Professional Documents
Culture Documents
PREFACE
This reference note has been prepared to meet the requirement of the BBA 3 rd
semester TU. However, It is expected to be useful for others interested in
computer and management. The contents have been developed as guided by the
detailed syllabus prescribed by Tribhuwan University (TU).
UNIT 1
The role of information system in business today is praise worthy. Most of the
organizations have adopted some form of information system that is synchronous
to its structure and management objectives. The role of information system in
business today can be pointed out under four topics:
Globalization
Globalization has created this whole world as a single community. It has
created a flattened world where not only the goods move easily even the
jobs do. Internet and global communications had greatly reduced the
economic and cultural advantages of developed countries. However,
Globalization presents both challenges and opportunities for business
throughout the world:
Challenges
1. Competition for jobs, markets, and resources are heavily increasing. It is
challenging for employees, managers and business firms to get jobs,
manage resources and retain market respectively.
2. For students, the challenge is to develop high level skills through
education and on the job experience that cannot be outsourced.
3. For business, the challenge is to increase cost efficiency and product
effectiveness, reduce customer grievances around the globe and
response time to changes and demands.
4. For managers, the challenge is to be prepared to fit into any
sociocultural environment, and be responsive to people across the
world.
Opportunities
Globalization has become inevitable phenomenon, thus the only choice for
businesses and managers is to use information technology for ensuring
greater communication ability, broader scope for operation etc.
Companies like eBay, walmart, google etc stand where they are because
they know how to implement IT for their strategic purpose. What a
business would like to do in five years often depends on what its systems
will be able to do.
Business perspective on IS
Leading business like walmart, Amazon, Apple inc are becoming more
reliant towards information technology and information system for
profitability.
assets:
Managerial assets:
Social assets:
Information: Information is the processed data that have been presented into
a format that is both meaningful and useful.
Functions of IS
1. Input: Captures or collects raw data from within the organization or from its
external environment.
2. Processing: Converts this raw input into a meaningful form
3. Output: Transfers the processed information to the people who will use it
4. Feedback: It is output that is returned to appropriate members of
organization.
Intranet Extranet
Intranet are simply internal company Extranet are company websites that
web sites that are accessible only by are accessible to authorized vendors
employees. and suppliers.
Intranet is the network that is limited Extranet is an extension of the
for use on the organizations company intranet.
computers
It is the use of internet technology It is a network that uses the internet
within a company or organization to link company intranets in order to
enhance business-to-business
partners selection.
It can be accessed by private It can be accessed only by business
organization members proprietary partners selective.
World wide web (WWW): WWW is a service provided by the internet that uses
universally accepted standards for storing, retrieving, formatting and
displaying information in a page format on the internet.
Information system literacy: It is the knowledge of how data-information are
used by individuals and organizations.
Chapter 2
Teams are part of the organizations business structure for getting things
done. Teams have a specific mission that someone in the business assigned
to them.
Benefits of collaboration
Chief information officer (CIO): Head of ISD. He/she is the senior manager
who oversees the use of IT in the firm.
Chief security manager (CSO): CSO is in charge of IS security for the firm and
is responsible for enforcing the firm information security policy. It is also
called Chief information security Officer (CISO). CSO is responsible for
maintaining tools and policies chosen to implement security.
Chief privacy officer (CPO): CPO is responsible for ensuring that the
company complies with the existing data and privacy laws.
Wikis: Wikis are a type of website that makes it easy for users to contribute
and edit text contents and graphics without any knowledge of web page
development or programming techniques.
Tele presence: It is a set of technologies with integrated audio and visual
environment that enable people to feel or appear as if they were in a
location which they are not.
End users: the person who actually uses a particular product or service. An
end user is a person that a software program or hardware is designed for.
Features of an organization
a. Economic impact: IT changes both relative cost of capital and the cost of
information. IT help firm contract in size because it can reduce
transaction cost.
b. Organizational and behavioral impacts: It facilitates flattening of
hierarchies by broadening the distribution of information to empower
lower-level employees and increase management efficiency.
c. Internet and organization: Internet increases the accessibility, storage,
and distribution of information and knowledge for organization. The rise
of networked business is the effect of internet on business.
This model provides a general view of the firm, its competitors, and the firm
environment. It is all about the firm general business environment. It is
used to analyze industrial competition. Porter discussed five competitive
forces that mark the competitive position of firm
firms competitors
bargaining power is high, than the competitive position is weak and vice
versa.
e. Suppliers: The more different suppliers a firm has, the greater control it
can exercise over suppliers in terms of price, quality and delivery
schedule.
There are four general strategies, each of which often is enabled by using
information technology and systems.
Switching costs: switching costs refers to the cost that a customer incurs as
a result of changing brands, suppliers or products. It is the cost of switching
from one product to a competing product.
Ethics: Ethics refers to the principles of right and wrong that individuals, acting
as free moral agents, use to make choices to guide their behavior.
IT infrastructure
Evolution of IT infrastructure
There have been five stages in this evolution, each representing a different
configuration of computing power and infrastructure elements. The five eras
are:
1. General purpose mainframe and minicomputer era (1959 to present) The
introduction of IBM 1401 in 1959 marked the beginning of mainframe
computers. The mainframe era was a period of highly centralized
computing under the control of professional programmers and system
operators. This pattern began to change with the introduction of
minicomputer produced by Digital Equipment Corporation (DEC) in 1965.
Infrastructure components
IT infrastructure today is composed of seven major components:
1. Computer hardware platforms: computer hardware refers to the
physical parts or components of a computer such as processor, printer
etc. These hardware platforms will either help to input, process or show
the output and store instructions for future propose.
2. Operating system platform: Operating system is a collection of programs
that controls the overall operation of the computer system. Operations
such as logging on, file management, and network connectivity are
controlled by operating system. For eg: Unix, Linux etc
3. Enterprise software applications: Enterprise software is purpose
designed computer software used to satisfy the needs of an organization
rather than individual users. Services provided by enterprise software
are typically business oriented tools such as online shopping, automated
billing system, CRM, ERP, business intelligence, collaboration etc
4. Data management and storage: Storage area networks (SAN) connects
multiple storage devices on a separate high-speed network dedicated to
storage. The SAN creates a large central pool of storage that can be
rapidly accessed and shared by multiple servers.
5. Networking/telecommunications platforms: Networking and
telecommunications platform will merge into one rather than having
one platform for networking devices and a separate platform for
telecommunications. Many telecommunication companies are now
merging with internet service providers to offer a complete package of
digital services.
6. Internet platforms: The internet and its technology standards continue
to expand the businesses and services. Internet and extranet built on
internet technology give businesses an easy and inexpensive method of
providing services.
7. Consulting and system integration services: systems used in many large
companies are so complex that must businesses simply cannot manage.
The services become more critical as many companies merge their old
legacy systems with newer technologies. Companies choose not to
totally replace legacy system because it is too expensive and involves
too much training. It is easier to use middleware and other technologies
to merge old and new systems.
Solutions of IT infrastructure
Open source software: It is software with code that anyone can inspect,
modify and enhance. Linux is powerful open source OS that can run on
multiple hardware platforms.
Unit 6
File organization: It is a way of organizing the data or records in a file. The most
common types of file organization are: sequential, relative and indexed.
Bit: A bit is the smallest unit of data that can be handled by a system. A bit is
always either 0 or 1. A group of bits or combined bits are called byte. A
Combination of 8 bits makes up a byte.
Fields: Fields are the smallest unit of information that can be accessed. Fields are
the combination of bytes that generate some sense. A group of related fields,
such as student name, course taken etc is a Record.
File: A file is a collection of records of the same type. For eg: personal_info file
store student name, DOB etc. The group of related files makes up a database.
Entity: An entity is a thing or object in the real world that is unique from all other
objects. The descriptive property possessed by each member of entity set is called
an attribute.
Capabilities of DBMS
The capabilities of DBMS vary according to its type. It depends upon the
foundation of which it is built- data definition language, data dictionary and
data manipulation language.
a. Querying and reporting: querying helps to filter the data and present only
what the user requires. The most popular type of query language (or DML)
is structured query language. It uses English like structured syntax for
creating queries. DBMS have the capabilities to generate reports on the
user-desired data. Crystal report is a popular report generator for large
DBMS.
b. Maintaining complex relationships among data: A DBMS has the capabilities
of creating link between the data in various tables. This capability helps to
retrieve complete information in a timely fashion.
c. Providing backup and recovery: The DBMS has the capability to create a
back-up of the data. This back-up can be used to recover the lost data
during accidental loss of data. This saves million of dollars of the
corporation occurring from data loss.
d. Maintaining data integrity and security: Data integrity refers to the
accuracy and consistency of data stored in a database. Various integrity
constraints can be enforced to check data integrity. Security restrictions are
supported by DBMS that allows restriction to unauthorized users or
readonly to some authorized users.
Designing databases
Designing database is dealt in two phases- the conceptual phase and the
physical phase. The conceptual (logical) phase is the abstract model of the
database from a non-technical perspective. The physical phase is how
database is actually arranged on direct access storage device.
The conceptual database design deals with two concepts:
1. Normalization: Normalization is the process of reducing redundancies of
data and ensuring data independencies in a database. It is the process of
decomposing a bad relation by breaking up their attributes into smaller
relations.
2. Entity relationship diagram: ER diagram is a diagram that shows links
between the entities and the kind of relation between them. It is the
pictorial representation of data model documented by the database
designer.
Data warehouses: It is a large store of data accumulated from a wide range
of sources within a company and used to guide management decisions. The
data warehouses makes the data available for anyone to access as needed,
but it cannot be altered. It extracts current and historical data from
multiple operational systems inside the organization.
Data mart: It is the access layer of the data warehouse environment that is
used to get data out to the users. It is limited to a specific businesses unit or
group of users. It is usually oriented to a specific business lie or teams.
Text mining: Extracting information from the text files that cover most part
of the information source for the organization is called text mining.
Web mining: The discovery and analysis of useful patterns and information
from the world wide web is called web mining.
Data cleansing: It is also known as data scrubbing. It consists of activities for
detecting and correcting data in a database.
UNIT 7
Securing information system
Trojan horse: It is any malicious computer program which misleads users of its
true intent. For eg: zeus Trojan
Hackers are the individuals who gain unauthorized access to computer syatem by
identifying a soft corner in its security mechanism. Since internet is an open
network, it has been a boon to hackers and crackers, who are hackers with
criminal intentions.
a. Spoofing and sniffing: spoofing is creating fake identities of one self and
misleading user or redirecting users to a fake address in order to execute
criminal plans. Sniffing is gathering private information from users over
network via eavesdropping programs called sniffers.
b. Denial of service attacks: It is an attack meant to shut down a machine or
network making it inaccessible to its intended users. In DOS attacks,
hackers create a “zombie” network called botnets using malicious codes on
others systems for increasing the number of requests.
c. Identity theft: It is the deliberate use of someone else identify, usually as a
method to gain a financial advantage.
d. Click fraud: Click fraud is clicking or making a program that clicks on ads
without any intention of knowing about the products.
e. Cyber terrorism and cyber warfare: Cyber terrorism and cyber warfare is
carrying out criminal activities on the cyber space across the globe with a
view to weaken or disrupt the target countries. Attacks on traffic control,
DOS attack on government web site are examples.
Computer crime: It is the use of computer and network to commit illegal ends like
fraud, hacking, phishing etc
There are systems that stores highly confidential personal information such as
credit card details, business information related to competitive tactics and
government on arms, taxes etc. These information if destroyed, misplaced or
acquired by wrong minds can create serious problems in all aspects of
socioeconomic life.
Computer forensics
Risk assessment
Risk assessment simply means identifying the risk to the part of the system
that may occur if the proper security mechanism is not adopted. Risk
assessment is done on the basis of factors like value of information assets,
points of vulnerability etc. For examples, it is unwise to spend rs.300000 for
security in a system that causes potential damage of rs.2000 once a year.
Role of auditing
An MIS audit examines the firms overall security environment as well as
controls governing individuals IS. The auditor should carefully examine the
flow of sample transactions through the system and perform tests using
audit software. Security audits review technologies, procedures,
documentation training and personnel.
Key terms
phishing Pharming
Phishing is the attempt to obtain Pharming is a cyber attack intended
sensitive information often for to redirect website traffic to
malicious reason, by disguising as a another fake site.
trustworthy entity in an electronic
communication
It involves getting a user to enter It involves modifying domain name
personal information via a fake system (DNS) which causes users to
website be directed to the wrong websites
There are four general changes that can be brought in the organization through
system development:
1. Identify process for change: selecting the right business model and
processes for change is the prime job. Selecting a wrong process may lead
to competitive disadvantage.
2. Analyze existing process: The second step is to analyze the identified
processes to plan the changes. This can be done by creating a detailed
model of the process including all the inputs and outputs. This allows to
identify any bottle necks, repetition etc
3. Design the new process: After knowing the problems in existing process,
modification of the process or even creating new one should be done. Cost
and time should be major considerations while designing new processes.
4. Implement the new process: once the process has been analyzed and
modified, it must be translated into a new set of procedures and work
rules. New IS or enhancement to existing systems may have to be
implemented to support the redesigned process. After implementation,
optimization can be done.
5. Continuous measurement: once the process is implemented, the
employees or any other parties concerned with the process may suggest
some lags or complaints and thus the process needs continuous
improvements.
Overview of system development
Structured refers to the fact that the technique are step by step, with each step
building on the previous one. Structured methodologies included top down
approach where system is modeled progressively from the most abstract level to
the lowest level of details. The primary tool for representing a systems
component processes and the flow of data between them is data flow diagram
(DFD). A DFD is a graphical representation of flow of data through an information
system, modeling its process aspects.
Since the systems vary in terms of nature, size and complexities, the approaches
used to develop these systems also vary.
Demerits
Application software package are the set of prewritten, pre coded application
software that are commercially available for sale or lease. One can buy software
package from the market and custom it accordingly to the need of the
organization. So, it saves a lot of time and money for the organization.
Software package need to be evaluated based on functions provided by the
package, flexibility, user friendliness, vendor quality, cost etc. The package
evaluation process is based on a request for proposal (RFP). A RFP is a brief list of
questions submitted to package software vendors.
Outsourcing
There arises hidden cost in identifying and selecting the right vendor. There also
arises cost in transitioning to vendor. Cultural difference can also be a costly issue
in this regard.
For digital firm, application development needs to fast, flexible and consistent
enough to tap the enormous opportunities that is discovered each day. Digital
firms use system development techniques like rapid application development,
joint application development etc that can be assembled into complete set of
services.
Rapid application development (RAD): The RAD refers to the process of creating
workable systems in a very short period of time. RAD can include the use of visual
programming and other tools for building graphical user interfaces, close
teamwork among end users and information system specialists.
Joint application design (JAD): It is the methodology that involve the client or end
users in the design and development of an application. JAD brings end users and
information systems specialists together in an interactive session to discuss the
systems design.
Web services can be used as tools for building new IS applications or enhancing
existing systems. Because these software services use a universal set of
standards, and they promise to be less expensive and less difficult to weave
together than proprietary components.
Web services can provide significant cost savings in systems building while
opening up new opportunities for collaboration with other companies.
Key terms
Computer aided software engineering (CASE): It is the domain of software tools
used to design and implement applications. It provides tools and methods to
ensure high-quality and defect-free software.
End-user interface: The part of the system with which end user interact is called
end-user interface.
Note: Please use it as a reference only. If you find any mistakes then do not
hesitate to contact me via email or my personal facebook account.
White hat hackers: white hats are those hackers who choose to use their
powers for good rather than evil. Also, it is known as “ethical hackers”.
Grey hats: They will look for vulnerabilities in a system without the owner
permission or knowledge. They are blend of both black and white hats.
Black hats: They break into computer network and bypass security
protocols for malicious reasons.
Ad hoc: It is a specific business intelligence process designed to answer
specific business questions. It includes statistical model, analytical report
etc
Information rights: Rights that specify claims and duties with regard to
communication, collection, access, use and control of information as
information rights. It includes right to privacy, intellectual property etc