Management Information Systems (MIS)

Recap Session

Arup K Das
Doctorate, Information Management, MDI Gurugram
Head of Security & Compliance, Ericsson India Digital Services
Guest Faculty, FMS, University of Delhi
Guest Faculty, MDI, Gurugram

Mar 16th 2024

Agenda for Today’s Session
▪ Recap
▪ Questions & Answers

2
Recap

3
What is E-Business
▪ Electronic business (e-business) can be defined as the use of
the internet to network and empower business processes,
electronic commerce, organizational communication and
collaboration within a company and with its customers,
suppliers, and other stakeholders.
▪ E-businesses utilize the internet, intranets, extranets and
other networks to support their commercial processes.
▪ E-Business is the replacement of ineffective existing methods
of information flow in the supply and value chains of an
organization
▪ E-Business liberates resources like manpower, materials,
money and time, which can then be redistributed for more
value-added tasks, to bring incremental revenue and profits to
customers and suppliers.

4
What is E-Commerce
▪ E-Commerce refers to electronic transactions between a
purchasing organization and its suppliers (Buy side of E-
Commerce)

▪ E-Commerce also refers to electronic transactions between a

supplier organization and its customers (Sell side of E-
Commerce)

5
Key Differences
E-Business & E-Commerce

Srl E-Commerce E-Business

#
1. It’s sub-set of E-Business It’s super-set of E-Commerce

2. Activities involving monetary Activities besides selling like marketing,

transactions procurement of raw materials or goods,
customer education, looking for suppliers etc.
3. To sell online To bring and retain customers and educate
them online about the product or service

4. Performs business transaction on a Guides a visitor on a portal

portal

5. Defined as a process covering Covers internal processes such as production,

outward processes that touch
customers, suppliers and external
partners
6. Can be described as the use of the
Internet and the web to transact
business. More formally, digitally
enabled commercial transactions
between and among organizations
and individuals.
inventory management, product
development, risk management, finance etc.
Can be described as the digital enablement of
transactions and process within a firm,
involving information systems under the
control of the firm.
6
Types of E-Business
▪ B2C (Business to Consumer)
✓ The most widely recognized form of e-business, B2C is the exchange of
information, products or services taking place between a business and a
consumer over the internet.
✓ As the internet develops, B2C is continually changing the way consumers
acquire information, the way products are compared against one another
and the way in which they are purchased.
✓ E.g. Amazon.com
▪ B2B (Business to Business)
✓ The largest form of e-business in terms of money spent is B2B.
✓ Business-to-business allows trading to take place between businesses,
using a low-cost sales channel for the sale of goods and services and is
responsible for constantly changing corporate buying habits.
✓ E.g. Airtel offering Broadband & Internet services to IBM

7
Types of E-Business
▪ B2G (Business to Government)
✓ B2G is the online exchange of information and transactions between
businesses and government agencies, also known as e-government.
✓ B2G allows government agencies and businesses to use electronic means to
conduct business and interact with each other over the internet.
✓ E.g. Infosys offering electronic tax filing services to Govt. of India

8
Traditional E-Commerce Setup
E-Commerce setup on Cloud Computing
What is EDI?
Traditional Manual Process

Automated EDI Process

11
Ten Online Business Laws
1. Taxes
▪ First, know that every state and country has different expectations and standards when it comes to
taxes.. That means, you have to conduct some research and understand your target market.
▪ For instance, if your store’s demographic is located in the U.S., you’ll likely want to display your
prices exclusive of tax. However, if your target market is Australia, where shoppers are accustomed
to seeing all-inclusive prices, you’ll want to include tax.

2. Payment Gateway
▪ There are many payment gateways available for E-Commerce
▪ Need to align with the payment gateway, that’s most applicable for your business

3. Trademarks, Patents & Copyrights

▪ Trademark: A word, phrase, symbol, and/or design that identifies and distinguishes the source of
the goods of one party from those of others.
▪ Patent: A limited duration property right relating to an invention, granted by the United States
Patent and Trademark Office in exchange for public disclosure of the invention.
▪ Copyright: Protects works of authorship, such as writings, music, and works of art that have been
tangibly expressed.
▪ Depending on what product you plan to sell, you may or may not want to apply for one of these.

12
Ten Online Business Laws
4. Shipping Restrictions
▪ You need to know your shipping restrictions. E.g. Not all shippers restrict the same items
▪ Most shipping companies clearly specify their restricted items
▪ Also, it may be noted that some providers may allow you to ship usually restricted items but will
require some extra paperwork and fees.

5. Inventory
▪ You may start storing the clothing for your online boutique in a spare closet or packing your
handmade jewelry in too many storage boxes in your home
▪ However, if you’ll be holding substantial inventory, you should also check your lease deed, or
zoning codes to see if there are any prohibitions on running a business like the one, you’re
contemplating out of your home
▪ You could benefit from having a brick-and-mortar location or warehouse in the early stages of
your business.
▪ Having a clear and organized inventory management strategy in advance will help you create a
scalable business plan for the future

13
Ten Online Business Laws
6. Age Restriction
▪ Anytime you launch a website, it’s absolutely required that it comply with the Children’s Online
Privacy Protection Act (COPPA)
▪ This act includes quite a few regulations, but the one that will likely apply to your site is the
inability to collect any personal information from a child under the age of 13
▪ If you’re planning on selling a product or service tailored specifically to a young audience, you’ll
need to abide by COPPA regulations
▪ As far as age verification requirements for ecommerce stores selling age-restricted items, you
should look into your country’s specific codes

7. Business Insurance
▪ There are multiple types of insurance for small businesses, including general liability, product
liability, professional liability, commercial liability, and home-based insurance
▪ During your vetting process, it’s a good idea to at least take a look at product liability insurance.
It’s intended for companies that manufacture, wholesale, distribute, and retail a product and may
be liable for its safety

14
Ten Online Business Laws
8. License & Permits
▪ Depending on which product you decide to offer, you may need a license to sell it.
▪ This varies based on the country in which you’re located, so contact your local licensing
department.
▪ If you’re selling special products to a regulated industry (e.g., medical devices or holistic health
care supplements), you’ll need to check with your state to see if you need to be licensed to
provide those kinds of products or service

9. PCI Compliance
▪ PCI compliance is a necessary protection for online sellers, and nearly all SaaS E-Commerce
platforms have it baked into some degree
▪ Educating your business on PCI compliance is the first step to making sure you’re protected

10. Access to Latest Business Laws

▪ You need to ensure that you have access to all the Local Laws of the Land
▪ You need to ensure that you have access to all the Latest Laws of the Land

15
E-Payment System – How it works?
1. After the buyer puts in all the required information and
pushes the button to finalize the purchase, the data is
sent to a seller’s web server through an SSL connection.

2. The seller’s web server receives this data and forwards it

to the payment gateway through a different encrypted
SSL channel.

3. The gateway sends data to the payment processor,

which can deliver information between the seller’s web
server and payment gateway.

4. The payment processor passes the information to a card

network (for example, Visa or Mastercard) to verify the
transaction.

5. After that network receives the data, they decide

whether to accept or deny it. When the decision is made,
the issuer bank sends back a code to the payment
processor.

6. The payment processor shares the status of the

transaction with the payment gateway, and the payment
gateway forwards it back to the seller’s web server.

7. The buyer receives a message about the acceptance or

the denial of his purchase transaction through the
interface of the E-commerce payment system.

8. In most cases, the issuer bank transfers money to the

seller’s account the next day.

16
E-Commerce Payment Systems
A Comparison
PayPal Amazon Pay Stripe 2CheckOut Authorize.net
Payment PayPal, Apple Pay, Amazon Pay AliPay, Apple Pay, PayPal, ACH, PayPal, Apple
Methods Android Pay, Venmo, Android Pay, WebMoney, Pay, E-check,
Bitcoin Bitcoin, WeChat, Payoneer, Visa Checkout
ACH, EPS WeChat, Wire
Credit/Debit Visa, MasterCard, Visa, MasterCard, Visa, MasterCard, Visa, MasterCard,
Card Support Visa, MasterCard, American Express, JCB, American Express, American American
American Express, Diner's, NYCE, STAR, AMEX Express, JCB, Express, JCB,
JCB, AMEX, Diners China Union, EuroCard Discover Discover
Club
Setup Fee No No No No $49

Monthly Fee $30 Payments Pro No No No $25 Gateway Fee

Transaction Fee 2.9% + $0.30 2.9% + $0.30 2.9% + $0.30, 3.5% + 0.35% 2.9% + $0.30
ACH/Bitcoin
Processing 0.8%
Features AVS, SSL, CCV, Virtual AVS, SSL, CCV AVS, SSL, CCV, AVS, SSL, CCV AVS, SSL, CCV,
Terminal Virtual Terminal Virtual Terminal

Chargeback $20 $20 + Taxes $15 - $25

Number of 202+ 78+ 25 200+ 20+

Available
Countries
International 3.9% + Currency- 3.9% + $0.30 3.9% + $0.30 - -
Transaction Fee Based Fee

17
B2B E-Commerce Models
▪ Buyer-Orientated Marketplace: In this market place, few buyers face
many suppliers
▪ Supplier-Oriented Marketplace: In this market place, many buyers
face few suppliers
▪ Intermediary-Oriented Marketplace: Here, many buyers face many
suppliers.
▪ Other important B2B models, that may also be considered, are as
follows:
✓ Virtual Corporation
✓ Networking between the headquarters and subsidiaries
✓ Online services to business
SDLC: Software Development Life Cycle

19
Agile Delivery – Development Sprints
Customer Peer/Arch App System Solution
Approvals Review Validation Validation Validation

Customer

Detailed Development, Configuration

Requirements Defects
Solution & Integration
Design

Requirements & Design

(HLD/RDD)
3 week Sprint Cycle Corrections
High Level Design Business Use Case:
Ready for Test SW SW
Package Package
Low Level Design
Configuration Questionnaires

Ready for Ready for Component Internal Customer

Customer JAD Sessions Test
Detail Design Implementation Integration Test Integration Test

Solution Architecture Team Domain Development System Test Solution Test

Architecture
Team

20
DEVOPS
DevOps – enables uninterrupted delivery flow
removing any impends in a process, empowering People
people using underlined technology Cultural change
Collaboration between teams
Cross functional teams
Knowledge sharing

People Process
DevOps migration playbook
DevOps Maturity scale
Agile development and deployment
methodologies

Process
Technology
DevOps reference architecture
Technology trends and innovations
Evangelize DevOps culture thru
technology and tools
Technology

21
DEVOPS - Solution Overview
DEVOPS SOLUTION
Development
Operations
Application Lifecycle Release Lifecycle Management
Management
Business
Analysts

Monitorin Alarming
LCM Blogs-Chat Reports RM EM Reports
g

Development Real-time operational feedback

Reports SLA/KPI
CI/CD Orchestration

Testing

Dev
SCM Workflows Jobs Notifications Reports

Environments
Integration
Version control, traceability
Intg

BUILD Repositories

PM/RM UAT

TEST Binaries Packages Images Configuration

Production
Operations
Devops engaged DevOps integrated Information control
teams product flow

22
DEVOPS – CI/CD (Continuous Integration /
Continuous Deployment) Platform
Release Manager Compound Packages KPIs

Release Management Portal

AO Clone
Jenkins Trigger Build Process

APP 1

Rundeck (Build Orchestration)

APP 2
GitLab
Ansible (Pipeline execution
engine)
Merge
Request

AO Cluster
Static RPM Clone
Auto
Package Ready
Code Build Deploy
?
Analysis APP 1
Create
Clone
APP 2

Build
Artifacts
Merge N Y
Rejected Request
CI
Pass Clone
GitLab
? 23
Merge
Approved
Intoducing ERP

24
CRM Components
▪ CRM Marketing - CRM tools with marketing automation capabilities can
automate repetitive tasks to enhance marketing efforts at different points in
the lifecycle for lead generation. E.g., as sales prospects come into the
system, it might automatically send email marketing content, with the goal
of turning a sales lead into a full-fledged customer.
▪ CRM Sales - Sales force automation tools track customer interactions and
automate certain business functions of the sales cycle that are necessary to
follow leads, obtain new customers and build customer loyalty.
▪ CRM Support - Designed to reduce tedious aspects of a contact center
agent's job, contact center automation might include prerecorded audio that
assists in customer problem-solving and information dissemination. Various
software tools that integrate with the agent's desktop tools can handle
customer requests in order to cut down on the length of calls and to simplify
customer service processes. Automated contact center tools, such
as chatbots, can improve customer user experiences.

25
CRM Components
▪ Geolocation technology, or location-based services –
❑ Some CRM systems include technology that can create geographic marketing
campaigns based on customers' physical locations, sometimes integrating with
popular location-based GPS (global positioning system) apps.
❑ Geolocation technology can also be used as a networking or contact management
tool in order to find sales prospects based on a location.

26
CRM Technologies
Cloud based CRM
▪ CRM that uses cloud computing, also known as SaaS (software as a service) or on-demand
CRM, data is stored on an external, remote network that employees can access anytime,
anywhere there is an internet connection, sometimes with a third-party service provider
overseeing installation and maintenance.

▪ The cloud's quick, relatively easy deployment capabilities appeal to companies with limited
technological expertise or resources.

▪ Data Security is a primary concern for companies using cloud-based systems, as the
company doesn't physically control the storage and maintenance of its data. If the cloud
provider goes out of business or is acquired by another company, an enterprise's data can
be compromised or lost. Compatibility issues can also arise when data is initially migrated
from a company's internal system to the cloud.

▪ Companies might consider cloud CRM as a more cost-effective option. Vendors typically
charge the user on a subscription basis and offer the option of monthly or yearly
payments.

▪ Popular cloud-based CRM providers include Salesforce, HubSpot and Zendesk

27
CRM Technologies
On-Premise CRM
▪ This system puts the onus of administration, control, security and maintenance of the
database and information on the company using the CRM software.

▪ With this approach, the company purchases licenses upfront, instead of buying yearly
subscriptions from a cloud CRM provider. The software resides on the company's own
servers and the user assumes the cost of any upgrades.

▪ It also usually requires a prolonged installation process to fully integrate a company's data.
Companies with complex CRM needs might benefit from an on-premises deployment.

▪ Many cloud-based providers, such as Salesforce and WorkWise, also offer on-premises
versions of their CRM software.

28
CRM Technologies
Open-Source CRM
▪ An open-source CRM system makes source code available to the public,
enabling companies to make alterations at no cost to the company employing
the system.

▪ Open-source CRM systems also enable the addition and customization of data
links on social media channels, assisting companies looking to improve social
CRM practices.

▪ Open-Source CRM platforms such as OroCRM, Bitrix24, SuiteCRM and

SugarCRM offer alternatives to the proprietary platforms from Salesforce,
Microsoft and other vendors.

▪ Adoption of any of these CRM deployment methods depends on a company's

business needs, resources and goals, as each has different costs associated
with it.

29
CRM Technologies
Social CRM
▪ Social media in CRM involves businesses engaging with customers directly through social media platforms,
such as Facebook, Twitter and LinkedIn. Social media presents an open forum for customers to share
experiences with a brand, whether they are airing grievances or promoting products.

▪ To add value to customer interactions on social media, businesses use various social CRM tools that
monitor social media conversations -- from specific mentions of a brand to the frequency of keywords used
-- to determine their target audience and which platforms they use. Other tools are designed to analyze
social media feedback and address customer queries and issues.

▪ Companies are interested in capturing customer sentiments, such as the likelihood they will recommend
products and their overall customer satisfaction, to develop marketing and service strategies. Companies
try to integrate social CRM data with other customer data obtained from sales or marketing departments
to get a single view of the customer.

▪ Another way in which social CRM adds value for companies and customers is through customer
communities, where customers post reviews of products and can engage with other customers to
troubleshoot issues or research products in real time. Customer communities can provide low-level
customer service for certain kinds of problems and reduce the number of contact center calls. Customer
communities can also provide new product ideas or feedback that companies can use.

30
CRM Technologies
Mobile CRM
▪ CRM applications built for smartphones and tablets have become a must-have
for sales representatives and marketing professionals who want to access
customer information and perform tasks when they are not physically in their
offices.

▪ Mobile CRM apps take advantage of features that are unique to mobile devices,
such as GPS and voice recognition capabilities, to give sales and marketing
employees access to customer information from anywhere.

31
Account Management

32
Billing Management
▪ Billing Platform enables enterprises to launch and monetize any combination
of subscription, usage-based, hybrid or dynamic billing models.
▪ With automated billing management, one can maximize recurring revenue
and improve the customer experiences.
▪ Billing Management consists of the following:
❑ Subscription Management
❑ Usage-based Billing
❑ Hybrid Billing
❑ Dynamic Billing
❑ Invoicing
❑ Taxation

33
Usage-based Billing
▪ Billing Platform lets you move beyond
simple subscription-based billing to
monetize products with sophisticated
usage and rating.
▪ This flexibility enables one to deploy
creative pricing models and charge
based on customer usage.
▪ Quickly deploy tailored, consumption-
based pricing for your customers and
give them the flexibility to pay for
what they use.

34
Hybrid-based Billing
▪ If you offer a combination of
subscription and usage-based products
and services, then go for hybrid billing.
▪ Hybrid billing gives enterprises the
opportunity to differentiate themselves
from the competition while giving
customers an experience tailored to
their unique needs.
▪ Only Billing Platform provides the
ability to manage hybrid pricing
models that include any combination
of one-time charges, usage-based,
tiered, subscription, overages,
minimum commitments and more, all
in a single platform.

35
Dynamic Billing
▪ Billing Platform gives enterprises the
tools to flexibly monetize unique
products and services.
▪ Easily apply mathematical functions,
logical operators or configure to close
and send separate invoices based on
specific events or actions in real time
to get the most revenue from your
products.
▪ If you deliver products or services
where demand and willingness to pay
can change daily, dynamic pricing from
Billing Platform will bring greater
revenues and gross profits to grow
your bottom line.

36
Invoicing and Taxation
▪ Invoicing
❑ Increases first time billing accuracy with automated invoice processing.
❑ Easily view your invoices by geography, subsidiary, customer, or industry using Billing
Platform’s agile architecture without any custom coding or IT assistance and with
support for complex account hierarchies, invoicing can be easily consolidated or
separated dynamically.
❑ Configurable dynamic invoice templates allow you to design and deliver unique
invoices by business unit, reseller/distributor or geography.
▪ Taxation
❑ Billing Platform helps you increase business agility while maintaining compliance with
tax regulations in all the locations in which you operate.
❑ It enables finance teams to integrate with external tax engines to ensure efficient
assessment of sales tax/VAT/GST or any other tax type to comply with global,
regional, and local tax regulations.

37
Product Catalog
▪ Billing Platform’s product and package
configuration tools help to design and
deploy new offerings and manage
existing offers that can be customized
to industries, target segments, and
regions with multi-currency.
▪ Easily monetize and customize offers
with tools to manage product and
services catalogs, apply discounting
rules, define dependencies, make bulk
changes to rates, and standardize
offerings across each product line for a
smoother, consolidated invoicing
process.

38
Pricing and Rating
▪ Think beyond flat-rate subscription
offerings and deploy metered usage,
hybrid-based or dynamic pricing plans.
▪ All such features can be configured in
a single solution.
▪ Billing Platform automates the most
complex billing and rating scenarios
and provides the tools you need to
modify pricing so that your business
can evolve over time and reflect the
unique way you do business.

39
Packages and Bundles
▪ Billing Platform’s product catalog can
help create packages and bundles with
point and click configuration.
▪ Quickly create new products, manage
existing products and contracts, set
pricing and discounts and schedule
rate changes with configuration tools.
▪ Set dependencies and exclusions to
pinpoint exactly how and what is sold,
saving administrative time and
eliminating costly errors

40
Tracking Order
▪ Tracking and monitoring orders is perhaps the most fundamental aspect of any OMS.
Once an e-commerce brand grows beyond the smallest size, it needs some kind of
system to handle orders. Even the most proficient, on-the-ball worker can’t keep all
order details in their head.
▪ At heart, an OMS is about making life easier for both a brand and its customers. The
correct system can create a more seamless customer experience. It can also make
inventory management, logistics, and more processes far more intuitive.
▪ An order management system becomes even more vital for firms that sell via many
channels. The best OMS will track and record orders through your webstore,
marketplaces, and other platforms. Centralizing and unifying sales in that way can make
a real difference to efficiency and productivity, as well as eliminate errors.
▪ It’s not all about digital channels, either. An OMS will also record, and handle orders
placed over the phone or in-store if you have such a presence. All details of all orders,
therefore, become available in one place. You and your staff can check order statuses,
make relevant changes, or reach out to customers with greater ease

41
Monitor and Manage Inventory
▪ The placement and handling of orders impact many other elements of your business.
Every order placed and fulfilled, for instance, affects your inventory. Getting inventory
management correct is vital for any e-commerce brand.
▪ If you don’t have an accurate measure of your inventory, a range of issues can arise:
❑ Overselling – Accepting orders for products of which you don’t have adequate stock to fulfill. Doing
so leads to canceling those orders and disappointing customers.
❑ Overstocking – Thinking you’re short of a product and over-ordering replacement inventory. This
means you waste valuable warehouse space and could get left with dead stock.
❑ Inaccurate Forecasting – If you don’t have accurate inventory figures, it’s harder to understand
customer demand. You may miss when there’s an uptick in desire for a particular product. That
could see you run out of stock when you might have pre-empted the increased demand.

▪ An order management system will simplify the inventory tracking process. The best
software will update your inventory levels in real-time. That means they change with
every order that’s placed. That’s regardless of the channel by which the purchase gets
made.

42
Encompass Reverse Logistics
▪ All e-commerce businesses know that returns are an inevitability. Approximately 30% of
products bought online get returned. That’s as compared to less than 10% bought in-
store. Handling returned items and dealing with the customers who sent them back is
vital to order management.
▪ With the right OMS, reverse logistics becomes much more straightforward. A top-class
system gives you many options in this regard. You may, for instance, be able to clone
an original order to create a credit instantly. That makes it more straightforward to
manage refunds, replacements or reorders.
▪ An OMS, too, makes it more intuitive to fold reverse logistics into inventory
management. Depending on what’s returned, the system can give you a range of
options. It may write off stock that’s sent back, quarantine it, or add it back to your
inventory on-hand.

43
HRMS Components
▪ Talent Management
❑ Application Tracking System
❑ Employee On-boarding Management
❑ Training Management
❑ Performance Management

▪ Employee Lifecycle Management

▪ Time Attendance Management
▪ Time Sheet
▪ Leave Management
▪ Expense & Travel Management
▪ 3rd Party Contractor Management

44
HRMS Components
▪ Payroll System
❑ Payroll Process
❑ Payroll Design
❑ Payroll Run

▪ HR Experience Management
▪ HR Process Automation
▪ Employee Self Service
▪ HR Analytics

45
 Service Oriented Architecture
An ever growing catalog of business services to enable business agility and growth

Reservations:
Check
Avilability()
Service Y
Reservations:
Create
Booking()
Seat Mgmn
Reserve
Seats()
Payment
Process
Payement()
Seat Mgmnt
Issues Tickets()

Check Customer Selling Process

Reservations:

Avilability()
Reservations:
Create
Booking()
Seat Mgmn
Reserve
Seats()
Payment
Process
Payement()
Seat Mgmnt
Issues Tickets()

Reservations: Reservations: Seat Mgmn Payment

Staff Selling Process

Seat Mgmnt
Check Create Reserve Process
Issues Tickets()
Avilability() Booking() Seats() Payement()
Reservations:
Check
Avilability() Service X
Reservations:
Create
Booking()
Seat Mgmn
Reserve
Seats()
Payment
Process
Payement()
Seat Mgmnt
Issues Tickets()
Reservations:
Check
Avilability() Service Z Reservations:
Create
Booking()
Seat Mgmn
Reserve
Seats()
Payment
Process
Payement()
Seat Mgmnt
Issues Tickets()

Reservations Frequent Flyer Packages Employee ……

Seat Mgmnt CRM CRM Book Cargo ……..
Payment Business Intel. Business Intel. Schedule Mgmt. …….
Hotels Business Intel. Business Intel. Engineering …..

▪ Alignment of business and IT goals by effectively enabling IT and business

to work together on real business problems
▪ Quicker and easier ways to adapt business processes to meet the ever
increasing demands of the business
▪ Quicker and easier ways to develop new channels to market
▪ Provides new levels of “real time” business performance monitoring
empowering management to respond to events more quickly and easily

Agility - the power to move and change quickly and easily

46
 So lets define the new services, hook up the
providers and link them into the business
processes
Employee Portal Call Centre Portal Agent Portal Customer Portal Mobile Kiosk

Service
Consumers

Reservations: Reservations: Seat Mgmn Payment

Check Direct Selling Process
Avilability()
Create
Booking()
Process
Seat Mgmnt
Reserve
Issues Tickets()
Seats()
Payement()

Business Reservations: Reservations: Seat Mgmn

Employee SellingProcess
Check Create Process
Payment
Seat Mgmnt
Reserve
Issues Tickets()
Processes Avilability() Booking() Seats()
Payement()

Reservations Seat Mgmnt Payment Hotels Frequent Flyer Packages

Services Check Reserve Seats() Payment Show Options() CRM Car Hire
Availability() Issue Tickets() Authorisation() Check Availability Business Intel. Insurance
Create Booking() Create Booking()
Update Booking() Issue Booking() ……. Limousines
Delete Booking()

Connectivity B2B Gateway

Operational Existing Airline Reservations FF CRM BI FI Hotel Service Provider ASPs

Application ASPs
Systems ASPs

47
 SOA Services
Create & use new service

Build as you go Use existing Service

Project 1 Project 3 Project 5

Project 2 Project 4
UCR UCR UCR UCR UCR UCR

SOA Core Team

Target
Enterprise
Service Catalogue Service
Catalog

The Investment Phase The Benefits Phase ……………………

48
Microservice
(E-Commerce Portal)

▪ Breaking E-commerce
portal into small business
units
▪ One successful order
needs to proceed through
all of these modules
within a specific time
frame.
▪ Each of these business
modules should have its
own business logic and
stakeholders.
▪ They may communicate
with other third-party
vendor software for some
specific needs, and also
with each other.

49
Definition of BI
▪ Business intelligence (BI) leverages software and services to
transform data into actionable insights for an organization’s
strategic and tactical business decisions.
▪ BI Tools access and analyze data sets and present analytical
findings in reports, summaries, dashboards, graphs, charts
and maps to provide users with detailed intelligence about the
state of the business.
▪ Business Intelligence often also refers to a range of tools that
provide quick, easy-to-digest access to insights about an
organization's current state, based on available data.

50
BI – Process Flow
The organization and
transformation of data
into clean and common
models and formats.
Data Data
Gathering Cleanse
Data Preparation
The collection of raw
data from different
sources by different
means & in different
formats
The process involves analytical
components, such as dimensional
analysis, statistical analysis,
business analytics & data mining to
extract information and knowledge.
Data Data
Storage Analysis
The refined data will be modeled and
stored in a particular data management
systems for quality management, easy
and fast access and data profiling.
Results are presented and delivered
in different human comprehendible
formats to support decisions. It also
includes data exploration & reporting.
Data
Presentation
Queries can also directly present
results to users without intensive
analysis. This is usually used for
data exploration & descriptive
reports.
51
BI System Components (at a glance)

52
What is Business Analytics?

A subset of Business Intelligence (BI), Business Analytics

leverages data to provide organizations with business-critical
solutions using methodologies, technology, and techniques such
as predictive analytics, data mining, and statistical analysis.
Business Analytics enables enterprises to analyze data and
transform it into valuable information that helps anticipate
outcomes, identify trends, and make data-driven, smarter
decisions.

53
Classifications
▪ Descriptive Analytics: An interpretation of various historical data,
descriptive analytics helps organizations better understand the
changes that already occurred in business processes.

▪ Predictive Analytics: It is the act of creating predictive models,

utilizing diverse statistical techniques, which draw value from data
sets, detect patterns, and offer predictive scores for a range of
business outcomes.

▪ Prescriptive Analytics: The final step of BA (Business Analytics),

prescriptive analytics is a combination of descriptive and predictive
analytics processes. It uses Machine Learning techniques to deliver
insights on both past and future events.

54
Key Constituents
▪ Data Aggregation - Refers to the gathering, organizing, and
filtering of data before analysis.
▪ Data Mining - Relates to the sorting of massive datasets using
statistics, machine learning, and databases to establish relationships
and identify trends.
▪ Sequence Identification and Association - This component of
business analytics identifies predictable actions performed
collaboratively or sequentially with other actions.
▪ Text Mining - Exploration and management of vast, unstructured
text data for quantitative and qualitative analysis.
▪ Optimization - Engaging simulation techniques for testing various
case scenarios, after the identification of trends and predictions of
possible outcomes.
▪ Data Visualization - Presents a pictorial representation of the data,
in the form of visual elements, such as graphs, charts, and maps.

55
Business Analytics & Data Analytics

Business Analytics specifically focuses on business uses, whereas

Data analytics refers to a broader term that encompasses OLAP
(Online Analytical Processing), reporting, and Business Intelligence.

Under the umbrella of Data analytics, data engineers, data scientists,

and data analysts work together to facilitate the process of collecting,
integrating, and preparing data for testing and validation of different
analytical models to ensure correct results.

56
How big is Big Data?
▪ Twitter users send out ▪ More than 100 million
285,00 tweets New emails are
generated

▪ Facebook processes
almost 350GB of data ▪ 72 hours of new videos
are uploaded into You
Tube
▪ Individuals and
organizations launch 576
new websites ▪ Walmart processes
almost 15000
Transactions
▪ Google processes more
than 2 million search
queries ▪ Sprint processes more
than 300,000 phone calls

57
How big is Big Data?
2.9 Million emails sent 50 Million Tweets per day
every second

375 Megabytes of data 700 Billion Minutes spent

consumed by households on Facebook each month
every day

20 Hours of Video 1.3 Exabytes of Data sent

uploaded into You Tube & received by mobile
every minute Internet users

24 Petabytes of data
processed per day by 72.9 products ordered on
Google Amazon every second

58
What are the sources of Big Data?

Media Social
Media and communication Digital material created by
outlets (articles, podcasts, social media (text, photos,
audio, video, email, blogs) videos, tweets)

Machine Historical
Data generated by computers
Data about our environment
& machines generally without
(weather, traffic, census) and
human intervention (business
archived documents, forms or
process logs, sensors, phone
records
calls)

59
3 Vs of Big Data

Volume Velocity
How much volume of
How fast you can process
data that you need to
structured, semi-structured
process?
and unstructured data?

Variety
What are the varieties of
data sources?

60
Impact of Big Data
▪ Healthcare: It allows us to find new cures and better
understand and predict disease patterns. This leads to
saving more lives.

▪ Science: It creates new possibilities and ways to

conduct research which would otherwise be impossible,
thereby helping us to make new discoveries.

▪ Security: Police forces use big data tools to predict

criminal activities, conduct investigations and
ultimately it helps to catch criminals faster.

▪ Business: It helps us to improve and optimize the ways

we do business by making data-driven decisions.

61
Software ROBOTS INTERACT WITH THE
EXISTING IT LANDSCAPE JUST AS HUMANS DO…

Overview of Robotics
components

Humans Robots
› Database containing
› Knowledge of
scripts based on
how to execute
processes to be
processes
automated

› Schedule the › Scheduling and

Daily schedule Control room
order of monitoring Robots
execution workload and output

› Execute › Robots running on

process on virtual desktops hosted
desktop on application servers

› Provide and manage

› Provide and
IT Security & Access IT Security & Access Robots logins,
manage logins, management management credentials and access
credentials and
rights
access rights
› Systems › Systems supporting the
IT System IT System IT System IT System IT System IT System
supporting the robotized processes
processes
What Characterizes Processes suitable for
RPA?

Labor
Intensive and Process
High Error Stability
Rate

Low
High Cycle
Exception
Times
Rates

Digitized and Clear

Structured Business
Data Rules
AI Categories
1 3
NLP OCR
(Natural Language (Optical Character
Processing and “Written Recognition and Computer
Chatbots”) Vision)
5

Deep Learning for Simple

Questions with Complex
Answers

2 4

SPEECH RECOGNITION
and Supervised Learning for
Prediction & Decisions
VIRTUAL ASSISTANTS

64
AI Categories - Details
Natural Language Processing

▪ Neuro Linguistic Programming (NLP) - It is a

subfield of linguistics, computer science,
information engineering, and artificial intelligence
concerned with the interactions between
computers and human languages, in particular
how to program computers to process and
analyze large amounts of natural language data

▪ Natural Language Processing. NLP is a field

in machine learning with the ability of a
computer to understand, analyze, manipulate,
and potentially generate human language.

▪ Examples – Spell Check, Auto Complete, Voice

Text Messaging

65
AI Categories - Details
Speech Recognition & Virtual Assistants

▪ Speech recognition is the ability of a machine or

program to identify words and phrases in spoken
language and convert them to a machine-
readable format.

▪ Speech recognition is an interdisciplinary

subfield of computational linguistics that develops
methodologies and technologies that enables the
recognition and translation of spoken language
into text by computers.

▪ Examples – Apple Dictation, Google Doc Voice

Typing, Apps – ONE Note, Voice Text,
Speechnotes… etc.

66
AI Categories - Details
Optical Character Recognition

▪ Optical Character Recognition or optical

character reader (OCR) is the mechanical or
electronic conversion of images of typed,
handwritten or printed text into machine-encoded
text, whether from a scanned document or a
photo of a document or a scene-photo etc.

▪ OCR (optical character recognition) is the use

of technology to distinguish printed or handwritten
text characters inside digital images of physical
documents.

▪ Examples – OCR scanners, Digitizing software,

PDF Reader etc.

67
AI Categories - Details
Supervised Machine Learning

▪ Supervised Learning is the machine learning

task of learning a function that maps an input to
an output based on example input-output pairs. It
infers a function from labeled training data
consisting of a set of training examples..

▪ Supervised Learning is the Data mining task of

inferring a function from labeled training data.
The training data consist of a set of training
examples. In supervised learning, each
example is a pair consisting of an input object
(typically a vector) and a desired output value
(also called thesupervisory signal).

▪ Examples – Decision Tree, Linear Regression,

Image Labeling etc.

68
AI Categories - Details
Deep Learning

▪ Deep Learning is part of a broader family of

machine learning methods based on artificial
neural networks. Learning can be supervised,
semi-supervised or unsupervised.

▪ Deep Learning is a subset of machine

learning in artificial intelligence (AI) that has
networks capable of learning unsupervised from
data that is unstructured or unlabeled. Also
known as deep neural learning or deep neural
network.

▪ Examples – Understanding customer

experience, Computer vision, Deep learning
robots etc.

69
Cryptography
▪ Cryptography provides confidentiality, integrity, authentication, and
nonrepudiation for sensitive information while it is stored (at rest),
traveling across a network (in transit/in motion), and existing in memory
(in use/in processing)
▪ It is an extremely important security technology that is embedded in many
of the controls used to protect information from unauthorized visibility and
use
▪ Two main types of cryptosystems enforce confidentiality:
❑ Symmetric cryptosystems use a shared secret key available to all users of the cryptosystem.
❑ Asymmetric cryptosystems use individual combinations of public and private keys for each
user of the system.

70
Symmetric Key Cryptography
▪ It is simple and easy to
implement
▪ It operates very fast, at times
1000 times faster than
Asymmetric Key Cryptography
▪ Key distribution is a major
problem, since parties need to
establish mechanism to
exchange secret keys
▪ It doesn’t implement Non-
Repudiation, because any part
can encrypt / decrypt
messages with secret key
▪ Keys must be re-generated
often, every time someone
leaves the group

71
Asymmetric Key Cryptography
▪ Asymmetric Key
Cryptography provides
support for Digital
Signature Technology

▪ For example, if Bob wants

to send a message with his
name of it then –
▪ Create a Message Digest with a
Hashing Algorithm
▪ Encrypts the above Message Digest
with Bob’s Private Key
▪ Any user who received the
Encrypted Message, if he/she wants
to verify that the Message came
with Bob’s Signature, then the user
needs to decrypt with Bob’s Public
Key to verify the decrypted Message
Digest

▪ Asymmetric Key
Cryptography provides
Integrity, Authentication &
Non-Repudiation
▪ Key distribution is simple

72
Cryptographic Modes of Operation
▪ ECB (Electronic Code Book) – Encrypts a 64-bit block with a secret key
▪ CBC (Cipher Block Chain) mode – Each block of unencrypted text is XORed with a
block of cipher text, immediately preceding it before it is encrypted.
▪ CFB (Cipher Feedback Mode) – It is a streaming version of CBC, where it operated
against data produced in real time.
▪ OFB (Output Feedback Mode) – It operates in the same fashion as CFB, except that
XORing an encrypted version of the previous block of cipher text, OFB XORs the plain
text with a seed value.
▪ Counter Mode (CTR) – It uses a stream cipher similar to that’s used in CFB and OFB
modes. However, instead of creating the seed value for each encryption/decryption
operation from the results of the previous seed values, it uses a simple counter that
increments for each operation.
▪ Encryption Standards –
▪ DES – Data Encryption Standards,
▪ Triple DES (3DES)
▪ AES – Advanced Encryption Standards,
▪ Rivest Cipher (RC4, RC5, RC6)
▪ Rijndael
▪ CAST – CAST-128 / CAST-256
▪ PKI – Public Key Encryption
▪ Diffie Hellman

73
Blockchain
Problem

Difficult to monitor asset ownership & transfers in a trusted business

network

74
Blockchain
Solution

Permissioned, replicated shared ledger

75
Distributed Ledger
▪ There are multiple ledgers, but Bank holds the
“golden record”
▪ Client B must reconcile its own ledger against
that of Bank, and must convince Bank of the
“true state” of the Bank ledger if discrepancies
arise
▪ There is one ledger. All Nodes have some level
of access to that ledger.
▪ All Nodes agree to a protocol that determines
the “true state” of the ledger at any point in
time. The application of this protocol is
sometimes called “achieving consensus.”
76
Blocks
▪ Every chain consists of multiple
blocks and each block has
three basic elements:
▪ The data in the block
▪ A 32-bit whole number called a nonce. The
nonce is randomly generated when a block is
created, which then generates a block
header hash
▪ The hash is a 256-bit number wedded to the
nonce. It must start with a huge number of
zeroes (i.e., be extremely small)

▪ When the first block of a chain is

created, a nonce generates the
cryptographic hash. The data in
the block is considered signed and
forever tied to the nonce and hash
unless it is mined.

77
Cryptocurrency
▪ Blockchain’s most well-known use (and maybe most controversial)
is in cryptocurrencies.
▪ Cryptocurrencies are digital currencies (or tokens), like Bitcoin,
Ethereum or Litecoin, that can be used to buy goods and services.
▪ Just like a digital form of cash, crypto can be used to buy everything
from your lunch to your next home.
▪ Unlike cash, crypto uses blockchain to act as both a public ledger
and an enhanced cryptographic security system, so online
transactions are always recorded and secured.
▪ It can be bought using one of several digital wallets or trading
platforms, then digitally transferred upon purchase of an item, with
the blockchain recording the transaction and the new owner.
▪ The appeal of cryptocurrencies is that everything is recorded in a
public ledger and secured using cryptography, making an
irrefutable, timestamped and secure record of every payment.

78
Central Bank Digital Currency (CBDC)
▪ In 2022-23, the RBI will usher the rupee into its digital avatar, ‘powered by blockchain
o Our consumer payment system (including UPI) is already world class and many transactions have moved
away from cash to mobile payments.
o Our fintech ecosystem continues to innovate with new use cases to meet changing consumer needs.
o Our interbank payment systems have national reach
o Then, what’s the need of CBDC

▪ A CBDC could potentially provide an impetus to stable coins in the crypto world. This is
where the thinking behind the digital rupee needs to be closely linked to our posture
with regulation of crypto and Web3
▪ Reserve Bank of India (RBI) is working out a phased implementation strategy for
introduction of Central Bank Digital Currency (CBDC) by examining use cases, to avoid
any disruptions.
▪ The purpose of creating a digital currency is to provide significant benefits, such as
reduced dependency on cash, higher seigniorage due to lower transaction costs and
reduced settlement risk
▪ The CBDC is a digital version of flat currency that can be exchanged via
blockchain-based wallets and is regulated by the central bank.

79
Risk Assessment Methodology

▪ Risk based approach is composed

of two levels of assessments:

▪ Probability of Threat: The likelihood

that a threat will exploit a weakness
and the adverse impact it will cause
thus resulting in a potential business
impact.
▪ Business Impact of Threat: This
means - how hard / deep the threat, if
occurred, impacts the business
operations.

▪ Risk Analysis:
▪ Risks are recorded in a table as shown
in the risk assessment report.
▪ All combined recommendations
generates the risk treatment plan
▪ Each risk shall be entered in a risk
tracking tool.
▪ Each risk and recommendation
becomes a user story type artifact.
Threat Actors
External Internal
Hackers (students) Technician
Anonymous Consultants
Criminal enterprises Janitors
State actors Handy-man
Competitors Suppliers
Power users Planted personnel
Private investigators Managers
Journalists Disgruntle employees
Political actors Salary, Re-org, Layoffs
Microsoft STRIDE Model
Threat Property Definition Example Mitigation Examples
Spoofing Authentication Impersonating something or Threat action aimed to illegally access To authentication user:
someone else and use another user's credentials, such • Digest authentication
as username and password. • Id authentication
• Cookie authentication
• Kerberos authentication
• PKI systems such as SSL/TLS and
certificates
• IPSec
• Digitally signed packets
To authenticate code or data:
• Digital signatures
• Message authentication codes
• Hashes
Tampering Integrity Modifying data or code Threat action aimed to maliciously • File integrity verification (i.e. AIDE,
change/modify persistent data, such as HIDS, etc.)
persistent data in a database, and the • ACLs
alteration of data in transit between two • Digital signatures
computers over an open network, such • Message Authentication Codes
as the Internet.
Repudiation Non-repudiation Claiming to have not Threat action aimed to perform illegal • Strong Authentication
performed an action operations in a system that lacks the • Secure logging and auditing
ability to trace the prohibited • Digital Signatures
operations. • Secure time stamps
• Trusted third parties
Information Confidentiality Exposing information to Threat action to read a file that one was • Encryption
someone not authorized to see not granted access to, or to read data in • ACLs
Disclosure
it transit.
Denial of Availability Deny or degrade service to Threat aimed to deny access to valid • ACLs
users users, such as by making a web server • Filtering (firewall)
Service
temporarily unavailable or unusable. • Quotas
• Authorization
• High availability designs
Elevation of Authorization Gain capabilities without proper Threat aimed to gain privileged access • ACLs
authorization to resources for gaining unauthorized • Group or role membership
Privilege
access to information or to compromise • Privilege ownership
a system. • Permissions
• Input validation
Threat-driven approach – Cyberattack Flow
General Data Protection Regulation
GDPR

HIGHLIGHTS:
▪ Tabled for adoption on 24 May 2016, it
shall apply from 25 May 2018.
▪ It is a regulation, not a directive.
▪ It is a General Data Protection Regulation
that will cover all sectors, including E.g.
telecom and IT
▪ It brings plenty of new consumer rights
and compliance requirements :
✓ High fines for non-compliance
(up to 4% of company’s global
turnover)
✓ Mandatory DPIA (Data Protection
Impact Assessment)
✓ Mandatory DPO (Data Protection
Officer)
✓ 72 hours data breach notification
✓ Liability for the data processor
GDPR Requirements
One Stop Shop
Mandatory DPIA
Data Portability
Right to erasure
Right to restriction of processing
Stricter Child Protection
Retention (storage
limitation)
Profiling
Data processing register
Data Protection Officer
Pseudonymization
Data Breach
› Controllers only deal with one Data Protection Authority in the Union
› Controllers are responsible for and shall be able to demonstrate compliance
› Portability of data from one controller to another
› “Right to be forgotten” E.g. from a service, upon request
› Temporary restriction for certain reasons
› Age verification, limit of 16 y.o., could be lowered to 13 y.o. on a country basis
› Data shall not be retained for longer than needed (based on DPIA)
› Right to object to automated profiling decisions
› Obligations to keep a register of the data processing activities
› Obligation to nominate a DPO
› As a recommended way to protect data, together with encryption
› 72 hours response time
Security Testing Team
BLUE TEAM RED TEAM
Continuous Vulnerability
Testing Analysis Pen Testing

▪ On commit or ▪ Automated ▪ Automated

daily ▪ Manual ▪ Manual
▪ Automated ▪ Multiple ▪ Many many
▪ Small tools tools
Selection of ▪ Evaluated
tools ▪ Evaluated
▪ Documented ▪ Reverse
• Feeds into
Trouble • Test Reports engineering
Tickets • Risk
Assessment ▪ Exploit
• Vulnerability ▪ Chain
Assessment
exploits
▪ ’Artistic’
Security Standards
▪ ISO 27001 – This standard provides requirements for Information
Security Management Systems. Using them enables organizations of
any kind to manage the security of assets such as financial
information, intellectual property, employee details or information
entrusted by third parties.
▪ GDPR – The General Data Protection Regulation 2016/679 is a
regulation in EU law on data protection and privacy in the European
Union and the European Economic Area. It also addresses the transfer
of personal data outside the EU and EEA areas.
▪ NESAS - The Network Equipment Security Assurance
Scheme (NESAS), jointly defined by 3GPP and GSMA, provides an
industry-wide security assurance framework to facilitate
improvements in security levels across the mobile industry.
Security Standards
▪ NIST - The National Institute of Standards and Technology is a
physical sciences laboratory and a non-regulatory agency of the United
States Department of Commerce. Its mission is to promote innovation
and industrial competitiveness.
▪ CIS - The Center for Internet Security is a 501 non-profit
organization, formed in October, 2000. Its mission is to "identify,
develop, validate, promote, and sustain best practice solutions for
cyber defense and build and lead communities to enable an
environment of trust in cyberspace.
▪ PCI DSS - The Payment Card Industry Data Security Standard is an
information security standard for organizations that handle branded
credit cards from the major card schemes. The PCI Standard is
mandated by the card brands but administered by the Payment Card
Industry Security Standards Council.
Questions & Answers

89
Question Pattern
▪ Total – 5 Questions (All 14 Marks each)
❑ Question-1 (Mandatory) – 2x7 Marks
❑ Attempt any 4 Questions from Rest 5 Questions – 4x14 Marks
▪ Question-1 – Key concepts (short descriptions)
▪ Questions will be conceptual. It will be to test your knowledge and
understanding of the subject
▪ You need to play the role of a CIO / IT Strategy Lead person in the
industry according to the situations given in the question

90
Thank You

91