MANAGEMENT INFORMATION SYSTEM

Unit I
Foundations of Information Systems: A framework for business users - Roles of Information
systems - System concepts - Organisation as a system - Components of Information Systems - IS
Activities - Types of IS
Unit II
IS for operations and decision making: Marketing IS, Manufacturing IS, Human Resource IS,
Accounting IS and Financial IS - Transaction Processing Systems- Information Reporting
System - Information for Strategic Advantage.
Unit III
DSS and AI: DSS models and software: The decision making process - Structured, Semi
Structured and Unstrcutured problems; What if analy
sis, Sensitivity analysis, Goal-seeking Analysis and Optimizing Analysis. Oberview of AI,
Neural Networks, Fuzzy Logic Systems,
Genetic Algorithms - Expert Systems.
Unit IV
Managing Information Technology: Managing Information Resources and technologies - IS
architecture and management - Centralised, Decentralised and Distributed - EDI, Supply chain
management & Global Information technology Management.
Unit V
Security and Ethical Challenges: IS controls - facility control and procedural control - Risks to
online operations - Denial of service, spoofing - Ethics for IS professional - Societical challenges
of Information technology.

References
1. James A O'Brien, "Management Information Systems", Tata McGraw Hill, Fourth
Edition,1999.
2. Effy Oz, "Management Information Systems", Vikas Publishing House, Third Edition, 2002.
3. Kenneth C Laudon and Jane P Laudon, “Management Information System”, 9th Edition, PHI,
New Delhi, 2006.
4. Waman S Jawadekar , "Management Information System Text and cases", Third Editions,
Tata McGraw-Hill ,2007.
5. R.Srinivasan, “Strategic Management”, IInd edition, Prentice Hall of India, New Delhi.
6. M.Senthil, “Management Information System”, 2003
.
Unit I

MANAGEMENT INFORMATION SYSTEM-MEANING

Management

Management for purpose MIS consist of the activities carried out by manager. The planning,
organizing and controlling, staffing, analyzing, co-ordination, directing, motivating, decision
making all are major activities of the business.

Information

Information consist classifying, analyzing, recording to the perfect management process. The
information classified buy customer and location cumulative sale distribution amount customers
and used by management for purpose of information.

System

A system is a set off two or more elements such a people thinking and concepts and aim and
achievement goals in common objecting of system. A system set off many

Meaning of MIS

Management information systems are the study of information system focusing on their use in
business and management. Davis and Olson in 1985 have mentioned that the study of MIS arose
in the 1970s to focus on computer based information systems aimed at managers.

MIS covers three main concepts;

1. Management

2. Information

3. Systems
 MANAGEMENT
INFORMATION

MIS

SYSTEMS

MANAGEMENT INFORMATION SYSTEM DEFINITION

A management information system (MIS) provides information that organizations require to

manage themselves efficiently and effectively. Management information systems are typically
computer systems used for managing five primary components:

1) Hardware

2) Software

3) Data (information for decision making)

4) Procedures (design, development and documentation),

5) People (individuals, groups, or organizations).

Management information systems are distinct from other information systems, in that they are
used to analyze and facilitate strategic and operational activities.[2]

Academically, the term is commonly used to refer to the study of how individuals, groups, and
organizations evaluate, design, implement, manage, and utilize systems to generate information
to improve efficiency and effectiveness of decision making, including systems termed decision
support systems, expert systems, and executive information systems.

DEFINITION OF MIS

A Management information system is used to transform data into useful information as needed to
support managerial decision making with structured decisions (formally called programmed
decisions) which are those that are based on predictable patterns of activity. The typical MIS is
based on four major components (McLeod, 1986)
(I) Data gathering:

Data pertinent to the operations of the organization are gathered from both external and internal
sources.

(ii) Data entry:

The above data is inputted and stored in databases as the information processing core of the
system.

(iii) Data transformation:

Data is transformed into useful information through the application of computer software
programs and judgments made by technical support staff and other system users.

(iv) Information utilization:

This useful information is retrieved as needed by the management and technical personnel and
applied to a wide variety of decisions related to the conduct of organizational operations

The Basic characteristics of an effective Management Information System are as follows:

I. Management-oriented:

The basic objective of MIS is to provide information support to the management in the
organization for decision making. So an effective MIS should start its journey from appraisal of
management needs, mission and goal of the business organization. It may be individual or
collective goals of an organization. The MIS is such that it serves all the levels of management in
an organization i.e. top, middle and lower level.

II. Management directed:

When MIS is management-oriented, it should be directed by the management because it is the

management who tells their needs and requirements more effectively than anybody else.
Manager should guide the MIS professionals not only at the stage of planning but also on
development, review and implementation stages so that effective system should be the end
product of the whole exercise in making an effective MIS.

III. Integrated:

It means a comprehensive or complete view of all the sub systems in the organization of a
company. Development of information must be integrated so that all the operational and
functional information sub systems should be worked together as a single entity. This integration
is necessary because it leads to retrieval of more meaningful and useful information.

IV. Common data flows:

The integration of different sub systems will lead to a common data flow which will further help
in avoiding duplicity and redundancy in data collection, storage and processing. For example, the
customer orders are the basis for many activities in an organization viz. billing, sales for cashing,
etc. Data is collected by a system analyst from its original source only one time. Then he utilizes
the data with minimum number of processing procedures and uses the information for production
output documents and reports in small numbers and eliminates the undesirable data. This will
lead to elimination of duplication that simplify the operations and produce an efficient
information system.

V. Heavy planning-element:

The preparation of MIS is not a one or two day exercise. It usually takes 3 to 5 years and
sometimes a much longer period. So the system expert has to keep 2 things in mind – one is that
he has to keep future objectives as well as the firm’s information well in advance and also he has
to keep in mind that his MIS will not be obsolete before it gets into action.

VI.Sub System concept:

When a problem is seen in 2 sub parts, then the better solution to the problem is possible.
Although MIS is viewed as a single entity but for its effective use, it should be broken down in
small parts or subsystems so that more attention and insight is paid to each sub system. Priorities
will be set and phase of implementation be made easy. While making or breaking down the
whole MIS into subsystems, it should be kept in mind that the subsystems should be easily
manageable.

VII. Common database:

This is the basic feature of MIS to achieve the objective of using MIS in business organizations.
It avoids duplication of files and storage which leads to reduction in costs. Common database
means a “Super file or Master file” which consolidates and integrates data records formerly
stored in many separate data files. The organization of the database allows it to be accessed by
each subsystem and thus, eliminates the necessity of duplication in data storage, updating,
deletion and protection.

VIII. Computerized:

MIS can be used without a computer. But the use of computers increases the effectiveness and
the efficiency of the system. The queries can be handled more quickly and efficiently with the
computerized MIS. The other benefits are accuracy, storage capacity and timely information.

IX. Userfriendly/Flexibility
An MIS should be flexible i.e. there should be room for further modification because the MIS
takes much time in preparation and our environment is dynamic in nature.MIS should be such
that it should be used independently by the end user so that they do not depend on the experts.

X. Information as a resource

Information is the major ingredient of any MIS. So, an MIS should be treated as a resource and
managed properly

THE REQUISITES OF AN EFFECTIVE MIS ARE

1. Database

 “SUPERFILE”
 Subdivided into the major information sub-sets
 Improves accessibility and reduces redundancy
 Its important characteristics of
Each sub system utilizes same data i.e. common data source

Reduces duplication of efforts

User-oriented

Available of authorized person only

Controlled by separate authority know as Database management system (DBMS)

2. Qualified System And Management Staff

Two categories of staff (i) system and computer experts

(ii) Management experts

Difficult to attract and retain suitable experts

3. Support to top management

Support essential because of:

(i) otherwise sub-ordinate managers become lethargic

(ii) Resources involved is large

4. Control and maintenance of MIS

Control implies system operation works as per design

Maintenance implies identifying areas of improvements

5. Evaluation of MIS

Capable of meeting the information requirements in future as well. It requires MIS evaluation
appropriate timely action. Evaluation should consider

 Whether enough flexibility exists

 User’s and designers’ views
 Appropriate action steps
MIS Model

Modules of management information system are:

 Data collection module

 Data storage module
 Data processing module
 Information reporting module
 Decision support module
 Control support module
 Modeling and simulation module
Data collection module:

The data collection module aims at collecting and capturing the input data from the data sources.
The data collected through this module is used by other modules of MIS to provide the required
outputs. The size and structure of this module largely depends on the nature and type of data, the
transaction volumes and method of data collection.

Data storage module:

The data storage module aims at proper storage of the data collected by the data collection
module in order to make it available for data processing activity which is governed by the data
processing module. The data storage activities often involve magnetic storage of data on
computers.

Data processing module:

The data processing module aims at converting data into information. The design and structure
of the data processing module would depend on several factors such as information
requirements, transaction volumes, complexity of computations, processing speed requirements
and so on.

The information reporting module:

The information reporting module uses the output of the data processing module. Using these
inputs, the information reporting module generates actionable information. The stress of this
module is to present the information in a form that is convenient for the end users of information.
Decision support module:

The decision support module of MIS aims at providing the information that facilitates the
decision making activity.The scope of the decision support module is restricted to providing the
information support for the decision making activity. The decision making is considered to be
outside the scope of the decision making activity. The decision making is often considered as a
human activity which is external to the decision support module.

Control support module:

Control support module aims at providing information support for the control activities in
business organization. The activities of planning set a goal against which the actual performance
is compared through the control function. This activity is often expressed in terms of feedback
control mechanism.

Modeling and simulation module:

The modeling and simulation in business organizations are seen through a variety of applications
including forecasting, payoff matrices, projections, cause effect charts etc.

SOURCES OF MANAGEMENT INFORMATION

Management information systems is one of the systems that managers use to obtain information.
Other systems include decision support systems, executive support systems and expert systems.

DATA INPUTS TO AN MIS

 Most of the data source for MIS is the organization’s various transaction processing
systems that capture and store data from ongoing business transactions.
 Data may also come from various functional areas (accounting, finance, sales, etc.) of an
organization.
 External sources of data may include customers, suppliers, competitors, stockholders, and
so on.

OUTPUTS OF AN MIS
 The output of most management information systems is a collection of reports that are
distributed to managers. These include scheduled reports, key-indicator reports, demand
reports, exception reports, and drill-down reports.

COMPONENTS OF MIS

Input:

 Sales in unit by each salesman for a whole period

 Estimated sale in units of competitor corresponding business
  The processes includes classifying storing summarizing or new application data’s
 The functional relationship between input output of process is used to business feedback
Processors:

The total process of system is the net contribution of much individual process in the MIS design.
The MIS activities convent able to input output.

Output

 Sale by product (each days)

 Sale by salesman month wise date
 Sale trend analysis
 Sale forecast
 The sale by religion, salesman and product (Month wise and year till date)
 The MIS identified certain manual process telecom device common components and
other subsystem external manual process computer and system design implements of
other source of system
MIS:

Management information system one of the five major computer based information system. It
purpose is to need the general information need of the entire manager in the firm or organization
subunit of the firm. Subunit can be based on functional area or management levels.

Market:

Many companies are in process of the market and global market system global market for either
product and service, using global production facility to manufacture or assemble product, using
money in global capital market, global partners global market alliance, global competitor for
customers from allover the market like

 Global market
 Money market
 Share dealing
 Service market
 Fund market
 Allian market
Technologies:

Technology mean new competitor operate by competitive environment. Technology system,

global market system it consists of business transaction so many company can now global
business alliance, with other organization include customers, supplier former competitor,
consultancy and government agencies. Today network global coloration can collective many
national market and international service.

Business opportunities

 Functional management
 Resources management
 Technology management
 Distributor management

Function

Organization structure and managerial technology business units can manage information
technology and information system

Resources

• Data
• Hardware
• Software resources
 • Telecommunication network
• Personal management
• Business ethic
Technology management

All technology that process, store and communicator data and information throughout the
enterprise should be managed as integrate system of organizational resource.

Distributor management:

Managing the use of information technology and information system resource in business unit
work groups is a key reasonability of their manager.

Business processes

• Support of business operation

• Support of managerial
• Support of strategic competitive advantage
Information system (or) business processes deal regularly with the support of business operation
many retail and information system also store manager make better decision.

Boundaries:

Boundaries means identified certain limited factor which the process and interrelationship terms
of boundaries easily identify the bank process and system which components activities of
withdraw deposit, mark age, trust activities

SUBSYSTEM OF AN MIS

Management information system based on management activities:

MIS mean structure of an information system can classified terms of management planning and
control

• Planning
• Management control planning
• Operational control
• Management pricing planning
• Information system for operational control

Information system for operational control :

Operational control is process of ensuring that operational activities are carried out effective and
management process. A large percentage of the decision or programs, resulting activities, short-
term procedure, management transactions and operational system must be able to response to
both individual transactions

• Report processing
• Enquiry processing
• Transaction processing

Transaction processing:

The transaction processing system to examine the balance of all programming activities and
replacement order should be all product qualities and quantities quantity algorithm and action of
document is produced specific order and human receipt

Information for management control:

Management control information is require by manager of department profit center etc., The
performance of whole management decision making control action, formulate new decision,
personal management, allocate resources and summary of

Planning performance

Reason for variance

Analysis of possible decision (or) course of action

The plan, standard, budget etc.

The database provides by operational control

Variance from “planning performance

1. Planning and budget modules to assist manager in finding problem in directions and
preparing revising plans and budgets
2. Various report programs to process scheduled report showing performance and variance
from plan of performance or other standard competitor’s performance
3. Decision models to analysis a problem situation and provides possible solution for
management evaluation. The output from the management control information system,
plan and budget, scheduled report special reports, analysis of problem situation decision
reviews enquires responds etc.
4. MIS organization programs standard classification of function, manufacturing
organization include product, sales and marketing finance and accounting, personal
information system, top level management process consist separate function. An
organization may not actually be organized a long support of decision making and
functional lines general logical information system.
Management information system based on organizational function

Sales and marketing sub-system:

The sales and marketing functions generally include all activities related to promotion and sales
of product or services. The transactions are sales order promotion order, operational control,
sales force, sales ratios, the sales volume religion product, customer product etc.,

Managerial control over all performance again marketing plan

Customer analysis

Competitor analysis

Strategic planning

Demographic projections

Production subsystem:

The responsibility of the production or manufacturing function, product, engineering, planning of

production facilities, scheduling and operation of production facilities, employment and training
of production personnel and quality control and inspections. The management control required
summary reports, overall plan or standard performance to actual performance of cost of per units.

Logistics subsystem:

It encompasses such activities as purchasing, receiving inventory control and distribution. The
transactions result in documents describing employment requirements job descriptions training
specifications, personal data. Employee background, skill, experiences, pays rates, working
house, benefit of terminal notices

Personnel subsystem:

The transaction result in documents describing employment requisitions job descriptions,

training specifications, personnel data, pay rate, changes, hours, worked, pay checks, benefits
and termination notices strategic planning for personnel is involved with evaluating alternative
strategies for recruiting, salary , training, benefits and building location to ensure that the
organization obtains and retains personnel necessary to achieve its objectives. The strategic
information required include analyses of shifting patterns of employment, education, and wage
rate by area of country (or world)
Finance and accounting subsystem:

Finance and accounting are somewhat separate functions but are sufficiently related to be
described together. This function covers granting of credit to customers, collection processes,
cash management, and financing arrangements. Accounting covers the classification of financial
transactions and summarization into the standard financial reports. The strategic planning level
for accounting and finance involves a long-run strategy to ensure adequate financing, a long-
range accounting policy to minimize the impact of taxes and planning of systems for cost
accounting and budgeting.

Information processing subsystem:

Management control over information processing requires data on planned versus actual
utilization, equipment costs overall programmer performance and progress compared to schedule
for projects to develop and implement new applications. Examples are word processing
electronic mail, electronic filing and data and voice communications.

Top management subsystem:

The top management function operates separately from the functional areas, but also includes the
financial president acting in a top management capacity such as in management comities. The
transactions processed by top management are primarily inquiries for information and support of
decisions.

ROLE OF MANAGEMENT INFORMATION SYSTEM

The role of the MIS in an organization can be compared to the role of heart in the body. The
information is the blood and MIS is the heart. In the body the heart plays the role of supplying
pure blood to all the elements of the body including the brain. The heart work faster and supplies
more blood when needed. It regulates and controls the incoming impure blood, processed it and
sends it to the destination in the quantity needed. It fulfills the needs of blood supply to human
body in normal course and also in crisis.

The MIS plays exactly the same role in the organization. The system ensures that an appropriate
data is collected from the various sources, processed and send further to all the needy
destinations. The system is expected to fulfill the information needs of an individual, a group of
individuals, the management functionaries: the managers and top management.

Some of the important roles of the MIS:

i.The MIS satisfies the diverse needs through variety of systems such as query system,
analysis system, modeling system and decision support system.
ii. The MIS helps in strategic planning, management control, operational control and
transaction processing. The MIS helps in the clerical personal in the transaction processing and
answers the queries on the data pertaining to the transaction, the status of a particular record and
reference on a variety of documents.
iii. The MIS helps the junior management personnel by providing the operational data for
planning, scheduling and control , and helps them further in decision-making at the operation
level to correct an out of control situation.
iv. The MIS helps the middle management in short term planning, target setting and
controlling the business functions. It is supported by the use of the management tools of planning
and control.
v. The MIS helps the top level management in goal setting, strategic planning and
evolving the business plans and their implementation.
vi. The MIS plays the role of information generation, communication, problem
identification and helps in the process of decision-making. The MIS, therefore, plays a vital role
in the management, administration and operation of an organization.
Impact Of The Management Information System

MIS plays a very important role in the organization; it creates an impact on the organization’s
functions, performance and productivity.

The impact of MIS on the functions is in its management with a good MIS supports the
management of marketing, finance, production and personnel becomes more efficient. The
tracking and monitoring of the functional targets becomes easy.

The functional managers are informed about the progress, achievements and shortfalls in the
activity and the targets.The manager is kept alert by providing certain information indicating and
probable trends in the various aspects of business. This helps in forecasting and long-term
perspective planning. The manager’s attention is bought to a situation which is expected in
nature, inducing him to take an action or a decision in the matter.

Disciplined information reporting system creates structure database and a knowledge base for all
the people in the organization. The information is available in such a form that it can be used
straight away by blending and analysis, saving the manager’s valuable time.

The MIS creates another impact in the organization which relates to the understanding of the
business itself.

The MIS begins with the definition of data, entity and its attributes. It uses a dictionary of data,
entity and attributes, respectively, designed for information generation in the organization. Since
all the information systems use the dictionary, there is common understanding of terms and
terminology in the organization bringing clarity in the communication and a similar
understanding of an event in the organization.

The MIS calls for a systematization of the business operations for an effective system design.
This leads to streaming of the operations which complicates the system design. It improves the
administration of the business by bringing a discipline in its operations as everybody is required
to follow and use systems and procedures. This process brings a high degree of professionalism
in the business operations.

The goals and objectives of the MIS are the products of business goals and objectives. It helps
indirectly to pull the entire organization in one direction towards the corporate goals and
objectives by providing the relevant information to the organization.

A well designed system with a focus on the manager makes an impact on the managerial
efficiency. The fund of information motivates an enlightened manager to use a variety of tools of
the management. It helps him to resort to such exercises as experimentation and modeling. The
use of computers enables him to use the tools and techniques which are impossible to use
manually. The ready-made packages make this task simple. The impact is on the managerial
ability to perform. It improves decision-making ability considerably high.

Since, the MIS work on the basic system such as transaction processing and database, the
drudgery of the clerical work is transferred to the computerized system, relieving the human
mind for better work. It will be observed that lot of manpower is engaged in this activity in the
organization. Seventy (70) percent of the time is spent in recording, searching, processing and
communicating. This MIS has a direct impact on this overhead. It creates information –based
working culture in the organization.

IMPORTANCE OF MIS

It goes without saying that all managerial functions are performed through decision-making; for
taking rational decision, timely and reliable information is essential and is procured through a
logical and well structured method of information collecting, processing and disseminating to
decision makers. Such a method in the field of management is widely known as MIS. In today’s
world of ever increasing complexities of business as well as business organization, in order to
service and grow , must have a properly planned, analyzed, designed and maintained MIS so that
it provides timely, reliable and useful information to enable the management to take speedy and
rational decisions.

MIS has assumed all the more important role in today’s environment because a manager has to
take decisions under two main challenges:

First, because of the liberalization and globalization, in which organizations are required to
compete not locally but globally, a manager has to take quick decisions, otherwise his business
will be taken away by his competitors. This has further enhanced the necessity for such a system.

Second, in this information age wherein information is doubling up every two or three years, a
manager has to process a large voluminous data; failing which he may end up taking a strong
decision that may prove to be very costly to the company.
In such a situation managers must be equipped with some tools or a system, which can assist
them in their challenging role of decision-making. It is because of the above cited reasons, that
today MIS is considered to be of permanent importance, sometimes regarded as the name centre
of an organization. Such system assist decision makers in organizations by providing information
at various stages of decision making and thus greatly help the organizations to achieve their
predetermined goals and objectives. On the other hand, the MIS which is not adequately planned
for analyzed, designed, implemented or is poorly maintained may provide developed inaccurate,
irrelevant or obsolete information which may prove fatal for the organization. In other words,
organizations today just cannot survive and grow without properly planned, designed,
implemented and maintained MIS. It has been well understood that MIS enables even small
organizations to more than offset the economies of scale enjoyed by their bigger competitors and
thus helps in providing a competitive edge over other organizations.

The management information system is to produce information so that people

within the firm can use it in their decision-making. An MIS must manipulate
great quantities of data in various ways, often with aid of computers.
 Many kinds of manipulation and transfers of information support daily
operations and decision-making in a manufacturing company
Physical components

 Hardware
 Software
 Data base
 Procedures
 Operating personnel
Processing functions

 Process transactions
 Maintain master files
 Produces reports
 Process interactive support application
Outputs for users

 Transaction documents or screens

 Preplanned reports
 Preplanned inquiry responses
 Ad hoc reports and inquiry responses
 User machine dialogue results
Input and output are the peripherals while memory, processor and control form the
central processing unit. Storage is the secondary storage for data bank which can be accessed at
the will of the user. The use of the MIS provides inputs and receives outputs.

Transaction documents are of three types like:

Information E.g. A sale confirms verifying the receipt of an order from a customer

Action oriented E.g. the exception reports and error reporting which initiates for corrective
measures and provides reference material for future reference

Pre-planned reports are a regular content like sales analysis, inventory report and budget
variance reports prepared at a given time.

Pre-planned enquires are like pay rate of an employee, balance due from a particular
customer.

Ad hoc reports and inquiry responses occur at irregular intervals and require analysis of data
whose format has not been preplanned.

Exception reports are reports produced only when exceptional conditions occur, or reports
produced periodically which contain information only about exceptional conditions.

Ad hoc reports are unique, unscheduled, situation specific reports.

User machine dialogue is a way in which a user can interest with a model to arrive at a
solution.

CORPORATE PLANNING FOR MIS

We see corporate planning as a process consisting of the following components:

 Setting strategic objectives that define the desirable corporate aims to be achieved.
 Selecting the optimal tactical mechanisms through which the strategic objectives are
to be met.
 Developing operational plans that ensure the best use of the organizational resources
within the desired time frame.
 Structuring the management process that provides for the most effective decision
making and execution.
 Developing the communications systems, including the formalized management
information that provide necessary support to the management process.
 Defining the operational tasks and associated staffing requirements.

The nature of the corporate planning process is dynamic, governed by continuing changes in the
environment within which the corporate entity operates. An important support to corporate
planning therefore is monitoring the corporate environment. Such monitoring facilitates the
continuous updating of corporate plans in response to changes in the environment.

MIS planning initiates for general business planning general business planning initiates from the
following components:

 Mission of the corporate

  Objectives and goals for the corporate in all key performance areas. These are in line with
the mission of the corporate
 Strategic planning for general approach on how to achieve long-term objectives.
 Operational planning for specific guidelines on how to transfer short-term milestones.

The creation of an MIS for an organization needs a appropriate and specific MIS planning. The
aim of this project is to translate the business strategic, operational plans to MIS strategic,
operational plans.

Determination of the user’s needs in specific terms:

Information system as a stream process of information flow ought to be broken into

comprehensible terms to assist building of technical specifications in MIS design stage for
instance, if the management is imperative to break the general ideas into comprehensible terms
such as “market share”

Identification of inputs and human machine interface:

The prompt messages, screen and menu designs ought to be designed for user case in operations

Determination of scope of the system:

This depends upon the intent of the systems basic objectives for example; generation of payroll
may be one of the objectives. The generation of review on operations of an enterprise inventory
control and sales summary may be other objectives.

a. The number to above, the following decisions should also be taken carefully
b. The mode of data processing and data retrieval
c. The extent of the system to be computerized for efficient use
Budgets:

The demands of MIS and scope of the system mainly depend upon the allocation of resources for
the project

 Top down budgeting:

Top down budgeting is based on a estimative of total project costs by the top management. The
middle and operational managements take this estimation to allocate the costs for project
activities.

 In bottom up budgeting :
The operational and middle management estimate the cost of the activities. These are finally
review and endorsed by the top management.
 In zero based budgeting:
The base amount for each activity is ascertained on basis of similar project in the past. The
current cost of each activity is estimated as a factor adjustment to these base costs. The variations
in each allocation cost need to be justified.

 Scheduling:
MIS design development and implementation. This control is imperative for evaluation of
integrated MIS by progressing on modular subsystem designs and Gantt charts are some of the
popular scheduling techniques.

GROWTH OF MIS IN AN ORGANIZATION

The premise is that companies progress through six stages of growth each stage being
characterized by unique elements adopted over the years the stages analysis now provides a
frame work that works subrisingly well for most companies.

Stage1:

It begins with a company’s purchase of a computer system since most medium to large
companies already have computer system this stage is history as far as the majority are
concerned.

Stage2:

Most companies proceeded through this in the late facilities or early sixties when unbridled
technical excitement and management clarity permitted predetermination of computers and
applications, only some of which were directed at areas of real payroll

Stage3:

Usually begins with management awareness that the companies computer systems are out of
control that computer budgets are growing at a rate of 30 to 40 % a year and mere and that the
return on investment is in serious questions

Stage 4:

Initiates a retailing and a redesign of applications to the on-line responsible mode built around on
integrated data base. Thus this stage is called integration.

Stage 5:

The realization that an overall MIS blue print or road map must be put in place(is architecture) in
order to share company wide data and have intra and intercompany communication.
Stage6:

Called demassing, is placing control for MIS into the hands of line management with the overall
architecture and telecommunication network in place, managers have the flexibility to obtain the
data they need to operate to manage with information management

CENTRALIZATION VERSUS DECENTRALIZATION OF MIS:

Manufacturing plants, warehouses and other worksites needed by the firm on the other hand
there is an increasing trend to word down sized and distributed network that allow top
management to delegate more decision making to middle managers management can also
decentralize operations by increasing the number of branch offices while still having access to
the information and communication capabilities they need to control the overall direction of the
organization.

The philosophy of top management the culture of the organization the need to reengineer its
operations and its use of aggressive or conservative competitive strategic all play major roles
with information technology in shopping the firms organizational structure and information
system architecture.

There are three very important roles:

 Support Competitive Advantage & Decision making

 Support Business Decision Making
 Support of Business Processes and Operations

These roles all operate on different levels.

1.Support Strategic Advantage: operates on a strategic level, and an example of this is when
the head office uses systems to look at sales trends across stores to identify ways to gain
competitive advantage over other retailers.

2. Support Business/Managerial Decision Making: operates on a tactical level, and an example of

this would be where in store managers use systems to decide what lines to add or discontinue.

3.Support Business Processes and Operations: on an operational level. An example of this kind
of information system is the paying of employees, the tracking of inventory, and the recording of
customer purchases in a retail information system.

These 3 aforementioned roles are in my opinion the three most important. See below an image to
back up my previous statements.
Unit II
Unit II

FINANCIAL MANAGEMENT INFORMATION SYSTEMS

Computer based financial information systems support financial managers in decisions

concerning

 The financing of a business and

 The allocation and control of financial resources within a business.
It includes the following information systems

Cash Management systems

It collects information on all cash receipts disbursements within a company on a real-time or

periodic basis. Such information allows business to deposit or invest excess funds more quickly
and thus increase the income generated by deposited or invested funds.

Online investment Management Systems

Many businesses invest their excess cash in short term low risk marketable securities i.e.
Treasury bills, commercial paper or certificates of deposit or in higher return / high risk
alternatives so that investment income may be earned until the funds are required. Portfolio of
such securities can be made with the help of portfolio management software packages.

Capital Budgeting System

The Capital budgeting process involves evaluating the profitability and financial impact of
proposed capital expenditures. Long term expenditure proposals for plants and equipments can
be analyzed using a variety of techniques. This application uses spread sheet models that
incorporate present value analysis of expected inflows.

Financial Forecasting and Planning

Financial analysts use electronic spreadsheets and other financial planning software to evaluate
the present and projected financial performance of a business. They also help determine the
financing needs of a business and analyze alternative methods of financing. Electronic
spreadsheet packages, DSS software, and web based groupware can be used to build and
manipulate financial models.

ACCOUNTING INFORMATION SYSTEM

Accounting IS are the oldest and widely used system. AIS are based on Double Entry System of
book keeping. These systems records and reports business transactions events. AIS produces
financial statements such as Balance sheet and P& L a/c, also produces forecasts of future
conditions such as projected financial statements and financial budgets.
Operational Accounting system emphasizes historical accounting and produces accurate
financial statements. They also include TPS such as order processing, inventory Control, A/c’s
payable, A/Cs receivable, payroll and general ledger system.

Management accounting system focus on the planning and control of business operations. They
also focus on the cost Accounting reports, development of financial budgets and projected
financial statements.

Online Accounting System

The use of internet, intranet and extranet technologies changes normal functioning AIS. The
online Interactive Systems calls for new transaction documents, procedures for control. This
particularly applies to system like order processing, inventory control, a/c‘s payable, receivables.
These systems are directly involved in processing of transaction between suppliers customers.

IMPORTANT ACCOUNTING INFORMATION SYSTEM

1. Inventory Control

Inventory Control system process data reflecting changes in the inventory level. It records
changes in the inventory level after getting data from order processing and prepares documents
for purchasing the material. It notify the mangers about items that need re – ordering and also
provides information about the status of various items.

This system helps business to provide high quality service to customers while minimizing
investments in inventory and also carrying cost.

2. A/C’s Receivables

It keeps record or amount payable or owed by customers from data generated by customers
purchase and payments. They produce invoices to customers and monthly customer statements
and credit management reports. Computer based system stimulates prompt payment by
customers by preparing accurate and timely invoices and monthly statements to credit customers.

They provide many reports to the mangers which will help him in controlling the amount of
credit extended and collection of money. This will minimize the losses from bad debts.

3. Accounts Payable

They keep track of data relating to purchases from suppliers. They prepare checks for payment of
outstanding invoices and credit management reports. It ensures prompt and accurate payment to
suppliers to maintain good relationships and to avail cash discounts.
It also provides information to manage for analysis of payments, expenses, purchases and cash
requirements.

4. Payroll

Payroll systems receive and maintain data from employee time cards and other work records.
They produce paychecks and other documents such as earning statements, payroll reports, and
labour analysis reports. Computer based payroll systems help businesses make prompt and
accurate payments to their employees, as well as reports to management, employees, and
government agencies concerning earnings, taxes and other deductions.

5. General ledger

These systems consolidate data received from accounts receivable, accounts payable, payroll and
other accounting information systems. At the end of each accounting period, they close the books
of a business and produce the general ledger trial balance, the income statement and balance
sheet of the firms various income and expense reports for management.

MARKETING INFORMATION SYSTEMS

The business function of marketing is concerned with the planning, promotion and sale of
existing products in existing markets, and the development of new products and new markets to
better serve present and potential customer.

For example Internets/intranets Web sites and services make an interactive marketing process
possible where customers can become partners in creating, marketing purchasing and improving
products and services. Sale force automation systems use mobile computing and internet
technology to automate many information processing activities for sales support and
management. Other marketing information system assist marketing managers in product
planning pricing and other product management decisions advertising and sales promotion
strategies, and market research and forecasting.

1.Interactive Marketing

The term interactive marketing has been coined to describe a type of marketing that is based on
using the Internet, intranets, and extranets to establish two way interactions between a business
and its customers or potential customers. The goal of interactive marketing is to enable a
company to profitably use those networks to attract and keep customers who will become
partners with the business in creating purchasing and improving products and services.

Notice that the internet has become the primary distribution channel of the new online marketing
environment. Interactive marketing views prospective customers as belonging to many distinct
market segments that must be approached differently online through targeted marketing
techniques.
2. Sales Force Automation:

Using web browsers and sales management, software that connects them together with the
companies marketing websites on the Internet, extranets and their intranet. This not only
increases the productivity of the sales personnel but also dramatically speeds up the capture and
analysis of sales data from the fields to the marketing mangers at their head quarters. This in
turn, it allows marketing and sales management to improve the delivery of information and to
support their sales people.

Sales people records sales transactions in their PC’s and the calls made to customers. Then each
night, they upload the information’s to the companies’ intranet and internet.

3. Sales and Product Management:

Sales mangers must plan monitor and support the performance of the sales people in the
organization. In most firms computer based systems produce sales analysis reports that analyze
sales by product, product line, type of customer, sales person and sales territory.

Such reports help marketing mangers monitor the sales performance of products and sales people
and support them develop sales support programs to increase the sales.

Product managers need information to plan and control the performance of specific product and
brands. Computers can help in providing information regarding price, cost, revenue and growth
for existing products and new products.

Systems also provide information regarding manufacturing and distribution resources

requirement of existing product and for proposed product.

4. Advertising and Promotion:

Marketing managers now tries to maximize the sales with the minimal cost of advertisement and
promotional activities. Marketing Research information’s and promotional models helps in

 to select media and promotional methods

 to allocate financial resources
 Control and evaluate the results of various advertising and promotional campaign.
Targeted Marketing:

It is an important tool for developing advertisement and promotional strategies for companies’ e
– commerce websites.
Five Major components:

1. Community:

Companies can customize their web advertisement message to appeal to people in specific
communities. These can be communities of interest. Ex. Sports covers, travels, Art & Craft.

2. Content:

Placing advertisement banners on the various web sits in addition to the companies’ home page.
These messages reach the targeted audience. Ad for a movie on the opening page of an internet
search engine.

3. Context

Advertisement appears only in web pages which are related to the content of a product or service
so advertising is targeted only at people who are already searching for information. Ex. Tours &
Travels and Holiday resorts available.

4. Demographic / Psychographic

Marketing efforts are aimed at specific class or type of peoples like unmarried, below twenty,
middle income, college graduates.

5. Online Behavior

Advertisement and promotional efforts can be tailored to each visit to a site by an individual.
This strategy is based on web cookie files recorded on the visitors’ disk drive from previous
visits.Cookie files enable a company to track a person’s online behavior at a web site so
marketing strategies can be immediately developed and targeted to that individual at each visit to
their web site.

Market Research and Forecasting

Market Research information provide marketing intelligence to help mangers to make better
marketing forecasts and develop more effective marketing strategies. Marketing Information
System help market researches collect, analyze and maintain an enormous amount of information
on a wide variety of market variable that are subject to continual change.

The information include, on customer, prospective consumers and competitors. Data can be
collected from different sources including companies’ databases www etc. Variety of statistical
software tools can help managers analyze market research data and forecasts sales.
INFORMATION SYSTEMS FOR PRODUCTION MANAGEMENT

“process information management system,” a PIMS is a client/server application for the

acquisition, display, archiving and reporting of information from a wide variety of control, plant
and business systems. A critical component in a manufacturing enterprise’s application
architecture for creating a common repository of plant information that can be effectively
leveraged in enterprise and supply chain management applications.
Allocate Schedule Resources Productio n Complete Source Job Raw Material Quality Check
Inventory Testing SendTHE PRODUCTION PROCESS Receive Order Order
THE PRODUCTION PROCESS - MIS Goods Schedule Issue and Release Completion Convert
Confirmati Production on Proposal QualityRun MPS w/MRP Inspection Order Receive Order
Settlement

Material requirements planning (MRP) ◦ Determine when finished products are needed ◦
Determine deadlines accordingly Manufacturing resource planning (MRPII) ◦ Network
scheduling ◦ Just in time (JIT) inventory .

Improve customer service and productivity Inventory and materials delivered rightsystem
before usageMANUFACTURING MIS

HUMAN RESOURCE INFORMATION SYSTEM

HRM function involves recruitment, selection, placement, evaluation and development of

employees of the organization. The main goal of HRM is the effective and efficient use of
human resource of a company. Human Resource information system is designed to support

 Planning to meet the personnel requirement of the company.

 Development of employees to their potential
 Control of all personnel policies and programs.
Originally computers were used in business to

 produce paychecks and payroll

 record details of the employees
 Analyze the use of personnel’s in business operations.
Many firms now developed Human Resource information systems that also support

 Recruitment, selection, and placement

 Performance appraisal
 Employee benefit analysis
 Training and development
 Health, safety and security

HRM and the internet

Online HRM systems may involve recruiting employees through recruitment department of
corporate websites. They may also uses commercial recruiting services and data bases on the
www they may also post messages in selected internet news groups.

HRM and Intranet

Intranet allows HRM department to provide around the clock service to their employees. They
disseminate valuable information’s faster than previous company channels. Intranet can collect
online information’s from employees for input into their HRM files and they can enable the
employees to perform HRM tasks with little interventions of HRM department.

Ex. Employee Self Service ( ESS ) intranet applications allows employees to view their
employment and salary benefits, enter travel and expenses report, to access and update personal
information’s.

1. Staffing the organization

Staffing function must be supported by IS that track record human resources within a company
to maximize their use

1) Personal record keeping system keeps the track additions, detections and changes to
record in a personnel data base. Changes in job assignments and compensations or
terminations are updated in the data base.
2) Employee skills inventory system that uses the employee skills data from the personnel
data base in order to select suitable employees for the specific projects
3) Forecasting Personnel requirements: to assure a business with adequate supply of high
quality human resources.
i. This application provides forecasts of personnel requirements in each job
category in the departments or for new projects.
2. Training and development

Information system managers to plan and monitor the employee recruitment, training and
development programs by the success of the present programs. They also analyze the career
development status of each employee to decide whether to provide training and development
programs. Computer based multimedia training programs and job performance appraisal
programs are available to support HRM.

3. Compensation Analysis

IS helps in analyze the range and distribution of employee compensation within a company and
make comparisons with compensation paid by similar firms or with economic indications.

This information is useful for planning changes in compensation especially when negotiating
with labour unions. It helps to keep the compensations of a company to be competitive and
equitable.

4. Governmental Reporting

Nowadays, reporting to government agencies is a major responsibility of human resource

management. So organizations use computer based information systems to keep track of the
statistics and produce reports required by a variety of government laws and regulations.
BUSINESS PROCESS OUTSOURCING

INFORMATION MANAGEMENT COST REDUCTION STRATEGIES

The three strategies adopted are

1) Consolidation
2) Downsizing
3) Outsourcing
I. Consolidation

Reduce the number of separate locations where information sources are located to operate more
efficiently than many smaller ones.

II Downsizing

Transfer of firms computer-based applications from large equipment configurations such as

mainframes to midrange computers like mainframes. PC based LANS and UNIX-based work
stations (smaller platforms). Smaller platforms remain in IS; in other cases they are located in
user areas to make it less costly and yet powerful smaller systems. This is called smart sizing.
There are many advantages and risks in downsizing.

III Information outsourcing

A cross cutting measure to have better impact than downsizing is outsourcing. It is the
contracting to outside organizations, a portion of firm’s computer operations. An outsourcer is a
computer services firm that performs part of all of a customer’s computing for a long period of
time(say 5 or 10 years) as specified by written contract

The practice of contracting computer centre operations telecommunication networks or

applications development to external vendors is known as outsourcing.

Business process outsourcing is outsourcing of business processes. Business process is a

collection of business activities which creates an output of value to the customer and often
transcends departmental or functional boundaries.

Advantages of outsourcing

 To reduces costs
 Offer other advantages as well
 Firm can predict future costs accurately after entering into a contract with the outsourcer
 If existing system is outsourced, management cab concentrate on the development of new
strategic systems
 Provides a way for firms to acquire access to leading edge technology and know-how
otherwise not able to afford
Disadvantages of outsourcing

 CIOs base start to give approval to long term contracts because of long term
commitments to outside organizations.
 Find difficulty in rebuilding it quickly, if need arises within
 If firms have developed leading edge computing capabilities to have competitive
advantage, they hesitate to give them inside)
Outsourced ARE services

These are:

 Application development and software maintenance

 Hardware purchasing and hardware maintenance
 Telecommunications installation and maintenance
 Help-desk services
 Web site design and maintenance
 Staff training

Risks of outsourcing

 Loss of control
 Loss of experienced employees
 Risk of losing a competitive advantage
 High price
Renting software’s (as examples)

 NET of Microsoft
 MCA fee antivirus software
UNIT III

Decision Support Systems

WRITE A COMMENT

Broadly speaking, decision support systems are a set of manual or computer-based tools that
assist in some decision-making activity. In today's business environment, however, decision
support systems (DSS) are commonly understood to be computerized management information
systems designed to help business owners, executives, and managers resolve complicated
business problems and/or questions. Good decision support systems can help business people
perform a wide variety of functions, including cash flow analysis, concept ranking, multistage
forecasting, product performance improvement, and resource allocation analysis. Previously
regarded as primarily a tool for big companies, DSS has in recent years come to be recognized as
a potentially valuable tool for small business enterprises as well.

Attributes of a DSS

 Adaptability and flexibility

 High level of Interactivity
 Ease of use
 Efficiency and effectiveness
 Complete control by decision-makers
 Ease of development
 Extendibility
 Support for modeling and analysis
 Support for data access
 Standalone, integrated, and Web-based

Characteristics of a DSS

 Support for decision-makers in semi-structured and unstructured problems.

 Support for managers at various managerial levels, ranging from top executive to line
managers.
 Support for individuals and groups. Less structured problems often requires the
involvement of several individuals from different departments and organization level.
 Support for interdependent or sequential decisions.
 Support for intelligence, design, choice, and implementation.
 Support for variety of decision processes and styles.
 DSSs are adaptive over time.

Benefits of DSS

 Improves efficiency and speed of decision-making activities.

 Increases the control, competitiveness and capability of futuristic decision-making of the
organization.
  Facilitates interpersonal communication.
 Encourages learning or training.
 Since it is mostly used in non-programmed decisions, it reveals new approaches and sets
up new evidences for an unusual decision.
 Helps automate managerial processes.

Components of a DSS

Following are the components of the Decision Support System:

 Database Management System (DBMS): To solve a problem the necessary data may
come from internal or external database. In an organization, internal data are generated
by a system such as TPS and MIS. External data come from a variety of sources such as
newspapers, online data services, databases (financial, marketing, human resources).
 Model Management System: It stores and accesses models that managers use to make
decisions. Such models are used for designing manufacturing facility, analyzing the
financial health of an organization, forecasting demand of a product or service, etc.

Support Tools: Support tools like online help; pulls down menus, user interfaces,
graphical analysis, error correction mechanism, facilitates the user interactions with the
system.

Classification of DSS

There are several ways to classify DSS. Hoi Apple and Whinstone classifies DSS as follows:

 Text Oriented DSS: It contains textually represented information that could have a
bearing on decision. It allows documents to be electronically created, revised and viewed
as needed.
 Database Oriented DSS: Database plays a major role here; it contains organized and
highly structured data.
 Spreadsheet Oriented DSS: It contains information in spread sheets that allows create,
view, modify procedural knowledge and also instructs the system to execute self-
contained instructions. The most popular tool is Excel and Lotus 1-2-3.
 Solver Oriented DSS: It is based on a solver, which is an algorithm or procedure written
for performing certain calculations and particular program type.
 Rules Oriented DSS: It follows certain procedures adopted as rules.
 Rules Oriented DSS: Procedures are adopted in rules oriented DSS. Export system is the
example.
 Compound DSS: It is built by using two or more of the five structures explained above.

Types of DSS

Following are some typical DSSs:

  Status Inquiry System: It helps in taking operational, management level, or middle level
management decisions, for example daily schedules of jobs to machines or machines to
operators.
 Data Analysis System: It needs comparative analysis and makes use of formula or an
algorithm, for example cash flow analysis, inventory analysis etc.
 Information Analysis System: In this system data is analyzed and the information report
is generated. For example, sales analysis, accounts receivable systems, market analysis
etc.
 Accounting System: It keeps track of accounting and finance related information, for
example, final account, accounts receivables, accounts payables, etc. that keep track of
the major aspects of the business.
 Model Based System: Simulation models or optimization models used for decision-
making are used infrequently and creates general guidelines for operation or
management.

Structured, semi structured and unstructured data

Three concepts come with big data : structured, semi structured and unstructured data.

Structured Data

For geeks and developpers (not the same things ^^) Structured data is very banal. It concerns all
data which can be stored in database SQL in table with rows and columns. They have relationnal
key and can be easily mapped into pre-designed fields. Today, those datas are the most
processed in development and the simpliest way to manage informations.

But structured datas represent only 5 to 10% of all informatics datas. So let’s introduce semi
structured data.

Semi structured data

Semi-structured data is information that doesn’t reside in a relational database but that does have
some organizational properties that make it easier to analyze. With some process you can store
them in relation database (it could be very hard for somme kind of semi structured data), but the
semi structure exist to ease space, clarity or compute…

Examples of semi-structured : CSV but XML and JSON documents are semi structured
documents, NoSQL databases are considered as semi structured.

But as Structured data, semi structured data represents a few parts of data (5 to 10%) so the last
data type is the strong one : unstructured data.

Three concepts come with big data : structured, semi structured and unstructured data.
Structured Data

For geeks and developpers (not the same things ^^) Structured data is very banal. It concerns all
data which can be stored in database SQL in table with rows and columns. They have relationnal
key and can be easily mapped into pre-designed fields. Today, those datas are the most
processed in development and the simpliest way to manage informations.

But structured datas represent only 5 to 10% of all informatics datas. So let’s introduce semi
structured data.

Semi structured data

Semi-structured data is information that doesn’t reside in a relational database but that does have
some organizational properties that make it easier to analyze. With some process you can store
them in relation database (it could be very hard for somme kind of semi structured data), but the
semi structure exist to ease space, clarity or compute…

Examples of semi-structured : CSV but XML and JSON documents are semi structured
documents, NoSQL databases are considered as semi structured.

But as Structured data, semi structured data represents a few parts of data (5 to 10%) so the last
data type is the strong one : unstructured data.

Unstructured data

Unstructured data represent around 80% of data. It often include text and multimedia content.
Examples include e-mail messages, word processing documents, videos, photos, audio files,
presentations, webpages and many other kinds of business documents. Note that while these
sorts of files may have an internal structure, they are still considered « unstructured » because the
data they contain doesn’t fit neatly in a database.

Unstructured data is everywhere. In fact, most individuals and organizations conduct their lives
around unstructured data. Just as with structured data, unstructured data is either machine
generated or human generated.

Here are some examples of machine-generated unstructured data:

 Satellite images: This includes weather data or the data that the government captures in
its satellite surveillance imagery. Just think about Google Earth, and you get the picture.
 Scientific data: This includes seismic imagery, atmospheric data, and high energy
physics.
 Photographs and video: This includes security, surveillance, and traffic video.
 Radar or sonar data: This includes vehicular, meteorological, and oceanographic
seismic profiles.
The following list shows a few examples of human-generated unstructured data:

 Text internal to your company: Think of all the text within documents, logs, survey
results, and e-mails. Enterprise information actually represents a large percent of the text
information in the world today.
 Social media data: This data is generated from the social media platforms such as
YouTube, Facebook, Twitter, LinkedIn, and Flickr.
 Mobile data: This includes data such as text messages and location information.
 website content: This comes from any site delivering unstructured content, like
YouTube, Flickr, or Instagram.

Nature of DSS :

Decision Support System is an interactive analytical modeling process, where users are
exploring possible alternatives and not demanding pre-specified information. They are using the
decision support system to find the information they need to help them make a decision. There
are several basic types of analytical modeling activities, such as:
  What-If Analysis
 Sensitivity Analysis
 Goal-Seeking Analysis
 Optimization Analysis
 Knowledge Discovery & Analysis

In what-If analysis, a decision maker: (i) makes changes to variables or relationships among
variables, and (ii) observes the resulting changes in the variables of other variables.

The common strategy for the application of the what-if analysis in businesses is to make changes
to the input variables and to observe the resulting changes in the output parameters of the
financial model of a business (or project).

Example:

Examples:

Change the price (a variable) or the variable costs per products (another variable) and recalculate
all affected variables in a simple financial spreadsheet model.

Change the net profit after taxes (a variable) or a tax rate formula (a relationship among
variables), recalculate all affected variables, and observe the change of the input parameters
(price, variable costs, and quantities) per products.

Sensitivity analysis is a case of what-if analysis that involves repeated changes to only one
variable at a time. Typically, decision makers are making repeated small changes to a variable
and are observing and evaluating the effects on others variables from their financial model. This
process is helping managers to understand the impact of various changes of the selected variable
on other factors involved in decisions being considered (e.g. determining at what point the
interest rate on a loan makes the project no longer feasible).

In goal-seeking analysis (how-can analysis), the decision maker sets a target value (goal) for a
variable and then repeatedly changes other variables until the target value is achieved. This form
of analytical modeling would help answer the question 'How we can achieve in net profit after
taxes' by repeatedly change of the values of prices and/or variable costs and/or quantities sold
and/or fixed costs in a financial model until the targeted result is achieved.

Optimization analysis is a more complex extension of goal-seeking analysis. The goal here is to
find the optimum value for one or more target variables, given certain constrain. To make this
possible, one or several other variables are changed repeatedly, subject to the specified
constraints, until the decision maker discovers the best values for the target variables.

Example:

 determine the highest possible level of profits that can be achieved.

  by varying the values for selected revenue sources and expense categories (such as price
per product, quality per product, variable costs per product).
 change such variables by subject of constrains, such as the limited capacity of a
production process or limits to available financing.

Knowledge Discovery & Analysis is also known as a data mining process for analysis of the
vast stories of historical business data that have been organized in corporate data warehouses
with the goal: (i) to discover patterns, trends, and correlations hidden in the data and (ii) to help
the company improve its business performance.

Data mining software may perform regression, decision tree, neural network, cluster detection,
market basket analysis for a business.

The main purpose of the market basket analysis is: (i) to determine which products customers
purchase together with other products, and then (ii) to market and sell the products together, or
(iii) to make the purchasers of one product target prospects for another, with the goal (iv) to
increase the effectiveness of a given marketing effort regardless of the form of marketing (in-
store displays, layout design, direct offers to customers).

Companies are building Knowledge Management Systems (KMS) or enterprise knowledge

portals

1. with the goal to help knowledge workers create, organize, and make available important
business knowledge, wherever and whenever it’s needed;
2. this information includes processes, procedures, patents, reference works, formulas, best
practices, forecasts, and fixes;
3. some of the key technologies commonly used by KMS are internet, intranet web sites,
groupware, data mining, knowledge bases, and online discussion groups;
4. KMS’s also facilitate organizational learning and knowledge creation: the knowledge-
creating company works to integrate its knowledge into its business processes, products,
and services.

What is Artificial Intelligence?

According to the father of Artificial Intelligence, John McCarthy, it is “The science and
engineering of making intelligent machines, especially intelligent computer programs”.

Artificial Intelligence is a way of making a computer, a computer-controlled robot, or a

software think intelligently, in the similar manner the intelligent humans think.

AI is accomplished by studying how human brain thinks, and how humans learn, decide, and
work while trying to solve a problem, and then using the outcomes of this study as a basis of
developing intelligent software and systems.
Philosophy of AI

While exploiting the power of the computer systems, the curiosity of human, lead him to wonder,
“Can a machine think and behave like humans do?”

Thus, the development of AI started with the intention of creating similar intelligence in
machines that we find and regard high in humans.

Goals of AI

 To Create Expert Systems − The systems which exhibit intelligent behavior, learn,
demonstrate, explain, and advice its users.
 To Implement Human Intelligence in Machines − Creating systems that understand,
think, learn, and behave like humans.

What Contributes to AI?

Artificial intelligence is a science and technology based on disciplines such as Computer

Science, Biology, Psychology, Linguistics, Mathematics, and Engineering. A major thrust of AI
is in the development of computer functions associated with human intelligence, such as
reasoning, learning, and problem solving.

Out of the following areas, one or multiple areas can contribute to build an intelligent system.

NEURAL NETWORKS

Neural Networks (also referred to as connectionist systems) are a computational approach which
is based on a large collection of neural units loosely modeling the way the brain solves problems
with large clusters of biological neurons connected by axons. Each neural unit is connected with
many others, and links can be enforcing or inhibitory in their effect on the activation state of
connected neural units. Each individual neural unit may have a summation function which
combines the values of all its inputs together. There may be a threshold function or limiting
function on each connection and on the unit itself such that it must surpass it before it can
propagate to other neurons. These systems are self-learning and trained rather than explicitly
programmed and excel in areas where the solution or feature detection is difficult to express in a
traditional computer program.
Network function

The word network in the term 'artificial neural network' refers to the interconnections between
the neurons in the different layers of each system. An example system has three layers. The first
layer has input neurons which send data via synapses to the second layer of neurons, and then via
more synapses to the third layer of output neurons. More complex systems will have more layers
of neurons, some having increased layers of input neurons and output neurons. The synapses
store parameters called "weights" that manipulate the data in the calculations.

An ANN is typically defined by three types of parameters:

1. The interconnection pattern between the different layers of neurons

2. The learning process for updating the weights of the interconnections
3. The activation function that converts a neuron's weighted input to its output activation.

Fuzzy logic

Fuzzy logic is a form of many-valued logic in which the truth values of variables may be any
real number between 0 and 1, considered to be "fuzzy". By contrast, in Boolean logic, the truth
values of variables may only be the "crisp" values 0 or 1. Fuzzy logic has been employed to
handle the concept of partial truth, where the truth value may range between completely true and
completely false. Furthermore, when linguistic variables are used, these degrees may be
managed by specific (membership) functions.

The term fuzzy logic was introduced with the 1965 proposal of fuzzy set theory by Lotfi Zadeh
Fuzzy logic had however been studied since the 1920s, as infinite-valued logic—notably by
Łukasiewicz and Tarski.
The Fuzzy Logic Process

Fuzzify all input values into fuzzy membership functions.

Execute all applicable rules in the rulebase to compute the fuzzy output functions.

De-fuzzify the fuzzy output functions to get "crisp" output values

Genetic Algorithms

Genetic Algorithms were invented to mimic some of the processes observed in natural evolution.
Many people, biologists included, are astonished that life at the level of complexity that we
observe could have evolved in the relatively short time suggested by the fossil record. The idea
with GA is to use this power of evolution to solve optimization problems. The father of the
original Genetic Algorithm was John Holland who invented it in the early 1970's.

GAs simulate the survival of the fittest among individuals over consecutive generation for
solving a problem. Each generation consists of a population of character strings that are
analogous to the chromosome that we see in our DNA. Each individual represents a point in a
search space and a possible solution. The individuals in the population are then made to go
through a process of evolution.

GAs are based on an analogy with the genetic structure and behaviour of chromosomes within a
population of individuals using the following foundations:

 Individuals in a population compete for resources and mates.

 Those individuals most successful in each 'competition' will produce more offspring than
those individuals that perform poorly.
 Genes from `good' individuals propagate throughout the population so that two good
parents will sometimes produce offspring that are better than either parent.
 Thus each successive generation will become more suited to their environment.

Implementation Details

Based on Natural Selection

After an initial population is randomly generated, the algorithm evolves the through three
operators:

1. selection which equates to survival of the fittest;

2. crossover which represents mating between individuals;
3. mutation which introduces random modifications.
1. Selection Operator

 key idea: give prefrence to better individuals, allowing them to pass on their genes to the
next generation.
 The goodness of each individual depends on its fitness.
 Fitness may be determined by an objective function or by a subjective judgement.

2. Crossover Operator

 Prime distinguished factor of GA from other optimization techniques

 Two individuals are chosen from the population using the selection operator
 A crossover site along the bit strings is randomly chosen
 The values of the two strings are exchanged up to this point
 If S1=000000 and s2=111111 and the crossover point is 2 then S1'=110000 and
s2'=001111
 The two new offspring created from this mating are put into the next generation of the
population
 By recombining portions of good individuals, this process is likely to create even better
individuals

Effects of Genetic Operators

 Using selection alone will tend to fill the population with copies of the best individual
from the population
 Using selection and crossover operators will tend to cause the algorithms to converge on
a good but sub-optimal solution
 Using mutation alone induces a random walk through the search space.
 Using selection and mutation creates a parrallel, noise-tolerant, hill climbing algorithm

The Algorithms

1. randomly initialize population(t)

2. determine fitness of population(t)
3. repeat
1. select parents from population(t)
2. perform crossover on parents creating population(t+1)
3. perform mutation of population(t+1)
4. determine fitness of population(t+1)
4. until best individual is good enough
What is Genetic Algorithms?

Genetic Algorithms (GAs) are adaptive heuristic search algorithm based on the evolutionary
ideas of natural selection and genetics. As such they represent an intelligent exploitation of a
random search used to solve optimization problems. Although randomised, GAs are by no means
random, instead they exploit historical information to direct the search into the region of better
performance within the search space. The basic techniques of the GAs are designed to simulate
processes in natural systems necessary for evolution, specially those follow the principles first
laid down by Charles Darwin of "survival of the fittest.". Since in nature, competition among
individuals for scanty resources results in the fittest individuals dominating over the weaker
ones.

Application of expert systems

Expert systems are designed and created to facilitate tasks in the fields of accounting, medicine,
process control, financial service, production, human resources etc. Indeed, the foundation of a
successful expert system depends on a series of technical procedures and development that may
be designed by certain technicians and related experts. A good example of application of expert
systems in banking area is expert systems for mortgages. Loan departments are interested in
expert systems for mortgages because of the growing cost of labour which makes the handling
and acceptance of relatively small loans less profitable. They also see in the application of expert
systems a possibility for standardised, efficient handling of mortgage loan, and appreciate that
for the acceptance of mortgages there are hard and fast rules which do not always exist with
other types of loans. While expert systems have distinguished themselves in AI research in
finding practical application, their application has been limited. Expert systems are notoriously
narrow in their domain of knowledge—as an amusing example, a researcher used the "skin
disease" expert system to diagnose his rustbucket car as likely to have developed measles—and
the systems were thus prone to making errors that humans would easily spot. Additionally, once
some of the mystique had worn off, most programmers realized that simple expert systems were
essentially just slightly more elaborate versions of the decision logic they had already been
using. Therefore, some of the techniques of expert systems can now be found in most complex
programs without any fuss about them. An example, and a good demonstration of the limitations
of, an expert system used by many people is the Microsoft Windows operating system
troubleshootingtaskbar menu. Obtaining expert / technical operating system support is often
difficult for individuals not closely involved with the development of the operating system.
Microsoft has designed their expert system to provide solutions, advice, and suggestions to
common errors encountered throughout using the operating systems. software located in the
"help" section in the Another 1970s and 1980s application of expert systems — which we today
would simply call AI — was in computer games. For example, the computer baseballEarl
Weaver Baseball and Tony La Russa Baseball each had highly detailed simulations of the game
strategies of those two baseball managers. When a human played the game against the computer,
the computer queried the Earl Weaver or Tony La Russa Expert System for a decision on what
strategy to follow. Even those choices where some randomness was part of the natural system
(such as when to throw a surprise pitch-out to try to trick a runner trying to steal a base) were
decided based on probabilities supplied by Weaver or La Russa. Today we would simply say that
"the game's AI provided the opposing manager's strategy." Games.

Advantages and disadvantages

Advantages:

 Provides consistent answers for repetitive decisions, processes and tasks

 Holds and maintains significant levels of information
 Encourages organizations to clarify the logic of their decision-making
 Never "forgets" to ask a question, as a human might

Disadvantages:

 Lacks common sense needed in some decision making

 Cannot make creative responses as human expert would in unusual circumstances
 Domain experts not always able to explain their logic and reasoning
 Errors may occur in the knowledge base, and lead to wrong decisions
 Cannot adapt to changing environments, unless knowledge base is changed
Unit IV:

Information resource management in Technology

Information Technology as an integrating factor in the organisation, that is, the various
organisational positions that manage information are coordinated and work together toward
common ends. Further, IRM looks for ways in which the management of information and the
management of Information Technology are interrelated, and fosters that interrelationship and
organisational integration.
IRM includes the management of (1) the broad range of information resources, e.g., printed
materials, electronic information, and microforms, (2) the various technologies and equipment
that manipulate these resources, and (3) the people who generate, organise, and disseminate
those resources.

Architectural management

Architectural management falls into two distinct parts, office management and project
management (Brunton et al., 1964; Emmitt, 1999a & 1999b). Office management provides an
overall framework within which individual projects are commissioned, designed and completed.
Both parts have the same objectives but are typically addressed by separate management
systems. Office management involves the allocation and financing of resources, principally
premises, trained staff and computer systems, and on establishing and charging appropriate fees
for the services rendered. Project management focuses on timescales, developing a design from
initial concept to working drawings, and managing the construction process (see for example
Emmitt, 2014).

Manufacturing plants, warehouses and other worksites needed by the firm on the other hand
there is an increasing trend to word down sized and distributed network that allow top
management to delegate more decision making to middle managers management can also
decentralize operations by increasing the number of branch offices while still having access to
the information and communication capabilities they need to control the overall direction of the
organization.

The philosophy of top management the culture of the organization the need to reengineer its
operations and its use of aggressive or conservative competitive strategic all play major roles
with information technology in shopping the firms organizational structure and information
system architecture.

Reasons for centralized control:

1) Staff professionalism
A large development at and operational support staff provides challenging work creates
an environment of shared expertise and learning and provides alternative career paths.
 2) Corporate database control
The philosophy behind development a corporate data base is centralizing control over
data accessibility integrity and security.

3) Technical competence and research:

A central unit can specialize and thus develop sufficient expertise to evaluate
technologies it can also functional as a research unit for high-risk leading edge pilot
projects that an individual user would not be able to undertake in a highly complex
technical environment systems professionals with highly specialized skills are required
such specialists could but be supported economically in a decentralized organizational
unit.

4) Comparative cost advantages:

When extra communications costs required with decentralization are included the net
comparative cost advantage of centralized facilities may be relatively small. Each system
must be evaluated to determine whether or not there is a cost advantage.

Reasons for decentralized control:

1) Availability of low cost technology:

Personal computer intelligent work stations and terminals plus software for end-user
computing per unit much application to be user developed that previously required
centralized development and permit many tasks to be user operated and used controlled
that previously required centralized operation.

2) Banking of development work:

The shortage of qualified information system professionals combined with increasing
used demand for new major applications has created a three to five year backlog of new
development in many organizations

3) User control over operations:

Having direct control over their own information system operations is very attractive to
users, particularly if information systems play a measurable role in their performance.

4) Organizational behavior:
1. Psychological value of unused information knowing it is there if needed or “Just
in case” seems to have a positive value
2. Information is often gathered and communication to peruse analysis. This
function is most easily performed by information systems under local control
3. Information use is a symbol of communication to rational choice local control of
information resources thus represents local competence.
LIMITATIONS OF MIS

Following are the main limitations of MIS:

 The quality of output of MIS is directly proportional to the quality of input and process.
 MIS takes only quantitative factors into account.
 MIS is less useful for making non-programmed decisions
 MIS is less effective in organizations where information is not being shared with others.
 MIS is less effective due to frequent changes in top management, organizational structure
and operational staff.

Electronic Data Interchange (EDI) is an electronic communication method that provides

standards for exchanging data via any electronic means. By adhering to the same standard, two
different companies or organizations, even in two different countries, can electronically
exchange documents (such as purchase orders, invoices, shipping notices, and many others).

What is EDI? Electronic Data Interchange (EDI) is the computer-to-computer exchange of

business documents in a standard electronic format between business partners.

omputer-to-computer– EDI replaces postal mail, fax and email. While email is also an
electronic approach, the documents exchanged via email must still be handled by people rather
than computers. Having people involved slows down the processing of the documents and also
introduces errors. Instead, EDI documents can flow straight through to the appropriate
application on the receiver’s computer (e.g., the Order Management System) and processing can
begin immediately. A typical manual process looks like this, with lots of paper and people
involvement:
The EDI process looks like this — no paper, no people involved:

Supply chain management

Supply chain management (SCM) is the oversight of materials, information, and finances as they
move in a process from supplier to manufacturer to wholesaler to retailer to consumer. Supply
chain management involves coordinating and integrating these flows both within and among
companies. It is said that the ultimate goal of any effective supply chain management system is
to reduce inventory (with the assumption that products are available when needed). As a solution
for successful supply chain management, sophisticated software systems with Web interfaces are
competing with Web-based application service providers (ASP) who promise to provide part or
all of the SCM service for companies who rent their service.

Supply chain management flows can be divided into three main flows:

 The product flow

 The information flow
 The finances flow

The product flow includes the movement of goods from a supplier to a customer, as well as any
customer returns or service needs. The information flow involves transmitting orders and
updating the status of delivery. The financial flow consists of credit terms, payment schedules,
and consignment and title ownership arrangements

Global technology management :

Globalization is the perception of the world as one big market place. The notion of the
boundariless world is expected to produce dramatic changes in key markets, major competitors,
and Information Technology products. As a result, organizations are encouraged to rise above
the national boundaries and change their orientation to global corporations. Further, the increased
spending in Global Information Technology, which is anticipated to grow several folds within
the next five years, is adding fuel to this shift. Events such as economic integration of Europe,
merging of the companies across national borders, stock exchanges, outsourcing of Information
Technology services to the third world countries, and the use of World Wide Web are forcing
companies to re-evaluate their Global Information Technology management and to develop
Global Information Strategy so as to get the most out of their business in the world economy.
As the scope of Global Information Technology spans the global market, it is going to present
mangers with a host of thorny issues. This paper suggests the key issues to be used as a guide for
the Global Information Technology Managers to be successful in this fast changing technology
oriented market, and also recommends Global Managers Evaluation Wheel which can be used
for the appraisal of managers, subordinates, peer managers, on-site supervisors and clients
working in the global Information Technologyenvironment.
The popular as well as the academic literature predicts a revolution in management thinking and
practice as more and more industries are transformed into global enterprises (Tranctinsky, 1995).

A global company should have the following features:

Treats the world as a single market.
 More products sold outside the home country than within the home country.
 Worldwide sourcing of customers, employees, suppliers and technology--sourcing with a
total disregard for national boundaries Duggal 399
Glocalized, not centralized, decision making (glocal is a coined word derived from global and
local)
 Research and development is implemented regardless of boundaries
 Non-national executives on the top-management fast track
 Shareholders are spread through-out the world
 Non-national directors on the company's board
 Traded on a non-national stock exchange.

Key Issues for Global IS Management by Category

Language
• Appropriate language is difficult to identify
• Transition is complex and time-consuming
• Differing formats for different languages
Cultural and Geography
• Varying prejudices and cultural mores
• Behavioral differences
• Differing symbolic formats
• New geographic and behavioral concerns for security and disaster planning
Legal Regulations and Enforcement
• Differing forms of protectionism
• Employee hiring, firing, compensation, and monitoring practices
• Intellectual property laws
• Accounting, taxation, customs, contracts, fraud, and bribery laws
Systems Development and Support
• Differing national standards
• Availability, training, and compensation of employees
• Different technical and business terminology
• Hours and availability of support
Level of Technology
• Varying levels of technology knowledge and awareness

Unit V
• The use of IT presents major security challenges, poses serious ethical questions, and
affects society in significant ways.
• IT raises ethical issues in the areas of..
– Crime
 – Privacy
– Individuality
– Employment
– Health
– Working conditions
• But, IT has had beneficial results as well.
• So as managers, it is our responsibility to minimize the detrimental effects and optimize
the beneficial effects.
• Business Ethics
– Basic categories of ethical issues
• Employee privacy
• Security of company records
• Workplace safety

IT General Controls

ITGC represent the foundation of the IT control structure. They help ensure the reliability of data
generated by IT systems and support the assertion that systems operate as intended and that
output is reliable. ITGC usually include the following types of controls:

 Control environment, or those controls designed to shape the corporate culture or

"tone at the top."
 Change management procedures - controls designed to ensure the changes meet
business requirements and are authorized.
 Source code/document version control procedures - controls designed to protect
the integrity of program code
 Software development life cycle standards - controls designed to ensure IT
projects are effectively managed.
 Logical access policies, standards and processes - controls designed to manage
access based on business need.
 Incident management policies and procedures - controls designed to address
operational processing errors.
 Problem management policies and procedures - controls designed to identify and
address the root cause of incidents.
 Technical support policies and procedures - policies to help users perform more
efficiently and report problems.
 Hardware/software configuration, installation, testing, management standards,
policies and procedures.
 Disaster recovery/backup and recovery procedures, to enable continued
processing despite adverse conditions.
 Physical security - controls to ensure the physical security of information
technology from individuals and from environmental risks.
 IT application controls

IT application or program controls are fully automated (i.e., performed automatically by the
systems) designed to ensure the complete and accurate processing of data, from input through
output. These controls vary based on the business purpose of the specific application. These
controls may also help ensure the privacy and security of data transmitted between applications.
Categories of IT application controls may include:

 Completeness checks - controls that ensure all records were processed from initiation to
completion.
 Validity checks - controls that ensure only valid data is input or processed.
 Identification - controls that ensure all users are uniquely and irrefutably identified.
 Authentication - controls that provide an authentication mechanism in the application
system.
 Authorization - controls that ensure only approved business users have access to the
application system.
 Input controls - controls that ensure data integrity fed from upstream sources into the
application system.
 Forensic controls - control that ensure data is scientifically correct and mathematically
correct based on inputs and outputs

facility control and procedural control

A facility information model is an information model of an individual facility that is integrated

with data and documents about the facility. The facility can be any large facility that is designed,
fabricated, constructed and installed, operated, maintained and modified; for example, a
complete infrastructural network, a process plant, a building, a highway, a ship or an airplane.

Procedural controls

Procedural controls establish a framework for validating and maintaining the computer system
and for ensuring that users understand how to use the system. Procedural controls usually take
the form of standard operating procedures (SOPs) and user manuals.

Common SOP Topics:

 SOP Development and Maintenance

 Organization, Personnel, and Training
 Records Management
 Computer System Development and Maintenance
 Computer System Verification and Validation
 Change Control
 Data Center Security
 User Account Management
 Software Installation
 Back-up and Recovery
 Operational Use SOPs (as determined)
The number, format, and organization of your procedures and manuals is up to you, but the
information contained in them must address the validation concepts found in FDA regulations
and guidance documents, taking into consideration the type of system you are creating and
maintaining. Here are some tips to minimize up-keep:

 Keep the scope focused and relevant to the audience and the work being performed.
 Be as simple and brief as possible.
 Promote clarity in objectives, responsibilities, and tasks.
 Be detailed just enough that people know what to do and how to do it, but not so much
that you box people in.
 Stick with a single format, use dates for versions, provide a document history, and require
signature approval from designated reviewers.

ey Concepts for Procedural Controls

Vendor/Supplier management

Any computer equipment, instrumentation, and software that you buy needs to come from a
reputable vendor and needs to be documented and tested for the environment in which it will be
used.

System Lifecycle

A System Lifecycle is a defined set of expectations, activities, and deliverables promotes a

controlled, well-thought-out system through the life of the research project and reduces the risk
of errors. How you go about building, assembling, and maintaining your system is an important
part of validation. Activities to incorporate in your lifecycle are:

 Identifying and involving knowledgeable, qualified stakeholders to define, test, and

document the system
 Assessing and addressing risks to the computer system
 Grouping and prioritizing tasks and completing them in a controlled and orderly manner
 Describing requirements for the system and maintaining traceability from that starting
point through to implementation
 Verifying individual parts, and the system as a whole, using a combination of reviews,
testing, and audits
 Tracking, evaluating, prioritizing, and fixing defects
 Identification and control of system components and associated documentation
 Using change control to manage changes to system components and associated
documentation
 Creating and maintaining documentation of the computer system and development and
maintenance activities through the life of the system
Unit V

SECURITY AND ETHICAL CHALLENGES

Ethical and Societal Dimensions. The vital role of information technologies and systems in
society raises serious ethical and societal issues in terms of their impact on employment,
individuality, working conditions, privacy, health, and computer crime, as illustrated in Figure
13.2. Employment issues include the loss of jobs—a result of computerization and automation of
work—versus the jobs created to supply and support new information technologies and the
business applications they make possible. The impact on working conditions involves the issues
of computer monitoring of employees and the quality of the working conditions of the jobs that
use information technologies heavily. The effect of IT on individuality addresses the issues of
the depersonalization, regimentation, and inflexibility of some computerized business systems.
Employees’ heavy use of computer workstations for long periods raises issues about and may
cause work related health disorders. The use of IT to access or collect private information
without authorization, as well as for computer profiling, computer matching, computer
monitoring, and computer libel and censorship, raises serious privacy issues. Computer crime
issues surround activities such as hacking, computer viruses and worms, cyber theft,
unauthorized use at work, software piracy, and piracy of intellectual property. Managers,
business professionals, and IS specialists can help solve the problems of improper use of IT by
assuming their ethical responsibilities for the ergonomic design, beneficial use, and enlightened
management of information technologies in our society.

Ethical Responsibility in Business. Business and IT activities involve many ethical

considerations. Basic principles of technology and business ethics can serve as guidelines for
business professionals when dealing with ethical business issues that may arise in the widespread
use of information technology in business and society. Examples include theories of corporate
social responsibility, which outline the ethical responsibility of management and employees to a
company’s stockholders, stakeholders, and society, and the four principles of technology ethics
summarized in Figure 13.4.

Security Management. One of the most important responsibilities of the management of a

company is to ensure the security and quality of its IT-enabled business activities. Security
management tools and policies can ensure the accuracy, integrity, and safety of the information
systems and resources of a company and thus minimize errors, fraud, and security losses in its
business activities. Examples mentioned in the chapter include the use of encryption of
confidential business data, firewalls, e-mail monitoring, antivirus software, security codes,
backup files, security monitors, biometric security measures, computer failure controls, fault-
tolerant systems, disaster recovery measures, information system controls, and security audits of
business systems.

Security and Ethical Challenges of IT Definition

The security and ethical challenges of IT refer to the difficulties that organisations face in
managing increasingly complex information and communication technologies. The term
embraces the management of systems, policies and procedures designed to protect organisations,
their employees, customers and other stakeholders from malicious external threats, and from
internal acts of noncompliance with IT policies. The concept has important implications for
growing IT areas such as Big Data, social media, and Bring Your Own Device (BYOD) (Dutta &
McCrohan, 2002; Simonite, 2015; Soares, 2015).

NATURE OF THE PROBLEM

Control is the process through which manager assures that actual activities are according to
standards leading to achieving of common goals. The control process consists of measurement of
progress, achieving of common goals and detects the deviations if any in time and takes
corrective action before things go beyond control. Information systems operate in real world
situations which are always changing and there are lots of problems. Information systems are
vulnerable to various threats and abuses. Some of the points are memory, communications links,
microwave signal, telephone lines etc.

Security Control

The resources of information systems like hardware, software, and data, need to be protected
preferably by build in control to assure their quality and security.

Types of Security Control:

 Administrative control
 Information systems control
 Procedural control
  Physical facility control

Administrative Control

Systems analysts are actually responsible for designing and implementing but these people need
the help of the top management in executing the control measure. Top executives provide
leadership in setting the control policy. Without their full support, the control system cannot
achieve its goal.

Information System Control

Information system control assures the accuracy, validity and proprietary of information system
activities. Control must be there to ensure proper data entry processing techniques, storage
methods and information output. Accordingly management information system control are
designed to see or monitor and maintain quality, security of the input process, output and storage
activities of an information system.

Input Control

As we know whatever we give to computer the computer processes that and returns the result to
us. Because of this very fact, there is a need to control the data entry process. The types of input
control are:

 Transaction Codes: Before any transaction can be input into the system, a specific code
should be assigned to it. This aids in its authorization.
 Forms: a source document or screen forms should be used to input data and such forms
must adhere to certain rules.
 Verification: Source document prepared by one clerk can be verified by another clerk to
improve accuracy.
 Control–totals: Data entry and other system activities are frequently monitored by the use
of control-total. For example, record count is a control-total that consist of counting the
total number of source documents or other input records and compare them at other stage
of data entry. If totals do not match, then a mistake is indicated.
 Check digit: These are used for checking important codes such as customer number to
verify the correctness.
 Labels: It contains data such as file name, and date of creation so that a check can be
made that correct file is used for processing.
 Character and field checking: Characters are checked for proper mode – numeric,
alphabetic, alphanumeric fields – to see if they are filled in properly.

Processing Control

Input and processing data are so interrelated that we can take them as first line of defense. Once
data is fed into the computer, controls are embedded in various computer programs to help,
detect not only input errors but also processing errors. Processing – controls are included to
check arithmetic calculations and logical operations. They are also used to ensure that data are
not lost or do not go unprocessed. Processing control is further divided into hardware and
software control.

Output Control

These are developed to ensure that processed information is correct, complete and is transmitted
to authorized user in a timely manner. The output control are mostly of same kind as input
control e.g. Output documents and reports are thoroughly and visually verified by computer
personnel and they are properly logged and identified with rout slips

Storage Control

Control responsibility of files of computer programs and databases is given to librarian or

database administrator. They are responsible for maintaining and controlling access to the
information. The databases and files are protected from unauthorized users as accidental users.
This can be achieved with the help of security monitor. The method includes assigning the
account code, password and other identification codes. A list of authorized users is provided to
computer system with details such as type of information they are authorized to retrieve or
receive from it.

Procedural Control

These methods provide maximum security to operation of the information system. Standard
procedures are developed and maintained manually and built in software help display so that
every one knows what to do. It promotes uniformity and minimize the chance of error and fraud.
It should be kept up-to-date so that correct processing of each activity is made possible.

Physical Facility Control

Physical facility control is methods that protect physical facilities and their contents from loss
and destruction. Computer centers are prone to many hazards such as accidents, thefts, fire,
natural disasters, destructions etc. Therefore physical safeguards and various control procedures
are required to protect the hardware, software and vital data resources of computer using
organizations.

Physical Protection Control

Many type of controlling techniques such as one in which only authorized personnel are allowed
to access to the computer centre exist today. Such techniques include identification badges of
information services, electronic door locks, security alarm, security policy, closed circuit TV
and dust control etc., are installed to protect the computer centre.

Telecommunication Controls
The telecommunication processor and control software play a vital role in the control of data
communication activity. Data can be transmitted in coded from and it is decoded in the computer
centre itself. The process is called as encryption.

Computer Failure Controls

Computers can fail for several reasons like power failures, electronic circuitry malfunctions,
mechanical malfunctions of peripheral equipment and hidden programming errors. To protect
from these failure precaution, any measure with automatic and remote maintenance capabilities
may be required.

RISK MANAGEMENT

The management of risk data and information is key to the success of any risk management
effort regardless of an organization's size or industry sector. Risk management information
systems/services (RMIS) are used to support expert advice and cost-effective information
management solutions around key processes such as:

 Risk identification and assessment

 Risk control
 Risk financing

Typically, RMIS facilitates the consolidation of information related to insurance, such as claims
from multiple sources, property values, policy information, and exposure information, into one
system. Often, RMIS applies primarily to “casualty” claims/loss data systems. Such casualty
coverages include auto liability, auto physical damage, workers' compensation, general liability
and products liability.

RMIS products are designed to provide their insured organizations and their brokers with basic
policy and claim information via electronic access, and most recently, via the Internet. This
information is essential for managing individual claims, identifying trends, marketing an
insurance program, loss forecasting, actuarial studies and internal loss data communication
within a client organization. They may also provide the tracking and management reporting
capabilities to enable one to monitor and control overall cost of risk in an efficient and cost-
effective manner.

In the context of the acronym RMIS, the word “risk” pertains to an insured or self-insured
organization. This is important because prior to the advent of RMIS, insurance company loss
information reporting typically organized loss data around insurance policy numbers. The
historical focus on insurance policies detracted from a clear, coherent and consolidated picture of
a single customer's loss experience. The advent of the first PC and UNIX based standalone
RMIS was in 1982, by Mark Dorn, under the trade name RISKMASTER. This began a
breakthrough step in the insurance industry's evolution toward persistent and focused
understanding of their end-customer needs. Typically, the best solution for an organization
depends on whether it is enhancing an existing RMIS system, ensuring the highest level of data
quality, or designing and implementing a new system while maintaining a focus on state-of-the-
art technology.

In computing, a denial-of-service (DoS) attack is a cyber-attack where the perpetrator seeks to

make a machine or network resource unavailable to its intended users, such as to temporarily or
indefinitely interrupt or suspend services of a host connected to the Internet. Denial of service is
typically accomplished by flooding the targeted machine or resource with superfluous requests in
an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.

A distributed denial-of-service (DDoS) is a cyber-attack where the perpetrator uses more than
one, often thousands of, unique IP addresses. (See IP address spoofing.) It is analogous to a
group of people crowding the entry door or gate to a shop or business, and not letting legitimate
parties enter into the shop or business, disrupting normal operations. The scale of DDoS attacks
has continued to rise over recent years, even reaching over 600Gbit/s.
Criminal perpetrators of DoS and DDoS attacks often target sites or services hosted on high-
profile web servers such as banks or credit card payment gateways. Motives of revenge,
blackmail or activism can be behind other attacks.

Symptoms

The United States Computer Emergency Readiness Team (US-CERT) defines symptoms of a
denial-of-service attack to include:[7]

 unusually slow network performance (opening files or accessing web sites)

 unavailability of a particular web site
 inability to access any web site
 dramatic increase in the number of spam emails received (this type of DoS attack is
considered an e-mail bomb).

Addition symptoms may include:

 disconnection of a wireless or wired internet connection

 long-term denial of access to the web or any internet services.

If the attack is conducted on a sufficiently large scale, entire geographical regions of Internet
connectivity can be compromised without the attacker's knowledge or intent by incorrectly
configured or flimsy network infrastructure equipment.

Advanced persistent DoS

An advanced persistent DoS (APDoS) is more likely to be perpetrated by an advanced persistent
threat (APT): actors who are well resourced, exceptionally skilled and have access to substantial
commercial grade computer resources and capacity. APDoS attacks represent a clear and
emerging threat needing specialised monitoring and incident response services and the defensive
capabilities of specialised DDoS mitigation service providers.

APDoS attacks are characterised by:

 Advanced reconnaissance (pre-attack OSINT and extensive decoyed scanning crafted to

evade detection over long periods)
 Tactical execution (attack with a primary and secondary victims but focus is on Primary)
 Explicit motivation (a calculated end game/goal target)
 Large computing capacity (access to substantial computer power and network bandwidth
resources)
 Simultaneous multi-threaded OSI layer attacks (sophisticated tools operating at layers 3
through 7)
 Persistence over extended periods (utilising all the above into a concerted, well managed
attack across a range of targets[
Denial-of-service as a service
Numerous vendors provide so-called "booter" or "stresser" services. These have simple web-
based front ends, and accept payment over the web. Marketed and promoted as stress-testing
tools, they can be used to perform unauthorized denial-of-service attacks, and allow technically
unsophisticated attackers access to sophisticated attack tools without the need for the attacker to
understand their use.

Spoofing – Misrepresenting oneself by using fake e-mail addresses or masquerading as someone

else – Redirecting Web link to address different from intended one, with site masquerading as
intended destination to collect and process orders, effectively stealing business as well as
sensitive customer information from the true site

BREAKING DOWN 'Spoofing'

There are several kinds of spoofing including email, caller ID, and uniform resource locator
(URL) spoof attacks.

Email spoofing (or phishing), used by dishonest advertisers and outright thieves, occurs when
email is sent with falsified “From:” entry to try and trick victims that the message is from a
friend, their bank, or some other legitimate source. Any email that claims it requires your
password or any personal information could be a trick.

In a caller ID attack, the spoofer will falsify the phone number he/she is calling from.

Ethical Challenges of Information Technology

Security: With tools like the internet, hackers have found it very easy to hack into any computer
or system as long as it is connected on internet. Hackers can easily use an IP (Internet Protocol)
address to access a user’s computer and collect data for selfish reasons. Also the wide spread of
internet cookies which collect information whenever we use the internet , has exposed IT users to
high risks of fraud and conflicting interests. Many big companies use these cookies to determine
which products or service they can advertise to us. When it comes to online banking, the transfer
of money can easily be interrupted by a hacker and all the money will be transferred to their
desired accounts , which affects both the bank and the customers who is using online banking
technology.

Privacy Issues: As much as information technology has enabled us to share and find relevant
information online,. It has also exploited our freedom of privacy. Their so many ways our
privacy is exploited, (1) use of internet webcams, experienced computer users can turn on any
webcam of any computer online and they will have access to your private life, many celebrities
have been victims of these online stalkers. A good example is Dharun Ravia former Rutgers
University student who was spying on his roommate through a webcam. Read more on this story
here ……. (2) use of social networks, the main concept of these networks is to connect with new
and old friends then share your life with them, however, the loop hole in this , is that when ever
some one access your shared life data like photos , they can like it and send it their friends who
are not your friends, which might expose you to users with wrong intentions to use your data,
also some companies are known for spying on their employees via these social networks.
Copyright Infringement: Information technology has made it easy for users to access any
information or artifact at any given time. With the increased development of music sharing
networks and photo bookmarking sites, many original creators of these works are losing the
credibility of their works, because users of IT can easily gain access and share that data with
friends. Free music and file downloading sites are popping up on internet every day , lots of
original work like music albums, books , are being downloaded for free. In this case one
legitimate user will purchase the book , software, web template or music album, and they will
submit it to a free download site where others will simply just download that data for free. It is
good news for the users because it saves them money, but it harms the original creator of these
works. The government has closed some of these sites like Megaupload.com, but many are
popping up using funny URLs.

Increased pressure on IT experts. Since information technology systems have to run all the
time, pressure is mounted on IT experts to ensure the accuracy and availability of these systems.
Many big organizations which need to operate 24 hours will require a standby IT team to cater
for any issues which might arise during the course of operation. This pressure results into stress
and work overload which some times results into Imperfection.

Digital divide: Information technology has many opportunities and it has shaped many
industries in developed countries; however, developing countries have difficulties of enjoying
the same benefits of Information technology. To get these benefits they have to train their labor
and users should also adopt the new culture which is a bit costly in these developing countries.
In some remote areas they do not even have power, so information technology tools like
computers can not be used. In other sectors like education, most of these developing countries
have poor old education systems, so a student will not be aware of new information technologies.