You are on page 1of 44

Planning for Information System

•Focuses on discovering innovative approaches to satisfy customer and business value goals. •Component of IT Planning  Strategy Development: concurrent with organization vision  Resource Management: managing or outsourcing an organization resources  Technology Architecture: choice of appropriate architecture

Factors Affecting Identification of Application
•1. •2. •3. •4. •5. •6. MIS goals and objectives Strategy for the plan achievement The architecture of the MIS The system development schedule Hardware and software plan Ascertaining the class of information

Goals of Business Planning Systems
• Understand the issues and opportunities with the current applications and technical architecture • Develop a future state and migration path for the technology that supports the enterprise • Provide business executives with a direction and decision making framework for IT capital expenditures • Provide IS with a blueprint for development • The result of a BPS project is an actionable roadmap that aligns technology investments to business strategy.

CRITICAL SUCCESS FACTORS(CSF)
• CSFs are those characteristics, conditions, or variables which when maintained and sustained, can have significant impact on the success of an organization competing in a particular industry.
• A basic nature of CSFs is that they differ from industry to industry e.g. consumer goods versus industrial goods, local versus globa1 industries and so on .

MANAGER. EASILY IDENTIFIABLE OPERATIONAL GOALS • SHAPED BY INDUSTRY. ENVIRONMENT • BELIEVED TO ASSURE FIRM’S SUCCESS • USED TO DETERMINE ORGANIZATION’S INFORMATION REQUIREMENTS .CRITICAL SUCCESS FACTORS (CSFs) • SMALL NUMBER.

CRITICAL SUCCESS FACTORS Example: PROFIT CONCERN • GOALS (AUTOMOBILE INDUSTRY): Earnings per share. market share. return on investment. new product • CSF: Styling. cost control. quality dealer system. energy standards .

improved monitoring of regulations . efficient use of resources. meeting government regulations. future health needs • CSF: Regional integration with other hospitals.CRITICAL SUCCESS FACTORS Example: NONPROFIT CONCERN • GOALS (HOSPITAL): Excellent health care.

MIS related concept. Following are the commonly identified CSFs identified for the success of MIS implementation project. CSFs can be understood as the few key areas where things must go right for the implementation to be successful. but also in new processes and in understanding the integration within the system – how the work of one employee influences the work of others. commits personnel to those activities. Project Management Project Management involves the use of skills and knowledge in coordinating the scheduling and monitoring of defined activities to ensure that the stated objectives of implementation projects are achieved. • • . User training and education In MIS implementation process many projects fail in the end due to lack of proper training. The main reason for education and training program for MIS implementation is to make the user comfortable with the system and increase the expertise and knowledge level of the people. and hands on training are all important dimensions of training program for MIS implementation. Training is not only using the new system. The formal project implementation plan defines project activities. features of MIS system. Many researchers consider users training and education to be an important factor of the successful MIS implementation.Critical Success Factors for Information System • Critical success factors (CSF) are widely used in the information systems arena. and promotes organizational support by organizing the implementation process.

It is clear that MIS implementation involves a complex transition from legacy information systems and business processes to an integrated IT infra-structure and common business process throughout the organization. the way organizations do business will need to change and ways people do their jobs will need to change as well. and tracking changes in implementing an MIS system. possibly because companies underestimate the efforts involved in change management. It is imperative for success of implementation project starting at the initial phase and continuing throughout the entire life cycle. gets the right results. To implement an MIS systems successfully. hardware and networking are crucial for an MIS system’s success. . The MIS software vendor generally certifies which hardware (and hardware configurations) must be used to run the MIS system. Hardware selection is driven by the firm’s choice of an MIS software package. • Change management Change management is a primary concern of many organizations involved in MIS project implementation . at the right costs. This factor has been considered critical by the practitioners and as well as by the researchers. organizational change is the body of knowledge that is used to ensure that a complex change. Many MIS implementations fail to achieve expected benefits.• Technological infrastructure The adequate IT infrastructure. Change Management is important and one of the critical success factors identified in the literature. Resistance can be destructive since it can create conflicts between actors. managing. like that associated with a new big information system. one of the main obstacles facing MIS implementation is resistance to change. it can be very time consuming. The recurring improvisational change methodology as a useful technique for identifying. in the right timeframe. The resistance to change is one of the main hurdles faced by most companies. Generally.

liabilities or vulnerabilities that may cause the project to deviate from the defined plan. Risk management is the competence to handle unexpected crises and deviation from the plan.• Management of Risk Every Information technology implementation project carries important elements of risk. Therefore. MIS implementation project risks are described as uncertainties. including themselves. risk management is to minimize the impact of unplanned incidents in the project by identifying and addressing potential risks before significant consequences occur. • Top Management Support Top management support has been consistently identified as the most important and crucial success factor in MIS system implementation projects. hence it is probable that progress will deviate from the plan at some point in the project life cycle. It is understood that the risk of project failure is substantially reduced if the appropriate risk management strategy is followed. . and (2) providing the necessary resources. They must be willing to allow for a mindset change by accepting that a lot of learning has to be done at all levels. Top management support in MIS implementation has two main facets: (1) providing leadership. To implement MIS system successfully. The implementation of MIS system project is characterized as complex activity and involves a possibility of occurrence of unexpected events. Top management to provide the necessary resources and authority or power for project success. management should monitor the implementation progress and provide clear direction of the project.

User Involvement User involvement refers to a psychological state of the individual and is defined as the importance and personal relevance of a system to a user. Further. having competent members in the project team is the fourth most important success factor for IS implementation. An MIS project involves all of the functional departments and demands the effort and cooperation of technical and business experts as well as end-users. it requires the use of either internal or external experts who are knowledgeable about the installation and software. There are two areas for user involvement when the company decides to implement an MIS system: (1) user involvement in the stage of definition of the company’s MIS system needs. the members of the project team(s) must be empowered to make quick decisions.• • • Team work and composition MIS team work and composition is important throughout the MIS implementation project. According to a survey. management consultants. but the user is also a significant factor in the implementation. or cross functional and comprise a mix of external consultants and internal staff so the internal staff can develop the necessary technical skills for design and MIS implementation. it is critical success factor and has to be managed and monitored very carefully. It is also defined as the user’s participation in the implementation process. Clearly. . MIS implementation the consultants may be involved in different stages of the MIS project implementation. MIS implementation team comprises of. Use of consultants Due to the complexity of implementing an MIS system. Many companies prefer or must have external consultants to perform MIS implementation. parent company employees. top management. The functions of the MIS system rely on the user to use the system after going live. MIS vendor . IT personnel and management. functional personnel and management.. and (2) user participation the implementation of MIS systems. IT consultants. The MIS team should be balanced. hardware vendor.

The communication should start early in the MIS implementation project and can include overview of the system and the reason for implementing it be consistent and continuous.• Business Process Reengineering Another important factor that is critical for the success of MIS implementation is the Business Process Reengineering. service and speed”. It is defined “the fundamental rethinking and radical redesign of business processes to achieve dramatic improvements in critical. which believed to be one of the important and beneficial results of the implementation of MIS system. It is essential for creating an understanding. The “triple constraint” of project management specifies three often competing and interrelated goals that need to be met: scope. time. Organizations should be willing to change their businesses to fit the MIS software in order to minimize the degree of customization needed. Clear goals and objectives were the third most critical success factors in a study of MRP implementation. There must also be clear definitions of goals. Goals and Objectives Clear goals and objectives are essential to guide an ongoing organizational effort for MIS implementation as it usually exceeds the time frame for a typical business project. an approval of the implementation and sharing information between the project team and communicating to the whole organization the results and the goals in each implementation stage. the organization must carefully define why the MIS system is being implemented and what critical business needs the system will address. It is considered a critical success factors for the implementation of MIS systems by many authors. It is important to set the goals of the project before even seeking top management support. The implementation of MIS requires examination of many business processes. contemporary measures of performance. Finally. expectations. quality. In addition to gaining approval and user acceptance. the communication will allow the implementation to initiate the necessary final acceptance. Effective Communication Communication is one of most challenging and difficult tasks in any MIS implementation project. • • . and cost goals. and deliverables. such as cost.

ANALYZE INDIVIDUALS’ CSFs • DEVELOP AGREEMENT ON COMPANY CSFs • DEFINE COMPANY CSFs • USE CSFs TO DEVELOP INFORMATION SYSTEM PRIORITIES • DEFINE DSS & DATABASES .USING CSFs TO DEVELOP SYSTEMS • COLLECT MANAGERS’ CSFs • AGGREGATE.

Advantages of CSF Approach There are certain advantages of using CSF approach 1. CSF approach brings consensus among top managers about what is important to measure to gauge the organizational success. CSF approach produces a smaller data set to analyze for determining information requirements. This enables the managers to focus their attention on how Information should be handled. 2. . CSF approach can be tailored to the structure of each Industry. with different competitive strategies producing different information systems. 3. 4. CSF approach takes into account the changing environment with which the organization and its managers must deal.

There is no rigorous method of identifying CSFs either Industry wise or organization wise. What might be a CSF from a manager's point of view.CSF approach is specifically useful for higher-level Information systems i.CSF approach focuses more on managers Individually rather than focusing on the organization as a whole. for Identify various CSFs.Limitations of CSF Approach 1. Whatever factors managers may perceive as being critical may not truly be critical. confusion arises which CSFs has to consider for information system design. Therefore. 2. 3. Therefore. managers need high-level of imagination experience. may not be a CSF from the organization point of view. . decision support systems and executive Information systems.e.

Make or Buy Decisions • Existing • New .

are instead purchased from an external supplier (Axelsson and Wynstra. 2002) • Hiring someone whose expertise can perform a business function or activity better. more cost effectively and/or in a more timely manner than can be achieved in-house. 2000) • Outsourcing is the decision and subsequent transfer process by which activities that constitute a function.OUTSOURCING • Outsourcing means that the company divests itself of the resources to fullfil a particular activity to another company to focus more effectively on its own competence (NEVI. . • Also enables the company to focus on its core competencies and those factors that mean the difference between success and failure. that earlier have been carried out within the company.

Outsourcing. subassemblies. payroll. janitorial service. Things have evolved to where anything that is not a core business process is a candidate to outsource. clerical support. companies have outsourced a number of functions such as cafeteria service. targeted. For decades. The company might design a product.The Evolution of Outsourcing The concept of outsourcing is not new. . manufacturing and distribution. even the finished product. by the old definition. was very specific. security guards. and often project based. then outsource the manufacture of various components.

The coordination of the function still lies with the outsourcer.Type of outsourcing Two different types of outsourcing: • Turnkey (integral) outsourcing: responsibility for the execution and the coordination of the entire function (or activities) lies with the external supplier. • Partial outsourcing: Only a part of an integrated function is outsourced. .

Tata and Infosys. the Indian software industry was dominated by players like Infosys. • ABN Amro has given contracts to two Indian outsourcing providers. Digital Equipment. • While Patni. Wipro and Satyam.Example of IT Outsourcing • In the early 1990s. for providing application support and development. TCS. Hewlett-Packard and IBM to venture into the Indian software market. and Accenture are providing support in application development . • The liberalized policy of the Indian Government in 1991 encouraged foreign companies like Texas Instruments. • ABN Amra also employs IBM Global Services to cover its IT infrastructure. in India.

INFERIOR .WHEN TO OUTSOURCE • IF FIRM WON’T DISTINGUISH DEVELOPING APPLICATION (payroll) ITSELF BY • IF PREDICTABILITY OF UNINTERRUPTED SERVICE NOT IMPORTANT (interruption in insurance claim processing) • IF EXISTING SYSTEM IS LIMITED. INEFFECTIVE.

Managing Outsourcing For managing outsourcing. • The organization should constantly re-evaluate its vendors • In the light of changing business conditions • Growing pool of vendors. the organization can do : •Choosing a vendor • A good working relationship between the organization and the vendor should be developed • Contract between the organization and the vendor •Should be worked out explicitly •Provisions must exist to cope up changing requirements •Also contain the clause relating to information security •Penal provisions for breaching this clause. .

s/w & personnel) remain variable as costs are determined in terms of per unit of services. economy of scale (less cost than the cost of in house services) – Flexibility: information need can be accommodated without changes in its information system infrastructure. – Abundance of Financial Resources: financial resources which otherwise used in setting up of computer centres are now used for some other work. – Cost Predictability: costs of information and services can be predicted in advance which is quite useful in decision making for offering these services. provide superior control of the business. its costs and capabilities can be adjusted to meet changing business needs.Advantage of Outsourcing – Economy: vendors are information specialists(lesser amount of effort r required). . – Making Fixed Costs Variable: the cost of (h/w.

. • Dependency: Because of outsourcing. Its fate is tied up with the vendor. • Vulnerability of Strategic Information: In outsourcing. the client organization is also affected adversely.Disadvantages of Outsourcing • Loss of Control: the organization loses its control over information systems. If something goes wrong with the vendor. Outsourcing places the vendor (only alternative ) in an advantageous position in terms of technology provided etc. trade secrets information of strategic use may be leaked to organization's competitors. the organization is dependent on vendor and to some extent.

Risk in Information System • The unauthorized use. access. and destruction of hardware. software. software. data. or network resources • The unauthorized release of information • The unauthorized copying of software • Denying an end user access to his or her own hardware. modification. data. or network resources • Using or conspiring to use computer or network resources illegally to obtain information or tangible property .

or the unauthorized access and use of networked computer systems .Hacking Definition: • The obsessive use of computers.

services.Common Hacking Tactics • Denial of Service – hammering a website’s equipment with too many requests for information. effectively clogging the system. and connections . slowing performance or even crashing the site • Scans – widespread probes of the Internet to determine types of computers.

capturing passwords or entire contents • Spoofing – faking an e-mail address or Web page to trick users into passing along critical information like passwords or credit card numbers .Common Hacking Tactics • Sniffer – programs that covertly search individual packets of data as they pass through the Internet.

contains instructions that exploit a known vulnerability in some software • Back Doors – a point hidden point of entry to be used in case the original entry point has been detected or blocked . unknown to the user.Common Hacking Tactics • Trojan Horse – a program that.

Common Hacking Tactics • Malicious Applets – tiny programs that misuse your computer’s resources. send fake e-mail. or steal passwords • War Dialing – programs that automatically dial thousands of telephone numbers in search of a way in through a modem connection . modify files on the hard disk.

Common Hacking Tactics • Logic Bombs – an instruction in a computer program that triggers a malicious act • Buffer Overflow – a technique for crashing or gaining control of a computer by sending too much data to the buffer in a computer’s memory • Password Crackers – software that can guess passwords .

Common Hacking Tactics • Social Engineering – a tactic used to gain access to computer systems by talking unsuspecting company employees out of valuable information such as passwords • Dumpster Diving – sifting through a company’s garbage to find information to help break into their computers .

Cyber Theft Definition: • Computer crime involving the theft of money .

or playing video games. to unauthorized use of the Internet on company networks .Unauthorized Use Definition: • Time and resource theft may range from doing private consulting or personal finances.

images. such as music. videos. books and other written works especially vulnerable to copyright infringement . articles.Piracy • Software Piracy – unauthorized copying of computer programs • Piracy of Intellectual Property – unauthorized copying of copyrighted material.

Worm • Computer Virus – a program code that cannot work without being inserted into another program • Worm – distinct program that can run unaided .Virus vs.

and safety of all information system processes and resources. integrity.Security Management • The goal of security management is the accuracy. .

Internetworked Security Defenses • Encryption – data transmitted in scrambled form and unscrambled by computer systems for authorized users only • Firewalls – a gatekeeper system that protects a company’s intranets and other computer networks from intrusion (interruption) by providing a filter and safe transfer point for access to and from the Internet and other networks .

Denial of Service Defenses • At the zombie (Robots) machines – set and enforce security policies • At the ISP – monitor and block traffic spikes (points) • At the victim’s website – create backup servers and network connections .

Internetworked Security Defenses • E-mail Monitoring – use of content monitoring software that scans for troublesome words that might compromise corporate security • Virus Defenses – centralize the distribution and updating of antivirus software .

and destruction . fraud.Other Security Measures • Security Codes – multilevel password system used to gain access into the system • Backup Files – duplicate files of data or programs • Security Monitors – software that monitors the use of computer systems and networks and protects them from unauthorized use.

Other Security Measures • Biometrics – computer devices that measure physical traits that make each individual unique • Computer Failure Controls – devices used to prevent computer failure or minimize its effects .

and software that provide a: – Fail-over capability to back up components in the event of system failure – Fail-safe capability where the computer system continues to operate at the same level even if there is a major hardware or software failure .Fault Tolerant Systems • Systems that have redundant processors. peripherals.

software.Disaster Recover • Formalized procedures to follow in the event a disaster occurs including: – – – – – – Which employees will participate What their duties will be What hardware. and facilities will be used Priority of applications that will be processed Use of alternative facilities Offsite storage of an organization’s databases .