CHP.

-1
Information Technology has become a major facilitator of business activities because:-
1. Perform high-speed, high-volume, numeric computations.
2. Provide fast, accurate and inexpensive communication within and between organizations.
3. Store huge amounts of data in an easy-to-access yet small space and allow quick and easy access.
4. Automate semiautomatic business processes and manually done tasks.

Definitions of IT

1. Information is the finished product for which data is the raw material.
2. Information has also been defined as data that have been put into a meaningful and useful context
and communicated to a recipient who uses it to make decisions.
3. The technology plays an important role in delivering timely and error free information to its
recipients.
4. Technology includes hardware, software, databases, and communication system.
5. Hardware is a set of devices such as processor, monitors, keyboard, and printer that accept data,
process them, and display them.
6. Software is a set of programs that enable the hardware to process data.
7. Database is also an integral part of IT system, which is a collection of related files, tables, relation
etc. that stores data and the association among them.
8. Network connects computing resources of an organization and facilitates sharing of hardware and
software. The organization processes and people are integral part of an IT System.

TYPES OF INFORMATION SYSTEM

 Transaction Processing Systems (TPS)
 Decision Support System (DSS)
 Executive Information System (EIS)
 Management Information Systems (MIS)
 Work Flow System
 Enterprise Resource Planning (ERP)
 Expert Systems
APPLICATIONS OF IT IN BUSINESS
1. Finance and Accounting
2. Sales and Manufacturing
3. Human Resource Management
4. Project Management
5. Data Analysis

COMPUTER AIDED DECISION MAKING

A decision support system (DSS), also called Computer Aided Decision System (CADS), is used when the problem
is complex and the information needed to make the best decision is difficult to obtain and use.
In an organization, a manager has certain goals, which he tries to achieve through the use of resources. The
resources such as people, money, material, and time is always limited. One of the roles that a manager plays among
many others is of decision-making.

The manager would like to examine various alternatives, which may not be possible in a manual system due to time
constraint or due to sheer volume of data. Sometimes, a statistical analysis of fluctuating data is required which
may be done only with the help of a decision support system. The data may be distributed over various branches of
the organization and without the help of Information Technology;
it may not be possible to examine the data.

An information system that helps a manager in making a decision is called a computer-aided decision
support system (CADS) or simply decision support system (DSS). A DSS is designed with the help of
decision makers. A DSS aids in decision making process and does not make any decision. A DSS may be
used for doing a thorough risk analysis of a project. Such a DSS performs what - if analysis. A DSS
consists of a model of the real world, collection of facts- database, and a user interface.

CHP.-2

Computer Speed

The word length of a CPU is the number of bits it can process in a single cycle. A 64-bit machine can
process 64 bits in a single cycle. A 64-bit machine is faster than a 32-bit machine.

The cycle is defined by the internal clock of the control unit. The Pentium based systems have a clock
speed of 1GHz. The bus carries data, control signals, and address in a system. If the data bus width is
same as the word length, then one word can be moved at a time. If the bus width is half of word length,
two cycles are required for moving one word.
STORAGE AND STORAGE DEVICES
1) Volatile Storage
Main Memory

Cache

2) Nonvolatile Storage : The nonvolatile storage media do not require power supply to retain their
contents. Examples of such storage media are disks and magnetic tapes. Disk is used for online storage,
while tapes are used for archival storage.

INPUT/ OUTPUT DEVICES

COMMUNICATION TECHNOLOGY
Communications is the transmission of a signal by a way of particular medium from a sender to a
receiver. For example in human speech, the sender transmits a signal through the transmission medium
air.

For the
effective communication both the sender and the receiver should understand the signals and have
common interpretation for them. When communication has to be established a medium is required for
transmission. This pathway/medium is called as communication media. It includes twisted pair, coaxial
cable, fiber optic cable, microwave transmission, and satellite transmission.

Main characteristics of mediums

 Modes of Communication

There are two modes of communication – Synchronous and Asynchronous. In Synchronous

transmission, data bits are sent over a communication link and the data transfer is controlled by a timing
signal initiated by the sending device. Each data block is preceded by unique characters called sync bits.
The receiving device synchronizes itself with a stream of these bits. Synchronous transmission is
generally used for transmitting large volume of data at high speed. For Asynchronous transmission, one
character is transmitted or received at a time.

Each character is preceded by start bit and ended with end bit, so that the receiving device knows where
the character begins and ends. It is inefficient due to the overhead of transmitting start a stop bits. It is
generally used for low speed data transmission.

Data Transmission Directions

Data transmission occurs in one of the following three directions: Simplex, half duplex, or full duplex. In
simplex data transmission, the data transmission takes place in only one direction. Public announcement
systems such as radio and television use simplex mode of data transmission. It is simple and relatively
inexpensive. In half duplex transmission mode, the transmission takes place in both directions but only
in one direction at a time. Full duplex mode of transmission allows transmission in both directions
simultaneously. For example, on telephone both parties can communicate simultaneously. The cost of
full duplex transmission is high as compared to both simplex and half duplex.

TYPES OF COMPUTERS
 Mainframes:
 Minicomputers:
 Workstations:
 Microcomputer:
 Network Computer:
COMPUTER SOFTWARE
Application Software

Application software is a term which is used for software created for a specific purpose. It is generally
a program or collection of programs used by end users. It can be called an application or simply an app.

Various Examples of Application Software Are

 Word processing software

 Database programs
 Entertainment software
 Business software
 Educational software
 Computer-aided design(CAD) software
 Spreadsheet software etc.

System software

Software for managing computer hardware behaviour, as to provide basic functionalities that are

required by users, or for other software to run properly, if at all. System software is also designed for
providing a platform for running application software,] and it includes the following:

o Operating systems
o Device drivers
o Utilities
o Malicious software or malware

CHP.-3 Components of a Network

COMPONENTS OF A NETWORK
1. The Server or Host Computer
2. The Client
3. The Network Interface Card
4. The Circuit
5. Network Hubs
6. Network Operating System
TYPES OF NETWORKS
1. Local Area Network
2. Wide Area Network
3. Internet
4. Intranet

THE LAYERED ARCHITECTURE AND COMMUNICATION

PROTOCOL
1. Application Layer
2. Presentation Layer
3. Session Layer
4. Transport Layer
5. Network Layer
6. Data link Layer
7. Physical Layer

World Wide Web

The World Wide Web (WWW) made the Internet popular among people who were not part of the academic
community. The Internet became popular primarily because of www applications. The prime objective of www
applications is to facilitate sharing of text and image files. The www applications are implemented using
client/server architecture. The server runs a software package called web server and clients run web browsers. The
most popular web browsers are Google Chrome, FireFox and Internet Explorer.
Popular servers are Apache, Tomcat, Netscape server, and Microsoft server.
In order to get a page from the Web, the address of the desired page is typed into the browser. The user must know
the address of the page in order to request the page.

File Transfer Protocol

(FTP) enables a host to send and receive files over the network— intranet as well as Internet. In a file transfer,
there is a client that requests the transfer and there is a server, which entertains the request. There are many
graphical FTP clients available these days, e.g. gftp on linux and ws-ftp on windows.
A file transfer can be either closed or anonymous. In a closed file transfer, file transfer requires a valid
login/password, which is given by the system administrator.
An anonymous file transfer can be initiated by anyone. For a file transfer under ftp, a virtual connection between
client and server is established to transmit control information. Another virtual connection is established for data
transfer.

Email
Electronic mail is one of the oldest applications of the Internet and it has become the most common way
of communication. Email can be used to send a message to an individual or to a group of people. Text,
formatted document, or an image in any format can be sent via email. The email uses client/server
architecture. Clients are very advanced and provide amazing facilities. The user can create named
folders and can save selected messages into the folder. It is almost like filing letters into a cabinet. A
message can be sent to one person and a copy can be sent to another person. The message can be sent
with a request for an acknowledgment. A message can be forwarded, deleted, or replied to
Client/server architecture is a computing model
in which the server hosts, delivers and manages most of the resources and services to be consumed by
the client. This type of architecture has one or more client computers connected to a central server over
a network or internet connection. This system shares computing resources.
Client/server architecture is also known as a networking computing model or client/server network
because all the requests and services are delivered over a network.

CHP.4-Management Information Systems

The MIS is defined as an integrated system of man and machine for providing the information to support
the operations, the management, and the decision-making function in the organization.
The above definition emphasizes an association between MIS and decision-making.

An MIS deals with information that is systematically and routinely collected in accordance with a well-
defined set of rules. In other words, data collection is a planned activity for which resources are
allocated and rules are defined.

The information provided by an MIS assists managers in planning, organizing, staffing, coordinating,
directing and controlling the operations of an organization. The management experts have viewed these
steps as Management Control system. The following figure shows relationship between operations,
planning and control.

STATUS OF MIS IN ORGANIZATIONS

Information systems are used in all functional areas and operating divisions of business.
1. In finance and accounting, information systems are used to forecast revenue and business activity,
determine the best sources and uses of funds.
2. Information systems have been used for managing cash and other financial resources, and analyzing
investment.
3. Financial health of an organization is also checked using IS.
4. In sales and marketing, information systems are used to develop new goods and services (product
analysis), determining the best location for production and distribution facilities (site analysis),
determine the best advertising and sales approaches (promotion analysis) and set product prices to
get the highest total revenues (price analysis).
5. In manufacturing, information systems are used to process customer orders, develop production
schedules;
6. Control inventory lends and monitor product quality.
7. Service industries such as airline industry and railways use information systems to serve their
customers better.
8. Banks and other investment firms’ use IS to make good investments and sanction sound loans.
9. Publishing houses, healthcare organizations, and retail companies all make use of information
systems to serve their customers better and maximize their profit.

FRAMEWORK FOR UNDERSTANDING MIS

Factors Facilitating Implementation of MIS

A few factors, which will increase the chances of a successful implementation of MIS, are:
1) Involvement of top management in the computerization effort, in defining the purpose and goals of
computers within the organization.
2) Selection of an EDP Manager who has the political skills to involve managers in choosing application
areas, identifying information needs and designing reports.
3) A computer staff, which has interdisciplinary skills in computers, management, and operations
research.
4) A balanced expenditure on hardware and software.

ORGANIZATION AND INFORMATION SYSTEM – TWO-WAY RELATIONSHIP

A system is an assembly of elements arranged in a logical order to active certain objectives. An
organization is also a system. H. J. Leavitt advocates that an organization should be viewed as a socio-
technical system consisting of people, tasks, technology, culture and structure.
 CHP.5- DATA, INFORMATION AND KNOWLEDGE

Data
Data is raw material with which we start and information is the finished product.
For example
1234 5000.00
2345 7000.00
3456 4500.00
2571 8000.00

The above lines contain data. But in the present form, the above data is useless. We now put the data in
the proper context as follows:

The data is now usable and we can process it to extract information such as the amount withdrawn from
account number 1234 is 5000.00. We can consolidate the data and extract the information that
24500.00 Rs. were withdrawn on 25/2/04.
 Information
Information has been defined as
Data that have been put into a meaningful and useful context and communicated to a recipient who
uses it to make decisions it reduces uncertainty, reveals additional alternatives or helps eliminate
irrelevant or poor ones.

Data is processed to get information. The information makes a person more knowledgeable. Knowledge
is an awareness and understanding of a set of information that help decision-making. Knowledge makes
a person wise.

CHARACTERISTICS OF INFORMATION
1) Accurate
2) Complete
3) Economical
4) Flexibility
5) Reliable and verifiable
6) Relevant
7) Simple
8) Timely
9) Accessible and secure
DATA LIFE CYCLE
The data life cycle is the sequence of stages that a particular unit of data goes through from its initial
generation or capture to its eventual archival and/or deletion at the end of its useful life. 
Six stages in the data life cycle. Here's one example:
1. Generation or capture: In this phase, data comes into an organization, usually through data entry,
acquisition from an external source or signal reception, such as transmitted sensor data.
2. Maintenance: In this phase, data is processed prior to its use. The data may be subjected to
processes such as integration, scrubbing and extract-transform-load (ETL).
3. Active use: In this phase, data is used to support the organization’s objectives and operations.
4. Publication: In this phase, data isn’t necessarily made available to the broader public but is just sent
outside the organization. Publication may or may not be part of the life cycle for a particular unit of
data.
5. Archiving: In this phase, data is removed from all active production environments. It is no longer
processed, used or published but is stored in case it is needed again in the future.
6. Purging: In this phase, every copy of data is deleted. Typically, this is performed on data that is
already archived.

Data lifecycle management (DLM) is becoming increasingly important since the explosion of big data and
the ongoing development of the Internet of Things (IoT). Enormous volumes of data are being generated
by an ever-increasing number of devices all over the world. Proper oversight of data throughout its life
cycle is essential to optimize its usefulness and minimize the potential for errors. Finally, archiving or
deleting data at the end of its useful life ensures that it does not consume more resources than
necessary.

VALUE AND COST OF INFORMATION

The value of information is measured in terms of benefits to the organization. The benefits may be
tangible that can be easily quantified. For example, 5% increase in sales is a tangible benefit, which
corresponds to Rs. 50,000. If the cost of the information that led to this additional profit is Rs. 20,000.
Then the value of the information is Rs. 30,000.

Sometimes, the benefits may be intangible and cannot be easily quantified. For instance, the
information may help consumers to connect to a company better. The employees may feel respected in
an organization if more information is shared with them. In both the cases, the attrition rate will
decrease and the corresponding benefit cannot be directly measured in terms of financial benefit to the
organization.
In fact, whenever an organization identifies an opportunity for using information to its advantage, it
develops an information system.

However before developing the system, a cost/benefit analysis is done to figure out net benefit of the
system. There are many methods to assess value of information system, which is explained below.

1) Cost-benefit analysis
IT project and investments has to take its place in the queue for all too scarce cash resources, and the
rules for justifying are the same as for any other project because the risks inherent in decision about IT
are higher, the expected ROI needs to higher before an investment can be justified.
Because of high sum, IT investment has a high potential to damage the organization. A new product is
equally risky. But fundamentally, decision makers are less comfortable about IT because of their
ignorance of the issues and they lack faith in the estimates presented to them.

Identification of IT Costs
A Direct Cost

1) Environmental operating cost UPS

2) Hardware cost File server, Terminals, Backup devices, Network printer
3) Software cost Operating system, RDBMS, Networking software
4) Installation and configuration costs Network wiring, In-house customizing time, Re-engineering
business process
5) Overheads Electricity, air-conditioning, paper, toner, cartridges, disks, paper
6) Training cost Database software course,
7) Maintenance cost Yearly service contract for hardware, software upgrades, annual fee.

B Indirect Human Costs

Management Time
1) Management effort and dedication
2) Employee Training
3) Management Resources
4) Personnel Issues
5) Cost of ownership
6) Employee Time
7) Employee Motivation

2) Return on Investment (ROI)

Another measure of IS value is return on investment (ROI). This method tries to quantify additional
profits that are generated as a percentage of the investment in information system technology. For an
example, a manufacturing firm invested 5 lakh rupees in IS and an additional benefit due to increased
sales is 50 thousand rupees, then the return on investment is
The return on investment is 10%. The company might perform this analysis before installing the
information system with an objective of determining the utility of the system. The same analysis may be
performed after the installation to check the delivered benefits of the IS against expected benefits.

3) Earnings Growth
Another measure of IS value is the increase in earnings growth. Let us say, an organization experienced 6% sales
growth in year 2000. After installing IS, the sales growth became 11%. Assuming that no other factors affected
sales, 5% increase in the sales are due to information system.

4) Market Share
Similar to earnings growth one can also evaluate value of IS in terms of increased market share.

5) Customer Awareness and Satisfaction

Customer satisfaction is one of the most valued intangible benefits of an information system. For
instance, an information system may help customer track status of their orders. Customer may check
the stock status before he places an order. The information may be available on-line or through an
operation who has access to information system of the company. There are many companies that
conduct survey on behalf of their client company’s to determine the satisfaction level of their
customers.

INFORMATION SYSTEMS: SUCCESS AND FAILURE

1) The project may succeed or it may fail. A project is a success if it is completed within time and
budget. Moreover, it must meet needs of its users and organization. Over a period of time, the
following main success and failure factors have been identified. There are many factors that
contribute to the success of a project.

2) The project scope should be stable and well understood. If the scope of the project changes during
the development of the software, the project is likely to suffer in terms of quality, schedule and
budget overrun.

3) An MIS project that aims at re-engineering the business processes of an organization faces major
challenge. Such projects are high-risk but at the same time have high potential for major benefits

4) The technology development platform and development language exposure are other critical
factors. Sometimes, the technology may be new and the team may have difficulty using the
technology. The platform and language newness may also create trouble for the team.

5) Support from the management is vital for the success of the project.

6) The objective of MIS must be in tune with the objective of the organization.

7) The system should be user friendly and the response time should be reasonable so that the user
does not feel frustrated or over-powered by the system.

8) MIS should be developed with a clear objective that must be documented before the development
commences.
9) An important aspect of an MIS is data. Data policy such as what data will be included, who will
provide the data, which will validate the data, who will integrate the data and how will the data
retire should be clearly stated. These seemingly trivial issues can turn a success into a failure.

10) A quality control plan must be in place to ensure quality of specification and quality of conformance.

11) The system should be properly documented so that attrition does not affect the project or MIS
adversely.

CHP.6-Management Information & Control Systems

SYSTEMS VIEW
In the past, managers, decision-makers and problem-solvers attempted piecemeal solutions, thinking in
an isolated compartmentalized fashion independent of other operational units in the organization.
Today besides professional managers, political administrators have also become aware of the need for
adopting an integrated holistic perspective by adopting the systems approach to problem
conceptualization and decision-implementation.

System concepts
Systems are—the transport system, educational system, healthcare delivery system, defense system,
economic system, communication system, management information system, transaction processing
system, decision support system, computer systems, etc. we are in the midst of an era of systems so to
say.

What is a system?

1. A system is made up of interdependent components termed as sub-systems, which may be

composed of further subsystems.
2. We could carry on this refinement till we arrive at the so-called ‘black box’ level, which is some
perceptible manageable level.
3. There is a feedback control loop to report and correct deviations and errors to enable the system to
achieve the goals/purpose/objectives of the system.
4. Just as system is made up of sub or sub-sub-system, it itself is part of a super or supra system. This
could be termed as the environment in which the system operates.
5. The forces in the environment impinge on the system while the system itself exerts pressure
outwardly on the environment thereby having some sort of a dynamic equilibrium at the boundary,
which separates the environment from the system.

ROLE OF MIS AT VARIOUS MANAGEMENT LEVELS

1. Management can also be understood by the type of functions a manager performs.

2. A manager usually performs the following functions: Planning, Organizing, Staffing, Directing,
Coordination, Reporting and Budgeting.
3. Management is a process of achieving an organization’s goal and objectives by judiciously making
use of resources of men, material, machines, money, methods, messages and moments (the last two
in the context of information being vital resources to the manager/decision-maker).
4. Management can also be seen as structured into three hierarchical levels namely, top level, middle
level and bottom level or strategic, tactical and operational levels.
5. Top management establishes the policies, plans and objectives of the company as well as a budget
framework under which the various departments will operate.
6. These factors are passed down to middle management. They are translated into cost or profit centre
concept.
7. These are reviewed, analyzed and modified in accordance with the overall plans and policies until
agreement is reached.
8. Middle management then issues the specific schedules and measurement yardsticks to the
operational management.
9. The operational levels has the responsibility of producing goods and services to meet the revenue,
profit and other goals, which in turn will enable the organization achieves its overall and objectives.
10. The hierarchical view of management is important for two reasons: information needs tend to be
different at different levels of management.
11. In the context of MIS, management can perhaps be best defined as a process of (i) selection of
objectives, (ii) judicious allocation of resources (iii) determining operational plans and schedules, (iv)
keeping control of progress, and (v) evaluation through feedback. Each of these areas requires
certain decisions to be made.
12. Thus we take strategic decisions at the top level, tactical decisions at the middle and operational
decisions at the junior level the type of problems and decisions at the junior level are quite
deterministic and structured, so we can have programmed decisions.

MIS AS A TECHNIQUE FOR MAKING PROGRAMMED DECISIONS

1. In certain cases, the decision can be made using a rule, procedure or quantitative method. Such
problems are known as structured organization may decide to place a purchase order for every
purchase requisition without worrying about merging them. Such decision can be programmed.
2. An organization may have a fixed re-order point and fixed re-order quantity irrespective of demand.
Such decision can be easily programmed.
3. Automated system such as transaction processing systems and MIS are often used to handle
programmed decisions.
4. These systems generate reports for concerned people so that they can take action e.g. a purchase
order will be generated for every requisition and a purchase order will be raised whenever the
Inventory goes below specified limit.

DECISION Support Systems

1. If the problem is unstructured, the solution cannot be arrived at using a set of rules of procedures.
The rules and procedures, at best, can help in identifying alternatives. An information system that
assists decision maker in making a non-programmed decision is referred to as decision support
system.
2. A decision support system (DSS) usually has large amount of data that is managed by a Database
Management System. The
3. DSS presents various views of data to the decision maker to facilitate decision-making.
4. A user may prefer graph whereas another user may like to see data in tabular form. A DSS is
designed to provide presentation flexibility to its users.
5. Details can be rolled up or drilled down depending on the requirement.
6. For instance, sales manager of area A would be interested in knowing total sales, details of each sub-
area within his area.
7. He would also like to know sales in area B, area C etc. to measure his relative performance. He
would not be interested in details of sub-areas of area B as C; and will down area A get complete
details.
8. DSS should provide facility to its user to perform statistical analysis of data.
9. E.g. Sales data can be analyzed for identifying seasonal fluctuations from regular demand change.
10. There are lots of software packages that can do amazingly good analysis of the data.
11. E.g. A Company is considering an investment in an IT Project. It can do a what-if-analysis to analyze
worst and best scenario. The expected cost and benefit can be changed within limits to estimate
payback period.
12. It may help a manager in perform goal-seeking analysis. In goal seeking analysis, you work backward
starting with goal to arrive at conditions required to achieve that goal. For instance, you may
allocate budget for inventory and then backward to figure cut the stock level, re-order point,
delivery time etc.

AUDITING INFORMATION SYSTEM

1. An information system is like any other system in the organization.

2. It must be audited and reviewed to make sure that it is operating and being used as intended.
3. The initial requirements and objective document serves as a reference.
4. The system is audited for its performance, use, cost, benefit and other design criteria such as
planned activity for which resources are allocated and time frame is set. A planned review is time-
driven that may be done every 6 months or every year.
5. In case of a problem, a review may be alone which is refined to as event-driven review.
6. There problems provide opportunity to the organization to provide opportunity to the organization
to improve their systems.
7. The review must have a clear objective and reviewers must produce a written report.

The report must comment on the following factors:

1. Objective: Is in tune with the organizational goal?
2. Hardware/Software/Network/DBMS: Are there being used as intended? Will they be able to meet
requirement for next few years? Is there any bottleneck?
3. Staff: Is staff sufficient and is the staff trained? Are People controllable using the system?
4. Safety: Are enough controls present to ensure safety? Are the controls working effectively?
5. Cost Benefit: This is one of the key reasons for taking up review activity. This is also the most difficult
part of the review process. The reviews should try to be as objective as possible.

CHP.7- INFORMATION SYSTEMS SECURITY

Security
Security is “the quality or state of being secure—to be free from danger.”, protection
against adversaries—from those who would do harm, intentionally or otherwise—is the
objective.

National security, for example, is a multilayered system that protects the sovereignty of a
state, its assets, its resources, and its people. Achieving the appropriate level of security
for an organization also requires a multifaceted system.

Key Information Security Concepts

1. Access
2. Asset
3. Attack
4. Control, safeguard, or countermeasure
5. Exploit
6. Exposure
7. Loss
8. Risk
9. Threat
10. Vulnerability

Security Analysis
The CIA Model

A simple but widely-applicable security model is the CIA triad; standing for Confidentiality, Integrity and
Availability; three key principles which should be guaranteed in any kind of secure system. This principle
is applicable across the whole subject of Security Analysis, from access to a user's internet history to
security of encrypted data across the internet. If any one of the three can be breached it can have
serious consequences for the parties concerned.

Confidentiality

Confidentiality is the ability to hide information from those people unauthorized to view it. It is perhaps
the most obvious aspect of the CIA triad when it comes to security; but correspondingly, it is also the
one which is attacked most often. Cryptography and Encryption methods are an example of an attempt
to ensure confidentiality of data transferred from one computer to another.

Integrity

The ability to ensure that data is an accurate and unchanged representation of the original secure
information. One type of security attack is to intercept some important data and make changes to it
before sending it on to the intended receiver.

Availability

It is important to ensure that the information concerned is readily accessible to the authorised viewer at
all times. Some types of security attack attempt to deny access to the appropriate user, either for the
sake of inconveniencing them, or because there is some secondary effect. For example, by breaking the
web site for a particular search engine, a rival may become more popular
INFORMATION RIGHTS, PRIVACY AND FREEDOM IN AN INFORMATION SOCIETY

1. Privacy deals with the collection and use or misuse of data. Data is constantly being collected and
stored.
2. This data is often distributed, sold or used without our knowledge.
3. The health care provider and retail shops have, for instance, forms of data on its clients and
customers.
4. The fundamental question is “who owns this data and information?”
5. We know for sure that we would not like to share our medical records with others, definitely not
with insurance company or our employers.

Security Analysis
The CIA Model

A simple but widely-applicable security model is the CIA triad; standing for Confidentiality, Integrity and
Availability; three key principles which should be guaranteed in any kind of secure system. This principle
is applicable across the whole subject of Security Analysis, from access to a user's internet history to
security of encrypted data across the internet. If any one of the three can be breached it can have
serious consequences for the parties concerned.

Confidentiality

Confidentiality is the ability to hide information from those people unauthorized to view it. It is perhaps
the most obvious aspect of the CIA triad when it comes to security; but correspondingly, it is also the
one which is attacked most often. Cryptography and Encryption methods are an example of an attempt
to ensure confidentiality of data transferred from one computer to another.

Integrity

The ability to ensure that data is an accurate and unchanged representation of the original secure
information. One type of security attack is to intercept some important data and make changes to it
before sending it on to the intended receiver.

Availability

It is important to ensure that the information concerned is readily accessible to the authorised viewer at
all times. Some types of security attack attempt to deny access to the appropriate user, either for the
sake of inconveniencing them, or because there is some secondary effect. For example, by breaking the
web site for a particular search engine, a rival may become more popular
INFORMATION RIGHTS, PRIVACY AND FREEDOM IN AN INFORMATION SOCIETY

6. Privacy deals with the collection and use or misuse of data. Data is constantly being collected and
stored.
7. This data is often distributed, sold or used without our knowledge.
8. The health care provider and retail shops have, for instance, forms of data on its clients and
customers.
9. The fundamental question is “who owns this data and information?”
10. We know for sure that we would not like to share our medical records with others, definitely not
with insurance company or our employers.

LIMITING LOGICAL ACCESS TO COMPUTER SYSTEMS

1. Personal efforts can reduce the risk of unauthorized access. You must protect your computing facility
in the same manner in which you protect valuables. You must follow safety and security policies of
your organization.
2. Change your password frequently and choose password carefully.
3. In case, a security violation incidence takes place, treat it the way you would treat any other theft.
4. Inform the authorities, document the security violation incidence as accurately as you can, back up
all you files and data immediately and keep them offline. You must secure any evidence.
5. At corporate level, efforts to safeguard data and files include installation of specialized hardware and
software. For instance, data and information are encrypted to prevent unauthorized use. Use of
biometric is also becoming popular to authorize employees. Criminals are identified using
fingerprints. The fingerprint identification has been extended to identify authorized users. Iris and
retina scans which use to be part of science fiction movies has now become part of sophisticated
identification methods. The latest is use of magnetic card that is checked by a magnetic card reader
to allow entry.

Depending on the nature of the computer crime that an organization anticipates, it may adopt controls.
The controls are expensive to implement and the organization must evaluate the cost against the
benefit. To summarize, here is a list of control guidelines:

1. Install strong user authentication and encryption capabilities on your firewall.

2. Upgrade your software with the help of patches, which are developed by vendors whenever a
security gap is found in the software.
3. Guest logins are always misused. Any book on Microsoft products advises against creating a guest
login. Group accounts such as head-sales should also be avoided. Such accounts become public very
quickly and nobody can be held responsible. In one of the academic institute of India, head-
department account was lying dormant for some time. A hacker noticed and started using it for
surfing the net and providing access to others as well. He used 60 hours of download time per day
for a month. At the end of the month, data is regularly checked when this got caught and the only
solution was to de-activate the account.
4. Remote-logins also create serious threat to security. This fact is so well accepted that Linux does not
permit super-user remote-login. There was a time when system accepted login and then prompted
for password. While you typed password, a star will substitute each character. A person from a
distance could easily learn the login and number of characters in the password. Systems have now
changed and login-password is accepted together.
5. It is a good idea to have dedicated servers for applications that communicate with outside world.
Encourage people to have separate passwords for Intranet and Internet if possible.
COMPUTER VIRUS
1. A virus is a program that reproduces itself, usually without your permission or knowledge; there are
a large number of virus types.
2. Viruses have an infection phase where they reproduce widely and an attack phase where they do
whatever damage they are programmed to do (if any).
3. Another way of looking at viruses is to consider them to be programs written to create copies of
them-selves.
4. These programs attach these copies onto host programs (infecting these programs). When one of
these hosts is executed, the virus code (which was attached to the host) executes, and links copies of
it-self to even more hosts.
5. Many viruses do unpleasant things such as deleting files or changing random data on your disk,
simulating typos or merely slowing your PC down;
6. Some viruses do less harmful things such as playing music or creating messages or animation on your
screen.
7. Some viruses steal system resources.
8. Some viruses infect other programs each time they are executed; other viruses infect only upon a
certain trigger. This trigger could be anything; a day or time, an external event on your PC, a counter
within the virus, etc.
9. Polymorphic viruses change themselves with each infection, these viruses are more difficult to
detect by scanning because each copy of the virus looks different than the other copies.
10. Viruses often delay revealing their presence by launching their attack only after they have had ample
opportunity to spread. This means the attack could be delayed for days, weeks, months, or even
years after the initial infection.
11. Because viruses are deliberately written to invade and possibly damage your PC, they are the most
difficult threat to guard against.

Virus Prevention
1. Install Anti-Virus/Malware Software.
2. Keep Your Anti-Virus Software Up to Date. Keep your anti-virus software up to date. Viruses and
malware are created all the time. Your scanning software is only as good as its database. It too must
be as up to date as possible.
3. Run Regularly Scheduled Scans with Your Anti-Virus Software. Set up your system to run antivirus
at regular intervals.
4. Keep Your Operating System Current
5. Secure your Network-
6. Avoid websites that provide pirated material.
7. Keep Your Personal Information Safe.
8. Back Up Your Files.

DISASTER RECOVERY
1. An information system performs key functions for an organization. If system becomes non-functional
for some time, the consequences may be unacceptable. Organizations usually have a set of
emergency procedures for critical functions. In best scenario, the end user will not be able to
discover the failure of regular system. Generally, the switching to alternate mechanism and
procedures is not seamless and the switching causes certain level of inconvenience to the users.
2. The main reasons for system failures include power failure, data corruption, disk failure, network
failure etc. Nature also plays its role sometimes in the form of a fine, flood or earthquake.
3. In addition, labour unrest or human errors may also render system unusable.
4. One of first stops of disaster planning is to identify threats. Not all the threats listed earlier will be a
concern to an organization.
5. After identifying the threats, appropriate disaster recovery plans should be implemented. We
discuss disaster recovery plans next.

Hardware backup
1. In case of a natural disaster or due to technology failure, the hardware may become unusable. There
are some companies whose line of business is to provide disaster recovery services.
2. A company may provide a hot site that has an operational ready to use system. This is an expensive
option, as the system is kept up to date, usually in different seismic zone.
3. The next option is to maintain a cold site. A cold site provides the infrastructure but not the
processing power and data.
4. In case of a problem, the backup system is made operational.
5. Some companies provide data backup services. You can keep a copy of your data in electronic farm.

Software Backup
1. Software programs are precious assets of an organization that must be protected. A human error
may delete a software package or a hardware failure may make it inaccessible. A simple strategy is
to make copies of software and keep them safely.
2. In addition, one may like to keep another copy of-site in a safe environment.
3. The least one should do is take regular backup. If the data is too large, incremental backups can be
taken or selected data may be backed up at regular intervals.
4. The smart strategy is to be in pro-active mode rather than reactive mode. It may be less expensive to
plan ahead to avoid possible down time than suffer losses.

CHP.8- SDLC

SYSTEM LIFE CYCLE

The goal of the System Life Cycle is to keep the project under control and assure that the information
system produced satisfies the requirements. The traditional system life cycle divides the project into a
series of steps, each of which has distinct deliverables, such as documents or computer programs. This is
known as the systems development life cycle (SDLC). The deliverables are related because each
subsequent step builds on the conclusions of previous steps.

Deliverables are produced by the managers or users. Some deliverables are oriented toward the
technical staff, whereas others are directed toward users and mangers.

The System Life Cycle Phases are:-

1. Initiation
2. Development
3. Implementation
4. Operations & Maintenance

Phase I - Initiation
The initiation phase may begin in the following ways:-
1. A user may work with the IS staff to produce a written request to study a particular business
problem.
2. The IS staff may discover an opportunity to use information systems beneficially and then try to
interest users.
3. A top manager may notice a business problem and ask the head of IS to look into it.
4. A computer crash or other operational problem may reveal a major problem that can be patched
temporarily but requires a larger project to fix it completely.
5. Regardless of how this phase begins, its goal is to analyze the scope and feasibility of a proposed
system and to develop a project plan.

Initiations involves two steps:-

A -Feasibility study and
B- Project planning, which produce the functional Specification and a project plan.

A. Feasibility Study
The feasibility study is a user-oriented overview of the proposed information system’s purpose and
feasibility. A system’s feasibility is typically considered from economic, technical, and organizational
viewpoints.
1. Economic feasibility involves question such as whether the firm can afford to build the information
system, whether its benefits should substantially exceed its costs, and whether the project has
higher priority than other projects that might use the same resources.
2. Technical feasibility involves question such as whether the technology needed for the information
system exists and whether the firm has enough experience using that technology.
3. Organizational feasibility involves questions such as whether the information system has enough
support to be implemented successfully, whether it brings as excessive amount of change, and
whether the organization is changing too rapidly to absorb it.

If the information system appears to be feasible, the initiation phase produces a functional specification
and a project plan.

B: PROJECT PLANNING
FUNCTIONAL SPECIFICATIONS
1. The functional specification explains the importance of the business problem; summarizes changes
in business processes; and estimates the project’s benefits, costs, and risks.
2. It clarifies the purpose and scope of the proposed project by describing the business processes that
will be affected and how they will be performed using the system.
3. The functional specification is approved by both user and IS personnel.
4. Data Flow diagrams are provided in the Functional Specifications.
5. Data-flow diagrams (DFDs) represent a flow of a data of a process or a system (usually
an information system). The DFD also provides information about the outputs and inputs of each
entity and the process itself. A data-flow diagram has no control flow, there are no decision rules
and no loops. Specific operations based on the data can be represented by a flowchart. Data entry
screens will be included. This more detailed description is produced in the Development phase.

Data Flow Diagram

Phase II - DEVELOPMENT

The development phase creates computer programs (with accompanying user and programmer
documentation) that accomplishes the data processing described in the functional specification. This is
done through a process of successive refinement in which the functional requirements are translated
into computer programs and hardware requirements. The purpose of the various steps and deliverables
in the development phase is to ensure that the system accomplishes the goals explained in the
functional specification.

Development Phase has the following 3 steps

1. Detailed requirements analysis,

2. Internal system design
3. Programming/Coding
4. Documentation

Phase III – Implementation

Implementation is the process of putting a system into operation in an organization. It starts after the
development phase.
This phase begins with implementation planning, the process of creating plans for training, conversion,
and acceptance testing. The training plan explains how and when the user will be trained. The
conversion plan explains how and when the organization will convert to new business processes.
The acceptance-testing plan describes the process and criteria for verifying that the information system
works properly in supporting the improved work system.
Training is the process of ensuring that system participants know what they need to know about both
the work system and the information system. The training format depends on user backgrounds and the
purpose and features of both the work system and the information system. Users with no computer
experience may require special training. Training for frequently used transaction processing systems
differs from training for data analysis systems that are used occasionally. Information systems
performing diverse functions require more extensive training than systems used repetitively for new
functions. Training manuals and presentations help in the implementation system.

Phase IV - Operations and Maintenance

The operation and maintenance phase starts after the users have accepted the new system. This phase
can be divided into two activities: (1) ongoing operation and support, and (2) maintenance. Unlike the
other steps in the life cycle, these steps continue throughout the system’s useful life. The end of a
system’s life cycle is its absorption into another system or its termination.
Ongoing operation and support is the process of ensuring that the technical system components
continue to operate correctly and that the users use it effectively. This process is similar to the process
of making sure a car or building operates well. It works best when a person or group has direct
responsibility for keeping the information system operating. This responsibility is often split, with the
technical staff taking care of computer operations and a member of the user organization ensuring that
users understand the system and use it effectively. Any problem encountered is fixed.

Maintenance is the process of modifying the information system over time. As users gain experience
with a system, they discover its shortcomings and usually suggest improvements. The shortcomings may
involve problems unrelated to the information system or may involve ways that the information system
might do more to support the work system, regardless of the original intentions. Some shortcomings are
bugs.
Important shortcomings must be corrected if users are to continue using an information system
enthusiastically.

CHP.9- Artificial Intelligence

GENETIC ALGORITHMS

They are called “genetic” because they work on the same principles as genetics: The members, which
adapt well to the environment, are selected for reproduction and produce offspring. Poor performers
die without offspring.

The figure above can be summarized that genetic algorithms let the data structures face the
environment and carry forward with only the fittest data structures. There are a few concepts that need
to be highlighted.
Mating: Mating is done by randomly selecting a bit position in the eight bit string and concatenating the
head of one parent to the tail of the other parent to produce the offspring e.g. the fifth bit crossover
point of parents xxxxxxxx & yyyyyyyy will produce offspring xxxxxyyy & yyyyyxxx.
Inversion: Inversion is done on a single string. The inversion concatenates the tail of the string to the
head of the same string e.g. sixth bit inversion of string abcdefgh will be ghabcdef.
Mutation: In mutation bits at one or more randomly selected positions are altered. It is done to ensure
that all locations of the rule space are reachable so as to avoid local minima.
Eg.
Five phases are considered in a genetic algorithm.

1. Initial population

2. Fitness function

3. Selection

4. Crossover

5. Mutation

ARTIFICIAL INTELLIGENCE
1. Intelligence is the computational part of the ability to achieve goals in the world.
2. AI is a branch of computer science concerned with the study and creation of computer systems that
exhibit some form of intelligence: systems that learn new concepts and tasks, systems that can
reason and draw useful conclusions about the world around us, systems that can understand a
natural language or perceive and comprehend a visual scene, and systems that perform other types
of feats that require human types of intelligence”.

Goals of AI
1. Emulate Humans
2. Solve Problems that Require Intelligence
3. Develop Expert Systems on Real-Life Problems
4. Enhance Interaction

Applications of AI
1. Game Playing
2. Automated Grammar Checking
3. Speech Recognition
4. Natural Language Understanding
5. Vision Systems
6. Expert Systems
7. Computer Simulated Natural Processes
8. Mathematical Theorem Proving
9. Intelligent Control
10. Planning a time schedule of a set of events to improve the efficiency

Building AI
1) Knowledge Representation and Reasoning
2) Heuristic Search
3) Inference
4) Learning
5) Planning
EXPERT SYSTEMS
An expert system is a set of programs that manipulate encoded knowledge to solve problems in a
specialized domain that normally requires human expertise. An expert system’s knowledge is obtained
from expert sources and coded in a form suitable for the system to use in its inference or reasoning
process.

Expert System is a result of the interaction between the system builder (knowledge engineer) and many
domain experts.

Expert systems are computer systems that are based on knowledge rather than the data. They
accumulate this knowledge at the time of system building. Knowledge is programmed and kept in such a
manner so that it can be browsed and appended from time to time. Expert systems possess a very high
level of expertise in the area for which they are made for. The best thing about expert systems is that
they grow over time and but for the initial expenditure incurred in building them, they work in a cost
effective manner. Expert systems have predictive modeling power i.e. they are capable of describing the
effects of new situation on the data and the solution. Expert system uses symbolic representations for
knowledge (rules, networks or frames).
This compilation often becomes a quick reference for best strategies, methods and consensus decisions.
This becomes a permanent knowledge base. Thus, one can say that expert systems have a permanent
memory. Expert systems gives access to the user to understand it’s reasoning and can be used to
provide training.

Building Expert System

The process of building an expert system is also called knowledge engineering. As we have discussed
earlier that there is an interaction between the domain expert and the expert system builder which
generates the knowledge into the expert system. The latter is also called “knowledge engineer”. There is
further to it. The remaining players in the building of the expert system are the expert system building
tools, the user and the expert system itself. Let us have a quick tour on their meaning. Expert system is
the collection of programs that solves problems in a particular area; domain expert is a person who is
knowledgeable about that particular problem area and has solutions to those problems; knowledge
engineer is a computer science expert who translates the domain expert’s knowledge into the one,
which is understandable by the computer; expert system building tool is the programming language that
is used by the knowledge engineer to build the expert system. And finally the user is the one, which will
use the expert system.

Knowledge Representation in Expert Systems

The knowledge can be represented in expert systems in three ways. These ways are rules, frames and
semantic nets. A rule-based system consists of a rule-base (permanent data); an inference engine
(process); and a workspace or working memory (temporary data). Knowledge is stored as rules, which
are of the form

IF some condition THEN some action

For example:
IF it is hot THEN turn the AC on
IF the temperature is more than 350 THEN it is hot
IF the weather is not so hot but it is humid THEN also turn the AC on.

When the IF condition is satisfied by the facts, the action specified by the THEN is performed. These
rules may modify the set of facts in the knowledge base. These new facts can be used to form matches
with the IF portion of the rules. This matching of rule IF portions to the facts can produce “inference
chains”. The inference chains display how a conclusion is reached in an expert system. Rules can be used
in two ways: - by forward chaining and backward chaining.

Forward Chaining: Suppose you have a database which has some information stored in it and you want
to generate some new rules and test them with respect to the database. Then by the forward chaining
method you start with a fact that is present in the database. You infer some rule that comes due to a
consequence of a given fact. Next is that you add that inference as fact in the database. In other words
you have appended the database. Once a fact is added, it interacts with other facts and infers some new
fact that again gets added into the database. This process is continued till there is no further inference.
The process is “forward” because it uses the facts on the left side to derive information on the right
hand side.

Backward Chaining: Suppose you want to test whether a fact exists in the database. The process first
checks the database for that fact. If the fact that you want to establish is not there, then the process
tires to find other facts that conclude that fact. It tries to establish those facts first, which conclude the
fact you are interested in. The process continues in the same

Neural Networks
Neural Networks involve mathematical structures that are capable of learning. Neural network is a set of
connected input/output units where each connection has a weight associated with it. Neural networks
are primarily used for predictions. Neural networks use past data and fit a model on it to predict and
classify. Neural networks as the name suggest resembles the namesake found in human beings. Neural
networks begin with an input layer, which is given some weight before it connects to the output unit.
The output unit processes the values of input variable and weights with a combination function. There
are many hidden layers between the input and output layer. A neural network is trained by assigning
weights on the inputs of each of the units so that the network predicts the variable under question in
the best possible manner.

Neural Networks are a good choice for most classification and prediction tasks when the results of the
model are more important than understanding how the model works.

A neural network can have multiple layers. Suppose, we have a training data and we measure
attributes for training data. These measured attributes form the input layer. Weights are given to the
input layer according to their importance in the problem. The output from the input layer is assigned
some weights and this feed to the second layer, known as hidden layer. Similarly the weighted outputs
of these hidden layers can be fed to the next hidden layer and so on. Finally these outputs go into the
output layer, which emits network’s prediction. This process is explained in the figure given below.
If there is a single hidden layer then the network is called a two-layer neural network.
Similarly a network containing two hidden layers is called a three-layer neural network.
Applications of Neural Networks

1. Handwriting Recognition
2. Travelling Salesman Problem
3. Image Compression
4. Stock Exchange Prediction

FUZZY LOGIC
In standard set theory, an object is either a member of a set or it is not. There is no middle way. There is
no partial containment. The characteristic function of a traditional set assumes values 1 and 0, on the
basis of membership. If we generalize this concept and allow the characteristic function to assume all
values between 0 and 1, then we talk about the fuzzy sets and the value assumed by the characteristic
function denotes the degree or level of membership.

The main objective of fuzzy sets was to define the fuzziness and vagueness. Fuzzy set theory forms the
basis of Fuzzy logic. It is a relatively new discipline that has found applications in automated reasoning of
expert systems. Fuzzy models require defining of memberships functions. These functions can often be
defined on the basis of intuitive knowledge. Because of their simplicity to use and cost effectiveness,
fuzzy logic and fuzzy computation are good prospects for the next generation expert systems. The
universe of fuzzy set can take any value in the real interval 0 and 1.
example - Suppose we want to define the membership of batsmen of national level in a ountry.

We may define the membership characteristic function u as follows.

For 0 < × < 50
For x > 50, here x is the national average of the batsman. The interpretation is if a batsman has an
average of more than 50 runs he is strong member of the fuzzy set. An average of 40 means his
membership is partial with uA(x)=0.5, similarly an average of 30 would get uA(x)=0.2 and so on. The
characteristic function for fuzzy sets provides a direct linkage to fuzzy logic.

Business Applications of Fuzzy Logic

1. Fuzzy matching is used in matching problems that is an essential operation in speech recognition,
automated reasoning and expert systems. Computing fuzzy distance between two objects forms the
basis of such matching.
2. Fuzzy relations are used in modeling a physical system, whose variations of output parameters with
input parameters are known.
3. Fuzzy logic has been applied in management of ambiguity of the data by analyzing the knowledge
about predecessors to determine the truth-value of a proposition.
4. Fuzzy reasoning is used for identifying criminals from imprecise and inconsistent word description of
criminal history.
5. Fuzzy logic is used in medical diagnostic systems in identifying diseases on the basis of symptoms by
calculating fuzzy beliefs.
 ERP
An Enterprise resource planning system is a fully integrated business management system covering
functional areas of an enterprise like Logistics, Production, Finance, Accounting and Human Resources.
ERP Enabling Technologies
It is not possible to think of an ERP system without sophisticated information technology infrastructure.
Earlier ERP systems were built only to work with huge mainframe computers. The new era of PC, advent
of client server technology and scalable Relational Database Management Systems (RDBMS) most of the
ERP systems exploit the power of Three Tier Client Server Architecture. The other important enabling
technologies for ERP systems are Workflow, Work group, Group Ware, Electronic Data Interchange
(EDI), Internet, Intranet, Data warehousing, etc.

ERP Characteristics:-
1. Flexibility
2. Modular & Open
3. Comprehensive
4. Beyond the Company
5. Best Business Practices

Features of ERP
Some of the major features of ERP and what ERP can do for the business system are:
1. ERP provides multi-platform, multi-facility, multi-mode manufacturing, multi-currency, multi-lingual
facilities.
2. It supports strategic and business planning activities, operational planning and execution activities,
creation of Materials and Resources.
3. ERP covers all functional areas like manufacturing, selling and distribution, payables, receivables,
inventory, accounts, human resources, purchases etc.
4. ERP performs core activities and increases customer service, thereby augmenting the corporate
image.
5. ERP bridges the information gap across organizations.
6. ERP provides complete integration of systems not only across departments but also across
companies under the same management.
7. ERP is the solution for better project management.
8. ERP allows automatic introduction of the latest technologies like Electronic Fund Transfer (EFT),
Electronic Data Interchange (EDI), Internet, Intranet, Video conferencing, E-Commerce etc.
9. ERP eliminates most business problems like material shortages, productivity enhancements,
customer service, cash management, inventory problems, quality problems, prompt delivery etc.
10. ERP provides intelligent business tools like decision support system, Executive information system,
Data mining and easy working systems to enable better decisions.

Why Companies Undertake ERP

1. Integrate financial information
2. Integrate customer order information
3. Standardize and speed up manufacturing processes
4. Reduce inventory
5. Standardise HR information
BUSINESS PROCESS REENGINEERING (BPR)
ERP is a result of a modern Enterprise’s concept of how the Information System is to be configured to
the challenging environments of new business opportunities. However merely putting in place an
information system is not enough. Every company that intends to implement ERP has to reengineer its
processes in one form or the other. This process is known as Business Process Reengineering (BPR).

What is BPR?
1. BPR is the fundamental rethinking and radical redesign of processes to achieve dramatic
improvement in measures of performance such as cost reduction, quality, service and speed,”
2. Dramatic achievement means to achieve 80% or 90% reduction (in say, delivery time, work in
progress or rejection rate) and not just 5%, 10% reduction.
3. Radical redesign means BPR is reinventing and not enhancing or improving.
Fundamental rethinking means asking the question “why do you do what you do”, thereby eliminating
business process altogether if it does not add any value to the customer

Conceptual Data Model

The main aim of this model is to establish the entities, their attributes, and their relationships. In
this Data modeling level, there is hardly any detail available of the actual Database structure.

The 3 basic tenants of Data Model are

Entity: A real-world thing

Attribute: Characteristics or properties of an entity

Relationship: Dependency or association between two entities

For example:

 Customer and Product are two entities. Customer number and name are attributes of the
Customer entity
 Product name and price are attributes of product entity
 Sale is the relationship between the customer and product

There are hundreds of such entities and relationships between these entities.
ERP IMPLEMENTATION
1. The success of an implementation mainly depends on how closely the implementation consultants,
users and vendors work together to achieve the overall objectives of the organisation.
2. The implementation consultants have to understand the needs of the users, understand the
prevailing business realties and design the business solutions keeping in mind It is the users who will
be driving the implementation and therefore their all these factors active involvement at all stages
of implementation is vital for the overall success of implementation.
3. It is worthwhile to remember that ERP is an enabling tool, which makes one do his work better,
which naturally need additional efforts.
4. During the course of implementation the standard package may undergo changes which may be a
simple one or a major ‘functionality’ change. Implementing such changes is known as Customization.
5. The contents of the package are known as modules and the modules are further divided into
Components.
6. The roles and responsibilities of the employees have to be clearly identified, understood and the
employees will have to accept new processes and procedures configured in the system laid down in
the ERP system.
7. Processes and procedures have to be simple and user friendly.
8. A well managed and implemented ERP package can give a 200 percent return on investment where
as a poorly implemented one can yield a return on investment as low as 25 percent.