network Technologies 121

UTP comes in numbered categories, up to Category 7 as of this writing. The higher the category, the higher the cable’s bandwidth potential. Category 5 Enhanced (Cat 5E) and Category 6 (Cat 6) are the most common in wired LANs, allowing speeds up to 10 Gbps. UTP cabling is used in physical star networks, and the maximum cable length from NIC to hub or switch is 100 meters in LAN applications. UTP cabling is susceptible to electrical interference, which can cause data corruption, so it shouldn’t be used in electrically noisy environments.

Fiber-Optic Cabling Fiber-optic cabling uses extremely thin strands of glass to carry pulses of light long distances and at high data rates. It’s usually used in large internetworks to connect switches and routers and sometimes to connect high-speed servers to the network. Because of its capability to carry data over long distances (several hundred to several thousand meters), it’s also used in WAN applications frequently. Fiber-optic cabling isn’t susceptible to electrical interfer- ence, so unlike UTP, it can be used in electrically noisy environments. It requires two strands of fiber to make a network connection: one for transmitting and one for receiving.

Coaxial Cable Best known for its use in cable TV, coaxial cable is obsolete as a LAN medium, but it’s used as the network medium for Internet access via cable modem. Coaxial cable was the original media used by Ethernet in physical bus topologies, but its limitation of 10 Mbps half-duplex communication made it obsolete for LAN applications after star topologies and 100 Mbps Ethernet became the dominant standard. Coaxial cable in LANs can have lengths of around 200 meters.

Baseband and Broadband Signaling Network technologies can use media to transmit signals in two main ways: baseband and broadband. The baseband transmission method sends digital signals in which each bit of data is represented by a pulse of electricity (on copper media) or light (on fiber-optic media). These signals are sent at a single fixed frequency, using the medium’s entire bandwidth. In other words, when a frame is sent to the medium, it occupies the cable’s entire bandwidth, and no other frames can be sent along with it—much like having cable TV that carries only a single channel. LAN technolo- gies, such as Ethernet and token ring, use baseband transmission. If cable TV used baseband signaling, you would need one cable for each channel!

Thankfully, cable TV and cable modem Internet access use broadband transmission. Instead of digital pulses, broadband systems use analog techniques to encode binary 1s and 0s across a continuous range of values. Broadband signals move across the medium in the form of continuous electromagnetic or optical waves rather than discrete pulses. On broad- band systems, signals flow at a particular frequency, and each frequency represents a chan- nel of data. That’s why broadband systems, such as cable TV and Internet, can carry dozens or hundreds of TV channels plus Internet access on a single cable wire: Each channel oper- ates at a different frequency. In addition, incoming and outgoing Internet data use separate channels operating at different frequencies from TV channels.

Ethernet Networks Ethernet, the most popular LAN technology, has many advantages, including ease of installa- tion, scalability, media support, and low cost. It supports a broad range of transmission speeds, from 10 Mbps to 10 Gbps.

As discussed, Ethernet can operate in a bus or star physical topology and a bus or switched logical topology. It has been in use since the mid-1970s but didn’t mature as a technology until the early to mid-1980s. Ethernet being around for almost 40 years is a testament to the

122 Chapter 3

original designers, whose forethought enabled Ethernet to scale from a 3 Mbps technology in its early years to a 10 Gbps and beyond technology today.

Although there are many variations of Ethernet, all forms are similar in their basic operation and frame formatting. What differs in the variations are the cabling, speed of transmission, and method by which bits are encoded on the medium. Because the frame formatting is the same, however, Ethernet variations are compatible with one another. That’s why you often see NICs and Ethernet hubs and switches described as 10/100 or 10/100/1000 devices. These devices can support multiple Ethernet speeds because the underlying technology remains the same, regardless of speed.

Ethernet Addressing Every Ethernet station must have a physical or MAC address. As you learned in Chapter 2, a MAC address is an integral part of network interface elec- tronics and consists of 48 bits expressed as 12 hexadecimal digits. When a frame is sent to the network medium, it must contain both source and destination MAC addresses. When a network interface detects a frame on the media, the NIC reads the frame’s destination address and compares it with its own MAC address. If they match or if the destination address is the broadcast MAC address (all binary 1s or FF:FF:FF:FF:FF:FF in hexadecimal), the NIC reads the frame and sends it to the network protocol for further processing.

Ethernet Frames A frame is the unit of network information NICs and switches work with. It’s the NIC’s responsibility to transmit and receive frames and a switch’s responsibil- ity to forward frames out the correct switch port to get the frame to its destination.

Ethernet frames come in four different formats, or frame types, depending on the network protocol used to send frames, and unfortunately, these frame types are incompatible with one another. They were developed during Ethernet’s early days, before standards were solid- ified. If your network needed to support multiple protocols, such as TCP/IP, IPX/SPX, and AppleTalk, you had to make sure your computers were configured to support all these frame types. Thankfully, TCP/IP has become the dominant network protocol in LANs, so supporting multiple frame types is largely unnecessary, except for networks that still run older Novell NetWare servers. Given this reality, this section examines only the frame type used by TCP/IP: Ethernet II. The other frame types are Ethernet SNAP, Ethernet 802.3, and Ethernet 802.2. For information on these frame types, see Appendix B.

The four Ethernet frame types are incompatible in the same Ether- net standard (such as using both Ethernet II and Ethernet SNAP in 100 Mbps), but each frame type is compatible with the same frame type in different standards. For example, Ethernet II in 10 Mbps Ethernet is compatible with Ethernet II in 100 Mbps and 1000 Mbps Ethernet.

Regardless of frame type, Ethernet networks can accommodate frames between 64 bytes and 1518 bytes. Shorter or longer frames are considered errors. Each frame is composed of the following (see Figure 3-11):

● A 14-byte frame header composed of these three fields:

● A 6-byte Destination MAC Address field ● A 6-byte Source MAC Address field ● A 2-byte Type field

Network Technologies 123

● A Data field from 46 to 1500 bytes ● A frame trailer (frame check sequence [FCS]) of 4 bytes

You’ve already learned the purpose and format of destination and source MAC addresses. The Type field in the frame header indicates the network protocol in the data portion. For example, this field might indicate that the Data field contains an IP, IPv6, or ARP packet, to name just a few possibilities. The data portion, often referred to as the “frame payload,” contains network protocol header information as well as the actual data an application is transferring. The FCS in the frame trailer is an error-checking code (discussed later in “Ethernet Error Handling”).

There are exceptions to the 1518-byte maximum frame size. For exam- ple, a function of some switches requires an additional 4-byte field in the Ethernet frame, bringing the maximum size to 1522 bytes. In addi- tion, Jumbo frames of up to 9000 bytes are supported by some NICs and switches but aren’t officially supported in the current Ethernet stan- dards. To use Jumbo frames, the feature must be enabled on every device on the LAN and be implemented the same way by these devices.

Ethernet Media Access Before a NIC can transmit data to the network medium, it must adhere to some rules governing how and when the medium can be accessed for trans- mission. The rules ensure that data is transmitted and received in an orderly fashion and all stations have an opportunity to communicate. The set of rules for each networking technol- ogy is referred to as its media access method or media access control. Note that the acronym for “media access control” is MAC, which is where the term “MAC address” comes from.

The media access method Ethernet uses in half-duplex mode is Carrier Sense Multiple Access with Collision Detection (CSMA/CD). To understand this method better, break this term down into parts. “Carrier sense” means to listen. The rules for half-duplex Ethernet state that a device can send or receive data but can’t do both simultaneously. So before a device can send, it must listen to see whether the medium is already busy, much like a group of people having a conversation. Each person listens for a pause in the conversation before speaking up. “Multiple access” simply means that multiple computers can be listen- ing and waiting to transmit at the same time, which brings you to “collision detection.” A collision occurs if two or more devices on the same medium transmit simultaneously. For example, if two people are waiting to chime in on a group conversation, they both hear a lull in the conversation at the same time and speak up simultaneously, causing a “collision” in the conversation. Ethernet’s collision detection method is much like a person’s; Ethernet detects, or “hears,” the other station transmit, so it knows a collision has occurred. The NIC then waits for a random period before attempting to transmit again. Ethernet repeats the “listen before transmitting” process until it transmits the frame without a collision. Sim- ulation 7 on the book’s CD shows a simulation of the CSMA/CD process.

Destination MAC Address (6 bytes)

Source MAC Address (6 bytes) Type (2 bytes)

Data (46–1500 bytes) FCS (4 bytes)

Frame header Data (frame payload)

Frame trailer

Courtesy of Course Technology/Cengage Learning

Figure 3-11 Ethernet II frame format

124 Chapter 3

Simulation 7: Ethernet operation using CSMA/CD

As you determined in Hand-On Project 2-4, when you attempted to create enough traffic to generate a collision, the CSMA/CD access method is efficient. It takes quite a bit of traffic to generate collisions, especially on a 100 Mbps network. However, the more devices on a logical bus topology and the more data they transmit, the greater the chance of a collision. So although CSMA/CD works well, today’s multimedia-heavy networks have somewhat outgrown it, and Ethernet has adapted to this development.

CSMA/CD is considered a contention-based access method, which means computers are allowed to send whenever they have data ready to send. Obviously, CSMA/CD modifies this rule somewhat by stipulating that the computer must listen first to ensure that no other station is in the process of transmitting.

Collisions and Collision Domains Remember that collisions can occur only in an Ethernet shared-media environment, which means a logical bus topology is in use. In this environment, all devices interconnected by one or more hubs hear all signals generated by all other devices. The signals are propagated from hub to hub until there are no more devices or until a device is encountered that doesn’t use a logical bus topology, such as a switch or a router. The extent to which signals in an Ethernet bus topology network are propagated is called a collision domain. Figure 3-12 shows a network diagram with two

Switch

Hub 2

Hub 1

Hub 3

Collision domain Collision domain

Hub 4 Hub 6

Hub 5

Figure 3-12 A network diagram showing two collision domains delimited by a switch Courtesy of Course Technology/Cengage Learning

Network Technologies 125

collision domains enclosed in circles. All devices in a collision domain are subject to the possi- bility that whenever a device sends a frame, a collision might occur with another device send- ing a frame at the same time. This fact has serious implications for the number of computers that can reasonably be installed in a single collision domain. The more computers, the more likely it is that collisions occur. The more collisions, the slower network performance is.

Notice in Figure 3-12 that all computers connected to Hubs 1 to 3 are in the same collision domain, and computers connected to Hubs 4 to 6 are in a different collision domain. This is because a switch port delimits the collision domain, which means collisions occurring in one collision domain don’t propagate through the switch.

Although collisions in an Ethernet network are usually associated with hubs, technically it’s possible for a collision to occur with a computer connected to a switch. A collision with a switch can occur only if the NIC connected to the switch port is operating in half-duplex mode. In addition, the collision domain is limited to only the devices connected to a single switch port. The same is true of routers. However, given that an Ethernet frame of maxi- mum size is transmitted on a 10 Mbps switch in just over a millisecond and just over a microsecond on a 100 Mbps switch, the likelihood of a collision with a switch is low.

If a hub is connected to a switch port in an extended star topology, collisions can occur between devices connected to the hub and the switch port. To avoid collisions altogether, use only switches in your network design with computers that have NICs operating in full- duplex mode.

Ethernet Error Handling One reason for Ethernet’s low cost and scalability is its sim- plicity. It’s considered a best-effort delivery system, meaning that when a frame is sent, there’s no acknowledgement or verification that the frame arrived at its intended destina- tion. Ethernet relies on network protocols, such as TCP/IP, to ensure reliable delivery of data. It’s similar to the package delivery guy at a corporation. His job is to take what he’s given to its intended destination; it’s the package receiver’s job to verify its contents and let the sender know it was received.

Ethernet can also detect whether a frame has been damaged in transit. The error-checking code in an Ethernet frame’s trailer is called a Cyclic Redundancy Check (CRC), which is the result of a mathematical algorithm computed on the frame data. The CRC is calculated and placed in the frame trailer before the frame is transmitted. When the frame is received, the calculation is repeated. If the results of this calculation don’t match the CRC in the frame, it indicates that the data was altered in some way, usually from electrical interference. If a frame is detected as damaged, because Ethernet is a best-effort delivery system, it simply discards the frame but doesn’t inform the sending station that an error occurred. Again, it’s the network protocol’s job to ensure that all expected data was actually received. The net- work protocol or, in some cases, the application sending the data is responsible for resend- ing damaged or missing data, not Ethernet.

A collision is the exception to Ethernet’s lack of action when an error occurs. When frames are involved in a collision, Ethernet resends them automatically because all stations detect that a collision has occurred.

126 Chapter 3

Half-Duplex Versus Full-Duplex Communication As discussed in Chapter 2, half-duplex communication means a station can transmit and receive data but not at the same time, much like a two-way radio. When Ethernet is implemented as a logical bus topology (using hubs), NICs can operate only in half-duplex mode and must use the CSMA/CD access method.

However, a network switch allows half-duplex or full-duplex communication. If a NIC is operating in half-duplex mode while connected to a switch, it must use CSMA/CD. How- ever, the only time a collision can occur in this circumstance is if the switch happens to transmit a frame to the NIC at the same time the NIC is attempting to transmit.

Full-duplex mode, by definition, means a NIC can transmit and receive simultaneously. Therefore, when an Ethernet NIC is operating in full-duplex mode connected to a switch, CSMA/CD isn’t used because a collision can’t occur in full-duplex mode. Because full- duplex mode eliminates the delays caused by CSMA/CD and allows double the network bandwidth, most Ethernet LANs now operate in this mode using switches.

Ethernet Standards Ethernet can operate at different speeds over different types of media, and each variation is associated with an IEEE standard. The following sections discuss many of these standards, some of which are obsolete or had limited use.

Standards Terminology Ethernet standards are generally expressed in one of two ways. One way is using the IEEE document number defining the standard. For example, IEEE 802.3 is the parent document specification for 10 Mbps Ethernet using thick coaxial cable, which was ratified in 1983. All other variations and speeds of Ethernet are subdocu- ments of the original 802.3 specification.

The second way of expressing an Ethernet standard is to use the XBaseY terminology. Most IEEE 802.3 documents describe the transmission speed, type of transmission, and length or type of cabling and are designated with terms such as 100BaseT. In 100BaseT, for example, the “100” designates the speed of transmission (100 Mbps), the “Base” indicates a base- band signaling method, and the “T” specifies twisted-pair cabling. All the BaseT Ethernet standards use a physical star topology. The following sections discuss the major standards and their designations.

10BaseT Ethernet 10BaseT Ethernet, defined by IEEE 802.3i, has been the mainstay of Ethernet networks since the early 1990s. It runs over Category 3 or higher UTP cabling and uses two of the four wire pairs. Because of its slower transmission speed, 10BaseT networks using a logical bus topology (with hubs) are more susceptible to collisions than faster 100BaseT networks are. In addition, the amount of data sent and received by a typical user makes 10BaseT seem slow in typical media-heavy environments compared with the more common 100BaseT and 1000BaseT standards.

If you work for an organization still using hubs, you need to know that there are limits to how many hubs you can string together to connect all computers. The rule for expanding a 10BaseT network with hubs is that no more than four hubs can be placed between two communicating workstations. This rule ensures that all stations on the network can detect a collision. Because of the limited time for signals to propagate through a network, if more

Network Technologies 127

than four hubs exist between end stations, a collision on one end of the network might not be detected by stations on the other side of the network in time for them to react properly. If switches rather than hubs are used, there’s no such limitation because a collision on a switch can take place only between the switch and a single workstation.

A business network still using 10BaseT should upgrade to 100 or 1000BaseT to take full advan- tage of current technology. A home or small-office network that uses the network mainly for sharing Internet access and transferring documents can still use 10BaseT effectively if its Internet connection is considerably slower than 10 Mbps. However, 10BaseT is essentially an obsolete technology, and networks using 10BaseT should upgrade as soon as circumstances permit.

100BaseTX Ethernet 100BaseTX (often referred to as simply “100BaseT”), defined by IEEE 802.3u, is the most commonly used Ethernet variety today. It runs over Category 5 or higher UTP cable and uses two of the four wire pairs: one to transmit data and the other to receive data. There are other varieties of 100BaseT Ethernet (discussed later in this section), but 100BaseTX is the standard that’s usually in mind when discussing 100 Mbps Ethernet. It’s also sometimes called Fast Ethernet.

An important consideration when designing a 100BaseTX network with hubs is the total number of hubs allowed between end stations. There are two types of 100BaseTX hubs: class I and class II. Class I hubs can have only one hub between communicating devices; class II hubs can have a maximum of two hubs between devices. This limitation is designed to ensure that when a collision occurs on a hub-based network, all stations in the collision domain have enough time to hear the collision and respond appropriately. If a 100BaseTX network uses mainly hubs to connect computers, a switch is often used in the center of an extended star to interconnect multiple hubs, as shown in Figure 3-13, to avoid this limita- tion. If you’re using only switches in your network, this limitation doesn’t apply. You’ll probably see hubs of any type only in older network installations; all new designs and upgrades use switches of at least 100 Mbps.

100BaseFX Ethernet In environments that aren’t conducive to using copper wiring to carry network data (such as electrically noisy settings) or where the cable run length exceeds the reach of twisted-pair wiring, the only real choice in a wired network is fiber optics. 100BaseFX (with the F indicating “fiber optic”), which uses two strands of fiber-optic cable, is often the best choice of network technology in these settings. Fiber-optic cable installation is

100BaseT hub

Switch

Figure 3-13 Using a switch to interconnect 100BaseTX hubs Courtesy of Course Technology/Cengage Learning

128 Chapter 3

still far more expensive than twisted-pair cable, but its advantages of being impervious to elec- trical noise and supporting longer cable segment lengths are worth the cost if the network requires these properties. 100BaseFX is rarely used as a complete replacement for 100BaseTX; instead, it’s typically used as backbone cabling between hubs or switches and to connect wir- ing closets between floors or buildings. It’s also used to connect client or server computers to the network when immunity to noise and eavesdropping is required.

1000BaseT Ethernet 1000BaseT Ethernet, released as the IEEE 802.3ab standard, sup- ports 1000 Mbps Ethernet (usually called Gigabit Ethernet) over Category 5 or higher UTP cable. The 1 Gbps data rate results from sending and receiving data simultaneously (in full- duplex mode) at 250 Mbps in both directions over each of the four wire pairs in Category 5 cable. Therefore, each wire pair can send and receive data at the same time at 250 Mbps, which results in a bandwidth of 1000 Mbps (or 1 Gbps) in each direction in full-duplex mode. To support full-duplex transmission over a single pair of wires, 1000BaseT uses equip- ment called hybrids and cancellers, which combine multiple signals and cancel interference. So if the link operates in half-duplex mode, the channel speed is 1000 Mbps (250 Mbps times four wire pairs). When operating in full-duplex mode, 1000BaseT actually delivers 2 Gbps total bandwidth. In most cases, it runs in full-duplex mode connected to switches.

Unlike 10BaseT and 100BaseT Ethernet, 1000BaseT Ethernet doesn’t dedicate a wire pair to transmitting or receiving. Each wire pair is capable of transmitting and receiving data simul- taneously, thereby making the 1000 Mbps data rate possible in both half-duplex and full- duplex modes. Similarly to 100BaseT, 1000BaseT allows only one hub or repeater between end stations when using half-duplex communication. Most installations use switches that detect the speed of the connected device automatically, whether it’s 10 Mbps, 100 Mbps, or 1000 Mbps. In addition, you’ll be hard-pressed to find a 1000BaseT hub/repeater to pur- chase, making the one-repeater limitation an unlikely problem in new network designs.

1000BaseT Ethernet has gained wide acceptance in corporate data centers to connect servers to central switches and connect power users’ desktop computers. Because 1000BaseT runs over standard Category 5 cable, the upgrade path for companies currently running 100BaseT is fairly simple. NICs and switches that don’t operate at 1000 Mbps must be replaced, but the cabling infrastructure doesn’t need to be. Although Category 5 cable is the minimum requirement, most new installations planning a 1000BaseT network should opt for Cat 5e or Cat 6 cable for their better high-speed transmission properties.

A power user is a network user who often uses the most recent technologies and runs high-end software and hardware that require more network resources than what the average user runs.

10GBaseT Ethernet The 2006 IEEE 802.3an standard defines 10 Gigabit Ethernet as running over four pairs of Category 6A UTP cabling. Unlike the other BaseT Ethernet stan- dards, 10GBaseT operates only in full-duplex mode, so you won’t find any 10 Gbps hubs— only switches. 10GBaseT isn’t likely to find its way into many desktop computers in the near future; a search for 10GBaseT NICs shows their cost at more than $1000 as of this writing. However, as more desktop systems begin operating at 1 Gbps, you might need to equip your network’s servers with 10 Gigabit Ethernet NICs so that they can keep up with desktop systems.

Network Technologies 129

Additional Ethernet Standards Although the standards discussed previously constitute the majority of Ethernet LANs, quite a few other standards exist; some are common, and others are uncommon or obsolete. The following sections describe these other standards and their use in current networks briefly.

100BaseT4 As the name implies, 100BaseT4 Ethernet uses all four pairs of wires bundled in a UTP cable. The one advantage that 100BaseT4 has over 100BaseTX is the capability to run over Category 3 cable. When 100 Mbps speeds became available, many companies wanted to take advantage of the higher bandwidth. However, if the cable plant consisted of only Category 3 cable, there were just two choices: Replace the cabling with higher-grade Category 5 cabling so that 100BaseTX could be used, or use 100BaseT4 Ethernet. One of the biggest expenses of building a network is cable installation, so many organizations chose to get higher speeds with the existing cable plant by using 100BaseT4. Although these differences from 100BaseTX might seem like a good idea, 100BaseT4 never caught on and is essentially obsolete.

1000BaseLX 1000BaseLX uses fiber-optic media; the “L” stands for “long wavelength,” the kind of laser used to send signals across the medium. These lasers operate at wave- lengths between 1270 to 1355 nanometers and work with single-mode fiber (SMF) and mul- timode fiber (MMF). Long-wavelength lasers cost more than short-wavelength lasers but can transmit their signals over longer lengths of cable.

Although the 1000BaseLX standard specifies a maximum cable segment length of 5000 meters, some manufacturers have extended it by using specialized and proprietary optical transceivers. Cisco Systems, for example, offers 1000BaseLH (“LH” stands for “long haul”), which provides a maximum cable segment length of 10,000 meters over SMF cable. For extremely long-distance Gigabit Ethernet communication, 1000BaseZX, another Cisco product, is capable of distances up to 100,000 meters over SMF cable.

1000BaseSX 1000BaseSX uses fiber-optic media; the “S” stands for “short wavelength.” These lasers operate at wavelengths between 770 to 860 nanometers and work only with MMF cable. Short-wavelength lasers can’t cover as much distance as long-wavelength lasers, but they are less expensive (and use cheaper MMF cable).

1000BaseCX 1000BaseCX uses specially shielded, balanced, copper jumper cables; the “C” stands for “copper,” the kind of electrical signaling used. Jumper cables are normally used for interconnections between devices or to link virtual LANs (VLANs) on a switch; these jumper cables might also be called “twinax” (short for “twin-axial”) or “short-haul” copper cables. Segment lengths for 1000BaseCX cables top out at 25 meters, which means they’re used mostly in wiring closets or equipment racks.

10 Gigabit Ethernet: IEEE 802.3ae Standards The 802.3ae standard governing several varieties of 10 Gigabit Ethernet before 10GBaseT was adopted in June 2002. This Ethernet version is much like the others in frame formats and media access method. However, it does have some important technical differences. It’s defined to run only on fiber-optic cabling, but the 10 Gigabit Ethernet standard specifies a maximum distance of 40 kilometers, compared with just 5 kilometers for the 1000BaseLX Gigabit Ethernet. This distance has important implications for WANs and MANs because although most WAN

130 Chapter 3

and MAN technologies can be measured in megabits, 10 Gigabit Ethernet provides band- width that can transform how WAN speeds are considered. Like 10GBaseT Ethernet, 802.3ae 10 Gigabit Ethernet technologies run in full-duplex mode only, so the CSMA/CD access method isn’t necessary.

The primary use of 10 Gigabit Ethernet technologies is as the network backbone, intercon- necting servers and network segments running 100 Mbps and 1000 Mbps Ethernet technol- ogies. However, they also have their place in storage area networks (SANs) and, along with 10GBaseT, can be used as the interface for enterprise-level servers.

As this technology matured, a number of implementations were developed that are divided into two basic groups: 10GBaseR for LAN applications and 10GBaseW for WAN applica- tions. The W group of standards uses SONET framing over OC-192 links. (SONET and OC standards are explained in Chapter 12). Both groups have (S)hort range, (L)ong range, and (E)xtended range versions. The short-range versions use MMF fiber-optic cabling, and the long-range and extended-range versions run over SMF fiber-optic cabling. (These fiber-optic types are discussed in Chapter 4.) The following list summarizes the 802.3ae technologies:

● 10GBaseSR—Runs over short lengths (between 26 and 82 meters) on MMF cabling. Applications are likely to include connections to high-speed servers, interconnecting switches, and SANs.

● 10GBaseLR—Runs up to 10 km on SMF cabling and is used for campus backbones and MANs.

● 10GBaseER—Runs up to 40 km on SMF cabling; used primarily for MANs. ● 10GBaseSW—Uses MMF cabling for distances up to 300 meters; used for SONET

campus network applications. ● 10GBaseLW—Uses SMF cabling for distances up to 10 km; used for SONET WAN

applications. ● 10GBaseEW—Uses SMF cabling for distances up to 40 km; used for SONET WAN

applications.

40 Gigabit and 100 Gigabit Ethernet: The 802.3ba Standard IEEE 802.3ba was ratified on June 17, 2010, and vendors are already shipping or announcing products. Some goals for 40 Gigabit Ethernet include the capability to transmit up to 10 kilometers over SMF fiber-optic cabling and at least 7 meters over a special copper wire assembly; for 100 Gigabit Ethernet, goals include transmitting up to 40 km over SMF cabling and 7 meters over copper. The existing frame format is preserved, meaning these new high-speed versions are backward-compatible with slower standards.

Although the 802.3ba task force has completed its work, you can read about how this new standard came to be at www.ieee802.org/ 3/ba/index.html.

As you can see, Ethernet has come a long way since Xerox transmitted at 3 Mbps over coaxial cable, and the journey from 3 Mbps to 10 Gbps isn’t over yet. Table 3-2 summarizes many features and properties of the Ethernet standards discussed in this section.

Network Technologies 131

What’s Next for Ethernet? Estimations are that Ethernet speeds will continue to increase, with Terabit Ethernet (1000 Gbps) available by 2015. This kind of mind-boggling speed will allow networks to transfer data across a city faster than some CPUs can transfer data to memory. When Internet providers begin using this level of bandwidth to connect to the Internet backbone and when homes and businesses can tap into it, too, extraordinary amounts of information will be at your fingertips. This speed has major implications for the entertainment industry and many other fields. The Ethernet train is revving up, and it promises to be an exhilarating ride.

Table 3-2 Ethernet standards and properties

Ethernet standard

IEEE document #

Transmission speed Cable type

Minimum cable grade

Maximum distance Design notes

10BaseT 802.3i 10 Mbps UTP Cat 3 100 meters Maximum four hubs between stations

100BaseT/TX 802.3u 100 Mbps UTP Cat 5 100 meters Maximum two hubs between stations

100BaseFX 802.3u 100 Mbps MMF or SMF N/A 2 km over MMF, 10 km over SMF

1000BaseT 802.3ab 1000 Mbps UTP Cat 5 (Cat 5e or 6 preferred)

100 meters Maximum one hub between stations

10GBaseT 802.3an 10 Gbps UTP Cat 6A 100 meters Full-duplex only; no hubs

100BaseT4 802.3u 100 Mbps UTP Cat 3 100 meters Obsolete; saw little use

1000BaseLX 802.3z 1000 Mbps MMF or SMF N/A 550 meters over MMF, 5 km over SMF

1000BaseSX 802.3z 1000 Mbps MMF N/A 550 meters

1000BaseCX 802.3z 1000 Mbps Twinax N/A 25 meters Succeeded by 1000BaseT

10GBaseSR 10GBaseLR 10GBaseER 10GBaseSW 10GBaseLW 10GBaseEW

802.3ae 10 Gbps MMF or SMF N/A Varies from 82 meters up to 40 km

Choice of technology depends on application

40 Gigabit Ethernet and 100 Gigabit Ethernet

802.3ba 40 and 100 Gbps

MMF, SMF, and copper assembly

N/A 40 km over SMF, 7 meters over copper

Standard ratified June 17, 2010

132 Chapter 3

Hands-On Project 3-2: Determining and Changing Your Ethernet Standard

Time Required: 15 minutes

Objective: Determine your Ethernet standard and change your connection speed to use a different standard.

Required Tools/Equipment: Classroom computers connected to a classroom hub or switch. The hub or switch and NICs must be capable of connecting at multiple speeds. For example, if you’re using a 10/100 Mbps switch, and your NICs are capable of 10/100 Mbps, you change the connection speed to the slower rate. If possible, each student should be assigned a separate partner. Separate lab computers and a hub or switch can also be used for this project.

Description: In this project, you view your network connection properties to see at what speed your NIC is operating. Then you send a large ping message and note how long the reply takes. Next, you change the speed, if your NIC driver allows, and perform the same ping to see whether you can detect a time difference.

This project works best with physical computers rather than virtual machines. Even if you change the connection speed on the virtual machine, it transmits bits at the host computer’s connection speed.

1. Log on to your computer as NetAdmin.

2. Open a command prompt window, and then type ipconfig and press Enter. Exchange your IP address with your partner and write down your partner’s IP address. Leave the command prompt window open for later.

3. Click the network connection icon in the taskbar and click Open Network and Sharing Center.

4. In the Network and Sharing Center, click Local Area Connection to open the Local Area Connection Status dialog box (see Figure 3-14).

5. In the Connection section, find the connection speed. Write down this information and, based on the speed listed, the Ethernet variety your computer is running: ● Connection speed: ● Ethernetvariety:

6. At the command prompt, ping your partner by typing ping -l 60000 IPaddress and pressing Enter. The -l 60000 option in the command specifies that the ping message should be 60000 bytes instead of the typical length of 32 bytes. Note the time¼ values in the ping replies and write them down. For example, yours might say “time¼ 2ms,” meaning the reply took 2 milliseconds. Not all times might be the same. Sometimes the first time is slower than the rest. Try pinging a few times to get an idea of the average time. ● Ping reply times:

7. Click the Properties button, and in the Local Area Connection Properties dialog box, click Configure.

Network Technologies 133

8. Click the Advanced tab. In the Property list box, click Link Speed & Duplex (or a simi- lar name). Figure 3-15 shows the connection options. Not all NICs have the same options, so you might see different options.

9. The default setting is usually Auto Negotiation. Click 10 Mpbs Half Duplex if this option is available, and then click OK. If you were able to set this option, what speed and variety of Ethernet is your computer running now?

● Connection speed: ● Ethernet variety:

Figure 3-14 The Local Area Connection Status dialog box Courtesy of Course Technology/Cengage Learning

134 Chapter 3

10. After you and your partner have changed the connection speed to a lower value, repeat the ping command you used in Step 6. Write down the reply times, and state whether they were different:

● Ping reply times at 10 Mbps:

11. Figure 3-16 shows two sets of ping results. The first result was from two computers connected at 1 Gbps (1000 Mbps) in full-duplex mode. The average reply took 5 ms. The second result was with the same computers connected at 10 Mbps half-duplex, and the average reply took 103 ms. Change your connection speed and duplex mode back to Auto Negotiation, and then close all open windows. Leave your computer run- ning for the next project.

Figure 3-15 Settings for the Link Speed & Duplex property Courtesy of Course Technology/Cengage Learning

Network Technologies 135

Hands-On Project 3-3: Viewing an Ethernet Frame

Time Required: 20 minutes

Objective: Capture packets and examine details of the Ethernet II frame format.

Required Tools/Equipment: Classroom computers connected to a classroom hub or switch with Wireshark installed

Description: In this project, you capture some packets and then examine the frame and pro- tocol headers.

1. If necessary, log on to your computer as NetAdmin.

2. Start Wireshark and click Capture Options. In the Capture Filter text box, type icmp, and then click Start.

3. Open a command prompt window, and then type ping IPaddress and press Enter (replacing IPaddress with the IP address of another student’s computer or another device on your network).

4. In Wireshark, click the Stop the running live capture toolbar icon to stop the capture.

5. Click a packet summary in the top pane with ICMP listed in the protocol field.

6. In the middle pane, click to expand the Ethernet II row. It should look similar to Figure 3-17.

Figure 3-16 Ping results at different connection speeds Courtesy of Course Technology/Cengage Learning

136 Chapter 3

7. Notice the three fields in the Ethernet II frame: Destination, Source, and Type. The Des- tination and Source fields are the destination and source MAC addresses in the frame. In Figure 3-17, you see Cisco before the destination address and Vmware before the source address because Wireshark attempts to resolve the NIC manufacturer coded in the MAC address’s first six digits. The full MAC address (without manufacturer name) is shown in parentheses. The Type field has the value 0x800, which indicates that the protocol in the frame is IP. Click to expand the Internet Protocol row.

8. Under Internet Protocol, you see details of the IP header, including the destination and source IP addresses. Click to expand the Internet Control Message Protocol row to view details of the ICMP protocol header. (You learn more about IP-related protocols in Chapter 5.)

9. Click to expand the Data portion of the frame, and then click the Data field to see the ICMP message data in hexadecimal in the bottom pane. The right side of this pane shows the translation from hexadecimal to ASCII (human-readable characters); as you can see, it’s just portions of the alphabet repeated. Some Ping programs include more clever data, such as “Hello, are you there?” The actual data in a ping message doesn’t matter; what matters is that the reply contains the same data as the ping request.

10. Exit Wireshark and click Quit without Saving when prompted. Close the command prompt window.

11. Stay logged on if you’re going on to the next project; otherwise, shut down your computer.

802.11 Wi-Fi The 1997 802.11 wireless networking standard, also referred to as Wireless Fidelity (Wi-Fi), has continued to undergo development. With it, manufacturers of wireless networking devices have brought inexpensive, reliable wireless LANs to homes and businesses. The cur- rent standards include 802.11b, 802.11g, and 802.11n running at a 2.4 GHz frequency with speeds of 11 Mbps, 54 Mbps, and up to 600 Mbps, respectively. 802.11a isn’t as prevalent as the other 802.11 standards; it specifies a bandwidth of 54 Mbps at a 5 GHz frequency.

Of these competing standards, 802.11b and 802.11g are the most widespread at this writing because they have been in use the longest. 802.11g is backward-compatible with 802.11b and, therefore, offers a convenient bandwidth upgrade path. 802.11n is the newest Wi-Fi standard, completed in October 2009. It can operate in the 2.4 GHz or 5 GHz frequency range and is backward-compatible with 802.11b and 802.11g. It’s capable of speeds up to 600 Mbps by using the multiple-in, multiple-out (MIMO) technique. This technique uses multiple antennas and divides available frequency ranges into multiple channels to achieve

Figure 3-17 An Ethernet II frame in Wireshark Courtesy of Course Technology/Cengage Learning

Network Technologies 137

high speeds. However, 600 Mbps is the maximum bandwidth possible under 802.11n; actual speeds of common devices are typically 100 to 300 Mbps.

Essentially, 802.11 wireless is an extension to Ethernet, using airwaves as the medium. In fact, most 802.11 networks incorporate some wired Ethernet segments. The 802.11 networks can extend from several feet to several hundred feet, depending on environmental factors, such as obstructions and radio frequency interference. The prevalence of people owning 802.11-enabled laptops, iPads, and cell phones has spawned a new mode for accessing the Internet. Many busi- nesses have set up Wi-Fi hot spots, which are localized wireless access areas. You can sit outside your favorite coffee shop, for example, and use a wireless Internet connection with your portable devices. College campuses, too, are using hot spots so that students can sit in a courtyard between classes and access the campus network and the Internet with their Wi-Fi–enabled laptops.

For more information on 802.11 standards, see www.wi-fiplanet.com.

Wi-Fi Modes Wi-Fi networks can operate in one of two modes: infrastructure and ad hoc. Most Wi-Fi networks operate in infrastructure mode, meaning wireless stations connect through a wireless AP before they can begin communicating with other devices. Ad hoc mode, sometimes called peer-to-peer mode, is a wireless mode of operation typically used only in small or temporary installations. There’s no central device, and data travels from one device to another in a line (more or less). If you want to describe ad hoc mode in terms of a physical and logical topology, it most resembles a physical and logical bus. Most of this chapter’s discussion of Wi-Fi focuses on infrastructure mode.

Ad hoc mode should not be used in public environments because it’s less secure than infrastructure mode.

Wi-Fi Communication Channels Wi-Fi networks operate at one of two radio fre- quencies: 2.4 GHz and 5.0 GHz. However, this frequency is not fixed. The 2.4 GHz Wi-Fi variety, which includes 802.11b, g, and n, operates from 2.412 GHz through 2.484 GHz, divided into 14 separate 5 MHz channels (although only the first 11 channels are used in North America, and other regions have channel use restrictions). The 5.0 GHz Wi-Fi variety divides frequencies between 4.915 GHZ and 5.825 GHz into 42 channels of 10, 20, or 40 MHz each, depending on the region of the world where it’s used. The remainder of the dis- cussion about Wi-Fi channels pertains to 2.4 GHz Wi-Fi because it’s the most popular, but most points also apply to the 5.0 GHz varieties.

A wireless channel works somewhat like a TV channel, in which each channel works at a dif- ferent frequency and can, therefore, carry different streams of data. When you configure a wireless AP, you can choose the channel in which it operates (see Figure 3-18). By choos- ing a channel that’s not in heavy use, you can improve reception and throughput rate. However, 2.4 GHz Wi-Fi actually requires 25 MHz to operate correctly, effectively span- ning five channels. So if you’re configuring several Wi-Fi networks, you should choose

138 Chapter 3

channels that are five apart; for example, if you configure three Wi-Fi networks in close proximity, choose channels 1, 6, and 11.

Several tools are available that scan channels to see how much activity is on each. You can then configure your AP to operate on a less frequently used channel. Figure 3-19 is an example of the output of the program inSSIDer and shows that a number of Wi-Fi networks were detected. Each one is labeled with its SSID.

Wi-Fi runs in the vast range of frequencies encompassed by microwave radio. For this rea- son, a microwave oven can cause interference in a Wi-Fi network. The result of this interfer- ence can vary from a slight loss in signal strength to disconnection from the network while the oven is running. A change in Wi-Fi channels can sometimes lessen the effects of micro- wave oven interference. In addition, some cordless phones use the same frequencies as Wi-Fi networks. If a cordless phone is causing interference, try changing the channel of the AP, the cordless phone (if possible), or both.

Wi-Fi Security Because the network signals and, therefore, network data, of a Wi-Fi network aren’t constrained by physical media, access to a Wi-Fi network must be secure. The signals from a Wi-Fi network can travel several hundred feet, which means Wi-Fi devices outside your home or business can detect them. A person with a Wi-Fi–enabled device sitting

Figure 3-18 Selecting a Wi-Fi channel on an access point Courtesy of Course Technology/Cengage Learning

Network Technologies 139

outside your home or business can connect to an unsecured network and use your Internet access to capture packets with a program such as Wireshark—or worse, access files on your computers.

At the least, a Wi-Fi network should be protected by an encryption protocol that makes data unauthorized users capture extremely difficult to interpret. Wi-Fi devices typically support one of these encryption protocols, listed in order of effectiveness: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and Wi-Fi Protected Access 2 (WPA2). Not all devices support all three protocols; in particular, older devices might support only WEP and/or WPA. Wi-Fi encryption is configured on the AP, so to connect to the network, Wi-Fi devices connecting to the AP must be configured for the particular encryption proto- col. Wi-Fi security is discussed in more depth in Chapters 7 and 11.

WEP should be used only when it’s the only option available because its encryption protocols are easily broken.

Wi-Fi Access Method and Operation You have learned about CSMA/CD as the access method in wired forms of Ethernet, but wireless networks have a special problem with this access method. CSMA/CD requires that all stations be able to hear each other so that each station knows when another station is sending data. This requirement is reasonable, but if two stations try to send at the same time, a collision can occur. Fortunately, in a wired network, sending stations hear the collision and attempt to resend the data. If you’ve ever used a push- to-talk handheld radio, you know that when you’re talking, you can’t hear anybody else talk- ing, and vice versa. 802.11 networks work the same way. If a station transmits data, it can’t hear whether any other station is transmitting, so if a collision does occur, the sending station doesn’t detect it. For this reason, 802.11 specifies the Carrier Sense Multiple Access with

Figure 3-19 Wi-Fi network channel activity Courtesy of Course Technology/Cengage Learning

140 Chapter 3

Collision Avoidance (CSMA/CA) access method, in which an acknowledgement is required for every packet sent, as explained in Chapter 2. With this requirement, if a collision occurs, the sending station knows the packet didn’t arrive safely because there’s no acknowledgement. Simulation 8 on the book’s CD shows a simulation of basic wireless LAN operation.

Simulation 8: Basic wireless LAN operation

Another problem exists in wireless networks that doesn’t happen in wired networks. It’s quite possible that in a three-station wireless network, all workstations can communicate with the AP: For example, workstation A can hear workstation B and workstation B can hear workstation C, but workstation A can’t hear workstation C, perhaps because the two are out of range. This situation is called the “hidden node problem.” CSMA/CA doesn’t work because workstation A never knows whether workstation C is sending, and vice versa. To counteract this problem, the 802.11 standards specify another feature that uses handshaking before transmission. As described in Chapter 2, a station must send the AP a request-to-send (RTS) packet requesting transmission. If it’s okay to transmit, the AP sends a clear-to-send (CTS) message, and the workstation starts its communication. All other devices communicating with the AP hear the exchange of RTS and CTS messages, thus informing them that another device has control of the medium.

The 802.11b standard specifies a transmission rate of 11 Mbps, but this value isn’t absolute. Environmental conditions can prevent transmission at this speed. Therefore, transmission speeds might be dropped incrementally from 11 Mbps to 5.5 Mbps to 2 Mbps and, finally, to 1 Mbps to make a reliable connection. In addition, there’s no fixed segment length for wireless networks because reliable communication relies heavily on the environment—for example, the number of walls between stations and the AP. The other three 802.11 standards behave similarly.

In general, an 802.11 network operating at 2.4 GHz has a maximum distance of 300 feet at full speed with no obstructions. However, this distance can be longer with 802.11n and large, high-quality antennas. Keep in mind that the data rate might suffer as the distance and number of obstructions increase.

For an excellent tutorial on wireless networking, visit www.networkcomputing.com/1115/1115ws22.html.

Hands-On Project 3-4: Configuring an Ad Hoc Wi-Fi Network

Time Required: 20 minutes

Objective: Configure an ad hoc Wi-Fi network.

Required Tools/Equipment: Two or more computers with 802.11 wireless NICs installed. USB wireless NICs work well because they don’t require opening the computer case. Laptops with

Network Technologies 141

built-in wireless NICs will also do. The 802.11 standard supported doesn’t matter as long as the NICs are compatible with one another. These instructions are written for Windows 7, but some steps can be changed to accommodate Vista. Windows XP requires substantial changes to the steps.

Description: All students go through the steps of creating an ad hoc Wi-Fi network, but only one person in each group can actually create the network. You can work in groups of two to four or more, but each group must use a different ad hoc network name. For example, if each group is assigned a number, the network names can be AdHoc1, AdHoc2, and so forth. After the ad hoc network is created by the first person in each group who does the steps, the other members of the group cancel the creation of the ad hoc network and then connect to the ad hoc network the first group member created.

1. Start your computer and log on as NetAdmin. If the wireless NIC isn’t installed yet, install it according to your instructor’s instructions.

2. After the wireless NIC is installed, click the network connection icon in the taskbar and click Open Network and Sharing Center.

3. In the Network and Sharing Center, click Set up a new connection or network, and then click Next in the welcome window.

4. In the Choose a connection option window, click Set up a wireless ad hoc (computer- to-computer) network, and then click Next. Click Next again.

5. In the Network name text box, type AdHocX (replacing X with your group number). Click the Security type list arrow and click No authentication (Open), as shown in Figure 3-20. Click Next.

6. Only one person can create an ad hoc network with a particular name. After the network is created, anyone else can connect to it. If you’re the first person to create the network, you see a window like Figure 3-21. If the network was already created, you see a window like Figure 3-22. If the network already exists, click Cancel; otherwise, click Close.

Figure 3-20 Creating an ad hoc wireless network Courtesy of Course Technology/Cengage Learning

142 Chapter 3

7. In the Network and Sharing Center, click Connect to a network. If you’re the one who created the ad hoc network, you are already connected. If not, click the AdHocX network you’re assigned to, and then click Connect.

Figure 3-21 Successful creation of an ad hoc network Courtesy of Course Technology/Cengage Learning

Figure 3-22 The ad hoc network already exists Courtesy of Course Technology/Cengage Learning

Network Technologies 143

8. In the Network and Sharing Center, click Change adapter settings. Double-click Wireless Network Connection to view the connection’s status, which includes the connection speed and the SSID (AdHocX). Click Details.

9. In the details window, note your IP address. Share this address with one or more people in your group, and then ping one of your group members to verify that you can com- municate. You won’t be able to communicate with members of other AdHocX net- works. If the ping fails, it’s probably because Windows 7 identified the network as a public network, and Windows Firewall blocked the ping packets. You can turn off the Public profile in the firewall (ask your instructor how to do this) if you want the ping to succeed. Be sure to enable the firewall when you’re finished.

10. Close all open windows. Click the wireless network connection icon in the taskbar. Click the AdHocX network to which you’re connected and click Disconnect. Shortly after all computers are disconnected from an ad hoc network, it’s no longer displayed as an available wireless network.

11. If your wireless NIC is a USB device, you can remove it now. Stay logged on if you’re going on to the next project; otherwise, shut down your computer.

Token Ring Networks Developed by IBM in the mid-1980s, the token ring network technology provides reliable, albeit slow by today’s standards, transport of data. Based on the IEEE 802.5 standard, token ring networks are cabled in a physical star topology but function as a logical ring, as shown earlier in Figure 3-8. Token ring originally operated at 4 Mbps, but this speed increased to 16 Mbps and later to 100 Mbps. A 1000 Mbps standard was approved in 2001, but by that time, the token ring technology had clearly lost out to 100 Mbps Ethernet, and no 1000 Mbps products were ever manufactured in quantity. Most token ring networks used Category 4 or higher UTP.

Token Ring Media Access Token ring uses the token-passing media access method, which is where the technology gets its name. Using this method, a special frame called the “token” passes from one computer to the next. Only the computer holding the token can send data, and a computer can keep the token for only a specific amount of time. If the computer with the token has no data to send, it passes the token to the next computer.

Because only the computer with the token can transmit data, this method prevents collisions. Computers no longer spend time waiting for collisions to be resolved, as they do in a CSMA/ CD network. All computers have equal access to the medium, which makes token-passing networks best suited for time-sensitive environments, such as banking transactions and data- bases requiring precise timestamps. Also, because traffic moves in a specific “direction” around a ring topology, faster access methods (such as 100 Mbps token ring) can circulate two tokens at the same time without fear of collision. (By keeping the two sets of messages from overlapping, both tokens can circulate in order.)

However, token passing has two disadvantages. First, even if only one computer on the network has data to send, it must wait to receive the token. If its data is large enough to warrant two or more “turns” at the token, the computer must wait until the token makes a complete circuit before starting its second transmission. Second, the complicated process of

144 Chapter 3

creating and passing tokens requires more expensive equipment than what’s used on CSMA/ CD networks. This additional expense and complication is in part what led to token ring quickly becoming second best in LAN technologies, compared with 100 Mbps and switched Ethernet. Because token ring is no longer a widely used LAN technology, additional operat- ing details about it have been moved to Appendix B.

Fiber Distributed Data Interface Technology Fiber Distributed Data Interface (FDDI) uses the token-passing media access method and dual rings for redundancy. The rings in an FDDI network are usually a physical ring of fiber- optic cable. FDDI transmits at 100 Mbps and can include up to 500 nodes over a distance of 100 kilometers (60 miles). FDDI full-duplex technology, an extension to standard FDDI, can support up to 200 Mbps. Like token ring, FDDI uses token passing; however, FDDI’s token- passing scheme is based on IEEE 802.4 rather than IEEE 802.5. An FDDI network has no hubs; devices generally connect directly to each other. However, devices called “concentra- tors” can serve as a central connection point for buildings or sites in a campus setting.

Much like token ring, FDDI technology lost out to faster versions of Ethernet and is now obsolete for new network designs. It had its heyday in the early to mid-1990s when Ethernet was operating at only 10 Mbps and switched Ethernet was just being developed. If you want to buy FDDI products now, you’ll be purchasing used products, as new products aren’t avail- able. Therefore, details on FDDI have been relegated to Appendix B.

Internet Access Technologies This section describes the Internet access technologies most commonly used by small office/ home office (SOHO) networks to share Internet access for all workstations on the network: cable modem, DSL, and satellite. These technologies are in contrast to the WAN technologies often used by large businesses to access the Internet and communicate with remote offices. WAN technologies are discussed in Chapter 12.

Cable Modem Cable modem networking is a broadband technology used to deliver Internet access to homes and businesses over standard cable television (CATV) coaxial cable. Because it’s a broadband technology, data delivered to a cable modem shares the same cable as the channels delivered to your TV. In fact, Internet data simply travels on a TV channel that’s not used by the cable company. The official standard governing cable modem operation is Data Over Cable Service Interface Specification (DOCSIS). Although cable modems are considerably more complicated than dial-up modems, they are true mod- ems in the sense that they modulate and demodulate signals.

Cable modem networks share some properties of traditional 10Base2 Ethernet. They are shared-media, bus topology networks at the point where data is delivered to a home. Other parts of a cable modem network use high-speed WAN technologies, as shown in Figure 3-23.

Cable modems have exploded in popularity because of the high speeds at which Internet data can be delivered to homes and businesses. With the newest DOCIS 3.0 stan- dard (called Wideband Internet), Internet data can be delivered to customers at speeds up to 60 Mbps, although most ISPs don’t support this standard in all areas as of this writing. Most cable Internet companies still deliver between 1 Mbps and 10 Mbps bandwidth to their customers.

Network Technologies 145

Cable modems use an asymmetrical communication scheme—data rates going to the home (downstream rates) are higher than data rates coming from the home to the cable provider (upstream rates). Upstream data rates can be as much as 10 Mbps but are usually limited to between 256 Kbps and 1 Mbps.

Cable modems provide bandwidth to users as a form of shared media access. That is, all users on a CATV cable segment (usually part of a neighborhood or large building, for example) share available bandwidth. Therefore, more users (or more traffic per user) mean less bandwidth per user because access is shared. One powerful advantage of cable modem access, however, is that distance limitations don’t govern functionality. As long as users have access to cable TV and the cable company offers Internet access on the local cable seg- ment, users can install a cable modem and access the Internet.

Shared access in this context means the medium from your cable connection to the cable company (the ISP) is shared by other users in your location. After data reaches the ISP and goes out to the Internet, the medium is shared by all other Internet users.

Internet

Home

Business

Cable drop

Regional cable head-end site

IP backbone network

Public switched telephone network

Fiber-optic transport Coaxial cable

SONET or ATM network

Distribution hub

Figure 3-23 A typical cable modem network Courtesy of Course Technology/Cengage Learning

146 Chapter 3

Aside from performance issues caused by shared access media in cable modem networks, security was a concern in early cable networks because users who shared the same cable seg- ment could eavesdrop on others’ communication sessions. However, networks complying with the DOCSIS standard use a strong encryption key for each user connection, which ensures privacy and security on the shared portion of the cable network.

Cable Modem Operation From a user’s standpoint, a cable modem is straightfor- ward: Plug the cable from the wall outlet into the cable modem, and then plug a network cable from the cable modem to a PC or router (Figure 3-24).

One reason for the success of cable Internet access is that most people already have cable TV in their homes, so no additional cabling is required, and people are comfortable with cable TV technology. The cable modem, like your TV, has a tuner that “tunes in” the frequencies for upstream and downstream channels for Internet access. From there, these signals are converted (modulated) into the Ethernet signals your computer or router requires. When you send data, the signals are modulated into a form required by the cable medium. A cable modem even has a MAC address, which serves two purposes. The cable company uses it to determine whether your device is allowed on the network, and much like a NIC, a cable modem compares the destination address of incoming data to determine whether the modem should process arriving data.

For a wealth of information on cable modem technologies, see www.cablelabs.com/cablemodem/.

Network cable from cable modem to NIC

Cable modem

CATV cable from cable provider

Internet

Figure 3-24 A typical cable modem connection Courtesy of Course Technology/Cengage Learning

Network Technologies 147

Digital Subscriber Line Digital Subscriber Line (DSL) warrants special mention in this section, as it competes with cable modem technologies for Internet access. This broad- band technology uses existing phone lines to carry voice and data simultaneously. Many variations of DSL are available; the most prominent for home Internet access is Asymmetric DSL (ADSL), named because the download and upload speeds differ substantially, so the data rates aren’t symmetrical. ADSL splits the phone line into two frequency ranges: Frequencies below 4 KHz are used for voice transmission, and frequencies above 4 KHz are used to transmit data. Typical connection speeds for downloading data range from 256 Kbps to 8 Mbps; upload speeds are typically much slower, in the range of 16 Kbps to 640 Kbps.

To deliver digital services, DSL uses the same twisted-pair phone lines that deliver voice ser- vices. Unlike cable modem connections, DSL media aren’t shared in the connection between the user and ISP, so they offer subscribers guaranteed bandwidth. Because bandwidth is guaranteed, however, upstream and downstream data rates are metered. Users must pay more for higher bandwidth connections. Nevertheless, DSL is a great SOHO technology, par- ticularly in areas where cable modem is unavailable. Most DSL connections top out at around 1.5 Mbps bandwidth, but it’s possible to achieve rates of about 6 Mbps downstream.

DSL’s main disadvantage is its distance limitation (measured as the wire runs) between the user’s location and the nearest central office (CO), where a copper-to-fiber interface device links to the telecommunication carrier’s digital backbone. Depending on which vendor’s equipment is used, this distance limitation varies between 17,500 feet (3.31 miles or 5.33 kilometers) and 23,000 feet (4.36 miles or 7.01 kilometers). Therefore, it’s important to measure a connection point’s distance from the local CO to determine whether DSL is a via- ble network option.

Another DSL variation is Symmetric DSL (SDSL), and its upload and download speeds are the same, so if the download speed is 4 Mbps, the upload speed is also 4 Mbps. SDSL is often chosen for businesses operating a Web site because the amount of traffic uploaded and downloaded is likely to be similar.

DSL and cable modems share one important advantage over asynchronous modems— they’re always on. Both technologies maintain constant connections to a remote server on the other side of the connection, so there’s little or no delay to establish a connection, as with a conventional modem. Given the higher bandwidth, faster access, and lower cost of digital connections, it’s no wonder that droves of users are switching from dial-up modems to digital alternatives for SOHO connections.

For more information on DSL, see www.dslreports.com.

Satellite Technologies If neither DSL nor cable modem are available and dial-up speeds are too frustrating, satellite Internet is another option. Speeds are comparable with where cable modem was several years ago and many DSL providers still are: download speeds of 1.5 Mbps and uploads speeds of about 256 Kbps. For quite a bit more money,

148 Chapter 3

satellite download speeds can be increased to up to 5 Mbps with 300 Kbps upload speeds. Unfortunately, most satellite offerings have limitations on the daily amount of data that can downloaded, making these options somewhat of a last resort for high-speed Internet.

Early implementations of satellite Internet required a regular dial-up modem for the upstream connection, but that’s no longer the case. Two well-known satellite Internet providers are HughesNet and WildBlue. WildBlue focuses on residential customers only; HughesNet provides service for residential customers and offers some higher bandwidth options for businesses.

WiMAX: Wireless Internet Access Worldwide Interoperability for Microwave Access (WiMAX) comes in two flavors: 802.16-2004 (previously named 802.16d), or fixed WiMAX, and 802.16e, or mobile WiMAX. These standards provide wireless broadband to outlying and rural areas, where last-mile wired connections (connections between a service provider and homes or businesses) are too expensive or impractical because of rough ter- rain, and to mobile users so that they can maintain a high-speed connection while on the road. Fixed WiMAX delivers up to 70 Mbps of bandwidth at distances up to 30 miles, and mobile WiMAX has a coverage area of 3 to 10 miles. Developing standards promise up to 100 Mbps for mobile WiMAX and up to 1 Gbps for fixed WiMAX.

Besides providing wireless network service to outlying areas, fixed WiMAX is being used to deliver wireless Internet access to entire metropolitan areas rather than the limited-area hotspots available with 802.11. It can blanket an area up to a mile in radius, compared with just a few hundred feet for 802.11. Los Angeles has implemented WiMAX in an area of downtown that encompasses a 10-mile radius.

Mobile WiMAX brings broadband Internet roaming to the public. Although fixed WiMAX can create a wider hot spot than 802.11 wireless networks, network users are still confined to the coverage area. After a user leaves the coverage area of a transmitting station, his or her connection is dropped. Mobile WiMAX enables users to roam from area to area with- out losing the connection, which offers mobility much like cell phone users have. It’s consid- ered a fourth-generation (4G) wireless technology, and companies such as Clearwire (in its CLEAR product) are using it to provide Internet access to people who want to stay con- nected while on the move. CLEAR offers typical bandwidth between 3 and 6 Mbps. Several computer manufacturers, such as Dell, Toshiba, and others, offer WiMAX-enabled laptops, or you can buy a USB WiMAX modem to connect a laptop or desktop computer to a WiMAX network. In addition, Clearwire offers CLEAR Spot devices, which create mobile hotspots to connect up to eight Wi-Fi–enabled computers to a CLEAR network.

To read more about this evolving technology, go to www.wimax.com.

Network Technologies 149

Chapter Summary ■ Networks can be described by a physical and logical topology. The physical topology

describes the arrangement of cabling that connects one device to another. The logical topology describes the path data travels between devices. The logical and physical topology can be, and often are, different.

■ The main physical topologies are the bus, star, ring, and point-to-point. A physical bus topology is simple but is no longer in common use because of a number of weak- nesses. A star topology, along with the extended star, is the most common for imple- menting LANs. A physical ring topology isn’t in widespread use now but was used mainly in network backbones. Point-to-point topologies are used primarily in WANs and with wireless bridges. Several point-to-point connections can create a mesh topology for the purpose of redundancy.

■ The main logical topologies are bus, ring, and switched. A logical bus can be imple- mented as a physical star or a physical bus and is used with hub-based Ethernet and Wi-Fi networks. A logical ring can be implemented as a physical ring or a physical star and is most commonly seen in token ring and FDDI networks. The switched topology uses a physical star and is used with Ethernet networks using a switch in the center of a star physical topology.

■ A network technology defines the structure of frames and how a network interface accesses the medium to send frames. It often defines the media types that must be used to operate correctly.

■ The most common network technology for LANs is Ethernet. It’s described in IEEE 802.3 and has many subcategories, including 10BaseT, 100BaseT, and 1000BaseT, that use twisted-pair copper cabling. Ethernet uses the CSMA/CD access method, which is turned off when a full-duplex connection is established. Other Ethernet standards include fiber-optic implementations, such as 100BaseFX and 1000BaseLX, among others.

■ Wi-Fi is a wireless technology based on Ethernet, but it uses the CSMA/CA media access method. The most common Wi-Fi standards are 802.11b, 802.11g, 802.11a, and 802.11n with speeds of 11 Mbps, 54 Mbps, 54 Mbps, and up to 600 Mbps, respectively.

■ Token ring and FDDI are obsolete technologies that used a token-passing access method. Token ring operated at speeds of 4 Mbps and 16 Mbps and ran over twisted- pair cabling, whereas FDDI ran over fiber-optic cabling at 100 Mbps.

■ Internet access technologies include cable modem, DSL, satellite, and WiMAX. Cable modem is among the most common of these technologies, as it’s usually available wherever there’s cable TV access. DSL is widely available, but you must live within a few miles of your phone provider. Satellite is becoming somewhat more common, replacing dial-up in areas that don’t have other high-speed options. WiMAX is fairly new and provides wireless Internet access to outlying areas and can give mobile users in a metropolitan area fast Internet access.

150 Chapter 3

Key Terms 1000BaseT Ethernet A technology defined by the IEEE 802.3ab standard, supports 1000 Mbps Ethernet (usually called Gigabit Ethernet) over Category 5 or higher UTP cable, using baseband signaling. 100BaseFX 100 Mbps Ethernet using baseband signaling over two strands of fiber-optic cabling. 100BaseTX A technology defined by IEEE 802.3u, it’s the most commonly used Ethernet variety today. It runs over Category 5 or higher UTP cable and uses two of the four wire pairs: one to transmit data and the other to receive data. It runs at 100 Mbps, using baseband signaling. 10BaseT A technology defined by IEEE 802.3i, it’s Ethernet running at 10 Mbps, using baseband signaling over Category 3 or higher twisted-pair cabling. Although still seen in older networks, newer networks use 100BaseT or faster technology. 10GBaseT A technology defined by IEEE 802.3an, it’s 10 Gigabit Ethernet running over four pairs of Category 6A UTP cabling, using baseband signaling. Unlike the other BaseT Ethernet standards, 10GBaseT operates only in full-duplex mode. ad hoc mode Sometimes called peer-to-peer mode, it’s a wireless mode of operation typically used only in small or temporary installations. There’s no central device, and data travels from one device to another to reach the destination device. Asymmetric DSL (ADSL) A DSL variation in which the download and upload speeds differ substantially, so the data rates aren’t symmetrical. Typical connection speeds for downloading data range from 256 Kbps to 8 Mbps; upload speeds are typically much slower, in the range of 16 Kbps to 640 Kbps. See also Digital Subscriber Line (DSL). baseband A type of signaling used in networks, in which each bit of data is represented by a pulse of electricity (on copper media) or light (on fiber-optic media). These signals are sent at a single fixed frequency, using the medium’s entire bandwidth. LAN technologies use baseband signaling. broadband A type of signaling that uses analog techniques to encode binary 1s and 0s across a continuous range of values. Broadband signals move across the medium in the form of continuous electromagnetic or optical waves rather than discrete pulses. Signals flow at a particular frequency, and each frequency represents a channel of data, allowing multiple streams of data on a single wire. TV and cable Internet use broadband signaling. Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) An access control method used by Wi-Fi networks, in which an acknowledgement is required for every packet sent, thereby avoiding most possibilities of a collision (collision avoidance). Carrier Sense Multiple Access with Collision Detection (CSMA/CD) A media access method in which a device must first listen (carrier sense) to the medium to be sure no other device is transmitting. If two devices transmit at the same time (multiple access), a collision occurs and is detected (collision detection). In this case, all devices involved in the collision wait for a random period of time before transmitting again. collision domain The extent to which signals in an Ethernet bus topology network are propagated. All devices connected to a logical bus topology network are in the same collision domain. Switch and router ports delimit collision domains.

Key Terms 151

collision The result of two or more devices on the same medium transmitting simultaneously when CSMA/CD is the media access method in use. See also Carrier Sense Multiple Access with Collision Detection (CSMA/CD). Cyclic Redundancy Check (CRC) The error-checking code in an Ethernet frame’s trailer; it’s the result of a mathematical algorithm computed on the frame data. When the destination device receives the frame, the calculation is repeated. If the results of this calculation don’t match the CRC in the frame, it indicates the data was altered in some way. Data Over Cable Service Interface Specification (DOCSIS) The official standard governing cable modem operation. Digital Subscriber Line (DSL) A broadband technology that uses existing phone lines to carry voice and data simultaneously. extended star topology An extension of the physical star topology, in which a central switch or hub is the central connecting point for other switches or hubs .that have computers and other network devices attached, forming a star of stars. See also physical star topology. Fiber Distributed Data Interface (FDDI) A technology that uses the token-passing media access method and dual rings for redundancy. The rings in an FDDI network are usually a physical ring of fiber-optic cable. FDDI transmits at 100 Mbps and can include up to 500 nodes over a distance of 100 kilometers. frame types The frame formats that describe the content and length of a frame header. Gigabit Ethernet See 1000BaseT Ethernet. infrastructure mode An operational mode for Wi-Fi networks, in which wireless stations connect through a wireless access point before they can begin communicating with other devices. logical topology The path data travels between computers on a network. The most common logical topologies are switched, bus, and ring. media access control See media access method. media access method A set of rules governing how and when the network medium can be accessed for transmission. The rules ensure that data is transmitted and received in an orderly fashion, and all stations have an opportunity to communicate. Also called media access control. mesh topology A topology in which each device in the network is connected to every other device, providing multiple pathways in the event of a device or cable failure. network backbone The cabling used to communicate between LANs or between hubs or switches. The backbone cabling often runs at a faster speed than the cabling used to connect computers because the backbone must carry data from many computers to other parts of the network. physical bus topology A network topology in which a continuous length of cable connects one computer to another in daisy-chain fashion. There’s no central interconnecting device. physical ring topology A cabling arrangement in which each devices is connected to another device in daisy-chain fashion, and the last device connects back to the first device forming a ring. Used by token ring and FDDI, the physical ring is rarely used now. physical star topology A network topology that uses a central device, such as a hub or switch, to interconnect computers in a LAN. Each computer has a single length of cable going from its NIC to the central device. It’s the most common physical topology in LANs.

152 Chapter 3

physical topology The arrangement of cabling and how cables connect one device to another in a network. The most common physical topology is a star, but bus, ring, point- to-point, and mesh topologies are also used. point-to-point topology A topology in which cabling creates a direct link between two devices; used most often in WANs or in wireless networks to create a wireless bridge. reflection See signal bounce. signal bounce The result of electricity bouncing off the end of a cable and back in the other direction. It causes corruption of data as the bouncing signal collides with signals behind it. A terminator at each cable end is needed to prevent signal bounce. Also called reflection. signal propagation Signals traveling across a medium and through any connectors and connecting devices until the signal weakens enough to be undetectable or is absorbed by a termination device. Symmetric DSL (SDSL) A DSL variation in which the download and upload speeds are equivalent, or symmetrical. See also Digital Subscriber Line (DSL). terminator An electrical component called a resistor, placed at the ends of a physical bus network to absorbs the signal instead of allowing it to bounce back up the wire. token ring A technology based on the IEEE 802.5 standard; its cabling is in a physical star topology, but it functions as a logical ring. It uses the token-passing media access method, and only the computer holding the token can send data. wireless bridge An operational mode of wireless networking usually used to connect two wired LANs that are separated from each other in such a way that using physical media is impractical. Can also be used to extend the reach of a wireless network. Wireless Fidelity (Wi-Fi) The name given to the 802.11 series of IEEE standards that define four common varieties of wireless LANs: 802.11a, 802.11b, 802.11g, and 802.11n. Worldwide Interoperability for Microwave Access (WiMAX) A wireless broadband technology defined in 802.16-2004 for fixed WiMAX and 802.16e for mobile WiMAX. WiMAX is considered a fourth-generation (4G) technology for bringing wireless Internet access to remote areas, large areas up to a mile radius, and mobile users.

Review Questions 1. Which of the following describes the arrangement of network cabling between devices?

a. Logical topology

b. Networking technology

c. Physical topology

d. Media access method

2. Which of the following is an advantage of a star topology? (Choose all that apply.)

a. Allows faster technologies than a bus does

b. Requires less cabling than a bus

c. Centralized monitoring of network traffic

d. No single point of failure

Review Questions 153

3. Which of the following is an example of a technology using a physical ring topology?

a. Token ring

b. FDDI

c. ADSL

d. IEEE 802.5

4. Which technology is likely to be implemented as a point-to-point physical topology?

a. Wi-Fi infrastructure mode

b. FDDI

c. Ethernet

d. Wireless bridge

5. Which of the following describes a hub-based Ethernet network?

a. Physical bus

b. Logical bus

c. Physical switching

d. Logical star

6. Which of the following is a characteristic of a logical ring topology? (Choose all that apply.)

a. It’s used by Ethernet.

b. One technology uses an MAU.

c. It’s used by FDDI.

d. Some technologies use a token.

e. It’s the most popular logical topology.

7. Which best describes a typical wireless LAN?

a. Logical ring topology

b. Logical switching topology

c. Logical bus topology

d. Logical star topology

8. Which of the following is a characteristic of a switched logical topology? (Choose all that apply.)

a. Uses a physical bus topology

b. Creates dynamic connections

c. Sometimes called a shared-media topology

d. Uses a physical star topology

9. Which of the following is a characteristic of unshielded twisted-pair cabling? (Choose all that apply.)

a. Consists of four wires

b. Commonly used in physical bus topologies

154 Chapter 3

c. Has a distance limitation of 100 meters

d. Susceptible to electrical interference

10. Which of the following is a characteristic of fiber-optic cabling? (Choose all that apply.)

a. Can be used in electrically noisy environments

b. Requires only a single strand of fiber for network connections

c. Carries data over longer distances than UTP does

d. Lower bandwidth capability

11. Which topology most likely uses coaxial cabling?

a. Physical star

b. Logical ring

c. Physical bus

d. Logical switching

12. Which of the following is true of a MAC address?

a. All binary 1s in the source address indicates a broadcast frame.

b. It’s sometimes called a logical address.

c. A destination address of 12 hexadecimal Fs is a broadcast.

d. It’s composed of 12 bits.

13. Which of the following is the most commonly used Ethernet frame type?

a. Ethernet II

b. Ethernet SNAP

c. Ethernet 802.3

d. Ethernet 802.2

14. Which of the following is a field of the most common Ethernet frame type? (Choose all that apply.)

a. ARP trailer

b. FCS

c. Destination MAC Address

d. Data

e. MAC type

15. Which access method uses a “listen before sending” strategy?

a. Token passing

b. CSMA/CD

c. Token bus

d. Polling

16. Which of the following is true about full-duplex Ethernet? (Choose all that apply.)

Review Questions 155

a. Stations can transmit and receive but not at the same time.

b. Collision detection is turned off.

c. It’s possible only with switches.

d. It allows a physical bus to operate much faster.

17. Which of the following is defined by the extent to which signals in an Ethernet bus topology network are propagated?

a. Physical domain

b. Collision domain

c. Broadcast domain

d. Logical domain

18. Which of the following is considered a property of Ethernet? (Choose all that apply.)

a. Scalable

b. Best-effort delivery system

c. Guaranteed delivery system

d. Obsolete technology

19. Which of the following is true of IEEE 802.3an?

a. Requires two pairs of wires

b. Uses Category 5 or higher cabling

c. Currently best for desktop computers

d. Operates only in full-duplex mode

20. Which of the following is a feature of 100BaseFX? (Choose all that apply.)

a. Often used as backbone cabling

b. Best when only short cable runs are needed

c. The fastest of the Ethernet standards

d. Uses two strands of fiber

21. Which Wi-Fi standard can provide the highest bandwidth?

a. 802.11a

b. 802.11b

c. 802.11n

d. 802.11g

22. Which of the following is true about infrastructure mode in wireless networks? (Choose all that apply.)

a. Best used for temporary networks

b. Uses a central device

c. Resembles a physical bus and logical ring

d. Most like a logical bus and physical star

156 Chapter 3

23. How many channels can be used on an 802.11b network in North America?

a. 7

b. 9

c. 11

d. 13

24. Which media access method does Wi-Fi use?

a. CSMA/CD

b. Token bus

c. Demand priority

d. CSMA/CA

25. Which of the following is true about the token ring technology? (Choose all that apply.)

a. It uses a physical ring topology.

b. All computers have equal access to the media.

c. It uses RTS/CTS signaling before transmission can occur.

d. Only the computer with the token can transmit data.

Challenge Labs

Challenge Lab 3-1: Building an Extended Star Topology Network

Time Required: 30 minutes

Objective: Use hubs and switches to build an extended star topology network.

Required Tools/Equipment: Determine which type of devices and how many you need to build the network.

Description: In this lab, you build an extended star network, in which the com- puters are connected in a physical star and a logical bus topology, and the com- puters form the outer arms of the extended star. The center of the extended star should be a device that creates one collision domain per port. Build the network with as much equipment as you have available, distributing computers evenly around the outer edges of the extended star. Draw the final topology and label the devices. If you lack equipment, you can simply draw the topology without building the physical network. Then answer the following questions:

● What type of device are the computers attached to?

Challenge Labs 157

● What type of device is at the center of the extended star?

● How many collision domains are in this network?

Challenge Lab 3-2: Adding Wireless Access to the Extended Star Network

Time Required: 30 minutes

Objective: Add wireless networking to the extended star network you built in Challenge Lab 3-1.

Required Tools/Equipment: An access point or wireless router and some wire- less NICs

Description: Add wireless networking to the extended star network you built in Challenge Lab 3-1. Expand the drawing you created to include the AP or wireless router. If you don’t have the necessary equipment, just expand the drawing. Answer the following questions:

● Which device in your extended star did you connect the AP to and why?

● Which wireless mode are you using: ad hoc or infrastructure?

● What logical and physical topology does addingwireless bring to this network?

Challenge Lab 3-3: Installing inSSIDer

Time Required: 20 minutes

Objective: Install a wireless scanning tool and scan your network.

Required Tools/Equipment: A computer with a wireless NIC and access to the Internet or an already downloaded copy of inSSIDer

Description: In this lab, you download inSSIDer from http://metageek.net and install it on a computer with a wireless NIC. Your instructor might need to install it for you if you don’t have the necessary permissions. After it’s installed, start a scan of your network to look for access points. Answer the following questions:

● Approximately how many wireless networks did inSSIDer find?

158 Chapter 3

● Which wireless channels are the most heavily used?

● If you were to set up a new wireless LAN based on what inSSIDer found, what channel would you use for the network?

Case Projects

Case Project 3-1 Old-Tech Corporation has 10 computers in its main office area, which is net- worked in a star topology using 10 Mbps Ethernet hubs, and wants to add five computers in the manufacturing area. One problem with the existing network is data throughput. Large files are transferred across the network regu- larly, and the transfers take quite a while. In addition, when two or more com- puters are transferring large files, the network becomes unbearably slow for users. Adding the manufacturing computers will only make this problem worse and result in another problem. Because the ceiling is more than 30 feet high, there’s no easy way to run cables to computers, and providing a secure pathway for cables is next to impossible. Devise a solution to this company’s networking problems. As part of your solution, answer the following questions:

● What changes in equipment are required to bring this company’s net- work up to date to solve the shared-bandwidth problem?

● What topology and which type of device can be used in the manufacturing area to solve the cabling difficulties?

Case Project 3-2 EBiz.com has 250 networked computers and five servers and uses a star topol- ogy wired network to reach employees’ offices, with a bus interconnecting three floors in its office building. Because of a staggering influx of Internet business, the network administrator’s task is to boost network performance and availability as much as possible. The company also wants a network design that’s easy to reconfigure and change because workgroups form and disband frequently, and their membership changes regularly. All computers must share sensitive data and control access to customer files and databases. Aside from the customer information and billing databases, which run on all servers, employees’ desktop computers must run standard word-processing and spreadsheet programs.

Case Projects 159

Use the following write-on lines to evaluate the requirements for this net- work. After you finish, determine the best network topology or topology combination for the company. On a blank piece of paper, sketch the net- work design you think best suits EBiz.com’s needs. Remember: High per- formance and easy reconfiguration are your primary design goals!

● What type of topology should be used in this network?

● Will the network be peer to peer or server based?

● How many computers will be attached to the network?

● What kind of networking device is easiest to reconfigure? What kind offers the best access to the network medium’s bandwidth between pairs of devices?

Case Project 3-3 ENorm, Inc. has two sites in Pittsburgh that are four miles apart. Each site consists of a large factory with office space for 25 users at the front of the factory and up to 20 workstations in two work cells on each factory floor. All office users need access to an inventory database that runs on a server at the Allegheny Street location; they also need access to a billing application with data residing on a server at the Monongahela site. All factory floor users also need access to the inventory database at the Allegheny Street location.

Office space is permanently configured, but the manufacturing space must be reconfigured before each new manufacturing run begins. Wiring closets are available in the office space. Nothing but a concrete floor and overhead girders stay the same in the work cell areas. The computers must share sen- sitive data and control access to files. Aside from the two databases, which run on the two servers, office computers must run standard word-processing and spreadsheet programs. Work cell machines are used strictly for updat- ing inventory and quality control information for the Allegheny Street inventory database. Workstations in the manufacturing cells are switched on only when they’re in use, which might occur during different phases of a manufacturing run. Seldom is a machine in use constantly on the factory floor.

160 Chapter 3

Use the following write-on lines to evaluate the requirements for this network. After you finish, determine the best network topology or topology combina- tion for the company. On a blank piece of paper, sketch the network design you think best suits ENorm, Inc.’s needs.

● Will the network be peer to peer or server based?

● How many computers will be attached to the network?

● What topology works best for the offices, given the availability of wir- ing closets? What topology works best for the factory floor, given its need for constant reconfiguration?

Case Projects 161

Intro To Data Mining

December 4, 2022/in Uncategorized /by SK

Chapter 3, exercises in 3.11

5. Consider the following data set for a binary class problem.

A B Class Label

T F +

T T +

T F −

T T +

F F −

T T −

T F −

a. Calculate the information gain when splitting on A and B. Which

attribute would the decision tree induction algorithm choose?

b. Calculate the gain in the Gini index when splitting on A and B.

Which attribute would the decision tree induction algorithm

choose?

c. Figure 3.11 shows that entropy and the Gini index are both

monotonically increasing on the range [0, 0.5] and they are both

monotonically decreasing on the range [0.5, 1]. Is it possible that

information gain and the gain in the Gini index favor different

attributes? Explain.

7. Consider the following set of training examples.

X Y Z No. of Class C1 Examples No. of Class C2 Examples

0 0 0 5 40

0 0 1 0 15

0 1 0 10 5

0 1 1 45 0

1 0 0 10 5

1 0 1 25 0

1 1 0 5 20

1 1 1 0 15

a. Compute a two-level decision tree using the greedy approach

described in this chapter. Use the classification error rate as the

criterion for splitting. What is the overall error rate of the induced

tree?

b. Repeat part (a) using X as the first splitting attribute and then

choose the best remaining attribute for splitting at each of the two

successor nodes. What is the error rate of the induced tree?

c. Compare the results of parts (a) and (b). Comment on the suitability

of the greedy heuristic used for splitting attribute selection.

8. The following table summarizes a data set with three attributes A, B,

C and two class labels +, −. Build a two-level decision tree.

A B C

Number of Instances

+ −

T T T 5 0

F T T 0 20

T F T 20 0

F F T 0 5

T T F 0 0

F T F 25 0

T F F 0 0

F F F 0 25

a. According to the classification error rate, which attribute would be

chosen as the first splitting attribute? For each attribute, show the

contingency table and the gains in classification error rate.

b. Repeat for the two children of the root node.

c. How many instances are misclassified by the resulting decision

tree?

d. Repeat parts (a), (b), and (c) using C as the splitting attribute.

e. Use the results in parts (c) and (d) to conclude about the greedy

nature of the decision tree induction algorithm.

Investigation Report

December 4, 2022/in Uncategorized /by SK

IFSM 461: Systems Analysis and Design

Precision Electronic Parts, Inc.

Case Study

Introduction

This case study will be used for a series of staged assignments. It should be thoroughly read and understood prior to working on any of the assignments.

Setting

Precision Electronic Parts (PEP), Inc., is a small private business that has retained you to assist in the development of a new billing and payment system and associated processes.

Background

PEP is a small, private specialized electronics company in Kansas. For the past 20 years, it has manufactured a wide range of precision electronic components and replacement parts for medical equipment used in hospitals, doctor’s offices, and pharmacies. Last year, the company began building and delivering custom low voltage motors that reduced electricity costs and made older medical equipment more environmentally friendly. More recently, PEP has added a new line of more efficient low voltage motors that can be used in precision equipment outside the healthcare industry.

As a result, PEP is experiencing significant increases in orders for the motors. The manufacturing facility has been expanded, and the sales and marketing teams have been enlarged. All of this is straining the Ordering & Shipping Department and the Inventory Management Department, which have received no increase in personnel. They are meeting the challenge, but the Executive Leadership Team (the CEO, COO, CFO, and CIO) know that they are only treading water. The Finance Department, however, is getting further and further behind in their invoice, billing and payment processes. The Business Administration Department has stepped up to the task, but is at the breaking point.

IT Steering Committee

The IT Steering Committee (ITSC) at PEP is comprised of the Executive Leadership Team, the Senior Vice President and Vice President.

• Carolyn West is the Chief Executive Officer (CEO). She has been at the company for 11 years. Carolyn has a background working for and managing electronics companies. Like most CEOs, Carolyn is focused on the strategic and long-term business health of PEP. She chairs the IT Steering Committee. Carolyn and the committee members jointly make decisions about IT systems and major organizational business process changes.

• Tim Uduak, Jr. is the Chief Operating Officer (COO) and the son of founding partner Tim Uduak, Sr. Tim has been around the company since its inception in one capacity or another, except for four years of college and a 3-year break to startup his own company. When his startup failed, Tim came back to PEP as the SVP, Engineering & Manufacturing Operations. Last year, he was promoted to COO. While Tim has a strategic focus and is not technology averse, he prefers to solve business challenges with processes rather than information technology.

• Karl Manley is the Chief Financial Officer (CFO). He has been with the company for 9 years. Karl has a background in accounting and finance, and is a certified public accountant (CPA). He tends to focus on the company’s financial health to the exclusion of all other business concerns. While Karl is technology fluent, he resists new IT purchases unless there is a clear and direct connection made between the technology investment and improving the company’s financial profile. The Director, Accounts Receivable (Mary Winston) and the Director, Accounts Payable (Amy Dole) report to the CFO, and together are responsible for the financial operations of the business.

• Mark Temple is the Chief Information Officer (CIO) and head of the IT Department. He provides all IT services to PEP. Prior to being hired as the CIO, Mark was an IT manager at a large multi-national corporation responsible for providing IT services to their offices from the headquarters in Lincoln, Nebraska. While in that position, Mark participated in very structured IT processes, and developed an appreciation for working with the operational and management divisions to ensure success of IT projects. When he arrived at PEP, he advised the CEO, COO and CFO that an IT Steering Committee could help ensure they pursued the most beneficial IT projects. He is your primary point of contact for dealing with PEP in analyzing their processes and systems.

• Susan Black is the Senior Vice President (SVP), Engineering & Manufacturing Operations and is Tim’s replacement. Susan has worked for the company for 13 years. She started as a Senior Engineer, and after six years was promoted to Director, Engineering, where she spearheaded the successful research and development of the low voltage motors. Susan is a champion of information technology as long as it is clearly focused on the core business.

• Jason Udo is the Vice President (VP), Business Administration. He oversees all departments, except Engineering & Manufacturing, Finance, and IT. His responsibilities include key support functions such as Sales, Marketing, Ordering & Shipping, Inventory, and Human Resources.

The ITSC has adopted the IT governance processes recommended by the CIO. They review proposals for IT investments and determine where to invest their limited funds. Each of the members has particular areas of interest, but all of them are focused on reducing the overall cost of running the business, increasing sales, and managing the cost of IT for the company. The ITSC has established a series of checkpoints at which they make go/no-go decisions on IT projects. At these decision points the following documents are reviewed by the ITSC:

· Preliminary Investigation Report – describes the problem/opportunity, identifies benefits of a new system, and reports on various aspects of feasibility of the proposed project.

· Requirements Specification – documents the requirements to be fulfilled by the proposed system.

· Systems Design Specification – translates the requirements into a logical design for the proposed system.

· Final System Report – compiles previous documents and lays out the way ahead if the project is approved and funded.

As each report is approved, work on the following step begins. This controls the amount of time and effort put into a request for a system. For example, if the Preliminary Investigation Report is not accepted by the ITSC, no further work is performed on the system proposal.

Your Task

You are an independent Business and IT Systems Analyst, specializing in developing IT solutions for small business needs. You have been contracted by the CIO to prepare the documentation required for the ITSC as they consider replacing the information systems associated with operations, business administration, and finance. Due to the backlog in the billing and payment processes, the ITSC wants to start by replacing the current customer billing and payment system and processes. However, the ITSC requires assurance that a new billing and payment system and processes can be interfaced with other new IT systems and updated business processes as needed. While there is currently no money in the budget allocated to replacing or upgrading these systems, the executives are committed to moving the company forward and improving PEP’s ability to manage its growing business efficiently and effectively.

Your Activities

After interviewing each member of the ITSC, you have collected the following information regarding the invoice, billing and payment processes and needs:

• Customer billing is handled by the Invoicing Department, which reports to the VP, Business

Administration.

• Customer payments are handled by the Accounts Receivable Department, which reports to the

CFO.

• Customer billing and payments are managed and recorded in an in-house developed Microsoft

Access based solution. The solution was developed by the IT Department and is housed on a server controlled and managed by the IT Department. The solution is updated on request from the Invoicing and Accounts Receivable Departments.

• The Sales Department works with Invoicing to establish new customer accounts and update and close existing accounts as needed.

• The Ordering & Shipping Department sends a monthly report to Invoicing where the products ordered and shipped and their codes are entered into the invoicing module. Pricing is computed based on the product codes and quantities entered.

• Invoicing is responsible for adding, updating, and maintaining the product codes and pricing used by the invoicing database on the 15th of each calendar month. The monthly report containing the updates is provided by the Marketing Department.

• Invoicing generates and mails customer bills on the last business day of each calendar month.

• Customer payments (lump sum) are due by the 10th of each calendar. Customers send the payments to Accounts Receivable. Accounts Receivable is responsible for updating customer account records when the payments are received.

• Invoicing is responsible for identifying accounts that are 30 days, 60 days or more overdue. These reports are sent to Accounts Receivable and Sales. Accounts Receivable handles all collections.

• There is a 2% fee added to all invoices that are 30 days or more overdue.

• Accounts Receivable notifies the Sales Department to assist with customers who are 60 days or more delinquent. Ordering & Shipping is also notified so that no further shipments are made until the outstanding invoice is paid in full. These situations are rare.

• Installation services are offered as a fixed price fee for small businesses (doctor’s offices, individually owned pharmacies, etc.). Larger installations (hospitals, chain pharmacies, pharmaceutical manufacturers, etc.) are billed on a pre-defined hourly rate.

• Volume discounts are not currently offered, but Marketing is planning to offer this discount within the next six (6) months because the low voltage motors are increasingly being ordered in quantities of five (5) or more. The following volume discounts will be offered:

o 5 or more: 2%

o 10 or more: 5%

o 25 or more: 10%

• Electronic invoicing via email is not currently offered, but Marketing and Invoicing plan to offer this feature within the next six (6) months.

• Electronic payment to a lockbox account is not currently offered, but Marketing and Accounts Receiving plan to offer this feature within the next six (6) months.

• The customer account data elements currently include:

o Customer Organization Name

o Customer Street Address

o Customer City

o Customer State

o Customer Zip Code + 4

o Primary Contact First Name

o Primary Contact Last Name

o Primary Contact Phone Number

o Primary Contact Email Address

o Secondary Contact First Name

o Secondary Contact Last Name

o Secondary Contact Phone Number

o Secondary Contact Email Address

o Products Ordered

o Product Ordered Date

o Products Shipped

o Product Ship Date

o Quantity

o Product Pricing

o Calculated Price (Calculated Field)

o Amount Due (Calculated Field)

o Amount Paid

o Date Paid

o Amount 30 Days Overdue (Calculated Field)

o Amount 60 Days Overdue (Calculated Field)

o Amount Greater Than 60 Days Overdue (Calculated Field)

o 2% Overdue Amount (Calculated Field)

• The customer account data elements required for near-term plans include:

o Quantity Discount (Calculated Field)

o Electronic Invoicing (Check Box)

o Electronic Payment (Check Box)

• Paper invoices currently contain the following data elements:

o Unique Serialized Invoice Number (System Generated?)

o Customer Organization Name

o Customer Street Address

o Customer City

o Customer State

o Customer Zip Code + 4

o Products Ordered

o Product Ordered Date

o Products Shipped

o Product Ship Date

o Quantity

o Product Pricing

o Calculated Price (Calculated Field)

o Amount Due (Calculated Field)

o Amount 30 Days Overdue (Calculated Field)

o Amount 60 Days Overdue (Calculated Field)

o Amount Greater Than 60 Days Overdue (Calculated Field)

o 2% Overdue Amount (Calculated Field)

• Paper invoice data points required for near-term plans include:

o Volume Discount (Calculated Field)

o Electronic Invoicing (Yes or No)

o Electronic Payment (Yes or No)

• When electronic invoices are offered, the same current and near-term data elements as shown above will be included.

You have also documented the following additional considerations:

• All customer, invoicing, and payment data must be secured, but accessible to those departments and personnel who have a need to know.

• PEP requires the ability to generate a receipt automatically at the time payments are recorded. The receipt will be sent electronically to the organization’s primary contact email address. The receipt must contain:

o Unique Serialized Invoice Number

o Customer Organization Name

o Customer Street Address

o Customer City

o Customer State

o Customer Zip Code + 4

o Amount Paid

o Date Paid

o Amount Outstanding

• The following company entities need to be able to generate their own reports as needed:

o COO

o CFO

o Director, Accounts Receivable

o Accounts Receivable Managers & Staff

o Director, Accounts Payable

o SVP, Engineering & Manufacturing Operations

o VP, Business Administration

o Invoicing Managers & Staff

o Sales Managers & Staff

o Marketing Managers & Staff

o Ordering & Shipping Managers & Staff

Your Deliverables

Your first task is to develop the Preliminary Investigation Report (PIR), which will examine the problems/opportunities, identify benefits of a new system, and report on various aspects of feasibility of such a project. You will draw upon the background and other information provided above to develop the PIR. If that Report is accepted by the ITSC, you will analyze and organize the requirements you have collected into a Requirements Specification. After receiving approval of the Requirements Specification, you will develop the Systems Design Specification, which will translate the requirements into a logical design of the proposed system. With a further decision to proceed, you will then develop the Final System Report, which will combine your previously developed documents and lay out the way ahead if the project is approved and funded.

PEP Case Study 2

ERM Adoption And Implementation In The Higher Education

December 4, 2022/in Uncategorized /by SK

Chapter 6 presented the approach the LEGO Group used to implement ERM, and chapter 9 presented a discussion and case study on implementing ERM in a higher education environment. Please explain how ERM adoption and implementation in the higher education (HE) environment differs from the for-profit environment. Cite specific examples from this week’s readings.

Instructions:

1. Answer should be minimum of 250 words.

2. Cite specific examples from this week’s readings.

Additional Praise for Implementing Enterprise Risk Management

“Educators the world over seeking to make the management of risk an integral part of management degrees have had great difficulties in providing their students with a definitive ERM text for their course. The Standards and associated Handbooks helped, but until the arrival of Implementing Enterprise Risk Management: Case Stud- ies and Best Practices, there has been no text to enlighten students on the application of an effective program to manage risk across an enterprise so that objectives are maximized and threats minimized. Fraser, Simkins, and Narvaez have combined with a group of contributors that represent the cream of risk practitioners, to pro- vide the reader with a clear and concise journey through the management of risk within a wide range of organizations and industries. The knowledge, skills, and experience in the management of risk contained within the covers of this book are second to none. It will provide a much needed resource to students and practition- ers for many years to come and should become a well-used reference on the desk of every manager of risk.”

—Kevin W. Knight AM, chairman, ISO/TC 262—Risk Management

“The authors—Fraser, Simkins, and Narvaez—have done an invaluable service to advance the science of enterprise risk management by collecting an extensive num- ber of wonderful case studies that describe innovative risk management practices in a diverse set of companies around the world. This book should be an extremely valuable source of knowledge for anyone interested in the emerging and evolving field of risk management.”

—Robert S. Kaplan, senior fellow, Marvin Bower Professor of Leadership Development, emeritus, Harvard University

“Lessons learned from case studies and best practices represent an efficient way to gain practical insights on the implementation of ERM. Implementing Enterprise Risk Management provides such insights from a robust collection of ERM pro- grams across public companies and private organizations. I commend the editors and contributors for making a significant contribution to ERM by sharing their experiences.”

—James Lam, president, James Lam & Associates; director and Risk Oversight Committee chairman, E∗TRADE Financial Corporation;

author, Enterprise Risk Management—From Incentives to Controls

“For those who still think that enterprise risk management is just a fad, the varied examples of practical value-generating uses contained in this book should dispel any doubt that the discipline is here to stay! The broad collection of practices is insightful for students, academics, and executives, as well as seasoned risk man- agement professionals.”

—Carol Fox, ARM, director of Strategic and Enterprise Risk Practice, RIMS

“Managing risk across the enterprise is the new frontier of business management. Doing so effectively, in my view, will be the single most important differentiating factor for many enterprises in the twenty-first century. Implementing Enterprise Risk Management: Case Studies and Best Practices is an innovative and important addition to the literature and contains a wealth of insight in this critical area. This book’s integration of theory with hands-on, real-world lessons in managing enterprise risk provides an opportunity for its readers to gain insight and understanding that could otherwise be acquired only through many years of hard-earned experience.

I highly recommend this book for use by executives, line managers, risk managers, and business students alike.”

—Douglas F. Prawitt, professor of Accounting at Brigham Young University, and Committee of Sponsoring Organizations (COSO)

Executive Board member

“The real beauty of and value in this book is its case study focus and the wide variety of firms profiled and writers’ perspectives shared. This will provide readers with a wealth of details and views that will help them chart an ERM journey of their own that is more likely to fit the specific and typically customized ERM needs of the firms for whom they toil.”

—Chris Mandel, senior vice president, Strategic Solutions for Sedgwick; former president of the Risk Management Society

and the 2004 Risk Manager of the Year

“Implementing Enterprise Risk Management looks at many industries through excel- lent case studies, providing a real-world base for its recommendations and an important reminder that ERM is valuable in many industries. I highly recommend this text.”

—Russell Walker, Clinical associate professor, Kellogg School of Management; author of Winning with Risk Management

“The body of knowledge in Implementing Enterprise Risk Management continues to develop as business educators and leaders confront a complex and rapidly chang- ing environment. This book provides a valuable resource for academics and prac- titioners in this dynamic area.”

—Mark L. Frigo, director, Strategic Risk Management Lab, Kellstadt Graduate School of Business, DePaul University

“The management of enterprise risk is one of the most vexatious problems con- fronting boards and executives worldwide. This is why this latest book by Fraser, Simkins, and Narvaez is a much needed and highly refreshing approach to the sub- ject. The editors have managed to assemble an impressive list of contributors who, through a series of fascinating real-life case studies, adroitly help educate readers to better understand and deal with the myriad of risks that can assault, seriously maim, and/or kill an organization. This is a ‘how to’ book written with the ‘risk management problem solver’ in mind. It provides the link that has been missing for effectively teaching ERM at the university and executive education levels and it is an exceptional achievement by true risk management advocates.”

—Dr. Chris Bart, FCPA, founder and lead faculty, The Directors College of Canada

“The Institute of Risk Management welcomes the publication of this highly practi- cal text which should be of great interest to our students and members around the world. Implementing Enterprise Risk Management brings together a fine collection of detailed case studies from organizations of varying sizes and working in differ- ent sectors, all seeking to enhance their business performance by managing their risks more effectively, from the boardroom to the shop floor. This book makes a valuable contribution to the body of knowledge of what works that will benefit the development of the risk profession.”

—Carolyn Williams, technical director, Institute of Risk Management

IMPLEMENTING ENTERPRISE RISK MANAGEMENT

The Robert W. Kolb Series in Finance provides a comprehensive view of the field of finance in all of its variety and complexity. The series is projected to include approximately 65 volumes covering all major topics and specializations in finance, ranging from investments, to corporate finance, to financial institutions. Each vol- ume in the Kolb Series in Finance consists of new articles especially written for the volume.

Each volume is edited by a specialist in a particular area of finance, who develops the volume outline and commissions articles by the world’s experts in that partic- ular field of finance. Each volume includes an editor’s introduction and approx- imately thirty articles to fully describe the current state of financial research and practice in a particular area of finance.

The essays in each volume are intended for practicing finance professionals, grad- uate students, and advanced undergraduate students. The goal of each volume is to encapsulate the current state of knowledge in a particular area of finance so that the reader can quickly achieve a mastery of that special area of finance.

IMPLEMENTING ENTERPRISE RISK MANAGEMENT

Case Studies and Best Practices

Editors

John R.S. Fraser Betty J. Simkins Kristina Narvaez

The Robert W. Kolb Series in Finance

Published by John Wiley & Sons, Inc., Hoboken, New Jersey. Published simultaneously in Canada.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600, or on the Web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Cataloging-in-Publication Data:

ISBN 978-1-118-69196-0 (Hardcover) ISBN 978-1-118-74576-2 (ePDF) ISBN 978-1-118-74618-9 (ePub)

Printed in the United States of America. 10 9 8 7 6 5 4 3 2 1

http://www.copyright.com

http://www.wiley.com/go/permissions

http://booksupport.wiley.com

http://www.wiley.com

To Wendy, my wonderful wife and my inspiration, and to my parents who instilled in me a lifelong thirst for learning.

—John Fraser

To my husband (Russell) and our family: sons and daughters- in-law (Luke & Stephanie and Walt & Lauren), daughter and son-in-law (Susan & Jason), and our youngest daughter (April). Thank you for your love, support, and encouragement!

—Betty Simkins

I would like to thank my husband and four children for support- ing me on my journey of writing two chapters and co-editing this book. I would also like to thank the Risk and Insurance Manage- ment Society for supporting me during my educational years and providing great workshops and conferences on enterprise risk management.

—Kristina Narvaez

Contents

Foreword xiii

1 Enterprise Risk Management Case Studies: An Introduction and Overview 1 John R.S. Fraser, Betty J. Simkins, and Kristina Narvaez

PART I Overview and Insights for Teaching ERM 17

2 An Innovative Method to Teaching Enterprise Risk Management: A Learner-Centered Teaching Approach 19 David R. Lange and Betty J. Simkins

PART II ERM Implementation at Leading Organizations 37

3 ERM at Mars, Incorporated: ERM for Strategy and Operations 39 Larry Warner

4 Value and Risk: Enterprise Risk Management at Statoil 59 Alf Alviniussen and Håkan Jankensgård

5 ERM in Practice at the University of California Health System 75 Grace Crickette

6 Strategic Risk Management at the LEGO Group: Integrating Strategy and Risk Management 93 Mark L. Frigo and Hans Læssøe

7 Turning the Organizational Pyramid Upside Down: Ten Years of Evolution in Enterprise Risk Management at United Grain Growers 107 John Bugalla

x Contents

8 Housing Association Case Study of ERM in a Changing Marketplace 119 John Hargreaves

9 Lessons from the Academy: ERM Implementation in the University Setting 143 Anne E. Lundquist

10 Developing Accountability in Risk Management: The British Columbia Lottery Corporation Case Study 179 Jacquetta C. M. Goy

11 Starting from Scratch: The Evolution of ERM at the Workers’ Compensation Fund 207 Dan M. Hair

12 Measuring Performance at Intuit: A Value-Added Component in ERM Programs 227 Janet Nasburg

13 TD Bank’s Approach to an Enterprise Risk Management Program 241 Paul Cunha and Kristina Narvaez

PART III Linking ERM to Strategy and Strategic Risk Management 251

14 A Strategic Approach to Enterprise Risk Management at Zurich Insurance Group 253 Linda Conrad and Kristina Narvaez

15 Embedding ERM into Strategic Planning at the City of Edmonton 281 Ken Baker

16 Leveraging ERM to Practice Strategic Risk Management 305 John Bugalla and James Kallman

PART IV Specialized Aspects of Risk Management 319

17 Developing a Strategic Risk Plan for the Hope City Police Service 321 Andrew Graham

18 Blue Wood Chocolates 335 Stephen McPhie and Rick Nason

CONTENTS xi

19 Kilgore Custom Milling 363 Rick Nason and Stephen McPhie

20 Implementing Risk Management within Middle Eastern Oil and Gas Companies 377 Alexander Larsen

21 The Role of Root Cause Analysis in Public Safety ERM Programs 397 Andrew Bent

22 JAA Inc.—A Case Study in Creating Value from Uncertainty: Best Practices in Managing Risk 427 Julian du Plessis, Arnold Schanfield, and Alpaslan Menevse

23 Control Complacency: Rogue Trading at Société Générale 461 Steve Lindo

24 The Role of VaR in Enterprise Risk Management: Calculating Value at Risk for Portfolios Held by the Vane Mallory Investment Bank 489 Allissa A. Lee and Betty J. Simkins

25 Uses of Efficient Frontier Analysis in Strategic Risk Management: A Technical Examination 501 Ward Ching and Loren Nickel

PART V Mini-Cases on ERM and Risk 523

26 Bim Consultants Inc. 525 John R.S. Fraser

27 Nerds Galore 529 Rob Quail

28 The Reluctant General Counsel 535 Norman D. Marks

29 Transforming Risk Management at Akawini Copper 539 Grant Purdy

30 Alleged Corruption at Chessfield: Corporate Governance and the Risk Oversight Role of the Board of Directors 547 Richard Leblanc

xii Contents

31 Operational Risk Management Case Study: Bon Boulangerie 555 Diana Del Bel Belluz

PART VI Other Case Studies 559

32 Constructive Dialogue and ERM: Lessons from the Financial Crisis 561 Thomas H. Stanton

33 Challenges and Obstacles of ERM Implementation in Poland 577 Zbigniew Krysiak and Sl̄awomir Pijanowski

34 Turning Crisis into Opportunity: Building an ERM Program at General Motors 607 Marc S. Robinson, Lisa M. Smith, and Brian D. Thelen

35 ERM at Malaysia’s Media Company Astro: Quickly Implementing ERM and Using It to Assess the Risk-Adjusted Performance of a Portfolio of Acquired Foreign Companies 623 Patrick Adam K. Abdullah and Ghislain Giroux Dufort

About the Editors 649

Index 651

Foreword

E nterprise Risk Management is an evolving discipline focused on a com- plex and still imperfectly-understood subject. In such a situation, science is advanced best by collecting data from multiple, independent sites. A rich

set of observations educates the field’s scholars and practitioners and provides the foundation for them to develop descriptive and normative theories as well as cod- ified best practices about the subject.

The authors—Fraser, Simkins, and Narvaez—have done an invaluable service to advance the science of enterprise risk management by collecting an extensive number of wonderful case studies that describe innovative risk management prac- tices in a diverse set of companies around the world. This book should be an extremely valuable source of knowledge for anyone interested in the emerging and evolving field of risk management. We should be grateful to the editors and to each chapter author for expanding the body of knowledge for risk management professionals and academics.

Robert S. Kaplan Senior Fellow, Marvin Bower Professor of Leadership Development, Emeritus

Harvard University

xiii

CHAPTER 1

Enterprise Risk Management Case Studies An Introduction and Overview

JOHN R.S. FRASER Senior Vice President, Internal Audit, and former Chief Risk Officer, Hydro One Networks Inc.

BETTY J. SIMKINS Williams Companies Chair of Business and Professor of Finance, Oklahoma State University

KRISTINA NARVAEZ President and Owner of ERM Strategies, LLC

Businesses, business schools, regulators, and the public are now scrambling to catch up with the emerging field of enterprise risk management.

—Robert Kaplan (quote from Foreword in Fraser and Simkins, 2010)

Most executives with MBA degrees were not taught ERM. In fact, there are only a few universities that teach ERM. So some business school graduates are strong in finance, marketing, and management theory, but they are limited in terms of critical thinking, business acumen, and risk analysis skills.

—Paul Walker1

THE EVOLUTION OF ENTERPRISE RISK MANAGEMENT Over the past two decades enterprise risk management (ERM) has evolved from concepts and visions of how risks should be addressed to a method- ology that is becoming entrenched in modern management and is now increasingly expected by those in oversight roles (e.g., governing bodies and regulators). As Felix Kloman describes in his chapter “A Brief History of Risk Man- agement,” published in Fraser and Simkins (2010), many of the concepts go back a very long time and many of the so-called newly discovered techniques can be

2 Implementing Enterprise Risk Management

referenced to the earlier writings and practices described by Kloman. However, it is only from around the mid-1990s that the concept of giving a name to manag- ing risks in a holistic way across the many operating silos of an enterprise started to take hold. In the 1990s, terms such as integrated risk management and enterprise- wide risk management were also used. Many thought leaders, for example, those who created ISO 31000,2 believe that the term risk management is all that is needed to describe good risk management; however, many others believe that the latter term is often used to describe risk management at the lower levels of the organiza- tion and does not necessarily capture the concepts of enterprise-level approaches to risk. As a result, the term ERM is used throughout this book.

As ERM continues to evolve there is still much discussion and confusion over exactly what it is and how it should be achieved. It is important to realize that it is still evolving and may take many more years before it is fully codified and practiced in a consistent way. In fact, there is a grave danger now of believing that there is only one way of doing ERM. This is probably a mistake by regula- tors who have too eagerly seized some of these concepts and are trying to impose them when the methods are not fully understood, and in some cases the require- ments are unlikely to produce the desired results. As Fraser and Simkins (2010) noted in their first book on ERM: “While regulatory interest can force ERM into companies, if not done well, it can become another box-ticking exercise that adds little value.”3

The leading and most commonly agreed4 guideline to holistic risk manage- ment is ISO 31000. However, it should be mentioned that in the United States the COSO 2004 Enterprise Risk Management–Integrated Framework has been the dominant framework used to date. Many organizations are currently adopting one or the other of these frameworks and then customizing them to their own context.

WHY THE NEED FOR A BOOK WITH ERM CASE STUDIES? Following the success of the earlier Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives by Fraser and Simkins (2010), we found through our own teaching experiences, and by talking to others, that there was an urgent need for a university-level textbook of ERM case studies to help educate executives, risk practitioners, academics, and students alike about the evolving methodology. As a result, Fraser and Simkins, together with Kristina Narvaez, approached many of the leading ERM specialists to write case studies for this book.

Surveys have also shown that there is a dire need for more case studies on ERM (see Fraser, Schoening-Thiessen, and Simkins 2008). Additionally, surveys of risk executives report that business risk is increasing due to new technologies, faster rate of change, increases in regulatory risk, and more (PWC 2014). As Paul Walker of St. John’s University points out in the opening quote of the 2014 American Pro- ductivity & Quality Center (APQC) report on ERM, “Most executives with MBA degrees were not taught ERM. In fact, there are only a few universities that teach ERM. So some business school graduates are strong in finance, marketing, and

ENTERPRISE RISK MANAGEMENT CASE STUDIES 3

management theory, but they are limited in terms of critical thinking, business acu- men, and risk analysis skills.” Learning Centered Teaching (LCT), as discussed in Chapter 2, is an ideal way to achieve this. Using LCT and the case study approach, students actively participate in the learning process through constructive reflective reasoning, critical thinking and analysis, and discussion of key issues. This is the first book to provide such a broad coverage of case studies on ERM.

The case studies that follow are from some of the leading academics and prac- titioners of enterprise risk management. While many of the cases are about real-life situations, there are also those that, while based on real-life experiences, have had names changed to maintain confidentiality or are composites of several situations. We are deeply indebted to the authors and to the organizations that agreed so kindly to share their stories to help benefit future generations of ERM practition- ers. In addition, we have added several chapters where we feel the fundamentals of these specialized techniques (e.g., VaR) deserve to be understood by ERM stu- dents and practitioners. Each case study provides opportunities for executives, risk practitioners, and students to explore what went well, what could have been done differently, and what lessons are to be learned.

Teachers of ERM will find a wealth of material to use in demonstrating ERM principles to students. These can be used for term papers or class discussions, and the approaches can be contrasted to emphasize different contexts that may require customized approaches. This book introduces the reader to a wide range of con- cepts and techniques for managing risks in a holistic way, by correctly identifying risks and prioritizing the appropriate responses. It offers a broad overview of the various types of ERM techniques, the role of the board of directors, risk tolerances, profiles, workshops, and allocation of resources, while focusing on the principles that determine business success.

Practitioners interested in implementing ERM, enhancing their knowledge on the subject, or wishing to mature their ERM program, will find this book an abso- lute must resource to have. Case studies are one of the best ways to learn more on this topic.

This book is a companion to Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives (Fraser and Simkins 2010). Together, these two books can create a curriculum of study for business students and risk practitioners who desire to have a better understanding of the world of enterprise risk management and where it is heading in the future. Boards and senior leadership teams in progressive organizations are now engaging in building ERM into their scenario-planning and decision-making processes. These forward- looking organizations are also integrating ERM into the business-planning pro- cess with resource allocation and investment decisions. At the business unit level, ERM is being used to measure the performance of risk-taking activities of employees.

As these case studies demonstrate, ERM is a continuous improvement process and takes time to evolve. As can be gleaned from these case studies, most firms that have taken the ERM journey started with a basic ERM language, risk identification, and risk-assessment process and then moved down the road to broaden their pro- grams to include risk treatments, monitoring, and reporting processes. The ulti- mate goal of ERM is to have it embedded into the risk culture of the organization and drive the decision-making process to make more sound business decisions.

4 Implementing Enterprise Risk Management

SUMMARY OF THE BOOK CHAPTERS As mentioned earlier, the purpose of this book is to provide case studies on ERM in order to educate executives, risk practitioners, academics, and students alike about this evolving methodology. To achieve this goal, the book is organized into the following sections:

Part I: Overview and Insights for Teaching ERM Part II: ERM Implementation at Leading Organizations Part III: Linking ERM to Strategy and Strategic Risk Management Part IV: Specialized Aspects of Risk Management Part V: Mini-Cases on ERM and Risk Part VI: Other Case Studies

Brief descriptions of the contributors and the chapters are provided next.

PART I: OVERVIEW AND INSIGHTS FOR TEACHING ERM The first two chapters provide an overview of ERM and guidance on ERM educa- tion. As we have pointed out, education on ERM is crucial and more universities need to offer courses in this area. Our conversations with many ERM educators and consultants highlight how extremely challenging it is to achieve excellence in ERM education.

Chapter 2, “An Innovative Method to Teaching Enterprise Risk Manage- ment: A Learner-Centered Teaching Approach,” offers insights and suggestions on teaching ERM. This chapter covers the concept of flipping the classroom with learner-centered teaching (LCT), distinguishes it from traditional lectures, and describes how it can be used in teaching ERM. The LCT approach emphasizes active student participation and collaboration on in-class activities such as case studies versus the traditional lecture approach. This chapter provides several examples as to how LCT can be applied in teaching ERM, utilizing Fraser and Simkins’ (2010) book. David R. Lange and Betty J. Simkins, both experienced ERM educators, team together to write this chapter. David Lange, DBA, is an Auburn University Montgomery (AUM) Distinguished Research and Teaching Professor of Finance. He has received many prestigious awards for both research and teaching from the University and from several academic associations. He has taught many courses in the area of risk management and has consulted in a significant num- ber of individual and class insurance–related cases in both state and federal court. Betty Simkins, PhD, the Williams Companies Chair of Business and Professor of Finance at Oklahoma State University, is coeditor of this book.

PART II: ERM IMPLEMENTATION AT LEADING ORGANIZATIONS Part II is a collection of ERM case studies that give examples of how ERM was developed and applied in major organizations around the world. Note that there is no perfect ERM case study and the objective is for readers to assess what they believe was successful or not so successful about these ERM programs.

ENTERPRISE RISK MANAGEMENT CASE STUDIES 5

The first case study in this book describes ERM at Mars, Inc. Larry Warner, who is the former corporate risk manager at Mars, Inc. and now is president of Warner Risk Group, describes the ERM program at the company in Chapter 3. Mars is a global food company and one of the largest privately held corporations in the United States. It has more than 72,000 associates and annual net sales in excess of $33 billion across six business segments—Petcare, Chocolate, Wrigley, Food, Drinks, and Symbioscience. Its brands include Pedigree, Royal Canin, M&M’s, Snickers, Extra, Skittles, Uncle Ben’s, and Flavia. With such complex business oper- ations, Mars recognized the importance of providing its managers with a tool to knowledgably and comfortably take risk in order to achieve its long-term goals. Mars business units use its award-winning process to test their annual operating plan and thereby increase the probability of achieving these objectives.

The case study in Chapter 4 entitled “Value and Risk: ERM in Statoil” was writ- ten by Alf Alviniussen, who is the former Group Treasurer and Senior Vice Pres- ident of Norsk Hydro ASA, Oslo, Norway, and Håkan Jankensgård who holds a PhD in risk management from Lund University, Sweden. Håkan is also a for- mer risk manager of Norsk Hydro. In this case study, the authors discuss ERM at Statoil, one of the top oil and gas companies in the world, located in Norway. In Statoil, understanding and managing risk is today considered a core value of the company, which is written into the corporate directives and widely communicated to employees. ERM is thoroughly embedded in the organization’s work processes, and its risk committee has managed the transition from a “silo”-mentality to pro- moting Statoil’s best interests in areas where risk needs to be considered.

Chapter 5, called “ERM in Practice at University of California Health Systems,” is written by their former Chief Risk Officer (CRO), Grace Crickette, who is now the Senior Vice President and Chief Risk and Compliance Officer of AAA Northern California, Nevada, and Utah. The University of California’s (UC) Health System is comprised of numerous clinical operations, including five medical centers that support the clinical teaching programs for the university’s medical and health sci- ence school and handle more than three million patient visits each year. ERM plays an important role at the UC Health System and assists the organization in assess- ing and responding to all risks (operational, clinical, business, accreditation, and regulatory) that affect the achievement of the strategic and financial objectives of the UC Health System.

The descriptive case study in Chapter 6, written by Dr. Mark Frigo from DePaul University and Hans Læssøe, the Strategic Risk Manager of the LEGO Group, provides a great example of integrating risk management in strategy devel- opment and strategy execution at the LEGO Group, which is based on an initiative started in late 2006 and led by co-author Hans Læssøe. The LEGO methodology is also part of the continuing work of the Strategic Risk Management Lab at DePaul University, which is identifying and developing leading practices in integrating risk management with strategy development and execution.

United Grain Growers (UGG), a conservative 100-year-old Winnipeg, Canada- based grain handler and distributor of farm supplies, was an ERM pioneer. Chap- ter 7 called “Turning the Organizational Pyramid Upside Down: Ten Years of Evo- lution in Enterprise Risk Management at United Grain Growers” analyzes the ERM program at United Grain Growers 15 years later. When UGG announced that it had implemented a new integrated risk-financing program in 1999, it received a great deal of attention in the financial press. CFO magazine hailed the UGG

6 Implementing Enterprise Risk Management

program as “the deal of the decade.” The Economist characterized it as a “revo- lutionary advance in corporate finance,” and Harvard University created a UGG case study. While most outside attention focused on the direct financial benefits of implementing the program (protection of cash flow, the reduced risk-capital required, and a 20 percent increase in stock price), scant attention was given to the less tangible and therefore less measurable issues of governance, leadership, and corporate culture—the conditions that enabled such innovation. It was a combi- nation of a collaborative leadership open to new ideas, a culture of controlled risk taking, and active risk oversight by the board that produced a strategic approach to UGG’s risk management process. This chapter is written by John Bugalla, who is the principal of ermINSIGHTS.

John Hargreaves has written Chapter 8 titled “Housing Association Case Study of ERM in a Changing Marketplace.” He has a mathematics degree from Cambridge University and six years strategy consultancy experience at KPMG. This case study features four real-life charitable housing associations in England and Wales, each with a different strategy and risk environment. Simple yet prac- tical tools to assist in risk identification and prioritization are also presented. This case study has two main aims. The first is to help develop an understanding of the importance of ERM in a charitable context, showing that modern charities are often very active organizations that face significant risks. Second, the case aims to illustrate the need for a close relationship between risk assessment and strategy development, particularly in sectors where objectives are defined in social as well as economic terms. Each of the four cases has a different perspective and challenges the student or practitioner to identify and assess the risk and develop possible risk treatments for each.

Chapter 9, “Lessons from the Academy: ERM Implementation in the Univer- sity Setting,” was written by Anne E. Lundquist. She is pursuing a PhD in the Educational Leadership program at Western Michigan University with a concen- tration in Higher Education Administration. This chapter explores the unique aspects of the University of Washington’s (UW) risk environment, including how leadership, goal-setting, planning, and decision-making differ from the for-profit sector. The lack of risk management regulatory requirements, combined with cul- tural and environmental differences, helps explain why there are a limited number of fully evolved ERM programs at colleges and universities. The second half of the chapter explores the decision to adopt and implement ERM at UW, including a description of early decisions, a timeline of how the program evolved, a discus- sion of the ERM framework, and examples of some of the tools used in the risk management process. It traces the evolution of the UW program as well as demon- strates decisions that administrators made to tailor ERM to fit the decentralized culture of a university.

The case study in Chapter 10, “Developing Accountability in Risk Manage- ment: The British Columbia Lottery Corporation Case Study,” demonstrates how ERM was successfully implemented in a Canadian public sector organization over a 10-year period. Jacquetta Goy, author of this chapter, was the Senior Manager, Risk Advisory Services at British Columbia Lottery Corporation and was respon- sible for establishing and developing the ERM program. Currently, Jacquetta is the Director of Risk Management at Thompson Rivers University, Canada. This case study focuses on initiation, early development, and sustainment of the ERM

ENTERPRISE RISK MANAGEMENT CASE STUDIES 7

program, highlighting some of the barriers and enablers that affected implemen- tation. This case study includes a focus on developing risk profiles; the role of risk managers, champions, and committees; and the development of effective risk evaluation tools. The approach to ERM has evolved from informal conversations supported by an external assessment, through a period of high-level corporate focus supported by a dedicated group of champions using voting technology to an embedded approach, where risk assessment is incorporated into both opera- tional practice and planning.

Chapter 11, “Starting from Scratch: The Evolution of ERM at the Workers Com- pensation Fund,” describes the evolution of a formal ERM program at a midsize property casualty insurance carrier. This chapter is authored by Dan Hair, the CRO of the Workers Compensation Fund. In this chapter, the motivations of executive management and the board of directors in taking existing strategic risk manage- ment discussions to a higher level are reviewed. The step-by-step actions taken by the company to develop the ERM program are explained in chronological order. External resources used are also commented upon. The chapter concludes with a discussion of striking an ongoing balance between program rigor, documentation, and business needs.

Chapter 12, “Measuring Performance at Intuit: A Value-Added Component in ERM Programs,” shows how Intuit, maker of Quicken, QuickBooks, and Turbo- Tax, is committed to creating new and easier ways for consumers and businesses to tackle life’s financial chores, giving them more time to live their lives and run their businesses. This case study shows how Intuit, a global company, is exposed to a wide range of customer-related and operational risks. Understand- ing the risk landscape enables Intuit to formulate and execute strategies to address potential pitfalls and opportunities. The author, Janet Nasburg, is Chief Risk Offi- cer at Intuit. Janet is responsible for driving Intuit’s ERM capability, ensuring that the company appropriately balances opportunities and risks to achieve optimal business results. Before Intuit, Janet spent 16 years in various finance roles at Visa, and has more than 30 years of risk management and finance experience.

Chapter 13 describes TD Bank’s ERM program and how it has been developed to reinforce the risk culture and ensure that all stakeholders have a common under- standing of how risks are addressed within the organization. This is achieved by identifying the risks to TD Bank’s business strategy and operations, determining the types of risk it is prepared to take, establishing policies and practices to gov- ern risks, and following an ERM framework to manage those risks. This chapter is co-authored by Paul Cunha and Kristina Narvaez. Paul Cunha is Vice President, Enterprise Risk Management at TD Bank. During his career at TD Bank, he has spent time in risk management, internal audit, retail banking, commercial bank- ing, and corporate and investment banking. Kristina Narvaez is the president and owner of ERM Strategies, LLC, and is co-editor of this book.

PART III: LINKING ERM TO STRATEGY AND STRATEGIC RISK MANAGEMENT Part III of this book demonstrates the link between ERM and strategy in what is now being called strategic risk management (SRM). SRM represents an important evolution in enterprise risk management, shifting from a reactive approach to a

8 Implementing Enterprise Risk Management

proactive approach in dealing with the large spectrum of risks across the organi- zation. These case studies view their risk-taking activities in a strategic way, not only to protect the organization’s value and assets, but also to be able to capture new value that is in alignment with the strategic goals of the organization.

Zurich Insurance Group, the case study in Chapter 14, demonstrates the link between ERM and strategy. Zurich is a global insurance carrier and is exposed to a wide range of risks. Zurich recognizes that taking the right risks is a necessary part of growing and protecting shareholder value. It is careful not to miss valu- able market opportunities that could attract the best talent and investor capital, but must also balance the growth opportunities with the reality that it is operating in a complex world economy. This chapter is co-authored by Linda Conrad, Director of Strategic Business Risk Management at Zurich and Kristina Narvaez, president and owner of ERM Strategies, LLC and co-editor of this book. Linda leads a global team responsible for delivering tactical solutions to Zurich and to its customers on strategic issues such as business resilience, supply chain risk, ERM, risk culture, and total risk profiling.

Chapter 15, “Embedding ERM into Strategic Planning at the City of Edmon- ton,” is written by Ken Baker, who is their ERM Program Manager. This study examines the process used by the City of Edmonton in Alberta, Canada, to estab- lish its strategic ERM model. After examining several existing frameworks, the City decided on a framework based on the ISO 31000 risk management standard, but customized to suit the City’s needs. During the process, administration had to weigh factors common to any large organization, as well as those specific to governments in general and municipalities in particular. The chronicling of this process may assist those in similar organizations to more successfully implement their own ERM and SRM programs.

Chapter 16 describes a brief history of the evolution of enterprise risk management and describes a new and innovative approach (value mapping) to measuring the potential value by taking risks. This chapter also provides a model for incorporating the ERM process into strategic planning. John Bugalla, Principal of ermINSIGHTS and author of Chapter 7, and James Kallman, a finance professor at St. Edward’s University, co-author this chapter. John’s experience includes 30 years in the risk management profession serving as Managing Director of Marsh & McLennan, Inc., Willis Group, Plc., and Aon Corp., before founding ermINSIGHTS. James teaches courses in finance, statistics, and risk management.

PART IV: SPECIALIZED ASPECTS OF RISK MANAGEMENT Part IV of the book captures unique aspects of ERM so that the reader can learn about the many broad applications, including insights into managing specific types of risk. This part starts with a case study in Chapter 17 of the challenges of risk management within a typical police department. This case is followed by eight additional chapters addressing other intriguing aspects of risk management.

Andrew Graham reveals the complex and challenging aspects of risk manage- ment in Chapter 17, “Developing a Strategic Risk Plan for the Hope City Police Ser- vice.” This fictional case study was developed based on many years of teaching risk management to police forces. The setting is a medium-sized but growing city that

ENTERPRISE RISK MANAGEMENT CASE STUDIES 9

is facing many issues, including changes in demographics, traffic issues, budgetary challenges, and so on. The student is required to act as a consultant who has been hired by the chief of police to assist him in briefing the Police Services Board and the mayor in understanding the most critical risks to their objective of having a best- in-class police service for their citizens. Andrew Graham researches, teaches, and writes on public-sector management, financial management, integrated risk man- agement, and governance at Queen’s University School of Policy Studies, Canada, as well as a variety of international and Canadian venues. Andrew had an exten- sive career in Canada’s criminal justice system and has taught and worked with police services and police boards and commissioners in a variety of ways for the past 10 years.

Chapter 18, “Blue Wood Chocolates,” is designed to facilitate discussion of the implementation of an ERM framework, corporate governance issues, and com- modity risk management. The situation that this fictional company faces is typi- cal of many midsize companies that have performed satisfactorily in the past but are exposed, often unknowingly, to major potential risks and do not have the internal governance and risk management structures to identify, quantify, and manage such risks adequately. In particular, this case illustrates commodity and foreign currency exposures, and challenges the student to investigate the specifics of hedging such positions. Rick Nason, PhD, CFA, and Stephen McPhie, CA, coau- thored this chapter. Rick is an associate professor of finance at Dalhousie Univer- sity, Canada, and is also a founding partner of RSD Solutions, a risk management consultancy firm. His coauthor, Stephen McPhie, CA, is a partner of RSD Solu- tions Inc. and has also held various positions in the United States, Canada, and the United Kingdom with a major Canadian bank.

Foreign exchange (FX) risk management is one of the greatest financial risks a company faces when expanding globally. Chapter 19, “Kilgore Custom Milling,” illuminates the myriad of issues that arise when hedging FX risk, such as faced by a midsize original equipment manufacturer (OEM) operating in the automobile industry. Kilgore Custom Milling (a fictional company) needs to develop a hedg- ing strategy to manage its foreign exchange risk for a new contract and decide what type of derivatives to use, what size of hedge to implement, and how the com- pany’s financial risk management fits in with its overall ERM process. Rick Nason and Stephen McPhie, coauthors of Chapter 18, team together again to explore the complex and challenging issues that many companies face with FX risk.

ERM is currently of very high interest to companies operating in the Mid- dle East, an area that presents unique challenges for implementation. Alexander Larsen captures this scenario in Chapter 20, “Implementing Risk Management within Middle Eastern Oil and Gas Companies.” This case study is based on real- life examples of Middle Eastern oil and gas companies and captures the challenges of implementing risk management in the Middle East. Alexander Larsen holds a degree in risk management from Glasgow Caledonian University and is a Fellow of the Institute of Risk Management. He has over 10 years of experience across a wide range of sectors, including oil and gas, construction, utilities, finance, and the public sector. Alexander has considerable expertise in training and working with organizations to develop, enhance, and embed their ERM.

Public safety organizations are increasingly adopting sophisticated enterprise governance and risk management techniques as a means of managing their

10 Implementing Enterprise Risk Management

programs and expenditures. Root cause analysis can provide these agencies with detailed insights into the problems and issues they face, and provide them with the information they need to make informed decisions on risk management. Chapter 21, “The Role of Root Cause Analysis in Public Safety ERM Programs,” explores these issues by presenting six common root cause analysis techniques that are applied in a public safety or law enforcement environment. The chapter author, Andrew Bent, is a practicing risk manager with a large Canadian inte- grated energy company and was previously in charge of ERM for one of Canada’s largest municipal police services.

Chapter 22, “JAA Inc.—A Case Study in Creating Value from Uncertainty: Best Practices in Managing Risk,” provides extensive details about ERM implementa- tion in a fictional international organization and discusses topics including gover- nance structure, the processes, and the various tools used. The case is built on the principles and guidance of ISO 31000 and the implementation guidance created by The Australian and New Zealand Hand Book HB 436. This case emphasizes the roles of the heads of the internal audit function and the risk management func- tion. The three coauthors of this chapter have extensive experience in risk man- agement. Julian du Plessis, Head of Internal Audit at AVBOB Mutual Assurance Society, South Africa, has over eight years of financial sector experience. Arnold Schanfield is a Principal with Schanfield Risk Management Advisors LLC, and is an internal audit and risk professional with diversified industry expertise. Alpaslan Menevse is currently the Risk Officer at Sekerbank T.A.S., which has in excess of 310 branches in Turkey. He has 28 years of experience in information systems, both as an academic and as a practitioner.

A book on ERM case studies is not complete without some coverage of risk management failures. One of the most famous failures involving opera- tional risk is discussed in Chapter 23, “Control Complacency: Rogue Trading at Société Générale.” In January 2008, Société Générale uncovered €49 billion of unauthorized equity positions at its Paris head office, which cost €4.9 billion to unwind. Using an interactive format, this case study analyzes the origins, actors, causes, and consequences of this notorious control breakdown and derives risk management lessons from it in the areas of corporate governance, controls, com- pliance, systems, technology, and reputation risk. The author, Steve Lindo, Princi- pal, SRL Advisory Services, has many years of experience in ERM and provides a thorough and fascinating coverage of this disaster.

Value at risk (VaR) is one of the most widely used techniques to measure financial risks, particularly in the area of investment portfolios. However, it is a technique that has not been fully understood by many risk managers. In Chapter 24, “The Role of VaR in Enterprise Risk Management: Calculating Value at Risk for Portfolios Held by the Vane Mallory Investment Bank,” VaR is described along with its underlying assumptions, advantages, and disadvantages. Several exam- ples for single assets are detailed for both the dollar and percentage VaR estimation methods. The main focus of this case study is a tutorial on calculating VaR for port- folios of assets using the covariance approach utilized in portfolio theory. Allissa A. Lee coauthored this case study with Betty J. Simkins. Allissa is an assistant professor of finance in the College of Business Administration at Georgia South- ern University. She has published several academic articles and also worked in the mortgage industry for MidFirst Bank. Betty, coeditor of this book, is the

ENTERPRISE RISK MANAGEMENT CASE STUDIES 11

Williams Companies Chair of Business and Professor of Finance at Oklahoma State University.

Chapter 25, “Uses of Efficient Frontier Analysis in Strategic Risk Manage- ment,” covers an advanced analytical technique, efficient frontier analysis (EFA), where complex property and casualty risk profiles are being considered. This chap- ter provides insights into risk portfolio volatility, pricing, and insurance layering efficiency using EFA and is applied to a risk portfolio that presents catastrophic loss potential within the context of strategic risk management. This chapter’s coau- thors are Ward Ching, who is Vice President, Risk Management Operations, at Safeway Inc., and Loren Nickel, who is Regional Director and Actuary, Actuarial and Analytics Practice, at Aon Global Risk Consulting. Both authors have extensive experience in property and casuality risk management and share their expertise in this specialized topic of ERM.

PART V: MINI-CASES ON ERM AND RISK Mini-cases are a very powerful and highly useful resource in teaching ERM and can be easily utilized in short time periods such as a one-hour class segment. This part fills this gap in the education literature on ERM and includes six fictional mini- cases that have been developed by leading risk practitioners who draw from the wealth of their experiences in various applications of risk management.

Chapter 26, “Bim Consultants Inc.,” is based on a real event in which a company was faced with an important strategic acquisition decision. All names and data have been changed for confidentially reasons. The purpose of the case is to illustrate the complexity of making strategic decisions and how greed and ego can cause a firm to change strategy that may put the business at risk. The author, John Fraser, Senior Vice President, Internal Audit, and former Chief Risk Officer of Hydro One Networks Inc., is also coeditor of this book. Fraser is currently an adjunct professor at York University, Canada, and a member of the faculty of the Directors College. He is a recognized authority on ERM and has written extensively on the topic.

Chapter 27, “Nerds Galore,” is based on a fictitious small services company that appears to be on the verge of a major downturn. The focus of the case study is human resources–related risks, and the exercise is to conduct a risk assessment to aid in making the decision on whether to proceed with a major human resources strategy. This case study could be used as the basis for an actual risk workshop sim- ulation with students role-playing various positions on the management team. Rob Quail, the author of this case study, draws on his extensive experience as Director of ERM at Hydro One Networks Inc., and provides an excellent mini-case to illu- minate ERM applications.

Can a company have a successful ERM program that does not involve a key function, such as the legal department? And if not willing to participate, how do you convince this department to commit to ERM? The reader is challenged with tackling this crucial issue in Chapter 28, “The Reluctant General Counsel.” This mini-case is about the implementation of ERM at a software company and illus- trates the challenges faced when the general counsel of the company has reser- vations and is not willing to support the implementation. The author, Norman Marks, CPA, CRMA, has been chief audit executive of major global corporations

12 Implementing Enterprise Risk Management

for over 20 years, and is highly regarded in the global profession of internal audit- ing. Furthermore, he is a prolific blogger about internal audit, risk management, governance, and compliance.

Chapter 29, “Transforming Risk Management at Akawini Copper,” describes how the approach to managing risk can be transformed and enhanced in a com- pany. The case study is based on a hypothetical mining company, Akawini Copper, that has recently been acquired by an international concern. It draws on the practi- cal concepts of ISO 31000 to show how a weak approach to risk management can be enhanced to be more robust and comprehensive by following a logical framework and transformation plan. The author, Grant Purdy, has worked in risk manage- ment for more than 35 years, across a wide range of industries and in more than 25 countries. Grant is coauthor of the 2004 version of AS/NZS 4360 and also of AS/NZS 5050, a standard for managing disruption-related risk, and has also writ- ten many risk management handbooks and guides.

Richard Leblanc, PhD, who is a governance lawyer, certified management con- sultant, and Associate Professor of Law, Governance, and Ethics at York Univer- sity, draws on his extensive experience in board of director effectiveness when writing Chapter 30, “Alleged Corruption at Chessfield: Corporate Governance and the Risk Oversight Role of the Board of Directors.” Richard has advised regula- tors on corporate governance guidelines, and, as part of his external professional activities, has served as an external board evaluator and governance adviser for many companies, as well as in an expert witness capacity in litigation concerning corporate governance reforms. This case deals with the inner workings of a large organization’s board of directors, including allegations of alleged corruption and self-dealing, and provides the reader with a captivating application of risk man- agement shortcomings in governance and internal controls.

Diana Del Bel Belluz, president and founder of Risk Wise, Inc., draws on her experience in operational risk when writing Chapter 31, “Operational Risk Man- agement Case Study: Bon Boulangerie.” This mini-case provides the opportunity for students to discuss and present their knowledge of operational risk. It describes the challenges and opportunities faced by a fictional bakery business in a small city. The bakery’s owner has decided to expand the business for greater rewards, but in doing so is faced with a number of operational challenges. Additional infor- mation on the steps of operational risk management is available in Chapter 16 in Fraser and Simkins (2010). Diana has many years of consulting experience in ERM, and advances the practice of ERM through her thought leadership as an educator, conference organizer, speaker, and author of ERM resources.

PART VI: OTHER CASE STUDIES Many risk management lessons can be learned from the financial crisis of 2008, and we begin this part with a chapter addressing this topic: Chapter 32, “Con- structive Dialogue and ERM: Lessons from the Financial Crisis.” In this chapter, Tom Stanton eloquently examines the critical distinctive factors between success- ful and unsuccessful firms in the crisis and refers to the presence or absence of these factors as constructive dialogue. Successful firms managed to create produc- tive and constructive tension between those in the firm who wanted to do deals or offer certain financial products and services and those who were responsible for

ENTERPRISE RISK MANAGEMENT CASE STUDIES 13

limiting risk exposures. Instead of simply deciding to do a deal or not, successful firms considered ways to hedge risks or otherwise reduce exposure from doing the deal. Thomas H. Stanton is a Fellow of the Center for Advanced Governmen- tal Studies at Johns Hopkins University, a director of the Association of Federal Enterprise Risk Management, a former director of the National Academy of Public Administration, and a former member of the federal Senior Executive Service.

An important objective in this book is to provide global coverage about ERM by including insightful applications in various countries. Poland, after the transi- tion into the free market economy in 1989, became open to knowledge and transfer of the best practices from around the world. Chapter 33, “Challenges and Obstacles of ERM Implementation in Poland,” draws on years of research, both formal and informal, and documents the country’s first approaches to ERM implementation. The successes, challenges, and weaknesses are described and provide a valuable lesson for other countries, regions, or even organizations in how they might go about implementing ERM. Two experts on ERM implementation in Poland teamed together to write this chapter. Zbigniew Krysiak, PhD, is an associate professor of finance at the Warsaw School of Economics in Poland. He is the author or coau- thor of more than 100 publications, intended both for practitioners and for the aca- demic community, concerning finance, risk management, financial engineering, and banking. His coauthor, Sl̄awomir Pijanowski, PhD, is president of the POL- RISK Risk Management Association in Poland, where he is responsible for devel- opment of good risk management practices for the Polish market. He is coauthor of the Polish book titled Risk Management for Sustainable Business published by the Polish Ministry of the Economy and has many other accomplishments in the area of risk management.

Chapter 34 entitled “Turning Crisis into Opportunity: Building an ERM Pro- gram at General Motors” was written by leaders of ERM at GM—Marc Robinson, Lisa Smith, and Brian Thelen. This case study chronicles the ground-up implemen- tation of ERM at General Motors Company (GM), starting in 2010 after it emerged from bankruptcy. While GM recognizes that its ERM is a work in progress, there have been important successes both in improving the management of risk and making better business decisions. Critical to these successes has been a clear strate- gic vision on adding value for the business leaders that are the true risk owners, unique decision tools such as game theory, and a continuous improvement mind- set, including robust lessons learned. The study describes the lessons learned dur- ing implementation and some of the unique approaches, tools, and techniques that GM has employed. Examples of senior management reporting are also included.

The last case study in the book is also extremely insightful because it provides an excellent example of an ERM application at a company in Asia. The authors demonstrate in Chapter 35 how Astro, a Malaysia-based media company, uses ERM to grow through international acquisitions, and how it implements enter- prise risk management not only to ensure sound risk management by its foreign subsidiaries and joint ventures, but also to make better risk/return decisions on its portfolio of direct investments. Both authors are authorities on ERM imple- mentation globally. Ghislain Giroux Dufort is President of Baldwin Risk Strate- gies Inc., a consulting firm advising boards of directors and management teams on risk governance and ERM and has over 25 years of experience. Patrick Adam Kanagaratnam Abdullah is the Vice President of ERM for Astro Overseas Limited

14 Implementing Enterprise Risk Management

(AOL), Malaysia. He specializes in the implementation of ERM practices across AOL’s investments and has over 21 years of experience in various areas of risk management.

CONCLUSION As outlined above, the case studies and specialized topic chapters in this book present an impressive coverage of new information on enterprise risk manage- ment, and all chapters are written by leading ERM experts globally. To our knowledge, this is the first book to be published that provides such comprehensive coverage of ERM case studies. We hope you find this book a valuable resource in your education and/or implementation of ERM. We welcome your comments and suggestions. Answers to the end-of-chapter questions and detailed teaching notes to most cases are available to instructors at www.wiley.com.

NOTES 1. See the 2014 American Productivity & Quality Center Report. 2. ISO 31000 was issued by the International Standards Organization in 2009. For a descrip-

tion refer to Chapter 7 of Fraser/Simkins by John Shortreed. 3. Fraser/Simkins, 15. 4. ISO 31000 has been agreed to by about 25 major countries of the international community

as the guideline for risk management.

REFERENCES American Productivity & Quality Center (APQC). 2014. APQC Report. www.apqc.org/. Fraser, John, and Betty J. Simkins, eds. 2010. Enterprise Risk Management: Today’s Leading

Research and Best Practices for Tomorrow’s Executives. Hoboken, NJ: John Wiley & Sons. Fraser, John, Karen Schoening-Thiessen, and Betty J. Simkins. 2008. “Who Reads What Most

Often? A Survey of Enterprise Risk Management Literature Read by Risk Executives.” Journal of Applied Finance 18:1 (Spring/Summer).

PWC (PricewaterhouseCoopers). 2014. Risk in Review: Re-Evaluating How Your Company Addresses Risk. www.pwc.com/us/en/risk-assurance-services/publications/risk-in- review-transformation-management.jhtml.

ABOUT THE EDITORS John R.S. Fraser is the Senior Vice-President, Internal Audit, and former Chief Risk Officer of Hydro One Networks Inc., Canada, one of North America’s largest elec- tricity transmission and distribution companies. He is a Fellow of the Institute of Chartered Accountants of Ontario, a Fellow of the Association of Chartered Cer- tified Accountants (U.K.), a Certified Internal Auditor, and a Certified Informa- tion Systems Auditor. He has over 30 years of experience in the risk and control field mostly in the financial services sector, including areas such as finance, fraud, derivatives, safety, environmental, computers, and operations. He is a member of the Faculty at the Directors College for the Strategic Risk Oversight Program, and has developed and teaches a master’s degree course entitled Enterprise Risk

http://www.wiley.com

http://www.apqc.org/

http://www.pwc.com/us/en/risk-assurance-services/publications/risk-in-review-transformation-management.jhtml

ENTERPRISE RISK MANAGEMENT CASE STUDIES 15

Management in the Masters in Financial Accountability Program at York Univer- sity where he is an adjunct professor. He is a recognized authority on enterprise risk management and has co-authored several academic papers on ERM. He is co- editor of a best-selling university textbook released in 2010, Enterprise Risk Man- agement: Today’s Leading Research and Best Practices for Tomorrow’s Executives.

Betty J. Simkins, PhD, is Williams Companies Chair of Business and Professor of Finance at Oklahoma State University. Betty received her PhD from Case Western Reserve University. She has had more than 50 publications in academic finance journals. She has won awards for her teaching, research, and outreach, including the top awards at Oklahoma States University: Regents Distinguished Research Award and Outreach Excellence Award. Her primary areas of research are risk management, energy finance, and corporate governance. Betty serves on the edi- torial boards of nine academic journals, including the Journal of Banking and Finance; is past coeditor of the Journal of Applied Finance; and is past president of the East- ern Finance Association. She also serves on the Executive Advisory Committee of the Conference Board of Canada’s Strategic Risk Council. In addition to this book, she has published two others: Energy Finance and Economics: Analysis and Valuation, Risk Management and the Future of Energy and Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives (co-edited with John Fraser). Prior to entering academia, she worked in the corporate world for Cono- coPhillips and Williams Companies. She conducts executive education courses for companies globally.

Kristina Narvaez is the president and owner of ERM Strategies, LLC (www.erm- strategies.com), which offers ERM research and training to organizations on vari- ous ERM-related topics. She graduated from the University of Utah in environmen- tal risk management and then received her MBA from Westminster College. She is a two-time Spencer Education Foundation Graduate Scholar from the Risk and Insurance Management Society and has published more than 25 articles relating to enterprise risk management and board risk governance. She has given many presentations to various risk management associations on topics of ERM. She is an adjunct professor at Brigham Young University, teaching a business strategy course for undergraduates.

http://www.erm-strategies.com

PART I

Overview and Insights for Teaching ERM

CHAPTER 2

An Innovative Method to Teaching Enterprise Risk Management A Learner-Centered Teaching Approach

DAVID R. LANGE Distinguished Research and Teaching Professor of Finance, Auburn University Montgomery

BETTY J. SIMKINS Williams Companies Chair of Business and Professor of Finance, Oklahoma State University

L earner-centered teaching (LCT), commonly referred to as “flipping the class- room” (Shibley and Wilson 2012), is an alternative to the traditional teacher lecture (TL). With LCT, students actively participate in the pedagogical pro-

cess and take increased responsibility for learning through constructive reflective reasoning. Where with TL content is covered, content in LCT is used as a “means to learning” (Weimer 2002). LCT is ideally suited for content provided in lists, tables, charts, and exhibits, and particularly so if these are in the form of topic overviews, flowcharts, or summaries. The case method espouses similar student- engaged learning processes by promoting critical thinking and analysis, creating discussion of conflicting issues and requiring a decision (Bean 2011). LCT ampli- fies and broadens student learning from cases. Hence, the case studies in this book are ideal for teaching enterprise risk management (ERM) using LCT.

The chapter is presented in three sections. The first section clarifies the concept of flipping the classroom with LCT, distinguishing LCT from a TL, and why the growing LCT movement should be joined. The second section considers the what, Weimer’s (2002) Learner Centered Teaching “Five Key Changes to Practice,” a definitive paradigm for changing pedagogy to LCT from a TL. A final section, the appendix, provides examples of how, using content to utilize LCT in an enterprise risk management (ERM) course at Auburn University Montgomery. The examples are from Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives (Fraser and Simkins 2010), which opportunely provides ERM content in the supporting formats. The LCT examples are provided in

20 Implementing Enterprise Risk Management

Exhibit 2.1 TL versus LCT

Bloom (1956) Anderson and Krathwohl (2001) Expanded

� Knowledge � Comprehension � Application � Analysis � Evaluation � Synthesis

� Remember: Recognize, recall � Understand: Interpret, explain � Apply: Calculate, solve � Analyze: Distinguish, relate � Evaluate: Critique, test � Create: Hypothesize, devise

� Memorize, recollect, retain � Comprehend, realize, apprehend � Compute, estimate, determine � Examine, explore, study, associate � Assess, appraise, review, comment � Speculate, theorize, postulate, offer,

imagine, assume, suggest

contrast to TL approaches, and include learning notes expanding the how of examples.

LEARNER-CENTERED TEACHING: THE WHY Flipping the classroom refers to Bloom’s Cognitive Learning Taxonomy (1956), a commonly accepted identification of levels of learning (Anderson and Krathwohl 2001; Bean 2011; Shibley and Wilson 2012), and thus an easily identifiable model with which to distinguish LCT from TL. Exhibit 2.1 has inverted Bloom’s taxon- omy to illustrate flipping the classroom. In a TL, the teacher normally progresses through the taxonomy starting with imparting knowledge:

� Knowledge: covering content with PowerPoint presentations, lecturers, and so on

� Comprehension: offering alternative descriptions and definitions, followed by a question of “What does this mean in your own words?”

� Application: solving problems step-by-step, demonstrating necessary calcu- lations, and solving homework problems replicating calculations

� Analysis: comparing and explaining results from different problems � Evaluation: questioning validity of assumptions, processes, and textbook

sections on weaknesses in the model � Synthesis: concluding with summaries and overviews

We may recognize the TL approach from our own experience or through class- room observation of peers.

To further illustrate the levels of learning, Anderson and Krathwohl’s (2001) revision of Bloom’s taxonomy is included in the center column of Exhibit 2.1. The third column contains an expanded list of active learning for additional clarification.

Learner-Centered Teaching

In LCT, content is used as a means to learning (Weimer 2002). Envision a learning process in which students compute a financial problem, examine different points of view, review and comment on an article, or postulate explanations for survey

AN INNOVATIVE METHOD TO TEACHING ENTERPRISE RISK MANAGEMENT 21

results. The knowledge (content) is discovered and used by the students in the learning process. Content in LCT is used as a means to learning (Weimer 2002), not presented and covered as in the context of a TL. In effect, as the examples will demonstrate, LCT enters Bloom’s Cognitive Learning Taxonomy through the higher levels of application, analysis, evaluation, and synthesis.

Why LCT?

A primary explanation for education moving toward LCT is based on learning research that supports “more active, inductive instruction” (Smart, Witt, and Scott 2012). Increased student engagement, strengthened team-based skills, personal- ized student guidance, focused classroom discussion, and faculty freedom are sev- eral benefits of the growing LCT pedagogical adoption (Millard 2012). In a review of pedagogical literature with courses adopting LCT, Wright (2011, p. 96) found college teachers believe “a more effective learning environment” was provided, and “students tended to respond positively.” A smaller study by Wohlfarth et al. (2008) acknowledged the need for further research and offered strong qualitative student support of LCT’s importance in assisting learning.

There are several other reasons why LCT should be adopted. In a paper apply- ing 29 components to benchmark the degree of LCT implementation, Blumberg and Pontiggia (2011) note the importance of LCT in their institutions’ faculty devel- opment workshops, the implications for assessments and accreditation, and poten- tial student admission promotional material. Yang (2010, p. 80) offers a globaliza- tion justification to adopt LCT, the need to “encourage students to actively partici- pate in the discussion, and the need for students to fully express their views,” even if it is counter to student cultural behavior.

Poor teaching experience with the TL is another supporting reason for LCT. The prepared TL covering knowledge, with students attempting to retain and simultaneously comprehend key points, may appear more as a sermon, speech, homily, or oration. Instructors, from their own experience or through classroom observation of peers, may relate to the “picture of somewhat lifeless students sit- ting passively in classrooms, with glazed eyes, some struggling to stay awake in dimmed classrooms as an instructor shared key concepts . . . using slides” (Smart, Witt, and Scott 2012, p. 393).

The educational goal is to engage students to become active versus passive learners by promoting critical thinking and “emphasizing inquiry” (Bean 2011, p. 38). LCT’s flipped classrooms focus on critique, assess, hypothesize, and speculate, the higher levels of Bloom’s Cognitive Learning Taxonomy. The base levels of knowl- edge and understanding may be assigned before class (Shibley and Wilson 2012).

FIVE KEY CHANGES TO PRACTICE THE WHAT Weimer’s Learner Centered Teaching (2002) “Five Key Changes to Practice” is a definitive paradigm for changing pedagogy to LCT. This section describes each of these “Five Key Changes to Practice,” which are:

1. The Balance of Power 2. The Function of Content

22 Implementing Enterprise Risk Management

3. The Role of the Teacher 4. The Responsibility for Learning 5. Evaluation Purpose and Process

Consideration of the five steps with each of the LCT ERM examples paradoxi- cally resembles the TL approach. Therefore, instructors are encouraged to appraise their current pedagogy and associate the respective LCT changes to practice with their course. To assist your movement to LCT, Weimer’s (2002) Part Two, “Imple- menting the Learner-Centered Approach,” includes discussions of responding to resistance from students and faculty, taking a developmental approach in convert- ing students from passive to active learners, and making LCT work based on prin- ciples of successful instructional improvement. Appendixes in Weimer (2002) offer suggestions for the syllabus and learning log (Appendix A), handouts for devel- oping learning skills (B), and a recommended reading list (C). Blumberg (2009) provides an extensive step-by-step guide to adopting LCT.

The Balance of Power

The LCT classroom is more democratic than the TL, where sequencing, con- tent, and information flow are one-way: professor to student. With LCT, stu- dents actively participate in the learning process and are likely to alter its direc- tion by connecting to prior tangential or experiential knowledge. Generally, the teacher retains the responsibility for selecting the course content, learning goals, and itinerary, though even these may include student input. Regardless, with LCT, the learning path taken, the direction of course discussion, and practical exam- ples are at the very least influenced, and more likely chosen, by the student; thus “power is shared” (Weimer 2002).

LCT often includes case studies, small group discussions or assignments, and/or designating a student to be a group discussion leader on a rotating basis. Power sharing is not easy for teachers accustomed to a TL approach. But LCT power sharing has several benefits. Students are more active, engaged, interested, and motivated, and less passive and disconnected (Weimer 2002, p. 31). It is easier for a student to hide in a class of 30, 50, or 100 than in a group of five students. It should be noted that the student discussion leader is equally asked to “share the power,” and there are potential “tough spots for running a risk management workshop”—nonparticipation and dominators (Fraser and Simkins 2010, p. 169).

The Function of Content

With LCT, content is used in the learning process, not covered in the context of the TL. This does not infer that the content, base knowledge, is not covered. It sim- ply means that students do not first memorize the base knowledge for later recall. Instead, students constructively examine, explore, review, and assess content. It is extremely interesting to see students strongly arguing for the most important step in an ERM process even when there may not actually be a hierarchy. Creating and defending an argument for the most important step, what risk stands out, or what is the most challenging step requires a cognitive reasoning process and a subtle incorporation of base knowledge and linkage to previously learned material—the

AN INNOVATIVE METHOD TO TEACHING ENTERPRISE RISK MANAGEMENT 23

LCT version of content coverage. With LCT, the content learning process “develops learning skills” and “promotes self-awareness of learning,” and students “experi- ence it firsthand” (Weimer 2002, p. 51–52).

The amount of content covered is a possible concern for those more inclined toward a TL. However, contrary to expectations, experience suggests that more content is covered, not less, as students explore and assess content versus memorization.

As shown in the Appendix, Example #10, Chapter 18: “Managing Financial Risk,” is a good illustration of more coverage. The TL approach gives an example of the trade-offs, costs, and benefits of hedging with futures contracts, often start- ing with a simple natural hedge. Here, the student records the respective payoffs to long and short positions when prices change. Students memorize the transactions and expect to replicate the steps with different numbers, and maybe even a dif- ferent futures contract for a challenging TL course. With LCT, students first view a short video about futures markets (www.cmegroup.com/), and then review the listing of available futures contracts, selected quotes, and specifications. LCT sce- narios in which futures contracts could be applied quite often begin with weather futures, as students’ curiosity is awakened when they imagine rain, snow, and tor- nadoes, not the TL farmer and cereal producer with corn futures. With LCT, stu- dents first suggest, appraise, and associate scenarios with futures contracts, and then calculate payoffs given the contract specifications. As noted previously, the LCT teacher needs to be prepared to assist with any futures calculation.

A second example in the Appendix of expanded content is Example #13, Chapter 23: “Academic Research on Enterprise Risk Management.” In a TL course, students would memorize the articles and the findings of each, with the goal of restating the findings on an exam. With LCT, critiquing, appraising, and theorizing often lead to discussions of hypotheses. For example, why is there an expected rela- tionship between ERM and “organizational slack” or “asset opacity” (Fraser and Simkins 2010, p. 426)? This level of hypothetical discussion is considerably beyond “Who found what?”

The Role of the Teacher

Perhaps the most difficult change in moving to LCT for a teacher accustomed to the TL is that lectures are replaced with individual student learning, small group discussions, or other group activities. The teacher’s role is that of a moderator, tour guide, and/or facilitator of learning. This role is a necessary part of LCT, not an option; the teacher “must move aside, often and regularly” (Weimer 2002, p. 74).

Serving as guide extends to after groups (or individuals) report their sugges- tions, hypotheses, comments, explorations, or computations. It is very tempting to return to the TL, the “sage on the stage,” with corrections, conclusions, or examples. A moderator or facilitator would ask: Was your group in agreement? What issues did you differ on? What do you believe is the lesson here, the point to be learned? Does anyone else have a different solution or computation?

Granted, the teacher’s workload may be more, not less. We often prepare, or receive with the textbook, a series of very structured lecture slides, “talking PowerPoints,” demonstrating what and how much we know about the topic. Our thorough, insightful, wise lecture is interrupted only by the proverbial

http://www.cmegroup.com/

24 Implementing Enterprise Risk Management

unanswered inquiries of: Does anyone have any questions? Is this clear? Do you understand?

It is quite another task to be able to guide constructive explorative reasoning and learning. It is not that LCT is without structure; it is that the LCT learning struc- ture is flexible, fluctuating, adjustable, and often unpredictable. Weimer (2002, pp. 83–91) offers the following seven principles:

1. Teachers do learning tasks less. 2. Teachers do less telling; students do more discovering. 3. Teachers do more design work. 4. Faculty do more modeling. 5. Faculty do more to get students learning from and with each other. 6. Faculty work to create climates for learning. 7. Faculty do more with feedback.

The “Useful Facilitation Tips” for running a risk management workshop (Fraser and Simkins 2010, p. 169) may serve a dual purpose as student content and LCT advice:

� Inquire. Ask open-ended questions, such as “Why?” Ask participants to speak not just on behalf of themselves but about what they think others might be thinking. Ask for the contrary view: “What are some of the argu- ments against this?” Ask for evidence: “How do you know?”

� Restate. Summarize or paraphrase what you have just heard. Summarize the key points and then ask someone to add to them or comment on them or contradict them.

� Provoke. State extreme views that you might have heard or imagined on the subject under discussion. Encourage healthy debate.

� Use silence. After asking a question that gets no immediate response, it is extremely tempting to fill the silence by talking more or restating the ques- tion. Don’t. Wait through the silence. If you wait long enough, someone will speak.

� Get out of the way. If a good animated discussion starts to happen that is directly on topic and there is available time, try to “blend in with the fur- niture.” Walk to the side of the room or sit down. Let the students run with it. Wait for the discussion to peter out or drift off topic before again making your presence felt.

� Don’t overexplain. The authors’ experience is that the more participation (and less explanation or lecturing) there is in a workshop agenda, the more engaged the participants will be. Avoid lengthy descriptions of the steps to be taken or the underlying theory. Tell them the bare bones of what they need to do for the next step in the process, and then let them learn by doing.

The Responsibility for Learning

Teachers remain responsible for creating a learning environment, but students take responsibility for learning (Weimer 2002). Many of the example questions, exercises, and activities provided in the appendix were created by students in the

AN INNOVATIVE METHOD TO TEACHING ENTERPRISE RISK MANAGEMENT 25

ERM course. Students on a rotating basis provide discussion questions and serve as small group moderators. Student small group moderators are encouraged to have every student engage in the discussion process, limiting individual students who may try to dominate, and motivating timid students. Engaged students accept the linkage between their actions and learning. Misbehavior is better corrected by peers who see that learning is being prevented than by teacher retribution.

Students are also responsible for contributing to course content, further engag- ing their interest and ownership of the responsibility for learning. For example, in the Appendix, the tornado incident at the truck yard in LCT Example #6, Chapter 13: “Quantitative Risk Assessment in ERM,” was found by a student. The student was delighted to share the discovered risk example, as other students accepted a challenge to find additional videos of the incident or similar catastrophic events. The whistle-blowing websites and information in LCT Example #12, Chapter 20: “Legal Risk Post-SOX and the Subprime Fiasco,” were also found by students. The content served as a basis for spirited group discussions on whistle-blowing. Con- sider the benefit of 30 students searching and exploring the web for current content versus the teacher presenting a few selected sites in a TL. Avoid the classic student statement, “That seems like a good example, but I cannot quite relate to it. It was before I was born.”

Evaluation Purpose and Process

It reasonably follows that LCT also results in a change in evaluation procedures, essentially orienting the evaluation process to promote learning. LCT does not reduce the importance of evaluations and the structural value of course grades. LCT does alter the focus of evaluations to learning, as grades do not necessarily reflect the desired higher-level learning, especially if exams only measure recall and rote memorization of base knowledge.

It is not a straightforward change for evaluations to emphasize learning. Accordingly, Weimer (2002) considers the opportunities in greater detail:

� As a foundation to reduce the stakes and stress of the exam, provide review sessions, make sure exams reflect covered content, offer multiple opportu- nities, or have exams taken as a group.

� For papers, suggest appropriate paper topics, and clearly state academic cov- erage expectations.

� Develop participation through both self and peer assessment. � Utilize review sessions at the end of classes and prior to exams as learning

exercises, allowing groups to summarize important content and topics that are expected to be on the exam.

� Avoid returning to the TL in the review, however tempting and accidentally reverted to it may be.

� Continue LCT into the postexam review by encouraging students to sup- port answers they argue are correct, citing content or their reasoning pro- cess. How often, when a student states that answer C seems to be correct, we respond with “Sorry, B is the only correct answer.” Imagine the different response of “Why do you think C is correct?” Place the emphasis on learning, and we may sometimes discover that answer C may also be correct.

26 Implementing Enterprise Risk Management

CONCLUSION Overall, movement toward LCT may not be as large a pedagogical change as one may be concerned about, and case study teaching is a type of LCT. The goals of the TL generally rely on Bloom’s (1956) original taxonomy or Anderson and Krath- wohl’s (2001) meta cognitive revision—striving for evaluation and synthesis. Pro- grams to improve critical thinking and active learning through writing (Bean 2011) also cite Bloom’s taxonomy. So the TL and LCT approaches both have the desired educational cognitive learning theory goals of evaluation and synthesis.

Top-down instruction and hands-on methods of learning have been around for some time, emphasizing why, what, and then how. This pedagogy has included preparing students for learning, activating relevant knowledge, gaining students’ attention, aids to understanding, promoting meaningful processing, and direct- ing and maintaining attention (Steinberg 1991). In essence, when evaluation and synthesis are achieved, students know the why and the what, which leads to how. Knowing only how, including knowledge, comprehension, and application, does not necessarily lead to evaluation and synthesis.

If we want to increase student engagement, strengthen team skills, and use content for learning rather than covering content for recall, LCT offers pedagogical advantages over the TL.

We want students to examine, explore, study, associate, assess, appraise, review, comment, speculate, theorize, postulate, offer, imagine, assume, suggest, and hypothesize. Observing student success is extremely rewarding and encouraging, good reasons to create a learner-centered environment versus a teacher-dominated lecture.

QUESTIONS 1. Which of Maryellen Weimer’s classic Learner Centered Teaching (2002), “Five Key Changes

to Practice” do you feel is the most important and/or challenging? Why? (a) The Balance of Power (b) The Function of Content (c) The Role of the Teacher (d) The Responsibility for Learning (e) Evaluation Purpose and Process

2. Given the importance of globalization, how would you approach adopting LCT even if it is counter to your student’s cultural behavior?

3. What techniques and/or guidelines do you envision to change your role as a teacher, to “step out of the way” of learning and serve as a moderator, not a “sage on the stage” or lecturer?

4. How do you plan to introduce and orient your students to LCT? Do you have specific concerns about student response and their acceptance of responsibility for learning?

APPENDIX: LCT ERM EXAMPLES FROM THE HOW This appendix provides several LCT examples along with the related TL alterna- tives for an ERM course that has been conducted at Auburn University Mont- gomery (Alabama) since 2010. All examples and page number references apply to Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomor- row’s Executives, co-edited by John Fraser and Betty J. Simkins (2010). Learning

AN INNOVATIVE METHOD TO TEACHING ENTERPRISE RISK MANAGEMENT 27

notes (LN) include pedagogical suggestions and course experiences. The follow- ing LCT examples are generally small group discussions, but LCT often includes reading assignments or problems that may be done prior to the actual class meeting (Shibley and Wilson 2012). In each example, TL begins with the traditional teacher lecture on the topic (such as using PowerPoint slides to speak to the students and cover the material, etc.). LCT starts with the students.

While reviewing the examples, imagine the possible implications of Weimer’s (2002) “Five Key Changes to Practice” described in this chapter where the process has been flipped. Most importantly, notice how content is covered but not in a tra- ditional lecture context where the teacher presents the information. Rather, content is used as a means of learning. Additional examples of LCT for business communi- cation courses are contained in Smart, Witt, and Scott (2012). Wright (2011) offers an insightful pedagogical literature review of Weimer’s “Five Key Changes to Practice.”

Example #1. Chapter 2: A Brief History of Risk Management

TL: Risk management “spans the millennia of human history” (page 19). Cover the list of significant milestones in a series of PowerPoint slides and explain the contribution of each to the development of ERM.

LCT: Review the List of Contributions (pages 22–27) and suggest the three most significant milestones in the development of ERM. Comment on why your group chose these milestones. Was the group generally in agreement? If not, what were the other selected milestones?

LN: Groups generally differ on the top three milestones, usually based on dif- ferent themes: economic events, creation of professional organizations, contributions and development of risk management theory, or possibly legislative actions. The list of significant milestones small group exercise provides an early and substantial insight into LCT. Rather than memorize, recall, and explain, the students are asked to review, suggest, and comment—all higher levels of Bloom’s Cognitive Learning Taxonomy. It is most rewarding to see stu- dents argue about the top three, supporting their choices by associating or assessing the impact of milestones on the development of risk manage- ment. There may not even be a top three, and even if there is, the teacher has a postgroup selection opportunity to guide the discussion or note the differences in theme the groups selected.

Example #2. Chapter 3: ERM and Its Role in Strategic Planning and Strategy Execution

TL: Cover the List of 11 Tenets of the Return-Driven Framework (pages 37–38). LCT: Appraise the list of risk categories for the greatest risk (pages 41–42).

� Shareholder value risk � Financial reporting risk � Governance risk

28 Implementing Enterprise Risk Management

� Customer and market risk � Operations risk � Innovation risk � Brand risk � Partnering risk � Supply chain risk � Employee engagement risk � Research and development (R&D) risk � Communication risk

LN: The textbook presentation states that “the framework encourages think- ing about these risk categories” (page 41). With LCT, students should be encouraged to do so, and in the learning process incorporate the 11 tenets.

TL: A “genuine asset” is . . . (page 38). LCT: Create a list of “genuine assets” for a company of your choice. LN: A simple create exercise includes recognize, apprehend, and determine. The

teacher may facilitate clarifications and corrections by guiding subsequent classroom discussion in examining, critiquing, and exploring the different lists of “genuine assets.”

Example #3. Chapter 5: Becoming the Lamp Bearer—The Emerging Roles of the Chief Risk Officer

TL: The chief risk officer has four major roles: (1) compliance champion, (2) modeling expert, (3) strategic controller, and (4) strategic adviser. In the first role . . . (pages 75–81).

LCT: Reviewing Exhibit 5.1 (page 80), distinguish the roles of strategic controller and adviser. Postulate which role of the chief risk officer is the most important.

LN: Postulating requires memorization, comprehension, distinguishing, and appraisal.

Example #4. Chapter 8: Identifying and Communicating Key Risk Indicators

TL: Key risk indicators are an ERM tool that . . . (page 129). LCT: Distinguish key risk indicators from key performance indicators.

Suggest the key risk indicator practical applications that are most impor- tant to achieve the organizational strategy of the company you work for, a company chosen by your group, or the university.

LN: The facilitator role is often needed on this topic, as key risk indicators may be confused with or closely aligned with key performance indicators.

Example #5. Chapter 11: How to Prepare a Risk Profile

TL: The Risk Map is a graphic representation of a Risk Profile and in this case contains eight risks (page 173). The first risk is . . .

AN INNOVATIVE METHOD TO TEACHING ENTERPRISE RISK MANAGEMENT 29

There are eight steps to create a Risk Profile (pages 177–186). Step 1: Schedule interviews and gather background information. Step 2: Prepare the interview tools. Step 3: Summarize the interview findings. Step 4: Summarize the risk ratings and trends. Step 5: Draft the Top 10 Risk Profile. Step 6: Review the Draft Risk Profile. Step 7: Communicate the Risk Profile with the board or a board

3. Read chapter 6 and 9 carefully for the complete understandings

Networking Essentials.

Intro To Data Mining

Investigation Report

ERM Adoption And Implementation In The Higher Education

Experience

Our mission

Latest Posts

Talk to us...