Copywriting Essay Example | Topics and Well Written Essays - 750 words

Copywriting - Essay Example Advertising in all its forms adds much to the quality of the product and the result of its production. Different mediums also make special demands as to the form and content of the advertising copy. In the following survey three kinds of advertising materials will be observed. All of them belong to the same company, producing online, shareware and CD games for PC, PDA and smartphones. These materials are as follows: a newsletter with the advertising of a new game, a printed advertisement of a new CD released and a banner as the sample of online advertising.It is necessary to observe the main tips that a copywriter needs to observe while writing this or that kind of material. The first item to be examined is a newsletter that is delivered to the user by mail. The main points that are to be considered mostly concern the form of the future writing. The heading should be informative and brief. It should contain the information that would grab a customer's attention and make him read furt her. (Hallahan) The best of all would be to indicate the benefit which would be available for the customer with the help of the product advertised.Of course, creativeness and figurativeness are welcome, as they add emotional element. Surely, headline may also implement other idea – it may be intriguing, but not obscure, or it may contain some underlying theme, but this should be clear enough to be understood by any customer.(Hallahan) The newsletter we observe starts with the headline "Bubble Obsession marches into battle". It may seem unclear and senseless at first sight, but some clarification will be helpful. This newsletter is delivered to the existing clients of the company, not to the potential customers to engage them to buy a new version of an old product, a "Bubble Shooter" game, so they know what it is going about and they are getting informed that the following text will tell them about new features of an old product. In case this text is seen by a person who didn' t see the previous release, he is likely to be intrigued and to proceed reading. The other guideline advices to enumerate the most outstanding features of the product, and put them as a list of be clear and brief points, like, for instance the point "user profiles with photos of each player" in the letter we observe. The only one remark that can be referred to the point is that it is more preferable to describe a feature from the point of view of the benefit the customer would gain, rather than the feature of the product. (Hallahan) So, the point cited from the letter is to sound like "you may now create and save your profile with photo". As far as the body is concerned, it should be divided into several passages, each of them describing the features that are listed above. Here is the sample passage: "Your whole family is sure to get involved into endless hours of playing. Due to the possibility of creating player profiles, everyone's game and settings are saved separately. Here you may create your profile with the photo, your own one or one of those included into the game." The other necessary point to be followed refers to the style of the writing. It should be written in short sentences, with easy words. Active voice and present tense are also preferable. Of course, it is necessary to watch punctuation and grammar. (Hallahan) Those requirements are fulfilled in the writing: "Flexible 3D graphical effects make the game really live and breathing. You may adjust the effects fully to your taste and computer." The second copy to be examined is printed advertising. Printed ad should contain headline, subtitle, body, signature, mandatory, illustration. Subtitle elaborates the headline, giving more information, signature contains the name or logo of the company, mandatory includes terms and conditions and illustration may contain graphics. (Marcus) This copy contains all of these elements. Here is the example of the subtitle: "Our company wishes you and your families Merry Christmas and Happy holidays! We present to you our Christmas gift -

South Street Seaport Essay Example for Free

South Street Seaport Essay 1. Coffee Beans are crushed into small pieces, water is added to it and the mixture is heated over a flame. What do you think would happen to the coffee beans as it interacts with the water? Explain your prediction I think the heating of the water and coffee beans would cause the water to turn a light brown color because this process is most likely removing some kind of excess substance from the surface of the coffee beans. This happens because of the rising temperature o the mixture being heated over a flame. 2. What would happen to the water if instead of coffee beans, strips o seaweed were used? Explain your prediction. I think that instead of the liquid turning a light brown color, it would turn to a light green or light yellow color because the heating is removing a different substance off of the surface of the seaweed than it is from the surface of the coffee beans. 3. Define the following terms: Decant to draw off (a liquid) without disturbing the sediment or the lower liquid layers Filtrate fluid that has passed through a filter Extract the part of a complex organic material that is soluble in ether and consists chiefly of fats and fatty acids Precipitate a substance separated from a solution or suspension by chemical or physical change usually as an insoluble amorphous or crystalline solid Tincture a solution of a medicinal substance in an alcoholic solvent Observations : Equipment : Dried Seaweed in  ½ pieces (Laminara Kelp)Bunsen Burner 150 ml beakerMedium Ring for Ringstand Weight scaleMatches Distilled waterWire gauze 50 ml cylinderEvaporating dish FunnelFilter Paper RingstandWash Bottle Glass stirring rodTincture of Iodine Mineral OilSilver Nitrate Iodine CrystalsSmall Test tubes The first thing we had to do was fill a 150 ml beaker with 6 grams of dried seaweed, which we had to approximate on a weight scale. The amount of seaweed we used approximated 6.02 grams. Then, we included some distilled water and stirred the mixture with a stirring rod until the water turned a dirty yellow color. We then poured out only the water from the beaker and refilled it with distilled water. Then, we had to set up the Bunsen burner to a smaller flame to heat the mixture gently. While heating, the water in the mixture turned a dark green. We heated the mixture for approximately 5 minutes. Then, we had to filtrate the mixture. We placed a piece of filter paper onto the inside of the funnel, having it stick to the side by squirting some water from the wash bottle. We set this up over an evaporating dish, in which the filtrate is supposed to fall into. Our filtrate came out to be 3ml, and the color was a pale yellow-green. We put this into a 50 ml beaker and placed three pieces of iodine crystals in. We crushed these crystals in with the mixture with a stirring rod. Then, it was time to test the results. In three test tubes, we poured in one third of our home-made mixture in each test tube. In another three test tubes, we poured in the standard Tincture of Iodine, which contains iodine, iodide ion, and triiodide ion. To test for iodine, we placed 20 drops of mineral oil in one of the test tubes of standard tincture and we also placed 20 drops into our homemade tincture. If there is in fact iodine, the mixture should change into a pink or purple color. To test for iodide ion, we placed 20 drops of 0.1 silver nitrate into the standard tincture and 20 drops of 0.1 silver nitrate into our homemade tincture. If there is in fact iodide ion, the mixture should become a very foggy pale yellow color. The test for triiodide was a visual inspection. In minutes, if the mixture will turn into a brown color, then triiodide exists in the mixture. Tabulated Results : Test for .. Standard Tincture of Iodine Homemade Tincture Iodine Positive Positive Iodide ion Positive Positive Triiodide Positive Poisitive Focus Questions 1. How can I make a pharmaceutical product from seaweed? We can produce a pharmaceutical product from seaweed by creating a mixture with seaweed in water, heating the extract from the mixture of seaweed and water, then finally extracting the product from the water. 2. Can a single substance be isolated from a mixture (i.e. seaweed)? What is that substance? Yes, by the process o extraction, filtration, and evaporation. The substance is tincture of iodide, used to clean and infect wounds. Confidence Report I am confident that the data collected in this lab is â€Å"good data†. This was quite a simple lab with not many steps and no complex material samples and few containers required. Because this lab was not very complex, that means there is a very low possibility of mistakes. It also means there is a very low possibility of outside elements affecting the equipment. Samples: We believe that the samples provided by the laboratory such as the seaweed, iodine, silver nitrate, and mineral oil were clean and untouched. We observed the characteristics of the mixture we prepared and observed through testing and concurred that nothing indicated that bad samples were provided. Our testing samples also provided us proper chemical interactions. Measurements: All measurements were made certain by everyone in the group. This helped to ensure accuracy. Observations: Since we also tested control substances along with testing our mixture, we were able to observe what the proper results should look like. Therefore, there should be no mistakes from the observations from testing our homemade mixture. After reviewing  at the possible potential areas for error, I am confident that we had good data and produced good results.

Impact of e-commerce

Impact of e-commerce E-commerce is the process of managing online financial transactions by individuals and companies. This includes business-to-business (B2B), business-to-consumer (B2C) and business-to-government (B2G) transactions. The focus of e-commerce is on the systems and procedures whereby financial documents and information of all types are exchanged. This includes online credit card transactions, e-cash, e-billing, e-cheques, electronic invoices, purchase order and financial statements. E-commerce is particularly concerned with the technologies that enable EDI-type functionality on the Internet. To be done an internationally agreed working definition of e-commerce it was accepted the need for three dimensions to be spelt out as part of the definition process. These dimensions relate to the: Networks over which the relevant activities are carried out; Processes that ought to be included within the general domain of electronic commerce; and Actors involved in the transactions. Networks are specified through broad and narrow definitions. The broad definition considers an electronic transaction to be the sale or purchase of goods or services, whether between businesses, households, individuals, Governments, and other public or private organizations, conducted over computer mediated networks. The goods and services are ordered over those networks, but the payment and the ultimate delivery of the good or service may be conducted on- or offline. The narrow definition considers an Internet transaction to be the sale or purchase of goods or services, whether between businesses, households, individuals, Governments, and other public or private organizations, conducted over the Internet. The goods and services are ordered over the Internet, but the payment and the ultimate delivery of the good or service may be conducted on-or offline. Concerning the processes that ought to be included many countries want to restrict the definition to the purchasing and selling aspect incorporated in the above definitions, many others want to include other types of business processes, such as marketing and advertising. Developing countries will also favour a definition that includes business activities that go beyond purchasing and selling, given the restrictions that some of those countries face in conducting online payments. E-commerce is often described as being one of three varieties business-to-business (B2B), business-to-consumer (B2C) or business-to-government (B2G). Much of the interest and the literature has focused on B2B and B2C electronic commerce and most of the statistical indicators have also been in respect of these two forms. About 80 per cent of the total value of electronic commerce in the world today are accounted for by B2B e-commerce. It provides also the greatest potential benefits in terms of productivity gains. B2C e-commerce has the potential to substantially affect the way in which people live and interact with each other and is therefore a key aspect for statistical measurement. Only a small number of countries have so far undertaken much work with respect to the measurement of B2G e-commerce. E-commerce today is very much a business-to business affair. Enterprises in developing countries should not let themselves be fooled by the much higher visibility of the business-to-consumer dotcoms. Those enterprises in developing countries that make goods or deliver services that are necessary for the productive process of other enterprises are the ones that should first consider incorporating the Internet (which does not necessary mean the web) as an instrument to enhance their opportunities to complete and grow. Due to the lack of reliable and internationally comparable e-commerce statistics, numerous national statistical offices have started to collect data on e-commerce and, generally, the use of ICT and the Internet. They have the advantage of guaranteeing the confidentiality of the collected data, having a more neutral position when it comes to collecting and interpreting the data and being able to use their existing methodologies and infrastructure for data collection, processing and analysis. Some countries are already benefiting from the results: they are now in a position to benchmark their economies with competitors internationally; they are able to identify the number of qualified people needed to advance their countrys information economy or to calculate the amount of investments needed to provide business with access to the Internet. There are several important steps involved in collecting e-commerce-related data. First, a country needs to decide what kind of data it wants to measure, reflecting the level of its e-commerce activity. Most developing countries would be probably focus on collecting readiness indicators, such as the number of businesses with computers and access to the Internet, and intensity indicators, such as the number of businesses the receive orders over the Internet and the value of those orders. But how does one define these indicators? The member States of the Organization for Economic Co-operation and Development (OECD) have agreed on the above-mentioned working definition of e-commerce that could be used in the measuring process. The definition includes the network over which e-commerce is carried out (Internet or other), the specific business processes related to e-commerce and the different actors involved (business, households or Governments). On the basis of this definition, a set of priority indicators for e-commerce has been established by a number of internationa l and national bodies. Examining the e-commerce important question is what impact ICT and the Internet have had on the productivity growth. It reduces transaction costs; allocates recourses better; increases economies of scale; improves the competitiveness of business in general; increases efficiency; generates important changes in the management and production processes of business. Acceleration of the growth of productivity is notified but the reason for this is rather controversial. However the UNCTAD secretariat agrees that there are reasons to believe that much of the acceleration of productivity growth is structural and attributable to changes induced by ICT and the Internet, through improvements in all aspects of corporate organization, production, finance, marketing and logistics. Although the speed at which companies in several advanced countries invest in ICT has decreased in the past few months, in the medium term there are several reasons to expect that ICT will continue to support rapid productivity growth. First, the cost of computing power is predicted to keep falling at a steep rate for several years. Secondly, most enterprises are still learning how to reorganize themselves in order to benefit fully from the Internet. Finally, in many countries there is a lot of catching up to do in the application of ICT to business. As firms in other developed economies and, most importantly, in developing countries engage in e-business, global productivity growth should accelerate. We should have a look at the process of moving from traditional to online payment. Online versions of nearly all-existing payment methods are appearing rapidly. Conventional financial instruments with online analogues include cash, money orders, giro transfer, cheques, drafts, notes and bills of exchange. The existing modes of third-party protection against the risks of non-payment and non-performance, including documentary credit, credit insurance, bonding, factoring and forfeiting, are also rapidly developing their online equivalents. The same applies to wholesale payment systems, including so-called automated clearing house (ACH) networks, wire transfers for large-volume payments and interbank payments networks. Credit and debit cards are principal payments instrument in B2B and B2C e-commerce. The move from cards with magnetic strips to smart cards with multifunctional chips that include security features is the next Internet-centered stage in the development of the payments cards industry. In parallel, Internet technologies to provide security in online payments have been evolving. Still the most widely accepted standard, is the Secure Socket Layer (SSL), a set of built-in browser protocols designed initially by Netscape to protect card-based financial transactions on the Internet. A more secure and complex bank-centered Secure Electronic Transactions (SET) software is being used more and more by online payments providers. In the field of Internet banking ACH debits and credits, as well as domestic and international wire transfers became possible with systems such as the Bank Internet Payment System (BIPS). The Society for Worldwide Inter-Bank Financial Telecommunications (SWIFT) also started its move to the open Internet platform. Banks and financial services companies in the developing countries will need to adopt online payment systems and practices that will meet their clients new needs arising from a shift to e-commerce. They will need to adopt systems that address the key issue of concern to users, namely security, confidentiality, identification of sellers and buyers, verification of buyers solvency guarantee of delivery. To obtain e-trade finance and equity investment, companies from developing countries need to be registered in local, regional and global Internet-based commercial risk database. For that, company registries, public courts, accountancy and audit, and other business-related services should undergo substantial enhancements. Non-bank financial services such as credit information, credit insurance, factoring and leasing should develop. Local banks should adapt to e-banking and move online their customer credit risk databases, and their individual and corporate customer payment services and financing, including trade finance instruments. Tourism and its Internet incarnation, often called etourism, is regularly cited as one of the fastest growing e-commerce sectors. Considering the importance of the tourism economy for Bulgaria and many other developing countries, and in particular its role as an employer and earner of foreign currency, the need to maintain and increase competitiveness through adopting e-commerce best practice is acute. The main actors in the tourism industry include Governments, tour operators, distributors and wholesalers, hotels, airlines and other transport operators, and most important of all, the tourists themselves. Each of these actors has a stake in the development of the electronic market and will be affected in different ways by electronic commerce. Tourism is an interesting sector for appreciating the potential of electronic commerce for the economies of developing countries in several respects. Tourism is a sector in which a significant number of developing countries have established competitive advantages over the years and it has remained largely a traditional service activity in which, until recently, buyers, sellers and intermediaries were well defined. Tourism producers and destination organizations in developing countries that adopt the Internet and e-commerce best practice have a chance to improve their competitiveness by producing better products, with greater tailoring to clients, more efficiently, faster to market with less waste and fewer inputs, and at better prices. Infomediaries in developing countries should develop their e-business strategy having in mind the technical capacities of their national or regional tourism producers for using Internet technologies. Solutions must be appropriate for both consumers and producers. The fundamental challenge is to take the traditional tourism product, delineate its information from its physical components, and selectively manage them using Internet and e-commerce technologies. The winner in the competitive etourism game will be the company that inspires consumer confidence, through quality data and physical product performance, and is able to offer a comprehensive yet tailor-made product. While Internet and e-commerce technologies offer unprecedented possibilities for interactivity and dialogue, traditional surveying and gauging tools estimating customer preferences and satisfaction are still very relevant. Footwork and face-to-face interviewing may be a necessary starting point for building a B2B network or business web. Market research, whatever the technology or even without technology, is a hugely important activity. A fundamental factor for success is to speak the language of the prospective customers. A successful etourism strategy must assess the linguistic origins of its major client groups and replicate Internet content in their languages. Understanding their Internet habits and ways of learning, openness to on-line dialogue and attitudes towards privacy, as well as the underlying legal system. Online payment facilities for retail clients using credit cards are an absolutely fundamental business toll that must be made available to the national tourism sector. Destination marketing organizations (DMOs), be they government bodies or business associations, can favourably contribute to modernizing the tourism industries of developing countries. DMOs can provide a voice to the fragmented industry producers in promoting their requests to the financial authorities and banks to provide them with online payment. When online payment is in place DMOs may, on behalf of the entire tourism industry, negotiate with domestic banks better terms and conditions for online payment than particular tourism companies would manage on their own. DMOs may be instrumental in informing their tourism industry about secure transactions and risk management techniques. Most of the above actions cannot be implemented without empowering and enabling people to take advantage of new Internet and e-commerce technologies. E-commerce and Internet technology can improve communication and can make doing business easier. The ability of people at both ends of the message or transaction to use these technologies is a precondition for their wide adoption and impact. In conclusion, it is expected that in the few years the productivity gap between the European countries and the United States (leader in e-commerce activities) will close rapidly as European productivity growth increases faster than that of the United States. This process is known as convergence in productivity. Convergence in productivity takes place when the countries that lag behind the technological frontier grow more rapidly in productivity than the leading countries. The same could be true for developing countries, with a reasonable degree of readiness. The impact of e-commerce on developing countries could be even stronger than that on developed countries because the scope for reducing inefficiencies and increasing productivity is much larger in the developing countries. To summarize, by cutting costs, increasing efficiency and reducing time and distance, e-commerce could become an important tool for development. Impact of E-Commerce Impact of E-Commerce Jay Kybert   As the retail industry develops, more services are introduced to entice customers to use their shops. There are varieties of services that are being used by companies to attract attention and make it easier for customers to use their websites, in the hope of increased revenue. Services like Next-Day Delivery tempt customers to purchase their item sooner, since it will arrive the following day. This makes increased profits for the company by charging for the service. These services essentially persuade the customer to buy the product at a higher price but with (usually) a faster delivery, tracked item, etc. Since E-Commerce is becoming increasingly popular, traditional retail businesses are losing money since fewer customers shop in stores. Larger companies have the resources and money to create optimised websites that allow their customers to shop on the internet. This leads to a negative economic impact for smaller businesses but, as an entire society, a richer economy as there are new ways to shop. Also, socially, fewer people will be shopping in stores. This could lead to retail shops closing from a lack of revenue, especially in smaller businesses that cannot support themselves with a lack of funds. Bricks and Clicks is a new approach to commerce in its entirety. The name Bricks and Clicks refers to physical retail stores (Bricks) and online shopping (Clicks). As E-Commerce grew in popularity, businesses realised they can make a greater profit from online shopping; this is called Bricks and Clicks because they have both physical stores as well as an online store. There are benefits and drawbacks to both approaches (Physical vs Digital), but having both increases the range of the potential audience. This is because physical stores may attract people who are simply walking past the shop or people who are regular customers. Having a digital store on top of this targets (potentially) every person with an internet connection. Companies can increase traffic to their website by advertisements on popular websites, directly increasing awareness of the brand. One of the main benefits for customers using E-Commerce is the availability. Physically shopping requires going to the nearest shopping centre, looking for the specific shop and finding the wanted item within it. Online shopping provides an easy alternative available whenever. Being able to access the website whenever (unless it is down for maintenance) makes it easier for anyone wanting to buy a specific item, as they dont have to consider the closing time for the shop. In addition, people who have unusual work hours at their job may struggle with physical stores as they close in the evening. Therefore, having the option to buy from a store whenever using the internet provides an easier alternative. Online shopping isnt perfect; there are problems with the financial side, especially whether companies can be trusted. After a customer enters their information (Name, address, credit/debit card, etc.) the company has a responsibility to protect that information from unauthorised sources, the most common being hackers. There is always the possibility, and it has occurred, that major corporations have been hacked and their customers information has been released to the public or sold. However, as hacking becomes increasingly common, internet security is improved to prevent it. Internet shoppers shouldnt just worry about the website being untrustworthy, malware and other viruses could steal the information from the computer, the most common being a Keylogger. As the name suggests, it is either a physical hardware component installed into the computer or a program that logs all of the keystrokes on the computer. This is one way that information can be stolen not directly from the websit e. E-Commerce has, and will continue, to have an effect on employment. If people start to only shop online, store workers may lose their jobs because of financial difficulties. However, delivery services will have to hire more employees to keep up with the demand of online shopping. In addition, since companies require websites for online shopping, website developers, network administrators and a variety of server-related jobs are needed. Therefore, people working in retail stores may lose their jobs if people continue to isolate themselves from physical shopping and choose online shopping. However, more job opportunities open up relating to technology. The social divide is becoming more important as technology progresses. People with little income focus on essentials before purchasing luxuries. Therefore, it would be difficult for people with little income to purchase a computer or another electronic device capable of online shopping. However, since the majority of people can afford, and use their electronic devices for shopping, companies target these people since they make up the majority. This affects the companys decisions, for instance, they may begin to close down retail stores and instead focus on E-Commerce. This doesnt affect people who have enough disposable income to purchases these devices, but it does affect people with little income. This leads to these people struggling to shop, since they cant afford the platform needed for online shopping. Therefore, leading to a social divide between people with little disposable income and people with greater disposable income.

The Microsoft Antitrust Case Essay -- essays research papers fc

The case against Microsoft was brought buy the U.S. Department of Justice, as well as several state Attorneys General. Microsoft is accused of using and maintaining monopoly power to gain an unfair advantage in the market. The case has been under observation for a long time, but the Justice department is having trouble coming up with substantial evidence against Microsoft. Specifically, the Department must prove:That Microsoft has monopoly power and is using it to gain unfair leverage in the market.And that Microsoft has maintained this monopoly power through "exclusionary" or "predatory" acts(Rule).Some say that Microsoft is only taking advantage of its position in the market and using innovative marketing strategies to attract new customers. They have chosen to implement a market development strategy to attract new customers who are looking for a system that has Internet capability. Microsoft feels that by integrating their Internet Explorer web browser technology into Windows, they are only improving its overall functionality available to the customer. Microsoft began expanding into the browser area because of increasing threat from Netscape and Java. Java is the programming language used to make Netscape. Programs that are written in Java can work on any PC, whether it has Windows on it or not. That is why there is a great threat to the Windows environment. The more Netscape is used, the more other vendors will begin writing Netscape compliant programs and the more Java will be used, which puts a damper on Windows. So Windows introduced their Internet explorer to combat the increasing Netscape usage. It did not do this to create a monopoly, but to protect itself. If people realize that Java programs can be run on ANY PC, then they will realize that they do not need to buy Windows. Some say that Microsoft began it's "illegal" agenda when it began requiring PC manufacturers to sign a license agreement that said that if they were going to have Windows preinstalled on their new systems, that the Windows Internet Explorer must also be installed. Although it is possible for consumers to install other browsers onto Windows and use them, critics say that Microsoft still has an unfair advantage. It also keeps other browser companies from being able to consult with PC manufacturers to put their browser on the PC from the beginn... ...nies, server companies, and just about any other company that has something to do with a computer. Microsoft knows that it has the dominant operating system on the market right now and every software company, ISP, etc, wants to be part of it. If they are not, then they are likely to go under. The more and more companies that join Microsoft, the more and more Microsoft's monopoly power will grow. Pretty soon, Microsoft will own 100% of the market not only in browsers, but I believe in many other areas, such as software production and distribution and even what kind of computer, its hardware, etc, that can run Windows. I do not believe that Microsoft's monopoly agenda solely contains their "browser war", but that it extends to a much higher scale. Works CitedWeb Sites:<a href="http://www.mindspring.com/~dmataconis/microsoft.htm#Case Resources">http://www.mindspring.com/~dmataconis/microsoft.htm#Case Resources<a href="http://www.mindspring.com/~dmataconis/sherman.txt">http://www.mindspring.com/~dmataconis/sherman.txt<a href="http://www.cnn.com/US/9805/18/federal.complaint/">http://www.cnn.com/US/9805/18/federal.complaint/

An analysis of Information Security Governance in the Universities in Zimbabwe Essay

Abstract The complexity and criticality of information security and its governance demand that it be elevated to the highest organizational levels. Within a university setup, information assets include student and personnel records, health and financial information, research data, teaching and learning materials and all restricted and unrestricted electronic library materials. Security of these information assets is among the highest priorities in terms of risk and liabilities, business continuity, and protection of university reputations. As a critical resource, information must be treated like any other asset essential to the survival and success of the organization. In this paper the writer is going to discuss the need for implementing Information Security Governance within institutions of higher education. Further than that, a discussion on how to best practice Information Security governance within the universities in Zimbabwe followed by an assessment on how far the Zimbabwean universities have implemented Information Security Governance. A combination of questionnaires and interviews is going to be used as a tool to gather data and some recommendations are stated towards the end of the paper. Introduction Governance, as defined by the IT Governance Institute (2003), is the â€Å"set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risks are managed appropriately and verifying that the enterprise’s resources are used responsibly.† Information security governance is the system by which an organization directs and controls information security (adapted from ISO 38500). It specifies the accountability framework and provides oversight to ensure that risks are adequately mitigated as well as ensuring that security strategies are aligned with business and consistent with regulations. To exercise effective enterprise and information security governance, boards and senior executives must have a clear understanding of what to expect from their enterprise’s information security programme. They need to know how to direct  the implementation of an information security programme, how to evaluate their own status with regard to an existing security programme and how to decide the strategy and objectives of an effective security programme (IT Governance Institute, 2006). Stakeholders are becoming more and more concerned about the information security as news of hacking, data theft and other attacks happen more frequently than ever dreamt of. Executive management has been showered with the responsibility of ensuring an organization provides users with secure information systems environment. Information security is not only a technical issue, but a business and governance challenge that involves adequate risk management, reporting and accountability. Effective security requires the active involvement of executives to assess emerging threats and the organization’s response to them (Corporate Governance Task Force, 2004). Furthermore the organizations need to protect themselves against the risks inherent in the use of information systems while simultaneously recognizing the benefits that can accrue from having secure information systems. Peter Drucker (1993) stated: â€Å"The diffusion of technology and the commodification of information transforms the role of information into a resource equal in importance to the traditionally important resources of land, labor and capital.† Thus as dependence on information system increases, the criticality of information security brings with it the need for effective information security governance. Need for Information Security Governance within universities. A key goal of information security is to reduce adverse impacts on the organization to an acceptable level of risk. Information security protects information assets against the risk of loss, operational discontinuity, misuse, unauthorized disclosure, inaccessibility and damage. It also protects against the ever-increasing potential for civil or legal liability that organizations face as a result of information inaccuracy and loss, or the absence of due care in its protection. Information security covers all information processes, physical and electronic, regardless whether they involve people and technology or relationships with trading partners, customers and third parties. Information security addresses information protection, confidentiality, availability and integrity throughout the life cycle of the information and its use within the organization. John P. Pironti (2006) suggested that among many reasons for information security  governance, the most important one is the one concerned with the legal liability, protection of the organization’s reputation and regulatory compliance. With the university setup, all members of the university community are obligated to respect and, in many cases, to protect confidential data. Medical records, student records, certain employment-related records, library use records, attorney-client communications, and certain research and other intellectual property-related records are, subject to limited exceptions, confidential as a matter of law. Many other categories of records, including faculty and other personnel records, and records relating to the university’s business and finances are, as a matter of university policy, treated as confidential. Systems (hardware and software) designed primarily to store confidential records (such as the Financial Information System and Student Information System and all medical records systems) require enhanced security protections and are controlled (strategic) systems to which access is closely monitored. Networks provide connection to records, information, and other networks and also require security protections. The use of university information technology assets in other than a manner and for the purpose of which they were intended represents a misallocation of resources and, possibly, a violation of law. To achieve all this in today’s complex, interconnected world, information security must be addressed at the highest levels of the organization, not regarded as a technical specialty relegated to the IT department. Information security is a top-down process requiring a comprehensive security strategy that is explicitly linked to the organization’s business processes and strategy. Security must address entire organization’s processes, both physical and technical, from end to end. Hence, Information security governance requires senior management commitment, a security-aware culture, promotion of good security practices and compliance with policy. It is easier to buy a solution than to change a culture, but even the most secure system will not achieve a significant degree of security if used by ill-informed, untrained, careless or indifferent personnel (IT Governance Institute, 2006). In an interview the executive director and information security expert on IT Governance and cyber security with the IT Governance and Cyber Security Institute of sub-Saharan Africa, Dr Richard Gwashy Young has this to say â€Å"†¦remember in  Zimbabwe security is regarded as an expense not an investment† (Rutsito, 2012). Benefits of Information Security Governance Good information security governance generates significant benefits, including: The Board of directors taking full responsibility for Information security initiatives Increased predictability and reduced uncertainty of business operations by lowering information security-related risks to definable and acceptable levels Protection from the increasing potential for civil or legal liability as a result of information inaccuracy or the absence of due care. The structure and framework to optimize allocation of limited security resources Assurance of effective information security policy and policy compliance A firm foundation for efficient and effective risk management, process improvement, and rapid incident response related to securing information A level of assurance that critical decisions are not based on faulty information Accountability for safeguarding information during critical business activities. Compliances with local and international regulations will be easier Improved resource management, optimizing knowledge, information security and information technology infrastructure The benefits add significant value to the organization by: Improving trust in customer/client relationships Protecting the organization’s reputation Decreasing likelihood of violations of privacy Providing greater confidence when interacting with trading partners Enabling new and better ways to process electronic transactions like publishing results online and online registration. Reducing operational costs by providing predictable outcomes—mitigating risk factors that may interrupt the process The benefits of good information security are not just a reduction in risk or a reduction in the impact should something go wrong. Good security can improve reputation, confidence and trust from others with whom business is conducted, and can even improve efficiency by avoiding wasted time and effort recovering from a security incident (IT Governance Institute, 2004). Information Security Governance Outcomes Five basic outcomes can be expected to result from developing an effective governance approach to information security: Strategic alignment of information security with institutional objectives Reduction of risk and potential business impacts to an acceptable level Value delivery through the optimization of security investments with institutional objectives Efficient utilization of security investments supporting organization objectives Performance measurement and monitoring to ensure that objectives are met Best practices The National Association of Corporate Directors (2001), recognizes the importance of information security and recommends four essential practices for boards of directors. The four practices, which are based on the practicalities of how boards operate, are: Place information security on the board’s agenda. Identify information security leaders, hold them accountable and ensure support for them. Ensure the effectiveness of the corporation’s information security policy through review and approval. Assign information security to a key committee and ensure adequate support for that committee. It is critical that management ensure that adequate resources are allocated to support the overall enterprise information security strategy (IT Governance Institute, 2006). To achieve effective information security governance, management must establish and maintain a framework to guide the development and maintenance of a comprehensive information security programme. According to Horton, et al (2000), an information security governance framework generally consists of: An information security risk management methodology; A comprehensive security strategy explicitly linked with business and IT objectives; An effective security organizational structure; A security strategy that talks about the value of information both protected and delivered; Security policies that address each aspect of strategy, control and regulation; A complete set of security standards for each policy to ensure that procedures and guidelines comply with policy; Institutionalized monitoring processes to ensure compliance and provide feedback on effectiveness and mitigation of risk; A process to ensure  continued evaluation and update of security policies, standards, procedures and risks. This kind of framework, in turn, provides the basis for the development of a cost-effective information security program me that supports an organization’s goals and provides an acceptable level of predictability for operations by limiting the impacts of adverse events. In his article Kaitano (2010), pointed some characteristics of good corporate governance coupled with good security governance. These include and not limited to: Information security being treated as and organization wide issue and leaders are accountable. Leads to viable Governance, Risk and Compliance(GRC) Milestones It is risk-based and focuses on all aspects of security Proper frameworks and programs have been implemented It is not treated as a cost but a way of doing business Roles, responsibilities and segregation of duties are defined It is addressed and enforced by policy Adequate resources are committed and Staff are aware and trained It is planned, managed, measurable and measured It is reviewed and audited The overall objective of the programme is to provide assurance that information assets are protected in accordance with their value or the risk their compromise poses to an organization. The framework generates a set of activities that supports fulfillment of this objective. Principles for information security within the University In their article titled Information Security Policy: Best Practice Document, Hostland et al (2010) pointed out some guiding principles for information security within a university setup. The following are some of the principles they mentioned: 1. Risk assessment and management The university’s approach to security should be based on risk assessments and should be continuously done and the need for protective measures evaluated. Measures must be evaluated based on the university’s role as an establishment for education and research and with regards to efficiency, cost and practical feasibility. An overall risk assessment of the  information systems should be performed annually. Risk assessments must identify, quantify and prioritize the risks according to relevant criteria for acceptable risks. Risk assessments should be carried out when implementing changes impacting information security. Some recognized methods of assessing risks like ISO/IEC 27005 should be employed. Risk management is to be carried out according to criteria approved by the management at University. Risk assessments must be approved by the management and if a risk assessment reveals unacceptable risks, measures must be implemented to reduce the risk to an acceptable level. 2. Information security policy The Vice Chancellor should ensure that the information security policy, as well as guidelines and standards, are utilized and acted upon. He must also ensure the availability of sufficient training and information material for all users, in order to enable the users to protect the university’s data and information systems. The security policy should be reviewed and updated annually or when necessary, in accordance with principles described in ISO/IEC 27001. However, all important changes to university’s activities, and other external changes related to the threat level, should result in a revision of the policy and the guidelines relevant to the information security. 3. Security organization The Vice Chancellor is responsible for all government contact. The university should appoint CSO (Chief Security Officer). Each department and section should also be responsible for implementing the unit’s information security. The managers of each unit must appoint separate security administrators. The Registrar Academics has the primary responsibility for the information security in connection with the student registry and other student related information. The IT Director has executive responsibility for information security in connection with IT systems and infrastructure. The Operations manager has executive responsibility for information security in connection with structural infrastructure. He also has overall responsibility for quality work, while the operational responsibility is delegated according to the management structure. The Registrar Human Resources also has executive responsibility for information security according to the Personal Data Act and is the controller on a daily basis of the personal information of the  employees. The Registrar Academics and Research Administration have also executive responsibility for research related personal information. University’s information security should be revised on a regular basis, through internal control and at need, with assistance from an external IT auditor. 4. Information security in connection with users of University’s services Prior to employment security responsibility and roles for employees and contractors should be described. A background check is should also be carried out of all appointees to positions at the university according to relevant laws and regulations. A confidentiality agreement should be signed by employees, contractors or others who may gain access to sensitive and/or internal information. IT regulations should be accepted for all employment contracts and for system access for third parties. During employment, the IT regulations for the university’s information security requirements should be in place and the users’ responsibility for complying with these regulations is to be emphasized. The IT regulations should be reviewed regularly with all users and with all new hires. All employees and third party users should receive adequate training and updating regarding the Information security policy and procedures. Breaches of the Information security policy and accompanying guidelines will normally result in sanctions. University’s information, information systems and other assets should only be utilized for their intended purpose. Necessary private usage is permitted. Private IT equipment in the university’s infrastructure may only be connected where explicitly permitted. All other use must be approved in advance by the IT department. On termination or change of employment, the responsibility for termination or change of employment should be clearly defined in a separate routine with relevant circulation forms. The university’s assets should be handed in at the conclusion of the need for the use of these assets. University should change or terminate access rights at termination or change of employment. A routine should be present for handling alumni relationships. Notification on employment termination or change should be carried out through the procedures defined in the personnel system. 5. Information security regarding physical conditions IT equipment and information that require protection should be placed in secure physical areas. Secure areas should have suitable access control to  ensure that only authorized personnel have access. All of the University’s buildings should be secured according to their classification by using adequate security systems, including suitable tracking/logging. Security managers for the various areas of responsibility should ensure that work performed by third parties in secure zones is suitably monitored and documented. All external doors and windows must be closed and locked at the end of the work day. On securing equipment, IT equipment which is very essential for daily activities must be protected against environmental threats (fires, flooding, temperature variations). Information classified as â€Å"sensitive† must not be stored on portable computer equipment (e.g. laptops, cell phones, memory sticks). If it is necessary to store this information on portable equipment, the information must be password protected and encrypted in compliance with guidelines from the IT department. During travel, portable computer equipment should be treated as carry-on luggage. Fire drills should also be carried out on a regular basis. 6. IT communications and operations management Purchase and installation of IT equipment and software for IT equipment must be approved by the IT department. The IT department should ensure documentation of the IT systems according to university’s standards. Changes in IT systems should only be implemented if well-founded from a business and security standpoint. The IT department should have emergency procedures in order to minimize the effect of unsuccessful changes to the IT systems. Operational procedures should be documented and the documentation must be updated following all substantial changes. Before a new IT system is put in production, plans and risk assessments should be in place to avoid errors. Additionally, routines for monitoring and managing unforeseen problems should be in place. Duties and responsibilities should be separated in a manner reducing the possibility of unauthorized or unforeseen abuse of the university’s assets. Development, testing and maintenance should be separated from operations in order to reduce the risk of unauthorized access or changes, and in order to reduce the risk of error conditions. On system planning and acceptance, the requirements for information security must be taken into consideration when designing, testing, implementing and upgrading IT systems, as well as during system changes. Routines must be developed for  change management and system development/maintenance. IT systems must be dimensioned according to capacity requirements and the load should be monitored in order to apply upgrades and adjustments in a timely manner as it is especially important for business-critical systems. Written guidelines for access control and passwords based on business and security requirements should be in place. Guidelines should be re-evaluated on a regular basis and should contain password requirements (frequency of change, minimum length, character types which may/must be utilized) and regulate password storage. All users accessing systems must be authenticated according to guidelines and should have unique combinations of usernames and passwords. Users are responsible for any usage of their usernames and passwords. Data Gathering A structured questionnaire adapted and modified from previous questionnaires used by Corporate Governance Task Force, (2004) was used as the main instrument to gather data. Of the total 13 universities in Zimbabwe, 9 managed to participate in this research. The questionnaires were completed by the Executive Dean, IT Director, Operations Manager or Chairperson for the department. Section I: Organizational Reliance on IT The first section was designed to help in determining the institution’s reliance on information technology for business continuity. Table 1: Characteristics of Organization Questions Scores/Frequency 0 1 2 3 4 Dependence on information technology systems and the Internet to conduct academic, research, and outreach programs and offer support services 9 Value of organization’s intellectual property stored or transmitted in electronic form 2 7 The sensitivity of stakeholders (including but not limited to students, faculty, staff, alumni, governing boards, legislators, donors, and funding agencies) to privacy 2 3 4 Level of regulation regarding security (international, federal, state, or local regulations) 1 4 3 1 Does your organization have academic or research programs in a sensitive area that may make you a target of violent physical or cyber attack from any groups? 5 1 2 1 Total score 1 9 6 7 22 Scoring: Very Low = 0; Low = 1; Medium = 2; High = 3; Very High = 4 Section II: Risk Management: This section assesses the risk management process as it relates to creating an information security strategy and program. Table 2: Information Security Risk Assessment Questions Scores/Frequency 0 1 2 3 4 Does your organization have a documented information security program? 2 5 2 Has your organization conducted a risk assessment to identify the key objectives that need to be supported by your information security program? 2 4 3 Has your organization identified critical assets and the functions that rely on them? 2 2 5 Have the information security threats and vulnerabilities associated with each of the critical assets and functions been identified? 2 4 2 1 Has a cost been assigned to the loss of each critical asset or function? 1 3 3 2 Do you have a written information security strategy? 2 4 2 1 Does your written information security strategy include plans that seek to cost-effectively reduce the risks to an acceptable level, with minimal disruptions to operations? 4 2 2 1 Is the strategy reviewed and updated at least annually or more frequently when significant changes require it? 2 3 3 1 Do you have a process in place to monitor federal, state, or international legislation or regulations and determine their applicability to your organization? 2 2 3 2 1 Total 10 16 26 14 16 Scoring: Not Implemented = 0; Planning Stages = 1; Partially Implemented = 2; Close to Completion = 3; Fully Implemented = 4 Section III: People This section assesses the organizational aspects of the information security program. Table 3: Information Security Function/Organization Questions Scores/Frequency 0 1 2 3 4 Do you have a person that has information security as his primary duty, with responsibility for maintaining the security program and ensuring compliance? 4 3 1 1 Do the leaders and staff of your information security organization have the necessary experience and qualifications? 5 2 2 Is responsibility clearly assigned for all areas of the information security architecture, compliance, processes and audits? 3 4 1 1 Do you have an ongoing training program in place to build skills and competencies for information security for members of the information security function? 2 2 3 2 Does the information security function report regularly to institutional leaders and the governing board on the compliance of the institution to and the effectiveness of the information security program and policies? 2 3 3 1 Are the senior officers of the institution ultimately responsible and accountable for the information security program, including approval of information security policies? 3 4 2 Total 16 17 14 7 0 Scoring: Not Implemented = 0; Planning Stages = 1; Partially Implemented = 2; Close to Completion = 3; Fully Implemented = 4 Section IV: Processes This section assesses the processes that should be part of an information security program. Table IV: Security Technology Strategy Questions Scores/Frequency 0 1 2 3 4 Have you instituted processes and procedures for involving the security personnel in evaluating and addressing any security impacts before the purchase or introduction of new systems? 2 3 3 1 Do you have a process to appropriately evaluate and classify the information and information assets that support the operations and assets under your control, to indicate the appropriate levels of information security? 1 2 3 2 1 Are written information security policies consistent, easy to understand, and readily available to administrators, faculty, employees, students, contractors, and partners? 2 3 3 1 Are consequences for noncompliance with corporate policies clearly communicated and enforced? 1 3 2 3 1 Do your security policies effectively address the risks identified in your risk analysis/risk assessments? 2 3 4 Are information security issues considered in all important decisions within the organization? 3 2 3 1 Do you constantly monitor in real time your networks, systems and applications for unauthorized access and anomalous behavior such as viruses, malicious code insertion, or break-in attempts? 1 3 3 1 1 Is sensitive data encrypted and associated encryption keys properly protected? 2 3 2 1 1 Do you have an authorization system that enforces time limits and defaults to minimum privileges? 2 2 2 3 Do your systems and applications enforce session/user management practices including automatic timeouts, lock out on login failure, and revocation? 2 3 2 2 Based on your information security risk management strategy, do you have official written information security policies or procedures that address each of the following areas? Individual employee responsibilities for information security practices 4 3 1 1 Acceptable use of computers, e-mail, Internet, and intranet 2 3 2 2 Protection of organizational assets, including intellectual property 2 2 3 2 Access control, authentication, and authorization practices and requirements 1 2 3 1 2 Information sharing, including storing and transmitting institutional data on outside resources (ISPs, external networks, contractors’ systems) 2 1 3 2 1 Disaster recovery contingency planning (business continuity planning) 1 1 3 4 Change management processes 2 3 2 2 Physical security and personnel clearances or background checks 1 3 3 2 Data backups and secure off-site storage 1 1 3 4 Secure disposal of data, old media, or printed materials that contains sensitive information 2 3 4 For your critical data centers, programming rooms, network operations centers, and other sensitive facilities or locations: 2 3 4 Are multiple physical security measures in place to restrict forced or unauthorized entry? 1 2 3 3 Is there a process for issuing keys, codes, and/or cards that require proper authorization and background checks for access to these sensitive facilities? 2 1 3 3 Is your critical hardware and wiring protected from power loss, tampering, failure, and environmental threats? 1 4 4 Total 17 45 58 50 47 Scoring: Not Implemented = 0; Planning Stages = 1; Partially Implemented = 2; Close to Completion = 3; Fully Implemented = 4 Discussion As shown by the total scores on Table 1, a majority of the university has a very high reliance on the IT in their services. This is depicted by the structure and characteristics of the university. Information risk assessment and management leaves a lot to be desired by the universities. Most the universities have partially implemented such programs. A large number of employees in the IT departments of most universities do no have sufficient skills to implement good information security governance. Most universities lack the leaders who have the rightful know how on the subject. In addition  to that, there is no a representative in the council who will be an IT expert, hence most leaders lack interest and initiatives on information security. Due to lack of full responsibility of information security by the leaders, to implement processes for information security might also be a challenge especially to the IT department as normally is the department given the responsibility. Conclusion There is a need for institutions to start focusing on proper information security governance. For a start organization such as the Government, the Computer Society of Zimbabwe, Zim Law Society, POTRAZ, ICAZ, IIAZ, Zimbabwe Institute of Management and other industry governing bodies should put their heads together and define the appropriate legislations that mandates information security governance either by referring to existing international frameworks (PCI-DSS, SOX, COSO, ITIL, SABSA, Cobit FIPS, NIST, ISO 27002/5, CMM, ITG Governance Framework) or by consulting local information security and business professionals to come up with an information security governance framework. As the Zimbabwean economy is slowly sprouting, the art of information security governance in the universities should also take a leap. The adoption information security governance will ensure that security will become a part of any university and thus customers confidence will be boosted. References Drucker, P. ‘Management Challenges for the 21st Century’, Harpers Business , 1993. Corporate Governance Task Force, Information Security Governance: Call to Action, USA, 2004. IT Governance Institute, Board Briefing on IT Governance, 2nd Edition, USA, 2003, www.itgi.org. IT Governance Institute, Information Security Governance: Guidance for Boards of Directors and Executive Management, 2nd Edition, USA, 2006. ISO/IEC 38500: Corporate Governance of Information Technology, 2008. IT Governance Institute, COBIT 4.0, USA, 2005, www.itgi.org IT Governance Institute, COBIT ® Security Baseline, USA, 2004, www.itgi.org National Association of Corporate Directors, ‘Information Security Oversight: Essential Board Practices’, USA, 2001 John P. Pironti,  Ã¢â‚¬Å"Information Security Governance: Motivations, Benefits and Outcomes,† Information Systems Control Journal, vol. 4 (2006): 45–8. 21. Rutsito, T. (2005) ‘IT governance, security define new era’ The Herald, 07 November. Kaitano, F. (2010) ‘Information Security Governance: Missing Link In Corporate Governance’ TechZim. http://www.techzim.co.zw/2010/05/information-security-governance-missing-link-in-corporate-governance [accessed 02 May 2013]. Horton, T.R., Le Grand, C.H., Murray, W.H., Ozier, W.J. & Parker, D.B. (2000). Information Security Management and Assurance: A Call to Action for Corporate Governance. United States of America: The Institute of Internal Auditors. Hostland, K, Enstad, A. P, Eilertsen, O, Boe, G. (2010). Information Security Policy: Best Practice Document. Corporate Governance Task Force, (2004). Information Security Governance: Call to Action, USA

How to Draw a Lewis Structure

How to Draw a Lewis Structure A Lewis structure is a graphic representation of the electron distribution around atoms. The reason for learning to draw Lewis structures is to predict the number and type of bonds that may be formed around an atom. A Lewis structure also helps to make a prediction about the geometry of a molecule. Chemistry students are often confused by the models, but drawing Lewis structures can be a straightforward process if the proper steps are followed. Be aware there are several different strategies for constructing Lewis structures. These instructions outline the Kelter strategy to draw Lewis structures for molecules. Step 1: Find the Total Number of Valence Electrons In this step, add up the total number of valence electrons from all the atoms in the molecule. Step 2: Find the Number of ElectronsNeeded to Make the Atoms "Happy" An atom is considered happy if the atoms outer electron shell is filled. Elements up to period four on the periodic table need eight electrons to fill their outer electron shell. This property is often known as the octet rule. Step 3: Determine the number of bonds in the molecule Covalent bonds are formed when one electron from each atom forms an electron pair. Step 2 tells how many electrons are needed and Step 1 is how many electrons you have. Subtracting the number in Step 1 from the number in Step 2 gives you the number of electrons needed to complete the octets. Each bond formed requires two electrons, so the number of bonds is half the number of electrons needed, or: (Step 2 - Step 1)/2 Step 4: Choose a Central Atom The central atom of a molecule is usually the least electronegative atom or the atom with the highest valence. To find electronegativity, either rely on periodic table trends or else consult a table that lists electronegativity values. Electronegativity decreases moving down a group on the periodic table and tends to increase moving from left to right across a period. Hydrogen and halogen atoms tend to appear on the outside of the molecule and are rarely the central atom. Step 5: Draw a Skeletal Structure Connect the atoms to the central atom with a straight line representing a bond between the two atoms. The central atom can have up to four other atoms connected to it. Step 6: Place Electrons Around Outside Atoms Complete the octets around each of the outer atoms. If there are not enough electrons to complete the octets, the skeletal structure from step 5 is incorrect. Try a different arrangement. Initially, this may require some trial an error. As you gain experience, it will become easier to predict skeletal structures. Step 7: Place Remaining Electrons Around the Central Atom Complete the octet for the central atom with the remaining electrons. If there are any bonds left over from Step 3, create double bonds with lone pairs on outside atoms. A double bond is represented by two solid lines drawn between a pair of atoms. If there are more than eight electrons on the central atom and the atom is not one of the exceptions to the octet rule, the number of valence atoms in Step 1 may have been counted incorrectly. This will complete the Lewis dot structure for the molecule. Lewis Structures vs Real Molecules While Lewis structures are useful, especially when youre learning about valence, oxidation states, and bonding, there are many exceptions to the rules in the real world. Atoms seek to fill or half-fill their valence electron shell. However, atoms can and do form molecules that are not ideally stable. In some cases, the central atom can form more than other atoms connected to it. Also, the number of valence electrons can exceed 8, especially for higher atomic numbers. Lewis structures are helpful for light elements but less useful for transition metals, including lanthanides and actinides. Students are cautioned to remember Lewis structures are a valuable tool for learning about and predicting the behavior of atoms in molecules, but they are imperfect representations of real electron activity.