Professional Documents
Culture Documents
Unit I
Foundations of Information Systems: A framework for business users - Roles of Information
systems - System concepts - Organisation as a system - Components of Information Systems - IS
Activities - Types of IS
Unit II
IS for operations and decision making: Marketing IS, Manufacturing IS, Human Resource IS,
Accounting IS and Financial IS - Transaction Processing Systems- Information Reporting
System - Information for Strategic Advantage.
Unit III
DSS and AI: DSS models and software: The decision making process - Structured, Semi
Structured and Unstrcutured problems; What if analy
sis, Sensitivity analysis, Goal-seeking Analysis and Optimizing Analysis. Oberview of AI,
Neural Networks, Fuzzy Logic Systems,
Genetic Algorithms - Expert Systems.
Unit IV
Managing Information Technology: Managing Information Resources and technologies - IS
architecture and management - Centralised, Decentralised and Distributed - EDI, Supply chain
management & Global Information technology Management.
Unit V
Security and Ethical Challenges: IS controls - facility control and procedural control - Risks to
online operations - Denial of service, spoofing - Ethics for IS professional - Societical challenges
of Information technology.
References
1. James A O'Brien, "Management Information Systems", Tata McGraw Hill, Fourth
Edition,1999.
2. Effy Oz, "Management Information Systems", Vikas Publishing House, Third Edition, 2002.
3. Kenneth C Laudon and Jane P Laudon, “Management Information System”, 9th Edition, PHI,
New Delhi, 2006.
4. Waman S Jawadekar , "Management Information System Text and cases", Third Editions,
Tata McGraw-Hill ,2007.
5. R.Srinivasan, “Strategic Management”, IInd edition, Prentice Hall of India, New Delhi.
6. M.Senthil, “Management Information System”, 2003
.
Unit I
Management
Management for purpose MIS consist of the activities carried out by manager. The planning,
organizing and controlling, staffing, analyzing, co-ordination, directing, motivating, decision
making all are major activities of the business.
Information
Information consist classifying, analyzing, recording to the perfect management process. The
information classified buy customer and location cumulative sale distribution amount customers
and used by management for purpose of information.
System
A system is a set off two or more elements such a people thinking and concepts and aim and
achievement goals in common objecting of system. A system set off many
Meaning of MIS
Management information systems are the study of information system focusing on their use in
business and management. Davis and Olson in 1985 have mentioned that the study of MIS arose
in the 1970s to focus on computer based information systems aimed at managers.
1. Management
2. Information
3. Systems
MANAGEMENT
INFORMATION
MIS
SYSTEMS
1) Hardware
2) Software
Management information systems are distinct from other information systems, in that they are
used to analyze and facilitate strategic and operational activities.[2]
Academically, the term is commonly used to refer to the study of how individuals, groups, and
organizations evaluate, design, implement, manage, and utilize systems to generate information
to improve efficiency and effectiveness of decision making, including systems termed decision
support systems, expert systems, and executive information systems.
DEFINITION OF MIS
A Management information system is used to transform data into useful information as needed to
support managerial decision making with structured decisions (formally called programmed
decisions) which are those that are based on predictable patterns of activity. The typical MIS is
based on four major components (McLeod, 1986)
(I) Data gathering:
Data pertinent to the operations of the organization are gathered from both external and internal
sources.
The above data is inputted and stored in databases as the information processing core of the
system.
Data is transformed into useful information through the application of computer software
programs and judgments made by technical support staff and other system users.
This useful information is retrieved as needed by the management and technical personnel and
applied to a wide variety of decisions related to the conduct of organizational operations
I. Management-oriented:
The basic objective of MIS is to provide information support to the management in the
organization for decision making. So an effective MIS should start its journey from appraisal of
management needs, mission and goal of the business organization. It may be individual or
collective goals of an organization. The MIS is such that it serves all the levels of management in
an organization i.e. top, middle and lower level.
III. Integrated:
It means a comprehensive or complete view of all the sub systems in the organization of a
company. Development of information must be integrated so that all the operational and
functional information sub systems should be worked together as a single entity. This integration
is necessary because it leads to retrieval of more meaningful and useful information.
V. Heavy planning-element:
The preparation of MIS is not a one or two day exercise. It usually takes 3 to 5 years and
sometimes a much longer period. So the system expert has to keep 2 things in mind – one is that
he has to keep future objectives as well as the firm’s information well in advance and also he has
to keep in mind that his MIS will not be obsolete before it gets into action.
When a problem is seen in 2 sub parts, then the better solution to the problem is possible.
Although MIS is viewed as a single entity but for its effective use, it should be broken down in
small parts or subsystems so that more attention and insight is paid to each sub system. Priorities
will be set and phase of implementation be made easy. While making or breaking down the
whole MIS into subsystems, it should be kept in mind that the subsystems should be easily
manageable.
This is the basic feature of MIS to achieve the objective of using MIS in business organizations.
It avoids duplication of files and storage which leads to reduction in costs. Common database
means a “Super file or Master file” which consolidates and integrates data records formerly
stored in many separate data files. The organization of the database allows it to be accessed by
each subsystem and thus, eliminates the necessity of duplication in data storage, updating,
deletion and protection.
VIII. Computerized:
MIS can be used without a computer. But the use of computers increases the effectiveness and
the efficiency of the system. The queries can be handled more quickly and efficiently with the
computerized MIS. The other benefits are accuracy, storage capacity and timely information.
IX. Userfriendly/Flexibility
An MIS should be flexible i.e. there should be room for further modification because the MIS
takes much time in preparation and our environment is dynamic in nature.MIS should be such
that it should be used independently by the end user so that they do not depend on the experts.
X. Information as a resource
Information is the major ingredient of any MIS. So, an MIS should be treated as a resource and
managed properly
1. Database
“SUPERFILE”
Subdivided into the major information sub-sets
Improves accessibility and reduces redundancy
Its important characteristics of
Each sub system utilizes same data i.e. common data source
User-oriented
Capable of meeting the information requirements in future as well. It requires MIS evaluation
appropriate timely action. Evaluation should consider
The data collection module aims at collecting and capturing the input data from the data sources.
The data collected through this module is used by other modules of MIS to provide the required
outputs. The size and structure of this module largely depends on the nature and type of data, the
transaction volumes and method of data collection.
The data storage module aims at proper storage of the data collected by the data collection
module in order to make it available for data processing activity which is governed by the data
processing module. The data storage activities often involve magnetic storage of data on
computers.
The data processing module aims at converting data into information. The design and structure
of the data processing module would depend on several factors such as information
requirements, transaction volumes, complexity of computations, processing speed requirements
and so on.
The information reporting module uses the output of the data processing module. Using these
inputs, the information reporting module generates actionable information. The stress of this
module is to present the information in a form that is convenient for the end users of information.
Decision support module:
The decision support module of MIS aims at providing the information that facilitates the
decision making activity.The scope of the decision support module is restricted to providing the
information support for the decision making activity. The decision making is considered to be
outside the scope of the decision making activity. The decision making is often considered as a
human activity which is external to the decision support module.
Control support module aims at providing information support for the control activities in
business organization. The activities of planning set a goal against which the actual performance
is compared through the control function. This activity is often expressed in terms of feedback
control mechanism.
The modeling and simulation in business organizations are seen through a variety of applications
including forecasting, payoff matrices, projections, cause effect charts etc.
Most of the data source for MIS is the organization’s various transaction processing
systems that capture and store data from ongoing business transactions.
Data may also come from various functional areas (accounting, finance, sales, etc.) of an
organization.
External sources of data may include customers, suppliers, competitors, stockholders, and
so on.
OUTPUTS OF AN MIS
The output of most management information systems is a collection of reports that are
distributed to managers. These include scheduled reports, key-indicator reports, demand
reports, exception reports, and drill-down reports.
COMPONENTS OF MIS
Input:
The total process of system is the net contribution of much individual process in the MIS design.
The MIS activities convent able to input output.
Output
Management information system one of the five major computer based information system. It
purpose is to need the general information need of the entire manager in the firm or organization
subunit of the firm. Subunit can be based on functional area or management levels.
Market:
Many companies are in process of the market and global market system global market for either
product and service, using global production facility to manufacture or assemble product, using
money in global capital market, global partners global market alliance, global competitor for
customers from allover the market like
Global market
Money market
Share dealing
Service market
Fund market
Allian market
Technologies:
Business opportunities
Functional management
Resources management
Technology management
Distributor management
Function
Organization structure and managerial technology business units can manage information
technology and information system
Resources
• Data
• Hardware
• Software resources
• Telecommunication network
• Personal management
• Business ethic
Technology management
All technology that process, store and communicator data and information throughout the
enterprise should be managed as integrate system of organizational resource.
Distributor management:
Managing the use of information technology and information system resource in business unit
work groups is a key reasonability of their manager.
Business processes
Boundaries:
Boundaries means identified certain limited factor which the process and interrelationship terms
of boundaries easily identify the bank process and system which components activities of
withdraw deposit, mark age, trust activities
SUBSYSTEM OF AN MIS
MIS mean structure of an information system can classified terms of management planning and
control
• Planning
• Management control planning
• Operational control
• Management pricing planning
• Information system for operational control
Operational control is process of ensuring that operational activities are carried out effective and
management process. A large percentage of the decision or programs, resulting activities, short-
term procedure, management transactions and operational system must be able to response to
both individual transactions
• Report processing
• Enquiry processing
• Transaction processing
Transaction processing:
The transaction processing system to examine the balance of all programming activities and
replacement order should be all product qualities and quantities quantity algorithm and action of
document is produced specific order and human receipt
Management control information is require by manager of department profit center etc., The
performance of whole management decision making control action, formulate new decision,
personal management, allocate resources and summary of
Planning performance
1. Planning and budget modules to assist manager in finding problem in directions and
preparing revising plans and budgets
2. Various report programs to process scheduled report showing performance and variance
from plan of performance or other standard competitor’s performance
3. Decision models to analysis a problem situation and provides possible solution for
management evaluation. The output from the management control information system,
plan and budget, scheduled report special reports, analysis of problem situation decision
reviews enquires responds etc.
4. MIS organization programs standard classification of function, manufacturing
organization include product, sales and marketing finance and accounting, personal
information system, top level management process consist separate function. An
organization may not actually be organized a long support of decision making and
functional lines general logical information system.
Management information system based on organizational function
The sales and marketing functions generally include all activities related to promotion and sales
of product or services. The transactions are sales order promotion order, operational control,
sales force, sales ratios, the sales volume religion product, customer product etc.,
Customer analysis
Competitor analysis
Strategic planning
Demographic projections
Production subsystem:
Logistics subsystem:
It encompasses such activities as purchasing, receiving inventory control and distribution. The
transactions result in documents describing employment requirements job descriptions training
specifications, personal data. Employee background, skill, experiences, pays rates, working
house, benefit of terminal notices
Personnel subsystem:
Finance and accounting are somewhat separate functions but are sufficiently related to be
described together. This function covers granting of credit to customers, collection processes,
cash management, and financing arrangements. Accounting covers the classification of financial
transactions and summarization into the standard financial reports. The strategic planning level
for accounting and finance involves a long-run strategy to ensure adequate financing, a long-
range accounting policy to minimize the impact of taxes and planning of systems for cost
accounting and budgeting.
Management control over information processing requires data on planned versus actual
utilization, equipment costs overall programmer performance and progress compared to schedule
for projects to develop and implement new applications. Examples are word processing
electronic mail, electronic filing and data and voice communications.
The top management function operates separately from the functional areas, but also includes the
financial president acting in a top management capacity such as in management comities. The
transactions processed by top management are primarily inquiries for information and support of
decisions.
The role of the MIS in an organization can be compared to the role of heart in the body. The
information is the blood and MIS is the heart. In the body the heart plays the role of supplying
pure blood to all the elements of the body including the brain. The heart work faster and supplies
more blood when needed. It regulates and controls the incoming impure blood, processed it and
sends it to the destination in the quantity needed. It fulfills the needs of blood supply to human
body in normal course and also in crisis.
The MIS plays exactly the same role in the organization. The system ensures that an appropriate
data is collected from the various sources, processed and send further to all the needy
destinations. The system is expected to fulfill the information needs of an individual, a group of
individuals, the management functionaries: the managers and top management.
i.The MIS satisfies the diverse needs through variety of systems such as query system,
analysis system, modeling system and decision support system.
ii. The MIS helps in strategic planning, management control, operational control and
transaction processing. The MIS helps in the clerical personal in the transaction processing and
answers the queries on the data pertaining to the transaction, the status of a particular record and
reference on a variety of documents.
iii. The MIS helps the junior management personnel by providing the operational data for
planning, scheduling and control , and helps them further in decision-making at the operation
level to correct an out of control situation.
iv. The MIS helps the middle management in short term planning, target setting and
controlling the business functions. It is supported by the use of the management tools of planning
and control.
v. The MIS helps the top level management in goal setting, strategic planning and
evolving the business plans and their implementation.
vi. The MIS plays the role of information generation, communication, problem
identification and helps in the process of decision-making. The MIS, therefore, plays a vital role
in the management, administration and operation of an organization.
Impact Of The Management Information System
MIS plays a very important role in the organization; it creates an impact on the organization’s
functions, performance and productivity.
The impact of MIS on the functions is in its management with a good MIS supports the
management of marketing, finance, production and personnel becomes more efficient. The
tracking and monitoring of the functional targets becomes easy.
The functional managers are informed about the progress, achievements and shortfalls in the
activity and the targets.The manager is kept alert by providing certain information indicating and
probable trends in the various aspects of business. This helps in forecasting and long-term
perspective planning. The manager’s attention is bought to a situation which is expected in
nature, inducing him to take an action or a decision in the matter.
Disciplined information reporting system creates structure database and a knowledge base for all
the people in the organization. The information is available in such a form that it can be used
straight away by blending and analysis, saving the manager’s valuable time.
The MIS creates another impact in the organization which relates to the understanding of the
business itself.
The MIS begins with the definition of data, entity and its attributes. It uses a dictionary of data,
entity and attributes, respectively, designed for information generation in the organization. Since
all the information systems use the dictionary, there is common understanding of terms and
terminology in the organization bringing clarity in the communication and a similar
understanding of an event in the organization.
The MIS calls for a systematization of the business operations for an effective system design.
This leads to streaming of the operations which complicates the system design. It improves the
administration of the business by bringing a discipline in its operations as everybody is required
to follow and use systems and procedures. This process brings a high degree of professionalism
in the business operations.
The goals and objectives of the MIS are the products of business goals and objectives. It helps
indirectly to pull the entire organization in one direction towards the corporate goals and
objectives by providing the relevant information to the organization.
A well designed system with a focus on the manager makes an impact on the managerial
efficiency. The fund of information motivates an enlightened manager to use a variety of tools of
the management. It helps him to resort to such exercises as experimentation and modeling. The
use of computers enables him to use the tools and techniques which are impossible to use
manually. The ready-made packages make this task simple. The impact is on the managerial
ability to perform. It improves decision-making ability considerably high.
Since, the MIS work on the basic system such as transaction processing and database, the
drudgery of the clerical work is transferred to the computerized system, relieving the human
mind for better work. It will be observed that lot of manpower is engaged in this activity in the
organization. Seventy (70) percent of the time is spent in recording, searching, processing and
communicating. This MIS has a direct impact on this overhead. It creates information –based
working culture in the organization.
IMPORTANCE OF MIS
It goes without saying that all managerial functions are performed through decision-making; for
taking rational decision, timely and reliable information is essential and is procured through a
logical and well structured method of information collecting, processing and disseminating to
decision makers. Such a method in the field of management is widely known as MIS. In today’s
world of ever increasing complexities of business as well as business organization, in order to
service and grow , must have a properly planned, analyzed, designed and maintained MIS so that
it provides timely, reliable and useful information to enable the management to take speedy and
rational decisions.
MIS has assumed all the more important role in today’s environment because a manager has to
take decisions under two main challenges:
First, because of the liberalization and globalization, in which organizations are required to
compete not locally but globally, a manager has to take quick decisions, otherwise his business
will be taken away by his competitors. This has further enhanced the necessity for such a system.
Second, in this information age wherein information is doubling up every two or three years, a
manager has to process a large voluminous data; failing which he may end up taking a strong
decision that may prove to be very costly to the company.
In such a situation managers must be equipped with some tools or a system, which can assist
them in their challenging role of decision-making. It is because of the above cited reasons, that
today MIS is considered to be of permanent importance, sometimes regarded as the name centre
of an organization. Such system assist decision makers in organizations by providing information
at various stages of decision making and thus greatly help the organizations to achieve their
predetermined goals and objectives. On the other hand, the MIS which is not adequately planned
for analyzed, designed, implemented or is poorly maintained may provide developed inaccurate,
irrelevant or obsolete information which may prove fatal for the organization. In other words,
organizations today just cannot survive and grow without properly planned, designed,
implemented and maintained MIS. It has been well understood that MIS enables even small
organizations to more than offset the economies of scale enjoyed by their bigger competitors and
thus helps in providing a competitive edge over other organizations.
Hardware
Software
Data base
Procedures
Operating personnel
Processing functions
Process transactions
Maintain master files
Produces reports
Process interactive support application
Outputs for users
Action oriented E.g. the exception reports and error reporting which initiates for corrective
measures and provides reference material for future reference
Pre-planned reports are a regular content like sales analysis, inventory report and budget
variance reports prepared at a given time.
Pre-planned enquires are like pay rate of an employee, balance due from a particular
customer.
Ad hoc reports and inquiry responses occur at irregular intervals and require analysis of data
whose format has not been preplanned.
Exception reports are reports produced only when exceptional conditions occur, or reports
produced periodically which contain information only about exceptional conditions.
User machine dialogue is a way in which a user can interest with a model to arrive at a
solution.
Setting strategic objectives that define the desirable corporate aims to be achieved.
Selecting the optimal tactical mechanisms through which the strategic objectives are
to be met.
Developing operational plans that ensure the best use of the organizational resources
within the desired time frame.
Structuring the management process that provides for the most effective decision
making and execution.
Developing the communications systems, including the formalized management
information that provide necessary support to the management process.
Defining the operational tasks and associated staffing requirements.
The nature of the corporate planning process is dynamic, governed by continuing changes in the
environment within which the corporate entity operates. An important support to corporate
planning therefore is monitoring the corporate environment. Such monitoring facilitates the
continuous updating of corporate plans in response to changes in the environment.
MIS planning initiates for general business planning general business planning initiates from the
following components:
The creation of an MIS for an organization needs a appropriate and specific MIS planning. The
aim of this project is to translate the business strategic, operational plans to MIS strategic,
operational plans.
The prompt messages, screen and menu designs ought to be designed for user case in operations
This depends upon the intent of the systems basic objectives for example; generation of payroll
may be one of the objectives. The generation of review on operations of an enterprise inventory
control and sales summary may be other objectives.
a. The number to above, the following decisions should also be taken carefully
b. The mode of data processing and data retrieval
c. The extent of the system to be computerized for efficient use
Budgets:
The demands of MIS and scope of the system mainly depend upon the allocation of resources for
the project
In bottom up budgeting :
The operational and middle management estimate the cost of the activities. These are finally
review and endorsed by the top management.
In zero based budgeting:
The base amount for each activity is ascertained on basis of similar project in the past. The
current cost of each activity is estimated as a factor adjustment to these base costs. The variations
in each allocation cost need to be justified.
Scheduling:
MIS design development and implementation. This control is imperative for evaluation of
integrated MIS by progressing on modular subsystem designs and Gantt charts are some of the
popular scheduling techniques.
The premise is that companies progress through six stages of growth each stage being
characterized by unique elements adopted over the years the stages analysis now provides a
frame work that works subrisingly well for most companies.
Stage1:
It begins with a company’s purchase of a computer system since most medium to large
companies already have computer system this stage is history as far as the majority are
concerned.
Stage2:
Most companies proceeded through this in the late facilities or early sixties when unbridled
technical excitement and management clarity permitted predetermination of computers and
applications, only some of which were directed at areas of real payroll
Stage3:
Usually begins with management awareness that the companies computer systems are out of
control that computer budgets are growing at a rate of 30 to 40 % a year and mere and that the
return on investment is in serious questions
Stage 4:
Initiates a retailing and a redesign of applications to the on-line responsible mode built around on
integrated data base. Thus this stage is called integration.
Stage 5:
The realization that an overall MIS blue print or road map must be put in place(is architecture) in
order to share company wide data and have intra and intercompany communication.
Stage6:
Called demassing, is placing control for MIS into the hands of line management with the overall
architecture and telecommunication network in place, managers have the flexibility to obtain the
data they need to operate to manage with information management
Manufacturing plants, warehouses and other worksites needed by the firm on the other hand
there is an increasing trend to word down sized and distributed network that allow top
management to delegate more decision making to middle managers management can also
decentralize operations by increasing the number of branch offices while still having access to
the information and communication capabilities they need to control the overall direction of the
organization.
The philosophy of top management the culture of the organization the need to reengineer its
operations and its use of aggressive or conservative competitive strategic all play major roles
with information technology in shopping the firms organizational structure and information
system architecture.
1.Support Strategic Advantage: operates on a strategic level, and an example of this is when
the head office uses systems to look at sales trends across stores to identify ways to gain
competitive advantage over other retailers.
3.Support Business Processes and Operations: on an operational level. An example of this kind
of information system is the paying of employees, the tracking of inventory, and the recording of
customer purchases in a retail information system.
These 3 aforementioned roles are in my opinion the three most important. See below an image to
back up my previous statements.
Unit II
Unit II
Many businesses invest their excess cash in short term low risk marketable securities i.e.
Treasury bills, commercial paper or certificates of deposit or in higher return / high risk
alternatives so that investment income may be earned until the funds are required. Portfolio of
such securities can be made with the help of portfolio management software packages.
The Capital budgeting process involves evaluating the profitability and financial impact of
proposed capital expenditures. Long term expenditure proposals for plants and equipments can
be analyzed using a variety of techniques. This application uses spread sheet models that
incorporate present value analysis of expected inflows.
Financial analysts use electronic spreadsheets and other financial planning software to evaluate
the present and projected financial performance of a business. They also help determine the
financing needs of a business and analyze alternative methods of financing. Electronic
spreadsheet packages, DSS software, and web based groupware can be used to build and
manipulate financial models.
Accounting IS are the oldest and widely used system. AIS are based on Double Entry System of
book keeping. These systems records and reports business transactions events. AIS produces
financial statements such as Balance sheet and P& L a/c, also produces forecasts of future
conditions such as projected financial statements and financial budgets.
Operational Accounting system emphasizes historical accounting and produces accurate
financial statements. They also include TPS such as order processing, inventory Control, A/c’s
payable, A/Cs receivable, payroll and general ledger system.
Management accounting system focus on the planning and control of business operations. They
also focus on the cost Accounting reports, development of financial budgets and projected
financial statements.
The use of internet, intranet and extranet technologies changes normal functioning AIS. The
online Interactive Systems calls for new transaction documents, procedures for control. This
particularly applies to system like order processing, inventory control, a/c‘s payable, receivables.
These systems are directly involved in processing of transaction between suppliers customers.
1. Inventory Control
Inventory Control system process data reflecting changes in the inventory level. It records
changes in the inventory level after getting data from order processing and prepares documents
for purchasing the material. It notify the mangers about items that need re – ordering and also
provides information about the status of various items.
This system helps business to provide high quality service to customers while minimizing
investments in inventory and also carrying cost.
2. A/C’s Receivables
It keeps record or amount payable or owed by customers from data generated by customers
purchase and payments. They produce invoices to customers and monthly customer statements
and credit management reports. Computer based system stimulates prompt payment by
customers by preparing accurate and timely invoices and monthly statements to credit customers.
They provide many reports to the mangers which will help him in controlling the amount of
credit extended and collection of money. This will minimize the losses from bad debts.
3. Accounts Payable
They keep track of data relating to purchases from suppliers. They prepare checks for payment of
outstanding invoices and credit management reports. It ensures prompt and accurate payment to
suppliers to maintain good relationships and to avail cash discounts.
It also provides information to manage for analysis of payments, expenses, purchases and cash
requirements.
4. Payroll
Payroll systems receive and maintain data from employee time cards and other work records.
They produce paychecks and other documents such as earning statements, payroll reports, and
labour analysis reports. Computer based payroll systems help businesses make prompt and
accurate payments to their employees, as well as reports to management, employees, and
government agencies concerning earnings, taxes and other deductions.
5. General ledger
These systems consolidate data received from accounts receivable, accounts payable, payroll and
other accounting information systems. At the end of each accounting period, they close the books
of a business and produce the general ledger trial balance, the income statement and balance
sheet of the firms various income and expense reports for management.
The business function of marketing is concerned with the planning, promotion and sale of
existing products in existing markets, and the development of new products and new markets to
better serve present and potential customer.
For example Internets/intranets Web sites and services make an interactive marketing process
possible where customers can become partners in creating, marketing purchasing and improving
products and services. Sale force automation systems use mobile computing and internet
technology to automate many information processing activities for sales support and
management. Other marketing information system assist marketing managers in product
planning pricing and other product management decisions advertising and sales promotion
strategies, and market research and forecasting.
1.Interactive Marketing
The term interactive marketing has been coined to describe a type of marketing that is based on
using the Internet, intranets, and extranets to establish two way interactions between a business
and its customers or potential customers. The goal of interactive marketing is to enable a
company to profitably use those networks to attract and keep customers who will become
partners with the business in creating purchasing and improving products and services.
Notice that the internet has become the primary distribution channel of the new online marketing
environment. Interactive marketing views prospective customers as belonging to many distinct
market segments that must be approached differently online through targeted marketing
techniques.
2. Sales Force Automation:
Using web browsers and sales management, software that connects them together with the
companies marketing websites on the Internet, extranets and their intranet. This not only
increases the productivity of the sales personnel but also dramatically speeds up the capture and
analysis of sales data from the fields to the marketing mangers at their head quarters. This in
turn, it allows marketing and sales management to improve the delivery of information and to
support their sales people.
Sales people records sales transactions in their PC’s and the calls made to customers. Then each
night, they upload the information’s to the companies’ intranet and internet.
Sales mangers must plan monitor and support the performance of the sales people in the
organization. In most firms computer based systems produce sales analysis reports that analyze
sales by product, product line, type of customer, sales person and sales territory.
Such reports help marketing mangers monitor the sales performance of products and sales people
and support them develop sales support programs to increase the sales.
Product managers need information to plan and control the performance of specific product and
brands. Computers can help in providing information regarding price, cost, revenue and growth
for existing products and new products.
Marketing managers now tries to maximize the sales with the minimal cost of advertisement and
promotional activities. Marketing Research information’s and promotional models helps in
It is an important tool for developing advertisement and promotional strategies for companies’ e
– commerce websites.
Five Major components:
1. Community:
Companies can customize their web advertisement message to appeal to people in specific
communities. These can be communities of interest. Ex. Sports covers, travels, Art & Craft.
2. Content:
Placing advertisement banners on the various web sits in addition to the companies’ home page.
These messages reach the targeted audience. Ad for a movie on the opening page of an internet
search engine.
3. Context
Advertisement appears only in web pages which are related to the content of a product or service
so advertising is targeted only at people who are already searching for information. Ex. Tours &
Travels and Holiday resorts available.
4. Demographic / Psychographic
Marketing efforts are aimed at specific class or type of peoples like unmarried, below twenty,
middle income, college graduates.
5. Online Behavior
Advertisement and promotional efforts can be tailored to each visit to a site by an individual.
This strategy is based on web cookie files recorded on the visitors’ disk drive from previous
visits.Cookie files enable a company to track a person’s online behavior at a web site so
marketing strategies can be immediately developed and targeted to that individual at each visit to
their web site.
Market Research information provide marketing intelligence to help mangers to make better
marketing forecasts and develop more effective marketing strategies. Marketing Information
System help market researches collect, analyze and maintain an enormous amount of information
on a wide variety of market variable that are subject to continual change.
The information include, on customer, prospective consumers and competitors. Data can be
collected from different sources including companies’ databases www etc. Variety of statistical
software tools can help managers analyze market research data and forecasts sales.
INFORMATION SYSTEMS FOR PRODUCTION MANAGEMENT
Material requirements planning (MRP) ◦ Determine when finished products are needed ◦
Determine deadlines accordingly Manufacturing resource planning (MRPII) ◦ Network
scheduling ◦ Just in time (JIT) inventory .
Improve customer service and productivity Inventory and materials delivered rightsystem
before usageMANUFACTURING MIS
Online HRM systems may involve recruiting employees through recruitment department of
corporate websites. They may also uses commercial recruiting services and data bases on the
www they may also post messages in selected internet news groups.
Intranet allows HRM department to provide around the clock service to their employees. They
disseminate valuable information’s faster than previous company channels. Intranet can collect
online information’s from employees for input into their HRM files and they can enable the
employees to perform HRM tasks with little interventions of HRM department.
Ex. Employee Self Service ( ESS ) intranet applications allows employees to view their
employment and salary benefits, enter travel and expenses report, to access and update personal
information’s.
Staffing function must be supported by IS that track record human resources within a company
to maximize their use
1) Personal record keeping system keeps the track additions, detections and changes to
record in a personnel data base. Changes in job assignments and compensations or
terminations are updated in the data base.
2) Employee skills inventory system that uses the employee skills data from the personnel
data base in order to select suitable employees for the specific projects
3) Forecasting Personnel requirements: to assure a business with adequate supply of high
quality human resources.
i. This application provides forecasts of personnel requirements in each job
category in the departments or for new projects.
2. Training and development
Information system managers to plan and monitor the employee recruitment, training and
development programs by the success of the present programs. They also analyze the career
development status of each employee to decide whether to provide training and development
programs. Computer based multimedia training programs and job performance appraisal
programs are available to support HRM.
3. Compensation Analysis
IS helps in analyze the range and distribution of employee compensation within a company and
make comparisons with compensation paid by similar firms or with economic indications.
This information is useful for planning changes in compensation especially when negotiating
with labour unions. It helps to keep the compensations of a company to be competitive and
equitable.
4. Governmental Reporting
1) Consolidation
2) Downsizing
3) Outsourcing
I. Consolidation
Reduce the number of separate locations where information sources are located to operate more
efficiently than many smaller ones.
II Downsizing
A cross cutting measure to have better impact than downsizing is outsourcing. It is the
contracting to outside organizations, a portion of firm’s computer operations. An outsourcer is a
computer services firm that performs part of all of a customer’s computing for a long period of
time(say 5 or 10 years) as specified by written contract
Advantages of outsourcing
To reduces costs
Offer other advantages as well
Firm can predict future costs accurately after entering into a contract with the outsourcer
If existing system is outsourced, management cab concentrate on the development of new
strategic systems
Provides a way for firms to acquire access to leading edge technology and know-how
otherwise not able to afford
Disadvantages of outsourcing
CIOs base start to give approval to long term contracts because of long term
commitments to outside organizations.
Find difficulty in rebuilding it quickly, if need arises within
If firms have developed leading edge computing capabilities to have competitive
advantage, they hesitate to give them inside)
Outsourced ARE services
These are:
Risks of outsourcing
Loss of control
Loss of experienced employees
Risk of losing a competitive advantage
High price
Renting software’s (as examples)
NET of Microsoft
MCA fee antivirus software
UNIT III
Broadly speaking, decision support systems are a set of manual or computer-based tools that
assist in some decision-making activity. In today's business environment, however, decision
support systems (DSS) are commonly understood to be computerized management information
systems designed to help business owners, executives, and managers resolve complicated
business problems and/or questions. Good decision support systems can help business people
perform a wide variety of functions, including cash flow analysis, concept ranking, multistage
forecasting, product performance improvement, and resource allocation analysis. Previously
regarded as primarily a tool for big companies, DSS has in recent years come to be recognized as
a potentially valuable tool for small business enterprises as well.
Attributes of a DSS
Characteristics of a DSS
Benefits of DSS
Components of a DSS
Database Management System (DBMS): To solve a problem the necessary data may
come from internal or external database. In an organization, internal data are generated
by a system such as TPS and MIS. External data come from a variety of sources such as
newspapers, online data services, databases (financial, marketing, human resources).
Model Management System: It stores and accesses models that managers use to make
decisions. Such models are used for designing manufacturing facility, analyzing the
financial health of an organization, forecasting demand of a product or service, etc.
Support Tools: Support tools like online help; pulls down menus, user interfaces,
graphical analysis, error correction mechanism, facilitates the user interactions with the
system.
Classification of DSS
There are several ways to classify DSS. Hoi Apple and Whinstone classifies DSS as follows:
Text Oriented DSS: It contains textually represented information that could have a
bearing on decision. It allows documents to be electronically created, revised and viewed
as needed.
Database Oriented DSS: Database plays a major role here; it contains organized and
highly structured data.
Spreadsheet Oriented DSS: It contains information in spread sheets that allows create,
view, modify procedural knowledge and also instructs the system to execute self-
contained instructions. The most popular tool is Excel and Lotus 1-2-3.
Solver Oriented DSS: It is based on a solver, which is an algorithm or procedure written
for performing certain calculations and particular program type.
Rules Oriented DSS: It follows certain procedures adopted as rules.
Rules Oriented DSS: Procedures are adopted in rules oriented DSS. Export system is the
example.
Compound DSS: It is built by using two or more of the five structures explained above.
Types of DSS
Three concepts come with big data : structured, semi structured and unstructured data.
Structured Data
For geeks and developpers (not the same things ^^) Structured data is very banal. It concerns all
data which can be stored in database SQL in table with rows and columns. They have relationnal
key and can be easily mapped into pre-designed fields. Today, those datas are the most
processed in development and the simpliest way to manage informations.
But structured datas represent only 5 to 10% of all informatics datas. So let’s introduce semi
structured data.
Semi-structured data is information that doesn’t reside in a relational database but that does have
some organizational properties that make it easier to analyze. With some process you can store
them in relation database (it could be very hard for somme kind of semi structured data), but the
semi structure exist to ease space, clarity or compute…
Examples of semi-structured : CSV but XML and JSON documents are semi structured
documents, NoSQL databases are considered as semi structured.
But as Structured data, semi structured data represents a few parts of data (5 to 10%) so the last
data type is the strong one : unstructured data.
Three concepts come with big data : structured, semi structured and unstructured data.
Structured Data
For geeks and developpers (not the same things ^^) Structured data is very banal. It concerns all
data which can be stored in database SQL in table with rows and columns. They have relationnal
key and can be easily mapped into pre-designed fields. Today, those datas are the most
processed in development and the simpliest way to manage informations.
But structured datas represent only 5 to 10% of all informatics datas. So let’s introduce semi
structured data.
Semi-structured data is information that doesn’t reside in a relational database but that does have
some organizational properties that make it easier to analyze. With some process you can store
them in relation database (it could be very hard for somme kind of semi structured data), but the
semi structure exist to ease space, clarity or compute…
Examples of semi-structured : CSV but XML and JSON documents are semi structured
documents, NoSQL databases are considered as semi structured.
But as Structured data, semi structured data represents a few parts of data (5 to 10%) so the last
data type is the strong one : unstructured data.
Unstructured data
Unstructured data represent around 80% of data. It often include text and multimedia content.
Examples include e-mail messages, word processing documents, videos, photos, audio files,
presentations, webpages and many other kinds of business documents. Note that while these
sorts of files may have an internal structure, they are still considered « unstructured » because the
data they contain doesn’t fit neatly in a database.
Unstructured data is everywhere. In fact, most individuals and organizations conduct their lives
around unstructured data. Just as with structured data, unstructured data is either machine
generated or human generated.
Satellite images: This includes weather data or the data that the government captures in
its satellite surveillance imagery. Just think about Google Earth, and you get the picture.
Scientific data: This includes seismic imagery, atmospheric data, and high energy
physics.
Photographs and video: This includes security, surveillance, and traffic video.
Radar or sonar data: This includes vehicular, meteorological, and oceanographic
seismic profiles.
The following list shows a few examples of human-generated unstructured data:
Text internal to your company: Think of all the text within documents, logs, survey
results, and e-mails. Enterprise information actually represents a large percent of the text
information in the world today.
Social media data: This data is generated from the social media platforms such as
YouTube, Facebook, Twitter, LinkedIn, and Flickr.
Mobile data: This includes data such as text messages and location information.
website content: This comes from any site delivering unstructured content, like
YouTube, Flickr, or Instagram.
Nature of DSS :
Decision Support System is an interactive analytical modeling process, where users are
exploring possible alternatives and not demanding pre-specified information. They are using the
decision support system to find the information they need to help them make a decision. There
are several basic types of analytical modeling activities, such as:
What-If Analysis
Sensitivity Analysis
Goal-Seeking Analysis
Optimization Analysis
Knowledge Discovery & Analysis
In what-If analysis, a decision maker: (i) makes changes to variables or relationships among
variables, and (ii) observes the resulting changes in the variables of other variables.
The common strategy for the application of the what-if analysis in businesses is to make changes
to the input variables and to observe the resulting changes in the output parameters of the
financial model of a business (or project).
Example:
Examples:
Change the price (a variable) or the variable costs per products (another variable) and recalculate
all affected variables in a simple financial spreadsheet model.
Change the net profit after taxes (a variable) or a tax rate formula (a relationship among
variables), recalculate all affected variables, and observe the change of the input parameters
(price, variable costs, and quantities) per products.
Sensitivity analysis is a case of what-if analysis that involves repeated changes to only one
variable at a time. Typically, decision makers are making repeated small changes to a variable
and are observing and evaluating the effects on others variables from their financial model. This
process is helping managers to understand the impact of various changes of the selected variable
on other factors involved in decisions being considered (e.g. determining at what point the
interest rate on a loan makes the project no longer feasible).
In goal-seeking analysis (how-can analysis), the decision maker sets a target value (goal) for a
variable and then repeatedly changes other variables until the target value is achieved. This form
of analytical modeling would help answer the question 'How we can achieve in net profit after
taxes' by repeatedly change of the values of prices and/or variable costs and/or quantities sold
and/or fixed costs in a financial model until the targeted result is achieved.
Optimization analysis is a more complex extension of goal-seeking analysis. The goal here is to
find the optimum value for one or more target variables, given certain constrain. To make this
possible, one or several other variables are changed repeatedly, subject to the specified
constraints, until the decision maker discovers the best values for the target variables.
Example:
Knowledge Discovery & Analysis is also known as a data mining process for analysis of the
vast stories of historical business data that have been organized in corporate data warehouses
with the goal: (i) to discover patterns, trends, and correlations hidden in the data and (ii) to help
the company improve its business performance.
Data mining software may perform regression, decision tree, neural network, cluster detection,
market basket analysis for a business.
The main purpose of the market basket analysis is: (i) to determine which products customers
purchase together with other products, and then (ii) to market and sell the products together, or
(iii) to make the purchasers of one product target prospects for another, with the goal (iv) to
increase the effectiveness of a given marketing effort regardless of the form of marketing (in-
store displays, layout design, direct offers to customers).
1. with the goal to help knowledge workers create, organize, and make available important
business knowledge, wherever and whenever it’s needed;
2. this information includes processes, procedures, patents, reference works, formulas, best
practices, forecasts, and fixes;
3. some of the key technologies commonly used by KMS are internet, intranet web sites,
groupware, data mining, knowledge bases, and online discussion groups;
4. KMS’s also facilitate organizational learning and knowledge creation: the knowledge-
creating company works to integrate its knowledge into its business processes, products,
and services.
According to the father of Artificial Intelligence, John McCarthy, it is “The science and
engineering of making intelligent machines, especially intelligent computer programs”.
AI is accomplished by studying how human brain thinks, and how humans learn, decide, and
work while trying to solve a problem, and then using the outcomes of this study as a basis of
developing intelligent software and systems.
Philosophy of AI
While exploiting the power of the computer systems, the curiosity of human, lead him to wonder,
“Can a machine think and behave like humans do?”
Thus, the development of AI started with the intention of creating similar intelligence in
machines that we find and regard high in humans.
Goals of AI
To Create Expert Systems − The systems which exhibit intelligent behavior, learn,
demonstrate, explain, and advice its users.
To Implement Human Intelligence in Machines − Creating systems that understand,
think, learn, and behave like humans.
Out of the following areas, one or multiple areas can contribute to build an intelligent system.
NEURAL NETWORKS
Neural Networks (also referred to as connectionist systems) are a computational approach which
is based on a large collection of neural units loosely modeling the way the brain solves problems
with large clusters of biological neurons connected by axons. Each neural unit is connected with
many others, and links can be enforcing or inhibitory in their effect on the activation state of
connected neural units. Each individual neural unit may have a summation function which
combines the values of all its inputs together. There may be a threshold function or limiting
function on each connection and on the unit itself such that it must surpass it before it can
propagate to other neurons. These systems are self-learning and trained rather than explicitly
programmed and excel in areas where the solution or feature detection is difficult to express in a
traditional computer program.
Network function
The word network in the term 'artificial neural network' refers to the interconnections between
the neurons in the different layers of each system. An example system has three layers. The first
layer has input neurons which send data via synapses to the second layer of neurons, and then via
more synapses to the third layer of output neurons. More complex systems will have more layers
of neurons, some having increased layers of input neurons and output neurons. The synapses
store parameters called "weights" that manipulate the data in the calculations.
Fuzzy logic
Fuzzy logic is a form of many-valued logic in which the truth values of variables may be any
real number between 0 and 1, considered to be "fuzzy". By contrast, in Boolean logic, the truth
values of variables may only be the "crisp" values 0 or 1. Fuzzy logic has been employed to
handle the concept of partial truth, where the truth value may range between completely true and
completely false. Furthermore, when linguistic variables are used, these degrees may be
managed by specific (membership) functions.
The term fuzzy logic was introduced with the 1965 proposal of fuzzy set theory by Lotfi Zadeh
Fuzzy logic had however been studied since the 1920s, as infinite-valued logic—notably by
Łukasiewicz and Tarski.
The Fuzzy Logic Process
Genetic Algorithms
Genetic Algorithms were invented to mimic some of the processes observed in natural evolution.
Many people, biologists included, are astonished that life at the level of complexity that we
observe could have evolved in the relatively short time suggested by the fossil record. The idea
with GA is to use this power of evolution to solve optimization problems. The father of the
original Genetic Algorithm was John Holland who invented it in the early 1970's.
GAs simulate the survival of the fittest among individuals over consecutive generation for
solving a problem. Each generation consists of a population of character strings that are
analogous to the chromosome that we see in our DNA. Each individual represents a point in a
search space and a possible solution. The individuals in the population are then made to go
through a process of evolution.
GAs are based on an analogy with the genetic structure and behaviour of chromosomes within a
population of individuals using the following foundations:
Implementation Details
key idea: give prefrence to better individuals, allowing them to pass on their genes to the
next generation.
The goodness of each individual depends on its fitness.
Fitness may be determined by an objective function or by a subjective judgement.
2. Crossover Operator
Using selection alone will tend to fill the population with copies of the best individual
from the population
Using selection and crossover operators will tend to cause the algorithms to converge on
a good but sub-optimal solution
Using mutation alone induces a random walk through the search space.
Using selection and mutation creates a parrallel, noise-tolerant, hill climbing algorithm
The Algorithms
Genetic Algorithms (GAs) are adaptive heuristic search algorithm based on the evolutionary
ideas of natural selection and genetics. As such they represent an intelligent exploitation of a
random search used to solve optimization problems. Although randomised, GAs are by no means
random, instead they exploit historical information to direct the search into the region of better
performance within the search space. The basic techniques of the GAs are designed to simulate
processes in natural systems necessary for evolution, specially those follow the principles first
laid down by Charles Darwin of "survival of the fittest.". Since in nature, competition among
individuals for scanty resources results in the fittest individuals dominating over the weaker
ones.
Expert systems are designed and created to facilitate tasks in the fields of accounting, medicine,
process control, financial service, production, human resources etc. Indeed, the foundation of a
successful expert system depends on a series of technical procedures and development that may
be designed by certain technicians and related experts. A good example of application of expert
systems in banking area is expert systems for mortgages. Loan departments are interested in
expert systems for mortgages because of the growing cost of labour which makes the handling
and acceptance of relatively small loans less profitable. They also see in the application of expert
systems a possibility for standardised, efficient handling of mortgage loan, and appreciate that
for the acceptance of mortgages there are hard and fast rules which do not always exist with
other types of loans. While expert systems have distinguished themselves in AI research in
finding practical application, their application has been limited. Expert systems are notoriously
narrow in their domain of knowledge—as an amusing example, a researcher used the "skin
disease" expert system to diagnose his rustbucket car as likely to have developed measles—and
the systems were thus prone to making errors that humans would easily spot. Additionally, once
some of the mystique had worn off, most programmers realized that simple expert systems were
essentially just slightly more elaborate versions of the decision logic they had already been
using. Therefore, some of the techniques of expert systems can now be found in most complex
programs without any fuss about them. An example, and a good demonstration of the limitations
of, an expert system used by many people is the Microsoft Windows operating system
troubleshootingtaskbar menu. Obtaining expert / technical operating system support is often
difficult for individuals not closely involved with the development of the operating system.
Microsoft has designed their expert system to provide solutions, advice, and suggestions to
common errors encountered throughout using the operating systems. software located in the
"help" section in the Another 1970s and 1980s application of expert systems — which we today
would simply call AI — was in computer games. For example, the computer baseballEarl
Weaver Baseball and Tony La Russa Baseball each had highly detailed simulations of the game
strategies of those two baseball managers. When a human played the game against the computer,
the computer queried the Earl Weaver or Tony La Russa Expert System for a decision on what
strategy to follow. Even those choices where some randomness was part of the natural system
(such as when to throw a surprise pitch-out to try to trick a runner trying to steal a base) were
decided based on probabilities supplied by Weaver or La Russa. Today we would simply say that
"the game's AI provided the opposing manager's strategy." Games.
Disadvantages:
Information Technology as an integrating factor in the organisation, that is, the various
organisational positions that manage information are coordinated and work together toward
common ends. Further, IRM looks for ways in which the management of information and the
management of Information Technology are interrelated, and fosters that interrelationship and
organisational integration.
IRM includes the management of (1) the broad range of information resources, e.g., printed
materials, electronic information, and microforms, (2) the various technologies and equipment
that manipulate these resources, and (3) the people who generate, organise, and disseminate
those resources.
Architectural management
Architectural management falls into two distinct parts, office management and project
management (Brunton et al., 1964; Emmitt, 1999a & 1999b). Office management provides an
overall framework within which individual projects are commissioned, designed and completed.
Both parts have the same objectives but are typically addressed by separate management
systems. Office management involves the allocation and financing of resources, principally
premises, trained staff and computer systems, and on establishing and charging appropriate fees
for the services rendered. Project management focuses on timescales, developing a design from
initial concept to working drawings, and managing the construction process (see for example
Emmitt, 2014).
Manufacturing plants, warehouses and other worksites needed by the firm on the other hand
there is an increasing trend to word down sized and distributed network that allow top
management to delegate more decision making to middle managers management can also
decentralize operations by increasing the number of branch offices while still having access to
the information and communication capabilities they need to control the overall direction of the
organization.
The philosophy of top management the culture of the organization the need to reengineer its
operations and its use of aggressive or conservative competitive strategic all play major roles
with information technology in shopping the firms organizational structure and information
system architecture.
1) Staff professionalism
A large development at and operational support staff provides challenging work creates
an environment of shared expertise and learning and provides alternative career paths.
2) Corporate database control
The philosophy behind development a corporate data base is centralizing control over
data accessibility integrity and security.
4) Organizational behavior:
1. Psychological value of unused information knowing it is there if needed or “Just
in case” seems to have a positive value
2. Information is often gathered and communication to peruse analysis. This
function is most easily performed by information systems under local control
3. Information use is a symbol of communication to rational choice local control of
information resources thus represents local competence.
LIMITATIONS OF MIS
The quality of output of MIS is directly proportional to the quality of input and process.
MIS takes only quantitative factors into account.
MIS is less useful for making non-programmed decisions
MIS is less effective in organizations where information is not being shared with others.
MIS is less effective due to frequent changes in top management, organizational structure
and operational staff.
omputer-to-computer– EDI replaces postal mail, fax and email. While email is also an
electronic approach, the documents exchanged via email must still be handled by people rather
than computers. Having people involved slows down the processing of the documents and also
introduces errors. Instead, EDI documents can flow straight through to the appropriate
application on the receiver’s computer (e.g., the Order Management System) and processing can
begin immediately. A typical manual process looks like this, with lots of paper and people
involvement:
The EDI process looks like this — no paper, no people involved:
Supply chain management (SCM) is the oversight of materials, information, and finances as they
move in a process from supplier to manufacturer to wholesaler to retailer to consumer. Supply
chain management involves coordinating and integrating these flows both within and among
companies. It is said that the ultimate goal of any effective supply chain management system is
to reduce inventory (with the assumption that products are available when needed). As a solution
for successful supply chain management, sophisticated software systems with Web interfaces are
competing with Web-based application service providers (ASP) who promise to provide part or
all of the SCM service for companies who rent their service.
Supply chain management flows can be divided into three main flows:
The product flow includes the movement of goods from a supplier to a customer, as well as any
customer returns or service needs. The information flow involves transmitting orders and
updating the status of delivery. The financial flow consists of credit terms, payment schedules,
and consignment and title ownership arrangements
Unit V
• The use of IT presents major security challenges, poses serious ethical questions, and
affects society in significant ways.
• IT raises ethical issues in the areas of..
– Crime
– Privacy
– Individuality
– Employment
– Health
– Working conditions
• But, IT has had beneficial results as well.
• So as managers, it is our responsibility to minimize the detrimental effects and optimize
the beneficial effects.
• Business Ethics
– Basic categories of ethical issues
• Employee privacy
• Security of company records
• Workplace safety
IT General Controls
ITGC represent the foundation of the IT control structure. They help ensure the reliability of data
generated by IT systems and support the assertion that systems operate as intended and that
output is reliable. ITGC usually include the following types of controls:
IT application or program controls are fully automated (i.e., performed automatically by the
systems) designed to ensure the complete and accurate processing of data, from input through
output. These controls vary based on the business purpose of the specific application. These
controls may also help ensure the privacy and security of data transmitted between applications.
Categories of IT application controls may include:
Completeness checks - controls that ensure all records were processed from initiation to
completion.
Validity checks - controls that ensure only valid data is input or processed.
Identification - controls that ensure all users are uniquely and irrefutably identified.
Authentication - controls that provide an authentication mechanism in the application
system.
Authorization - controls that ensure only approved business users have access to the
application system.
Input controls - controls that ensure data integrity fed from upstream sources into the
application system.
Forensic controls - control that ensure data is scientifically correct and mathematically
correct based on inputs and outputs
Procedural controls
Procedural controls establish a framework for validating and maintaining the computer system
and for ensuring that users understand how to use the system. Procedural controls usually take
the form of standard operating procedures (SOPs) and user manuals.
Keep the scope focused and relevant to the audience and the work being performed.
Be as simple and brief as possible.
Promote clarity in objectives, responsibilities, and tasks.
Be detailed just enough that people know what to do and how to do it, but not so much
that you box people in.
Stick with a single format, use dates for versions, provide a document history, and require
signature approval from designated reviewers.
Vendor/Supplier management
Any computer equipment, instrumentation, and software that you buy needs to come from a
reputable vendor and needs to be documented and tested for the environment in which it will be
used.
System Lifecycle
Ethical and Societal Dimensions. The vital role of information technologies and systems in
society raises serious ethical and societal issues in terms of their impact on employment,
individuality, working conditions, privacy, health, and computer crime, as illustrated in Figure
13.2. Employment issues include the loss of jobs—a result of computerization and automation of
work—versus the jobs created to supply and support new information technologies and the
business applications they make possible. The impact on working conditions involves the issues
of computer monitoring of employees and the quality of the working conditions of the jobs that
use information technologies heavily. The effect of IT on individuality addresses the issues of
the depersonalization, regimentation, and inflexibility of some computerized business systems.
Employees’ heavy use of computer workstations for long periods raises issues about and may
cause work related health disorders. The use of IT to access or collect private information
without authorization, as well as for computer profiling, computer matching, computer
monitoring, and computer libel and censorship, raises serious privacy issues. Computer crime
issues surround activities such as hacking, computer viruses and worms, cyber theft,
unauthorized use at work, software piracy, and piracy of intellectual property. Managers,
business professionals, and IS specialists can help solve the problems of improper use of IT by
assuming their ethical responsibilities for the ergonomic design, beneficial use, and enlightened
management of information technologies in our society.
The security and ethical challenges of IT refer to the difficulties that organisations face in
managing increasingly complex information and communication technologies. The term
embraces the management of systems, policies and procedures designed to protect organisations,
their employees, customers and other stakeholders from malicious external threats, and from
internal acts of noncompliance with IT policies. The concept has important implications for
growing IT areas such as Big Data, social media, and Bring Your Own Device (BYOD) (Dutta &
McCrohan, 2002; Simonite, 2015; Soares, 2015).
Control is the process through which manager assures that actual activities are according to
standards leading to achieving of common goals. The control process consists of measurement of
progress, achieving of common goals and detects the deviations if any in time and takes
corrective action before things go beyond control. Information systems operate in real world
situations which are always changing and there are lots of problems. Information systems are
vulnerable to various threats and abuses. Some of the points are memory, communications links,
microwave signal, telephone lines etc.
Security Control
The resources of information systems like hardware, software, and data, need to be protected
preferably by build in control to assure their quality and security.
Administrative control
Information systems control
Procedural control
Physical facility control
Administrative Control
Systems analysts are actually responsible for designing and implementing but these people need
the help of the top management in executing the control measure. Top executives provide
leadership in setting the control policy. Without their full support, the control system cannot
achieve its goal.
Information system control assures the accuracy, validity and proprietary of information system
activities. Control must be there to ensure proper data entry processing techniques, storage
methods and information output. Accordingly management information system control are
designed to see or monitor and maintain quality, security of the input process, output and storage
activities of an information system.
Input Control
As we know whatever we give to computer the computer processes that and returns the result to
us. Because of this very fact, there is a need to control the data entry process. The types of input
control are:
Transaction Codes: Before any transaction can be input into the system, a specific code
should be assigned to it. This aids in its authorization.
Forms: a source document or screen forms should be used to input data and such forms
must adhere to certain rules.
Verification: Source document prepared by one clerk can be verified by another clerk to
improve accuracy.
Control–totals: Data entry and other system activities are frequently monitored by the use
of control-total. For example, record count is a control-total that consist of counting the
total number of source documents or other input records and compare them at other stage
of data entry. If totals do not match, then a mistake is indicated.
Check digit: These are used for checking important codes such as customer number to
verify the correctness.
Labels: It contains data such as file name, and date of creation so that a check can be
made that correct file is used for processing.
Character and field checking: Characters are checked for proper mode – numeric,
alphabetic, alphanumeric fields – to see if they are filled in properly.
Processing Control
Input and processing data are so interrelated that we can take them as first line of defense. Once
data is fed into the computer, controls are embedded in various computer programs to help,
detect not only input errors but also processing errors. Processing – controls are included to
check arithmetic calculations and logical operations. They are also used to ensure that data are
not lost or do not go unprocessed. Processing control is further divided into hardware and
software control.
Output Control
These are developed to ensure that processed information is correct, complete and is transmitted
to authorized user in a timely manner. The output control are mostly of same kind as input
control e.g. Output documents and reports are thoroughly and visually verified by computer
personnel and they are properly logged and identified with rout slips
Storage Control
Procedural Control
These methods provide maximum security to operation of the information system. Standard
procedures are developed and maintained manually and built in software help display so that
every one knows what to do. It promotes uniformity and minimize the chance of error and fraud.
It should be kept up-to-date so that correct processing of each activity is made possible.
Physical facility control is methods that protect physical facilities and their contents from loss
and destruction. Computer centers are prone to many hazards such as accidents, thefts, fire,
natural disasters, destructions etc. Therefore physical safeguards and various control procedures
are required to protect the hardware, software and vital data resources of computer using
organizations.
Many type of controlling techniques such as one in which only authorized personnel are allowed
to access to the computer centre exist today. Such techniques include identification badges of
information services, electronic door locks, security alarm, security policy, closed circuit TV
and dust control etc., are installed to protect the computer centre.
Telecommunication Controls
The telecommunication processor and control software play a vital role in the control of data
communication activity. Data can be transmitted in coded from and it is decoded in the computer
centre itself. The process is called as encryption.
Computers can fail for several reasons like power failures, electronic circuitry malfunctions,
mechanical malfunctions of peripheral equipment and hidden programming errors. To protect
from these failure precaution, any measure with automatic and remote maintenance capabilities
may be required.
RISK MANAGEMENT
The management of risk data and information is key to the success of any risk management
effort regardless of an organization's size or industry sector. Risk management information
systems/services (RMIS) are used to support expert advice and cost-effective information
management solutions around key processes such as:
Typically, RMIS facilitates the consolidation of information related to insurance, such as claims
from multiple sources, property values, policy information, and exposure information, into one
system. Often, RMIS applies primarily to “casualty” claims/loss data systems. Such casualty
coverages include auto liability, auto physical damage, workers' compensation, general liability
and products liability.
RMIS products are designed to provide their insured organizations and their brokers with basic
policy and claim information via electronic access, and most recently, via the Internet. This
information is essential for managing individual claims, identifying trends, marketing an
insurance program, loss forecasting, actuarial studies and internal loss data communication
within a client organization. They may also provide the tracking and management reporting
capabilities to enable one to monitor and control overall cost of risk in an efficient and cost-
effective manner.
In the context of the acronym RMIS, the word “risk” pertains to an insured or self-insured
organization. This is important because prior to the advent of RMIS, insurance company loss
information reporting typically organized loss data around insurance policy numbers. The
historical focus on insurance policies detracted from a clear, coherent and consolidated picture of
a single customer's loss experience. The advent of the first PC and UNIX based standalone
RMIS was in 1982, by Mark Dorn, under the trade name RISKMASTER. This began a
breakthrough step in the insurance industry's evolution toward persistent and focused
understanding of their end-customer needs. Typically, the best solution for an organization
depends on whether it is enhancing an existing RMIS system, ensuring the highest level of data
quality, or designing and implementing a new system while maintaining a focus on state-of-the-
art technology.
A distributed denial-of-service (DDoS) is a cyber-attack where the perpetrator uses more than
one, often thousands of, unique IP addresses. (See IP address spoofing.) It is analogous to a
group of people crowding the entry door or gate to a shop or business, and not letting legitimate
parties enter into the shop or business, disrupting normal operations. The scale of DDoS attacks
has continued to rise over recent years, even reaching over 600Gbit/s.
Criminal perpetrators of DoS and DDoS attacks often target sites or services hosted on high-
profile web servers such as banks or credit card payment gateways. Motives of revenge,
blackmail or activism can be behind other attacks.
Symptoms
The United States Computer Emergency Readiness Team (US-CERT) defines symptoms of a
denial-of-service attack to include:[7]
If the attack is conducted on a sufficiently large scale, entire geographical regions of Internet
connectivity can be compromised without the attacker's knowledge or intent by incorrectly
configured or flimsy network infrastructure equipment.
There are several kinds of spoofing including email, caller ID, and uniform resource locator
(URL) spoof attacks.
Email spoofing (or phishing), used by dishonest advertisers and outright thieves, occurs when
email is sent with falsified “From:” entry to try and trick victims that the message is from a
friend, their bank, or some other legitimate source. Any email that claims it requires your
password or any personal information could be a trick.
In a caller ID attack, the spoofer will falsify the phone number he/she is calling from.
Privacy Issues: As much as information technology has enabled us to share and find relevant
information online,. It has also exploited our freedom of privacy. Their so many ways our
privacy is exploited, (1) use of internet webcams, experienced computer users can turn on any
webcam of any computer online and they will have access to your private life, many celebrities
have been victims of these online stalkers. A good example is Dharun Ravia former Rutgers
University student who was spying on his roommate through a webcam. Read more on this story
here ……. (2) use of social networks, the main concept of these networks is to connect with new
and old friends then share your life with them, however, the loop hole in this , is that when ever
some one access your shared life data like photos , they can like it and send it their friends who
are not your friends, which might expose you to users with wrong intentions to use your data,
also some companies are known for spying on their employees via these social networks.
Copyright Infringement: Information technology has made it easy for users to access any
information or artifact at any given time. With the increased development of music sharing
networks and photo bookmarking sites, many original creators of these works are losing the
credibility of their works, because users of IT can easily gain access and share that data with
friends. Free music and file downloading sites are popping up on internet every day , lots of
original work like music albums, books , are being downloaded for free. In this case one
legitimate user will purchase the book , software, web template or music album, and they will
submit it to a free download site where others will simply just download that data for free. It is
good news for the users because it saves them money, but it harms the original creator of these
works. The government has closed some of these sites like Megaupload.com, but many are
popping up using funny URLs.
Increased pressure on IT experts. Since information technology systems have to run all the
time, pressure is mounted on IT experts to ensure the accuracy and availability of these systems.
Many big organizations which need to operate 24 hours will require a standby IT team to cater
for any issues which might arise during the course of operation. This pressure results into stress
and work overload which some times results into Imperfection.
Digital divide: Information technology has many opportunities and it has shaped many
industries in developed countries; however, developing countries have difficulties of enjoying
the same benefits of Information technology. To get these benefits they have to train their labor
and users should also adopt the new culture which is a bit costly in these developing countries.
In some remote areas they do not even have power, so information technology tools like
computers can not be used. In other sectors like education, most of these developing countries
have poor old education systems, so a student will not be aware of new information technologies.