There are several risks associated with online operations.

These include:

1. Cyberattacks: Online operations are vulnerable to various forms of cyberattacks, such as

hacking, phishing, ransomware, and malware. These attacks can lead to unauthorized access
to sensitive data, financial loss, and damage to the reputation of the business.

2. Data breaches: Online operations involve the collection and storage of large amounts of
customer and business data. A data breach can lead to the exposure of personal information,
financial data, and trade secrets. This can result in legal consequences, financial loss, and a
loss of customer trust.

3. Fraud and identity theft: Online operations provide opportunities for fraudsters to engage in
fraudulent activities, such as credit card fraud, identity theft, and account takeover. This can
result in financial loss for the business and its customers.

4. Regulatory compliance: Online operations must comply with various legal and regulatory
requirements, such as data protection laws, privacy laws, and payment card industry standards.
Failure to comply can result in fines, legal actions, and damage to the reputation of the
business.

5. Technical issues: Online operations are susceptible to technical issues, such as website
downtime, server failure, and network outages. These issues can disrupt business operations,
lead to customer dissatisfaction, and
ASSISTANT
result in financial losses.

6. Online scams and phishing: Online operations provide opportunities for scammers to deceive
customers through phishing emails, fake websites, and fraudulent advertisements. This can
lead to financial loss, compromised personal information, and damage to the reputation of the
business.

7. Online reputation management: Online operations require businesses to manage their online
reputation effectively. Negative reviews, complaints, and social media backlash can harm the
reputation of the business and impact customer trust and loyalty.

8. Intellectual property theft: Online operations make it easier for others to copy and distribute
copyrighted material, trademarks, and trade secrets. This can result in financial losses and
damage to the business's competitiveness.

9. Supply chain risks: Online operations often involve partnerships with third-party vendors and
suppliers. These partnerships can introduce additional risks, such as supply chain disruptions,
compromised data security, and intellectual property theft.
10. Employee security awareness: Online operations depend on employees following best
practices for data security. Lack of employee awareness and training can lead to accidental data
breaches, unauthorized access, and compromised security.
Procedural control in MIS refers to the use of procedures and
instructions to ensure the accuracy and completeness of data
processing and information systems. It is a type of preventive control
that is designed to prevent errors and fraud before they occur.

Some common examples of procedural controls in MIS include:

● Standard operating procedures (SOPs): SOPs are step-by-step

instructions that detail how to perform a task. They are often used
to ensure that data is entered correctly and that processes are
followed consistently.
● Checklists: Checklists are lists of tasks that need to be
completed. They can be used to ensure that all of the necessary
steps are taken in a process, such as backing up data or
approving a purchase order.
● Data validation: Data validation is the process of checking data
for errors before it is processed. This can be done by using rules
or algorithms to check for invalid data, such as missing or
inconsistent values.
● Access control: Access control is the process of restricting who
can access data and systems. This can be done by using
passwords, security tokens, or other authentication methods.
● Audit trails: Audit trails are records of all changes that are made
to data or systems. They can be used to track down errors or
fraud.

Contents of procedural control in MIS include:

Security policies and procedures: These policies and procedures

define how the MIS should be secured, including how to access the
system, how to protect data, and how to respond to security incidents.

Authorization requirements: These requirements define who is

authorized to access the MIS and what they are authorized to do.

Disaster recovery plans: These plans define how the MIS will be
recovered in the event of a disaster, such as a fire, flood, or earthquake.

End-user computing controls: These controls define how users are

allowed to use the MIS, such as what software they can install and what
data they can access.
Data change control procedures: These procedures define how
changes to data in the MIS should be made and approved.

Application change control procedures: These procedures define

how changes to applications in the MIS should be made and approved.

System development life cycle (SDLC) procedures: These

procedures define the steps that should be followed when developing
and implementing new MIS applications.

Change management procedures: These procedures define the steps

that should be followed when making changes to the MIS infrastructure,
such as hardware, software, and networks.

Business continuity plans: These plans define how the organization

will continue to operate in the event of a disruption to the MIS.

The process of procedural control in MIS involves the following

steps:

Identify and assess risks. The first step is to identify and assess the
risks to the MIS. This includes identifying the potential threats,
vulnerabilities, and impacts.

Design and implement procedural controls. Once the risks have been
identified and assessed, procedural controls can be designed and
implemented to mitigate the risks. Procedural controls are policies,
procedures, and guidelines that define how the MIS should be used and
operated.

Monitor and maintain procedural controls. Procedural controls should

be monitored and maintained on an ongoing basis to ensure that they
are effective and up-to-date. This includes reviewing the controls
regularly to identify any areas where they need to be improved.

Measures of procedural controls in MIS include:

Compliance: This measure assesses the extent to which users are

complying with the procedural controls. This can be done by conducting
audits, interviews, and surveys.
Error rates: This measure assesses the number of errors that occur in
the MIS. A reduction in error rates may indicate that the procedural
controls are effective.

Fraud rates: This measure assesses the number of fraud incidents that
occur in the MIS. A reduction in fraud rates may indicate that the
procedural controls are effective.

System downtime: This measure assesses the amount of time that the
MIS is unavailable. A reduction in system downtime may indicate that
the procedural controls are effective.

Customer satisfaction: This measure assesses the satisfaction of

customers with the MIS. An increase in customer satisfaction may
indicate that the procedural controls are effective.

In addition to these quantitative measures, it is also important to

consider qualitative factors when evaluating the effectiveness of
procedural controls. These factors may include the following:

Are the procedural controls well-defined and documented?

Are the procedural controls understood and followed by users?

Are the procedural controls effective in mitigating the identified risks?

Are the procedural controls regularly reviewed and updated?

By considering both quantitative and qualitative measures, organizations

can get a more complete picture of the effectiveness of their procedural
controls in MIS.

Here are some of the benefits of using procedural controls in MIS:

● They can help to prevent errors and fraud.

● They can help to improve the efficiency and effectiveness of data
processing.
● They can help to protect the integrity of data and systems.
● They can help to meet regulatory requirements.
Here are some of the challenges of using procedural controls in
MIS:

● They can be time-consuming and expensive to develop and

implement.
● They can be difficult to update and maintain.
● People may not always follow procedures, especially if they are
not well-written or understood.
● Procedures can be inflexible and may not be able to adapt to
changing circumstances.
The societal challenges of information technology are a complex and ever-evolving set
of issues that arise from the use of technology in our society. Some of the most
pressing challenges include:

● Data privacy and security: The vast amount of personal data that is collected and
stored online is a major security risk. This data can be used to commit identity
theft, fraud, and other crimes. It can also be used to track people's movements
and activities, invade their privacy, and manipulate their behavior.
● Online harassment and cyberbullying: The anonymity of the internet makes it
easy for people to bully and harass others online. This can have a devastating
impact on the victims, leading to depression, anxiety, and even suicide.
● Fake news and misinformation: The internet has made it easier than ever to
spread false information. This can have a negative impact on our democracy and
society as a whole, as people may be misled about important issues.
● The digital divide: The digital divide is the gap between those who have access
to technology and those who do not. This gap can lead to social exclusion and
inequality.
● Addiction to technology: The overuse of technology can lead to addiction, which
can have a negative impact on people's physical and mental health.
● The impact of technology on work and employment: Technology is changing the
way we work, and this can lead to job losses and other challenges.
● The impact of technology on our environment: The production and use of
technology can have a negative impact on the environment. This includes the
use of energy, the production of waste, and the extraction of raw materials.

These are just some of the societal challenges of information technology. As technology
continues to evolve, it is important to be aware of these challenges and to work to find
solutions.

Here are some of the things that can be done to address the societal challenges of
information technology:

● Strengthen data privacy and security laws: Governments need to strengthen

laws to protect people's privacy and security. This includes laws that regulate the
collection, storage, and use of personal data.
● Educate people about online safety: People need to be educated about the risks
of online harassment and cyberbullying. They also need to be taught how to
protect themselves online.
● Fight fake news and misinformation: There is a need to fight fake news and
misinformation. This can be done by teaching people how to identify false
 information and by supporting fact-checking organizations.
● Bridge the digital divide: Governments and organizations need to work to bridge
the digital divide. This includes providing access to technology for people who do
not have it.
● Address the impact of technology on work and employment: Governments and
businesses need to work together to address the impact of technology on work
and employment. This includes providing retraining programs for people who
lose their jobs due to technology.
● Protect the environment: Businesses and individuals need to take steps to
protect the environment from the impact of technology. This includes using
energy-efficient technology and reducing waste.

These are just some of the things that can be done to address the societal challenges
of information technology. It is a complex and evolving issue, but it is important to work
together to find solutions.
What is EDI (Electronic Data Interchange)?

Introduction :

Electronic Data Interchange (EDI) is a computer-to-computer exchange of business documents

in a standard electronic format between two or more trading partners. It enables companies to
exchange information electronically in a structured format, eliminating the need for manual data
entry and reducing the cost and time associated with paper-based transactions.

What is E-Commerce?

E-Commerce stands for Electronic commerce, which means buying or selling goods through the
Internet. The biggest advantage of E-Commerce in this era is Time Savings, not only that as a
customer, one major advantage is that the customer receives a lot of discounts on the products
they want to buy.

Electronic Data Interchange (EDI)

Electronic Data Interchange (EDI) is a computer-to-computer exchange of business documents

in a standard electronic format between two or more trading partners. It enables companies to
exchange information electronically in a structured format, eliminating the need for manual data
entry and reducing the cost and time associated with paper-based transactions.

EDI Documents:

The most common documents exchanged via EDI are:

Invoices
Purchase Orders
Financial Information letters
Transaction Bills
Shipping requests and notifications
Acknowledgment and feedback
Transcripts
Claims
Business Correspondence letters

EDI Users:

Central and state government agencies

Industry
Banking
Retailing
Manufacturing
Insurance
Healthcare
Automotive
Electronics
Grocery
Transportation

History of EDI

Edward Guilbert is known to be the father of electronic data exchange, introducing EDI back in
the 1960s in the supply chains. The US Transportation industry implemented EDI for better
communication among different companies.

How does EDI work?

The data or the information that one company sends the other first gets prepared to be sent,
then the information/document is translated into EDI format. The document is then connected
and transmitted to the other business, the connection is direct and point to point.
Uses of EDI :

EDI is widely used in various industries for exchanging business documents electronically.
Some of the common uses of EDI are:

Order Processing: EDI allows companies to exchange purchase orders and sales orders
electronically, eliminating the need for manual data entry and reducing errors.

Invoicing: EDI can be used to exchange invoices electronically, reducing the time and cost
associated with paper-based invoicing.

Shipping and Receiving: EDI can be used to exchange shipping notices and receiving
documents, enabling companies to track the movement of goods in real-time.

Inventory Management: EDI can be used to exchange inventory information, enabling

companies to manage their inventory levels more effectively.

Supply Chain Management: EDI is used extensively in the supply chain management process,
enabling companies to exchange information with their suppliers, distributors, and customers.

Healthcare: EDI is used in the healthcare industry to exchange patient data, claims, and other
healthcare-related information between healthcare providers, insurance companies, and
government agencies.

Financial Transactions: EDI can be used to exchange financial transactions such as payment
advice and remittance advice, reducing the time and cost associated with manual payment
processing.

Advantages of EDI:

There are several advantages to Electronic Data Interchange:

The paper usage reduced: The expense of storing, printing, recycling, reduces up to the
maximum amount due to the EDI.

Improved quality of Data: The data entry errors are reduced due to EDI.

Speed Increases: The best advantage is the increase in the speed of the data interchange. With
everything going online, the speed of the information transfer increases exponentially.

Security: By following the Protocols and the standard rules, the security of all the important
documents is always secure and safe.
Information accuracy: Since the information exchanged is based on standards agreed by the
sender and receiver both, the correct information is always transferred regardless of where they
belong to.

Less Cost: With very less errors, fast response time, everything becoming automated, and no
use of paper, the cost automatically reduces.

Disadvantages of EDI:

The initial setup of the EDI is very Time-consuming.

EDI standards keep on changing after some amount of time.

A very systematic and proper backup is required as the entire data relies on EDI.

The setup and maintenance of the EDI is very Expensive.