Module I Definition: An information system is a set of interrelated elements or components, that collect (input), manipulate (process), and disseminate

(output) data and information and provide feedback mechanism to meet desired objectibves. Characteristics of Information: Information should be Accurate, Complete, Economical, Flexible/ Versatile, Reliable, Relevant, Timely, Verifiable, Accessible, and Secure. System Performance & Standards: System performance can be measured in various ways. Variances from standards are determinants of system performance. Achieving system performance standards may also require a tradeoff in terms of cost, control and efficiency. Efficiency: Is a measure of what is produced divided by what is consumed. It can range from 0 to 100%. Effectiveness: Is a measure of the extent to which a system achieves its goals. It can be computed by dividing the goals actually by the total of the stated goals. Roles of IS in Business: There are three fundamental reasons for all business applications of information technology. They are found in the three vital roles that information system can perform for a business enterprise. Support of its business processes and operations. Support of decision making by its employees and managers. Support of its strategies for competitive advantage. Trends in IS: The business applications of information systems have expanded significantly over the years. Data Processing (1950s 1960s): Electronic data processing systems which includes transaction processing, record keeping, and traditional accounting applications. Management Reporting (1960s 1970s): Management information systems that include preparation of management reports of pre specified information to support decision making. Decision Support (1970s 1980s): Decision support systems include interactive ad hoc support of managerial decision making process. Strategic and End User Support (1980s 1990s): o End user computing systems: Direct computing support for end user productivity and work group collaboration. o Executive information systems: Critical information for top management. o Expert Systems: Knowledge based expert advice for end users.

o Strategic Information Systems: Strategic products and services for competitive advantage. Electronic Business and Commerce (1990s 2000s): o Internet based e-business and e-commerce systems: Web enabled enterprise and global e-business operations and electronic commerce on the internet, intranets, extranets, and other networks. Types of Information System: Conceptually the applications of information systems that are implemented in todays business world can be classified in several different ways. Several types information systems can be classified as either operations or management information systems. Operations Support System: Information systems have always been needed to process data generated by and used in, business operations. Such operations support systems produce a variety of information products for internal and external use. However they do not emphasize producing the specific information products that can best be used by managers. The role of a business firms operations support system is to efficiently process business transactions, control industrial processes, support enterprise communications and collaborations and update corporate databases. Transaction Processing Systems: Are an important example of operations support system that record and process data resulting from business transactions. Process Control Systems: Monitors and controls physical processes. They enhance team and workgroup communications and productivity, and include applications that are sometimes called as office automation systems. Management Support Systems: When information systems applications focus on providing information and support for effective decision making by managers, they are called management support systems. Providing information and support for decision making by all types of managers and business professionals is a complex task. Conceptually, several major types of management support system includes: Management Information System: MIS provides information in the form of reports and displays to managers and many business professionals. Decision Support System: DSS give direct computer support to managers during the decision making process. Executive Information System: EIS provide critical information from a wide variety of internal and external sources easy to use touch screen terminals to instantly view text and groups display that highlights key areas of organizational and competitive performance.

Information System Resources: An information system consists of five major resources: people, hardware, software, data and networks. People Resources: People are an essential ingredient for the successful operation of all information system. The people resources include end users and IS specialists. Hardware Resources: The concept of hardware resources include all physical devices and materials used in information processing. Specifically, it includes not only machines, such as computers and other equipment, but also all data media, from sheets of paper to magnetic or optical disks. Software Resources: The concept of software resources includes all sets of information processing instructions. This generic concept of software includes not only the set of operating instructions called programs, which direct and control computer hardware, but also the sets of information processing instructions called procedures that people need. Data Resources: Data are more than raw materials of information system. The concept of data resources has been broadened by managers of information systems professionals. They realize that data constitute valuable organizational resources. Thus data is viewed as an important resource that must be managed effectively to benefit the end users in an organization. Network Resources: Telecommunications technologies and networks like the internet, intranet and extranet are essential to the successful electronic business. Telecommunications networks consist of computers, communications processors and other devices interconnected by communication media and controlled by communications software. IS Activities: The basic information processing activities that occur in information system includes. Inputting: Data about business transactions and other events must be captured and prepared for processing by the input activity. Input typically takes the form of data entry activities such as recording and editing. End users typically enter data directly into a computer system, or record about transactions on some type of physical medium such as a paper form. This usually includes a variety of editing activities to ensure that they have recorded data correctly. Once recorded data may be transferred onto a machine readable medium such as a magnetic disk until needed for processing. Processing: Data are typically subjected to processing activities such as calculating, comparing, sorting, classifying and summarizing. These activities organize, analyze, and manipulate data, thus converting them into information for end users. The quality of any data stored in an information system must also be maintained by a continual process of correcting and updating activities.

 Outputting: Information in various forms is transmitted to end users and make available to them in the output activity.

The goal of information system is the production of appropriate information products for end users. Common information products include messages, reports, forms and graphic images, which may be provided by video displays, audio responses, paper products and multimedia. Storing: Storage is the basic system component of information system. Storage is the information system activity in which data and information are retained in an organized manner for later use. This facilitates their later use in processing or retrieval as outputs when needed by users of a system. Controlling: An important information system activity is the control of system performance. An information system should produce feedback about its input, processing, output, and storage activities. The feedback must be monitored and evaluated to determine if the system is meeting established performance standards. Developing IS Solutions: Developing successful information systems solutions to business problems is a major challenge for business managers and professionals today. Most computer based information systems are conceived, designed, and implemented using some form of systematic development process. Using the systems approach to develop information system solutions can be viewed as a multi step process called the information systems development cycle, also known as the system development life cycle (SDLC). What goes on in each stage of this process, which includes the steps of Project Initiation: Somebody needs to start the project. Usually it is a manager outside the IS organization who has a problem or sees an opportunity related to the area where he are she works. A formal planning process also may identify new systems that can help the organization meet its objectives. Sometimes the IS group initiates the projects that will improve its own operations or deal with common problems among the user areas. System Analysis & Feasibility Study: Once the project is initiated, the system analysis phase begins. System analysis refers to the investigation of existing situation. Some of the major activities include isolating the symptoms of the problem and determining its cause. Other activities are the identification of business process and their interrelations and the flow of information related to these process. System analysis aims at providing a through understanding of the existing organization, its operation, and the situation relevant to the system. Logical Analysis & Design: at this point analysts determine two major aspects of the system. oWhat it needs to do

oHow it will accomplish these functions. The analyst identifies information requirements and specifies processes and generic IS function such as input, output and storage rather than writing programs or identifying hardware. The analysts often use modeling tools such as DFDs, ERDs, to represent logical processes and data relationships. Logical design is followed by physical design, which translates the abstract logical model into specific technical design for new systems. Acquisition or Development: IS personnel use the specifications suggested in logical and physical design to purchase the hardware and software required for system and then to configure it as needed. Programmers write programs for parts of the system where commercial sources are not appropriate. Technical writers develop documentation and training materials. IS personnel test the system for bugs and system performance before they are finally implemented. Implementation: Implementing the system requires a careful plan, to avoid problems that could lead to resistance. Here the user needs training in the mechanics of the system, to reduce frustration and productivity loss during the transition period. In most cases implementing a new system requires a conversion from a previous system. Approaches to conversion include: oParallel Conversion oDirect cutover oPilot Conversion oPhased Conversion Operation: After a successful conversion, the system will operate for indefinite period of time, until the system is no longer adequate or unnecessary, or cost effective. Post Audit Evaluation: an organization should evaluate all its larger systems projects after their completion. If the implementation was successful, an audit should occur after the system operations have stabilized. If the project failed, the audit should be done as soon as possible after the failure.Post audit evalution provides a platform to compare the standards with the actuals and helps analyst make better estimates on future projects. Maintenance: every system needs two kinds of maintenance. Bugs are more frequent in the beginning, but problems can appear even years later. In addition programmers need to update systems to accommodate changes in the environment Regardless of type, maintenance is expensive, accounting for up to 80% organizational IS budgets. Therefore it is

important that the design and development stages produce systems that include in its initial versions all required functionality. Module II Database Management System: DBMS is a collection of interrelated data and a set of programs to access those data. The primary goal of a DBMS is to provide a way to store and retrieve database information that is both convenient and efficient. Database systems is a computerized record keeping system which provides mechanisms for the safety of the stored information from data corruption and unauthorized access. DBMS Architecture: The ANSI/SPARC architecture is divided into three levels, known as the internal, conceptual and external level. Internal Level: This is also known as the physical level is the one closest to the physical storage i.e. it is the one concerned with the way the data is physically stored. External Level: This is also known as the user logical level is the one closest to the users it is the one concerned with the way the data is seen by individual users. Conceptual Level: This is also known as the community logical level, or sometimes just the logical level, unqualified is a level of indirection between the other two. Working Principle: The DBMS is a software that handles all access to the database. Conceptually what happens is the following: A user issues an access request, using some particular data sublanguage typically SQL) The DBMS intercepts that request and analyzes it. The DBMS inspects, in turn, the external schema for that user, the corresponding external/conceptual mapping, the conceptual schema, the conceptual/internal mapping, and the storage structure definition. The DBMS executes the necessary operations on the stored database.

Data Models: Underlying the structure of a database is the data model, a collection of conceptual tools for describing data, data relationships, data semantics, and consistency constraints. A data model provides a way to describe the design of a database at the physical, logical and view level. The data models can be classified in four different categories. Relational Model: The relational model uses a collection of tables to represent both data and the relationships among those data. Entity Relationship Model: The entity relationship model is based on a perception of a real world that consists of a collection of basic objects called entities and of relationship among these objects. The Object Oriented Data Model: This is another data model, which can be seen as an extension of E-R model with notations of encapsulation, methods, and object identity. The object relational data model combines features object oriented data models and relational model. Semi structured Data Model: The semi structured data model permits the specification of data where individual data items of same type may have different set of attributes. The Extended Markup Language (XML) is widely used to represent semi structured data. Database Languages: A database system provides a data-definition language to specify the database schema and a datamanipulation language to express database queries and updates. In practice, the data definition and data manipulation languages are not separate languages, instead they simply form parts of a single language, such as the widely used SQL language. Database Design: Database systems are designed to manage large bodies of information. Database design mainly involves the design of database schema. The design of a complete database application environment that meets the needs of the enterprise being modeled requires attention to a broader set of issues. Benefits of a Database Systems: Database systems arose in response to early methods of computerized management of commercial data. The typical file processing systems is supported by conventional operating system. Using the database approach has the following benefits over the traditional file processing approach. Data Redundancy: This refers to duplication of data. In non database system each application with own separate files often lead to redundancy in store data which results in wastage of space. Database systems does not maintain separate copies of the same data. All the data kept in one place and various application refer from this centrally controlled system.

 Data Inconsistency: Database is said to be inconsistent when contradictory information will be supplied to the users.

DBMS ensures the database is always consistent by ensuring that any change made to either of the two or more entities is automatically applied to the other one also. This process is also known as propagating update. Sharing of Data: Sharing of data allows the existing application to use the data by multiple users of the database system. Due to shared data it is possible to satisfy the data requirement of new applications without creation of additional stored data or marginal modification. Enforcement of Standards: DBMS uses standard measures in naming, formatting and structuring while creating and using data within the organization. This ensures easier enforcement of data usage particularly in migrating and interpreting data between two different systems. Data Security: To ensure security DBMS provides security tools such as user codes and passwords so that data security checks can be carried out whenever access is attempted to sensitive data. Concurrent Access: For the sake of overall performance and faster response time many systems uses multiple users to update the data simultaneously. In such environment interactions of concurrent updates may result in data inconsistency. DBMS guards against this possibility by maintaining some form of supervision into such applications. Atomicity Problems: A computer system like any other mechanical device is subject to failure. In many applications it is crucial that if a failure occurs the data is restored to the consistent state that existed prior to the failure. DBMS takes care of such problems by making the transactions atomic it must happen in entirety or not at all. Data Integrity: Data integrity refers to ensuring data in database is accurate. This is ensured through enforcing various integrity constraints during the time of creation of data structure. Better Interaction with Users: In case of DBMS the availability of up-to-date information improves and makes it easy to respond to unforeseen information request. Centralizing the data in database allows users to obtain new and combined information. Efficient System: in DBMS the contents of stored data can be changed easily and do not have any impact on the application programs. Initial cost of DBMS may be high but overall costs is less compared to conventional system. Systems Vulnerability: Information systems are made up of many components that may be in several locations. Thus, each information system is vulnerable to many potential hazards. The vulnerability of information system is increasing as we move to a world of

networked computing. Theoretically, there are hundreds of points in a corporate information system that can be subject some threat. These threats can be classified as unintentional or intentional. Unintentional Threats: These are divided into three major categories human errors, environmental hazards and computer system failures Human Error: Errors can occur in the design of the hardware and/or information systems. They can also occur in the programming, testing, data collection, data entry, authorization, and instructions. Human errors contribute to the vast majority control and security related problems in many organizations. Environmental Hazards: This includes earthquakes, hurricanes, severe snow, sand storms, floods, tornadoes, power failures or strong fluctuations, fires, defective air conditioning, explosives, radio active fallout and water cooling system failures. Computer System Failures: This can be result of poor manufacturing of defective materials. Unintentional malfunction can happen for other reasons ranging from lack of experience to incompatibility of software. Intentional Threats: Computer system may be damaged as a result of intentional actions. Here are some examples. Theft of Data Inappropriate use of data Theft of mainframe computer crime Theft of equipment and/or programs Deliberate manipulation in handling, entering, processing, transferring or programming data. Labor strikes, riots or sabotage. Malicious damage to computer resources Destruction from viruses and similar attacks. Miscellaneous computer abuses and crimes. Computer Crimes: According to CSI 64% of all corporations experienced computer crimes in 1997. The number, magnitude and diversity of computer crimes and abuse are increasing rapidly. Lately increased fraud related to the Internet and electronic commerce is in evidence. Types of Computer Crimes: In many ways, computer crimes resemble conventional crimes. They can occur in four ways. First, the computer can be target of the crime.

 Second, the computer can be the medium of the attack by creating an environment in which a crime or fraud can occur. Third, the computer can be the tool by which a crime is perpetrated. Forth, the computer can be used to intimidate or deceive. Computer Criminals: Crimes can be performed by outsiders who penetrate a computer system frequently via communication lines or by insiders who are authorized to use the computer system but are misusing their authorizations. Hacker: is the term often used to describe outside people who penetrate a computer system. A cracker is a malicious hacker who may represent a serious problem for a corporation. Methods of Attack: Two basic approaches are used in deliberate attacks on computer systems: data tampering and programming techniques. Data Tampering (Data Diddling): This is the most common approach and is often used by the insiders. It refers to entering, false, fabricated data into the computer or changing or deleting existing data. Programming Techniques: Computer criminals also use programming techniques to modify a computer program, either directly or indirectly. For this crime, programming skills and knowledge of the targeted systems are essential. Viruses: The most common publicized attack method, the virus receives its name from the programs ability to attach itself to other computer programs causing them to become virus themselves. When a virus is attached to a legitimate software program, the program becomes infected without the owner of program being aware of the infection. Therefore, when the software is used, the virus spreads, causing damage to that program and possibly to others. Thus, the legitimate software is acting as a Trojan horse. Security Challenges: Knowing about major potential threats to information systems is important, but understanding ways to defend against these threats is equally critical. Defending information systems is not a simple or inexpensive task for the following reasons. Hundreds of potential threats exist Computing resources may be situated in many locations. Many individuals control information assets. Computer networks can be outside the organization and difficult to protect Rapid technological changes make some controls obsolete as soon as they are installed. Many computer crimes are undetected for a long period of time so it is difficult to learn from experiences.

 People tend to violate security procedures because the procedures are inconvenient. Many computer criminals who are caught go unpunished, so there is no deterrent effect. The amount of computer knowledge necessary to commit computer crime is minimal and one can learn hacking for free in the internet. The cost of preventing hazards can be very high. Therefore most organizations simply cannot afford to protect against most possible hazards. It is difficult to conduct a cost benefit justification for controls since it is difficult to assess the value of hypothetical attacks. Protecting Information Systems: Protection of IT is accomplished by inserting controls defense mechanisms intended to prevent accidental hazards, deter intentional acts, detect problems as early as possible, enhance damage recovery and correct problems. Defense Strategies: The selection of a specific strategy depends on the objectives of the defense and on the perceived cost benefit. Controls for Prevention: Properly designed controls may prevent errors from occurring, deter criminals from attacking the system, and better yet, deny access to understand people. Detection: It may not be economically feasible to prevent all hazards and deterring measures may not work. Therefore, unprotected systems are vulnerable to attacks. Like a fire the earlier it is detected the better it is to combat. Limitation: This means to minimize losses once a malfunction has occurred. This can be accomplished by including a fault tolerant system that permits operations in a degraded mode until full recovery is made. Recovery: A recovery plan explains how to fix a damaged information systems as quickly as possible. Replacing rather than repairing components is one route to fast recovery. Correction: Correcting damaged systems can prevent the problem from occurring again. Information System Controls: They can be divided into two major categories general system controls and application controls. General Controls: These are used to protect the systems regardless of specific applications. The major categories of general controls are as under: Physical Controls: Appropriate physical security may include several controls such as the following:

Appropriate design of data center. Shielding against electromagnetic fields. Good fire prevention, detection and extinguishing system, including sprinkler system, water pumps, adequate drainage facilities. A better solution is fire-enveloping system. Emergency power shutoff and backup batteries, which must be maintained in operational condition. Properly designed, maintained and operated air conditioning system. Motion detector alarms to detect physical intrusion. Access control: Access control is the restriction of unauthorized user access to a portion of a computer system or to the entire system. To gain access, a user must be authorized. Then when the user attempts to gain access he or she must be authenticated. User identification can be accomplished when the following identifies each user. Something only the user knows such as a password Something only the user has such as a smartcard Something only the user is such as signature, voice, fingerprint, or retinal scan, iris scan, DNA code implemented via biometric control Data Security Controls: Data security is concerned with protecting data from the accidental disclosure to unauthorized persons or from unauthorized modification or destruction. Data security functions are implemented through operating systems, security access control programs, database or data communication products recommended backup/recovery procedures, application programs and external control procedures. Communication/Network Controls: Network is becoming extremely important as the use of internet/intranet and ecommerce increases. o Encryption: Encryption encodes regular digitized text into unreadable scrambled text or numbers to be decoded upon receipt. Encryption accomplishes three purposes. Identification: (helps identify legitimate senders and receivers) Control: (prevents changing a transaction or message) and Privacy (impedes eavesdropping).

 Firewalls: A firewall is a system or a group of systems that enforces an access control policy between two networks. It

is commonly used as a barrier between the secure corporate intranet or other internal networks and the internet which is assumed to be unsecured. Firewalls are used to implement control access policies. The firewalls follows strict guidelines that either permits or blocks traffic, therefore, a successful firewall is designed with clear and specific rules about what can pass through. Several firewalls may exist in one information system. Administrative Controls: Administrative controls deal with issuing guidelines and monitoring compliance with the guidelines. Representative examples of such controls include the following: Appropriately selecting, training and supervising people Fostering company loyalty Immediately revoking access privileges of dismissed, resigned or transferred employees. Requiring periodic modification of access controls Developing programming and documentation standards Instituting separation of duties Holding periodic & random audits of the system. Module III Transaction Processing Systems: In every organization there are major business processes that provides the mission critical activities. Business transactions occurs when a company produces a product or provides a service. An Information System that supports transaction processing is called the Transaction Processing System. Need for TPS: Large amounts of data can be processed. The sources of data are mainly internal and the output is intended mainly for internal audience. o This characteristic is changing since trading partners may contribute data and be permitted to use TPS output directly. The TPS provides information on a regular basis. Large storage (database) capacity is required.

 High processing speed is needed due to high volume. TPS basically monitors and collects past data. Input and Output are structured. o Since the processed data are fairly stable, they are formatted in a standard fashion. High level of detail is usually observed, especially in input data often in output as well. Low computation complexity (simple mathematical/statistical) is usually evident in TPS. A high level of accuracy, data integrity, and security is needed. o Sensitive issues such as privacy of personal data are strongly related in TPS. High reliability is required. oTPS can be viewed as lifeblood of the organization. Interruption in the flow of TPS data can be fatal to the organization. Inquiry Processing is a must. oTPS enables users to query files and databases (even online and real time) Characteristics: TPS is the backbone of the organizations information system. TPS does the following for all routine core business transactions. An organization may have one integrated TPS or several, one for each specific business processes. Monitors Collects Stores Processes Disseminates information. Objectives: To provide all information needed by law and/or organizational policies to keep the business running and efficiently. The key objectives of a traditional TPS are as under: To allow effective operation of organization To provide timely documents and reports To increase the competitive advantage of the corporation. To provide the necessary data for tactical and strategic systems.

 To assure accuracy and integrity of data To safeguard assets and security of information. Activities: Regardless of the specific data processed by a TPS, a fairly standard process occurs, whether in a manufacturer, in a service firm, or in a govt. organization. First data is collected by people or sensors and entered into the computer via any input device. Generally speaking organizations try to automate the TPS data entry as much as possible because of large volume. Next the system processes data in one of the two basic ways. Batch Processing: In batch processing the firm collects transaction as they occur, placing them into groups or batches. The system then prepares and processes the batches periodically. Online Processing: In online processing, data are processed as soon as a transaction occurs. Tactical Tasks: Transaction processing exists in all functional areas. However it has major impact in accounting and finance areas. The major components of a TPS and its processes are the following. Order Processing The Ledger Accounts Payable and Receivable Receiving & Shipping Inventory on Hand Fixed Asset Management Payroll Personal Files & Skills Inventory Government Reports Periodic Reports & Statements. Decision Support System: The concepts involved in DSS were first articulated in the early 1970s in the early 1970s by Scott Morton. He defined such system as interactive computer based system, which makes decision makers utilize data and models to solve unstructured problems.

DSS like the term MIS and MSS, means different things to different people. DSS can be viewed as an approach or a philosophy rather than a precise methodology. Need for DSS: Most companies now operate in unstable economy. Most organization now faces increasing foreign and domestic competition. Tracking the numerous business operation are becoming increasingly difficult. Companies existing computer system did not support the objectives of increasing efficiency, profitability, and entry into profitability markets. The IS department could not begin to address the diversity of the companys needs or management inquiries. Business analysis functions were not present within the existing system. Other reasons for using DSS that were found in surveys are: Accurate information is needed. DSS is viewed as a organizational leader. New information is needed. Management mandated the DSS Timely information is provided Cost reduction is achieved. Characteristics and Capabilities: A DSS provides support for decision makers at all management levels, whether individual or groups, mainly in semistructured and unstructured situations by bringing together human judgments and computerized information. A DSS supports several interdependent and/or sequential decisions. A DSS supports all phases of the decision making process intelligence, design, choice, and implementation. Supports variety of decision making processes and styles. A DSS is adaptable by the user over time to deal with changing condition. A DSS is easy to communicate and use.

 A DSS promotes learning, which leads to new demands and refinement of application, which leads to additional learning and so forth. A DSS usually utilizes models (standard and/or custom made) A DSS allows the easy execution of sensitivity analysis. Structure and Components: Every DSS consists of at least data management, user interface, and model management components. Data Management Subsystem: Data management includes the database(s) which contains relevant data for the situation, managed by database management system (DBMS). User Interface Subsystem: This component is other wise known as human machine communication) subsystem. The user can communicate with and command the DSS through this subsystem. Model Management: This includes software with financial, statistical, management science, or other quantitative models that provide the systems analytical capabilities and an appropriate software management program to manage the models. Knowledge Management: This subsystem can support any of the other subsystems or act as an independent component, providing knowledge for the solution of the specific problem. The components are put together for DSS either by programming them from scratch by gluing together existing components or by using comprehensive tools called DSS generators. End user constructed DSSs are built with integrated tools, such as Excel or Lotus 1 2 3, which include spreadsheets, graphics, and database management systems. Data Management Subsystem: The data management subsystem is similar to any other data management system. The necessary data can flow from several sources and are extracted prior to their entry to a DSS database. In some DSS there is no separate DSS database, and data are entered into the DSS as needed. In many DSS applications, data come from a data warehouse. A data warehouse includes DSS relevant data extracted from different sources and organized as a relational database.
Oh e O h rr tte C m tt C o p u rr o pe mu e b e dS ttess ae s b s dS y e m a s y sm Da D aa at t M n e mn M a a me t a ag et n ge n Ko le d e o K n wd g n w le e g Mn e a ae M n g rr aag D lo g D ia g ia lo M n e mn a ae e M n g mn t aag et Md oe M d ll oe M n e mn a ge n M n a me t a ag et

M n e r/U e a ae s M n g r/ s rr a a g Ue Tks as Tsk as

Model Management Subsystem: The model base contains all the models and the model building blocks used to develop applications to run the systems. The major functions of MBMS include: Creates models easily and quickly, either from scratch, from exciting models or from building blocks. Allows users to manipulate models so they conduct experiments and sensitivity analysis. Stores and manage a wide variety of different types of models in a logical and integrated manner. Access and integrates the model building blocks Catalogs and displays the directory of models. Tracks models, data, and application usage. Interrelates models with appropriate linkage through the database Manages and maintains the model base with management functions analogous to database management. The model management subsystem of DSS has several elements: model base; model base management system; modeling language; model directory; and model execution, integration, and command. Knowledge Management Subsystem: Many unstructured and semi structured problems are so complex that they require expertise for their solutions. Such expertise can be provided by an expert system. Therefore, the more advanced DSS are

equipped with component called knowledge management. Such a component can provide the required expertise for solving some aspects the problem or knowledge that can enhance the operations of the other DSS components. Executive Information (Support) Systems: The majority of personal DSSs support the work of professionals and middle level managers. Organizational DSSs provide support primarily to planners, analysts, researchers or to some managers. Rarely do we see a DSS used directly by top or even middle level executives. An executive support systems (EIS) also known as executive support systems (ESS) is a technology emerging in response to managers specific needs. Factors driving the needs for EIS: External Factors: Increased Competition Rapidly changing environment Need to be more proactive Need to access external databases Increasing government regulations Internal Factors: Need for timely information Need for improved communication Need for access to operational data Need for rapid status updates on different issues Need for increased effectiveness Need to be able to identify historical trends Need to access corporate databases Need for more accurate information

EIS: An EIS is a computer based system that serves the information needs of top executives. It provides timely information and direct access to management reports. EIS is very user friendly, is supported by graphics, and provides exception reporting and drill down capabilities. It is also connected with online information services and electronic mail. ESS: An ESS is a comprehensive support system that goes beyond EIS to include analysis support, communications, office automation and intelligence. Capabilities and Characteristics of ESS: EIS vary in their capabilities and benefits. The following capabilities are common to most EIS. Drill Down: The capability called drill down provides details of any given information. In certain cases, this drill down process may continue through several layers of details. To provide this capability, the EIS may include several thousand menus and submenus. Drill down can also be achieved by direct query of the database, and by using a browser. Systems that use intelligent agents to conduct drill down and bring results to user are under development. Critical Success Factor: The factors that must be considered in attaining the organizational goals are called critical success factors. Such factors can be strategic, managerial, or operational success factors and they are mainly defined from three sources: organizational factors, industry factors. They can exist at the corporate level, as well as the division, plant and department level. Sometimes it is even necessary to consider the CSF of individual employees. Critical success factors, once identified can be monitored, measured and compared to standards. CSF KPI Profitability Profitability measures of each department, products, region etc Financial Financial ratios, Balance sheet Analysis, Cash reserve position, Rate of return on investment. Marketing Market share,

Advertisement Analysis, Product Pricing, Sales Result, Customer sales potential. Human Turnover rates, Skill Resources Analysis, Absenteeism Rate etc. Planning Corporate Partnership, Ventures, Growth/Share Analysis Economic Market trends, Analysis Foreign Exchange Values, Industry trends, Labour cost trends. Consumer Customer confidence Trend level, purchasing habits, demographical data. Status Access: In the status access mode, the latest data or reports on the status of key indicators or other factors can be accessed at any time. Trend Analysis: In analyzing data, it is extremely important to identify trends. The executive likes to examine trends, especially when changes in data are detected. Trend analysis can be done using forecasting models which are included in many ESSs.

 Ad Hoc Analysis:Executive support systems provide ad hoc analysis capabilities instead of merely providing access to

data analysis. Executives can thus use the ESS to do creative analysis on their own. They may even select the programming tools to be used, the outputs, and the desired presentation of the information. Exception Reporting: Exception reporting is based on the concept of management by exception, in which an executive should give attention to significant deviation from standards. Here an executives attention will be directed only to cases of very good and very bad performance. This approach saves considerable time for both producers and readers of reports. EIS Types & Issues: In recent years, the EIS has been enhanced with relation and multidimensional analysis and presentation, friendly data access, user friendly graphical interface, imaging capabilities, hypertext, internet access, emails, intranet access and modeling. These are helpful for any executive. We can distinguish between two types of EIS One designed especially to support the top executives. The other intend to serve a wider community of users. Module IV Issues in IT Planning: Improving the planning processes for information systems has long been one of the top concerns of ISD management. The society for Information Management found this to be the number one issue in surveys of senior IS executives. It planning still represents a challenging issue for IS executives. Basic information systems planning address the following four general issues. Aligning the IT plan with the organizational business plan Designing IT architecture for the organizations in such a way that users, applications, and databases can be integrated and networked together. Efficiently allocating information systems development and operational resources among competing applications. Planning information systems projects so that they are completed on time and within budget and include the specified functionalities. A Four Stage Model of IT Planning: Several models were developed to facilitate IT planning. Of special interest is Wetherbes four stage model of planning, which is based on observation of planning efforts, promotional literature, and analysis of various methodologies used in planning processes. The model consists of four major activities: strategic planning, requirements analysis, resource allocation and project planning. These activities correspond to the four general issues of IT planning.

 Strategic IT Planning: The first stage of the IT planning model includes several some what different types of activities.

On the one hand it refers to identifying a set of new applications a portfolio through which an organization will conduct its business. These applications make it possible for organizations to implement its business strategies in a competitive environment. On the other hand, SIP can also refer to the process of searching for strategic information systems applications that enable an organization to develop a competitive advantage rather than just maintaining its position. In either case, SIP must be aligned with overall organizational planning. To accomplish this alignment, the organizational must do the following. Set the IT mission. Access the environment. Access existing system availabilities and capabilities Set IT objectives, strategies and policies Access the potential impacts on IT. The output of the process should include the following: A new or revised IT charter and assessment of the state of the ISD: An accurate evaluation of the strategic aspirations and directions of the organization; And a statement of the objective, strategies and policies for the IT effort. To carry out the above tasks there exist several methodologies; the major ones are Business System Planning Nolans Stages of IT Growth model Ends/Means Analysis Critical Success Factors. Information Requirements Analysis:The goal of the second stage of the model, the information requirements analysis, is to ensure that the various information systems, databases, and networks can be integrated to support decision making and operations.

There are several alternative approaches for conducting the requirements analysis. 1. Define Underlying Organizational Subsystems: The first step of requirement analysis is to identify the underlying organizational processes, such as other fulfillment or product analysis. 2. Develop Subsystem Matrix: Once the underlying organization processes are identified, the next phase of requirements analysis exercise is to relate specific managers to organizational processes. The matrix is developed by reviewing the major decision responsibilities of each middle to top manager and relating them to specific processes. 3. Define and Evaluate Information Requirements for Organizational Subsystem: In this phase of the requirements analysis managers with major decision making responsibility for each process are interviewed in groups by information requirements of each organizational process. 4. Defining Major Information Categories and Map Interviews into Them: The process of defining information categories is similar to how data items for individual information system are factored into entities and attributes. 5. Developing Information/Subsystems Matrix: Mapping information categories against organizational subsystems creates an information categories by organizational process matrix. Information categories can be accounts receivable, customers demographics or product warranties. In each cell of the matrix an importance value is inserted. Resource Allocation: The third stage of the model for information planning consists of developing hardware, software, data communication, facilities, personnel, and financial plans needed to execute the master development plan as defined in the requirement analysis. Resource allocation is a contentious process in most organizations because opportunities and requests for spending far exceed the available funds. This can lead to intense, highly political competition between organizational units. Funding requests from the ISD fall into two categories. Some projects and infrastructure are necessary for organization to stay in business. On the other hand the IT planning process identifies an information architecture that usually requires additional funding for less critical items: new projects, maintenance or upgrades of existing system, an infrastructure to support these systems and future needs. After setting aside funds for the above category, the organization can use the remainder of the IT budget for projects related mainly to the improved information architecture developed by using information requirement analysis.

Project Planning: The fourth and final stage of our model for information system planning, project planning, provides an over all framework within which specific applications can be planned, scheduled, and controlled. Guidelines for IT Planning:To determine how much IT planning is needed, an organization should assess the extent to which each stage of IT planning has been accomplished. It can implement this assessment through a series of questions related to major activities and outputs in each of the stages of the four stage planning model. After determining the IT planning needs at each stage, it can select appropriate methodologies. Strategic Planning: In assessing the strategic planning stage, organizations need to answer questions such as: Is an IT mission clearly expressed in an IT charter? Is there a compressive assessment of the environment? Are the IT capabilities adequately assessed? Have new opportunities been identified? Is the current business environment understood? Is the current application portfolio defined and documented? Is the ISD image healthy? Is there a clear definition of organizational objectives and strategies? Has the strategic organizational plan been reviewed? Have strategic applications been identified to improve strategic advantage? Are IT policies, objectives, and strategies defined? Is the ISD structure appropriate for overall organization? Is the IS technology focus appropriate to the technology focus of the organization? Are the objectives for allocating IT resources appropriate? Are the IS management process appropriate? Are the functional capability objectives appropriate? Requirement Analysis: To conduct an assessment of the requirement analysis stage, an organization should answer the following questions. Is there an adequate assessment of the organizational information requirements? Is the overall information architecture identified? Is there a good understanding of current information needs of the organization? Is there a good understanding of projected information needs of the organization? Are the major databases and their relationships defined? Is there a master IT development plan? Are IT projects well defined? Are projects ranked by priority? Is there a multi year development schedule? Resource Allocation: To assess the resource allocation stage, an organization should answer the following questions:

 Does the organization have resource requirement plan? Are trends identified? Is there a hardware and software plan? Is there a data management plan? Is there a data communication plan? Is there a personnel plan? Is there a facilities plan? Is there a financial plan? Does the organization have an adequate procedure for resource allocation? Project Planning: To have a complete review of IT planning processes, an organization should answer the following questions in regard to project planning: Is there a procedure for evaluating projects in terms of difficulty or risk? Are projects tasks usually identified adequately? Are project cost estimates generally accurate? Are project time estimates generally accurate? Are checkpoints defined to monitor progress of projects? Are projects generally completed on schedule? If an organization does not get satisfactory answers to the project planning questions, it should review the project planning techniques. Problems with IT Planning: IT planning can be an expensive and time consuming process. A study of five large scale planning projects found that these projects involved 10 or more employees, on half-time and full-time basis, for periods lasting from 10 weeks to a year. The estimated costs of the projects ranged from $450,000 to $1.9 million. A survey of 80 firms with formal IT planning projects found that 53% were dissatisfied with their experiences. Managerial Issues: Importance: Getting IT ready for future that is, planning is one of the most challenging and difficult tasks facing all the management, including the IS management. Each of the four steps of IT strategic planning process setting the mission, assessing the environment, including the organizational goals and objectives, and finally setting the IS objectives strategies and policies presents its own unique problems. Yet, without planning, or with poor planning, the organization may be doomed. Organizing for Planning: Many issues like what should be the role of the ISD? How should it be organized? Staffed? Funded? How should human resource issues, such as training, benefits, and career path for IS personnel be handled? What about the environment? The competition? The economy? Government regulations? Emerging technologies? What is the

strategic direction of the host organization? What are its key objectives? Finally with these strategies and objectives and the larger environment, what strategies and objectives should IS pursue? Fitting the IT Architecture: Management of an organization may become concerned that their IT architecture is not suited to the needs of the organization. In such a case there has likely been a failure on the part of the IT technicians to determine properly the requirements of the organization. Perhaps there has also been a failure on the part of the management to understand the type and manner of IT architecture that they have allowed to develop or that they need. IT Architecture Planning: IT specialists versed in the technology of IT must meet with business users and jointly determine the present and future needs for IT architecture. Plans should be written and published as part of the organizational strategies. Plan should also deal with training, career implications, and other secondary infrastructure issues. IT Policy: IT architecture should be based on corporate guidelines or principles laid out in policies. These policies should include the roles and responsibilities of IT professionals and users, security issues, cost benefit analysis for evaluating IT, and IT architectural goals. Policies should be communicated to all personnel who are managing or directly affected by IT. Ethical & Legal Issues: Conducting interviews for finding managers needs and requirements must be done with full cooperation. Measures must be taken to protect privacy. IT Strategy: In planning IT, it is necessary to examine three basic strategies: o Be a Leader in technology: The advantages of being a leader are the ability to attract customers, to provide unique services and products and to be a cost leader. However there are high development costs of new technologies and high probability of failures. o Be a Follower: This is a risky strategy of being left behind. However, you do not risk failures, and you implement new technologies at a fraction of the cost. o Be an Experimenter: This way you minimize your research and development investment and the cost of failure. Yet, if new technologies prove to be successful you can move fairly fast for full implementation.