MANAGEMENT INFORMATION SYSTEM

PREFACE

This reference note has been prepared to meet the requirement of the BBA 3 rd
semester TU. However, It is expected to be useful for others interested in
computer and management. The contents have been developed as guided by the
detailed syllabus prescribed by Tribhuwan University (TU).
 UNIT 1

INFORMATION SYSTEM IN GLOBAL BUSINESS TODAY

Role of information system in business today

The role of information system in business today is praise worthy. Most of the
organizations have adopted some form of information system that is synchronous
to its structure and management objectives. The role of information system in
business today can be pointed out under four topics:

a> Information management: Information systems store, update and even

analyze the information, which the company can then use to pinpoint the
situation to current or future problems.
b> Operational support: Information system provides operational support to
business. For example, information system can be integrated with
manufacturing to confirm the quality requirements and high level of
accuracy. It assists in obtaining operational excellency.
c> Decision support: Information systems dedicated to support decision
making like DSS, ESS, MIS etc are developed to assist making decision at
different levels of management. It can collect external data and perform
analysis of market trends to help businesses in making strategic decision.
d> Strategic support: Information system provides opportunity to the
company to exploit their competitive advantage as far as possible. It helps
in coordinating works of different functions and ensuring that the strategy
is implemented thoroughly.

New in management information system

There are lots of developments and changes in MIS due to which we can
see new business and industries are appearing while old one are either
declining or adapting to changes. There are interrelated changes in
technology area and they are:
a> Cloud computing: cloud computing refers to the delivery of hosted
services and on demand computing resources over the internet on a pay
for use basis. It is the practice of using a network of remote servers
hosted on the internet to store, manage and process data. The types of
 cloud computing are: Iaas, Paas, Saas . It is the use of various services
over the internet, often referred to as the “cloud”.
b> Software as a service: Software as a service (SaaS) is a software
distribution model in which a third party provider hosts applications and
makes them available to customers over the internet. Saas are
sometimes called web-based softwares, on-demend software, or hosted
software. Common examples are email, calendaring and office tools etc.
SaaS is typically accessed by users using a thin client via a web browser.
c> Mobile digital platform: The hardware/software environment for
laptops, tablets, smart phones and other portable devices is called
mobile digital platform. Windows and Mac dominate the laptop world,
and Apple and Android rule the smart phone/tablet universe.
d> Business intelligence: It refers to the technologies, applications and
practices for the collection, integration, analysis and presentation of
business information. The purpose of business intelligence is to support
better business decision making. It is a technology driven process for
analyzing data to make informed business decision.
e> Virtual meetings: Use of virtual meeting tools like web conferencing and
video conferencing have increased and digital integration with suppliers,
customers and employees have been developed as the transition to
digital firms.

Globalization
Globalization has created this whole world as a single community. It has
created a flattened world where not only the goods move easily even the
jobs do. Internet and global communications had greatly reduced the
economic and cultural advantages of developed countries. However,
Globalization presents both challenges and opportunities for business
throughout the world:

Challenges
1. Competition for jobs, markets, and resources are heavily increasing. It is
challenging for employees, managers and business firms to get jobs,
manage resources and retain market respectively.
2. For students, the challenge is to develop high level skills through
education and on the job experience that cannot be outsourced.
3. For business, the challenge is to increase cost efficiency and product
effectiveness, reduce customer grievances around the globe and
response time to changes and demands.
4. For managers, the challenge is to be prepared to fit into any
sociocultural environment, and be responsive to people across the
world.

Opportunities

1. Global movement of goods along with internet has provided opportunity

for growth of e-commerce throughout the world.
2. Internationally jobs are created and people from developing countries
are highly benefitted.
3. Due to outsourcing, the production cost has been decreasing drastically

Globalization has become inevitable phenomenon, thus the only choice for
businesses and managers is to use information technology for ensuring
greater communication ability, broader scope for operation etc.

Emerging digital firms

Digital firm is a digitally enabled environment for the interaction and
processing of information among customers, employees, employers and
the stakeholders. It is a company in which almost all significant business
relationships with customers, suppliers and employees are digitally enabled
or mediated.

Features of Digital firm

1. Virtual meeting: Use of virtual meeting tools like web conferencing and
video conferencing have increased and digital integration with suppliers,
customers and employees have been developed as the transition to
digital firms.
2. Key corporate assets: Core competencies, intellectual property and
financial and human assets are managed through digital means. In a
digital firm, any piece of information required to support key business
decisions is available at anytime and anywhere in the firm.
3. Time shifting and space shifting: Time shifting refers to business
conducted continuously rather than fixed hours. Space shifting means
that the work is accomplished physically wherever in the world.
4. Environment: Digital firm sense and respond to their environment more
rapidly with enough flexibility to survive turbulent time.
5. Opportunities: Digital firm offers extraordinary for more flexible global
organization and management.

Business process: A business process is a collection of related structured

activities that produce a specific service or product for customers. It is a set
of activities that will accomplish a specific organizational goal.

Strategic business objectives

Companies like eBay, walmart, google etc stand where they are because
they know how to implement IT for their strategic purpose. What a
business would like to do in five years often depends on what its systems
will be able to do.

The six business objectives of IS are:

a. Operational excellence: Information systems and technologies are the

very useful tools to achieve higher levels of efficiency and productivity in
business operations. It provides work system integration and work
automation.
b. New products, service and business models: Information systems and
technologies are a major enabling tool for firms to crete new products
and services as well as, entirely new business model. A businesss model
describes how a company produces, delivers and sells a product to
create wealth.
c. Customer and supply Intimacy: Supply chain management and customer
relationship management at present largely depend upon the
information system for better and quicker response generation.
d. Improved decision: Information systems are dedicated to support
managerial and strategic decisions at different levels and departments
of the organizations.
e. Competitive advantage: It is a particular work at which the company is
exceptionally unparalleled.
f. Survival: In this world, Information systems and technologies are no
longer a mere option, but a mandatory to business operation and
survival.

Dimensions of information system

The dimensions of IS viz, organization, management, and information
technology solve the business related problems as a whole.

Organization: People at different levels of the hierarchy of an

organization use information technology and information system for
different purposes. Organization functions can be automated using
information technology. Order processing, Financial analysis, HR
planning can be automated and thus errors and slackness can be
reduced in operations.

Management: IS helps in knowledge management and in new product

development. Management is the regulating body of organization.
Information system provides information and analytical support for
decision making and planning
 Information Technology: IT is the combination of hardware, software,
networks and data management technologies which as a whole helps in
managing information of the organization. IS operates in organizational
structure using the technology for assisting management to make
decisions and solve problems.

Business perspective on IS
Leading business like walmart, Amazon, Apple inc are becoming more
reliant towards information technology and information system for
profitability.

Complementary assets: Complementary assets are assets infrastructure

or capabilities needed to support the successful commercialization and
marketing of a technological innovation. These are those assets required
to derive value from a primary investment.

Organizational and management capital: Investment in organization and

management such as new business processes, management behavior,
organizational culture or training is called organizational and
management capital.

Complementary social, Managerial and Organizational assets Organizational

assets:

a. Supportive organizational culture that values efficiency

b. Appropriate business model
c. Decentralized authority
d. Efficient business process
e. Distributed decision-making rights

Managerial assets:

a. Strong senior management support for technology investment and change

b. Incentives for management innovation
 c. Teamwork and collaborative work environment
d. Training programs to enhance management decision skills

Social assets:

a. The internet and telecommunication infrastructure

b. Laws and regulations creating fair, stable market environment
c. Standards( both government and private sectors)

Data: Data are streams of raw facts representing events occurring in

organizations or the physical environment before they have been organized.

Information: Information is the processed data that have been presented into
a format that is both meaningful and useful.

Information Technology Information system

IT is the combination of hardware, IS is the set of interrelated
software, network and data components that collects, process,
management technologies which as a store and distribute information to
whole helps in managing information support decision making and control
of the organization. in an organization
IT consists of all hardware and IS consists information about
software that affirm needs to use in significant people, places and things
order to achieve its business objective within the organization or in the
environment surrounding.

Functions of IS

1. Input: Captures or collects raw data from within the organization or from its
external environment.
2. Processing: Converts this raw input into a meaningful form
3. Output: Transfers the processed information to the people who will use it
4. Feedback: It is output that is returned to appropriate members of
organization.

Intranet
Intranet are simply internal company
web sites that are accessible only by
employees.
Intranet is the network that is limited
for use on the organizations
computers
It is the use of internet technology
within a company or organization
It can be accessed by private
organization members proprietary
Extranet
Extranet are company websites that
are accessible to authorized vendors
and suppliers.
Extranet is an extension of the
company intranet.
It is a network that uses the internet
to link company intranets in order to
enhance business-to-business
partners selection.
It can be accessed only by business
partners selective.

Definition of key terms

Computer literacy: It is the ability and knowledge to use computers and

related technology efficiently, with a range of skills covering levels from
elementary use to programming and advanced problem solving.

Data management technology: It is that part of IS which consists of software

governing the organization of data on physical storage media.
Data workers: Data workers are those who assist with scheduling and
communication at all levels of the firms. For eg, secretaries or clerks

World wide web (WWW): WWW is a service provided by the internet that uses
universally accepted standards for storing, retrieving, formatting and
displaying information in a page format on the internet.
Information system literacy: It is the knowledge of how data-information are
used by individuals and organizations.

Chapter 2

Global e-business and collaboration

Business process: A business process is a collection of related structured

activities that produce a specific service or product for customers. They are the
collection of activities required to produce a product or service.
Business improvement with IT

a. Automation: IS automate many steps in business processes that were

formerly performed manually such as checking a client credit, or generating
an invoice and shipping order.
b. Integration: IS integrates and collaborates subsystems of different
hierarchies and functional departments of the organization. Such
integration enhances the operational excellency.
c. Decision making: IS provides the necessary information and tools to predict
and build scenarios that a decision-maker is in need of. DSS and ESS uses IS
and makes the decision process simpler.
d. Innovation: New IT frequently changes the way a business works and
supports entirely new business models. Innovations in business models
have enhanced the productive capacity of business firm.

Types of information system or systems for different management groups

1. Transaction processing system (TPS): TPS is a computerized system that

performs and records the daily routine transactions necessary to
conduct business at operational level such as sales order entry, payroll,
employee record keeping, etc. It performs the functions of data entry,
data validation, data storage and query support. It produces output in
the form of detailed reports, lists.
2. Management information system (MIS): MIS refers to a specific category
of IS serving middle management. MIS provide middle managers with
reports on the organizations current performance. This system
summarizes and reports on the company basic operations using data
supplied by operational systems.
3. Decision support system (DSS): DSS is the IS at the organizational
management level that combines data and sophisticated analytical
models or tools to support semi-structured and unstructured decision
 making. DSS uses internal information from TPS and MIS along with
information from external environment.
4. Executive support system (ESS): ESS helps senior management make
complex decisions. They address non-routine decisions requiring
judgement, evaluation and insight because there is no agreed-on
procedure for arriving at a solution. They are concerned with questions
such as: what products should we be making in five years? What are the
long term industry cost trends and where does our firm fit in it?

System for linking the enterprise

1. Enterprise system: It is an integration platform of the business processes

and functional systems. It integrates business process in manufacturing,
production, finanace, sales, HR into a single software system. It is known
as enterprise resource planning as it is very useful for resource
allocation and decisions related to such for managers.
2. Supply chain management (SCM) system: SCM system automates the
flow of information across organizational boundaries and co-ordinates
the inter-organizational buyer-seller relationship. Firms sue SCM system
to help manage relationships with their suppliers.
3. Customer relationship management (CRM) system: CRM are dedicated
systems to help manage business-customer relationship. Firms use CRM
system to help manage their relationship with their customers. It
continuously collects data related to the customers, their habits and
behaviours, handle their complaints and understand their needs.
4. Knowledge management system(KMS) : KMS enables organizations to
better manage processes for capturing and applying knowledge and
expertise wherever possible. These systems continuously collect all
relevant knowledge and experience in the firm, and make it available
wherever and whenever it is needed to improve business process and
management decision.
System for collaboration and teamwork

Collaboration is a working practice whereby individuals or organizations

work together for a common purpose to achieve business benefit. It is
working with others to achieve shared and explicit goals. It focuses on task
or mission accomplishment.

Teams are part of the organizations business structure for getting things
done. Teams have a specific mission that someone in the business assigned
to them.

Benefits of collaboration

a. Productivity: Synergetic effect of teamwork and collaboration enhances

efficiency and work performance.
b. Quality: Emphasized communication reduces errors and correct actions
faster, thus maintaining quality.
c. Customer service: People working together in teams can solve customer
complaints and issues faster and more effectively.
d. Innovation: Relaxed communication among team members leads to
greater idea generation and innovation.

Tools and technologies for collaboration and teamwork

a. E-mail and instant Messaging

b. Social Networking
c. Wikis
d. Virtual worlds
e. Internet based collaboration environment(google apps, lotus notes etc)

Information systems functions in business

Information system department (ISD)

ISD is the formal organizational unit responsible for IT services. It is
responsible for maintaining the hardware, software, data storage and
networks that comprise the firms IT infrastructure. It consists of specialists
such as programmers, system analysts, project leaders and IS managers.

Chief information officer (CIO): Head of ISD. He/she is the senior manager
who oversees the use of IT in the firm.

Chief security manager (CSO): CSO is in charge of IS security for the firm and
is responsible for enforcing the firm information security policy. It is also
called Chief information security Officer (CISO). CSO is responsible for
maintaining tools and policies chosen to implement security.

Chief privacy officer (CPO): CPO is responsible for ensuring that the
company complies with the existing data and privacy laws.

Chief knowledge officer (CKO): CKO is responsible for firm knowledge

management program. CKO helps design programs and system to find new
sources of knowledge or to make better use of existing one.

Organizing the information systems functions

The importance of precise and functional organization of information

system is important in digitally accompanied firms. Organizations
Information is a continuously process, evolving towards betterment
everytime and annexing everything that comes to its way. Only through a
well build IT governance model and continuous monitoring one can truly
organize the IS. It also involves the answers of the questions like: How
much IS function be centralized? What decisions must be made to ensure
effective management and use of IT?

Definition of some key terms

Business intelligence: It refers to technologies, applications and practices
for the collection, integration, analysis and presentation of business
information. The purpose of business intelligence is to support better
business decision making. It is a technology driven process for analyzing
data to make informed business decision.

Digital Dashboard: It is an electronic interface used to acquire and

consolidate data across an organization. It provides in-dept business
analysis of key performance with the snapshot of productivity.

Electronic business: It refers to the use of information and communication

technologies (ICT) to execute the major business processes in the
enterprise. It is the conduct of business processes on the internet or digital
technology.

Wikis: Wikis are a type of website that makes it easy for users to contribute
and edit text contents and graphics without any knowledge of web page
development or programming techniques.
Tele presence: It is a set of technologies with integrated audio and visual
environment that enable people to feel or appear as if they were in a
location which they are not.

Portal: Portal is a specially designed website that bring information from

diverse sources like emails, search engines etc.

Enterprise application: Enterprise application is a business application that

a business would use to assist organization in solving enterprise problems.

System analysts: System analyst is a computer professional who works to

solve problems related to information technology.

End users: the person who actually uses a particular product or service. An
end user is a person that a software program or hardware is designed for.

Inter organizational system: It is a system between organizations or shared

information system among a group of companies.
 Unit 3

Information systems, organizations and strategy

Organizations and information systems

Information system and organization influence one another. Information systems

are built by managers to serve the interests of the business firm. Information
systems are means to serve the organizations purpose while in the process it
changes organizations status quo. Their interaction is complex and is influenced
by many mediating factors, including the organizations structure, business
process, culture, and environment.

Features of an organization

a. Routines and Business processes: Business processes are collections of

business routines. Routines are standards operating procedures that have
been developed to cope with virtually all expected situations.
b. Organizational politics: Organization is a structure of tasks and positions.
Politics, as an ability to exercise power to manipulate others, brings an
enormous challenge to managers who want to bring change in
organizations.
c. Organizational culture: Organizational culture encompasses set of
assumptions about what, how, where and from whom to produce. It is a
powerful unifying force that restraints political conflict and promotes
common understanding, agreement on procedures etc
d. Organizational structure: All organizations have structures. Mintzberg
classified organization as follows:
1. Entrepreneurial: It has a simple structure and is managed by
entrepreneur. For eg: small start-up business
2. Machine bureaucracy: It is dominated by centralization and have lrge
bureaucracy in a slowly changing environment. For eg: Midsize
manufacturing firm
3. Divisional bureaucracy: It is a combination of multiple machine
bureaucracy, each producing a different product or service. for eg:
Fortune 500 firms such as general motors
4. Professional bureaucracy: It is knowledge based organization where
goods and services depend on the expertise and knowledge of
professionals. For eg: Hospitals
5. Adhocracy: It is a taskforce organization that must respond to rapidly
changing environment.

Impact of information system on organization

Information systems have become integral, online, interactive tool deeply

involved in the minute-to-minute operations and decision making of large
organizations. The impacts are as follows:

a. Economic impact: IT changes both relative cost of capital and the cost of
information. IT help firm contract in size because it can reduce
transaction cost.
b. Organizational and behavioral impacts: It facilitates flattening of
hierarchies by broadening the distribution of information to empower
lower-level employees and increase management efficiency.
c. Internet and organization: Internet increases the accessibility, storage,
and distribution of information and knowledge for organization. The rise
of networked business is the effect of internet on business.

Transaction cost theory

According to transaction cost theory, firms and individuals seek to
economize on transaction costs, much as they do on production costs. It
states that as transaction costs decreases, firm size shrinks because it
becomes easier and cheaper for the firm to contract for the purchase of
goods and services in the marketplace rather than to make the product
or offer the services itself.

Agency cost theory

This theory suggests that the firm can be viewed as a nexus of contracts
between resource holders. A principle (owner) employs agents
(employees) to perform work on his or her behalf. Agents need constant
supervision and management, otherwise, they will not work on the
interest of owners. So, as the firms grow in size and scope, agency cost
rise because owner must expend more effort on supervising and
managing employees.

Implication for design and understanding of IS

IS must be build with a clear understanding of the organization in which

they will be used. Following are the central organizational factors to
consider when planning a new system:

1. The environment in which the organization must function.

2. The structure of the organization hierarchy, specialization, routines and
business processes.
3. The type of organization and its style of leadership
4. The organization culture and politics
5. The kinds of tasks, decisions, and business processes that the
information system is designed to assist.

Achieving competitive advantage using IS

Firms that do better than others are said to have a competitive advantage
over others. They either access to special resources that others do not, or
they are able to use commonly available resources more efficiently.

Porters competitive Forces model

This model provides a general view of the firm, its competitors, and the firm
environment. It is all about the firm general business environment. It is
used to analyze industrial competition. Porter discussed five competitive
forces that mark the competitive position of firm

a. Competing firm (competitors): The competitors continuously introduce

products of greater value, derives better way of producing. IT enables
the firm to reduce cost. Digitalization of our firm is one of the ways to
get competitive advantage over our competitors.
b. New market entrants: In a free economy, new companies are always
entering in marketplace. In order to reduce threat of new entrants, a
firm should develop its organization in such a way that is very hard to
imitate and gives a very high value to its customers.
c. Substitute products and services: New technology creates new
substitutes all the time. The more the substitute products and services in
our industry, the less we can control pricing and lower our profit
margins. So, the idea is to evolve continuously and making ones product
hard to be substituted.
d. Customers: Customers are the sources of revenue. If customer can easily
switch over the products, the cost of switching is low, customer

New market entrants Substitute

products

firms competitors
 bargaining power is high, than the competitive position is weak and vice
versa.
e. Suppliers: The more different suppliers a firm has, the greater control it
can exercise over suppliers in terms of price, quality and delivery
schedule.

IS strategies for dealing with competitive forces

There are four general strategies, each of which often is enabled by using
information technology and systems.

1. Low-cost leadership: Information systems can be used to achieve

the lowest operational costs and the lowest prices. Take walmart
for an example. walmart continuous replenishment system
transmit orders to restock directly to its suppliers
2. Product differentiation: IS can be used to enable new products
and services or greatly change customer convenience in using
existing products and services. For example: Google continuously
introduces new and unique search service on websites.
3. Focus on market niche: IS enable a specific market focus and serve
narrow target market better than competitors. It enables a
focused strategy on a single and specialize market niche.
4. Strengthen customer and supplier intimacy: IS tighten linkage with
suppliers and develop intimacy with customers. Strong linkage to
 customers and suppliers increases switching costs, and ensures
loyalty to the firm.

The internet impact on competitive advantage

Porter dictated that because of internet competitive rivalry has become much
more intense. Internet raises the bargaining power of customers, who can find
the lowest-cost provider on the web. Amazon, eBay, iTunes, Facebook etc are
examples. Internet is transforming entire industries, forcing firms to change
how they do business. The impacts are as follows:

a. Substitute products or services: Internet enables new substitutes to emerge

with new approaches to meet needs.
b. Customer bargaining power: Internet raises bargaining power of customers,
who can quickly find the lowest-cost provider on the web.
c. Supplier bargaining power: Internet tends to raise bargaining power over
suppliers. Suppliers can also benefit from reduced barriers to entry and
from elimination of distributors.
d. Positioning and rivalry among existing competitors: Internet widens the
geographic market. Increasing the number of competitors and reducing
differences among competitors, makes it more difficult to sustain
operational advantages.

Business value chain model

The value chain model highlights specific activities in the business where
competitive strategies can best be applied and where information systems
are most likely to have a strategic impact.
The activities can be categorized as either primary activities or support
activities. Primary activities are most directly related to the production and
distribution of the products and services, which create value for the
customers. Support activities makes the delivery of the primary activities
possible and consists of organizational infrastructure (administration and
management), human resources (recruiting, hiring) technology.
Aligning IT with business objectives
Research has found that the more successful a firm can align IT with its
business goals, the more profitable it will be. Laudon has suggested
management checklist for helping managers to align IT with business and
they are:
Management checklist
To identify the types of systems that provide a strategic advantage to the
firm, managers should ascertain following information:
A. Structure of industry competition
a. Basis of competition, quality, price etc
b. Position of IT application in the industry
B. Business, firm and industry value chains
a. Benchmarks and comparative performance status
b. Relation with customers, suppliers and internal bodies
C. IT, and business strategy and goals
a. Connection between business strategy and goals D. Progress
feedback evaluation

Managing strategic transition

The socio-technical changes, affecting both social and technical elements of

the organization can be considered strategic transitions. It is a movement
between levels of socio-technical systems.

Definition of key terms

Benchmarking: It is comparing the efficiency and effectiveness of the

business process against strict standards and then measuring performance
against those standards. It is comparing ones business processes and
performing to industry best practices from other companies.
Business ecosystem: It is the network of organizations involved in the
delivery of specific product or service through both competition and
corporation. It consists of suppliers, distributors, outsourcing firms etc.
Core competency: It is a harmonized combination of multiple resources and
skills that distinguish a firm in the marketplace. It is an activity for which a
firm is a world class leader. It relies on knowledge that is gained over many
years of practical field experience with a technology.

Disruptive technologies: It refers to any enhanced or completely new

technology that replaces and disrupts an existing technology and practices.
They are the substitute product that performs better than anything
currently produced. For example: Microprocessor chips, personal
computers, smart phones, world wide web etc

Mass customization: It is the use of flexible computer-aided manufacturing

systems to produce custom output.

Switching costs: switching costs refers to the cost that a customer incurs as
a result of changing brands, suppliers or products. It is the cost of switching
from one product to a competing product.

Value web: It is a collection of independent firms that use information

technology to coordinate their value chains to produce a product or service
for a market collectively. It is more customer driven.

Virtual company: It is an organization that uses computer and

telecommunications technologies to do its business. It does not have any
physical existence or location.
 Unit-4

Ethical and social issues in IS

Ethics: Ethics refers to the principles of right and wrong that individuals, acting
as free moral agents, use to make choices to guide their behavior.

Five moral dimensions of information age

1. Information rights and obligations: privacy and freedom

Privacy is the claim of individuals to be left alone or not to be disturbed by
others. IT threatens individual claims to privacy by making the invasion of
privacy cheap, profitable and effective. Everyone has the right to freedom.
On the internet one can post things that might be offensive to others.
Computer can collect the information about habit, address, gender,
hobbies etc of people so that they can figure out what they can sell.

2. Property rights: intellectual property

Intellectual property (IP) refers to the creations of mind in the fields of
inventions, literacy and artistic works, scientific works, symbol and images
used in industry, commerce and communication areas. Now, because of
internet such creations can be copied and distributed easily and some other
 people may count money instead of the creator. It has three legal
traditions:
a. Trade secrets: A trade secret is defined as any valuable business
information that is not generally known and is subjected to reasonable
efforts to preserve confidentiality.
b. Copyright: Copyright is a legal right that grants the creator of an original
work exclusive right for its use and distribution. It is a legal term which
describes the rights given to creators of certain work. It is for limited
time.
c. Patents: A patent is an exclusive monopoly rights given on the ideas
behind an invention for 20 yrs to the rightful creator. The inventor gets
royalty when another party uses the invention for their benefit.

3. Accountability, liability and control: Accountability refers to condition of

being answerable to higher authority or concerned parties. Liability is the
state of being legally responsible for something thus subject to paying
compensation so needed for any wrong done. Control means the measure
to be adopted to reduce faults or mishaps.

4. System quality: data quality and system errors

System quality is an organized effort to manage how businesses produce
the items and devices they sell. It answers the question of what standards
of data and system quality should we demand to protect individual rights
and the safety of society.

5. Quality of life: Equity, Access and boundaries

Quality of life covers a huge aspects; cultures, economy, status, family,
rights etc. It consist the following traditions:
a. Equity: IT refers to fair and impartial treatment. But there is digital
divide among people who have the access to computer and people who
have no such privilege.
b. Access: IS made accessing across systems very easy as most of
organizations are developing their system for open interaction
c. Boundaries: Technology has no boundaries at all. Technology has greatly
enhanced our work life, but actual life, family life and private life have
been seriously injured.

Key technological trends that raise ethical concerns

1. Advancement in data analysis: Technological advancement has given

organizations greater ability to analyze detailed personal information
of individuals from vast quantities of data gathered and also to
develop profiles of individual behaviors and non-obvious relationship
awareness (NORA).
2. Increase in computing power: The increase in the computing power
gives faster access to the information stored in it. This has invariably
increased reliance and vulnerability to computer systems.
3. Decline in data storage cost: The storage of data online is one of the
factors that led to the decline in the storage cost. Thus, this has made
several organizations to easily maintain and increase detailed
databases of individuals.
4. Network advances: This has enabled copying data from one location
to another and accessing large quantities of personal data from the
remote location with ease.

Systematic steps in ethical decision making

a. Identify and clearly describe the facts: This involve finding out who did
what to whom, and where, how etc
b. State the inconsistency and identify the higher-order values: It is very
important to clearly define the conflict in ethical concerns and identify
the ones with higher values.
c. Identify the stakeholders: It is necessary to find out the identity of
stakeholders as every ethical, social and political issues.
d. Identify the reasonable options to select
e. Identify the consequences of selected options
Specific principles of conduct to guide ethical decisions:
a. Golden rule: It states that put yourself into the place of others, and
think of yourself as the object of decision.
b. Immanuel kants categorical imperative: If an action is not right for
everyone to take, it is not right for anyone.
c. Descartes rule of change: If an action cannot be taken repeatedly, it
is not right to take at all.
d. Utilitarian principle: Take action that achieves higher or greater
value.
e. Risk aversion principle: Take action that achieves the least harm or
least potential cost.
f. Ethical “no free lunch” rule: If something is created by others is
useful to you, it has a value and the creator wants compensation.

Definition of key terms

Techno stress: It is a stress or psychosomatic illness caused by working

with computer technology on a daily basis. Its symptom include anxiety,
impatience, hostility toward humans, fatigue
Spam: Spam is practice of sending junk or unwanted email frequently
with commercial content in large quantities to an indiscriminate set of
recipients.
Digital divide: It refers to the gap between those who have ready access
to computer and the internet, and those who do not. It is an economic
and social inequality with regard to access to information and
communication technology.

Opt-out: Opt-out is a model which permits the collection of personal

information until the consumer specifically requests that the data not be
collected.
Opt-in: This model prohibits from collecting any personal information
unless the consumer specifically takes action to approve information
collection.
Cookies: cookies are small text files deposited on a computer hard drive
when a user visits web sites. Cookies identify the visitors web browser
software.
Web beacons: web beacons, also called web bugs, are tiny objects
invisibly embedded in e-mail message and web pages that are designed
to monitor the behavior of the user visiting a website or sending email.
Informed consent: It is defined as consent given with knowledge of all
the facts needed to make a rational decision.
Profiling: It is the use of computers to collect information about
individuals from multiple sources.
Non obvious relationship awareness (NORA): It is a new data analysis
technology that has given both government and private sector more
powerful profiling capabilities.
 Unit-5

Information Technology infrastructure

IT infrastructure

IT infrastructure consists of a set of physical and software applications that are

required to operate the entire enterprise. IT infrastructure includes hardware,
software, and services that are shared across entire firm. It includes the
following services:

a. Telecommunication: This service connects employees, customers and

suppliers into a digital environment by providing data, voice and video
connectivity.
b. Data management services: It includes managing massive amounts of
corporate data and making it available to internal and external users for
analysis.
c. IT education services: It includes training employees on how to properly use
the system.
d. Application software services: It provides enterprise-wide capabilities such
as enterprise system, CRM, SCM, KMS that are shared by all business units.

Evolution of IT infrastructure
There have been five stages in this evolution, each representing a different
configuration of computing power and infrastructure elements. The five eras
are:
1. General purpose mainframe and minicomputer era (1959 to present) The
introduction of IBM 1401 in 1959 marked the beginning of mainframe
computers. The mainframe era was a period of highly centralized
computing under the control of professional programmers and system
operators. This pattern began to change with the introduction of
minicomputer produced by Digital Equipment Corporation (DEC) in 1965.

2. Personal computer era (1981 to present)

The appearance of the IBM PC in 1981 is usually considered the beginning
of the PC era. At first, using DOS and later Microsoft OS became the
standard desktop personal computer. Software applications for the most
personal computers include word processing, spreadsheet, databases etc.
Modern PC often have connections to the internet.

3. Client/server era (1983 to present)

In client/server computing, desktop or laptop computers called clients are
networked to powerful server computers that provide the client computers
with a variety of services and capabilities.
The simplest client/server network consists of a client networked to a
server with processing split between the two types of machines. This is
called two-tired client/server architecture. Likewise, multi tired or N-tired is
balanced over several different levels of servers, depending on the kind of
services being requested.

4. Enterprise computing era (1992 to present)

Applications developed by local departments and divisions couldnot
communicate easily with one another and share data. In early 1990s, the
resulting IT infrastructure links different pieces of computer hardware and
similar networks into an enterprise-wide network so that information can
flow freely across the organization. It can link different types of computer
hardware, public infrastructure.

5. Cloud and mobile computing era (2000 to present)

Cloud computing refers to a model of computing that provides access to a
shared pool of computing resources (computers, storage, applications and
services), over a network, often the internet. Thousands of computers are
located in cloud centers, where they can be accessed by desktop
computers, laptops, mobile devices etc.

Technology Drivers of infrastructure evolution

Technology drivers are the leading-edge process/product technology that
drives development of next generation equipment.
Some major technology drivers are:

a. Moores law and Microprocessing power

Moores law stated that there are at least three variations: a. the power
of microprocessor doubles every 18 months; b. computing power
doubles every 18 months and c. the price of computing falls by half
every 18 months.

b. The law of digital storage

The world produces as much as 5 exabytes of unique information per
year with the evolution of technology, digital storage become cheaper
and highly demanded which lead scientist to develop new method to
store huge information in small space. Users will demand more storsge
and the technology will develop it.

c. Metcalfes law and network economics

Robert Metcalfe claimed that the value or power of a network grows
exponentially as a function of the number of network members.
Metcalfe point to the increasing returns to scale that network members
receive as more and more people join the network.
For example: if we build a network for 20 users, we will spend the
necessary money for basic equipment. If we already have the
equipment in place, we can add one more user at normal cost.
d. Declining communication costs
Rapid decline in the costs of communication and the exponential growth
in the size of the internet is a driving force that affects the IT
infrastructure. To take advantage of the business value associated with
the internet, firms are greatly expanding their internet connections.

e. Standards and network effects

Without technological standards, enterprise infrastructure and global
internet computing would be impossible as of today. Some important
standards in computing are ASCII, COBOL, UNIX, TCP/IP, IBM, WWW etc

Infrastructure components
IT infrastructure today is composed of seven major components:
1. Computer hardware platforms: computer hardware refers to the
physical parts or components of a computer such as processor, printer
etc. These hardware platforms will either help to input, process or show
the output and store instructions for future propose.
2. Operating system platform: Operating system is a collection of programs
that controls the overall operation of the computer system. Operations
such as logging on, file management, and network connectivity are
controlled by operating system. For eg: Unix, Linux etc
3. Enterprise software applications: Enterprise software is purpose
designed computer software used to satisfy the needs of an organization
rather than individual users. Services provided by enterprise software
are typically business oriented tools such as online shopping, automated
billing system, CRM, ERP, business intelligence, collaboration etc
4. Data management and storage: Storage area networks (SAN) connects
multiple storage devices on a separate high-speed network dedicated to
storage. The SAN creates a large central pool of storage that can be
rapidly accessed and shared by multiple servers.
5. Networking/telecommunications platforms: Networking and
telecommunications platform will merge into one rather than having
one platform for networking devices and a separate platform for
telecommunications. Many telecommunication companies are now
merging with internet service providers to offer a complete package of
digital services.
6. Internet platforms: The internet and its technology standards continue
to expand the businesses and services. Internet and extranet built on
internet technology give businesses an easy and inexpensive method of
providing services.
7. Consulting and system integration services: systems used in many large
companies are so complex that must businesses simply cannot manage.
The services become more critical as many companies merge their old
legacy systems with newer technologies. Companies choose not to
totally replace legacy system because it is too expensive and involves
too much training. It is easier to use middleware and other technologies
to merge old and new systems.

Challenges of managing IT infrastructure

1. Dealing with platform and infrastructure change
2. Management and governance
3. Making wise infrastructure investment

Solutions of IT infrastructure

1. Using a competitive force model to determine how much to spend

on IT infrastructure and where to make strategic infrastructure
investment.
2. Establishing the Total Cost of Ownership (TCO) of IT assets. TCO
includes hardware and software acquisition, installation, training and
maintainance etc
Definition of key terms

Application server: It is a software framework that provides both

facilities to create web applications and a server environment to run
them.

Green computing: It is the study of designing, manufacturing and using

of computing devices in a way that reduces their environment impact.
Grid computing: It is the collection of computer resources from multiple
locations to reach a common goal. It involves connecting geographically
remote computers.
Nano technology: It is manipulation of matter on an atomic, molecular
and super molecular scale.
Technology standards: They are the standards for the use of technology
and ability to communicate in a network.

Virtualization: Virtualization refers to the act of creating a virtual version

of set of computing resources using network resources.

Open source software: It is software with code that anyone can inspect,
modify and enhance. Linux is powerful open source OS that can run on
multiple hardware platforms.
 Unit 6

Database and information Management

File organization: It is a way of organizing the data or records in a file. The most
common types of file organization are: sequential, relative and indexed.

Bit: A bit is the smallest unit of data that can be handled by a system. A bit is
always either 0 or 1. A group of bits or combined bits are called byte. A
Combination of 8 bits makes up a byte.

Fields: Fields are the smallest unit of information that can be accessed. Fields are
the combination of bytes that generate some sense. A group of related fields,
such as student name, course taken etc is a Record.

File: A file is a collection of records of the same type. For eg: personal_info file
store student name, DOB etc. The group of related files makes up a database.

Entity: An entity is a thing or object in the real world that is unique from all other
objects. The descriptive property possessed by each member of entity set is called
an attribute.

Problems with traditional file environment

Traditional file environment practice calls for creating independent files, database
and applications to manage them. This approach is also known as flat file system.
The problems are as follows:

a. Data redundancy and inconsistency: Data redundancy is the presence of

duplicate data in multiple locations. Data inconsistency occurs when
different versions of the same data appear in different places.
b. Program-data dependence: It refers to the coupling of data stored in files
and the specific programs required to update and maintain those files such
that changes in programs require changes to the data.
c. Data inflexibility: A traditional file system cannot deliver ad hoc reports in
an untimely fashion. The information required by ad hoc requests is
somewhere in the system but may be too expensive to reteieve.
d. Poor security: As there is little control of management of data, access to
information may be out of control. Management may have no way of
knowing who is accessing or even making changes to organization data.
e. Lack of data sharing and availability: The pieces of information in different
files and different part of organization cannot be related to one another.
So, it is difficult to share or access in timely manner.

Database approach to data management

It is an approach whereby all the information appears to be stored in one

central location instead of separate files for each application.

Database management system (DBMS)

A DBMS is a collection of interrelated data and set of programs to access those

data. The DBMS acts as an interface between application programs and the
physical data files.

Capabilities of DBMS
The capabilities of DBMS vary according to its type. It depends upon the
foundation of which it is built- data definition language, data dictionary and
data manipulation language.

Data definition language is a language that is used to describe the details of

the data. Data dictionary is a file which contains data about data. Data
manipulation is a language that enables users to access or manipulate data in
a database.

Thus, the capabilities of DBMS are as follows:

a. Querying and reporting: querying helps to filter the data and present only
what the user requires. The most popular type of query language (or DML)
 is structured query language. It uses English like structured syntax for
creating queries. DBMS have the capabilities to generate reports on the
user-desired data. Crystal report is a popular report generator for large
DBMS.
b. Maintaining complex relationships among data: A DBMS has the capabilities
of creating link between the data in various tables. This capability helps to
retrieve complete information in a timely fashion.
c. Providing backup and recovery: The DBMS has the capability to create a
back-up of the data. This back-up can be used to recover the lost data
during accidental loss of data. This saves million of dollars of the
corporation occurring from data loss.
d. Maintaining data integrity and security: Data integrity refers to the
accuracy and consistency of data stored in a database. Various integrity
constraints can be enforced to check data integrity. Security restrictions are
supported by DBMS that allows restriction to unauthorized users or
readonly to some authorized users.

Designing databases
Designing database is dealt in two phases- the conceptual phase and the
physical phase. The conceptual (logical) phase is the abstract model of the
database from a non-technical perspective. The physical phase is how
database is actually arranged on direct access storage device.
The conceptual database design deals with two concepts:
1. Normalization: Normalization is the process of reducing redundancies of
data and ensuring data independencies in a database. It is the process of
decomposing a bad relation by breaking up their attributes into smaller
relations.
2. Entity relationship diagram: ER diagram is a diagram that shows links
between the entities and the kind of relation between them. It is the
pictorial representation of data model documented by the database
designer.
 Data warehouses: It is a large store of data accumulated from a wide range
of sources within a company and used to guide management decisions. The
data warehouses makes the data available for anyone to access as needed,
but it cannot be altered. It extracts current and historical data from
multiple operational systems inside the organization.

Data mart: It is the access layer of the data warehouse environment that is
used to get data out to the users. It is limited to a specific businesses unit or
group of users. It is usually oriented to a specific business lie or teams.

Tools for business intelligence

a. Online analytical processing( OLAP)

OLAP is an approach to answering multidimensional analytical queries
swiftly in computing. It is a function of business intelligence. It enables
users to view the same data in different ways using multiple dimensions.
b. Data mining: It is the process used to extract usable data from a larger set
of any raw data. Data mining helps to identify the patterns of relationship
among the data. The various types of information that can be obtained
through data mining process are:
1. Associations: which are occurrences linked to a single event.
2. Sequences: events are linked over time.
3. Classification
4. Clustering: works in a manner similar to classification when no groups
have yet been defined.
5. Forecasting: Uses a series of existing values to forecast what other
values will be.

Text mining: Extracting information from the text files that cover most part
of the information source for the organization is called text mining.

Web mining: The discovery and analysis of useful patterns and information
from the world wide web is called web mining.
 Data cleansing: It is also known as data scrubbing. It consists of activities for
detecting and correcting data in a database.

Data governance: It is a process an organization follows to ensure that high

quality data exists throughout the complete life cycle.

Information policy specifies the organization rules for sharing, acquiring,

standardizing and classifying information. For eg, a information policy
would specify that only selected members would have the right to view the
sensitive data.

Data administration: He/she is responsible for the specific policies and

procedures through which data can be managed as an organizational
resource.

UNIT 7
Securing information system

System vulnerability: It is a cyber-security term that refers to a flaw in a system

that can leave it open to attack. These vulnerability results from technical,
organizational and environmental factors compounded by managements
improper, delayed and wrong decisions. Errors in programming, improper
installation or unauthorized changes cause computer software to fail. Power
failures, flood, fires or other natural disasters can also disrupt computer systems.

Malicious software: Malicious software is the set of programming

codes/instruction that disrupt the usual functioning of the various components of
the computer system. They are referred to as malware and include a variety of
threats, such as computer virus, worms, Trojan horses and spy-wares that make
the system vulnerable.
Computer virus: computer virus is a self replicating software program that
attaches itself to other software programs or data files in order to be executed,
usually without user knowledge or permission.

Worms: Worms is a standalone malware computer program that replicates itself

in order to spread to other computers. Worms destroy data and programs as well
as disrupts the operation of computer.

Trojan horse: It is any malicious computer program which misleads users of its
true intent. For eg: zeus Trojan

Spywares: It is a software that aims to gather information about a person or

organization without their knowledge. It is installed on a computing device
without the end users knowledge.

Hackers and computer crimes

Hackers are the individuals who gain unauthorized access to computer syatem by
identifying a soft corner in its security mechanism. Since internet is an open
network, it has been a boon to hackers and crackers, who are hackers with
criminal intentions.

Some computer crimes are:

a. Spoofing and sniffing: spoofing is creating fake identities of one self and
misleading user or redirecting users to a fake address in order to execute
criminal plans. Sniffing is gathering private information from users over
network via eavesdropping programs called sniffers.
 b. Denial of service attacks: It is an attack meant to shut down a machine or
network making it inaccessible to its intended users. In DOS attacks,
hackers create a “zombie” network called botnets using malicious codes on
others systems for increasing the number of requests.
c. Identity theft: It is the deliberate use of someone else identify, usually as a
method to gain a financial advantage.
d. Click fraud: Click fraud is clicking or making a program that clicks on ads
without any intention of knowing about the products.
e. Cyber terrorism and cyber warfare: Cyber terrorism and cyber warfare is
carrying out criminal activities on the cyber space across the globe with a
view to weaken or disrupt the target countries. Attacks on traffic control,
DOS attack on government web site are examples.

Social engineering: It is the psychological manipulation of people so that they give

up confidential information.

Computer crime: It is the use of computer and network to commit illegal ends like
fraud, hacking, phishing etc

Business value of security and control

There are systems that stores highly confidential personal information such as
credit card details, business information related to competitive tactics and
government on arms, taxes etc. These information if destroyed, misplaced or
acquired by wrong minds can create serious problems in all aspects of
socioeconomic life.

Legal and requirements for electronic records management

US act for various industries to ensure e-management:

a. Health insurance portability and accountability act (HIPAA): HIPAA outlines

medical security and privacy rules for simplifying the administration of
health care billing and automation of health care data.
b. Financial services modernization Act: This act requires that data must be
stored on a secure medium, and special measures must be enforced to
protect data.
c. Public company accounting reform and investor protection act: This act
imposes responsibilities on companies and their management to safeguard
the accuracy and integrity of financial information.

Electronic evidence and computer forensics

For legal cases, electronic evidences stored in digital forms like emails, instant
message, e-commerce transactions etc stored in computer storage have
become much more crucial these days. Upon any legal action, a company may
be asked to present these electronic records as evidences.

Computer forensics

It is the practice of collecting, analysing and reporting on digital data in a way

that is legally admissible. Forensics expert can easily identify the hidden
evidence in a file that is not visible to an average user. It deals with four major
issues which are:

a. Recording data from computers while preserving evidential integrity

b. Securely storing and handling recovered electronic data
c. Finding significant information in a large volume of electronic data
d. Presenting the information to a court of law.
Establishing a framework for security and control
Information system control: IS control can be defined as manual or
automated mechanism for monitoring and evaluating the performance of
the IS and correcting deviances, if any. Controls can be either General
control or application controls.

General control: It governs the design, security and use of computer

programs. The types of general control are software control, hardware
control, computer operations control, data security control,
implementation control, administration controls.
Application control: Application control is specific controls unique to each
computerized application such as payroll or order processing. IT can be
classified as input controls, processing controls and output controls

Risk assessment
Risk assessment simply means identifying the risk to the part of the system
that may occur if the proper security mechanism is not adopted. Risk
assessment is done on the basis of factors like value of information assets,
points of vulnerability etc. For examples, it is unwise to spend rs.300000 for
security in a system that causes potential damage of rs.2000 once a year.

Security policy: It is a document that states in writing how a company plans

to protect the company physical and information technology assets.

Disaster recovery planning

Disaster recovery planning is a technical plan that guides through the
restoration of the system, services and data after they are hit by disaster
such as flood, earthquake, power failures etc. This plan focuses on issues
such as which file to back up of computer system.

Business continuity planning

It focuses on how the company can restore business operations after a
disaster strikes. This helps a business to walk through the crisis situation
with minimum loss.

Role of auditing
An MIS audit examines the firms overall security environment as well as
controls governing individuals IS. The auditor should carefully examine the
flow of sample transactions through the system and perform tests using
audit software. Security audits review technologies, procedures,
documentation training and personnel.
Key terms

Cyber vandalism: It is the intentional disruption or even destruction of a

website or IS.

phishing
Phishing is the attempt to obtain
sensitive information often for
malicious reason, by disguising as a
trustworthy entity in an electronic
communication
It involves getting a user to enter
personal information via a fake
website
Pharming
Pharming is a cyber attack intended
to redirect website traffic to
another fake site.
It involves modifying domain name
system (DNS) which causes users to
be directed to the wrong websites

Patches: It is a piece of software designed to update a computer program

or data to fix or improve it.

Acceptable use policy (AUP): It defines acceptable uses of the firms

information resources and computing equipment.

Authentication: It refers to the ability to know that a person is who he/she

claims to be.

Firewalls: It is a combination of software and hardware that prevent

unauthorized users from accessing private networks.
 Unit 8

Building information system

System development and organizational change

There are four general changes that can be brought in the organization through
system development:

a. Automation: Automation enables the tasks to be performed with minimal

or no human interventions. It helps to speed up the performance of existing
tasks. For example, calculating paychecks, giving bank tellers instant access
to customer deposit records etc
b. Rationalization: Task simplification demands re-organization of the work
processes that ensures no bottlenecks are present in the system. This
process is known as rationalization.
c. Business process redesign (BPR): in BPR, business process are analyzed,
simplified and redesigned. BPR reorganizes workflows, combining steps to
cut waste and eliminate repetitive, paper-intensive tasks.
d. Paradigm shift: It is a fundamental change that happens when the usual
way of thinking or doing something is replaced by a new and different way.
 A paradigm shift involves rethinking the nature of the business and the
nature of organization.

Business process redesign

It is the complete overhaul of a key business process with the objective of

achieving improvement in performance measures such as return on investment,
cost reduction etc

Business process management is never concluded because process improvement

requires continual change. The process of business process management are:

1. Identify process for change: selecting the right business model and
processes for change is the prime job. Selecting a wrong process may lead
to competitive disadvantage.
2. Analyze existing process: The second step is to analyze the identified
processes to plan the changes. This can be done by creating a detailed
model of the process including all the inputs and outputs. This allows to
identify any bottle necks, repetition etc
3. Design the new process: After knowing the problems in existing process,
modification of the process or even creating new one should be done. Cost
and time should be major considerations while designing new processes.
4. Implement the new process: once the process has been analyzed and
modified, it must be translated into a new set of procedures and work
rules. New IS or enhancement to existing systems may have to be
implemented to support the redesigned process. After implementation,
optimization can be done.
5. Continuous measurement: once the process is implemented, the
employees or any other parties concerned with the process may suggest
some lags or complaints and thus the process needs continuous
improvements.
Overview of system development

System development is the process of defining, designing, testing and

implementing a new software application or program. These activities consist
of system analysis, system design, programming, testing, conversion, and
production and maintainance.

1. System analysis: It is the process of analyzing the business problem that a

firm tries to solve with an information system. It consists of defining the
problem, identifying its causes, specifying the solution and identifying the
information requirements that must be met by a system solution. Knowing
what the problem is half the job done.
2. System design: system design is the process of defining the architecture,
modules and data for a system to satisfy specified requirements. In this
step, design specifications are created for each components of the system
that act as the overall plan or model for the system. The various alternative
designs are evaluated based on their relative superiority in terms of cost,
efficiency and effectiveness.
3. Programming: Programming translates design specifications into program
codes. Today, many organizations no longer do their programming for new
system. Instead, they purchase the software that meets the requirements
for a new system.
4. Testing: Testing is the process of verifying whether or not the new system
will produce the desired result under known conditions. Testing is time
consuming. Testing a new system can be broken down into three major
activities:
a. Unit testing: It is the process of testing smallest parts of an application,
called units, for proper operation.
b. System testing: It is the process of testing the functioning of the
information system as a whole.
c. Acceptance testing: It is the final approval that the system is ready for
implementation.
 5. Conversion: It is the process of changing from the old system to the new
system. The fore main conversion strategy are:
a. Parallel strategy: in this, both the old system and its potential
replacement are run together for a time until everyone is assured that
the new one functions correctly.
b. Direct cutover strategy: It replaces the old system entirely with the new
system.
c. Pilot study: This strategy introduces the new system to only a limited
area of the organization such as a single department or operating unit.
d. Phased approach: This strategy introduces the new system in stages,
either by functions or by organizational units.
6. Production and maintenance: After the system is installed and conversion is
complete, the system is said to be in production. In this stage, the system
will be reviewed by both users and technical specialists to determine how
well it has met its objectives and to decide whether any revisions are
required. Changes in hardware, software, documentation, to a production
system to correct errors, meet new requirements or improve efficiency are
termed maintenance.

Modeling and designing systems

Structured methodologies (traditional)

Structured refers to the fact that the technique are step by step, with each step
building on the previous one. Structured methodologies included top down
approach where system is modeled progressively from the most abstract level to
the lowest level of details. The primary tool for representing a systems
component processes and the flow of data between them is data flow diagram
(DFD). A DFD is a graphical representation of flow of data through an information
system, modeling its process aspects.

Object oriented methodologies (modern)

Object oriented development uses the object as the basic unit of systems analysis
and design. An object combines data and the specific processes that operate on
those data. It is based on the concepts of class and inheritance. It is more iterative
and incremental than traditional structured development.

Alternative system building approach

Since the systems vary in terms of nature, size and complexities, the approaches
used to develop these systems also vary.

1. Traditional system life cycle

This is the oldest method and primitive approach for building IS where the
system is developed in various sequential phases. This approach divides
system development into formal stages. Each stage consists of basic
activities that must be performed before the next stage can begin. It means
that this life cycle follows “waterfall approach”.
It maintains a formal division of work among users and specialists.
Technical specialists are responsible for much of the system analysis, design
and implementation work and end user are limited to providing
information requirements and review the system.
2. Prototyping
Prototype is a preliminary working model or version of an information
system. It is an early sample from which other forms are developed.
Prototyping is the process of building an experimental system quickly and
inexpensively for demonstration and evaluation so that end users can
better define information requirements.
The specialists keep on developing prototype until the user is finally
satisfied. The steps of prototyping are:
a. Identify basic requirements: In this step, the system designer or IS
specialists works with the user to capture the users basic information
needs.
b. Develop a working prototype: The system designer creates a working
prototype quickly.
 c. Use the prototype: The user is encouraged to work with the system to
determine how well the prototype meets his needs and to make
suggestions for improving the prototype.
d. Revise and enhance the prototype: The system builder notes all changes
the user requests and refines the prototype accordingly and moves back
to step3.
When no more iterations are required, the approved prototype
becomes an operational prototype that is the final specification.

3. End user development

End user development refers to activities and tools that allows end-users to
program computers. In end-user development, software tool called fourth
generation language enable end users to create reports or develop
software applications with minimal or no-technical assistance.
The categories of fourth generation language are: PC software tools, query
language, report generating programs, graphics language, application
generators, application software package and very high level programming
language.
Merits
a. Faster development of projects
b. There is high-level of user involvement and satisfaction

Demerits

a. It is not designed for processing intensive applications as user has

developed it, not by the technical specialist.
b. There may be chances of faults in the system and lack of control due to
inadequate testing and documentation.

Application software package

Application software package are the set of prewritten, pre coded application
software that are commercially available for sale or lease. One can buy software
package from the market and custom it accordingly to the need of the
organization. So, it saves a lot of time and money for the organization.
Software package need to be evaluated based on functions provided by the
package, flexibility, user friendliness, vendor quality, cost etc. The package
evaluation process is based on a request for proposal (RFP). A RFP is a brief list of
questions submitted to package software vendors.

Outsourcing

Outsourcing means using an external vendor to build or operate a firm

information system. In outsourcing, the work is done by the vendor rather than
by the organizations internal IS staff. It is subcontracting services and operations
to outside firms who can perform them cheaper and better.

Domestic outsourcing: It is a strategic practice of utilization a third party vendor

to perform services in the same country. It is also called onshore outsourcing.

Offshore outsourcing: It is the practice of hiring an external organization to

perform some business functions in foreign country. In this, decision tends to be
much more cost driven.

The main advantage of outsourcing is that it allows organization flexibility in IT

needs as company can buy software and fulfill needs.

There arises hidden cost in identifying and selecting the right vendor. There also
arises cost in transitioning to vendor. Cultural difference can also be a costly issue
in this regard.

Application development for the digital firm

For digital firm, application development needs to fast, flexible and consistent
enough to tap the enormous opportunities that is discovered each day. Digital
firms use system development techniques like rapid application development,
joint application development etc that can be assembled into complete set of
services.
Rapid application development (RAD): The RAD refers to the process of creating
workable systems in a very short period of time. RAD can include the use of visual
programming and other tools for building graphical user interfaces, close
teamwork among end users and information system specialists.

Joint application design (JAD): It is the methodology that involve the client or end
users in the design and development of an application. JAD brings end users and
information systems specialists together in an interactive session to discuss the
systems design.

Agile development: It focuses on rapid delivery of working software by breaking a

large project into a series of small subprojects that are completed in short periods
of time using iteration and continuous feedback.

Component based development

Component based development enables a system to be built by assembling and

integrating software components that are already available in the market. For
example, an e-commerce application can be developed by integrating
commercially available components for shopping carts, search engines etc

Web services and service-oriented computing

Web services can be used as tools for building new IS applications or enhancing
existing systems. Because these software services use a universal set of
standards, and they promise to be less expensive and less difficult to weave
together than proprietary components.

Web services can provide significant cost savings in systems building while
opening up new opportunities for collaboration with other companies.

Key terms
Computer aided software engineering (CASE): It is the domain of software tools
used to design and implement applications. It provides tools and methods to
ensure high-quality and defect-free software.

End-user interface: The part of the system with which end user interact is called
end-user interface.

Note: Please use it as a reference only. If you find any mistakes then do not
hesitate to contact me via email or my personal facebook account.

Some important terms and questions/answers

1. What are the most important

tools and technologies for safe
guarding information resources?
Business have an array of technologies for protecting their information
resources. They include tools for managing user identities, preventing
unauthorized to system, ensuring software quality etc. The most important
tools are:
a. Identity management and authentication: Identity management
software automates the process of keeping track of all the users and
their system privileges. It also includes tools for authenticating users,
protecting user identifies, and controlling access to system resources.
b. Firewalls: A firewall is a combination of hardware and software that
prevent unauthorized users from accessing private networks. It controls
the flow of incoming and outgoing network traffic.
c. Antivirus software: Antivirus software is designed to check computer
systems and drives for the presence of computer viruses. To remain
effective, antivirus software must be continually updated.
d. Encryption and public key infrastructure: encryption is the process of
using an algorithm to transform information to make it unreadable for
unauthorized user. A more secure form of encryption is called public key
encryption which uses two keys: one public key and one totally private.
2. Disadvantages of digital firm They
are:
a. Makes employees lazy
b. High maintenance cost
c. Causes distraction at work
d. Affects workplace relationship
3. Ethical, political and social issues raised by IS
Ethical, social and political issues are closely linked. The ethical dilemma
one face as a manager of IS typically is reflected in social and political
debate.
The four technologies trends that raise ethical issues are: computing power
doubles every 18 months, data storage costs rapidly declining, data analysis
advance, networking advances etc.
4. Define bargaining power of customers
An advantage to customers that comes from gathering together to put
collective pressure on producers to lower prices or improve quality is called
bargaining power of customers. Porters five forces can be used to raise the
bargaining power of buyers.

Some of the key terms

Autonoming computing: It is a computing model in which the system is
selfhealing, self-configured, self-protected and self-managed.

White hat hackers: white hats are those hackers who choose to use their
powers for good rather than evil. Also, it is known as “ethical hackers”.

Grey hats: They will look for vulnerabilities in a system without the owner
permission or knowledge. They are blend of both black and white hats.

Black hats: They break into computer network and bypass security
protocols for malicious reasons.
Ad hoc: It is a specific business intelligence process designed to answer
specific business questions. It includes statistical model, analytical report
etc

Information rights: Rights that specify claims and duties with regard to
communication, collection, access, use and control of information as
information rights. It includes right to privacy, intellectual property etc