MIS Revised

8/6/2019 MIS Revised

http://slidepdf.com/reader/full/mis-revised 1/32

Definition:

An information system can be any organizedcombination of people, hardware, software,

computer networks and data resources that stores and retrieves, transforms, and

disseminates information in an organization.

Roles of IS in Business:

There are three fundamental reasons for all

business applications of informationtechnology. They are found in the three vital

roles that information system can perform fora business enterprise.

Support of its business processes andoperations.

Support of decision making by its employeesand managers.

Support of its strategies for competitiveadvantage.

Trends in IS:

The business applications of informationsystems have expanded significantly over the

years.

Data Processing (1950s 1960s): Electronicdata processing systems which includestransaction processing, record keeping, and

traditional accounting applications.

Management Reporting (1960s 1970s):Management information systems that includepreparation of management reports of pre

specified information to support decisionmaking.

Decision Support (1970s 1980s): Decision

support systems include interactive ad hocsupport of managerial decision makingprocess.

Strategic and End User Support (1980s 1990s):

End user computing systems: Direct computing support for end user productivity

and work group collaboration.

Executive information systems: Critical

information for top management.

Expert Systems: Knowledge based expert advice for end users.

Strategic Information Systems: Strategicproducts and services for competitiveadvantage.

Electronic Business and Commerce (1990s 2000s):

Internet based e-business and e-commercesystems: Web enabled enterprise and global e -

business operations and electronic commerceon the internet, intranets, extranets, and ot her

networks.

What is MIS?

Right Information

To the right person

At the right place

At the right time

In the right form

At the right cost

Why MIS?

Increased Business & Management Complexities

Technological Revolution

Research & Development

Explosion of Information

Increased Management Complexities

Management Science Technologies

Decision-making

Onset of Computers

Types of Information System:

Conceptually the applications of informationsystems that are implemented in todays

business world can be classified in severaldifferent ways. Several types information

systems can be classified as either operationsor management information systems.

Operations Support System: information

systems have always been needed to process



data generated by and used in, busin ess

operations. Such operations support systemsproduce a variety of information products for

internal and external use. However they donot emphasize producing the specific

information products that can best be used bymanagers. The role of a business fir msoperations support system is to efficientlyprocess business transactions, control

industrial processes, support enterprisecommunications and collaborations and

update corporate databases.

Transaction Processing Systems: Are animportant example of op erations support system that record and process data resultingfrom business transactions.

Process Control Systems: Monitors andcontrols physical processes. They enhanceteam and workgroup communications and

productivity, and include applications that aresometimes called as office automationsystems.

Management Support Systems: Wheninformation systems applications focus on

providing information and support foreffective decision making by managers, they

are called management support systems.Providing information and support fordecision making by all types of managers andbusiness professionals is a complex task.

Conceptually, several major types of management support system includes:

Management Information System: MISprovides information in the form of reports

and displays to managers and many businessprofessionals.

Decision Support System: DSS give direct computer support to managers during thedecision making process.

Executive Information System: EIS providecritical information from a wide variety of internal and external sources easy to use

touch screen terminals to instantly view text and groups display that highlights key areas of organizational and competitive performance.

Information System Resources:

An information system consists of five majorresources: people, hardware, software, dataand networks.

People Resources: People are an essentialingredient for the successful operation of all

information system. The people resourcesinclude end users and IS specialists.

Hardware Resources: The concept of

hardware resources include all physicaldevices and materials used in informationprocessing. Specifically, it includes not only

machines, such as computers and otherequipment, but also all data media, from

sheets of paper to magnetic or optical disks.

Software Resources: The concept of softwareresources includes all sets of informationprocessing instructions. This generic concept of software includes not only the set of

operating instructions called programs, whichdirect and control computer hardware, but also the sets of information processinginstructions called procedures that people

need.

Data Resources: Data are more than rawmaterials of information system. The concept of data resources has been broadened by

managers of information systemsprofessionals. They realize that dataconstitute valuable organizational resources.

Thus data is viewed as an important resourcethat must be managed effectively to benefit theend users in an organization.

Network Resources: Telecommunicationstechnologies and networks like the internet,

intranet and extranet are essential to thesuccessful electronic business and commerceoperations of all types of organizations andtheir computer based information systems.Telecommunications networks consist of computers, communications processors and

other devices interconnected bycommunication media and controlled by

communications software.

IS Activities:

The basic information processing activitiesthat occur in information system includesinputting, storing, processing, outputting andcontrolling.



Inputting: Data about business transactionsand other events must be captured andprepared for processing by the input activity.

Input typically takes the form of data entryactivities such as recording and editing. End

users typically enter data directly into acomputer system, or record about transactions on some type of physical mediumsuch as a paper form. This usually includes a

variety of editing activities to ensure that theyhave recorded data correctly. Once recorded

data may be transferred onto a machinereadable medium such as a magnetic disk until

needed for processing.

Processing: Data are typically subjected toprocessing activities such as calculating,comparing, sorting, classifying andsummarizing. These activities organize,analyze, and manipulate data, thus convertingthem into information for end users. The

quality of any data stored in an informationsystem must also be maintained by a continual

process of correcting and updating activities.

Outputting: Information in various forms istransmitted to end users and make availableto them in the output activity. The goal of

information system is the production of appropriate information products for endusers. Common information products includemessages, reports, forms and graphic images,

which may be provided by video displays,

audio responses, paper products andmultimedia.

Storing: Storage is the basic systemcomponent of information system. Storage isthe information system activity in which dataand information are retained in an organizedmanner for later use. This facilitates theirlater use in processing or retrieval as outputswhen needed by users of a system.

Controlling: An important information systemactivity is the control of system performance. An information system should producefeedback about its input, processing, output,and storage activities. The feedback must bemonitored and evaluated to determine if thesystem is meeting established performancestandards.

System Concepts:

UNIT 3: Computer Hardware:

What is a Computer System:

Computer hardware is composed of CPU,Input/Output devices, Primary & Secondary

storage & Communication devices. The input devices accept data and instructions and

convert them into a format that the computercan understand. The CPU manipulates the dataand controls the task done by othercomponents. The primary storage temporarily

stores data and programs instructions duringprocessing. It also stores intermediate results

of the processing. The secondary storagestores data and programs for future use.

Finally the communication devices provide forthe flow of data from external computer

networks to the CPU and vise versa.

Evolution of Computer Hardware:

Computer hardware has evolved through fourstages or generations of technology. Each

generation has provided increased processingpower and storage capacity whilesimultaneously decreases in cost.

Feature

1st

(4656)

2nd 57-63

3rd (64-79)

4th(80-88)

5th88-

Circuitry

Vacuum

Tube

s

Transistors

Integrated

Circuit

s

LSI/VLSI

ULSI



Prim

aryStora

ge

2 kb 64 kb 4 mb 16mb 64

mb

Cycle

Time

100

misec

10 mc

sec

500 n

sec

800 p

sec

200

0 psec

Fifth Generation:

In this generation massively parallelprocessing with process of multiple

instructions are used in computer. This type of computer use flexibly connected networkslinking thousands of inexpensive commonlyused chips to address large computing

problems attaining super computer speeds.

With enough chips networked together atrillion floating point operation per secondcan be possible.

Future Generations:

A DNA computation is done by coding aproblem into the alphabet and then creatingconditions under which DNA molecules areformed that encode all possible solutions of a

problem. DNA computer process in parallelare potentially double as fast as todays supercomputers. In addition modern storage media

stores information at a density 1 bit per 1012nm while DNA computers have storage density

of 1 bit / cubic nm.

Optical Computers:

Scientist are working on a machine that usesbeams of light instead of electrons called opticelectronics. These computers are expected to

process information several hundred timesfaster then current computers.

Types of Computer:

Computers are distinguished on the basis of their processing capabilities.

Super Computers:

The primary activity of super computers hadbeen in scientific and military work but theiruse is growing rapidly in business as their

prices decreases. These are especiallyvaluable for large simulation models, complex

mathematical representations andcalculations are required for image creationand processing. Super computers usestechnology of parallel processing.

Mainframes:

This is an ultra high performance computermade for high volume process or intensive

computing. It is capable of supporting largedata processing, high performance onlinetransaction and extensive data storage andretrieval. Large corporations where dataprocessing is centralized and large databases

are maintained most often use mainframecomputer. Example of mainframe computerare IBMs ES000, VAX 8000, and CDC 6600.

Mini Computer:

This is a small digital computer normally ableto process and store less data than amainframe but more than a micro computer.

Mini computer is designed to meet the

computing needs for several people which iscapable of supporting 4 to 200 simultaneoususers. It is a multi user system and used for

real time controls and engineering designworks. Example: PDP 11, IBM 8000 series and

VAX 7500.

Micro Computer:

This is a small low cost digital computerconsist of micro processor storage unit input and output channels all of which may be in 1

chip inserted into one or several PC boards.Originally this was designed for individualusers but now days they have become

powerful tools for many business that arenetworked together. E.g. IBM PC Pentium 100,

200, and Apple mackintosh

Micro computers includes desktop, laptop andhandheld models.

Computer System (Architecture):



Any computer system has three importa nt components. CPU, Input unit and Output Unit.

CPU:

CPU or the microprocessor is referred as thebrain of the computer with VLSI chip inside

the system plugged on to the mother board. Aprocessor controls all internal and externaldevices operates only on binary data

composed of 1 or 0 to perform arithmetic andlogic operations.

Basic functions of CPU are

Issues commands to all parts of computer.

Controls sequence of operation as per storedinstructions,

Stores data and programs.

Performs data processing operations

Sends results to output unit

CPU consists of control unit, ALU, Registers &Primary Storage.

ALU

The ALU performs required arithmetic andcompetitions or logic operations. The ALU

adds, subtracts, multiplies, divides compares

and determines whether a number is positive,negative or zero. The ALU operations areperformed sequentially based on instructions

from the control unit. For these operations tobe performed the data move from the storageto the arithmetic registers in the ALU.

Control Unit:

This unit checks the instructions & directsother components of the computer system to

perform the function required by the program.

It interprets and carries instructions, contents,in computer, selecting program statementsfrom primary storage, moving them to theinstructions registers in the control unit. It controls input and output devices and datatransfer processes from and to memory.

Memory Unit:

This unit holds the intermediate results

during the course of calculation and provides

the data as and when required. It stores the

program instruction and data on which theprocessor is working. The internal storage

section is called primary memory or mainmemory which stores processed data and

intermediary results. When the processing isfinished it transfers the final results to anoutput device.

Registers:

The registers are special purpose high speedtemporary memory units which holds various

information such as data instructionsaddresses and intermediate results of

calculations. Registers are known as CPUsworking memory. Important registers withinCPU are Program counters, InstructionsRegister, Memory Address Registers, MemoryBuffer Register, Accumulator and DataRegister. Size and length of each register

determined by its function and instructionregister holds the instructions to be executedand same number of its as the instructions.

Buses:

set of wires used for interconnection in CPU isknown a system bus. System bus has a certainsize and width called data path which is

measured in bits. It is further divided intothree logical units called address bus, data busand control bus.

Input/Output Unit:

Computer system incorporates Input & Output devices which acts as a communication

medium. Input unit accepts instructions anddata from the uses to the computer. Some of

the input devices are keyboard, mouse, light pen etc. Output units are instruments of interpretation and communication betweenhuman and computer. These devices take themachine coded output results from the

processor and converts them into a form that can be used as a machine input in anotherprocessing cycle. Monitors, Printers and

Plotters are examples.



UNIT 5: Managing Organisational Data &

Information

Database Management System:

DBMS is a collection of interrelated data and aset of programs to access those data. The

primary goal of a DBMS is to provide a way tostore and retrieve database information that is both convenient and efficient. Database

systems is a computerized record keepingsystem which provides mechanisms for thesafety of the stored information from data

corruption and unauthorized access.

DBMS Architecture:

The ANSI/SPARC architecture is divided intothree levels, known as the internal, conceptualand external level.

Internal Level:

This is also known as the physical level is theone closest to the physical storage i.e. it is theone concerned with the way the data isphysically stored.

External Level:

This is also known as the user logical level isthe one closest to the users it is the one

concerned with the way the data is seen byindividual users.

Conceptual Level:

This is also known as the community logicallevel, or sometimes just the logical level,

unqualified is a level of indirection betweenthe other two.

Working Principle:

The DBMS is a software that handles all accessto the database. Conceptually what happens isthe following:

A user issues an access request, using someparticular data sublanguage typically SQL)

The DBMS intercepts that request andanalyzes it.

The DBMS inspects, in turn, the externalschema for that user, the correspondingexternal/conceptual mapping, the conceptual

schema, the conceptual/internal mapping, andthe storage structure definition.

The DBMS executes the necessary operationson the stored database.

Data Models:

Underlying the structure of a database is thedata model, a collection of conceptual tools for

describing data, data relationships, datasemantics, and consistency constraints. A data

model provides a way to describe the design of a database at the physical, logical and viewlevel. The data models can be classified in fourdifferent categories.

Relational Model: The relational model uses acollection of tables to represent both data andthe relationships among those data.

Entity Relationship Model: The entit yrelationship model is based on a perception of

a real world that consists of a collection of basic objects called entities and of relationship

among these objects.

The object oriented data model is anotherdata model, which can be seen as an extensionof E-R model with notations of encapsulation,methods, and object identity. The object relational data model combines features

object oriented data models and relationalmodel.

Semistructured Data Model: Thesemistructured data model permits the

specification of data where individual dataitems of same type may have different set of attributes. The Extended Markup Language

(XML) is widely used to represent semistructured data.

Database Languages:

A database system provides a data-definitionlanguage to specify the database schema and adata-manipulation language to expressdatabase queries and updates. In practice, thedata definition and data manipulation



languages are not separate languages, insteadthey simply form parts of a single language,such as the widely used SQL language.

Database Design:

Database systems are designed to managelarge bodies of information. Database designmainly involves the design of databaseschema. The design of a complete database

application environment that meets the needsof the enterprise being modeled requiresattention to a broader set of issues.

Benefits of a Database Systems:

Database systems arose in response to earlymethods of computerized management of commercial data. The typical file processingsystems is supported by conventional

operating system. Using the databaseapproach has the following benefits over thetraditional file processing approach.

Data Redundancy:

This refers to duplication of data. In non

database system each application with ownseparate files often lead to redundancy in

store data which results in wastage of space.Database systems does not maintain separate

copies of the same data. All the data kept inone place and various application refer fromthis centrally controlled system.

Data Inconsistency:

Database is said to be inconsistent whencontradictory information will be supplied to

the users. DBMS ensures the database isalways consistent by ensuring that any change

made to either of the two or more entities isautomatically applied to the other one also.

This process is also known as propagatingupdate.

Sharing of Data:

Sharing of data allows the existing applicationto use the data by multiple users of thedatabase system. Due to shared data it is

possible to satisfy the data requirement of new applications without creation of additional stored data or marginalmodification.

Enforcement of Standards:

DBMS uses standard measures in naming,formatting and structuring while creating and

using data within the organization. Thisensures easier enforcement of data usage

particularly in migrating and interpreting databetween two different systems.

Data Security:

To ensure security DBMS provides security

tools such as user codes and passwords so that data security checks can be carried out

whenever access is attempted to sensitivedata.

Concurrent Access:

For the sake of overall performance and fasterresponse time many systems uses multipleusers to update the data simultaneously. In

such environment interactions of concurrent updates may result in data inconsistency.DBMS guards against this possibility bymaintaining some form of supervision intosuch applications.

Atomicity Problems:

A computer system like any other mechanicaldevice is subject to failure. In manyapplications it is crucial that if a failure occurs

the data is restored to the consistent state that existed prior to the failure. DBMS takes care of such problems by making the transactionsatomic it must happen in entirety or not at

all.

Data Integrity:

Data integrity refers to ensuring data indatabase is accurate. This is ensured through

enforcing various integrity constraints duringthe time of creation of data structure.

Better Interaction with Users:

In case of DBMS the availability of up-to-dateinformation improves and makes it easy torespond to unforeseen information request.

Centralizing the data in database allows usersto obtain new and combined information.

Efficient System: in DBMS the contents of stored data can be changed easily and do not have any impact on the app lication programs.



Initial cost of DBMS may be high but overall

costs is less compared to conventional system.

Unit 6: Telecommunications & Networks:

A communication system is defined as thecollection of software and hardware that facilitates inter system exchange of

information between different devices.Sharing of info is of 2 types. 1) Local (face to

face communication) 2) Remote(Communication over distance).

The fundamental characteristics of datacommunication is considered as follows.

Delivery ( The system must delver data to thecorrect destination

Accuracy ( The system must deliver data

accurately

Timeliness ( System must deliver data in atimely manner without enough time lags

Data Communication. Components.

Message: It is the info. That is to b ecommunicated

Sender: I is the device that sends the message

Receiver: Device that receives the message

Medium: The transmission medium is thephysical path that communicates the message

from sender to receiver.

Protocol: Protocol refers to a set of rules that coordinates the exchange of info. Both thesender and receiver should follow the same

protocol to communicate data.

Data transmission mode:

Simplex mode: It is unidirectional. The infoflows in one direction across the circuit withno capability to support response in the otherdirection. Eg. TV transmission

Half Duplex: In this mode each communicationdevice can receive and transmit info but not at the same time. When one device is sending the

other can only receive at that point of time. Eg

wireless handsets

Full Duplex (Duplex): This mode allows bothcommunicating devices to transmit andreceive data simultaneously. Eg. Telephone

network.

Data Communication Measurement.

The quantity of data that is communicated is

measured in terms of bandwidth. Bandwidthrefers to the maximum volume of info that can

be transferred. It is measured in bits persecond (BPS) or KBPS. The level of bandwidth

falls into 3 categories :

Narrow band: Single transmission channel of 64 KBPS or less.

Wide Band: 1.544 MBPS to 45 MBPS

Broadband: 45 MBPS or more

Transmission Media

Transmission is the physical media thru whichdata and info are transmitted. It is divided into2 categories:

Guided media

Unguided media.

Guided Media: This uses a cabling system that

guides the data signal along a specific path.There are 4 basic types of guided media.

Open wire cable,

Twisted pair cable,

Coaxial cable,

Optical Fiber

Unguided Media: data signals flow thru the air.

Eg. Radio frequency propagation, Microwavepropagation, Satellite.

Analog & Digital Data transmission.

Analog Signal: It is a continuous wave formthat changes smoothly over time. The sinewave is the most fundamental form of ananalog signal. Sine waves are characterized by3 things.



Amplitude (Magnitude for electrical signals it is measured in volts or amperes)

Frequency (Measured in Hertz)

Wavelength refers to the distance betweensimilar points of a given wave measured in

Armstrong.

Digital Signals: It is the data stored in the form

of 0s and 1s.

Modulation: It refers to the process of impressing information thru a carrier wave by

changing some of the waves characteristicsviz. amplitude, frequency or phase, so that it is

more suitable for transmission over themedium between transmitter and receiver.There are 2 forms of modulation

Amplitude modulation and

Frequency Modulation.

Multiplexing: Multiplexing refers to theprocess of transmitting more than one signalover a single link, root or channel. There are 2

basic multiplexing techniques

FDM (Frequency Division Multiplexing) Info

from multiple channels can be allocatedbandwidth on a single wire based on

frequency.

TDM (Time Division Multiplexing) Info frommultiple channels can be allocated based ontime slot.

Asynchronous vs. Synchronous Transmission:

Asynchronous: It refers to the transmission of one character at a time, with intervals of

varying lengths, with start bits at thebeginning and stop bits at the end to controlthe transmission.

Synchronous: Here data is sent in blockswithout the need for start and stop bits.

Switching: Switching refers to routing traffic

by setting up of temporary connections

between 2 or more network points. A

temporary connection is achieved by deviceslocated at different locations on the network

called switches. There are 3 methods of switching:-

Circuit Switching: It is a type of communication in which a dedicated channelis established between 2 devices for theduration of the network. E.g. PSTN Public

switch telephone network.

Packet Switching: This introduces the idea of breaking data into packets. Each packet contains addresses for the machine sending it

and the machine expected to receive it. At Thedestination the packets are reassembled toform the original message.

Message Switching: It uses a message stor eand forward system where each message

contains a destination address and is passedfrom source to destination thru intermediatenodes. At each transfer point in the connectionincoming data is stored in its entirety and then

forwarded to the next point. This processcontinues until the data reaches its

destination.

TCP/IP MODEL : Transmission ControlProtocol / Internet Protocol The TCP/IP

protocol contains 5 main layers

1) Application

2) Transport

3) Network

4) Data link

5) Physical.

The data unit initially created at theapplication layer (by an application viz. e -mail,web browser) is called as a message. Amessage is actually broken down intosegments by the transport layer. The transport

layer of the TCP/IP contains 2 protocols

1) TCP (Transmission control protocol)

2) UDP (User datagram protocol. TCP is moreoften used.



The transport layer then adds its own headerto the segment and gives it to the network

layer. The network layer adds the IP (Internet protocol) header to this block and gives the

result to the data link layer. The data link layer adds the frame header and gives it to thephysical layer for transmission. At the physicallayer the actual bits are transmitted as voltage

pulses. An opposite process happens at thedestination ends where each layer removes

the previous layers headers and finally theapplication layer receives the original

message.

Unit 7: The Internet, Intranet and Extranets

Internet Concepts:

With the growing popularity of computers andsubsequent networking abilities intercommunication between diff. computersbecame easier and led to the phenomenoncalled internet. Derived from two wordsinterconnection and networks, internet is a

world wide system of computer networks i.e. anetwork of networks. It allows the

participants to share information on thosemillions of linked computers. This high level of

connectivity gives rise to an unparalleleddegree of communication, resource sharingand information access.

Evolution of Internet

The origin of internet dates back to 1960s andis the result of an experiment conducted by

the US department of defense. In 1969 a 4computer network called Arpanet was

designed for communication of the US defensescientist. By 1970 ARPA (advanced researchprojects agency) developed a new protocolnamed as TCP/IP (transmission controlprotocol/ internet protocol) for transferring

data between networks. In 1980s NationalScience Foundation (NSF) used Arpanet to link super computers at measure universities for

sharing wok.

The rapid growth of the Internet was due tonetworking giants like British Telecom,Hyundai, AT&T and others setting up fast andreliable networks that encircled the globe.These networking giants gave access to theinternet via gateways Using ISP gateway it isperfectly possible to route business or

commerce data from one point of globe to

another. An ISP gateway generally consist anISP server to the internet called its internet

pipeline. ISP pipeline bandwidth of 2 to 10 GBis quite common.

Clients that log into Internet via ISP commonlyuse only 33.6 kilobytes of ISPs bandwidth.Occasionally a client whose data traffic is veryhigh will use special connectivity methods

(ISDN) to an ISP server and use 64kbps to128kbps of ISP bandwidth. MNCs directly

negotiate with networking giants to have theirown private gateway and then make use of

huge bandwidth for its data transfers.

However modern day internet becamepopular in the 1990s after the development of World Wide Web (WWW) by Europeanresearch organization (CERN). The CERNdeveloped the protocol based on hyper text

(HTTP) for connecting to content using hyperlink. The WWW also permitted access toinformation using a Graphical User Interface

(GUI).

Working of Internet

TCP/IP is the only protocol used to send dat aon the internet. It is the combination of two

individual sections TCP, a set of communication protocols and IP, a uniqueaddress. Every machine connected to internet

most have an unique IP address assigned bythe Internet Service Provider (ISP) to identifythat machine. This unique IP address

therefore points to an actual computer knownas domain which is connected via a gateway

to the internet. A physical domain (server)having a permanent IP address can provide

Gateway to other computers, Information forinternet users to read,

A physical location on which several virtual

domains can be hosted known as websitese.g. www.microsoft.com

Virtual domains are identified by a name (e.g.www.microsoft.com). Virtual domain names needs to beunique on the Internet. All virtual domainnames must be registered with InterNIC.Virtual domains can be conceptualized assubdirectories on an internet servers harddisk. The information that internet clientswish to read would be Files within thesubdirectory.



When an Internet client requests forconnection to a virtual domain on the internet,the request is routed to the proper Internet

Server using TCP/IP. The Web Server runningon this Internet Server then handles the

request, resolves the Virtual Domain Namesent along with this request, to an appropriatesubdirectory on the Internet Server where thewebsite is hosted.

Computers that only read information offeredneed not have a permanent IP address.

However when logged into internet a client requires a unique IP address. This IP address

enables the Internet server called, to replyaccurately. The ISP server via which the client connects to the Internet temporarily assigns aunique IP address to the client. ISPs purchasea block of unique IP address frominternationally recognized networking bodies.Thus whenever a client logs on, via the ISPs

server one of the unique IP address istemporarily assigned to the computer. The

maximum number of computer that can loginto an ISP server is therefore limited to the

blocks of unique IP address purchased by theISP from the international body.

Resolving Domain Names:

When any client wishes to communicate withany internet server, using a web browser, theclient sends out a broadcast using the Servers

Domain name as its identifier.

The ISP Internet Server intercepts this request first.

Should the Domain Name be unknown to theISPs Internet Server.

The ISP Internet Server will broadcast to anInterNIC Root Server.

In the InterNIC Root Servers Hosts file the

Domain Name will be mapped to an IPaddress.

This IP address will be returned to the ISPsserver.

The ISPs server will now pass this IP addressback to the client browser.

The Client browser will now broadcast arequest to connect directly to the Internet Server using its IP address.

As soon as this call is heard by the Internet Server it will respond and a link is establishedbetween the client and the Internet Server.

Web Server software running on the Internet Server takes care of connecting a client to the

virtual domain as required.

Once the client is connected to the appropriatedomain, the Web Server Software delivers the

client the first HTML page of that domain andbrowsing for the specific domain can begin.

The TCP/IP:

TCP/IP uses IP to deliver packets to the upperlayer applications and provides a reliable

stream of data among computers on thenetwork. Once the packets arrives at thecorrect IP address, TCP goes to work. TCPmain task is error checking, to make sure that the right number of packets are received andthey are in proper order. Thus TCP guaranteesthat the information that was received by acomputer on TCP/IP network, is exactly thesame information that was sent to by another

computer in the network.

The IP is responsible for basic network connectivity when mapped to the TCP/IPlayers, the IP works with the Network Layer

in networking there has to be a physicallocation to send data to or receive data from.

To make this happen every physical locationmust have a unique network address. Hence

every computer on a TCP/IP network must have an IP address, which is unique to that

computer.

The IP address is a set of numbers separatedby periods. An IP address is a 32 b it number,divided into two sections, the network numberand the host number. Address are written asfour fields, eight bits each separated by aperiod. Each field can be a number ranging

from 0 to 255. this method of addressing iscalled dotted decimal no tation.

TCP/IP consists of protocols, applications, andservices. Protocols enable a server applicationto offer services, and a client application to usethese services

Getting connected

The basic requirements for online are



A TCP/IP enabled computer wi th a browser

An account with an ISP

A telephone line or WAP

Modem to connect the computer to thetelephone line.

Types of internet connections

Common types of internet access available forthe users depending on the requirements are

ISDN (Integrated services digital network)

Cable modem

Leased lines of very high connectivity

Digital subscribed line (BSNL broad band)

Satellite broadband

Dial up connection.

Internet Services:

Due to the colossal growth of internet the userhas access to a wide ver ity of servicesavailable on the net.

World Wide Web (www): It is a subset of internet and presents a wide variety of

information in the form of text, images,animation, video, sound and multimedia on a

single interface.

Email: it is the most used applicat ion on thenet. Each user of email has a mailbox addressto which messages are sent and the mailboxcan be accessed from any where, any time.

File transfer protocol (FTP): Softwareprogrammed that enables user to log on toanother computer and transfer information.

Telnet: derived from telecommunications andnetwork. This protocol allows the user to log

on to a remote computer any where in theworld and use it as if it is available locally.

Internet relay chat (IRC): IRC is a service that allows communicating in real time and

carrying on conversations via the computer

with one or more people.

Instant messaging: Communication in realtime by typing text, also used for sending Sass

Internet Telephony: Use of internet toexchange spoken or telephonic informationbypassing traditional telephoneinfrastructure.

Video conference: Same technology as IRC but

provide sound and video. A VC system has twoor more parties in different location using a

combination of video, audio and data.

E-commerce: Conducting business on theinternet. This refers to buying and selling of goods and services online. Concepts of B2B,B2C, C2C, Internet banking etc e..g. www.amazon.com,www.ebay.com.

News groups: International discussion groupsthat focus on particular topic and help ingathering information about that topic.

Mailing list: The internet is a home to a largecommunity of individuals organized around

topic oriented forums. To carry out activediscussions distributed via email.

Search engines: Searching the wealth of information on just about any topic using

special tools called search engines e.g.www.google.com.

Unit 8: Electronic Commerce:

E-COMMERCE :

Electronic commerce (also referred to as EC, e -commerce or ecommerce) consists primarily

of the distributing, buying, selling, marketing, andservicing of products or services over electronic

systems such as the Internet and other computer

networks. The information technology industry might see it asan electronic business application aimed at commercialtransactions; in this context, it can involveelectronic funds transfer , supply chain management , e-marketing, online marketing,online transaction processing, electronic data interchange (EDI),

automated inventory management systems, andautomated data collection systems.

Electronic commerce typically uses electroniccommunications technology of the World Wide Web, at some point in the transaction's lifecycle,although of course electronic commerce

frequently depends on computer technologies



other than the World Wide Web, such as databases, and e-

mail, and on other non-computer technologies,such as transportation for physical goods sold via e-

commerce

History:

Electronic commerce applications began in the

early 70s with such innovations as electronictransfer of funds. However, the applications

were limited to large corporations. Then cameEDI, which expand EC from financial

transactions to other kinds of transactionprocessing and extend the types of

participating companies from financialinstitutions to manufacturers, retailers,services and other forms of business.

With the commercialization of the Internet making available 60 million potentialcustomers, EC applications have expandedrapidly. Over the last five years w e havewitnessed many innovative applications fromadvertisement to auctions and virtual reality

experiences.

The EC Area:

The EC applications are supported byinfrastructure (five categories) and the

implementation of these applications depends

on four major areas: people, public policy,technical standards and protocols, and otherorganizations. The EC management

coordinates the applications, infrastructuresand pillars.

Another way to look at the EC field is to divideit into the following two components:

Interorganisational Information Systems(IOS): IOS involves information flow amongtwo or more organizations. Its major objective

is efficient transaction processing, such astransmitting orders, bills, and payments usingEDI. All relationship are predefined, there is

no negotiation, just execution.Interorganisational systems are used

exclusively for b2b applications.

Benefits and Limitations of e-Commerce:

Few innovations in human history encompass

as many benefits as electronic commerce. The

global nature of the technology, the low cost,

the opportunity to reach hundreds of millionsof people, the interactive nature, the variety of

interaction possibilities, and theresourcefulness and rapid growth of the

supporting infrastructure, especially theInternet, result in many benefits toorganizations, individuals and society etc. thebenefits are just starting to materialize, but

they will increase significantly as EC expands.

Benefits to Organizations: EC expands themarket place to national and internationalmarkets. With minimal capital outlay, a

company can easily and quickly locate morecustomers, the best suppliers and the most suitable business partners worldwide.

EC decreases the cost of creating, processing,distributing, storing and retrieving paperbased information.

EC allows reduced inventories and overheadsby facilitating pull type supply chainmanagement where the process starts from

customer orders and uses just in timeprocessing. This allows product customization

and lowers inventory costs.

EC reduce the time between the outlay of capital and the receipt of products andservices.

EC supports BPR efforts. When processes arechanged, productivity of salespeople,

knowledge workers, and administrators canincrease by 100% or more.

EC lowers telecommunications cost; theInternet is much cheaper than VANs.

EC helps small businesses to compete against large companies.

EC enables organizations to reach customers

outside their immediate area at a minimumcost.

EC allows organizations to reach a wide rangeof suppliers, thereby reducing the cost of suppliers can share benefits.

EC allows companies to auction surpluses orobsolete products quickly with little expenses.

EC facilitates global trade, allowing companiesto penetrate foreign markets.



Benefits to Customers:

EC provides customers with more choice; theycan select from many vendors and from moreproducts.

EC frequently provides customers with lessexpensive products and services by allowing

them to shop in many places and performquick comparisons.

In some cases EC allows quick delivery of products and services.

Customers can get relevant and detailedinformation in seconds.

EC makes it possible to participate in virtualauctions.

EC allows customers to interact with othercompanies in electronic communities and toexchange ideas and experiences.

Technical Limitations:

Lack of system security, reliability andstandards and communication protocols.

Insufficient telecommunications bandwidth

The s/w development tolls are still evolvingand changing rapidly.

Difficult in integrating the Internet and EC s/wwith some existing applications and databases.

The need for special Web servers in additionsto network servers.

Classification of eCommerce:

B2B eCommerce:

Business-to-Business Electronic Commerce,also known as E-Business, is experiencing anexplosive growth rate on the Internet.

Companies of all sizes and types are nowmutually buying and selling products andservices on the Internet.

B2B also offers unique benefits such as lesshuman intervention, less overhead expenses,fewer inadvertent errors, more efficiency,

more advertising exposure, new markets and

new physical territories equate to an

intelligent method of mutual business. It is awin-win situation for both buyer and seller.

These are just a few of the benefits that B2B E -commerce can offer. It is already well accepted

in the business community, that the potentialreturn of doing business on the Internet is fargreater than the investment. The bottom lineis greater profits for the business.

Currently there are 2 main issues to deal withwhen conducting a B2B E-commerce

Supply Chain Management - to co-ordinate thefields of competition turned to efficiency in

manufacturing. In the 80's, concepts like LeanManufacturing, Design for Manufacturability,Just-in-Time, and Stockless Productionemerged. If properly managed, the operatingcosts of such systems can be substantially

reduced. Reduction in costs can be in the formof reduced inventory cost, obsolescence,transportation and other logistics costs,overhead and direct labor costs. All have

pointed out potential savings in costs that could amount to billions when companies can

engage in supply chain integration efforts.

Electronic Procurement System - usingInternet technologies to handle product distribution to the buyer and from supplierwhile at the same time removing the

complexity of multi-level paper andprocessing which are labors intensive. Thisallows the business to run more efficiently and

allows purchasing professionals to have moretime to focus on complex acquisitions and

supplier negotiation. Besides reducing cost and hassle, it must be designed expressly forcasual use by untrained employees and it must also provide extensive management controls,reporting, and integration with existingsystems.

B2C e-Commerce:

B2C (Business-to-Consumer) is basically aconcept of online marketing and distributingof products and services over the Internet. It isa natural progression for many retailers ormarketer who sells directly to the consumer.The general idea is, if you could reach morecustomers, service them better, and makemore sales while spending less to do it that would the formula of success for



implementing a B2C e -commerce

infrastructure.

For the consumer, it is relatively eas y toappreciate

The importance of e -commerce:

Why waste time fighting the very real crowdsin supermarkets, when, from the comfort of home, one can shop on-line at any time in

virtual Internet shopping malls, and have thegoods delivered home directly.

Who should use B2C e-Commerce?

Manufacturers - to sell and to retail thebusiness buyers

Distributors - to take orders from themerchants they supply

Publisher - to sell subscriptions and books

Direct Sales Firms - as another channel toreach the buyers

Entertainment Firms - to promote newproducts and sell copies

Information Provider - to take payment fordownloaded materials

Specialty Retailers - Niche marketers of products ranging from candles, coffees,

specialty foods, books use it to broaden theircustomer reach.

Insurance Firms - On-line rate quotes andpremium payments have made it easier for

this industry to attract and retain customers.In fact, virtually any business that can deliver

its products or provide its services outside itsdoors is a potential user

C2C e-Commerce:

It is sometimes referred to Peer2Peer (P2P)exchanges involve all transactions betweenand among consumers. These transactions canalso include third party involvement, usually

in the form of those who facilitate the

marketplace such as EBay.com. C2C exchanges can

include classified ads (the Trading Post online), music

and file sharing, career and job websites (Seek and CareerOne) and also personal services such as

dating websites (Lavalife).

In C2C networks, consumers sell goods andservices to other consumers. There aremillions of sellers with different items to selland an equally large number of buyers.Finding each other can incur quite a high cost

to both buyer and seller, and thus this is whyintermediaries like eBay are so important.

They simply mediate between consumers whowant to buy and sell, and take small cuts of the

sellers profit as a fee for bringing theircustomers to one marketplace.

Consumer2Consumer e-commerce has givenonline shopping and trading a new dimension.While this sort of trading is prevalent in theoffline world (garage sales, etc) it was not

expected to take off so well online, due to theanonymity of users.

The advantage of consumer to consumer e -

commerce is most often the reduced costs andsmaller but profitable customer base. It also

gives many small business owners a way tosell their goods without sinesses involve items

such as handmade gifts, personal artwork,clothing, running a highly profit drainingbricks-and-mortar store.

Uses of E-Commerce:

Advertising, Online Publishing and PushTechnology:

Advertisement and dismissing of products orservice information are currently t he largest

commercial activities on the internet. This isgenerally conducted through organizationsowns website, other organizations web siteelectronic publishers web site electroniccommerce vendors pages information kiosks

electronic malls news groups and otherinnovative approaches.

Banking, Personal Finance and Stock Trading:

Electronic banking also known as cyberbanking, virtual banking, home banking andonline banking includes various bankingactivities conducted from home, business, oron the road instead of a physical bank location. It has capabilities ranging from



paying bills to securing a loan electronically

saves time and money for users.

Unit 10: Data Knowledge & Decision Support:

Decision Support System:

The concepts involved in DSS were first articulated in the early 1970s in the early

1970s by Scott Morton. He defined suchsystem as interactive computer based system,

which makes decision makers utilize data andmodels to solve unstructured problems.

DSS like the term MIS and MSS, meansdifferent things to different people.

DSS can be viewed as an approach or aphilosophy rather than a precise methodology.

Why DSS?

Most companies now operate in unstableeconomy.

Most organization now faces increasing

foreign and domestic competition.

Tracking the numerous business operationare becoming increasingly difficult.

Companies existing computer system did not support the objectives of increasing efficiency,profitability, and entry into profitabilitymarkets.

The IS department could not begin to address

the diversity of the companys needs or

management inquiries.

Business analysis functions were not present within the existing system.

Other reasons for using DSS that were found insurveys are:

Accurate information is needed.

DSS is viewed as a organizational leader.

New information is needed.

Management mandated the DSS

Timely information is provided

Cost reduction is achieved.

Characteristics and Capabilities:

A DSS provides support for decision makers at all management levels, whether indivi dual orgroups, mainly in semistructured andunstructured situations by bringing together

human judgments and computerizedinformation.

A DSS supports several interdependent and/orsequential decisions.

A DSS supports all phases of the decisionmaking process intelligence, design, choice,

and implementation.

Supports variety of decision making processesand styles.

A DSS is adaptable by the user over time todeal with changing condition.

A DSS is easy to communicate and use.

A DSS promotes learning, which leads to new

demands and refinement of application, which

leads to additional learning and so forth.

A DSS usually utilizes models (standardand/or custom made)

A DSS allows the easy execution of sensitivityanalysis.

Structure and Components:

Every DSS consists of at least datamanagement, user interface, and model

management components.

Data Management Subsystem:

Data management includes the database(s)which contains relevant data for the situation,managed by database management system(DBMS).

User Interface Subsystem:



This component is other wise known ashuman machine communication) subsystem.The user can communicate with and command

the DSS through this subsystem.

Model Management:

This includes software with financial,statistical, management science, or otherquantitative models that provide the systems

analytical capabilities and an appropriatesoftware management program to manage themodels.

Knowledge Management:

This subsystem can support any of the othersubsystems or act as an independent component, providing knowledge for thesolution of the specific problem.

The components are put together for DSS

either

by programming them from scratch

by gluing together existing components

or by using comprehensive tools called DSSgenerators.

End user constructed DSSs are built withintegrated tools, such as Excel or Lotus 1 2 3,

which include spreadsheets, graphics, and

database management systems.

Data Management Subsystem:

The data management subsystem is similar toany other data management syste m. The

necessary data can flow from several sourcesand are extracted prior to their entry to a DSS

database. In some DSS there is no separate DSSdatabase, and data are entered into the DSS as

needed. In many DSS applications, data comefrom a data warehouse. A data warehouseincludes DSS relevant data extracted fromdifferent sources and organized as a relationaldatabase.

Model Management Subsystem:

The model base contains all the models andthe model building blocks used to developapplications to run the systems. The majorfunctions of MBMS include:

Creates models easily and quickly, either fromscratch, from exciting models or from building

blocks.

Allows users to manipulate models so theyconduct experiments and sensitivity analysis.

Stores and manage a wide variety of different types of models in a logical and integratedmanner.

Access and integrates the model buildingblocks

Catalogs and displays the directory of models.

Tracks models, data, and application usage.

Interrelates models with appropriate linkage

through the database

Manages and maintains the model base withmanagement functions analogous to databasemanagement.

The model management subsystem of DSS hasseveral elements: model base; model basemanagement system; modeling language ;model directory; and model execution,

integration, and command.

Knowledge Management Subsystem:

Many unstructured and semi structuredproblems are so complex that they require

expertise for their solutions. Such expertisecan be provided by an expert sys tem.Therefore, the more advanced DSS areequipped with component called knowledgemanagement. Such a component can providethe required expertise for solving some

aspects the problem or knowledge that canenhance the operations of the other DSS

components.

DataManagement

DataManagement

OtherComputerbased Systems

OtherComputerbased Systems

Manager/UserTasks

Manager/UserTasks

DialogManagement

DialogManagement

KnowledgeManager

KnowledgeManager

ModelManagement

ModelManagement



Executive Information (Support) Systems:

The majority of personal DSSs support thework of professionals and middle level

managers. Organizational DSSs providesupport primarily to planners, analysts,researchers or to some managers. Rarely do

we see a DSS used directly by top or evenmiddle level executives.

An executive support systems (EIS) alsoknown as executive support systems (ESS) is a

technology emerging in response to managersspecific needs.

Factors driving the needs for EIS:

External Factors:

Increased Competition

Rapidly changing environment

Need to be more proactive

Need to access external databases

Increasing government regulations

Internal Factors:

Need for timely information

Need for improved communication

Need for access to operational data

Need for rapid status updates on different issues

Need for increased effectiveness

Need to be able to identify historical trends

Need to access corporate databases

Need for more accurate information

EIS:

An EIS is a computer based system that servesthe information needs of top executives. It provides timely information and direct access

to management reports. EIS is very userfriendly, is supported by graphics, and

provides exception reporting and drill downcapabilities. It is also connected with onlineinformation services and electronic mail.

ESS:

An ESS is a comprehensive support systemthat goes beyond EIS to include analysissupport, communications, office automation

and intelligence.

Capabilities and Characteristics of ESS:

EIS vary in their capabilities and benefits. Thefollowing capabilities are common to most EIS.

Drill Down:

The capability called drill down providesdetails of any given information. In certaincases, this drill down process may continue

through several layers of detail s. To providethis capability, the EIS may include several

thousand menus and submenus. Drill downcan also be achieved by direct query of the

database, and by using a browser. Systemsthat use intelligent agents to conduct drilldown and bring results to user are underdevelopment.

Critical Success Factor:

The factors that must be considered inattaining the organizational goals are calledcritical success factors. Such factors can be

strategic, managerial, or operational successfactors and they are mainly defined from threesources: organizational factors, industryfactors. They can exist at the corporate level,as well as the division, plant and department level. Sometimes it is even necessary to

consider the CSF of individual employees.

Critical success factors, once identified can bemonitored, measured and compared tostandards.



CSF KPI

Profitability Profitability measures of eachdepartment, products, region

etc

Financial Financial ratios, Balancesheet Analysis, Cash reserve

position, Rate of return oninvestment.

Marketing Market share, Advertisement Analysis, Product Pricing,Sales Result, Customer sales

potential.

HumanResources

Turnover rates, Skill Analysis, Absenteeism Rate etc.

Planning Corporate Partnership,Ventures, Growth/Share Analysis

Economic

Analysis

Market trends, Foreign

Exchange Values, Industrytrends, Labour cost trends.

ConsumerTrend

Customer confidence level,purchasing habits,

demographical data.

Status Access:

In the status access mode, the latest data orreports on the status of key indicators or other

factors can be accessed at any time.

Trend Analysis:

In analyzing data, it is extremely important toidentify trends. The executive likes to examinetrends, especially when changes in data aredetected. Trend analysis can be done using

forecasting models which are included inmany ESSs.

Ad Hoc Analysis:

Executive support systems provide ad hocanalysis capabilities instead of merelyproviding access to data analysis. Executivescan thus use the ESS to do creative analys is ontheir own. They may even select theprogramming tools to be used, the outputs,

and the desired presentation of the

information.

Exception Reporting:

Exception reporting is based on the concept of management by exception, in which an

executive should give attention to significant deviation from standards. Here an executivesattention will be directed only to cases of very

good and very bad performance. Thisapproach saves considerable time for bothproducers and readers of reports.

EIS Types & Issues:

In recent years, the EIS has been enhancedwith relation and multidimensional analysisand presentation, friendly data access, userfriendly graphical interface, imaging

capabilities, hypertext, internet access, emails,intranet access and modeling. These arehelpful for any executive. We can distinguishbetween two types of EIS

One designed especially to support the top

executives.

The other intend to serve a wider communityof users.

Transaction Processing System:

In every organization there are majorbusiness processes that provides the missioncritical activities. Business transactions occurs

when a company produces a product orprovides a service. An Information System that

supports transaction processing is called theTransaction Processing System.

Why TPS?

Large amounts of data can be processed.

The sources of data are mainly internal andthe output is intended mainly for internalaudience.

This characteristic is changing since tradingpartners may contribute data and be

permitted to use TPS output directly.



The TPS provides information on a regularbasis.

Large storage (database) capacity is required.

High processing speed is needed due to highvolume.

TPS basically monitors and collects past data.

Input and Output are structured.

Since the processed data are fairly stable, theyare formatted in a standard fashion.

High level of detail is usually observed,especially in input data often in output as well.

Low computation complexity (simplemathematical/statistical) is usually evident in

TPS.

A high level of accuracy, data integrity, andsecurity is needed.

Sensitive issues such as privacy of personaldata are strongly related in TPS.

High reliability is required.

TPS can be viewed as lifeblood of theorganization. Interruption in the flow of TPSdata can be fatal to the organization.

Inquiry Processing is a must.

TPS enables users to query files and databases(even online and real time)

Characteristics:

TPS is the backbone of the organizationsinformation system.

TPS

Monitors

Collects

Stores

Processes

Disseminates information for all routine corebusiness transactions.

An organization may have one integrated TPSor several, one for each specific businessprocesses.

Objectives:

To provide all information needed by lawand/or organizational policies to keep the

business running and efficiently. The keyobjectives of a traditional TPS are as under:

To allow effective operation of organization

To provide timely documents and reports

To increase the competitive advantage of thecorporation.

To provide the necessary data for tactical andstrategic systems.

To assure accuracy and integrity of data

To safeguard assets and security of information.

Activities:

Regardless of the specific data processed by aTPS, a fairly standard process occurs, whetherin a manufacturer, in a service firm, or in a

govt. organization. First data is collected bypeople or sensors and entered into the

computer via any input device. Generallyspeaking organizations try to automate theTPS data entry as much as possible because of large volume. Next the system processes data

in one of the two basic ways.

Batch Processing

In batch processing the firm collectstransaction as they occur, placing them into

groups or batches. The system then preparesand processes the batches periodically.

Online Processing

In online processing, data are processed assoon as a transaction occurs.

For example:



When an item such as a toy is sold in a store,the POS terminal immediately notifies theinventory system.

The sale of toy causes other files to be u pdatedin real time

Tactical Tasks:

Transaction processing exists in all functional

areas. However it has major impact inaccounting and finance areas. The major

components of a TPS and its processes are thefollowing.

Order Processing

The Ledger

Accounts Payable and Receivable

Receiving & Shipping

Inventory on Hand

Fixed Asset Management

Payroll

Personal Files & Skills Inventory

Government Reports

Periodic Reports & Statements.

Unit 12: Strategic Information System and

Reorganisation:

IT Planning:

Improving the planning processes forinformation systems has long been one of the

top concerns of ISD management. The societyfor Information Management found this to bethe number one issue in surveys of senior ISexecutives. It planning still represents a

challenging issue for IS executives. Basicinformation systems planning address the

following four general issues.

Aligning the IT plan with the organizationalbusiness plan

Designing IT architecture for theorganizations in such a way that users,applications, and databases can be integratedand networked together.

Efficiently allocating information systemsdevelopment and operational resourcesamong competing applications.

Planning information systems projects so that they are completed on time and within budg et

and include the specified functionalities.

A Four Stage Model of IT Planning:

Several models were developed to facilitate IT

planning. Of special interest is Wetherbes fourstage model of planning, which is based on

observation of planning efforts, promotionalliterature, and analysis of various

methodologies used in planning processes.The model consists of four major activities:strategic planning, requirements analysis,resource allocation and project planning.These activities correspond to the four generalissues of IT planning.

Strategic IT Planning:

The first stage of the IT planning modelincludes several some what different types of

activities. On the one hand it refers toidentifying a set of new applications a

portfolio through which an organization willconduct its business. These applications make

it possible for organizations to implement its

business strategies in a competitiveenvironment. On the other hand, SIP can alsorefer to the process of searching for strategic

information systems applications that enablean organization to develop a competitive

advantage rather than just maintaining itsposition.

In either case, SIP must be aligned with overallorganizational planning. To accomplish this

alignment, the organizational must do thefollowing.

Set the IT mission.

Access the environment.

Access existing system availabilities andcapabilities

Set IT objectives, strategies and policies

Access the potential impacts on IT.



The output of the process should include thefollowing:

A new or revised IT charter and assessment of the state of the ISD:

An accurate evaluation of the strategicaspirations and directions of the organization;

And a statement of the objective, strategiesand policies for the IT effort.

To carry out the above tasks there exist several methodologies; the major ones are

Business System Planning

Nolans Stages of IT Growth model

Ends/Means Analysis

Critical Success Factors.

Information Requirements Analysis:

The goal of the second stage of the model, theinformation requirements analysis, is toensure that the various information systems,databases, and networks can be integrated tosupport decision making and operations.

There are several alternative approaches forconducting the requirements analysis.

Step 1: Define Underlying OrganizationalSubsystems: The first step of requirement

analysis is to identify the underlyingorganizational processes, such as otherfulfillment or product analysis.

Step 2: Develop Subsystem Matrix: Once theunderlying organization proce sses are

identified, the next phase of requirementsanalysis exercise is to relate specific managers

to organizational processes. The matrix isdeveloped by reviewing the major decisionresponsibilities of each middle to topmanager and relating them to specificprocesses.

Step 3: Define and Evaluate InformationRequirements for Organizational Subsystem:In this phase of the requirements analysis

managers with major decision makingresponsibility for each process are

interviewed in groups by informationrequirements of each organizational process.

Step 4: Defining Major Information Categoriesand Map Interviews into Them: The process of defining information categories is similar to

how data items for individual informationsystem are factored into entities and

attributes.

Step 5: Developing Information/SubsystemsMatrix: Mapping information categoriesagainst organizational subsystems creates aninformation categories by organizationalprocess matrix. Information categories can beaccounts receivable, customers demographicsor product warranties. In each cell of the

matrix an importance value is inserted.

Resource Allocation:

The third stage of the model for informationplanning consists of developing hardware,software, data communication, facilities,personnel, and financial plans needed toexecute the master development plan as

defined in the requirement analysis.

Resource allocation is a contentious process inmost organizations because opportunities andrequests for spending far exceed the available

funds. This can lead to intense, highly politicalcompetition between organizational units.

Funding requests from the ISD fall into twocategories.

Some projects and infrastructure arenecessary for organization to stay in business.

On the other hand the IT planning processidentifies an information architecture that

usually requires additional funding for lesscritical items: new projects, maintenance orupgrades of existing system, an infrastructureto support these systems and future needs.



After setting aside funds for the abovecategory, the organization can use theremainder of the IT budget for projects related

mainly to the improved informationarchitecture developed by using information

requirement analysis.

Project Planning:

The fourth and final stage of our model for

information system planning, project planning, provides an over all framework within which specific applications can be

planned, scheduled, and controlled.

Guidelines for IT Planning:

To determine how much IT planning isneeded, an organization should assess theextent to which each stage of IT planning hasbeen accomplished. It can implement thisassessment through a series of questionsrelated to major activities and outputs in eachof the stages of the four stage planning model. After determining the IT planning needs at each stage, it can select appropriate

methodologies.

Strategic Planning: In assessing the strategicplanning stage, organizations need to answer

questions such as:

Is an IT mission clearly expressed in an ITcharter?

Is there a compressive assessment of the

environment? Are the IT capabilitiesadequately assessed? Have new opportunities

been identified? Is the current businessenvironment understood? Is the current

application portfolio defined anddocumented? Is the ISD image healthy?

Is there a clear definition of organizationalobjectives and strategies? Has the strategicorganizational plan been reviewed? Havestrategic applications been identified to

improve strategic advantage?

Are IT policies, objectives, and strategiesdefined? Is the ISD structure appropriate foroverall organization? Is the IS technologyfocus appropriate to the technology focus of the organization? Are the objectives forallocating IT resources appropriate? Are the IS

management process ap propriate? Are the

functional capability objectives appropriate?

Requirement Analysis: To conduct anassessment of the requirement analysis stage,

an organization should answer the followingquestions.

Is there an adequate assessment of theorganizational information requirements? Is

the overall information architectureidentified? Is there a good understanding of

current information needs of theorganization? Is there a good understanding of

projected information needs of theorganization? Are the major databases andtheir relationships defined?

Is there a master IT development plan? Are ITprojects well defined? Are projects ranked bypriority? Is there a multi year development schedule?

Resource Allocation: To assess the resourceallocation stage, an organization should

answer the following questions:

Does the organization have resourcerequirement plan? Are trends identified? Isthere a hardware and software plan? Is there a

data management plan? Is there a data

communication plan? Is there a personnelplan? Is there a facilities plan? Is there afinancial plan?

Does the organization have an adequateprocedure for resource allocation?

Project Planning: To have a complete review of IT planning processes, an organization should

answer the following questions in regard toproject planning:

Is there a procedure for evaluating projects interms of difficulty or risk?

Are projects tasks usually identifiedadequately?

Are project cost estimates generally accurate?

Are project time estimates generally accurate?

Are checkpoints defined to monitor progressof projects?



Are projects generally completed on schedule?

If an organization does not get satisfactoryanswers to the project planning questions, it

should review the project planningtechniques.

Problems with IT Planning:

IT planning can be an expensive and time

consuming process. A study of five large scaleplanning projects found that these projects

involved 10 or more employees, on half -timeand full-time basis, for periods lasting from 10

weeks to a year. The estimated costs of theprojects ranged from $450,000 to $1.9 million.

A survey of 80 firms with formal IT planningprojects found that 53% were dissatisfied withtheir experiences.

Managerial Issues:

Importance: Getting IT ready for future that is, planning is one of the most challengingand difficult tasks facing all the management,including the IS management. Each of the four

steps of IT strategic planning process settingthe mission, assessing the environment,

including the organizational goals a ndobjectives, and finally setting the IS objectives

strategies and policies presents its own

unique problems. Yet, without planning, orwith poor planning, the organization may bedoomed.

Organising for Planning: Many issues like what should be the role of the ISD? How should it be

organized? Staffed? Funded? How shouldhuman resource issues, such as training,

benefits, and career path for IS personnel behandled? What about the environment? Thecompetition? The economy? Government regulations? Emerging technologies? What is

the strategic direction of the host organization? What are its key objectives?

Finally with these strategies and objectivesand the larger environment, what strategies

and objectives should IS pursue?

Fitting the IT Architecture: Management of anorganization may become concerned that theirIT architecture is not suited to the needs of the

organization. In such a case there has likely

been a failure on the part of the IT techniciansto determine properly the requirements of the

organization. Perhaps there has also been afailure on the part of the management to

understand the type and manner of ITarchitecture that they have allowed to developor that they need.

IT Architecture Planning: IT specialists versed

in the technology of IT mu st meet withbusiness users and jointly determine the

present and future needs for IT architecture.Plans should be written and published as part

of the organizational strategies. Plan shouldalso deal with training, career implications,and other secondary infrastructure issues.

IT Policy: IT architecture should be based oncorporate guidelines or principles laid out inpolicies. These policies should include the

roles and responsibilities of IT professionalsand users, security issues, cost benefit analysisfor evaluating IT, and IT architectural goals.

Policies should be communicated to allpersonnel who are managing or directly

affected by IT.

Ethical & Legal Issues: Conducting interviewsfor finding managers needs and requirementsmust be done with full cooperation. Measuresmust be taken to protect privacy.

IT Strategy: In planning IT, it is necessary toexamine three basic strategies:

Be a Leader in technology: The advantages of being a leader are the ability to attract customers, to provide unique services and

products and to be a cost leader. Howeverthere are high development costs of newtechnologies and high probability of failures.

Be a Follower: This is a risky strategy of beingleft behind. However, you do not risk failures,

and you implement ne w technologies at afraction of the cost.

Be an Experimenter: This way you minimizeyour research and development investment and the cost of failure. Yet, if new technologiesprove to be successful you can move fairly fast for full implementation .



Unit 13: Information System Development:

Developing IS Solutions:

Developing successful information systems solutions to business problems is a major challenge forbusiness managers and professionals today. Most computer based information systems areconceived, designed, and implemented using some form of systematic development process. Using

the systems approach to develop information system solutions can be viewed as a multi stepprocess called the information systems development cycle, also known as the system development life cycle (SDLC). What goes on in each stage of this process, which includes the steps of

Project Initiation: Somebody needs to start the project. Usually it is a manager outside the ISorganization who has a problem or sees an opportunity related to the area where he are she works. A formal planning process also may identify new systems that can help the organization meet itsobjectives. Sometimes the IS group initiates the projects that will improve its own opera tions ordeal with common problems among the user areas.

System Analysis : Once the project is initiated, the system analysis phase begins. System analysis

refers to the investigation of existing situation. Some of the major activities include isolating th esymptoms of the problem and determining its cause. Other activities are the identification of business process and their interrelations and the flow of information related to these process.

System analysis aims at providing a through understanding of the existing organization, itsoperation, and the situation relevant to the system.

System Analysis:

System analysis refers to the investigation of the existing situation.

It is a process that may take weeks, or months involving many activities.

It aims at providing a thorough understanding of existing organisations and its operations.

Project Initiation

System Analysis &

Feasibility Study

Logical Analysis &

Design

Accusation or

Development

Implementation

Operation

Post Audit

Maintenance

Go Back to the Previous Stage or Stop



System Analysis Activities

Isolating the symptoms of the problem

Determining the cause

Identification of business process and their interrelations.

Flow of Information related to these processes

System Analysis deals with

People

Procedures involved

The existing information system technology

The environment surrounding the problem

System Analysis Methods

Observation

Review of Documents

Interviews

Performance Measurements

Feasibility Studies: To determine the probability of success of a proposed solution. May beconducted several times throughout SDLC. To test whether the solution is achievable with givenorganisational resources and constraints.

Technological Feasibility:

Are the performance requirements achievable utilizing current information technology?

If not, are they attainable through capabilities that will be available by the time the project finishes?

Will newer technologies supersede in the proposed project before the org anisation recovers its

investment?

Economical Feasibility

Are the expected benefits greater than the costs?

Can the organisation afford the costs in terms of spending and personal requirements?

Are the risks including the possibility of cost and schedule o verruns, acceptable for an investment of this size.

Organisational Factors

Is the proposed system reasonably compactable with organisational culture, internal political

considerations, and work rules.

Are the skill levels to use the new system consistent w ith employees who will operate it.

Legal Ethical & Other Constraints



Is the new or automated process ethical to employees and customers?

Does it meets all regulatory requirements?

Are any of the constraints in danger of being violated?

Logical Analysis & Design:

The emphasis is on

Identification of information requirements

Specification of generic IS functions, such as input, output and storage.

Not on program writing or identifying hardware.

Logical Designing Tools

Data Flow Diagram

Entity Relationship Diagram

Flow Charts

Hierarchy Inputs Process Outputs Charts

Organisational Charts

Physical Design

Translation of abstract logical model into the specific technical design for the new systems.

Emphasis is on

User requirements of the system

Computing requirements to features of available software

Less time on designing systems.

Configuration requirements for commercial packages

Acquisition or Development

Using the specifications proposed in Logical Design hardware and software are purchased.

Configuration of the same as per the system requirements.

Programmers write code for parts of the system where commercial sources are not appropriate.

Technical writers develop documentation and training materials.

Testing is done by IS personnel and some users for bugging a nd comparing system performance.

Implementation:

Implementing a new system requires conversion from a previous system

Approaches:

Parallel Conversion:



Old and New system operate concurrently

Safest approach

The most expensive

Direct Cutover:

The Old system is turned off, and new system is turned on

Fastest and least expensive

Risk factor is the maximum

Pilot Conversion:

The new system is implemented in a subset of locations.

Is like a direct cutover for pilot locations

But for the whole organisation, it is like parallel conversion

Both risks and costs are relatively low.

Phased Conversion:

Large systems often are built from distinct modules. If the modules were originally designed to berelatively independent, it may possible to replace the modules one at a time.

Relatively safer

Takes longer & requires more testing

Operation:

After successful conversion, the system will operate for an indefinite period of time, until

The system is no longer adequate

Necessary

Cost effective

Post Audit Evaluation

Maintenance:

Unit 14: Security & Ethical Issues:

Information systems are made up of many components that may be in several locations. Thus, eachinformation system is vulnerable to many potential hazards. The vulnerability of informationsystem is increasing as we move to a world of networked computing. Theoretically, there arehundreds of points in a corporate information system that can be subject some threat. These threats

can be classified as unintentional or intentional.

Unintentional Threats:



These are divided into three major categories human errors, environmental hazards andcomputer system failures

Human Error: Errors can occur in the design of the hardware and/or information systems. They canalso occur in the programming, testing, data collection, data entry, authorization, and instructions.Human errors contribute to the vast majority control and security related problems in many

organizations.

Environmental Hazards: This includes earthquakes, hurricanes, severe snow, sand storms, floods,tornadoes, power failures or strong fluctuations, fires, defective air conditioning, explosives, radio

active fallout and water cooling system failures.

Computer System Failures: This can be result of poor manufacturing of defective materials.Unintentional malfunction can happen for other reasons ranging from lack of experience to

incompatibility of software.

Intentional Threats:

Computer system may be damaged as a result of intentional actions. Here are some examples.

Theft of Data

Inappropriate use of data

Theft of mainframe computer crime

Theft of equipment and/or programs

Deliberate manipulation in handling, entering, processing, transferring or programming data.

Labor strikes, riots or sabotage.

Malicious damage to computer resources

Destruction from viruses and similar attacks.

Miscellaneous computer abuses and crimes.

Computer Crimes:

According to CSI 64% of all corporations experienced computer crimes in 1997. The number,magnitude and diversity of computer crimes and abuse are increasing rapidly. Lately incre ased

fraud related to the Internet and electronic commerce is in evidence.

Types of Computer Crimes

In many ways, computer crimes resemble conventional crimes. They can occur in four ways.

First, the computer can be target of the crime. For e.g. a compute r may be stolen or destroyed orvirus may destroy data.

Second, the computer can be the medium of the attack by creating an environment in which a crimeor fraud can occur. For e.g. false data are entered into computer system to mislead individuals.

Third, the computer can be the tool by which a crime is perpetrated.



Forth, the computer can be used to intimidate or deceive. For instance, a stock broker stole $50million by convincing his clients that he had a computer program with which he could increase th eirreturn on investment by 60% per month.

Security Challenges:

Knowing about major potential threats to information systems is important, but understandingways to defend against these threats is equally critical. Defending information systems is not a

simple or inexpensive task for the following reasons.

Hundreds of potential threats exist

Computing resources may be situated in many locations.

Many individuals control information assets.

Computer networks can be outside the organization and difficult to protect

Rapid technological changes make some controls obsolete as soon as they are installed.

Many computer crimes are undetected for a long period of time so it is difficult to learn fromexperiences.

People tend to violate security procedures because th e procedures are inconvenient.

Many computer criminals that are caught go unpunished, so there is no deterrent effect.

The amount of computer knowledge necessary to commit computer crime is minimal and one canlearn hacking for free in the internet.

The cost of preventing hazards can be very high. Therefore most organizations simply cannot affordto protect against most possible hazards.

It is difficult to conduct a cost benefit justification for controls since it is difficult to assess the value

of hypothetical attacks.

Protecting Information Systems:

Protection of IT is accomplished by inserting controls defense mechanisms intended to prevent accidental hazards, deter intentional acts, detect problems as early as possible, and enhance

damage recovery a nd correct problems.

Controls can be integrated into hardware and software during the software development phase.They can also be implemented once the system is in operation or during its maintenance. Theimportant point is that defense should stress prevention; it does no good after the crime. Since there

are many threats, there are many defense mechanisms.

Defense Strategies:

The selection of a specific strategy depends on the objectives of the defense and on the perceivedcost benefit.

Controls for Prevention: Properly designed controls may prevent errors from occurring, detercriminals from attacking the system, and better yet, deny access to understand people.



Detection: It may not be economically feasible to prevent all hazards and deterring measure s maynot work. Therefore, unprotected systems are vulnerable to attacks. Like a fire the earlier it isdetected the better it is to combat.

Limitation: This means to minimize losses once a malfunction has occurred. This can beaccomplished by including a fault tolerant system that permits operations in a degraded mode until

full recovery is made.

Recovery: A recovery plan explains how to fix damaged information systems as quickly as possible.Replacing rather than repairing components is one route to fast recovery.

Correction: Correcting damaged systems can prevent the problem from occurring again.

Information System Controls:

They can be divided into two major categories general system controls and application controls.

General Controls:

These are used to protect the systems regardless of specific applications. The major categories of general controls are physical controls, access controls, data security controls, communicationcontrols and administrative controls.

Physical Controls: Appropriate physical security may include several controls such as the following:

Appropriate design of data center.

Shielding against electromagnetic fields.

Good fire prevention, detection and extinguishing system, including sprinkler system, water pumps,and adequate drainage facilities. A better solution is fire-enveloping system.

Emergency power shutoff and backup batteries, which must be maintained in operational condition.

Properly designed, maintained and operated air conditioning system.

Motion detector alarms to detect physical intrusion.

Access control

Access control is the restriction of unauthorized user access to a portion of a computer system or tothe entire system. To gain access, a user must be authorized. Then when the user attempts to gain

access he or she m ust be authenticated. Access procedures match every valid user with a uniqueuser identifier. They also provide an authentication method to verify that users requesting access tothe computer system really who they claim to be. User identification can be a ccomplished when thefollowing identifies each user.

Something only the user knows such as a password

Something only the user has such as a smartcard

Something only the user is such as signature, voice, fingerprint, or retinal scan, iris scan, DNA codeimplemented via biometric control

Data Security Controls:

Data security is concerned with protecting data from the accidental disclosure to unauthorizedpersons or from unauthorized modification or destruction. Data security functions are implementedthrough operating systems, security access control programs, database or data communication



products recommended backup/recovery procedures, application programs and external control

procedures. Data security must address the issues like confidentiality of data, a ccess control, andcritical nature of data and integrity of data.

Communication/Network Controls:

Network is becoming extremely important as the use of internet/intranet and ecommerce increases.

Encryption: Encryption encodes regular digitized text into un readable scrambled text or numbers tobe decoded upon receipt. Encryption accomplishes three purposes. 1. Identification: (helps identify

legitimate senders and receivers) 2. Control: (prevents changing a transaction or message) and 3.Privacy (impedes eavesdropping).

A widely accepted encryption algorithm is Data Encryption Standard (DES), produced by the USNational Bureau of Standards. Many software products are available for encryption. Traffic padding

can further enhance encryption. Here a computer gen erates random data that are intermingled withreal data making it virtually impossible for an intruder to identify true data.

To ensure secure transactions of the internet, Revising and VISA developed encrypted digitalcertification systems for credit cards that allows customers to make purchases on the internet.Credit card holders create a digital version of their credit card, Revising confirms validity of thebuyers credit card, and then it issues a certificate to that effect even the merchants do not see the

credit card number.

Firewalls:

A firewall is a system or a group of systems that enforces an access control policy between twonetworks. It is commonly used as a barrier between the secure corporate intranet or other internalnetworks and the internet which is assumed to be unsecured.

Firewalls are used to implement control access policies. The firewalls follows strict guidelines that either permits or blocks traffic, therefore, a successful firewall is designed with clear and specific

rules about what can pass through. Several firewalls may exist in one information system.

Administrative Controls:

Administrative controls deal with issuing guidelines and monitoring compliance with theguidelines. Representative examples of such controls include the following:

Appropriately selecting, training and supervising people

Fostering company loyalty

Immediately revoking access privileges of dismissed, resigned or transferred employees.

Requiring periodic modification of access controls

Developing programming and documentation standards

Instituting separation of duties

Holding periodic & random audits of the system.