BUAD 822 Note-MIS-ICT Management

DISTANCE LEARNING
CENTRE AHMADU BELLO

UNIVERSITY ZARIA-NIGERIA
COURSE MATERIAL
MASTERS IN BUSINESS ADMINISTRATION (MBA)
BUAD 822: MANAGEMENT INFORMATION SYSTEM/ICT

MANAGEMENT
1
COPYRIGHT PAGE
© 2018 Distance Learning Centre, ABU Zaria, Nigeria
All rights reserved. No part of this publication may be reproduced in any form or
by any means, electronic, mechanical, photocopying, recording or otherwise
without the prior permission of the Director, Distance Learning Centre, Ahmadu
Bello University, Zaria, Nigeria.
First published 2018 in Nigeria
ISBN:
Published and printed in Nigeria by:
Ahmadu Bello University Press Ltd.
Ahmadu Bello University,
Zaria, Nigeria.
Tel: +234
E-mail:
2
COURSE WRITERS/DEVELOPMENT TEAM
Salisu Abubakar (PhD) (Subject Matter Expert)
Prof. Abiola Awosika
Halima Shuaibu (Subject Matter Reviewers)
Enegoloinu Adakole (Language Reviewer)
Dr. Fatima Kabir & Olumeyan Ebenezer Instructional Design/Graphics
Prof. Adamu Z. Hassan (Editor)
3
QUOTES
“Open and Distance Learning has the exceptional ability of meeting the challenges of
the three vectors of dilemma in education delivery – Access,
Quality and Cost”
- Sir John Daniels
“It has become appallingly obvious that our technology has exceeded our humanity”
- Albert Einstein
“Information technology and business are becoming inextricably interwoven. I don’t think
anybody can talk meaningfully about one without talking about the other.”
- Bill Gates
“The first rule of any technology used in a business is that automation applied
to an efficient operation will magnify the efficiency. The second is that
automation applied to an inefficient operation will magnify the inefficiency.”
- Bill Gates
4
TABLE OF CONTENT
Title Page
Acknowledgment Page
Copyright Page
Course Writers/ Development Team
Table of Content
INSTRUCTION
Preamble
i. Course Information
ii. Course introduction and description
iii. Course prerequisites
iv. Course Learning Resources
v. Course objectives and outcomes
vi. Activities to meet course objectives
vii. Time ( To complete syllabus/Course)
viii. Grading Criteria and Scale
ix. Course Structure and Outline
STUDY MODULES
1.0 Module 1: Management Information Systems (MIS) and Information Technology
Study Session 1: Introduction to Management Information System Study
Session 2: Information Technology
Study Session 3: Systems Development
2.0 Module 2:
Study session 1: Information Systems within Organisations
Study Session 2: Information systems management
Study Session 3: Information Security Management
3.0 Module 3:
Study Session 1: ICT for business and management Study
Session 2: Application of ICT in MIS
Study Session 3: Influences on MIS Application and Design
Study Session 4: Ethical and Societal Issues on MIS
5
Preamble
Hello and welcome to the Management Information System/ICT
Management class. For ease of identification and referral, let us
acronym the course ‘MIS/ICT’. MIS/ICT is a core course in your
Masters in Business Administration (MBA) programme. You are to take
the course in the second semester of your first year. I assure you that
you will find the course interesting and educating. From the basic
rudimentary aspects of management information system to the more
technical aspects of information and communication technology
management, you would be exposed adequately in order to strengthen
your managerial expertise on the issues of business-related information
technology and its management.
INTRODUTION
i. COURSE INFORMATION
Course Code: BUAD 822
Course Title: MIS/ICT Management
Credit Units: 3
Year of Study: One
Semester: 2nd
ii. COURSE INTRODUCTION AND DESCRIPTION

Course Description
From small and simple to big and complex, and whether public or
private, businesses use information systems at all levels of operation to
collect, process and store useful data. The management of such
businesses aggregates and disseminates this data in the form of
6
information needed to carry out the daily operations. Everyone who works in
business, from someone who pays the bills to the person who makes employment
decisions, uses information systems. A car manufacturer or dealer could use a
computer database to keep track of which type of car sells best. A retail store might
use a computer-based information system to sell products over the internet. These
automated systems are referred to as Management Information Systems (MIS).
MIS uses wide range of technological hardware and software. The
effective and efficient management of such wares is termed Information
and Communication Technology (ICT) management. Organisations
generally combine issues of MIS and ICT management with business
goals, in order to achieve competitive advantage over other businesses.
This course, therefore, covers issues relating to both MIS and ICT
management. Specifically, the course will acquaint you with both basic
and advanced knowledge on MIS and ICT management thereby
focussing on information technology, information systems, managing
information systems resources, development of MIS, ICT for business
and management, and ethical and societal issues surrounding MIS.
Course Introduction
MIS and ICT management are vital to every organisation. At this information age,
there is no organisation, whether private or public, that can be run effectively and
efficiently without the incorporation of MIS and ICT management to its
operational strategies and goals. Technology is evolutionary and must be adapted
as it continues to evolve.
7
This course (MIS and ICT management) is rooted in the automated
information systems used in business for effective and efficient
operations and decision making. The delivery system is online, using
this course material developed solely to provide all the necessary
information and guidance to you. The course is to be delivered in 15 to
16 weeks. The topics to be covered as well as the relevant materials you
should consult are provided. Discussion questions are also developed
for your discussions, while assignments (group and individual) are
posted to the course site. The time limit for posting discussions and
answers for the assignments are indicated and you should send them to
the drop box as at when due as indicated. Finally, you will be required
to write a semester examination at the conclusion of the course.
iii. COURSE PREREQUISITES
You should note that although this course has no subject pre- requisite,
you are expected to have:
1. Satisfactory level of English proficiency
2. Basic Computer Operations proficiency
iv. COURSE LEARNING RESOURCES

You should note that there are no compulsory textbooks for the course.
Notwithstanding, you are encouraged to consult some of those listed for further
reading at the end of each study session.
V. COURSE OUTCOMES
After studying this course, you should be able to:
8
1. understand the basics of MIS within an organisation;
2. identify and explain the characteristics of a good information
system;
3. differentiate between information technology and information
systems,
4. understand and analyse both hardware and software requirements
of an information system particularly the MIS;
5. explain the concepts of database and DBMS;
6. describe and analyse the stages involved in the development of an
information, especially the MIS;
7. define clearly the system development life cycle;
8. understand and describe the categories of information systems
within an organisation;
9. determine and synthesise the need for business intelligence and
knowledge management in MIS development;
10. evaluate the techniques used in the management of information
systems resources;
11. know and manage the security issues in the development and
operations of MIS;
12. evaluate and improve the networking and internet issues
associated with an ICT;
13. determine the implications of ICT in MIS;
14. understand the ethical and societal issues on MIS and ICT;
vi. ACTIVITIES TO MEET COURSE OBJECTIVES

This course is both theoretical and practical in nature. You are hereby
informed that a lot of reading, writing, online searching and
9
researching, and practical case study analysis are required. You will
share your findings and conclusions with others in an interactive manner
via discussions and short essays. MIS and ICT management issues to be
dwelled on should have bearing on practical applications of the theories,
principles and concepts through case study analysis. The case study
analysis will be both individual and group. In case of a group, you are
required to participate fully and be a team player. Your assessment is
partly based on your contribution and the group effort.
Specifically, this course shall comprise of the following activities:

i. Studying courseware
ii. Listening to course audios
iii. Watching relevant course videos
iv. Field activities, industrial attachment or internship,
laboratory or studio work (whichever is applicable)
v. Course assignments (individual and group)
vi. Forum discussion participation
vii. Tutorials (optional)
viii. Semester examinations (CBT and essay based)
vii. TIME (TO COMEPLETE SYLLABUS/COURSE)

It is expedient that you read through the study sessions, and consult the suggested
texts and other related materials. The study sessions contain self-assessment
questions to help you. As such, you are advised to devote at least 3 hours every day
for this course
10
Viii. GRADING CRITERIA AND SCALE
Grading Criteria
A. Formative assessment
Grades will be based on the following:
Individual assignments/test (CA 1,2 etc) 20
Group assignments (GCA 1, 2 etc) 10
Discussions/Quizzes/Out of class engagements etc 10
B. Summative assessment (Semester examination)
CBT based 30
Essay based 30
TOTAL 100%
C. Grading Scale (as appropriate for the course):

A = 70-100
B = 60 – 69
C = 50 - 59
D = 45-49
F = 0-44
D. Feedback
Courseware based:
1. In-text questions and answers (answers preceding references)
2. Self-assessment questions and answers (answers preceding
references)
11
Tutor based:
1. Discussion Forum tutor input
2. Graded Continuous assessments
Student based:
Online programme assessment (administration, learning resource,
deployment, and assessment)
12
x. COURSE STRUCTURE AND OUTLINE
Course Structure
WEEK/DATE MODULE STUDY SESSIONS ACTIVITY
Management Information Systems (MIS)

1 Study Session 1 1. Read Courseware for the corresponding Study Session.
Introduction to 2. Listen to the Audio on this Study Session
management information
system 3. View any other Video/U-tube (https://goo.gl/iFbznn )
4. View referred Animation (https://goo.gl/3iDLuY )
and Information Technology

Information Technology
MODULE
2. Listen to the Audio on this Study Session

1:
3. View any other Video/U-tube (https://goo.gl/HjrPiw )

4. View referred Animation (https://goo.gl/Wxggdk )

Systems Development 2. Listen to the Audio on this Study Session
3. View any other Video/U-tube (https://goo.gl/gd8C8W )
4. View referred Animation (https://goo.gl/vjWRVG )
Information Systems 2. Listen to the Audio on this Study Session
within Organisations
3. View any other Video/U-tube (https://goo.gl/QVun8b )
Management of Information
4. View referred Animation (https://goo.gl/Lfw89K )

Systems Resources
Information Systems and

MODULE 2:
Information Systems 2. Listen to the Audio on this Study Session

Management
3. View any other Video/U-tube(https://goo.gl/59seQ5 )
4. View referred Animation (https://goo.gl/St7yYJ )
Information Security 2. Listen to the Audio on this Study Session
Management
3. View any other Video/U-tube (https://goo.gl/7GXE9Z )
4. View referred Animation (https://goo.gl/RPEinH )
1
ICT for Business and 2. Listen to the Audio on this Study Session
Management
3. View any other Video/U-tube (https://goo.gl/bcCpmW )
4. View referred Animation (https://goo.gl/vBhVJw )
Application of ICT in 2. Listen to the Audio on this Study Session
and Societal Issues on MIS

MIS
Management, and Ethical

3. View any other Video/U-tube (https://goo.gl/XnPbfd )
ICT for Business and
4. View referred Animation (https://goo.gl/vjQEyw )
MODULE

Influences on MIS 2. Listen to the Audio on this Study Session
3:
Application Design
3. View any other Video/U-tube (https://goo.gl/BQskZF )

Ethical and Social issues 2. Listen to the Audio on this Study Session
on MIS
3. View any other Video/U-tube (https://goo.gl/87NhCP )
4. View referred Animation (https://goo.gl/Yvg1vV )
Week 14 & 15 REVISION/ TUTORIALS
Week 16 & 17 SEMESTER EXAMINATION
1
Course Outline
Study Module 1 – Management Information Systems (MIS) and
Study Session 1: Introduction to Management Information System Study
Session 2: Information Technology
Study Module 2: Information Systems and the Management of

Information Systems Resources
Study Session 1: Information Systems within Organisations Study
Session 2: Information systems management
Module 3 – ICT for Business and Management, and Ethical and Societal
Issues on MIS
Study Session 3: Influences on MIS Application and Design Study
Session 4: Ethical and Societal Issues on MIS
DISCUSSION FORUM
Topical/Forum Discussions
These are weekly topics which I shall post on the MBA dashboard. The
topics will centre on theoretical issues, contemporary issues and/or
emerging events in the discipline at the time of posting. You are
expected to study and contribute to such discussions. Your contribution
to these sessions is necessary.
15
Discussion Questions/Group Assignments
These are pre-determined topics to be assigned to groups of students who would
develop a thesis around the topics, submit the thesis to an assigned forum where all
participants will interact and make comments to add to the knowledge and move
the conversation forward.
16
STUDY MODULES
1.0 MODULE 1 - Management Information Systems (MIS) and Information
Technology
Contents:
Study Session 1: Introduction to Management Information System
Study Session 2: Information Technology
STUDY SESSION 1:
Introduction to Management Information System
Section and Subsection Headings
Introduction
1.0 Learning Outcome
2.0 Main Content
2.1 Information Technology
2.2 Information System
2.3 Management Information Systems (MIS)
2.4 Components of Information Systems
2.5 Development of information Systems
2.6 Use of Information Systems
2.7 Information characteristics
2.8 Information Systems for problem and decision making
2.9 Using Information Systems for comparative advantage
3.0 Tutored Marked Assignment
4.0 Session Summary
5.0 Self-Assessment Question and answers
17
6.0 Additional Activities (Videos, animation and outdoor activities)
7.0 References
Introduction
You are welcome to the first study session of this course. In this study session, we
are going to discuss some important concepts of this course which will give you a
background of what the course is all about and will also form the basis of our
subsequent discussions. I hope you will have a wonderful time.
1.0 Learning Outcomes

At the completion of this session, I expect you to be able to:
1. define information technology and information systems,
2. explain the components of information systems,
3. discuss the developments of information systems, and
4. describe the characteristics of information.
2.0 Main Outcome

2.1 Information Technology
Information technology (IT) is a label that has two meanings. In common usage,
the term “information technology” is often used to refer to all of computing. As a
name of a postgraduate degree programme, it refers to the preparation of students
to meet
the computer technology
needs of business,
government, healthcare,
schools, and other kinds of
organisations.
18
IT professionals possess the right combination of knowledge and practical, hands-
on expertise to take care of both an organisation’s information technology
infrastructure and the people who use it. They assume responsibility for selecting
hardware and software products appropriate for an organisation. They integrate
those products with organisational needs and infrastructure, and install, customize
and maintain those applications, thereby providing a secure and effective
environment that supports the activities of the organisation’s computer users. In IT,
programming often involves writing short programmes that typically connect
existing components (scripting).
Planning and managing an organisation’s IT infrastructure is a difficult and

complex job that requires a solid foundation in applied computing as well as
management and people skills. Those in the IT discipline require special skills – in
understanding, for example, how networked systems are composed and structured,
and what their strengths and weaknesses are. There are important software systems
concern such as reliability, security, usability, effectiveness and efficiency for their
intended purpose; all of these concern are vital. These topics are complex and
intellectually demanding.
2.2 Information System

Information systems (IS) is concerned with the information that computer systems
can provide to aid a company, non-profit or governmental organisation in defining
and achieving its goals. It is also concerned with the processes that an enterprise
can implement and improve using information technology. IS professionals must
understand both technical and organisational factors, and must be able to help an
organisation determine how information and technology-enabled business
processes
19
can provide a foundation for superior organisational performance. They serve as a
bridge between the technical and management communities within an organisation.
What information does the enterprise need? How is that information generated? Is
it delivered to the people who need it? Is it presented to them in ways that permit
them to use it readily? Is the organisation structured to be able to use technology
effectively? Are the business processes of the organisation well designed? Do they
use the opportunities created by information technology fully? Does the
organisation use the communication and collaboration capabilities of information
technologies appropriately? Is the organisation capable of adapting quickly enough
to changing external circumstances? These are the important issues that businesses
rely on IS people to address.
ITQ 1: What is information systems?
2.3 Management Information System (MIS)

A system to convert data from external and internal sources into information and to
communicate that information, in an appropriate form, to managers at all levels in
all functions to enable them to make timely and effective decisions for planning,
directing and controlling the activities for which they are responsible. It is the
study of information systems focusing on their use in business and management.
Among the objectives of MIS are to support the activities of managers in
organisations; and to support various business strategies for competitiveness.
Today, MIS is used broadly in various contexts and includes, but is not limited to,
decision support systems, resource and people management applications, project
20
management, and database retrieval applications. Although the boundaries have
become fuzzy over the years, typically MIS still covers systems that are critical to
the company's ability to survive, including accounting and order entry. Upper
management should not lose sight of this fact. In many businesses, MIS handles
legacy software and hardware, coded by programmers long since retired, who left
no documentation for the systems.
ITQ 2: What is Management Information System (MIS)?
The enterprise upgrades or modernises these systems only very carefully, and with
high appreciation of the risks involved. Therefore, MIS, and the people who
support it and know its quirks, remains a vital if not under-celebrated part of
enterprise IT.
2.4 Components of Information Systems

Information systems are typically made up of three components: Technology,
People and Process. The last two, people and process, are really what separate the
idea of information systems from more technical fields, such as computer science.
The "classic" view of Information systems found in the textbooks in the 1980s was
of a pyramid of systems that reflected the hierarchy of the organisation, usually
transaction processing systems at the bottom of the pyramid, followed by
management information systems, decision support systems, and ending with
executive information systems at the top. Although the pyramid model remains
useful, since it was first formulated a number of new technologies have been
developed and new categories of information systems have emerged, some of
21
which no longer fit easily into the original pyramid model.
22
Today, reference to Information Systems imply a computer (-based) information
system. This essentially is an information system using computer technology to
carry out some or all of its planned tasks. Such a system can include as little as a
personal computer and software. Or it may include several thousand computers of
various sizes with hundreds of printers and other devices, as well as
communication networks (wire-line and wireless) and databases. In most cases an
information system also includes people. The basic components of information
systems are listed below. Note that not every system includes all these components.
Five basic components of information systems

1. Hardware: (Physical computer equipment and associate devices, machines and
media).
 Machines: as computers and other equipment along with all data media,
objects on which data is recorded and saved.
 Computer systems: consist of variety of interconnected peripheral devices.
Examples are microcomputer systems, midrange computer systems, and
large computer systems.
2. Software: (programmes and procedures).Software Resources includes all sets of

information processing instructions. This generic concept of software includes
not only the programmes, which direct and control computers, but also the sets of
information processing (procedures). Software Resources include:
 System software, such as an operating system
 Application software, which are programmes that direct processing for a
particular use of computers by end users.
23
 Procedures, which are operating instructions for the people, who will use
an information system. Examples are instructions for filling out a paper
form or using a particular software package.
3. Data: (data and knowledge bases). Data resources include data (which is raw
material of information systems) and database. Data can take many forms,
including traditional alphanumeric data, composed of numbers and alphabets and
other characters that describe business transactions and other events and entities.
Text data, consisting of sentences and paragraphs used in written
communications; image data, such as graphic shapes and figures; and audio data,
the human voice and other sounds, are also important forms of data. Data
resources must meet the following criteria:
 Comprehensiveness: means that all the data about the subject are actually
present in the database.
 Non-redundancy: means that each individual piece of data exists only once
in the database.
 Appropriate structure: means that the data are stored in such a way as to
minimize the cost of expected processing and storage.
The data resources of IS are typically organised into:
 Processed and organised data-Databases.
 Knowledge in a variety of forms such as facts, rules, and case examples
about successful business practices.
24
4. Networks: (communications media and network support).Telecommunications
networks like the internet, intranets, and extranets have become essential to the
successful operations of all types of organisations and their computer-based
information systems. Telecommunications networks consist of computers,
communications processors, and other devices interconnected by communications
media and controlled by communications software. The concept of Network
Resources emphasises that communications networks are a fundamental resource
component of all information systems. Network resources include:
 Communications media: such as twisted pair wire, coaxial cable, fiber-optic
cable, microwave systems, and communication satellite systems.
 Network support: This generic category includes all of the people, hardware,
software, and data resources that directly support the operation and use of a
communications network. Examples include communications control
software such as network operating systems and internet packages.
5. Procedures: are the commands for combining the components above to

process information and produce the preferred output. The last component of
information systems is process. A process is a series of steps undertaken to
25
achieve a desired outcome or goal. Information systems are becoming more
and more integrated with organisational processes, bringing more
productivity and better control to those processes. But simply automating
activities using technology is not enough – businesses looking to effectively
utilise information systems do more. Using technology to manage and
improve processes, both within a company and externally with suppliers and
customers, is the ultimate goal. Technology buzzwords such as “business
process reengineering,” “business process management,” and “enterprise
resource planning” all have to do with the continued improvement of these
business procedures and the integration of technology with them. Businesses
hoping to gain an advantage over their competitors are highly focused on
this component of information systems.
6.
The first four components (hardware, software, database, and network) make up
what is known as the information technology platform. Information technology
workers (human resource comprising of qualified people) could then use these
components to create information systems that watch over safety measures, risk
and the management of data. These actions are known as information technology
services.
ITQ 3: What are the five basic components of information systems?
2.5 Development of Information Systems

Information systems are an outgrowth of a process of organisational problem
solving. Information system are built as a solution to some type of problem or set
of problems the organisation perceive it is facing. The problem may be one in
26
which
27
managers and employees realise that the organisation is not performing as well as
expected, or that the organisation should take
advantage of new opportunities to perform more
successfully.
The activities that go into producing an

information system solution to an organisational
problem or opportunity are called systems
development. Planning and developing large
information systems is akin to a multilevel chess game—it is a very demanding
task for even the most experienced professionals. Information systems tend to grow
in complexity as organisations grow in size.
Systems development is a structured kind of problem solved with distinct
activities. These activities consist of systems analysis, systems design,
programming, testing, conversion, and production and maintenance. Systems
development activities usually take place in sequential order. But some of the
activities may need to be repeated or some may take place simultaneously,
depending on the approach to system building that is being employed.
2.6 Use of Information Systems

Information Systems (IS) creates an impact on the organisation’s function,
performance and productivity. With IS support, management of all departments of
an organisation can become more effective, IS provides several advantages to the
organisation:
1. Ability to link and enable employees: Electronic communication increases the
overall amount of communication within a firm. The most important aspect is that
people from the various units of a corporation can interact with each other and thus
28
horizontal communication is promoted. All the obvious advantages of quicker
information availability is the outcome of this function of IT, but it must also be
remembered that too much electronic communication leads to increased alienation
of employees due to increased impersonality.
2. Increases boundary spanning: An individual can access any information in

any part of the organisation with the aid of the appropriate technology. This
eliminates the need for the repetition of information and thus promotes non-
redundancy. If information provided is adequate, one can deal with factors like
business risk and uncertainties effectively.
3. Ability to store and retrieve information at any instance: means that the
organisation does not have to rely solely on the fallibility of human error, which is
subject to error and erosion. Information can be stored, retrieved and
communicated far more easily and effectively. The information support improves
the lack of knowledge, enriches experience and improves analytical ability leading
to better business judgment. It helps managers to act decisively.
4. Helps in forecasting and long term planning: A disciplined IS creates a

structured database and knowledge base for all people in the organisation. The
information available in such a form that it can be used either straight away or
using blending and analysis thereby saving manager’s valuable time.
ITQ 4: What is Information System Development?
29
Using the five-component framework
An information system depends on the resources of people (end users and IS
specialists), hardware (machines and media), software (programmes and
procedures), data (data and knowledge bases), and networks (communications
media and network support) to perform input, processing, output, storage, and
control activities that transform data resources into information products.
Common information products include messages, reports, forms, and graphic

images, which may be provided by video displays, audio responses, paper
products, and multimedia. We routinely use the information provided by these
products as we work in organisations and live in society. For example, a sales
manager may view a video display to check on the performance of a salesperson,
accept a computer- produced voice message by telephone, and receive a printout of
monthly sales results.
2.7 Information Characteristics

Good information is that which is used and which creates value. Experience and
research shows that good information has numerous qualities, some of which are
discussed below.
Availability/Accessibility
Information should be easy to obtain or access. Information kept in a book of some
kind is only available and easy to access if you have the book to hand. A good
example of availability is a telephone directory, as every home should have one for
its local area. It is probably the first place you look for a local number. But nobody
keeps the whole country’s telephone books so for numbers further afield you
30
probably phone a directory enquiry number. For business premises, say for a hotel
in London, you would probably use the internet.
Accuracy
Information needs to be accurate enough for the use to
which it is going to be put. To obtain information that
is 100% accurate is usually unrealistic as it is likely to
be too expensive to produce on time. The degree of
accuracy depends upon the circumstances. At operational levels information may
need to be accurate to the nearest kobo – on a supermarket till receipt, for example.
But at tactical level, department heads may see weekly summaries correct to the
nearest N100, whereas at strategic level directors may look at comparing stores’
performances over several months to the nearest N100, 000 per month.
Reliability/ Objectivity
Reliability deals with the truth of information or the objectivity with which it is
presented. You can only really use information confidently if you are sure of its
reliability and objectivity.
When researching for an essay in any subject, we might make straight for the
library to find a suitable book. We are reasonably confident that the information
found in a book is reliable and (in the case of factual information) objective, as the
book has been written and the author’s name is usually printed for all to see. The
publisher should have employed an editor and an expert in the field to edit the
book and question any factual doubts they may have.
31
Compare that to finding information on the Internet where anybody can write
unedited and unverified material and ‘publish’ it on the web. Unless you know
who the author is, or a reputable university or government agency backs up the
research, then you cannot be sure that the information is reliable. Some Internet
websites are like vanity publishing, where anyone can write a book and pay certain
(vanity) publishers to publish it.
Relevance/ Appropriateness
Information should be relevant to the purpose for which it is required. It must be
suitable. What is relevant for one manager may not be relevant for another. The
user will become frustrated if information contains data irrelevant to the task in
hand.
For example, a market research company may give information on users’

perceptions of the quality of a product. This is not relevant for the manager who
wants to know opinions on relative prices of the product and its rivals. The
information gained would not be relevant to the purpose.
Completeness
Information should contain all the details required by the user. Otherwise, it may
not be useful as the basis for making a decision. For example, if an organisation is
supplied with information regarding the costs of supplying a fleet of cars for the
sales force, and servicing and maintenance costs are not included, then a costing
based on the information supplied will be considerably underestimated.
32
Ideally, all the information needed for a particular decision should be available.
However, this rarely happens; good information is often incomplete. To meet all
the needs of the situation, you often have to collect it from a variety of sources.
Level of detail/ Conciseness

Information should be in a form that is short enough to allow for its examination
and use. There should be no extraneous information. For example, it is very
common practice to summarise financial data and present this information, both in
the form of figures and by using a chart or graph. We would say that the graph is
more concise than the tables of figures as there is little or no extraneous
information in the graph or chart. Clearly there is a trade-off between level of
detail and conciseness.
Presentation
The presentation of information is important to the user. Information can be more
easily assimilated if it is aesthetically pleasing. For example, a marketing report
that includes graphs of statistics will be more concise as well as more aesthetically
pleasing to the users within the organisation. Many organisations use presentation
software and show summary information via a data projector. These presentations
have usually been well thought out to be visually attractive and to convey the
correct amount of detail.
Timing
Information must be on time for the purpose for which it is required. Information
received too late will be irrelevant. For example, if you receive a brochure from a
theatre and notice there was a concert by your favourite band yesterday, then the
information is too late to be of use.
33
Value of information
The relative importance of information for decision-making can increase or
decrease its value to an organisation. For example, an organisation requires
information on a competitor’s performance that is critical to their own decision on
whether to invest in new machinery for their factory. The value of this information
would be high. Always keep in mind that information should be available on time,
within cost constraints and be legally obtained.
Cost of information
Information should be available within set cost levels that may vary dependent on
situation. If costs are too high to obtain information, an organisation may decide to
seek slightly less comprehensive information elsewhere. For example, an
organisation wants to commission a market survey on a new product. The survey
could cost more than the forecast initial profit from the product. In that situation,
the organisation would probably decide that a less costly source of information
should be used, even if it may give inferior information.
ITQ 5: Experience and research shows that good information has numerous qualities. What are those qualities?
2.8 Information Systems for Problem Solving and Decision Making

What does it mean when a company has a competitive advantage? What are the
factors that play into it? One of the most accepted definitions, developed by
Michael Porter in his book Competitive Advantage: Creating and Sustaining
Superior Performance. A company is said to have a competitive advantage over its
rivals when it is able to sustain profits that exceed average for the industry.
According to Porter, there are two primary methods for obtaining competitive
34
advantage: cost
35
advantage and differentiation advantage. In his book, Porter describes exactly
how a company can create value (and therefore profit). Value is built through the
value chain: a series of activities undertaken by the company to produce a product

or service. Each step in the value chain contributes to the overall value of a product
or service. While the value chain may not be a perfect model for every type of
company, it does provide a way to analyse just how a company is producing value.
The value chain is made up of two sets of activities: primary activities and support
activities. These activities play a role in creating value by contributing to cost
advantage or differentiation advantage, or both.
The primary activities are the functions that directly impact the creation of a
product or service. The goal of the primary activities is to add more value to the
product or service than the cost to produce.
The support activities are the functions in an organisation that support, and cut
across, all of the primary activities. Such as: firm infrastructure, human resource
management, technology development and procurement.
36
This analysis of the value chain provides some insight into how information
technology can lead to competitive advantage.
Another tool that Porter developed – the “five forces” model, can be used to help
understand just how competitive an industry is and to analyse its strengths and
weaknesses. The model consists of five elements, each of which plays a role in
determining the average profitability of an industry. In 2001, Porter wrote an
article entitled “Strategy and the Internet,” in which he takes this model and looks
at how the internet impacts the profitability of an industry. Below is a quick
summary of each of the five forces and the impact of the internet.
• Threat of substitute products or services: How easily can a product or service

be replaced with something else? The more types of products or services there are
that can meet a particular need, the less profitability there will be in an industry.
• Bargaining power of suppliers: When a company has several suppliers to
choose from, it can demand a lower price.
• Bargaining power of customers: A company that is the sole provider of a
unique product has the ability to control pricing. But the internet has given
customers many more options to choose from.
• Barriers to entry: The easier it is to enter an industry, the tougher it will be to
make a profit in that industry.
ITQ 6: What does it mean when a company has a competitive advantage?
37
• Rivalry among existing competitors: The more competitors there are in an
industry, the bigger a factor price becomes. The advent of the internet has
increased competition by widening the geographic market and lowering the costs
of doing business.
Porter’s five forces are used to analyse an industry to determine the average
profitability of a company within that industry. Adding in Porter’s analysis of the
internet, we can see that the internet (and by extension, information technology in
general) has the effect of lowering overall profitability. While the internet has
certainly produced many companies that are big winners, the overall winners have
been the consumers, who have been given an ever-increasing market of products
and services and lower prices.
2.9 Using Information Systems for Competitive Advantage

Now that we have an understanding of competitive advantage and some of the
ways that IT may be used to help organisations gain it, we will turn our attention to
some specific examples. A strategic information system is an information system
that is
38
designed specifically to implement an organisational strategy meant to provide a
competitive advantage.
Hence, a strategic information system is one that attempts to do one or more of the
following:
• deliver a product or a service at a lower cost;
• deliver a product or service that is differentiated;
• helps an organisation focus on a specific market segment;
• enable innovation.
Following are some examples of information systems that fall into this category.
• Business Process Management Systems: information systems that support
business processes.
•Electronic Data Interchange: computer-to-computer exchange of business
documents in a standard electronic format between business partners.
• Collaborative Systems: allowed users to brainstorm ideas together without the
necessity of physical, face-to-face meetings.
• Decision Support Systems: helps an organisation make a specific decision or set
of decisions.
4.0 Session Summary

In this study session, we were able to discuss information technology, information
systems as well as management information system. We went further to discuss the
development of information systems and the use of information systems. The
39
components of information systems and information characteristics was also
highlighted.
4.0 Self-Assessment Questions

1. Define the concept of MIS and describe the basic requirements of an MIS.
2. Explain the relationship amongst information system, MIS, and information
technology.
3. Enumerate and explain the components of an information system.
4. Discuss the five-component framework of an MIS and explain its application.
5. How can MIS assist the following levels of management in discharging their
core duties and responsibilities?
i) Strategic managers
ii) Tactical/functional managers
iii) Operational managers.
6. Identify and discuss the characteristics of an MIS.
7. Smylisu Solutions® is a Nigerian firm specialising in information
technology and human resource management. The firm has been in business
for the past ten years and operating within the shores of Nigeria. In 2013, the
firm underwent series of transformations and restructuring to lift it to
international standard for operating beyond the shores of Nigeria. After the
transformation exercise, the firm found out that the Management
Information System (MIS) used before the transformation cannot serve the
transformed firm. The Board of Directors decided to hire an international
MIS professional as the MIS Manager, who is experienced in both local and
international operations of MIS. That person is you and congratulations for
the appointment.
Required:
40
i) Identify five principal duties and/or responsibilities of your new office.
ii) In respect of the shortcomings of the existing system, how would you
strategically approach the replacement of the existing system with a
system that suits the transformations and give the firm competitive
advantage in international business operations?
8. “Businesses use information systems at all levels of operation to collect,
process and store data. Management aggregates and disseminates this data in
the form of information needed to carry out the daily operations of
business.” In the 21st century business world, what are the challenges facing
MIS professionals in the development and management of organisations’
MIS?
6.0 Additional Activity (Videos, animation and outdoor activities)

a. Visit U-tube https://goo.gl/iFbznn watch the video and simmarize in
1 paragraph
b. View the animation on https://goo.gl/3iDLuY and critique in the
discussion forum
c. Walk around an engage 3 students on ????????. In 2 paragraphs
summarize their opinion on the discussed topic
I T A 1: I nf or ma tion systems ( I S ) is concer ned with the i nf or ma ti on t h a t c omputer s ystems can p r ovide t o aid a co mp any, n on - p rofit or gov er
achieving i t s goals
41
ITA 2: Management Information System (MIS) is system a used to convert data from external and inter
ITA 3: 1. Hardware 2. Software 3. Data 4. Networks 5. Procedures
ITA 4: Information System Development are the activities that go into producing an information system
ITA 5: Availability/ Accessibility, Accuracy, Reliability/Objectivity, Relevance /Appropriateness, Com
ITA 6: A company is said to have a competitive advantage over its rivals when it is able to sustain profi
42
7.0 References
Bourgeois, T. David (Ph.D.) (2014) Information Systems for Business and Beyond.
www.saylor.org.
Laudon, K., and Laudon, J. (2014) Management Information Systems: Managing
the Digital Firm. (13th Global Ed.) Edinburgh Gate, Harlow Essex CM20
2JE, England: Pearson Education Limited. ISBN: 978-0-27-378997-0.
O’Brien, J. and Marakas, G. (2011) Management Information Systems. (10th
Ed.)Boston: Irwin McGraw-Hill. ISBN: 978-0-07-337681-3.
Turban, E., Rainer, R. K. and Potter, R. E. (2003) Introduction to
Information Technology. (2nd Ed). Wiley. ISBN 0471073806.
http://www.jhigh.co.uk/Intermediate2/Using%20Information/12_chara
ct_of_info.html
43
STUDY SESSION 2
Introduction
2.0 Main Content
2.1 Hardware requirement
2.2 Software requirement
2.3 Data processing
2.4 Data base
2.5 Data base design and administration
2.6 Data communication and internet technology
2.7 Components of a network
4.0 Session Summary
6.0 Additional Activity (Videos, animations and outdoor activities)
7.0 References
Introduction
In the previous study session, you were introduced to the basic concept you need to
know about management information systems. Therefore, we are going to continue
our discussions from there. However, I want you to understand that Information
technology is broadly defined as the collection of computer systems used by an
organisation. Information technology, in its narrow definition, refers to the
technological side of an information system. It includes the hardware, software,
databases, networks, and other electronic devices. It can be viewed as a subsystem
44
of an information system. Sometimes, though, the term information technology is
also used interchangeably with information system. The term IT in its broadest
sense is used to describe an organisation’s collection of information systems, their
users, and the management that oversees them.

At the end of this study session, you should be able to:
1. know the hardware and software requirements,
2. understand database processing,
3. discuss data communication and internet technology, and
4. explain the components of a network.
2.0Main Content
2.1 Hardware Requirement
The physical parts of computing devices – those that you can actually touch – are
referred to as hardware. In this session, we will take a look at this component of
information systems, learn a little bit about how it works, and discuss some of the
current trends surrounding it.
Computer hardware includes devices such as the following:

Desktop computers, Laptop computers, Mobile phones, Tablet computers, e-
Readers, Storage devices, such as flash drives, Input devices, such as keyboards,
mice, and scanners and Output devices such as printers and speakers.
Besides these more traditional computer hardware devices, digital technologies are
now being integrated into many everyday objects, so the days of a device being
45
labeled categorically as computer hardware may be ending. Examples of these
types of digital devices include automobiles, refrigerators, and even soft-drink
dispensers.
Tour of a PC
All personal computers (PC) consist of the same basic components: a CPU,
memory, circuit board, storage, and input/output devices. It also turns out that
almost every digital device uses the same set of components, so examining the
personal computer will give us insight into the structure of a variety of digital
devices. So let us take a “tour” of a personal computer and see what makes them
function.
Motherboard
The motherboard is the main circuit board on the computer. The CPU, memory,
and storage components, among other things, all connect into the motherboard.
Motherboards come in different shapes and sizes, depending on how compact or
expandable the computer is designed to be.
Random-Access Memory
When a computer starts up, it begins to load information from the hard disk into its
working memory. This working memory, called random-access memory (RAM),
can transfer data much faster than the hard disk. Any programme that you are
running on the computer is loaded into RAM for processing. In order fora
computer to work effectively, some minimal amount of RAM must be installed. In
most cases, adding more RAM will allow the computer to run faster. Another
characteristic of RAM is that it is “volatile”. This means that it can store data as
long as it is receiving power; when the computer is turned off, any data stored in
46
RAM is lost.
47
Hard Disk
While the RAM is used as working memory, the computer also needs a place to
store data for the longer term. Most of today’s personal computers use a hard disk
for long-term data storage. A hard disk is where data is stored when the computer
is turned off and where it is retrieved from when the computer is turned on. Why is
it called a hard disk? A hard disk consists of a stack of disks inside a hard metal
case. A floppy disk was a removable disk that, in some cases at least, was flexible,
or “floppy”.
Solid-State Drives
A relatively new component becoming more common in some personal computers
is the solid-state drive (SSD). The SSD performs the same function as a hard disk:
long-term storage. Instead of spinning disks, the SSD uses flash memory, which is
much faster. Solid-state drives are currently quite a bit more expensive than hard
disks. However, the use of
flash memory instead of
disks makes them much
lighter and faster than hard
disks. SSDs are primarily
utilised in portable
computers, making them
lighter and more efficient.
Some computers combine
the two storage
technologies, using the SSD
for the most accessed data (such as the operating system) while using the hard disk
48
for data that is accessed less frequently. As with any technology, Moore’s Law is
driving up capacity and speed and lowering prices of solid-state drives, which will
allow them to proliferate in the years to come.
Removable Media
Besides fixed storage components, removable storage media are also used in most
personal computers. Removable media allows you to take your data with you. And
just as with all other digital technologies, these media have gotten smaller and
more powerful as the years have gone by. Early computers used floppy disks,
which could be inserted into a disk drive in the computer. Around the turn of the
century, a new portable storage technology was being developed: the USB flash
drive. This device attaches to the universal serial bus (USB) connector, which
became standard on all personal computers beginning in the late 1990s. As with all
other storage media, flash drive storage capacity has skyrocketed over the years,
from initial capacities of eight megabytes to current capacities of 64 gigabytes and
still growing.
Network Connection
When personal computers were first developed, they were stand-alone units, which
meant that data was brought into the computer or removed from the computer via
removable media, such as the floppy disk. Beginning in the mid-1980s, however,
organisations began to see the value in connecting computers together via a digital
network. Because of this, personal computers needed the ability to connect to these
networks. Initially, this was done by adding an expansion card to the computer that
enabled the network connection, but by the mid-1990s, a network port was
standard on most personal computers. As wireless technologies began to dominate
in the early 2000s, many personal computers also began including wireless
49
networking capabilities.
50
Other Computing Devices
A personal computer is designed to be a general-purpose device. That is, it can be
used to solve many different types of problems. As the technologies of the personal
computer have become more commonplace, many of the components have been
integrated into other devices that previously were purely mechanical. We have also
seen an evolution in what defines a computer. Ever since the invention of the
personal computer, users have clamoured for a way to carry them around. Here we
will examine several types of devices that represent the latest trends in personal
computing.
Portable Computers
In 1983, Compaq Computer Corporation developed the first commercially
successful portable personal computer. By today’s standards, the Compaq PC was
not very portable: weighing in at 28 pounds, this computer was portable only in the
most literal sense – it could be carried around. But this was no laptop by today’s
standards; laptops today, are extremely light and portable and use less power than
their larger counterparts. The Mac Book Air is a good example of this: it weighs
less than three pounds and is only 0.68 inches thick!
Finally, as more and more organisations and individuals are moving much of their
computing to the internet, laptops are being developed that use “the cloud” for all
of their data and application storage. These laptops are also extremely light
because they have no need of a hard disk at all! A good example of this type of
laptop (sometimes called a net book) is Samsung’s Chrome book.
Smartphones
51
The first modern-day mobile phone was invented in 1973. Resembling a brick and
weighing in at two pounds, it was priced out of reach for most consumers at nearly
four thousand dollars. Since then, mobile phones have become smaller and less
expensive; today mobile phones are a modern convenience available to all levels of
society. As mobile phones evolved, they became more like small computers. These
smart phones have many of the same characteristics as a personal computer, such
as an operating system and memory.
Tablet Computers
A tablet computer is one that uses a touch screen as its primary input and is small
enough and light enough to be carried around easily. They generally have no
keyboard and are self-contained inside a rectangular case. The first tablet
computers appeared in the early 2000s and
used an attached pen as a writing
device for input. These tablets
ranged in size from small
personal digital assistants
(PDAs), which were handheld, to
full-sized, 14-inch devices. Most
early tablets used a version of an
existing computer operating
system, such as Windows or
Linux.
These early tablet devices were, for the most part, commercial failures. In January,
2010, Apple introduced the iPad, which ushered in a new era of tablet computing.
Instead of a pen, the iPad used the finger as the primary input device. Instead of
using the operating system of their desktop and laptop computers, Apple chose to
52
use iOS, the operating system of the iPhone. Since the iPad had a user interface
that was the same as the iPhone, consumers felt comfortable and sales took off.
The iPad has set the standard for tablet computing. After the success of the iPad,
computer manufacturers began to develop new tablets that utilised operating
systems that were designed for mobile devices, such as Android.
Integrated Computing
Along with advances in computers themselves, computing technology is being
integrated into many everyday products. From automobiles to refrigerators to
airplanes, computing technology is enhancing what these devices can do and is
adding capabilities that would have been considered science fiction just a few years
ago. Here are two of the latest ways that computing technologies are being
integrated into everyday products:
• The Smart House
• The Self-Driving Car
The Commoditisation of the Personal Computer

Over the past thirty years, as the personal computer has gone from technical marvel
to part of our everyday lives, it has also become a commodity. The PC has become
a commodity in the sense that there is very little differentiation between computers,
and the primary factor that controls their sale is their price. Hundreds of
manufacturers all over the world now create parts for personal computers. Dozens
of companies buy these parts and assemble the computers. As commodities, there
are essentially no differences between computers made by these different
companies. Profit margins for personal computers are razor-thin, leading hardware
developers to find the lowest-cost manufacturing.
53
The Problem of Electronic Waste
Personal computers have been around for over thirty-five years. Millions of them
have been used and discarded. Mobile phones are now available in even the
remotest parts of the world and, after a few years of use, they are discarded. Where
does this electronic debris end up? Often, it gets routed to any country that will
accept it. Many times, it ends up in dumps in developing nations. These dumps are
beginning to be seen as health hazards for those living near them.
Though many manufacturers have made strides in using materials that can be
recycled, electronic waste is a problem with which we must all deal with.
ITQ 1: What are the hardware and software requirements of Information Systems?
2.2 Software Requirement

The second component of an information system is software. Simply put:
Software is the set of instructions that tell the hardware what to do. Software is
created through the process of programming. Without software, the hardware
would not be functional.
Types of software
Software can be broadly divided into two categories: operating systems and
application software. Operating systems manage the hardware and create the
interface between the hardware and the user. Application software is the category
of programmes that do something useful for the user.
Operating systems
The operating system provides several essential functions, including:
54
1. Managing the hardware resources of the computer;
2. Providing the user-interface components;
3. Providing a platform for software developers to write applications.
All computing devices run an operating system. For personal computers, the most
popular operating systems are Microsoft’s Windows, Apple’s OS X, and different
versions of Linux. Smartphone's and tablets run operating systems as well, such
as Apple’s iOS, Google’s Android, Microsoft’s Windows Mobile, and
Blackberry.
Application software
The second major category of software is application software. Application
software is, essentially, software that allows the user to accomplish some goal or
purpose. For example, if you have to write a paper, you might use the application-
software programme Microsoft Word. If you want to listen to music, you might use
iTunes. To surf the web, you might use Internet Explorer or Firefox. Even a
computer game could be considered application software.
Productivity software
Along with the spreadsheet, several other software applications have become
standard tools for the workplace. These applications, called productivity software,
allow office employees to complete their daily work. Many times, these
applications come packaged together, such as in Microsoft’s Office suite.
Utility software and programming software

Two subcategories of application software worth mentioning are utility software
55
and programming software. Utility software includes software that allows you to
fix or
56
modify your computer in some way. Examples include antivirus software and disk
defragmentation software. These types of software packages were invented to fill
shortcomings in operating systems. Many times, a subsequent release of an
operating system will include these utility functions as part of the operating system
itself.
Programming software is software whose purpose is to make more software. Most

of these programmes provide programmers with an environment in which they can
write the code, test it, and convert it into the format that can then be run on a
computer.
Applications for the enterprise

As the personal computer proliferated inside organisations, control over the
information generated by the organisation began splintering. In the 1990s, the need
to bring the organisation’s information back under centralised control became more
apparent. The enterprise resource planning (ERP) system (sometimes just called
enterprise software) was developed to bring together an entire organisation in one
software application. Simply put, an ERP system is a
software application utilising a central database that is
implemented throughout the entire organisation.
Examples of these are: Customer relationship
management (CRM) system, a software application
designed to manage an organisation’s customers and
supply chain management (SCM) system, a software
application designed to manage the interconnection
between an organisation’s suppliers, its manufacturing facilities, and the
distributors of its products.
57
Mobile applications
Just as with the personal computer, mobile devices such as tablet computers and
smart phones also have operating systems and application software. In fact, these
mobile devices are in many ways just smaller versions of personal computers. A
mobile app is a software application programmed to run specifically on a mobile
device.
Cloud computing
“The cloud” refers to applications, services, and data storage on the internet. These
service providers rely on giant server farms and massive storage devices that are
connected via internet protocols. Cloud computing is the use of these services by
individuals and organisations. For example, if you access your e-mail via your web
browser, you are using a form of cloud computing. If you use Google Drive’s
applications, you are using cloud computing. While these are free versions of cloud
computing, there is big business in providing applications and data storage over the
web. Sales force is a good example of cloud computing – their entire suite of CRM
applications are offered via the cloud.
Software creation
How is software created? If software is the set of instructions that tells the
hardware what to do, how are these instructions written? If a computer reads
everything as ones and zeroes, do we have to learn how to write software that way?
Modern software applications are written using a programming language. A
programming language consists of a set of commands and syntax that can be
organised logically to execute specific functions.
58
This language generally consists of a set of readable words combined with
symbols. Using this language, a programmer writes a programme (called the
source code) that can then be compiled into machine-readable form, the ones and
zeroes necessary to be executed by the CPU.
Open-source software
When a software programme takes hundreds of man-hours to develop, it is
understandable that the programmers do not want to just give it away. This led to a
new business model of restrictive software licensing, which required payment for
software, a model that is still dominant today. This model is sometimes referred to
as closed source, as the source code is not made available to others.
Open-source software is software that makes the source code available for anyone
to copy and use.
ITQ 2: What is a software?
2.3 Data Processing

Data are the raw bits and pieces of information with no context. If I told you, “15,
23, 14, 85,” you would not have learned anything. But I would have given you
data. Data can be quantitative or qualitative. Quantitative data is numeric, the result
of a measurement, count, or some other mathematical calculation. Qualitative data
is descriptive. “Ruby Red,” the colour of a 2013 Ford Focus, is an example of
qualitative data. A number can be qualitative too: if I tell you my favourite number
is 5, that is qualitative data because it is descriptive, not the result of a
measurement or mathematical calculation.
59
By itself, data is not that useful. To be useful, it needs to be given context.
Returning to the example above, if I told you that “15, 23, 14, and 85″ are the
numbers of students that had registered for upcoming classes – that would be
information. By adding the context – that the numbers represent the count of
students registering for specific classes – I have converted data into information.
Once we have put our data into context, aggregated and analysed it, we can use it
to make decisions for our organisation. We can say that this consumption of
information produces knowledge. This knowledge can be used to make decisions,
set policies, and even spark innovation.
The final step up the information ladder is the step from knowledge (knowing a lot
about a topic) to wisdom. We can say that someone has wisdom when they can
combine their knowledge and experience to produce a deeper understanding of a
topic. It often takes many years to develop wisdom on a particular topic, and
requires patience.
2.4 Databases
A database is an organised collection of related information. It is an organised
collection, because in a database, all data is described and associated with other
data. All information in a database should be related as well; separate databases
should be created to manage unrelated information. For example, a database that
contains information about students should not also hold information about
company stock prices. Databases are not always digital – a filing cabinet, for
instance, might be considered a form of database. For the purposes of this text, we
will only consider digital databases.
60
Relational databases
Databases can be organised in many different ways, and thus take many forms. The
most popular form of database today is the relational database. Popular examples
of relational databases are Microsoft Access, MySQL, and Oracle. A relational
database is one in which data is organised into one or more tables. Each table has a
set of fields, which define the nature of the data stored in the table. A record is one
instance of a set of fields in a table. To visualise this, think of the records as the
rows of the table and the fields as the
columns of the table. In the example
below, we have a table of students’
information, with each row
representing a student and each
column representing one piece of
information about the student.
In a relational database, all the tables

are related by one or more fields, so that it is possible to connect all the tables in
the database through the field(s) they have in common. For each table, one of the
fields is identified as a primary key. This key is the unique identifier for each
record in the table. To help you understand these terms further, let us walk through
the process of designing a database.
ITQ 3: What is a data base?
Components of database application system
61
A database application system or database management system (DBMS) consists
of several components. Each component plays very important role in the database
management system environment. The major components of database management
system are:
1. Software
2. Hardware
3. Data
4. Procedures
5. Database Access Language
Software
The main component of a DBMS is the software. It is the set of programmes used
to handle the database and to control and manage the overall computerised
database. DBMS software itself, is the most important software component in the
overall system. Application programmes contain statements that request the DBMS
to perform operation on database. The operations may include retrieving, updating,
ITQ 4: What is a relational database?
deleting data etc. The application programme may be conventional or online

workstations or terminals.
Hardware
Hardware consists of a set of physical electronic devices such as computers
(together with associated I/O devices like disk drives), storage devices, I/O
62
channels and
63
electromechanical devices that make interface between computers and the real
world systems etc., and so on. It is impossible to implement the DBMS without the
hardware devices, in a network, a powerful computer with high data processing
speed and a storage device with large storage capacity is required as database
server.
Data
Data is the most important component of the DBMS. The main purpose of DBMS
is to process the data. In DBMS, databases are defined, constructed and then data is
stored, updated and retrieved to and from the databases. The database contains both
the actual (or operational) data and the metadata (data about data or description
about data).
Procedures
Procedures refer to the instructions and rules that help to design the database and to
use the DBMS. The users that operate and manage the DBMS require documented
procedures on how use or run the database management system. These may
include.
Procedure to install the new DBMS.
To log on to the DBMS.
To use the DBMS or application programme.
To make backup copies of database.
To change the structure of database.
To generate the reports of data retrieved from database.
Database access language

The database access language is used to access the data to and from the database.
64
The users use the database access language to enter new data, change the existing
data in database and to retrieve required data from databases. The user write a set
of
65
appropriate commands in a database access language and submits these to the
DBMS. The DBMS translates the user
commands and sends it to a specific part of the
DBMS called the Database Jet Engine. The
database engine generates a set of results
according to the commands submitted by user,
converts these into a user readable form called
an Inquiry Report and then displays them on
the screen. The administrators may also use the
database access language to create and
maintain the databases.
The most popular database access language is SQL (Structured Query Language).
Relational databases are required to have a database query language.
Users
The users are the people who manage the databases and perform different
operations on the databases in the database system. There are three kinds of people
who play different roles in database system.
1. Application Programmers: The people who write application programmes
in programming languages (such as Visual Basic, Java, or C++) to interact
with databases.
2. Database Administrators: (DBA) A person who is responsible for
managing the overall database management system.
3. End-Users: The people who interact with database management system to
perform different operations.
66
2.5 Database Design and Administration
Database design is the process of producing a detailed data model of database. This
data model contains all the needed logical and physical design choices and physical
storage parameters needed to generate a design in a data definition language, which
can then be used to create a database. A fully attributed data model contains detailed
attributes for each entity.
The term database design can be used to describe many different parts of the design
of an overall database system. Principally, and most correctly, it can be thought of as
the logical design of the base data structures used to store the data. In the relational
model these are the tables and views. In an object database the entities and
relationships map directly to object classes and named relationships. However, the
term database design could also be used to apply to the overall process of designing,
not just the base data structures, but also the forms and queries used as part of the
overall database application within the database management system (DBMS). The
process of doing database design generally consists of a number of steps which will
be carried out by the database designer. Usually, the designer must:
1. Determine the data to be stored in the database.
2. Determine the relationships between the different data elements.
3. Superimpose a logical structure upon the data on the basis of these
relationships.
Within the relational model the final step above can generally be broken down into
two further steps: that of determining the grouping of information within the
system, generally determining what are the basic objects about which information
is being stored, and then determining the relationships between these groups of
information, or objects. This step is not necessary with an object database.
Database administration
67
Database administration is the function of managing and maintaining database
management systems (DBMS) software. Mainstream DBMS software such as
Oracle, IBM DB2 and Microsoft SQL Server need ongoing management. As such,
corporations that use DBMS software often hire specialised IT (Information
Technology) personnel called Database Administrators or DBAs.
Nature of database administration

The degree to which the administration of a database is automated dictates the
skills and personnel required to manage databases. On one end of the spectrum, a
system with minimal automation will require significant experienced resources to
manage; perhaps 5-10 databases per DBA. Alternatively, an organisation might
choose to automate a significant amount of the work that could be done manually
therefore reducing the skills required to perform tasks. As automation increases,
the personnel needs of the organisation splits into highly skilled workers to create
and manage the automation and a group of lower skilled "line" DBAs who simply
execute the automation.
Database administration tools

Often, the DBMS software comes with certain tools to help DBAs manage the
DBMS. Such tools are called native tools. For example, Microsoft SQL Server
comes with SQL Server Management Studio and Oracle has tools such as
SQL*Plus and Oracle Enterprise Manager/Grid Control. In addition, 3rd parties
such as BMC, Quest Software, Embarcadero Technologies, EMS Database
Management Solutions and SQL Maestro Group offer GUI tools to monitor the
DBMS and help DBAs carry out certain functions inside the database more easily.
68
Another kind of database software exists to manage the provisioning of new
databases and the management of existing databases and their related resources.
Software such as Stratavia's Data Palette and GridApp Systems Clarity.
2.6 Data Communications and Internet Technology

Data communications is the movement of computer information from one point to
another by means of electrical or optical transmission systems. Such systems are
often called data communications networks. This is in contrast to the broader term
telecommunications, which includes the transmission of voice and video (images
and graphics) as well as data and usually implies longer distances.
In general, data communications networks collect data from microcomputers and

other devices and transmit that data to a central server that is a more powerful
microcomputer, minicomputer, or mainframe, or they perform the reverse process,
or some combination of the two. Data communications networks facilitate more
efficient use of computers and improve the day-to-day control of a business by
providing faster information flow. They also provide message transfer services to
allow computer users to talk to one another via electronic mail, chat, and video
streaming. The best-known computer network is the internet.
Internet
The internet is the global system of interconnected computer networks that use the
internet protocol suite (TCP/IP) to link billions of devices worldwide. It is a
network of networks that consists of millions of private, public, academic,
business, and government networks of local to global scope, linked by a broad
array of electronic, wireless, and optical networking technologies. The internet
69
carries an extensive
70
range of information resources and services, such as the inter-linked hypertext
documents and applications of the World Wide Web (WWW), electronic mail,
telephony, and peer-to-peer networks for file sharing.
2.7 Components of a Network

There are three basic hardware components for a data communications network: a
server or host computer (e.g.,
microcomputer, mainframe), a
client (e.g., microcomputer,
terminal), and a circuit (e.g.,
cable, modem) over which
messages flow. Both the server
and client also need special-
purpose network software that
enables them to communicate.
The server (or host computer) stores data or software that can be accessed by the
clients. In client-server computing, several servers may work together over the
network with a client computer to support the business application.
The client is the input-output hardware device at the user’s end of a
communication circuit. It typically provides users with access to the network and
the data and software on the server.
The circuit is the pathway through which the messages travel. It is typically a
copper wire, although fiber-optic cable and wireless transmission are becoming
common. There are many devices in the circuit that perform special functions such
as switches and routers.
71
Strictly speaking, a network does not need a server. Some networks are designed to
connect a set of similar computers that share their data and software with each
other. Such networks are called peer-to-peer networks because the computers
function as equals, rather than relying on a central server or host computer to store
the needed data and software.
Types of networks
There are many different ways to categorise networks. One of the most common
ways is to look at the geographic scope of the network. Four typical networks are:
local area networks (LANs), backbone networks (BNs), metropolitan area
networks (MANs), and wide area networks (WANs). The distinctions among these
are becoming blurry. Some network technologies now used in LANs were
originally developed for WANs, whereas some LAN technologies have influenced
the development of MAN products. Any rigid classification of technologies is
certain to have exceptions.
A local area network (LAN) is a group of microcomputers located in the same

general area. A LAN covers a clearly defined small area, such as one floor or work
area, a single building, or a group of buildings. LANs often use shared circuits,
where all computers must take turns using the same circuit. LANs support high-
speed data transmission compared with standard telephone circuits, commonly
operating 100 million bits per second (100 Mbps).
Most LANs are connected to a backbone network (BN), a larger, central network
connecting several LANs, other BNs, MANs, and WANs. BNs typically span from
hundreds of feet to several miles and provide very high speed data transmission,
commonly 100 to 1,000 Mbps.
72
A metropolitan area network (MAN) connects LANs and BNs located in
different areas to each other and to WANs. MANs typically span between three
and 30 miles.
Some organisations develop their own MANs using technologies similar to those
of BNs. These networks provide moderately fast transmission rates but can prove
costly to install and operate over long distances. Unless an organisation has a
continuing need to transfer large amounts of data, this type of MAN is usually too
expensive.
More commonly, organisations use public data networks
provided by common carriers (e.g., the telephone company) as their MANs. With
these MANs, data transmission rates typically range from 64,000 bits per second
(64 Kbps) to 100 Mbps, although newer technologies provide data rates of 10
billion bits per second (10 gigabits per second, 10 Gbps).
ITQ 5: Differentiate between the Internet, Intranet and Extranet?
Wide area networks (WANs) connect BNs and MANs. Most organisations do not
build their own WANs by laying cable, building microwave towers, or sending up
satellites (unless they have unusually heavy data transmission needs or highly
specialised requirements, such as those of the Department of Defense). Instead,
most organisations lease circuits from Interexchange carriers (IXCs) and use those
to transmit their data. WAN circuits provided by IXCs come in all types and sizes
but typically span hundreds or thousands of miles and provide data transmission
rates from 64 Kbps to 10 Gbps.
73
Two other common terms are intranets and extranets. An intranet is a LAN that
uses the same technologies as the internet (e.g., Web servers, Java, HTML
[Hypertext Markup Language]) but is open to only those inside the organisation.
For example, although some pages on a Web server may be open to the public and
accessible by anyone on the internet, some pages may be on an intranet and
therefore hidden from those who connect to the Web server from the internet at
large. Sometimes an intranet is provided by a completely separate Web server
hidden from the internet.
An extranet is similar to an intranet in that it, too, uses the same technologies as
the internet but instead is provided to invited users outside the organisation who
access it over the internet. It can provide access to information services,
inventories, and other internal organisational databases that are provided only to
customers, suppliers, or those who have paid for access. Typically, users are given
passwords to gain access, but more sophisticated technologies such as smart cards
or special software may also be required. Many universities provide extranets for
Web-based courses so that only those students enrolled in the course can access
course materials and discussions.

4.0 Session Summary
In this study session we have seen the hardware and software
requirement of an information system. We have also taken a look at data
processing and storage in a data base system. We have seen how data
bases are designed and managed by an administrator. Finally we have
seen data communication and internet technology and the components
they are made up of, the network.
74
1. Discuss the hardware and software requirements of an MIS.
2. Define database processing and explain its purpose.
3. Identify and discuss the components of database application
system.
4. Discuss the rationale for database design and administration.
5. Define data communications and explain the basic characteristics
of LANs, WANs, and internets.
6. Identify and discuss the differential characteristics of internet,
intranet, and extranet.

a. Visit U-tube https://goo.gl/HjrPiw watch the video and simmarize in
1 paragraph
b. View the animation on https://goo.gl/Wxggdk and critique in the
discussion forum
ITA 1: The physical parts of computing and networking devices – those that you can actually touch – are refe
ITA 2: Software is the set of instructions that tell the hardware what to do. Software is created through the p
75
ITA 3: A database is an organised collection of related information. It is an organised collection, because
ITA 4: A relational database is one in which data is organised into one or more tables. Each table has a set
ITA 5: The Internet is the global system of interconnected computer networks that use the Internet protoc
7.0 References
Bourgeois, T. David (Ph.D.), 2014. Information Systems for Business and
Beyon.www.saylor.org Pp. 15-41.
http://computer-dbms.blogspot.com.ng/2011/09/components-of-
dbms.html
https://en.wikipedia.org/wiki/Database_design
https://en.wikipedia.org/wiki/Database_administration_and_automatio n
76
http://www.tutorialspoint.com/data_communication_computer_network
/index.htm
http://what-when-how.com/data-communications-and-networking/data-
communications-networks/
https://en.wikipedia.org/wiki/Internetwww.uotechnology.edu.iq/ce/Lec
tures/SarmadFuad-MIS/MIS_Lecture_3.pdf Pp. 24
77
STUDY SESSION 3
Systems Development
Introduction
2.0 Main content
2.1 Systems development fundamentals
2.2 System development life cycles
2.3 Systems development phase/stages
2.4 Four alternative development methodologies
4.0 Session Summary
5.0 Self-Assessment Questions and answers
7.0 References
Introduction
Earlier in this course we had an overview of system development, now we will
take a more in-depth look. Systems development as we have seen before, is the
entire set of activities needed to construct an information systems solution to a
business problem or opportunity. Systems development is a structured kind of
problem solved with distinct activities. These activities consist of systems analysis,
systems design, programming, testing, conversion, and production and
maintenance. Systems development activities usually take place in sequential
order. But some of the activities may need to be repeated or some may take place
simultaneously, depending on the approach to system building that is being
employed.
78
1. discuss systems development fundamentals,
2. explain the systems life cycle, and
3. describe the systems development phases and stages.
2.0 Main Content

2.1 Systems Development Fundamentals
Systems development is the entire set of activities needed to construct an
information systems solution to a business problem or opportunity. A key
component is information systems planning, which begins with the strategic plan
of the organisation. The organisation’s strategic plan states the firm’s overall
mission, the goals that follow from the mission, and the broad steps necessary to
reach these goals. An essential input into the organisation’s strategic plan is an
assessment of the current state of the organisation, in which the current
performance of the firm is compared to the previous strategic plan. The mission
states what the organisation ideally wants to become or to create at some future
point in time. The strategic planning process matches the organisation’s objectives
and resources to its changing markets and opportunities.
2.2 Systems Development Life Cycle

The systems development life cycle (SDLC) is the traditional systems development
method used by most organisations today. This methodology was first developed in
the 1960s to manage the large software projects associated with corporate systems
running on mainframes. It is a very structured and risk-averse methodology
designed to manage large projects that included multiple programmers and systems
79
that would
80
have a large impact on the organisation. The SDLC is a structured framework that
consists of sequential processes by which information systems are developed, and
these include systems investigation, systems analysis, systems design,
programming, testing, implementation, operation, and maintenance. These
processes, in turn, consist of well-defined tasks. Some of these tasks are present in
most projects, whereas others are present in only certain types of projects. That is,
large projects typically require all the tasks, whereas smaller development projects
may require only a subset of the tasks.
Other models for the SDLC may contain more or fewer than the eight stages we
present here. The flow of tasks, however, remains largely the same, regardless of
the number of stages. In the past, developers used the waterfall approach to the
SDLC, in which tasks in one stage were completed before the work proceeded to
the next stage.
Today, systems developers go back and forth among the stages as necessary.
Systems development projects produce desired results through team efforts.
81
Development teams typically include users, systems analysts, programmers, and
technical specialists. Users are employees from all functional areas and levels of
the organisation who will interact with the system, either directly or indirectly.
Direct interaction means that users will make hands-on use of the system, and
indirect interaction means that users will use the outputs from the system. Systems
analysts are information systems professionals who specialise in analysing and
designing information systems. Programmers are information systems
professionals who modify existing computer programs or write new computer
programmes to satisfy user requirements. Technical specialists are experts on a
certain type of technology, such as databases or telecommunications. All people
who are affected by changes in information systems (users and managers, for
example) are known as systems stakeholders, and are typically involved by varying
degrees and at various times in the systems development.
2.3 System Development Phases/Stages

System investigation
Systems development professionals agree that the more time invested in
understanding the business problem to be solved, in understanding technical
options for systems, and in understanding problems that are likely to occur during
development, the greater the chance of actually successfully solving the
(correct)problem. For these reasons, systems investigation begins with the business
problem. Problems (and opportunities) often require not only understanding them
from the internal point of view, but also seeing them as organisational partners
(suppliers or customers) would see them.
Another useful perspective is that of competitors. How have they responded to

similar situations, and what outcome and additional opportunities have
82
materialised?
83
Creativity and out-of-the-box thinking can pay big dividends when isolated
problems can be recognised as systemic failures whose causes cross organisational
boundaries. Once these perspectives can be gained, those involved can also begin
to better see the true scope of the project and propose possible solutions.
System analysis
Once a development project has the necessary approvals from all participants, the
systems analysis stage begins. Systems analysis is the examination of the business
problem that the organisation plans to solve with an information system. This stage
defines the business problem, identifies its causes, specifies the solution, and
identifies the information requirements that the solution must satisfy.
Understanding the business problem requires understanding the various processes
involved. These can often be quite complicated and interdependent. Analysts have
a variety of tools that support this analysis. Organisations have three basic
solutions to any business problem:
(1) Do nothing and continue to use the existing system unchanged.
(2) Modify or enhance the existing system.
(3) Develop a new system.
The main purpose of the systems analysis stage is to gather information about the
existing system, to determine which of the three basic solutions to pursue, and to
determine the requirements for an enhanced or new system. The end product (the
“deliverable”) of this stage is a set of systems requirements.
System design
Systems analysis describes what a system must do to solve the business problem,
and systems design describes how the system will accomplish this task. The
84
deliverable of the systems design phase is the technical design that specifies the
following:
• System outputs, inputs, and user interfaces
• Hardware, software, databases, telecommunications, personnel, and
procedures
• How these components are integrated
This output is the set of system specifications.
Systems design encompasses two major aspects of the new system:

• Logical systems design states what the system will do, with abstract
specifications.
• Physical systems design states how the system will perform its functions,
with actual physical specifications.
ITQ 1: What is the systems development life cycle?
Programming
Systems developers utilise the design specifications to acquire the software needed
for the system to meet its functional objectives and solve the business problem.
Organisations may buy the software or construct it in-house.
Although many organisations tend to purchase packaged software, many other
firms continue to develop custom software in-house. The chief benefit of custom
development is systems that are better suited than packaged applications to an
organisation’s new and existing business processes. For many organisations,
custom software is more expensive than packaged applications. However, if a
85
package does
86
not closely fit the company needs, the savings are often diluted when the
information systems staff or consultants must extend the functionality of the
purchased packages. If the organisation decides to construct the software in-house,
then programming involves the translation of the design specifications into
computer code. This process can be lengthy and time-consuming, because writing
computer code remains as much an art as a science.
Testing
Thorough and continuous testing occurs throughout the programming stage.
Testing checks to see if the computer code will produce the expected and desired
results under certain conditions. Testing requires a large amount of time, effort,
and expense to do properly. However, the costs of improper testing, which could
possibly lead to a system that does not meet its objectives, are enormous.
Testing is designed to detect errors (“bugs”) in the computer code. These errors are
of two types: syntax errors and logic errors. Syntax errors (e.g., a misspelled word
or a misplaced comma) are easier to find and will not permit the programme to run.
Logic errors permit the programme to run, but result in incorrect output. Logic
errors are more difficult to detect, because the cause is not obvious. The
programmer must follow the flow of logic in the program to determine the source
of the error in the output.
As software increases in complexity, the number of errors increases, making it

almost impossible to find them all. This situation has led to the idea of “good
enough software,” software that developers release knowing that errors remain in
the code. However, the developers feel that the software will still meet its
functional
87
objectives. That is, they have found all the show-stopper bugs, errors that will
cause the system to shut down or will cause catastrophic loss of data.
Implementation
Implementation is the process of converting from the old system to the new
system. Organisations use four major conversion strategies: parallel, direct, pilot,
and phased.
In a parallel conversion process, the old system and the new system operate
simultaneously for a period of
time. That is, both systems
process the same data at the
same time, and the outputs are
compared. This type of
conversion is the most
expensive, but also the least
risky. Most large systems have
a parallel conversion process to lessen the risk.
In a direct conversion process, the old system is cut off and the new system is
turned on at a certain point in time. This type of conversion is the least expensive,
but the most risky if the new system does not work as planned. Few systems are
implemented using this type of conversion, due to the risk involved.
The pilot conversion process introduces the new system in one part of the
organisation, such as in one plant or in one functional area. The new system runs
for a period of time and is assessed. After the new system works properly, it is
introduced in other parts of the organisation.
88
The phased conversion process introduces components of the new system, such as
individual modules, in stages. Each module is assessed, and, when it works
properly other modules are introduced, until the entire new system is operational.
Operation and maintenance

After conversion, the new system will operate for a period of time, until (like the
old system it replaced) it no longer meets its objectives. Once the new system’s
operations are stabilised, audits are performed during operation to assess the
system’s capabilities and determine if it is being used correctly.
Systems need several types of maintenance. The first type is debugging the
programme, a process that continues throughout the life of the system. The second
type is updating the system to accommodate changes in business conditions.
Examples here include adjusting to new governmental regulations and managing
the Y2K problem.
These corrections and upgrades usually do not add any new functionality; they are
necessary in order for the system to continue meeting its objectives. The third type
of maintenance adds new functionality to the system. This process involves adding
new features to the existing system without disturbing its operation.
2.4 Four Alternative Development Methodologies

The SDLC methodology is sometimes referred to as the waterfall methodology to
represent how each step is a separate part of the process; only when one step is
completed can another step begin.
89
ITQ 2: What are the disadvantage of the traditional Systems development life cycle?
After each step, an organisation must decide whether to move to the next step or
not. This methodology has been criticised for being quite rigid. For example,
changes to the requirements are not allowed once the process has begun. No
software is available until after the programming phase.
Again, SDLC was developed for large, structured projects. Projects using SDLC
can sometimes take months or years to complete. Because of its inflexibility and
the availability of new programming techniques and tools, many other software-
development methodologies have been developed. Many of these retain some of
the underlying concepts of SDLC but are not as rigid.
Rapid application development

Rapid application development (RAD) is a software development(or systems-
development) methodology that focuses on quickly building a working model of
the software, getting feedback from users, and then using that feedback to update
the working model. After several iterations of development, a final version is
developed and implemented.
The RAD methodology consists of four phases:
1. Requirements Planning: This phase is similar to the preliminary-analysis,
system-analysis, and design phases of the SDLC. In this phase, the overall
requirements for the system are defined, a team is identified, and feasibility is
determined.
90
2. User Design: In this phase, representatives of the users work with the system
analysts, designers, and programmers to interactively create the design of the
system. One technique for working with all of these various stakeholders is the so-
called JAD session. JAD is an acronym for joint application development. A JAD
session gets all of the stakeholders together to have a structured discussion about
the design of the system. Application developers also sit in on this meeting and
observe, trying to understand the essence of the requirements.
3. Construction: In the construction phase, the application developers, working

with the users, build the next version of the system. This is an interactive process,
and changes can be made as
developers are working on the
programme. This step is executed
in parallel with the User Design
step in an iterative fashion, until
an acceptable version of the
product is developed.
4. Cutover: In this step, which is similar to the implementation step of the SDLC,
the system goes live. All steps required to move from the previous state to the use
of the new system are completed here.
As you can see, the RAD methodology is much more compressed than SDLC.
Many of the SDLC steps are combined and the focus is on user participation and
iteration. This methodology is much better suited for smaller projects than SDLC
and has the added advantage of giving users the ability to provide feedback
throughout the process. SDLC requires more documentation and attention to
91
detail and is well
92
suited to large, resource-intensive projects. RAD makes more sense for smaller
projects that are less resource intensive and need to be developed quickly.
Agile methodologies
Agile methodologies are a group of methodologies that utilise incremental changes
with a focus on quality and attention to detail. Each increment is released in a
specified period of time (called a time box), creating regular release schedule with
very specific objectives. While considered a separate methodology from RAD,
they share some of the same principles: iterative development, user interaction,
ability to change.
The agile methodologies are based on the “Agile Manifesto,” first released in 2001.
The characteristics of agile methods include:
• Small cross-functional teams that include development-team members and
users;
• Daily status meetings to discuss the current state of the project;
• Short time-frame increments (from days to one or two weeks) for each
change to be completed; and
• At the end of each iteration, a working project is completed to demonstrate to
the stakeholders.
The goal of the agile methodologies is to provide the flexibility of an iterative

approach while ensuring a quality product.
End-User development
Some types of information systems can be developed by end users with little or no
formal assistance from technical specialists. This phenomenon is called end-user
93
development. A series of software tools categorised as fourth-generation languages
makes this possible. Fourth-generation languages are software tools that enable end
users to create reports or develop software applications with minimal or no
technical assistance. Some of these fourth- generation tools also enhance
professional programmers’ productivity. Fourth-generation languages tend to be
nonprocedural, or less procedural, than conventional programming languages.
Procedural languages require specification of the sequence of steps, or procedures,
that tell the computer what to do and how to do it. Nonprocedural languages need
only specify what has to be accomplished rather than provide details about how to
carry out the task.
End users are most likely to work with PC software tools and query languages.
Query languages are software tools that provide immediate online answers to
requests for information that are not predefined, such as “Who are the highest-
performing sales representatives?” Query languages are often tied to data
management software and to database management systems.
On the whole, end-user-developed systems can be completed more rapidly than

those developed through the conventional systems life cycle. Allowing users to
specify their own business needs improves requirements gathering and often leads
to a higher level of user involvement and satisfaction with the system. However,
fourth-generation tools still cannot replace conventional tools for some business
applications because they cannot easily handle the processing of large numbers of
transactions or applications with extensive procedural logic and updating
requirements.
End-user computing also poses organisational risks because it occurs outside of
94
traditional mechanisms for information systems management and control. When
95
systems are created rapidly, without a formal development methodology, testing
and documentation may be inadequate. Control over data can be lost in systems
outside the traditional information systems department. To help organisations
maximise the benefits of end-user applications development, management should
control the development of end-user applications by requiring cost justification of
end-user information system projects and by establishing hardware, software, and
quality standards for user-developed applications.
Lean methodology
One last methodology we will discuss is a relatively new concept taken from the
business bestseller The Lean Startup, by Eric Reis. In this methodology, the focus
ITQ 3: What is end-user development?
is on taking an initial idea and developing a minimum viable product (MVP). The
MVP is a working software application with just enough functionality to
demonstrate the idea behind the project. Once the MVP is developed, it is given to
potential users for review. Feedback on the MVP is generated in two forms: (1)
direct observation and discussion with the users, and (2) usage statistics gathered
from the software itself. Using these two forms of feedback, the team determines
whether they should continue in the same direction or rethink the core idea behind
the project, change the functions, and create a new MVP. This change in strategy is
called a pivot. Several iterations of the MVP are developed, with new functions
added each time based on the feedback, until a final product is completed.
96
The biggest difference between the lean methodology and the other methodologies
is that the full set of requirements for the system are not known when the project is
launched. As each iteration of the project is released, the statistics and feedback
gathered are used to determine the requirements. The lean methodology works best
in an entrepreneurial environment where accompany is interested in determining if
their idea for a software application is worth developing.
4.0 Session Summary

In this study session, we had an in-depth discussions on systems
development. We went further to discuss systems development life
cycle, systems development phases/stages as well as alternative
development methodologies.
5.0 Self-Assessment Question

1. The process of creating and maintaining information systems is
termed ‘systems development’ or ‘systems analysis and design’.
Discuss the fundamentals of an MIS development.
2. Define systems development life cycle and explain the processes
involved.
3. Identify and discuss the challenges associated with systems
development.
4. Discuss four alternative development methodologies in systems
development.
5. The initial point of MIS development is the conduct of research
about the existing system and the feasibility of developing and
97
implementing the new system. It is the deliverables from the
research stage that is used in analysing the new system.
i) What is feasibility study?
ii) Explain four methods of collecting information on the
existing system.
iii) What are the requirements for system analysis?
6. System design and production are referred to as the stages of
actualising the MIS development. It is in production stage that
defects of the MIS development can be first identified especially
defects in design.
i) Explain four processes involved in system design.
ii) What is the importance of a proto-type in system production?
iii) Explain acceptance testing and operational testing in system

production.
7. “System testing in MIS development confirms the suitability,
functionality and compatibility of a newly developed system ...
that will help an organisation achieve its primary objectives ...”
i) Explain three main purposes of system testing.
ii) State five sources of defects or failures in software testing.
iii) What is test plan? State only two objectives of a test plan.
8. “System documentation involves creating documents that describe
how to use the new system and how it works. The documentation
eases the changeover to the new system”.
i) Compare and contrast user documentation and technical
documentation.
ii) What are the procedures for system documentation?
98
iii) Explain the four types of system changeover.
6.0 Additional Activity (Videos, animation and outdoor activiites)

a. Visit U-tube https://goo.gl/gd8C8W watch the video and simmarize
in 1 paragraph
b. View the animation on https://goo.gl/vjWRVG and critique in the
discussion forum
ITA 1: The systems development life cycle (SDLC) is a very structured and risk- averse methodology designe
ITA 2: The traditional systems development life cycle (SDLC) is criticised for being quite rigid, changes to the
ITA 3: End-user development is a phenomenon where information systems can be developed by end users w
99
6.0 References:
Bourgeois, T. David (Ph.D.) (2014) Information Systems for Business and
Beyond. www.saylor.org.
Turban, E., Rainer, R. K. and Potter, R. E. (2003) Introduction to
Information Technology. (2nd Ed). Wiley. ISBN 0471073806.
10
MODULE 2
Information Systems and the Management of Information Systems
Resources
Content:
Study Session 1: Information Systems within Organizations Study
Session 2: Information systems management
STUDY SESSION 1:
Information Systems within Organizations
Introduction
2.0 Main Content
2.1 Information Systems within organizations
2.2 Survey and functional information systems
2.3 Business process designs
2.4 Drivers behind business process designs projects
2.5 E-Commerce and supply chain systems
2.6 Business, intelligence and knowledge management
4.0 Session Summary
7.0 References
10
Introduction
This study session will educate you on information system within organizations as
well as survey of fictional information systems. You will also be able to understand
Business process and the drivers behind it. E-commerce and supply chain systems,
Business intelligence and knowledge management will also be discussed.

1. understand the information system within the organization,
2. describe the survey of functional information system,
3. know the business process designs and their drivers, and
4. explain Business intelligence and knowledge management.
2.0 Main Content

2.1 Information Systems within Organisations
Successful organisations large and small leverage available technologies to manage
business activities and assist in making decisions. They use information systems to
collect data and process it according to the needs of the analyst, manager or
business owner. Businesses operate more efficiently by using varied information
systems to interact with customers and partners, curtail costs and generate
revenues.
One of the oldest and most widely used systems for classifying information
systems is known as the pyramid model; most attempts to classify Information
systems into different types rely on the way in which task and responsibilities are
divided within an organisation. This is a three level pyramid model based on the
type of decisions taken at different levels in the organisation, they are:
10
1. Operational-level systems
10
2. Management-level systems
3. Strategic-level systems
Three categories of information systems

1. Operational-level systems
Operational-level system support operational activities by keeping track of the
elementary activities and transactions of the organisation, such as assigning
employees to tasks and recording the number of hours they work, or placing a
purchase order. Operational activities are short-term in nature. The information
systems that support them are mainly. Operational systems are used by
supervisors (first-line managers), operators, and clerical employees. The principal
purpose of systems at this level is to answer routine questions and to track the
flow of transactions through the organisation. How many parts are in inventory?
What happened to Mr. Williams’s payment? To answer these kinds of questions,
information generally must be easily available, current, and accurate. Examples of
operational-level systems include a system to record bank deposits from ATM
(Automatic Teller Machines) or one that tracks the number of hours worked each
day by employees on a factory floor.
2. Management-level systems
Management-level systems serve the monitoring, controlling, decision-making,
and administrative activities of middle managers. The principal question
addressed by such systems is this: Are things working well? Management-level
systems typically provide periodic reports rather than instant information on
operations. Some management-level systems support no routine decision making.
They tend to focus on less-structured decisions for which information
requirements are not always clear.
10
These systems often answer “what-if” questions: What would be the impact on
production schedules if we were to double sales in the next month? What would
happen to our return on investment if a factory schedule were delayed for six
months? Answers to these questions frequently require new data from outside the
organisation, as well as data from inside that cannot be easily drawn from existing
operational-level systems. Management-level systems are broader in scope than
operational-level systems, but like operational systems, they use mainly internal
sources of data.
3. Strategic-level systems
Strategic-level systems: help senior management address strategic issues and
long- term trends, both in the firm and in the external environment. Strategic
activities are basically decisions that deal with situations that significantly may
change the manner in which business is done. Traditionally, strategic decisions
involved only long-range planning. A long-range planning document traditionally
outlines strategies and plans for the next five or even 10 years. From this plan,
companies derive their shorter-range planning, budgeting, and resource
allocation. In the digital economy, the planning period has been dramatically
reduced to one or two years, or even months.
ITQ 1: What are the three type of decision taken at different levels in the organisation?
2.2 Survey of Functional Information Systems

A functional information system is a system that provides detailed information for
a specific type of activity or related group of activities, as well as summarised
10
information for management’s control of such activities. A traditional
organisational chart generally organises activities according to functional units.
However, dividing tasks vertically according to functional divisions is not the best
way to optimise the process itself. A process is a continuous flow in which value is
added to successive stages of the production cycle until a product is generated to
meet a customer’s need. The process flow is horizontal because it is uninhibited by
function; it crosses and re-cross esorganisational departments and divisions. It
changes the emphasis from who does what, to what needs to be done.
The functional approach can sometimes straitjacket a process; as control for the
process moves and changes along the production chain, there is the risk of task
duplication, delay, and loss of quality control. The risk is amplified in a
functionally defined and rigidly hierarchical organisational environment, because
the structure maintains the risk. In such organisations a change of focus is required,
from the functional view to the process view.
Functional Information System is based on the various business functions such as

Production, Marketing, Finance, Personnel etc. These departments or functions are
known as functional areas of business. Each functional area requires applications to
perform all information processing related to the function. The popular functional
areas of the business organisation are:
1. Financial Information System
2. Marketing Information System
3. Production /manufacturing Information System
4. Human Resource Information System
1. Financial information system:
10
Financial information system is a sub-system of organisational management
information system. This sub-system supports the decision-making process of
financial functions at the level of an organisation.
Financial functions include:

 Integrating financial & operational information from multiple sources
 Providing easy access to data
 Making data available immediately
 Analysing historical & current financial activity
 Monitoring & controlling the use of funds over time
2. Marketing information system

This sub-system of management information system provides information
about various functions of the marketing system of an organisation. Marketing
is another functional area of the business organisation, which is engaged in
marketing (selling) of its products to its customers.
Important functions of the marketing
process include the following.
 The marketing identification function
 The purchase motivation function.
 The product adjustment function
 The physical distribution function
 The communication function
 The transaction function
 The post-transaction function
10
3. Production /manufacturing information system
Manufacturing or production information system provides information on
production or operation activities of an organisation and thus facilitates the
decision-making process of production managers of an organisation.
Decisions to be taken in manufacturing system include:
 Product Design
 Schedule Production
 Source Raw Material
 Check Inventory
 Receive Order
 Allocate Resources
 Complete Job
 Quality Testing
 Send Order
ITQ 2: What are functional Information Systems?
4. Human Resources information system

This functional information system supports the functions of human resource
management of an organisation. The human resource management function,
in its narrow sense, it also known as personnel management.
The function involves:
 Manpower planning.
10
 Staffing
 Training and development
 Performance evaluation, and
 Separation activities
ITQ 3: What are the popular functional areas of the business organisation?
2.3 Business Process Design

A process is a series of tasks that are completed in order to accomplish a goal. A
business process, therefore, is a process that is focused on achieving a goal for a
business. If you have worked in a business setting, you have participated in a
business process. Anything from a simple process for making a sandwich at
Subway to building a space shuttle utilises one or more business processes.
Processes are something that businesses go through every day in order to

accomplish their mission. The better their processes, the more effective the
business. Some businesses see their processes as a strategy for achieving
competitive advantage. A process that achieves its goal in a unique way can set a
company apart. A process that eliminates costs can allow a company to lower its
prices (or retain more profit).
10
Business process design is the method by which an organisation understands and
defines the business activities that enable it to function. Process design is
concerned with designing a business’ processes to ensure that they are optimised,
effective, meet customer requirements, and support and sustain organisational
development and growth. A well-designed process will improve efficiency and
deliver greater productivity.
The most common initiatives behind business process design projects are:
• Customer and supply chain management
• Operational performance improvement
• Business process integration and automation
• Cost reduction
• New business opportunities.
Business process design typically occurs as an early, critical phase in these

projects, rather than as an end in itself. The goal of the overall project is to
implement business
change, whether that change is primarily
organisational (improve the business’
operating processes), technical
(implement or integrate software
systems), or a combination of the two.
In a process improvement project, the

focus of the business process design
phase is to streamline the process: to
understand and measure the
requirements, and to eliminate the risk of losing value through inefficient or
11
inappropriate activities. In a technology implementation project, the focus is on
11
understanding the processes that are being automated, and ensuring that the
appropriate technology is selected, configured and implemented to support them.
In both cases, the process design activities can range from modest (e.g. tweak
existing processes and look for some quick wins) to aggressive (e.g. identify major
opportunities to increase value or drive down costs through radical process
improvement or outsourcing).In short, business process design is a tool that can
serve many different kinds of projects.
ITQ 4: What is Business process design and when does it occur?
2.4 Drivers behind a Business Process Design Project

Different process design projects will target different areas of business activity,
according to organisational focus and requirements. However, most process design
projects are driven by a combination of these common requirements:
 The need to increase efficiency
 The need to evaluate business practice as part of an organisational
development project
 The need to evaluate potential new business ventures (e.g. joint ventures
or alliances) or business offerings
 The need to manage the company’s knowledge resources
 The need to manage human resources
Methodology: implementing business process design
11
Business process design projects have two phases: analysis and design. Both
phases are typically carried out in modeling workshops.
Modeling workshops
The process of analysing existing processes and defining new or improved ones
takes place in facilitated group sessions, often called modeling workshops because
one of their tangible outputs is a business process model.
Team members typically include:
 Subject matter experts (SMEs) from the organisation, who work in the
process
 Facilitators with experience of working in or designing such processes.
In general, modeling workshops are iterative in nature, and progress from building
graphical diagrams of the processes (usually at the whiteboard) to developing
detailed descriptions of those processes, and then passing through a cycle of review
and improvement until the process designs are ready for publication and
communication within the organisation.
Analysing and designing processes

The aim of the analysis phase of a business process design project is to understand
how the processes of a business function and interact; the aim of the design phase
is to improve the way that those processes operate and interact.
The purpose of the analysis phase is to:
 Understand the organisation and its purpose or “mission” and relate
this to the organisation’s current business processes
11
 Identify and analyse the collection of processes and activities
currently operational within the organisation, and ascertain how far
they achieve the business's objectives.
The results of the analysis phase are then fed into the design phase, whose purpose
is to:
 Investigate options for achieving improvement by redesigning the
processes currently in operation
 Identify and prioritise areas for improvement
 Implement process design according to an agreed schedule.
One of the decisions that needs to be made early in the project is what kind of
analysis is needed – strategic (“top down”) or tactical (“bottom up”):
 A strategic perspective is higher level (i.e. managers) and seeks to
understand the processes that make up the business and deliver its
value.
 A tactical perspective is lower level (i.e. practitioners) and seeks to
understand the activities that support processes. It is driven by the task
requirements for operational efficiency.
In some projects the workshop teams will spend most time analysing existing
processes, whilst in others they will spend most time designing improved ones,
according to the nature and perspective of the project. For example:
 Design-led projects
In a “clean slate” approach, the workshop team designs new processes with little
regard for the current situation, and then considers their impact on the current
11
organisation. However, a degree of analysis is still required as part of the design
phase, if only to develop a consensus amongst the workshop team members about
the key failure points in the current processes and which opportunities for
improvement should be prioritised.
 Analysis-led projects
In many IT-driven projects, the purpose of the analysis phase is to understand the
processes that are going to be automated. This ensures a good fit between the
processes and the selected technology, and indicate show that technology should be
configured. In this situation, little or no time might be allocated to improving the
existing processes. However, some design work is almost always required to
ensure the best use of technology.
In all cases, it is important to dedicate some time to understanding the current

processes, because the exercise helps to clarify the “language” used by the business
to describe its processes, and provides the basis from which improvement can be
evaluated.
11
Output: business process models
The output of a business process design project is a streamlined, comprehensive,
easy-to-use model of the ways in which a business delivers output to its customers.
One of the key purposes of process modeling is to provide a “process view” of the
business. While organisations tend to think of themselves in terms of management
structures and functional departments, outsiders, including customers and
suppliers, see the organisation in terms of the value it delivers to them – and it is
the business processes that deliver this value.
Once the organisation sees itself in terms of business processes, it can improve the
way it delivers value to customers, and hence the profitability and success of the
company itself.
2.5 E-Commerce and Supply Chain Systems

E-commerce refers to the use of the internet and the Web to transact business.
More formally, e-commerce is about digitally enabled commercial transactions
between and among organisations and individuals. For the most part, this means
transactions that occur over the internet and the web. Commercial transactions
involve the exchange of value (e.g., money) across organisational or individual
boundaries in return for products and services.
The supply chain

A firm’s supply chain is a network of organisations and business processes for
procuring raw materials, transforming these materials into intermediate and
finished products, and distributing the finished products to customers. It links
suppliers, manufacturing plants, distribution centers, retail outlets, and customers
to supply
11
goods and services from source through consumption. Materials, information, and
payments flow through the supply chain in both directions.
Global supply chains and the internet

Before the Internet, supply chain coordination was hampered by the difficulties of
making information flow smoothly among disparate internal supply chain systems
for purchasing, materials management, manufacturing, and distribution. It was also
difficult to share information with external supply chain partners because the
systems of suppliers, distributors, or logistics providers were based on
incompatible technology platforms and standards. Enterprise and supply chain
management systems enhanced with Internet technology supply some of this
integration.
A manager uses a web interface to tap into suppliers’ systems to determine whether
inventory and production capabilities match demand for the firm’s products.
Business partners use web-based supply chain management tools to collaborate
online on forecasts. Sales representatives access suppliers’ production schedules
and logistics information to monitor customers’ order status.
Global supply chain issues

More and more companies are entering international markets, outsourcing
manufacturing operations, and obtaining supplies from other countries as well as
selling abroad. Their supply chains extend across multiple countries and regions.
There are additional complexities and challenges to managing a global supply
chain.
Global supply chains typically span greater geographic distances and time
11
differences than domestic supply chains and have participants from a number of
different countries. Performance standards may vary from region to region or from
11
nation to nation. Supply chain management may need to reflect foreign
government regulations and cultural differences.
The internet helps companies manage many aspects of their global supply chains,
including sourcing, transportation, communications, and international finance.
Today’s apparel industry, for example, relies heavily on outsourcing to contract
manufacturers in China and other low-wage countries. Apparel companies are
starting to use the web to manage their global supply chain and production issues.
In addition to contract manufacturing, globalisation has encouraged outsourcing

warehouse management, transportation management, and related operations to
third- party logistics providers, such as UPS Supply Chain Solutions and Schneider
Logistics Services. These logistics services offer web-based software to give their
customers a better view of their global supply chains. Customers are able to check
a secure Web site to monitor inventory and shipments, helping them run their
global supply chains more efficiently.
In addition to reducing costs, supply chain management systems facilitate efficient

customer response, enabling the workings of the business to be driven more by
customer demand.
2.6 Business Intelligence and Knowledge Management

“Business intelligence (BI)” is a term used by hardware and software vendors and
information technology consultants to describe the infrastructure for warehousing,
integrating, reporting, and analysing data that comes from the business
environment, including big data. The foundation infrastructure collects, stores,
cleans, and makes relevant information available to managers.
11
Think databases, data warehouses, data marts, Hadoop, and analytic platforms,
“Business analytics (BA)” is also a vendor defined term that focuses more on tools
and techniques for analysing and understanding data. Think online analytical
processing (OLAP), statistics, models, and data mining.
So, stripped to its essentials, business intelligence and analytics are about
integrating all the information streams produced by a firm into a single, coherent
enterprise- wide set of data, and then, using modeling, statistical analysis tools
(like normal distributions, correlation and regression analysis, Chi-square analysis,
forecasting, and cluster analysis), and data mining tools (pattern discovery and
machine
learning), to make sense out of all
these data so managers can make
better decisions and better plans,
or at least know quickly when
their firms are failing to meet
planned targets.
Knowledge management
Knowledge management refers to the set of business processes developed in an
organisation to create, store, transfer, and apply knowledge. Knowledge
management increases the ability of the organisation to learn from its environment
and to incorporate knowledge into its business processes.
One apt slogan of the knowledge management field is, “Effective knowledge
management is 80 percent managerial and organisational, and 20 percent
12
technology.”
12
In the case of knowledge management, as with other information systems
investments, supportive values, structures, and behavior patterns must be built to
maximise the return on investment in knowledge management projects.
Knowledge acquisition
Organisations acquire knowledge in a number of ways, depending on the type of
knowledge they seek. The first knowledge management systems sought to build
corporate repositories of documents, reports, presentations, and best practices.
These efforts have been extended to include unstructured documents (such as e-
mail). In other cases, organisations acquire knowledge by developing online expert
networks so that employees can “find the expert” in the company who is personally
knowledgeable.
In still other cases, firms must create new knowledge by discovering patterns in
corporate data or by using knowledge workstations where engineers can discover
new knowledge. A coherent and organised knowledge system also requires
systematic data from the firm’s transaction processing systems that track sales,
payments, inventory, customers, and other vital data, as well as data from external
sources such as news feeds, industry reports, legal opinions, scientific research,
and government statistics.
Knowledge storage
Once they are discovered, documents, patterns, and expert rules must be stored so
they can be retrieved and used by employees. Knowledge storage generally
involves the creation of a database. Document management systems that digitise,
index, and tag documents according to a coherent framework are large databases
adept at storing collections of documents. Expert systems also help corporations
12
preserve the
12
knowledge that is acquired by incorporating that knowledge into organisational
processes and culture.
Management must support the development of planned knowledge storage

systems, encourage the development of corporate-wide schemas for indexing
documents, and reward employees for taking the time to update and store
documents properly. For instance, it would reward the sales force for submitting
names of prospects to a shared corporate database of prospects where all sales
personnel can identify each prospect and review the stored knowledge.
ITQ 5: What is Knowledge Management?
Knowledge dissemination
Portals, e-mail, instant messaging, wikis, social business tools, and search engines
technology have added to an existing array of collaboration tools for sharing
calendars, documents, data, and graphics. Contemporary technology seems to have
created a deluge of information and knowledge. How can managers and employees
discover, in a sea of information and knowledge, that which is really important for
their decisions and their work? Here, training programmes, informal networks, and
shared management experience communicated through a supportive culture help
managers focus their attention on the important knowledge and information.
12
Knowledge application
Regardless of what type of knowledge management system is involved, knowledge
that is not shared and applied to the practical problems facing firms and managers
does not add business value. To provide a return on investment, organisational
knowledge must become a systematic part of management decision making and
become situated in systems for decision support. Ultimately, new knowledge must
be built into a firm’s business processes and key application systems, including
enterprise applications for managing key internal business processes and
relationships with customers and suppliers. Management supports this process by
creating—based on new knowledge—new business practices, new products and
services, and new markets for the firm.
4.0 Session Summary

In this study session we have looked at information systems within organisations,
functional information systems and seen how business processes are designed. We
have also seen some of the benefits of e-commerce and the supply chain systems.
Finally we saw how business intelligence and knowledge management helps
organisations improve their operations and thus productivity.

1. Identify and discuss the three main categories of information systems.
2. Define functional systems that could be found in organisations and discuss
their basic features and purposes.
3. Discuss the basic concepts of Porter’s models for competitive strategy.
4. What are the procedures, challenges, and benefits of business process design?
12
5. Define e-Commerce and state its importance to an organisation’s MIS
development and management.
6. Discuss supply chain systems and identify their relationship with
organisation’s success factors.
7. Why do organisations need business intelligence systems?
8. What are reporting systems in MIS and how are they important in the
development of an organisation’s business intelligence and knowledge
management?
9. What are the purposes, features, and functions of knowledge management
systems?
10.Peak Pinnacles® is an information technology company that experienced
remarkable expansion during the last five years. Recent investigations
revealed that the company’s security safeguards were not too strong and can
be exposed to high risk of breach and hacking. The management decided to
contact you, as management information consultant, to improve both the
technical and operational security safeguards of the company. Required:
Write a report to the management of Peak Pinnacles® indicating security
safeguards that should be improved to protect the company’s information
systems from all threats.

a. Visit U-tube https://goo.gl/QVun8b watch the video and simmarize
in 1 paragraph
b. View the animation on (https://goo.gl/Lfw89K and critique in the
discussion forum
12
ITA 1: They are: Operational-level systems, Management-level systems and Strategic-level systems
ITA 2: Functional information system are system that provides detailed information for a specific type o
ITA 3: They are: 1. Financial Information System 2.Marketing Information System 3. Production /manuf
ITA 4: Business process design is the method by which an organisation understands and defines the bus
ITA 5: Knowledge management refers to the set of business processes developed in an organisation to
12
7.0 References:
Bourgeois, T. David (Ph.D.) (2014) Information Systems for Business
and Beyond.www.saylor.org .
http://smallbusiness.chron.com/types-information-systems-
organization -43097.html
http://www.chris-kimble.com/Courses/World_Med_MBA/Types-of-
Information-System.html
www.uotechnology.edu.iq/ce/Lectures/SarmadFuad-
MIS/MIS_Lecture_7.pdf
http://www.chris-kimble.com/Courses/World_Med_MBA/Types-of-
Information-System.html
http://www.slideshare.net/amazing19/functional-information-system
http://ecomputernotes.com/mis/structure-and-classification/explain- briefly-the-
different-functional-information-systems
12
STUDY SESSION 2
Information Systems Management
Introduction
2.0 Main Content
2.1 The Information System development
2.2 Planning the use of information Technology
2.3 Managing the IT infrastructure
2.4 Outsourcing Information Systems
2.5 User rights and responsibilities
4.0 Session Summary/Conclusion
5.0 Discussion Questions
6.0 Additional Activity (Videos, animations and outdoor activities
7.0 References
Introduction
In previous sessions, we have taken a look at information systems, now
we shall look at the people in the information system department in of
a typical organisation, how they plan and manage information
technology. We shall also take a look at outsourcing of information
systems as an alternative to hiring, and finally the users’ rights and
responsibilities.

12
1. describe the people in the information systems department and
their roles.
2. describe the planning the use of information technology (IT).
3. discuss the management of IT infrastructure.
4. explain outsourcing of information systems.
5. discuss user rights and responsibilities.
2.0 Main Content

2.1 The Information Systems Department
In this session, our focus shall be on the makeup of the information systems
management team and how they operate. The information systems department
consists of specialists, such as programmers, systems analysts, project leaders, and
information systems managers.
Programmers are highly trained technical specialists who write the software
instructions for computers. Systems analysts constitute of the principal liaisons
between the information systems groups and the rest of the organisation. It is the
systems analyst’s job to translate business problems and requirements into
information requirements and systems. Information systems managers are leaders
of teams of programmers and analysts, project managers, physical facility
managers, telecommunications managers, or database specialists. They are also
managers of computer operations and data entry staff.
Also, external specialists, such as hardware vendors and manufacturers, software

firms, and consultants, frequently participate in the day-to-day operations and long-
term planning of information systems.
13
In many companies, the information systems department is headed by a chief
information officer (CIO). The CIO is a senior manager who oversees the use of
information technology in the firm. Today’s CIOs are expected to have a strong
business background as well as information systems expertise and to play a
leadership role in integrating technology into the firm’s business strategy. Large
firms today also have positions for a chief security officer, chief knowledge officer,
and chief privacy officer, all of whom work closely with the CIO.
The chief security officer (CSO) is in charge of information systems security for
the firm and is responsible for enforcing the firm’s information security policy.
(Sometimes this position is called the chief information security officer [CISO]
where information systems security is separated from physical security.) The CSO
is responsible for educating and training users and information systems specialists
about security, keeping management aware of security threats and breakdowns, and
maintaining the tools and policies chosen
to implement security.
Information systems security and the

need to safeguard personal data have
become so important that corporations
collecting vast quantities of personal data
have established positions for a chief
privacy officer (CPO). The CPO is
responsible for ensuring that the
company complies with existing data
privacy laws.
13
The chief knowledge officer (CKO) is responsible for the firm’s knowledge
management programme. The CKO helps design programmes and systems to find
new sources of knowledge or to make better use of existing knowledge in
organisational and management processes.
End users are representatives of departments outside of the information systems

group for whom applications are developed. These users are playing an
increasingly large role in the design and development of information systems.
In the early years of computing, the information systems group was composed
mostly of programmers who performed highly specialised but limited technical
functions. Today, a growing proportion of staff members are systems analysts and
network specialists, with the information systems department acting as a powerful
change agent in the organisation. The information systems department suggests
new business strategies and new information-based products and services, and
coordinates both the development of the technology and the planned changes in the
organisation.
2.2 Planning the Use of Information Technology (IT)

An effective IT governance and planning process ensures that the organisation’s IT
initiatives are aligned and serve as an extension of the company’s strategies and
objectives. It should be integrated with corporate planning and the budgeting
process and should clearly identify the following:
• IT resources and appropriate use of those resources
• Alignment of IT initiatives with enterprise objectives throughout the
organisation
13
• IT organisational structures that facilitate the implementation of enterprise
initiatives in support of strategies
• Effective communications framework between the business, IT, and
external partners
• IT control framework for selecting and prioritising projects within the
company
• IT performance measurement and metrics
ITQ 1: Who is a CIO and what is his role in an organisation?
Resources and assignments

When IT initiatives are aligned with corporate strategies the governance process
will include key resources from the business units (BU) with sufficient authority to
represent the business. However, IT must assign appropriate staff members to the
representatives to facilitate the process. These IT staff members should include:
• An overall process manager to facilitate the governance process

• Architects accountable for each BU application portfolio
• Programme/Project managers accountable for BU projects portfolio
• Application development director
• Enterprise architecture director
• Strategic sourcing and workforce planning managers
• Value analysts and other corporate finance and planning
representatives Other ad-hoc members may be pulled in as needed.
Tools to leverage
13
There are a number of effective tools that will aid the planning and budgeting
processes for IT initiatives. Some of these tools enable members of different BUs
to view the enterprise complexities and challenges as well as an opportunity to
leverage technologies for competitive advantages. Recommended tools include:
• Multi-Generation Plan – Each BU, with the help of the architect, will
develop a plan that clearly outlines the applications and investments over a
period of time and that clearly aligns with business objectives. This is
different than the detailed multi-generation plan for each application
developed by IT for planned upgrades, etc.
• RACI Matrix – RACI stands for Responsible, Accountable, Consulted and

Informed. This matrix clearly identified all the stakeholders involved in the
planning process and ensures everyone is properly communicated with and
fully engaged at the level they need to be.
• Application Interdependency Map – Provides an enterprise view of

applications, but just as importantly identifies the overlaps and possible
synergies that can be leveraged by the company.
• Strategic Heat Map – A tool to clearly demonstrate that IT initiatives are

aligned with corporate strategies and also to show where resources are/will
be allocated to meet the demand.
• Risk Management and Scenario Plan – Uncertainty and surprises are

normal in business cycles. Risk management/scenario planning tools will
identify mitigation and response strategies to help the enterprise maintain
momentum.
13
• Resource Planning and Allocation – Although this tool may be in place for
each project or section within the IT organisation, (e.g.
application/development or infrastructure)
the key to the success of the organisation is
to have a comprehensive plan for both IT
and businesses.
• Communication Plan – A comprehensive

plan on what, how, who and when
communication is rolled out to the
organisation.
• Investment Plan – a 1-3-5 year investment planning tool that clearly

describes anticipated projects, timing and budgetary requirements.
• Performance Measurement Plan – A detailed process by which the

organisation compares itself to the best in class and includes a roadmap on
how to achieve specific targets.
• Service Delivery Plan – Ensures that all services provided have the
appropriate service levels and agreements included.
Budgeting process
The budgeting process should follow corporate guidelines for allocating budgets to
the specific projects, with the IT organisation as executor of those projects. The
13
planning process and the sequence flow must follow the corporate timelines for
budget allocations as well as provide a 3-5 year horizon for planned expenditures.
A sequence flow chart is an essential part of the planning process, clearly defining
steps and sequences of activities to be undertaken.
Project submission and review process

One major purpose of a governance process is to create a consistent methodology
in selecting and approving projects that are tightly aligned with the business
objectives, a mandatory requirement for the company, and/or a critical enabler of
other strategic goals. As part of the project submission, the IT organisation should
assist the BUs with estimating and identifying the total cost of ownership and the
value generated for the company. This effort supports the overall budgeting
process, along with any subsequent project prioritisation and triage process where
IT allocates appropriate resources to complete the work.
Ongoing logistics
• Meeting Frequency & Format – Monthly meetings are recommended for the first
1-2 years of operation, and then frequency can move to quarterly meetings,
although during the annual budgeting process more frequent meetings maybe
needed.
• Measurements (Balanced Score Card) – It is critical to evaluate project and team
progress. A series of metrics and the appropriate indicators must be developed to
track progress.
• Guiding Principles – To assist BUs and the IT organisation, certain guiding
principles need to be identified, agreed upon and communicated.
13
An effective IT planning process and governance framework can help ensure that
IT initiatives are aligned with organisational strategy and integrated effectively
into the organisation’s overall planning process, thus enabling IT to play a
valued and critical role in the organisation’s mission and success.
2.3 Managing the IT Infrastructure

IT management is the discipline whereby all of the information technology
resources of a firm are managed in accordance with its needs and priorities. These
resources may include tangible investments like computer hardware, software,
data, networks and data centre facilities, as well as the staff who are hired to
maintain them.
Managing this responsibility within a company entails many of the basic

management functions, like budgeting, staffing, change management, and
organising and controlling, along with other aspects that are unique to technology,
like software design, network planning, tech support etc.
The central aim of IT management is to generate value through the use of

technology. To achieve this, business strategies and technology must be aligned.
IT Management is different from management information systems. The latter
refers to management methods tied to the automation or support of human decision
making. IT Management refers to IT related management activities in
organisations. MIS is focused mainly on the business aspect, with strong input into
the technology phase of the business/organisation.
A primary focus of IT management is the value creation made possible by

technology. This requires the alignment of technology and business strategies.
13
While the value creation for an organisation involves a network of relationships
between
13
internal and external environments, technology plays an important role in
improving the overall value chain of an organisation. However, this increase
requires business and technology management to work as a creative, synergistic,
and collaborative team instead of a purely mechanistic span of control.
Historically, one set of resources was dedicated to one particular computing

technology, business application or line of business, and managed in a silo-like
fashion. These resources supported a single set of requirements and processes, and
could not easily be optimised or reconfigured to support actual demand. This led
technology providers to build out and complement their product-centric
infrastructure and management offerings with converged infrastructure
environments that converge servers, storage, networking, security, management
and facilities. The efficiencies of having this type of integrated and automated
management environment allows enterprises to get their applications up and
running faster, with simpler manageability and maintenance, and enables IT to
adjust IT resources (such as servers, storage and networking) quicker to meet
unpredictable business demand.
13
IT infrastructure refers to the
composite hardware, software,
network resources and services
required for the existence, operation
and management of an enterprise IT
environment. It allows an organisation
to deliver IT solutions and services to
its employees, partners and/or
customers and is usually internal to an
organisation and deployed within
owned facilities.
ITQ 2: What is the aim of IT management?
Managing enterprise applications

Many firms have implemented enterprise systems and systems for supply chain
and customer relationship management because they are such powerful instruments
for achieving operational excellence and enhancing decision making. But precisely
because they are so powerful in changing the way the organisation works, they are
challenging to implement. We will briefly examine some of these challenges, as
well as new ways of obtaining value from these systems.
Enterprise application challenges and management

Promises of dramatic reductions in inventory costs, order-to-delivery time, as well
as more efficient customer response and higher product and customer profitability,
14
make enterprise systems and systems for supply chain management and customer
relationship management very alluring. But to obtain this value, you must clearly
understand how your business has to change to use these systems effectively.
Enterprise applications involve complex pieces of software that are very expensive
purchase and implement. It might take a large Fortune 500 company several years
to complete a large-scale implementation of an enterprise system or a system for
SCM or CRM. The total cost for an average large system implementation based on
SAP or Oracle software, including software, database tools, consulting fees,
personnel costs, training, and perhaps hardware costs, runs over$12 million. The
implementation cost of an enterprise system for a mid-sized company based on
software from a “Tier II” vendor such as Epicor or Lawson averages $3.5 million.
Changes in project scope and additional customisation work add to implementation
delays and costs.
Enterprise applications require not only deep-seated technological changes but also
fundamental changes in the way the business operates. Companies must make
sweeping changes to their business processes to work with the software.
Employees must accept new job functions and responsibilities. They must learn
how to perform a new set of work activities and understand how the information
they enter into the system can affect other parts of the company.
This requires new organisational learning. Supply chain management systems

require multiple organisations to share information and business processes. Each
participant in the system may have to change some of its processes and the way it
uses information to create a system that best serves the supply chain as a whole.
14
Some firms experienced enormous operating problems and losses when they first
implemented enterprise applications because they did not understand how much
organisational change was required.
Enterprise applications also introduce “switching costs.” Once you adopt an

enterprise application from a single vendor, such as SAP, Oracle, or others, it is
very costly to switch vendors, and your firm becomes dependent on the vendor to
upgrade its product and maintain your installation.
Enterprise applications are based on organisation-wide definitions of data. You

will need to understand exactly how your business uses its data and how the data
would be organised in a customer relationship management, supply chain
management, or enterprise system. CRM systems typically require some data
cleansing work.
Enterprise software vendors are addressing these problems by offering pared-down

versions of their software and “fast-start” programmes for small and medium-sized
businesses and best-practice guidelines for larger companies. The interactive
session on technology describes how on-demand and cloud-based tools deal with
this problem as well. Companies adopting enterprise applications can also save
time and money by keeping customisations to a minimum.
2.4 Outsourcing Information Systems

If a firm does not want to use its internal resources to build or operate information
systems, it can outsource the work to an external organisation that specialises in
providing these services. Cloud computing and software as a service (SaaS)
providers, are one form of outsourcing. Subscribing companies use the software
14
and
14
computer hardware provided by the service as the technical platform for their
systems.
In another form of outsourcing, a company could hire an external vendor to design

and create the software for its system, but that company would operate the system
on its own computers. The outsourcing vendor might be domestic or in another
country.
Domestic outsourcing is driven primarily by the fact that outsourcing firms possess
skills, resources, and assets that their clients do not have. Installing new supply
chain management system in a very large company might require hiring an
additional 30 to 50 people with specific expertise in supply chain management
software, licensed from a vendor. Rather than hire permanent
new employees, most of whom would
need extensive training in the software
package, and then release them after the
new system is built, it makes more sense,
and is often less expensive, to outsource
this work for a12-month period.
In the case of offshore outsourcing, the decision tends to be much more cost-
driven. A skilled programmer in India or Russia earns about USD $10,000–
$20,000 per year, compared to $73,000 per year for a comparable programmer in
the United States. The internet and low-cost communications technology have
drastically reduced the expense and difficulty of coordinating the work of global
teams in faraway locations. In addition to cost savings, many offshore outsourcing
firms offer world-class technology assets and skills.
14
Any company that outsources its applications must thoroughly understand the
project, including its requirements, method of implementation, anticipated benefits,
cost components, and metrics for measuring performance. Many firms
underestimate costs for identifying and evaluating vendors of information
technology services, for transitioning to a new vendor, for improving internal
software development methods to match those of outsourcing vendors, and for
monitoring vendors to make sure they are fulfilling their contractual obligations.
Experts claim it takes from three months to a full year to fully transfer work to an
offshore partner and make sure the vendor thoroughly understands your business.
ITQ 3: What is meant by Outsourcing Information Systems?
2.5 User Rights and Responsibilities

As a user of information systems, you have both rights and responsibilities in your
relationship with the IS department. Your rights are what you are entitled to
receive and your responsibilities are what you are expected to contribute.
You have a right to:

– Computer hardware and programmes that allow you to perform your job
proficiently
– Reliable network and internet connections
– A secure computing environment
– Protection from viruses, worms, and other threats
– Contribute to requirements for new system features and functions
– Reliable systems development and maintenance
– Prompt attention to problems, concerns, and complaints
14
– Properly prioritised problem fixes and resolutions
– Effective training
You have a responsibility to:

– Learn basic computer skills
– Learn standard techniques and procedures for the applications you use
– Follow security and backup procedures
– Protect your password(s)
– Use computer resources according to your employer's computer use policy
– Make no unauthorised hardware modifications
– Install only authorised programmes
– Apply software patches and fixes when directed to do so
– When asked, devote the time required to respond carefully and completely
to requests for requirements for new system features and functions
– Avoid reporting trivial problems
4.0 Summary
In this session, we have taken a look at the people in the information system
department in of a typical organisation, and how they plan and manage information
technology. We have also looked at outsourcing of information systems as an
alternative to hiring, and finally the users’ rights and responsibilities.
14
1. With the aid of an organogram, discuss the functions of
information systems department.
2. What are the importance and processes involved in planning the use
of information technology within an organisation?
3. How can organisations effectively handle the challenges of
managing the IT infrastructure?
4. What constitute an organisation’s applications of information
systems and how can such applications be effectively managed?
5. Define outsourcing in MIS and state how organisations can
outsource their information systems.
6. As organisations are becoming more complex to the extent that
they cannot handle all aspects of their operation process internally,
outsourcing becomes inevitable. Required: Discuss the challenges
and opportunities of outsourcing information systems by
organisations.
7. What are the user rights and responsibilities issues in information
systems management?
5.0 Additional Activity

a. Visit U-tube https://goo.gl/59seQ5 watch the video and simmarize in
1 paragraph
b. View the animation on https://goo.gl/St7yYJ and critique in the
discussion forum
14
ITA 1: The chief information officer (CIO) is a senior manager who oversees the use of information technol
ITA 2: The central aim of IT management is to generate value through the use of technology. This requires the
ITA 3: Outsourcing Information Systems refers to engaging the services of another specialised organisation (a
7.0 References:
David M. Kroenke (2012) Using MIS. (4th Ed.) New Jersey, USA: Pearson
Prentice Hall. ISBN 978-0-13-215818-3 .
https://www.google.com.ng/.../VacoHealthcare_InsightSeries_ITPlanni
ng_Dec2015.pdf
https://en.wikipedia.org/wiki/Information_technology_management
14
STUDY SESSION 3
Information Security Management
Introduction
2.0 Main Content
2.1 Security threats
2.2 Safeguards: Technical, Data and Human
2.3 Disaster preparedness and incident response
4.0 Session Summary
5.0 Self-Assessment Question and Answers
6.0 Additional Activity (Videos, animations and outdoor activity)
7.0 References
Introduction
In this session we shall go in-depth into information security, Security refers to the
policies, procedures, and technical measures used to prevent unauthorised access,
alteration, theft, or physical damage to information systems. Controls are methods,
policies, and organisational procedures that ensure the safety of the organisation’s
assets, the accuracy and reliability of its records, and operational adherence to
management standards.
When large amounts of data are stored in electronic form, they are vulnerable to
many more kinds of threats than when they existed in manual form. Through
communications networks, information systems in different locations are
14
interconnected. The potential for unauthorised access, abuse, or fraud is not limited
to a single location but can occur at any access point in the network.

1. explain security threats,
2. discuss safeguards from the technical, data and human
standpoints, and
3. describe steps for disaster preparedness and incident response.
2.0 Main Content

2.1 Security Threats
A security threat is a challenge to the integrity of information systems that arises
from one of three sources: human error and mistakes, malicious human activity,
and natural events and disasters. Human errors and mistakes include accidental
problems caused by both employees and nonemployees. An example is an
employee who misunderstands operating procedures
and accidentally deletes customer
records.
Another example is an employee

who, in the course of backing up a
database, in advertently installs an old
database on top of the current one.
This category also includes poorly
written application programmes and
poorly designed procedures. Finally,
15
human
15
errors and mistakes include physical accidents, such as driving a forklift through
the wall of a computer room.
The second source of security problems is malicious human activity. This category
includes employees and former employees who intentionally destroy data or other
system components. It also includes hackers who break into a system and virus and
worm writers who infect computer systems. Malicious human activity also
includes outside criminals who break into a system to steal for financial gain, and it
also includes terrorism.
Natural events and disasters are the third source of security problems. This
category includes fires, floods, hurricanes, earthquakes, tsunamis, avalanches, and
other acts of nature. Problems in this category include not only the initial loss of
capability and service, but also losses stemming from actions to recover from the
initial problem.
ITQ 1: What is a security threat in Information Systems?
The security programme and senior management’s security role Organisations

must address security in a systematic way. A security programme has three
components: senior-management involvement, safeguards of various kinds, and
incident response.
The first component, senior-management involvement, has two critical security

functions: First, senior management must establish the security policy. This policy
sets the stage for the organisation’s response to security threats. However, because
no security programme is perfect, there is always risk. Management’s second
15
function, therefore, is to manage risk by balancing the costs and benefits of the
security programme.
Safeguards are protections against security threats. A good way to view safeguards
is in terms of the five components of an information system.
Some of the safeguards involve computer hardware and software. Some involve
data; others involve procedures and people. In addition to these safeguards,
organisations must also consider disaster-recovery safeguards. An effective
security programme consists of a balance of safeguards of all these types.
The final component of a security programme consists of the organisations planned

response to security incidents. Clearly, the time to think about what to do is not
when the computers are crashing all around the organisation. We begin the
discussion of the security programme with the responsibilities of senior
management.
Management has a crucial role in information systems security. Management sets

the security policy, and only management can balance the costs of a security
system against the risk of security threats. The National Institute of Standards and
Technology (NIST) published an excellent security handbook that addresses
management’s responsibility. It is available online at
http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf. It outlines the
following:
1. Computer security should support the mission of the organisation.
2. Computer security is an integral element of sound management.
3. Computer security should be cost-effective.
4. Computer security responsibilities and accountability should be
15
made Explicit.
15
5. System owners have computer security responsibilities outside their
own Organisations.
6. Computer security requires a comprehensive and integrated approach.
7. Computer security should be periodically reassessed.
8. Computer security is constrained by societal factors.
Finally, social factors put some limits on security programmes. Employees resent
physical searches when arriving at and departing from work. Customers do not
want to have their retinas scanned before they can place an order. Computer
security conflicts with personal privacy, and a balance may be hard to achieve.
2.2 Safeguards: Technical, Data and Human

Technical safeguards involve the hardware and software components of an
information system. Primary technical safeguards include; Identification and
authentication, Encryption, Firewalls, Malware protection and Design for secure
applications.
Identification and authentication

Every information system today should require users to sign on with a user name
and password. The user name identifies the user (the process of identification), and
the password authenticates that user (the process of authentication).
Encryption
Encryption is the process of transforming plain text or data into cipher text that
cannot be read by anyone other than the sender and the intended receiver. Data are
encrypted by using a secret numerical code, called an encryption key that
transforms plain data into cipher text. The message must be decrypted by the
15
receiver.
15
Firewalls
Firewalls prevent unauthorised users from accessing private networks. A firewall is
a combination of hardware and software that controls the flow of incoming and
outgoing network traffic. It is generally placed between the organisation’s private
internal networks and distrusted external networks, such as the Internet, although
firewalls can also be used to protect one part of a company’s network from the rest
of the network. A firewall can be a special purpose computer or it can be a
programme on a general-purpose computer or on a router.
Malware protection
Malicious software programmes are referred to as malware and include a variety of
threats, such as computer viruses, worms, Trojan horses, spyware, and adware. An
antivirus software prevents, detects, and removes malware. However, most
antivirus software is effective only against malware already known when the
software was written. To remain effective, the antivirus software must be
continually updated.
Data safeguards Data safeguards are measures used to protect databases and other
organisational data. First, the organisation should specify user data rights and
responsibilities. Second, those rights should be enforced by user accounts that are
authenticated at least by passwords. The organisation should protect sensitive data
by storing it in encrypted form.
One potential problem with stored data, however, is that the key might be lost or
that disgruntled or terminated employees might destroy it. Because of this
possibility, when data are encrypted, a trusted party should have a copy of the
encryption key. This safety procedure is sometimes called key escrow.
15
Another data safeguard is to periodically create backup copies of database
contents. The organisation should store at least some of these backups off
premises, possibly in a remote location. Additionally, IT personnel should
periodically practice recovery, to ensure that the backups are valid and that
effective recovery procedures exist. Do not assume that just because a backup is
made the database is protected.
Physical security is another data safeguard. The computers that run the DBMS and
all devices that store database data should reside in
locked, controlled-access facilities. If not, they are
subject not only to theft, but also to damage. For
better security, the organisation should keep a log
showing who entered the facility, when, and for
what purpose.
Human safeguards involve the people and

procedure components of information systems. In general, human safeguards result
when authorised users follow appropriate procedures for system use and recovery.
Restricting access to authorised users requires effective authentication methods and
careful user account management. In addition, appropriate security procedures
must be designed as part of every information system, and users should be trained
on the importance and use of those procedures.
2.3 Disaster Preparedness and Incident Response

Every organisation needs to be prepared for security incidents. Publicly traded
companies are required by the Sarbanes-Oxley Act to do so. Other organisations
should do so as a matter of good management. When an incident occurs, whether
15
from an act of nature or from a human threat, time is of the essence. Employees
need
15
to know what to do and how to do it. In this section, we will consider backup and
recovery sites and incident response plans.
Disaster-recovery backup sites

A computer disaster is a substantial loss of computing infrastructure caused by acts
of nature, crime, or terrorist activity. As stated several times, the best way to solve
problem is not to have it. The best safeguard against a natural disaster is
appropriate location. If possible, place computing centres, Web farms, and other
computer facilities in locations not prone to floods, earthquakes, hurricanes,
tornados, or avalanches.
Even in those locations, place infrastructure in unobtrusive buildings, basements,

backrooms, and similar locations well within the physical perimeter of the
organisation. Also, locate computing infrastructure in fire-resistant buildings
designed to house expensive and critical equipment. However, sometimes business
requirements necessitate locating the computing infrastructure in undesirable
locations. Also, even at a good location, disasters do occur. Therefore, many
businesses prepare backup processing centers in locations geographically removed
from the primary processing site.
After choosing a safe location for the computing infrastructure, the organisation
should identify all mission-critical applications. These are applications without
which the organisation cannot carry on and which, if lost for any period of time,
could cause the organisation’s failure. The next step is to identify all resources
necessary to run those systems. Such resources include computers, operating
systems, application programmes, databases, administrative data, procedure
documentation, and trained personnel.
16
Next, the organisation creates backups for the critical resources at the remote
processing centre. Once the organisation has backups in place, it must train and
rehearse cutover of operations from the primary centre to the backup. As with all
emergency procedures, periodic refresher rehearsals are mandatory. Backup
facilities are expensive; however, the costs of establishing and maintaining that
facility are a form of insurance. Senior management must make the decision to
prepare such a facility by balancing the risks, benefits, and costs.
Incident-response plan
Every organisation should have an incident-response plan as part of the security
programme. No organisation should wait until some asset has been lost or
compromised before deciding what to do. The plan should include how employees
are to respond to security problems, whom they should contact, the reports they
should make, and steps they can take to reduce further loss.
Consider, for example, a virus. An incident-response plan will stipulate what an

employee should do when he notices the virus. It should specify whom to contact
and what to do. It may stipulate that the employee should turn off his computer and
physically disconnect from the network. The plan should also indicate what users
with wireless connections should do.
The plan should provide centralised reporting of all security incidents. Such
reporting will enable an organisation to determine if it is under systematic attack or
whether an incident is isolated. Centralised reporting also allows the organisation
to learn about security threats, take consistent actions in response, and apply
specialised expertise to all security problems.
16
When an incident does occur, speed is of the essence. Viruses and worms can
spread very quickly across an organisation’s networks, and a fast response will
help to mitigate the consequences. Because of the need for speed, preparation pays.
The incident-response plan should identify critical personnel and their off-hours
contact information.
ITQ 2: What is an Incident-Response Plan?
These personnel should be trained on where to go and what to do when they get
there. Without adequate preparation, there is substantial risk that the actions of
well- meaning people will make the problem worse. Also, the rumour mill will be
alive with all sorts of nutty ideas about what to do. A cadre of well-informed,
trained personnel will serve to dampen such rumours.
16
Finally, organisations should periodically practice incident response. Without such
practice, personnel will be poorly informed on the response plan, and the plan itself
might have flaws that become apparent only during a drill.
4.0 Session Summary

In this session we have taken an in-depth look at security threats as they
have to do with an organisations data and information systems, we have
seen what measures to take to safeguard these information systems from
the technical, data and human standpoints. Finally we saw how to prepare
for disaster and minimise further loss through incident response.

1. Discuss the sources of threats to an organisation’s information
systems.
2. In the development of an effective security programme, what are
the management roles?
3. Identify and discuss the importance and elements of an
organisational security policy.
4. Define information systems safeguards and explain their purpose
and operation.
5. Discuss the techniques for disaster preparedness under MIS.
6. Define security incidence-response plan and explain the
circumstances that need such plan.
16
7. Peak Pinnacles® is an information technology company that
experienced remarkable expansion during the last five years.
Recent investigations revealed that the company’s security
safeguards were not too strong and can be exposed to high risk of
breach and hacking. The management decided to contact you, as
management information consultant, to improve both the technical
and operational security safeguards of the company. Required:
Write a report to the management of Peak Pinnacles® indicating
security safeguards that should be improved to protect the
company’s information systems from all threats.
a. Visit U-tube https://goo.gl/7GXE9Z watch the video and simmarize
in 1 paragraph
b. View the animation on https://goo.gl/RPEinH and critique in the
discussion forum
ITA 1: A security threat is a challenge to the integrity of information systems that arises from one of three s
ITA 2: An incident-response plan is part of an organisation’s security programme, which dictates how emp
16
7.0 References
David M. Kroenke (2012) Using MIS. (4th Ed). New Jersey, USA: Pearson
Prentice Hall. ISBN 978-0-13-215818-3
16
3.0 MODULE 3
ICT for Business and Management; and Ethical and Societal Issues on MIS
Content:
Study Session 3: Influences on MIS Application and Design Study
Session 4: Ethical and Societal Issues on MIS
STUDY SESSION 1:
ICT for Business and Management
Introduction
2.0 Main Content
2.1 Concepts and definition of ICT
2.2 Ways to apply ICT in business management
2.3 Networking and the internet
4.0 Session Summary
7.0 References
16
Introduction
In this session we will take a look at how all we have learnt about ICT
and information systems apply to business and management. Managers
and business firms invest in information and communication technology (ICT) and
systems because they provide real economic value to the business. The decision to
build or maintain an information system assumes that the returns on this
investment will be superior to other investments in buildings, machines, or other
assets. These superior returns will be expressed as increases in productivity, as
increases in revenues (which will increase the firm’s stock market value), or
perhaps as superior long-term strategic positioning of the firm in certain markets
(which produce superior revenues in the future).

1. explain the capabilities of ICT,
2. discuss ways to apply ICT in business and management, and
3. discuss networking and the internet as it applies to business and
management.
2.0 Main Content

2.1 Concept and Definition of ICT.
Information and Communications Technology (ICT) is an umbrella term that
includes any communication device or application, encompassing: radio,
television, cellular phones, computer and network hardware and software, satellite
systems and so on, as well as the various services and applications associated with
them, such as videoconferencing and distance learning. ICTs are often spoken of in
a particular context, such as ICTs in education, health care, or libraries.
16
ICT is an extended term for information technology (IT) which stresses the role of
unified communications and the integration of telecommunications (telephone
lines and wireless signals), computers as well as necessary enterprise software,
middleware, storage, and audio-visual systems, which enable users to access, store,
transmit, and manipulate information. The term ICT is also used to refer to the
convergence of audio-visual and telephone networks with computer networks
through a single cabling or link system. There are large economic incentives (huge
cost savings due to elimination of the telephone network) to merge the telephone
network with the computer network system using a single unified system of
cabling, signal distribution and management.
However, ICT has no universal definition, as “the concepts, methods and

applications involved in ICT are constantly evolving on an almost daily basis”. The
broadness of ICT covers any product that will store, retrieve, manipulate, transmit
or receive information electronically in a digital form, e.g. personal computers,
digital television, email, robots. For clarity, Zuppo (2016) provided an ICT
hierarchy where all levels of the hierarchy “contain some degree of commonality in
that they are related to technologies that facilitate the transfer of information and
various types of electronically mediated communications”. Skills Framework for
the Information Age is one of many models for describing and managing
competencies for ICT professionals for the 21st century.
16
Information and communication technology (ICT) is one of many tools managers
use to cope with change. Computer hardware, software, data management
technology, networking and telecommunications technology were covered in
various details in other study sessions, all of these technologies, along with the
people required to run and manage them, represent resources that can be shared
throughout the organisation and constitute the firm’s ICT infrastructure. These
infrastructure provides the foundation, or platform, on which the firm can build its
specific information systems. Each organisation must carefully design and manage
its ICT infrastructure so that it has the set of technology services it needs for the
work it wants to accomplish with information systems.
Capabilities of ICT
ICT infrastructure consists of a set of physical devices and software applications
that are required to operate the entire
enterprise. But an ICT infrastructure
is also a set of firm wide services
budgeted by management and
comprising both human and technical
capabilities. These services include
the following:
• Computing platforms used to
provide computing services
that connect employees,
customers, and suppliers into a
coherent digital environment, including large mainframes, midrange
computers, desktop and laptop computers, and mobile handheld and remote
cloud computing services.
16
• Telecommunications services that provide data, voice, and video
connectivity to employees, customers, and suppliers
• Data management services that store and manage corporate data and
provide capabilities for analysing the data
• Application software services, including online software services, that

provide enterprise-wide capabilities such as enterprise resource planning,
customer relationship management, supply chain management, and
knowledge management systems that are shared by all business units
• Physical facilities management services that develop and manage the

physical installations required for computing, telecommunications, and data
management services
• ICT management services that plan and develop the infrastructure,
coordinate with the business units for ICT services, manage accounting for
the ICT expenditure, and provide project management services
• ICT standards services that provide the firm and its business units with
policies that determine which information technology will be used, when,
and how
• ICT education services that provide training in system use to employees

and offer managers training in how to plan for and manage ICT investments
17
• ICT research and development services that provide the firm with research
on potential future ICT projects and investments that could help the firm
differentiate itself in the marketplace
This “service platform” perspective makes it easier to understand the business

value provided by infrastructure investments. For instance, the real business value
of a fully loaded personal computer operating at 3 gigahertz that costs about $1,000
and a high-speed internet connection is hard to understand without knowing who
will use it and how it will be used. When we look at the services provided by these
tools, however, their value becomes more apparent: The new PC makes it possible
for a high-cost employee making $100,000 a year to connect to all the company’s
major systems and the public internet. The high-speed Internet service saves this
employee about one hour per day in reduced wait time for internet information.
Without this PC and Internet connection, the value of this one employee to the firm
might be cut in half.
2.2 Ways to apply ICT in business and management

In all organisations ICT (Information and Communication Technology) devices
(for example, the telephone, mobile-phone, network-switch/router, PC, laptop or
tablet computer) are considered integral to a firm, as they assist employees to,
among other things:
 communicate with customers, partners and each other
 prepare and transmit documents and files, and
 browse online and conduct a wide range of electronic transactions.
17
However, very often these devices are not harnessed to their fullest potential to
improve the organisation’s performance. Below are four ways in which ICT could
be better applied:
1. To improve service delivery to
customers
In all organisations a lot can be done
to improve service delivery and
efficiency. From private sector to
government, much can be done to
improve the customer’s experience,
and technology is a major
contributor
to that transformation. Depending on the organisation and the services being
provided, it is likely that a detailed list of improvements can be identified, but
some likely to be on the list include: providing certain services online and
introducing e- commerce facilities, which would, at the very least, offer customers
a more convenient and efficient experience.
2. To improve the organisation’s responsiveness to new developments

Organisations, whether complex, goods-oriented businesses that operate in
highly dynamic industries or small service-oriented organisations, can
improve their responsiveness with ICT by:
 Processing data generated from a diverse range of channels (e.g. sales,

web analytics, inventory control, customer feedback, industry data, etc.),
which, if handled correctly, can flag developing issues and be the
impetus for important strategic decisions; and
17
 Facilitating the implementation of the decisions that have been made,
through innovative and (hopefully) cost-effective options, some of
which it might be possible to build in-house.
3. To change the basis of competition in an industry

Frequently in industry, a degree of complacency can occur when individual
businesses no longer strive to distinguish themselves from their competitors. A
certain equilibrium has been obtained and the businesses might be doing
“okay”. However, for organisations that aim to grow market share; improve
visibility; or wish to become the preferred vendor or service provider, ICT can help
them achieve those goals by:
 Streamlining, optimising and automating certain internal processes,
which can reduce delays, human error, red tape, and the complexity of
certain processes.
 Introducing operational efficiencies that can reduce costs and improve the
bottom line.
 Implementing new measures that can ultimately add value to the
customer and improve his or her experience with the organisation.
ITQ 1: How can ICT be used to improve service delivery to customers?
4. To improve your organisation’s overall performance

ICT can introduce a paradigm shift in organisations by helping them to re-evaluate,
among other things, what might be possible, how they can raise the bar and
perform better, and what new services and quality standards should be introduced.
This point may be particularly applicable to micro, small and medium sized
businesses, many
17
of which have limited resources, and might be looking for ways to take their
operations to the next level.
One way of beginning the process of getting more out of the technology your
organisation currently possesses, is not to focus on the devices themselves. Instead,
the priority in the first instance should be to set the goals or desired outputs that
you wish to realise, and to examine and understand current processes or project
cycles in order to be in a position to determine how best they can be optimised with
technology to achieve the desire outcome.
ICT has long been touted as being

able to introduce efficiencies into
businesses, but too often the
organisations themselves do not
actively introducing such
measures. Depending on the
expertise resident in the firm,
some external assistance may be
necessary to get the most of the current equipment. However, as the corporate
world becomes even more fixated on profits and savings, and competition
increases across various sectors, a more considered investment to harness readily
available ICT might be worth the inconvenience in the long term.
2.3 Networking and the Internet

A process of connecting set of items together. In MIS, it is typically a process of
connecting computers together to function effectively and efficiently. A computer
network or data network is a telecommunications network which allows computers
17
to exchange data. In computer networks, networked computing devices exchange
data with each other using a data link.
The connections between nodes are established using either cable media or
wireless media. Network computer devices that originate, route and terminate the
data are called network nodes. Nodes can include hosts such as personal
computers, phones, servers as well as networking hardware. Two such devices can
be said to be networked together when one device is able to exchange information
with the other device, whether or not they have a direct connection to each other.
Computer networks differ in the transmission medium used to carry their signals,
the communications protocols to organise network traffic, the network's size,
topology and organisational intent. Computer networks support an enormous
number of applications such as access to the World Wide Web, video, digital
audio, shared use of application and storage servers, printers, and fax machines,
and use of email and instant messaging applications as well as many others. In
most cases, application-specific communications protocols are layered (i.e. carried
as payload) over other more general communications protocols.
In its simplest form, a network consists of two or more connected computers. In a

simple network: a client computer and a dedicated server computer, network
interfaces, a connection medium, network operating system software, and either a
hub or a switch. Each computer on the network contains a network interface device
to link the computer to the network. The connection medium for linking network
components can be a telephone wire, coaxial cable, or radio signal in the case of
cell phone and wireless local area networks (Wi-Fi networks).
17
The internet is a global network of networks, it is the world’s largest
implementation of client/server computing and internetworking, linking millions of
individual networks all over the world. While the internet was evolving and
creating a way for organisations to connect to each other and the world, another
revolution was taking place inside organisations. The proliferation of personal
computers inside organisations led to the need to share resources such as printers,
scanners, and data. Organisations solved this problem through the creation of local
area networks (LANs), which allowed computers to connect to each other and to
peripherals. These same networks also allowed personal computers to hook up to
legacy mainframe computers.
The internet is the global system of interconnected computer networks that use the
Internet Protocol Suite (TCP/IP) to link billions of devices worldwide. It is a
network of networks that consists of millions of private, public, academic,
business, and government networks of local to global scope, linked by a broad
array of electronic, wireless, and optical networking technologies. The internet
carries an extensive range of information resources and services, such as the inter-
linked hypertext documents and applications of the World Wide Web (www),
electronic mail, telephony, and peer-to-peer networks for file sharing.
The internet has no centralised governance in either technological implementation

or policies for access and usage; each constituent network sets its own policies.
Only the overreaching definitions of the two principal name spaces in the internet,
the Internet Protocol address space and the Domain Name System (DNS), are
directed by a maintainer organisation, the Internet Corporation for Assigned
Names and Numbers (ICANN). The technical underpinning and standardisation of
the core protocols is an activity of the Internet Engineering Task Force (IETF), a
17
non-profit
17
organisation of loosely affiliated international participants that anyone may
associate with by contributing technical expertise.
An LAN is (by definition) a local network,

usually operating in the same building or on
the same campus. When an organisation
needed to provide a network over a wider
area (with locations in different cities or
states, for example), they would build a
wide area network (WAN).
Client-server: The personal computer originally was used as a stand-alone

computing device. A programme was installed on the computer and then used to do
word processing or number crunching. However, with the advent of networking
and local area networks, computers could work together to solve problems. Higher-
end computers were installed as servers, and users on the local network could run
applications and share information among departments and organisations. This is
called client-server computing.
Intranet: Just as organisations set up web sites to provide global access to
information about their business, they also set up internal web pages to provide
information about the organisation to the employees. This internal set of web pages
is called an intranet. Web pages on the intranet are not accessible to those outside
the company; in fact, those pages would come up as “not found” if an employee
tried to access them from outside the company’s network.
Extranet: Sometimes an organisation wants to be able to collaborate with its

customers or suppliers while at the same time maintaining the security of being
17
inside its own network. In cases like this a company may want to create an
extranet, which is a part of the company’s network that can be made available
securely to those outside of the company. Extranets can be used to allow customers
to log in and check the status of their orders, or for suppliers to check their
customers’ inventory levels.
Electronic Data Interchange (EDI) and World Wide Web (www)

Electronic Data Interchange (EDI) is an electronic communication method that
provides standards for exchanging data via any electronic means. By adhering to
the same standard, two different companies or organisations, even in two different
countries, can electronically exchange documents (such as purchase orders,
invoices, shipping notices, and many others). EDI has existed for more than 30
years, and there are many EDI standards (including X12, EDIFACT, ODETTE,
etc.), some of which address the needs of specific industries or regions. It also
refers specifically to a family of standards. In 1996, the National Institute of
Standards and Technology defined electronic data interchange as "the computer-to-
computer interchange of strictly formatted messages that represent
documents other than monetary instruments.
EDI can be formally defined as the transfer of structured data, by agreed message
standards, from one computer system to another without human intervention.
ITQ 2: What is Electronic Data Interchange (EDI)?
17
The World Wide Web is one of many services that run across the Internet like
electronic mail, voice, video, and file transfers. The World Wide Web is simply
one piece of the internet made up of web servers that have HTML (or similar web
script) pages that are being viewed on devices with web browsers.
4.0 Session Summary

In this session we have seen the capabilities of IC T, ways to apply ICT
in business and management and we have discussed networking and
the internet as it applies to business and management.

1. Define ICT and explain its connection with MIS.
2. Explain the capabilities of ICT and discuss its basic components
(facilitating, replacing, and enhancing).
3. Identify and explain the different ways ICT could be applied in
business and management.
4. Define the term networking and explain its basic requirements.
5. With clear explanations, distinguish among intranet, internet, and
extranet in terms of their applications in business.
6. What do you understand by the terms Electronic Data Interchange
(EDI) and World Wide Web (www)? How relevant are they to the
development and maintenance of an effective MIS?
7. Explain how ICT can assist organisation’s management in their
strategic, tactical, and operational tasks.
18
ITA 1: ICT be used to improve service delivery to customers by providing services online and introducin
ITA 2: Electronic Data Interchange (EDI) is an electronic communication method that provides standards f

a. Visit U-tube https://goo.gl/vBhVJw watch the video and simmarize
in 1 paragraph
b. View the animation on https://goo.gl/bcCpmW and critique in the
discussion forum
7.0 Reference:
Bourgeois, T. David (Ph.D.) (2014) Information Systems for Business and
Beyond.www.saylor.org
Laudon, K., and Laudon, J. (2014). Management Information Systems: Managing
http://www.ict-pulse.com/2013/09/4-ways-icttechnology-improve- business/
https://en.wikipedia.org/wiki/Electronic_data_interchange
18
STUDY SESSION 2
Application of ICT in MIS
Introduction
2.0 Main Content
2.1 Database Management System
2.2 MIS characteristics and management levels
23. End user computing, Decision support system (DSS) and
Executive Information System (EIS)
2.4 Environmental Scanning
4.0 Session Summary
7.0 References
Introduction
In previous sessions we have looked at databases and their administration, in this
session we’ll be looking at systems used to hold, manage and manipulate data
called database management systems and their derivatives.

1. discuss a database management system (DBMS),
2. outline MIS characteristics and management levels,
18
3. explain end-user computing, decision support system (DSS) and
executive information system (EIS), and
4. discuss environmental scanning
2.0 Main Content

2.1 Database Management System (DBMS)
A database management system (DBMS) is system software for creating and
managing databases. The DBMS provides users and programmers with a
systematic way to create, retrieve, update and manage data. A DBMS makes it
possible for end users to create, read, update and delete data in a database. The
DBMS essentially serves as an interface between the database and end users or
application programmes, ensuring that data is consistently organised and remains
easily accessible.
The DBMS manages three important things: the data, the database engine that
allows data to be accessed, locked and modified -- and the database schema, which
defines the database’s logical structure. These three foundational elements help
provide concurrency, security, data integrity and uniform administration
procedures. Typical database administration tasks supported by the DBMS include
change management, performance monitoring/tuning and backup and recovery.
Many database management systems are also responsible for automated rollbacks,
restarts and recovery as well as the logging and auditing of activity.
DBMS is perhaps most useful for providing a centralised view of data that can be
accessed by multiple users, from multiple locations, in a controlled manner. A
DBMS can limit what data the end user sees, as well as how that end user can view
the data, providing many views of a single database schema. End users and
18
software
18
programmes are free from having to understand where the data is physically
located or on what type of storage media it resides because the DBMS handles all
requests. It can offer both logical and physical data independence. That means it
can protect users and applications from needing to know where data is stored or
having to be concerned about changes to the physical structure of data (storage and
hardware). As long as programmes use the application programming interface
(API) for the database that is provided by the DBMS, developers would not have to
modify programmes just because changes have been made to the database.
A database management system (DBMS) is software that permits an organisation

to centralize data, manage them efficiently, and provide access to the stored data
by application programmes. The DBMS acts as an interface between application
programmes and the physical data files. When the application programme calls for
a data item, such as gross pay, the DBMS finds this item in the database and
presents it to the application programme. Using traditional data files, the
programmer would have to specify the size and format of each data element used
in the programme and then tell the computer where they were located. The DBMS
relieves the programmer or end user from the task of understanding where and how
the data are actually stored by separating the logical and physical views of the data.
The logical view presents data as they would be perceived by end users or business
specialists, whereas the physical view shows how data are actually organised and
structured on physical storage media. The database management software makes
the physical database available for different logical views required by users. We
saw how we can connect to database. But how is the database laid to process all
user requests? Since it is responsible to store huge amount of data and is capable of
handling multiple requests from users simultaneously, it should be arranged
18
properly. One can imagine a database as a brain! How is the structure of brain? Bit
sophisticated and each part of the brain is responsible for some specific tasks.
Similarly, Database is also designed. At very high level, a database is considered as
shown in below diagram. Let us see them in detail below.
Applications: It can be considered as a user friendly web page where the user
enters the requests. Here he simply enters the details that he needs and presses
buttons to get the data.
End user: They are the real users of the database. They can be developers,
designers, administrator or the actual users of the database.
DDL: - Data Definition Language (DDL) is a query fired to create database,

schema, tables, mappings etc. in the database. These are the commands used to
create the objects like tables, indexes in the database for the first time. In other
words, they create structure of the database.
18
DDL Compiler: This part of database is responsible for processing the DDL
commands. That means these compiler actually breaks down the command into
machine understandable codes. It is also responsible for storing the metadata
information like table name, space used by it, number of columns in it, mapping
information etc.
DML Compiler: When the user inserts, deletes, updates or retrieves the record
from the database, he will be sending request which he understands by pressing
some buttons. But for the database to work/understand the request, it should be
broken down to object code. This is done by this compiler. One can imagine this as
when a person is asked some question, how this is broken down into waves to
reach the brain.
Query Optimiser: When user fires some request, he is least bothered how it will
be fired on the database. He is not all aware of database or its way of performance.
But whatever be the request, it should be efficient enough to fetch, insert, update or
delete the data from the database. The query optimiser decides the best way to
execute the user request which is received from the DML compiler. It is similar to
selecting the best nerve to carry the waves to brain!
Stored Data Manager: This is also known as Database Control System. It is one
the main central system of the database. It is responsible for various tasks
It converts the requests received from query optimiser to machine understandable
form. It makes actual request inside the database. It is like fetching the exact part
of the brain to answer.
18
It helps to maintain consistency and integrity by applying the constraints. That
means, it does not allow inserting / updating / deleting any data if it has child entry.
Similarly it does not allow entering any duplicate value into database tables. It
controls concurrent access. If there is multiple users accessing the database at the
same time, it makes sure, all of them see correct data. It guarantees that there is no
data loss or data mismatch happens between the transactions of multiple users. It
helps to back up the database and recover data whenever required. Since it is a
huge database and when there is any unexpected exploit of transaction, and
reverting the changes are not easy. It maintains the backup of all data, so that it can
be recovered.
Data files: It has the real data stored in it. It can be stored as magnetic tapes,
magnetic disks or optical disks.
Compiled DML: Some of the processed DML statements (insert, update, delete)
are stored in it so that if there is similar requests, it will be re-used.
Data dictionary: It contains all the information about the database. As the name
suggests, it is the dictionary of all the data items. It contains description of all the
tables, view, materialised views, constraints, indexes, triggers etc.
ITQ 1: What is a database management system (DBMS)?
World Wide Web (www)

The World Wide Web, or simply Web, is a way of accessing information over the
medium of the internet. It is an information-sharing model that is built on top of the
Internet. The World Wide Web (WWW) is an information space where documents
18
and other web resources are identified by URLs, interlinked by hypertext links, and
18
can be accessed via the Internet. The World Wide Web was invented by English
scientist Tim Berners-Lee in 1989. He wrote the first web browser in 1990 while
employed at CERN in Switzerland.
It has become known simply as the Web. When used attributively (as in web page,
web browser, website, web server, web traffic, web search, web user, web
technology, etc.) it is invariably written in lower case. Otherwise the initial capital
is often retained (‘the Web’), but lower case is becoming increasingly common
(‘the web’). The World Wide Web was central to the development of the
Information Age and is the primary tool billions of people use to interact on the
internet. Web pages are primarily text documents formatted and annotated with
Hypertext Markup Language (HTML).
2.2 MIS Characteristics and Management Levels

Management information being a specialised information system conforms to
certain characteristics. These characteristics are generic in nature. These
characteristics remain more or less the same even when the technology around
such management information system changes:
Management oriented
One important feature of MIS is that MIS is designed top-down. This means that
the system is designed around the need felt by the management at different levels
for information. The focus of the system is to satisfy the information needs of
management.
Management directed
19
Since MIS is 'for the' management it is imperative that it also should have a very
strong 'by the' management initiative. Management is involved in the designing
process of MIS and also in its continuous review and up gradation to develop a
good qualitative system. The system is structured as per directions factored by
management. This helps in minimising the gap between expectations of
management form the system and the actual system.
Integrated
MIS is an integrated system. It is integrated with all operational and functional
activities of management. This is an important characteristic and- requirement for a
system to qualify as MIS. The reason for having an integrated system is that
information in the managerial context for decision-making may be required from
different areas from within the organisation. If MIS remains a collection of isolated
systems and each satisfying a small objective, then the integrated information need
of managers will not be fulfiller. In order to provide a complete picture of the
scenario, complete information is needed which only an integrated system can
provide.
Common data flows

Through MIS the data being stored into the system, retrieved from the system,
disseminated within the system or processed by the system can be handled in an
integrated manner. The integrated approach towards data management will result
in avoiding duplication of data, data redundancy and will help to simplify
operations.
Strategic planning
MIS cannot be designed overnight. It requires very high degree of planning which
19
goes into creating an effective organisation. The reason for this kind of planning is
19
to ensure that the MIS being built not only satisfies the information need of the
managers today but can also serve the organisation for the next five to ten years
with modifications. Sometimes when the planning part is done away with, systems
tend to perform well in the present but they tend to become obsolete with time.
Planning helps to avoid this problem.
Bias towards centralisation

MIS is required to give 'one version of the truth', i.e., it must supply the correct
version of the latest information. There is a requirement for the data repository to
be centralised. Centralised data management helps MIS to exercise version control
as well as provide an integrated common view of data to the managers. In a non-
centralised system, data will get entered, updated and deleted from the system from
different locations. In such a case it becomes difficult to provide correct
information to managers. For example, in a decentralised System if a person
superannuates from an organisation and his superannuating is only recorded in the
human resource system but not communicated to the finance department system,
then it is quite likely
19
that his salary may be generated by the finance system for the next month. A
centralised system where data in entered, updated and deleted from only one
location does not suffer from such problems. In a centralised system, the
superannuating employee's details are deleted from the master file from which all
departments' access data, thereby eliminating the risk of generating his salary for
the next month.
MIS supports:
Strategic management: As part of a strategic planning process top executives
develop overall organisational goals, strategies, policies, and monitor the strategic
performance of the organisation and its overall direction in the political, economic,
and competitive business environment
Tactical management: Business unit managers and business professionals in self-

directed teams develop short- and medium-range plans, schedules, budgets and
specify policies, procedures, and business objectives for their sub-units of the
company, and allocate resources and monitor the performance of their
organisational sub-units, including departments, divisions, process teams, project
teams, and other workgroups.
Operational management: Operating managers and members of self-directed teams
develop short-range plans (e.g. weekly production schedules), and direct the use of
resources and the performance of tasks according to procedures and within budgets
and schedules they establish for the teams and other workgroups of the
organisation.
2.3 End-user computing, Decision Support System (DSS) and

Executive Information System (EIS)
19
End-User computing systems is a computer-based information systems that
directly support both the operational and managerial applications of end users.
19
Decision-support systems (DSS) are computer-based information systems that
provide interactive information support to managers and business professionals
during the decision making process. Decision support systems use (1) analytical
models, (2) specialised databases, (3) a decision maker’s own insights and
judgments, and (4) an interactive, computer-based modeling process to support
semi-structured business decisions.
DSS components: Unlike management information systems, decision support

systems rely on codebases, as well as databases, as vital system resources. A DSS
model base is a software component that consists of models used in computational
and analytical routines that mathematically express relationships among variables.
For example, a spreadsheet programme might contain models that express simple
accounting relationships among variables, such as Revenue 2 Expenses 5 Profit. A
DSS model base could also include models and analytical techniques used to
express much more complex relationships.
Executive information systems (EIS) are information systems that combine many
of the features of management information systems and decision support systems.
When they were first developed, their focus was on meeting the strategic
information needs of top management. Thus, the first goal of executive information
systems was to provide top executives with immediate and easy access to
information about a firm’s critical success factors (CSFs), that is, key factors that
are critical to accomplishing an organisation’s strategic objectives. For example,
the executives of a retail store chain would probably consider factors such as its e-
commerce versus traditional sales results or its product line mix to be critical to its
survival and success.
19
Yet managers, analysts, and other knowledge workers use executive information
systems so widely that they are sometimes humorously called “everyone’s
information systems.”
More popular alternative names are enterprise information systems (EIS) and
executive support systems (ESS). These names also reflect the fact that more
features, such as Web browsing, e-mail, groupware tools, and DSS and expert
system capabilities, are being added to many systems to make them more useful to
managers and business professionals.
Features of an EIS: In an EIS, information is presented in forms tailored to the

preferences of the executives using the system. For example, most executive
information systems emphasise these of a graphical user interface, as well as
graphics displays that can be customised to the information preferences of
executives using the EIS. Other information presentation methods used by an EIS
include exception reporting and trend analysis. The ability to drill down, which
allows executives to retrieve displays of related information quickly at lower levels
of detail, is another important capability.
ITQ 2: What are Decision-support systems (DSS)?
19
2.4 Environmental Scanning
Environmental scanning is the process by which information is gathered about the
environment, whether by formal or informal means. According to Choo (2001),
environmental scanning is the acquisition and use of information about events,
trends, and relationships in an organisation's external environment, the knowledge
of which would assist management in planning the organisation's future course of
action.
Organisations scan the environment in order to understand the external forces of
change so that they may develop
effective responses which secure or
improve their position in the future.
They scan in order to avoid surprises,
identify threats and opportunities, gain
competitive advantage, and improve
long-term and short-term planning). To
the extent that an organisation's ability
to adapt to its outside environment is
dependent on knowing and interpreting
the external changes that are taking
place, environmental scanning constitutes a primary mode of organisational
learning.
Environmental scanning includes both looking at information (viewing) and

looking for information (searching). It could range from a casual conversation at
the lunch table or a chance observation of an angry customer, to a formal market
research programme or a scenario planning exercise.
19
Environmental scanning is a process that systematically surveys and interprets
relevant data to identify external opportunities and threats. An organisation gathers
information about the external world, its competitors and itself. The company
should then respond to the information gathered by changing its strategies and
plans when the need arises.
The environmental scanning process encompasses several steps. The first step is
for an employer to gather information about the world in which it operates,
including information about the economy, government, laws and demographic
factors such as population size and distribution.
Next, the organisation should focus on its competitors. The company should
examine the research for trends, opportunities and threats that might impact its
business. The next step is to conduct an internal scan of the organisation. Examine
the company's strengths and weaknesses. Consider where the company is now and
where it plans to be in five or 10 years. Interview or survey leaders of the
company.
Sometimes an organisation also might decide to gather information from

community service and religious groups and interview the leaders of the groups or
use surveys. This might help a company decide, for example, whether it should try
to work with the other organisations and what activities to pursue. The company
then might decide to plan joint activities that will meet the needs of both groups or
to encourage employees to get involved in community activities, such as building a
house for Habitat for Humanity or serving food to the homeless at the local shelter.
When conducting an environmental scan, a variety of methods should be used to
19
collect data, including publications, focus groups, and leaders inside and outside
the
20
organisation, media, civic associations and the library. After the data is collected,
the final step is to analyse the data and identify changes that can be made.
ITQ 3: What is the benefit of Environmental scanning to an organisation?
4.0 Session Summary

In this study session, we have seen database management system
(DBMS) and their components, we looked at the characteristic of
management information systems and management levels. We have also
seen end user computing and various decision support systems. Finally
we have seen how a business can understand their current environment
through environmental scanning.

1. Define Database Management Systems (DBMS) and with the aid
of a diagram, explain its compositions.
2. Explain the characteristics of MIS thereby linking them with the
various levels of management.
3. “Businesses use information systems at all levels of operation to
collect, process and store data. Management aggregates and
disseminates this data in the form of information needed to carry
out the daily operations of business.” In line with these
statements:
20
a) Explain the rationale for an MIS.
b) How can MIS assist the following levels of management in
discharging their core duties and responsibilities?
i) Strategic managers
ii) Tactical/functional managers
iii) Operational managers.
4. Among the responsibilities of managers in an organisation is to
ensure that the best decision is taking at a particular time. With
the application of computer-based systems, certain systems are put
in place to support the managerial decision making.
Required: Explain the essence of Decision Support Systems (DSS)
and Executive Information Systems (EIS); and state how they can
support managers in their decision making responsibilities.
5. Define environmental scanning in MIS and explain its types and
the sources of environmental information.

a. Visit U-tube https://goo.gl/XnPbfd watch the video and simmarize
in 1 paragraph
b. View the animation on https://goo.gl/vjQEyw and critique in the
discussion forum
ITA 1: A database management system (DBMS) is software that permits an organisation to centralise data, man
20
ITA 2: Decision-support systems (DSS) are computer-based information systems that provide interactive info
ITA 3: Environmental scanning helps an organisation gathers information about the external world, its compe
7.0 Reference:
O’Brien, J., and Marakas, G. (2011) Management Information Systems. (10th
https://www.tutorialcup.com/dbms/structure-of-dbms.htm
http://ecomputernotes.com/mis/what-is-
mis/functionandcharacteristicsofmis
https://www.shrm.org/resourcesandtools/tools-and-samples/hr-
qa/pages/cms_021670.aspx
20
STUDY SESSION 3
Influences on MIS Application and Design
Introduction
2.0 Main Content
2.1 Implications for organisations and management
2.2 Data flow diagrams
2.3 Management's involvement in MIS design
4.0 Session Summary
7.0 References
Introduction
In this study session we will be looking at hoe MIS affects the operation of
organisations, a great number of organisations could not operate properly and
successfully without the implementation of MIS. Management information systems
make it possible for organisations to get the right information to the right people at
the right time in the right form by enhancing the interaction between the
organisation’s people.

1. discuss Implications of MIS for organisations and management
2. explain how data flow diagrams (DFDs) are used
20
3. discuss management’s role in MIS design
2.0 Main Content
2.1 Implications for Organisations and Management
The impact of MIS on the functions is in its management. With a good MIS
support, the management of marketing, finance, production and personnel becomes
more efficient, the tracking and monitoring the functional targets becomes easy.
The functional managers are informed about the progress, achievements and
shortfalls in the activity and the targets. The manager is kept alert by providing
certain information indicating the probable trends in the various aspects of
business. This helps in forecasting and long-term perspective planning. The
manager'' attention is brought to a situation which is exceptional in nature,
inducing him to take an action or a decision in the matter.
A disciplined
information reporting system creates a
structured database and a knowledge base for
all the people in the organization. The
information is available in such a form that it
can be used straight away or by blending and
analysis, saving the manager's valuable time.
The MIS creates another impact in the

organisation which relates to the understanding of the business itself. The MIS
begins with the definition of a data entity and its attributes. It uses a dictionary of
data, entity and attributes, respectively, designed for information generation in the
organisation. Since all the information systems use the dictionary, there is common
20
understanding of terms and terminology in the organisation bringing clarity in the
communication and a similar understanding of an event in the organisation.
The MIS calls for a systemisation of the business operations for an effective
system design. This leads to streamlining of the operations which complicate the
system design. It improves the administration of the business by bringing a
discipline in its operations everybody is required to follow and use systems and
procedures. This process brings a high degree of professionalism in the business
operations.
Since the goals and objective of the MIS are the products of business goals and
objectives, it helps indirectly to pull the entire organisation in one direction
towards the corporate goals and objectives by providing the relevant information to
the people in the organisation.
A well designed system with a focus on the manager makes an impact on the
managerial efficiency. The fund of information motivates an enlightened manager
to use a variety of tools of the management. It helps him to resort to such exercises
as experimentation and modeling. The use of computers enables him to use the
tools and techniques which are impossible to use manually. The ready-made
packages make this task simpler. The impact is on the managerial ability to
perform. It improves the decision making ability considerably.
2.2 Data Flow Diagrams (DFDs)

A data flow diagram (DFD) is a graphical representation of the "flow" of data
through an information system, modelling its process aspects. A DFD is often used
as a preliminary step to create an overview of the system, which can later be
elaborated. DFDs can also be used for the visualisation of data
20
processing (structured design).
20
A DFD shows what kind of information will be input to and output from the
system, where the data will come from and go to, and where the data will be
stored. It does not show information about the timing of process or information
about whether processes will operate in sequence or in parallel (which is shown on
a flowchart).
Starting in the 1970s, data flow diagrams (DFD) became a popular way to visualise
the major steps and data involved in software system processes. DFDs were
usually used to show data flow in a computer system, although they could in theory
be applied to business process modeling. DFD were useful to document the major
data flows or to explore a new high-level design in terms of data flow.
Data flow diagrams are also known as bubble charts. DFD is a designing tool used
in the top-down approach to Systems Design. This context-level DFD is next
"exploded", to produce a Level 1 DFD that shows some of the detail of the system
being modeled. The Level 1 DFD shows how the system is divided into sub-
systems (processes), each of which deals with one or more of the data flows to or
from an external agent, and which together provide all of the functionality of the
system as a whole. It also identifies internal data stores that must be present in
order for the system to do its job, and shows the flow of data between the various
parts of the system.
Data flow diagrams are one of the three essential perspectives of the structured-
systems analysis and design method SSADM. The sponsor of a project and the end
20
users will need to be briefed and consulted throughout all stages of a system's
evolution. With a data flow diagram, users are able to visualise how the system
will
20
operate, what the system will accomplish, and how the system will be
implemented. The old system's dataflow diagrams can be drawn up and compared
with the new system's data flow diagrams to draw comparisons to implement a
more efficient system. Data flow diagrams can be used to provide the end user with
a physical idea of where the data they input ultimately has an effect upon the
structure of the whole system from order to dispatch to report. How any system is
developed can be determined through a data flow diagram model.
ITQ 1: What is a data flow diagram (DFD) and how is it used?
In the course of developing a set of levelled data flow diagrams the

analyst/designer is forced to address how the system may be decomposed into
component subsystems, and to identify the transaction data in the data model.
Data flow diagrams can be used in both Analysis and Design phase of the SDLC.
A physical DFD shows how the system is actually implemented, either at the
moment (Current Physical DFD), or how the designer intends it to be in the future
(Required Physical DFD).
Soft systems methodologies (SSM)

Soft systems methodology (SSM) is an approach to organisational process
modeling (business process modeling) and it can be used both for general problem
solving and in the management of change. It was developed in England by
academics at the University of Lancaster Systems Department through a ten year
action research programme.
21
The methodology was developed from earlier systems engineering approaches,
primarily by Peter Checkland and colleagues such as Brian Wilson. The primary
use of SSM is in the analysis of complex situations where there are divergent views
about the definition of the problem. These situations are "soft problems" such as:
How to improve health services delivery? How to manage disaster planning? When
should mentally disordered offenders be diverted from custody? What to do about
homelessness amongst young people?
The 7-stage representation of SSM:

1. Enter situation considered problematical
2. Express the problem situation
3. Formulate root definitions of relevant systems of purposeful activity
4. Build conceptual models of the systems named in the root definitions
5. Comparing models with real world situations
6. Define possible changes which are both possible and feasible
7. Take action to improve the problem situation
2.3 Management’s Involvement in MIS Design

Involving business managers in the governance of the IS function and business
professionals in the development of IS applications should thus shape the response
of management to the challenge of improving the business value of information
technology.
Involving managers in the management of IT (from the CEO to the managers of

business units) requires the development of governance structures (e.g., executive
councils, steering committees) that encourage their active participation in planning
21
and controlling the business uses of IT. Thus, many organisations have policies
that require managers to be involved in IT decisions that affect their business units.
This requirement helps managers avoid IS performance problems in their business
units and development projects. With this high degree of involvement, managers
can improve the strategic business value of information technology. Only direct
end-user participation in system development projects can solve the problems of
employee resistance and poor user interface design. Overseeing such involvement
is another vital management task.
Information technology governance (ITG) is a subset discipline of corporate

governance focused on the information technologies (IT), information systems
(IS), their performance, use, and associated risks. The rising interest in IT
governance is due, impart, to governmental compliance initiatives such as
Sarbanes-Oxley in the United States and its counterpart in Europe, Basel II.
Additional motivation comes from the acknowledgment that IT projects can easily
get out of control and profoundly affect the performance of an organisation.
A characteristic theme of IT governance discussions is that the IT capability can no

longer be thought of as a mythical black box, the contents of which are known only
to the IT personnel. This traditional handling of IT management by board-level
executives is due to limited technical experience and the perceived complexity of
IT. Historically, key decisions were often deferred to IT professionals. IT
governance implies a system in which all stakeholders, including the board,
internal customers, and related areas such as finance, have the necessary input into
the decision-making process. This prevents single stakeholder, typically IT, from
being blamed for poor decisions. It also prevents users from later complaining that
the system does not behave or perform as expected.
21
The focus of ITG is specifying decision inputs and rights along with an
accountability framework such that desirable behaviors toward and in the use of IT
are developed. It highlights the importance of IT-related matters in contemporary
organisations and ensures that strategic IT decisions are owned by the corporate
board, rather than by the CIO or
other IT managers. The
primary goals for information
technology governance are to
(1) assure that the significant
organisational investments in
IT and IS generate their
maximum business value and
(2) mitigate the risks that are
associated with
IT. This is accomplished by implementing an organisational structure with well-
defined roles for the responsibility of the decisions related to the management and
use of IT such as infrastructure, architecture, investment, and use.
One very popular approach to IT governance is COBIT (Control Objectives for

Information and related Technology). COBIT is a framework of best practices for
IT management created by the Information Systems Audit and Control Association
(ISACA) and the IT Governance Institute (ITGI). COBIT provides all members of
the organisation with a set of generally accepted measures, indicators, processes,
and best practices to help them maximise the benefits derived through the use of
information technology and in developing appropriate IT governance and control
structures in a company.
21
COBIT has 34 high-level processes covering 210 control objectives categorised in
four domains: (1) Planning and Organisation, (2) Acquisition and Implementation,
(3) Delivery and Support, and (4) Monitoring. Managers benefit from COBIT
because it provides them with a foundation upon which IT-related decisions and
investments can be based. Decision making is more effective because COBIT helps
management define a strategic IT plan, define the information architecture, acquire
the necessary IT hardware and software to execute an IT strategy, ensure
continuous service, and monitor the performance of the IT system. IT users benefit
from COBIT because of the assurance provided to them by COBIT’s defined
controls, security, and process governance. COBIT also benefits auditors because it
helps them identify IT control issues within a company’s IT infrastructure, and it
helps them corroborate their audit findings.
ITQ 2: What is Information technology governance (ITG)?
4.0 Session Summary

In this study session we have looked at the implications of MIS for
organisations and management, the use of data flow diagrams (DFDs)
to graphically represent the "flow" of data through an information
system, modelling its process aspects, and the role of management in
MIS design.
1. What are the implications of ICT on organisations and
management?
21
2. Identify and discuss the factors that influence the structure and
scope of an organisation’s MIS.
3. With the aid of a diagram, explain the term Data Flow Diagrams
(DFDs).
4. Define Soft Systems Methodology (SSM) and discuss the stages
involved.
5. What are the key areas management should concentrate on in its
involvement with MIS design?
6. What do you understand by root definition in MIS?
7. Management Information Systems (MIS) is “the study of people,
technology, organisations and the relationships among them.”
i) What are the requirements in respect of the people aspect of
MIS?
ii) Identify the technology requirements in an MIS.
iii) Explain the phrase “the relationships among them”.

a. Visit U-tube https://goo.gl/BQskZF watch the video and simmarize
in 1 paragraph
b. View the animation on https://goo.gl/SFGcW3 and critique in the
discussion forum
21
ITA 1: A data flow diagram (DFD) is a graphical representation of the "flow" of data through an info
ITA 2: Information technology governance (ITG) is a subset discipline of corporate governance focused
7.0 Reference:
O’Brien, J., and Marakas, G. (2011) Management Information Systems. (10th
http://www.openlearningworld.com/books/Fundamentals
https://en.wikipedia.org/wiki/Data_flow_diagram
https://en.wikipedia.org/wiki/Soft_systems_methodology
21
Study Session 4
Ethical and Societal Issues on MIS
Introduction
2.0 Main Content
2.1 Data Protection Act
2.2 Computer misuse Act 1990
2.3 Regulation of investigatory power Act
2.4 Rights, control and security measures
4.0 Session Summary
6.0 Additional Activity (Videos, animation and outdoor activities )
7.0 References
Introduction
MIS provides organisations with a lot of power and control, but there are limitation
to what an organisation can do within the confines of the law. In this study session
we are looking at ethics, this refers to the principles of right and wrong that
individuals, acting as free moral agents, use to make choices to guide their
behaviours. Information systems raise new ethical questions for both individuals
and societies because they create opportunities for intense social change, and thus
threaten existing distributions of power, money, rights, and obligations. Like other
technologies, such as steam engines, electricity, the telephone, and the radio,
information technology can be used to achieve social progress, but it can also be
21
used to commit crimes and threaten cherished social values. The development of
information technology will produce benefits for many and costs for others.
1. outline the Data Protection Act (DPA) 1998
2. outline the Computer Misuse Act 1990
3. explain the Regulation of Investigatory Powers Act (RIPA) 2000
4. discuss Risks, control and security measures as relating to MIS
2.0 Main Content

2.1 Data Protection Act (DPA) 1998
The Data Protection Act 1998 (DPA) is an Act of Parliament of the United
Kingdom of Great Britain and Northern Ireland which defines UK law on the
processing of data on identifiable living people. The Act defines eight data
protection principles:
1. Personal data shall be processed fairly and lawfully and, in particular, shall not
be processed unless:
a. at least one of the conditions in schedule 2 is
met, and
b. In the case of sensitive personal data, at
least one of the conditions in schedule 3 is
also met.
2. Personal data shall be obtained only for one or

more specified and lawful purposes, and shall not
be further processed in any manner incompatible with that purpose or those
purposes.
21
3. Personal data shall be adequate, relevant and not excessive in relation to the
purpose or purposes for which they are processed.
4. Personal data shall be accurate and, where necessary, kept up to date.

5. Personal data processed for any purpose or purposes shall not be kept for longer
than is necessary for that purpose or those purposes.
6. About the rights of individuals e.g. personal data shall be processed in

accordance with the rights of data subjects (individuals).
7. Appropriate technical and organisational measures shall be taken against

unauthorised or unlawful processing of personal data and against accidental loss
or destruction of, or damage to, personal data.
8. Personal data shall not be transferred to a country or territory outside the

European Economic Area unless that country or territory ensures an adequate
level of protection for the rights and freedoms of data subjects in relation to the
processing of personal data.
2.2 Computer Misuse Act 1990

The Computer Misuse Act 1990 is an Act of the Parliament of the United
Kingdom, introduced partly in response to the decision in R v Gold & Schifreen
(1988) 1 AC 1063.
The Act has nonetheless become a model from which several other countries.
Several amendments have been passed to keep the Act up to date.
21
Based on the ELC's recommendations, a Private Member's Bill was introduced by
Conservative MP Michael Colvin. The bill, supported by the government, came
into effect in 1990. Sections 1-3 of the Act introduced three criminal offences:
1. Unauthorised access to computer material, punishable by 12 months'

imprisonment (or 6 months in Scotland) and/or a fine "not exceeding
level 5 on the standard scale" (since 2015, unlimited);
2. Unauthorised access with intent to commit or facilitate commission of

further offences, punishable by 12 months/maximum fine (or 6 months in
Scotland) on summary conviction and/or 5 years/fine on indictment;
3. Unauthorised modification of computer material, punishable by 12

months/maximum fine (or 6 months in Scotland) on summary conviction
and/or 10 years/fine on indictment;
ITQ 1: What is The Data Protection Act 1998 (DPA)?
2.3 Regulation of Investigatory Powers Act (RIPA) 2000

The Regulation of Investigatory Powers Act 2000 (c.23) (RIP or RIPA) is an Act
of the Parliament of the United Kingdom, regulating the powers of public bodies to
carry out surveillance and investigation, and covering the interception
of communications. It was ostensibly introduced to take account of technological
change such as the growth of the internet and strong encryption.
22
RIPA regulates the manner in which certain public bodies may conduct surveillance
and access a person's electronic communications. The Act:
 Enables certain public bodies to demand that an ISP provide access to a
customer's communications in secret;
 Enables mass surveillance of communications in transit;
 Enables certain public bodies to demand ISPs fit equipment to facilitate
surveillance;
 Enables certain public bodies to demand that someone hand over keys to
protected information;
 Allows certain public bodies to monitor people's internet activities;
 Prevents the existence of interception warrants and any data collected with
them from being revealed in court.
2.4 Risks, Control and Security Measures

Information risk management (IRM) is the process of identifying and assessing
risk, realizing the limitations in reducing it to an acceptable level, and
implementing the right mechanisms to maintain that level.
Categories of risks
 Physical damage- Fire, water, vandalism, power loss, and natural disasters
 Human interaction- Accidental or intentional action or inaction that can
disrupt productivity
 Equipment malfunction- Failure of systems and peripheral devices
 Inside and outside attacks- Hacking, cracking, and attacking
 Misuse of data- Sharing trade secrets, fraud, espionage, and theft
22
 Loss of data- Intentional or unintentional loss of information through
destructive means
 Application error- Computation errors, input errors, and buffer overflows
 Social Status- Loss of Customer base and reputation
It is impossible to have a system or an environment to be 100 percent secure, there
should be an acceptable level of risk.
ITQ 2: Information risk management (IRM)?
Ways to deal with risk

There are four basic ways of dealing with risks:
 Transfer it: If a company's total or residual risk is too high and it
purchases an insurance then it is transfer of risk to the insurance company
 Reject it: If a company is in denial about its risk or ignore it, it is
rejecting the risk
 Reduce it: If a company implements countermeasures, it is reducing the
risk
 Accept it: If a company understands the risk and decides not to implement
any kind of countermeasures it is accepting the risk. And this is actually
what all computer systems boil down to. There is no way to mitigate the
risk if the system is going to connect to the internet. Having only one user
without any networking with others computer systems is the closet you can
ever get to not having any risks.
22
4.0 Session Summary

In this study session, we were able to look at the Data Protection Act
(DPA) 1998, Outline the Computer Misuse Act 1990 and the Regulation
of Investigatory Powers Act (RIPA) 2000. We have also looked at risk as
it relates to MIS, how to control them and security measures to be taken
to minimise them.

1. Explain the ethical and societal issues on customer privacy when
developing and maintaining and MIS.
2. What are the ethical and societal issues on employee privacy in
MIS operation?
3. To what extent should organisations use the freedom of speech in
their MIS operation without infringing on the ethical and societal
issues?
4. Explain the following terms as considered under the ethics and
societal issues of MIS:
i) Information Technology (IT) professionalism.
ii) Social inequality.
5. The design and operation of a computer-based MIS is influenced
by certain legal and regulatory Acts. Explain the following Acts
and state the ethical and other societal protection issues contained
in them.
i) Data Protection Act (DPA), 1998
ii) Computer Misuse Act, 1990
22
iii) Regulation of Investigatory Powers Act (RIPA), 2000
6. Identify and explain other risks, control and security measures
associated with the ethics of MIS operation.

a. Visit U-tube https://goo.gl/87NhCP watch the video and simmarize
in 1 paragraph
b. View the animation on https://goo.gl/Yvg1vV and critique in the
discussion forum
ITA 1: The Data Protection Act 1998 (DPA) is an Act of Parliament of the United Kingdom of Great Brita
ITA 2: Information risk management (IRM) is the process of identifying and assessing risk, realising the lim
7.0 References:
https://en.wikipedia.org/wiki/Data_Protection_Act_1998
22
https://en.wikipedia.org/wiki/Computer_Misuse_Act_1990
https://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Ac t_2000
https://en.wikibooks.org/wiki/Fundamentals_of_Information_Systems_
Security/Information_Security_and_Risk_Management#Common
_Computer_Ethics_Fallacies
GLOSSARY
( For the under listed terms and others, please visit
https://jerrypost.com/MIS/MISGlossary.html)
See also David M. Kroenke (2007) Using MIS. Washington, USA: Pearson Prentice
Hall. ISBN 0-13-1433733 , (Page 369-383)
10Base-T A system of connecting computers on a LAN using twisted-pair cable. The

method relies on compression to increase raw transfer rates to 10 megabits
per second.
24 -7 Operation of an application or database 24 hours a day, 7 days a week.
Because the database can never be shut down, performing maintenance is a
challenge.
Access speed A measure of disk drive speed. Loosely, the time it takes a disk drive to move
to a particular piece of data.
Accounting journal Raw financial transaction data are collected by the accounting department and
stored in a journal. Modern accounting requires the use of a double-entry
system to ensure accurate data.
Activity-based ABC allocates costs by examining a detailed breakdown of the production
costing (ABC) activities. The cost of each process is computed for each different product.
The detail provides a better picture of the production cost for each item.
Advanced encryption A new U.S. standard for single-key encryption. Approved in 2001 by the
standard (AES) government to replace DES and triple DES. With 128 bit keys, it is
substantially more difficult to break; but still very fast to encrypt and decrypt.
22
Advocacy role Someone in MIS, usually the chief information officer, who bears
responsibility for exploring and presenting new applications and uses of MIS
within the company.
Agent An object-oriented program designed for networks that is written to perform
specific tasks in response to user requests. Agents are designed to
automatically communicate with other agents to search for data and make
decisions.
Agile development In contrast to SDLC, a development approach that relies on reducing the time
to get a product out the door. Similar to prototyping but on a larger scale. The
focus is to identify key features and build and release software as versions
that will be improved.
American National An organisation responsible for defining many standards, including several
Standards Institute useful information technology standards.
(ANSI)
American Standard American standard code for information interchange. A common method of
Code for Information numbering characters so that they can be processed. For instance, the letter A
Interchange (ASCII) is number 65. It is slowly being replaced by the ANSI character set table and
the use of international code pages that can display foreign characters.
Angel investor An individual who provides a limited amount of funding to start-up firms.
Unlike a partner, the investor is rarely involved in management. The amount
of funding is generally small--$25,000 to $100,000.
Antitrust laws A variety of laws that make it illegal to use monopoly power. Some basic
(economic) actions to achieve a competitive advantage are illegal. Strategic
plans must be evaluated carefully to avoid violating these laws.
Application (AI)
generator
Application service
provider (ASP)
Artificial intelligence
22
A software tool for
developers that
helps build
software
applications. It is
usually associated
with a DBMS but
several standalone
tools exist to help
create new forms
and reports.
A specialised
Internet firm that
provides an
individual
application to other
businesses. For
example, a
reservation system
can be run by an
ASP to provide
services to other
companies.
An attempt to build
machines that can
think like humans.
Techniques evolved
from this research
help solve more
complex problems.
Useful techniques
22
include expert systems, neural networks, massively parallel computers, and
robotics.
Aspect ratio Used to define the ratio of width to height in display screens. Standard
definition TV was typically 6:4 (such as 640 x 480). HDTV is generally 16:9
(such as 1920 x 1080). Movies sometimes use a 1.85:1 ratio which is slightly
wider than the HDTV 1.77:1.
Assumptions Models are simplifications of real life, so they require assumptions about
various events or conditions.
Asynchronous A packet-based network system that uses high-speed transmission lines (150
Transfer Mode megabits and over) and routers to maximise network efficiency and
(ATM) throughput.
Attributes Descriptions of an object or entity. For example, a customer object would at
least have attributes for name, phone number, and address.
Auction In an e-commerce context, a Web-based system where individuals bid for
items. Useful when you do not know the exact value of an item or have only a
few items to sell. The auction site helps handle payments but charges a
percentage fee.
Audit trail The ability to trace any transaction back to its source. In accounting,
transaction values are accumulated on the general ledger and used to create
reports. An audit trail is a set of marks or records to point back to the original
transaction.
Augmented reality A display of a real-world scene with computer-generated data added to it. The
computer data often adds names, descriptions, or drawings. For instance, a
phone camera might be used to display a scene and tags are added to identify
points of interest.
Authentication The ability to verify the source of a message. Dual-key systems are a useful
technique. The sender uses a private key to encrypt the message. The
recipient applies the sender’s public key. If the decrypted message is
readable, it had to have come from the alleged sender, because the keys
always work in pairs.
Backbone A high-speed communication line that links multiple sub networks. It is
22
usually a fibre-optic line.
22
Backward chaining In an expert system, the user enters a “conclusion” and asks to see whether the
rules support that conclusion.
Bandwidth Traditionally, the amount of frequency allocated to a communication channel,
such as the portion of the spectrum allocated to a single radio or television
station. But, the term is commonly used to indicate the basic capacity or
transmission speed of a communication channel. For example, 20 megabits
per second instead of 5 megahertz.
Bandwidth hogs On a shared network, a small percentage of users will transmit vastly more
data than the average user. ISPs often define pricing methods to penalise
heavy users to ensure that more bandwidth or capacity is available for all
users.
Barriers to entry Anything that makes it more difficult for new firms to enter an industry.
Several possibilities would violate antitrust laws. An acceptable barrier is the
increased use of information systems, which raises the cost of entering an
industry because a rival would have to spend additional money on
information technology.
Beginners All- An early computer programming language designed to be easy to program and
purpose Symbolic to teach. Visual Basic is a current version for Windows programming.
Instruction Code
(Basic)
Benchmark A set of routines or actions used to evaluate computer performance. By
performing the same basic tasks on several machines, you can compare their
relative speeds. Benchmarks are especially useful when the machines use
different processors and different input and output devices.
Best practices Methods that are known to work for solving specific problems. Most
problems, including those in software development, have multiple solutions.
Best practices are a collection of techniques for solving problems that have
been tested and avoid common mistakes and problems.
BETWEEN A portion of a SQL statement used to specify a lower and upper bound in a
WHERE clause. Commonly used for dates, such as Order Date BETWEEN
01-Jan-2008 AND 31-Dec-2008.
23
Big data The concept that companies have huge amounts of data that require
specialised hardware, software, and people to analyse to obtain
useful/actionable information. Quickly became a meaningless marketing
term.
Bill of materials Used in manufacturing, it is a list of components used to manufacture a
finished product. In an ERP system, data from it is often used to trigger
inventory deductions and to add the finished product to inventory.
Bill presentation and Web-based software that automatically displays bills and invoices for
payment customers. The payment side accepts various forms of payment including
credit cards and electronic checks. Generally run as a Web service.
Binary data A collection of ones and zeros called bits. Computer processors operate only
on binary data. All data forms are first converted to binary.
Biometrics A field of study that is trying to determine how to identify people based on
biological characteristics. The most common devices are fingerprint and
handprint readers.
Bit The smallest unit of data in a computer. All data is converted to bits or binary
data. Each bit can be in one of two states: on or off. Bits are generally
aggregated into collections called a byte.
Bitmap image A method of storing images. The picture is converted to individual dots that
are stored as bits. Once a picture is stored in bitmap form, it is difficult to
resize. However, bitmaps are good for displaying photographic images with
subtle colour shading.
Blog Web log. Say it fast and you can hear the abbreviation. A special type of Web
site with software that makes it easy for a user to enter comments. Typically
used as a daily journal.
Bluetooth A short-range wireless network technology invented by IBM. It is most
commonly used for cell-phone devices such as headsets. The data transmits a
1 mbps up to 32 feet. It is one of the few network protocols to automatically
encrypt the data. Newer versions offer higher data rates.
Board of directors A group of people paid to oversee and evaluate the decisions of the company.
Technically the CEO reports to the board of directors, but they are charged
23
more with reviewing the CEO’s decisions. Most boards have the authority to
remove a CEO, but many board members are selected by the CEO.
Boolean search Searching for data by using the logic operators AND, OR, and NOT
conditions in a WHERE statement; for example, find a list of customers
where city = “Detroit” and age > 50 and do not own a car.
Bottom-up An approach to designing and building systems in which workers build
development system components to solve each problem as it arises. Eventually the pieces
are combined to create an integrated system. The method relies on standards
and controls to facilitate cooperation and integration. See also top-down
development.
Brainstorming A group technique in which each individual is asked to come up with possible
suggestions to a problem. Any ideas are useful, regardless of how wild they
are. Even fanciful ideas could stimulate someone else to improve it or to
explore a related area.
Break (report) A report that organises output by sections that are based on the data values.
Common business examples include reports by customer or employee, where
data for each person is displayed in a group.
Break footer The section of a break or group report that displays subtotals for the data
within the group. See also break.
Break header The section of a break or group report that displays the column headings for
the data within the group. See also break.
Bring your own Shorthand for employees using personal tablets and cell phones instead of
device (BYOD) company-provided tools. Some companies banned the practice because the
loss of corporate control raises the risk that employees will using insecure or
infected devices to access company data.
Broadcasts A technique of transmitting messages using radio, micro, or infrared waves.
Broadcast messages are sent to all devices in a certain area. Others in the
vicinity can also receive the messages.
Browser A software tool that converts World Wide Web data into a graphical page
with hypertext links. Using standard (HTML) commands, companies can
offer data
23
and additional links to users. Users simply click on individual words and
pictures to retrieve additional data and move to other network sites.
Brute force An attack on encrypted data that attempts to use every possible key. Can be
stopped by using very long keys. For example, using a key or password of
only three letters means there are only 26*26*26=17,576 possible values.
Even a slow computer can test all combinations in a few seconds.
Bulletin board Similar to a typical bulletin board, except that people access it from
system (BBS) computers. The BBS enables users to store comments, pictures, and files for
other people to retrieve. Bulletin boards are usually organised by topics and
can be searched for specific phrases or comments. They are a useful way to
disseminate information that is of interest to many different people.
Bus Most computers have special slots called a bus to provide high-speed
connections to other devices. Various manufacturers make boards that fit into
these slots. The processor can exchange data with these other devices, but
performance is sometimes constrained by the design of the bus.
Bus network A network organising scheme in which each computer is attached to a
common transmission medium. Protocols are needed to determine when a
machine can transmit and to recover from collisions.
Business process Also see workflow software. The concept that business actions have to be
management (BPM) performed in a specific sequence. Managing the process entails finding
efficiencies through automating or reordering. For example, purchasing
expensive items requires discussions and approvals by a variety of managers.
Business to business Business-to-business electronic commerce; sales by suppliers to other
(B2B) businesses over the internet; often long-term relationships. See B2C and EDI.
Business to Business-to-consumer electronic commerce; purchases by individual
consumer (B2C) consumers similar to traditional mail-order systems, but conducted on secure
Web sites over the internet.
Byte A collection of bits. Traditionally, 8 bits make up one byte. From binary
arithmetic, an 8-bit byte can hold 2 to the 8th power, or 256, possible
numbers. In many systems a byte is used to hold one character.
23
C A powerful programming language that is flexible and creates efficient code.
A language commonly used to build complex applications and to create
commercial software products.
C++ An object-oriented extension of the C programming language. It is commonly
used to build commercial software. It produces efficient code and supports
the development of reusable objects.
Cable modem An internet connection device that translates local area network protocols to
run over a television cable line. It can provide transmission speeds around 1.5
Mbps. But the communication line is shared with other users.
Cache A buffer between the processor and a slower device such as a printer, disk
drive, or memory chips. The cache generally consists of high-speed memory.
Data is transferred in bulk to the cache. It is then pulled out as it is needed,
freeing up the processor to work on other jobs instead of waiting for the
slower device to finish.
CAN-SPAM Act The U.S. Act that makes it illegal to send commercial e-mail messages to
people who do not want to receive them. For business, the key is that it makes
e-mail messages legal, as long as all of the rules are followed.
Capability maturity A system designed at the Carnegie Mellon Software Engineering Institute to
model integration help organisations improve their software development processes. A key
(CMMI) element is to work toward a formal development model that is measurable
and is continually upgraded. The CMMI system is an upgrade of the older
CMM process.
Carrier-Sense, A communications protocol that determines how computers will behave on a
Multiple-Access/ shared-medium network. Ethernet protocols rely on CSMA/CD. Other
Collision Detection alternatives are Token Ring and packet switching.
(CSMA/CD)
Case-based An expert system approach that records information in the form of situations
reasoning and cases. Users search for cases similar to their current problem and adapt
the original solution.
23
Catalogue A software tool that holds product descriptions, images, and prices to
management system simplify changing and uploading data to a Web site. It makes it easier to track
thousands of products to ensure the Web site data is correct.
CD-ROM Compact disk-read only memory. Data is stored and retrieved with a laser. A
special machine is required to create data on a CD-ROM. Used to hold data
that does not change very often. Useful for multimedia applications because a
disk can hold about 650 megabytes of data. The format used to store music
CDs.
Centralisation A business scheme for performing most operations and making management
decisions from one location in an organisation. MIS organisation can be
examined in four areas: hardware, software, data, and personnel. See also
decentralisation.
Certificate authority Dual-key encryption and authentication require that the public key be
(CA) published and available to others. A certificate authority is an organisation
that validates the owner’s identity, issues the keys, and runs the public
directory. Almost anyone can run the software to be a CA, but others must
trust that host.
Certifications Vendors provide exams to test workers in their specific technologies and
offer a certificate so that potential employers can be sure that job applicants
possess a defined level of knowledge. Common certifications include Cisco
(networks) and Microsoft (server administration and development). The
industry constantly argues over whether certifications have value.
Change agents Objects or people who cause or facilitate changes. Sometimes the change
agent might be a new employee who brings fresh ideas; other times change
can be mandated by top-level management. Sometimes an outside event such
as a competitor or a hurricane forces an organisation to change.
Change drivers Concepts or products that have altered the way businesses operate. Classic
examples include bar code scanners in retail stores, handheld miniterminals
or notebooks by delivery firms and salespeople, and reservation systems by
travel and entertainment industries.
Charge-back system A scheme for charging other internal departments for services. For example,
23
some firms charge departments a fee based on how often they use the central
23
computer. The goal is to ration a limited resource by avoiding free use and to
provide a lever for user departments to hold MIS accountable.
Chart of accounts A listing of all the accounts and subaccounts in the general ledger. It must be
defined ahead of time for each business.
Check in A step in version control systems. When a user is finished making changes to
a file, the user checks in the file to the repository to make it fully available to
other users. The user must first check out the file.
Check out A step in version control systems. A user checks out a file or document to
indicate that changes will be made. To prevent concurrency problems, the
document is usually locked so that others cannot make changes at the same
time. When finished, the user checks in the file.
Chief executive The head of a company. The person ultimately responsible for setting the
officer (CEO) direction and policies of the firm. Usually the CEO is also the chairperson of
the board of directors.
Chief information The person who is in charge of the MIS organisation within a firm, charged
officer (CIO) with overseeing operations, setting MIS priorities, and being a top-level
advocate for MIS. Also develops and supports strategy for the firm.
Circular reference In a spreadsheet, a set of cells that eventually refer to each other. In the simplest
example, cell A1 would use values stored in cell A2, but cell A2 uses the
value stored in A1. This technique is sometimes used to create an iterative
solution to a model.
Classes Base descriptions of objects. Technically, classes describe generic attributes
and methods. Objects are a specific instance of a class.
Click-through rate Used in Web advertising, the percentage of people viewing an online ad who
actually click it to see the details on the advertised product or service. By
2000, the average click-through rates had declined to less than 1 percent. But
it is not necessarily a good measure of advertising effectiveness.
Client-server A network configuration in which a few machines are used as file servers and
network the others (clients) are independent workstations. Shared data is first sent to a
file server where it can be examined or transferred by another client.
23
Client-server A method of organising the MIS function so that some operations are
organisation centralised while others are decentralised. The client-server model separates
all of the components into two categories: servers or clients. The functions
associated with the server tend to be centralised, whereas the client
components and tasks are dispersed among the users.
Clip art Artwork created and sold to be used by no artists. Hundreds of collections are
available of people, places, buildings, and other objects. Clip art images are
often used to create presentations and illustrate reports.
Clipboard The method used to transfer data between software packages in windows-
oriented operating environments. All objects that are cut or copied are placed
onto the clipboard, ready to be pasted to another location or another package.
Clipboard viewers exist to show the current contents of the clipboard. Some
software systems allow a clipboard to hold several cuttings. Many
automatically delete the older cuts—keeping only the most recent.
Clipper chip An encryption method created by the U.S. top-secret National Security
Agency (NSA). It uses a secret algorithm to encrypt and decrypt digital
messages. It was particularly designed for digital voice communication. Its
key feature is the use of two escrow keys assigned to each chip. If the police
decide they want to listen to a conversation between two suspects, they can
get a court order, collect the escrow keys, and instantly decrypt the call.
Closed loop A system or piece of computer code in which every step in a control
mechanism is contained inside the system and does not utilise external input.
See also feedback.
Closed system A system that is entirely self-contained and does not respond to changes in
the environment. Most closed systems eventually fail due to entropy.
Cloud computing The process of running the main part of an application on servers on the
Internet. The servers are generally scalable and provide redundancy. Cloud
services available to the public are usually charged on some type of per-use
fee basis so firms can buy the level of computing.
23
CMYK Cyan-Magenta-Yellow-Key (black). A colour model used in the printing
world to precisely define colours. Colours can be expressed by specifying the
percentage needed of each of the primary colours. See also RGB.
Coaxial cable A cable used to transmit data. Cable television is a widespread application.
The inner cable is surrounded by a plastic insulator, which is surrounded by a
wire mesh conductor and an outer casing. The wire mesh insulates the
internal signal wire from external interference.
Cold site A facility that can be leased from a disaster backup specialist. A cold site
contains power and telecommunication lines but no computer. In the event of
a disaster, a company calls the computer vendor and begs for the first
available machine to be sent to the cold site.
Collision In networks, a collision arises when two computers attempt to broadcast
messages at the same time. The network protocols need to identify the
situation and determine which machine will go first.
Co-location Installing your computer or network equipment in another’s facilities to
obtain access to high-speed data communication lines. You pay a fee for use
of the facilities, power, cooling, and network usage.
Column A vertical part of a table that holds data for one attribute of an entity in a
database or spreadsheet. For example, a table to describe automobiles will
have columns for make, model, and colour.
Command-line A method of controlling the computer by typing commands. The user must
interface generally memorise specific commands. Older machines still use them
because GUI systems require too much overhead. Some people prefer
command lines, because it is faster to type one or two commands than to
manipulate an image on the screen.
Commerce server A software system that runs an e-commerce Web server. It handles the product
catalogue, searching, a shopping cart, and the payment mechanism. Several
vendors sell versions to be run on your own server, or you can lease space on
a hosting company.
23
Commercial off-the- Purchased software for building applications. Relatively popular because it is
shelf software faster than building from scratch.
(COTS)
Common Business- An early programming language designed to handle typical transaction-
Oriented Language processing tasks. Its death has been predicted for years, but it is hard to throw
(COBOL) away billions of lines of code.
Common Object A model largely developed in the UNIX community that will enable objects
Request Broker to communicate with each other across networks. In particular, it is designed
Architecture to enable users to combine different data types from various software vendors
(CORBA) into a single compound document. The data could reside on any server on the
network.
Competitive Something that makes your company better or stronger than your rivals.
advantage Examples include lower costs, higher quality, strong ties to loyal customers,
and control over distribution channels.
Composite key In defining a database table, each table must have a primary key. When the
primary key consists of more than one column, it is referred to as a composite
key. The business relationship between the multiple columns are many-to-
many.
Compound A document that incorporates different types of data: text, graphics, sound,
document and video. The different objects might be transmitted across a network to be
included in a final document.
Computer-aided Programmes that are used to create engineering drawings. CAD programmes
design (CAD) make it easy to modify drawings. They also make it easier to keep track of
material specifications. They can perform spatial and engineering estimates
on the designs, such as surface or volume calculations.
Computer-aided Computer programmes that are designed to support the analysis and
software engineering development of computer systems. They make it easier to create, store, and
(CASE ) share diagrams and data definitions. Some versions even generate code. There
are two categories of CASE tools: software development and maintenance of
existing systems.
24
Computer-integrated Using a computer to control most of the production equipment in a
manufacturing (CIM) manufacturing environment. The computer can monitor the production
statistics. It is also used to set individual machine controls.
Computer ethics The concept that all of us have an obligation with respect to data. For
example, managers have a responsibility to customers to protect personal
data, to collect only data that is truly needed, and to give customers the ability
to correct errors in personal data.
Computer See management information system (MIS).
information system
(CIS)
Composite key In relational databases, a key that consists of more than one column. The
columns are combined to yield a unique primary key.
Concurrency A situation that arises when applications attempt to modify the same piece of
data at the same time. If two people are allowed to make changes to the same
piece of data, the computer system must control the order in which it
processes the two requests. Mixing the two tasks will result in the wrong data
being stored in the computer.
Content management Changing text and images on a Web site can be challenging, particularly with
system thousands of pages and hundreds of contributors. Contributors can write
changes in simple text format to a content management system which then
formats and uploads the data to the Web site automatically.
Context diagram The top level of a data flow diagram that acts as a title page and displays the
boundaries of the system and displays the external entities that interact with
the system.
Continuous quality The concept that any process can be improved by continually evaluating the
improvement system and making adjustments and refinements. The concept is also applied
to service processes, but relies on a measurable performance objective.
Converge The ability of an iterative model to stabilise on a fixed solution. The
alternative is that values continually increase and never reach a solution.
Conversion rate A Web marketing concept that indicates the percentage of people visiting a
Web site who actually purchase an item. Higher values are better for the
24
company and indicate that the campaign and site are functioning properly to
attract shoppers.
Cookies Small text files that a Web server sends to client computers. When the user
returns to a site, the browser automatically returns the cookie file. Servers use
them to keep track of transactions—so they know when the same user has
returned. Marketers have used them to track individual users on the Web.
Copyright A legal ownership right granted to the creators of intellectual property. All
works are automatically copyrighted. Registering with the copyright office is
not required but grants additional protection to the owner.
Cost per click (CPC) A Web marketing term that indicates the fee to be paid to a marketing site (such
as Google) for every click made by a potential customer.
Cost per thousand A marketing term from the print industry that indicates the fee to be paid to a
(CPM) marketing site (such as Double-click/Google) for every thousand displays of a
banner ad. The fee is paid regardless of whether a user clicks on the ad.
Critical success A limited number of concrete goals that must be met for the organisation to
factors be successful. Identifying these key factors helps determine the strategic
directions and highlights the areas that can benefit from improved
information systems.
Crowd funding A method of obtaining start-up money for a company. The objective is to
obtain small amounts of money from thousands of people/small investors. In
2014, the SEC relaxed investing rules to allow more direct versions of
financing. Otherwise, companies on sites such as Kick starter relied on
promising people early prototypes or products in exchange for initial funding.
Customer A system for tracking and integrating all customer data. Salespeople,
relationship managers, and clerks all have access to the same data, so everyone has the
management (CRM) same consolidated view of all customer interactions.
Cut, copy, paste A common mechanism used to transfer and link data between different
software packages. The data to be transferred is marked. When it is cut or
copied, it is placed on the clipboard. Switching to the second package, the
object is pasted into the appropriate location. Dynamic and static links are
24
specified through options in the “paste special” menu. With the cut option,
the original object is deleted. With copy, the original is unchanged.
Data Consists of factual elements (or opinions or comments) that describe some
object or event. Data can be thought of as raw numbers or text.
Data administrator MIS manager who is charged with overseeing all of the data definitions and
data standards for the company to ensure that applications can share data
throughout the company.
Data dictionary Contains all of the information to explain the terms used to define a system.
Often includes report descriptions, business rules, and security
considerations.
Data encryption An older method of encrypting data that was commonly used by financial
standard (DES) institutions. With current computer capabilities that can break a DES-
encrypted message, DES is no longer considered a secure encryption system.
Data flow diagram A diagramming technique used to analyse and design systems. It shows how
(DFD) a system is divided into subsystems and highlights the ¬flow of data between
the processes and subsystems. It displays processes, external entities, files,
data flows, and control flows.
Data independence Separating programmes from their data definition and storage. The main
advantage is that it is possible to change the data without having to change
the programmes.
Data integrity (1) A concept that implies data is as accurate as possible. It means the
database contains few errors. (2) Keeping data accurate and correct as it is
gathered and stored in the computer system.
Data mart A small version of a data warehouse. A database designed to hold concise
collections of data for retrieval and analysis by managers.
Data mining An automated system that examines data for patterns and relationships. It is
partly based on statistics, but also searches for more specific associations.
The results are not always applicable to other situations.
Data mirroring The ultimate backup technique where all data that is stored on one machine is
automatically transferred and stored on a second computer. Useful to prevent
loss of data and recover from disasters—particularly when the second
24
computer is located many miles away.
24
Data store A file or place where data is stored. In a realistic setting, a data store could be
a computer file, a file cabinet, or even a reference book.
Data types To humans, there are four basic types of data: text and numbers, images,
sound, and video. Each data type must be converted to binary form for
computer processing.
Data warehouse A single consolidation point for enterprise data from diverse production
systems. The data is typically stored in one large file server or a central
computer. Because legacy systems are difficult to replace, some data is
copied into a data warehouse, where it is available for management queries
and analysis.
Database A collection of related data that can be retrieved easily and processed by
computers; a collection of data tables.
Database (1) A person appointed to manage the databases for the firm. The DBA needs
administrator (DBA) to know the technical details of the DBMS and the computer system. The
DBA also needs to understand the business operations of the firm. (2) A
management person in the MIS department charged with defining and
maintaining the corporate databases. Maintaining data integrity is a key
Database component of the job. Software that defines a database, stores the data,
management system supports a query language, produces reports, and creates data-entry screens.
(DBMS)
Decentralisation Moving the major operations and decisions out to lower levels within the firm.
In MIS, decentralisation has largely been led by the declinicdation.
Decision biases Without models and careful analysis, decisions made by people tend to be
biased. There are several biases in each of the four systems categories: data
acquisition, processing, output, and feedback.
Decision process The steps required to make a decision. It includes problem identification,
research, specification of choices, and the final selection. Midlevel managers
are often involved in the initial stages and affect the outcome, even though
they may not make the final decision.
24
Decision support System to use data collected by transaction-processing systems to evaluate
system (DSS) business models and assist managers in making tactical decisions. There are
three major components: data collection, analysis of models, and
presentation.
Decision tree A graphical representation of logic rules. Each possible answer to a question
or situation leads to a new branch of the tree.
Default value A value that is automatically displayed by the computer. Users can often
override the default by deleting the old value and entering a new one. The
goal is to choose a value that will almost always be entered, so the user can
skip that item.
Dehumanisation Some people feel that technology isolates people and decreases our contact
with other members of society. Treating people as identification numbers and
summary statistics can lead managers to forget the human consequences of
their decisions.
Denial of Service Preventing legitimate users access to systems and networks. A common
(DoS) Internet trick is to force thousands of zombie computers to flood a server with
millions of meaningless messages—preventing anyone else from using the
system.
Descriptive model A model that is defined in words and perhaps pictures. Relationships between
objects and variables tend to be subjective. Useful for an initial understanding
of a system but difficult to evaluate by computer.
Desktop publishing The art of creating professional documents with personal computers and
(DTP) small laser printers. Beyond basic word processing, DTP software provides
controls to standardise pages, improve the page layout, and establish styles.
Detail section The section in a report that is repeated for every row in the associated tables.
It is often used for itemised values, whereas group and page footers are used
for subtotals.
Device drivers Small software modules that provide the interface from an operating system
to a hardware device. Manufacturers improve and rewrite their device drives,
so you should periodically update your system to obtain the newer drivers.
Diagnostic situations Spotting problems, searching for the cause, and implementing corrections.
24
Examples include responding to exception reports to identify problems and
24
potential solutions, and determining why the latest marketing approach did
not perform as well as expected.
Dial-back modem A special modem placed on a central computer. When a user attempts to log
in, the dial-back modem breaks the connection and calls back a predefined
phone number. Its use minimises the threat of outsiders gaining access to the
central computer.
Digital cash An electronic version of money that is provided and verified by a trusted third
party. It consists of an encrypted number for a specified value that can only
be used one time. It provides for verifiable and anonymous purchases using
networks.
Digital certificate Part of an authentication mechanism used with dual-key encryption.
Companies that host servers need to encrypt transactions over the internet.
They purchase a digital certificate from a certificate authority and install it on
the web server. The client browser recognises the certificate key and encrypts
the data.
Digital dashboard A visual presentation of broad measures of current activity in an organisation.
The data is generally displayed as gauges, and the system must be customised
for each organisation. As part of an executive information system, managers
can drill down to get more data.
Digital divide The distance between those individuals or nations who have network
capabilities and those who do not. Despite declining costs, many people and
many nations cannot afford the hardware and software. If a large portion of
the economy moves online, it could alienate those who cannot afford the
network connection.
A combination of encryption and Internet validation for protecting vendor
copyrights to prevent unauthorized copying of digital content (software,
music,
Digital Rights books, movies, and so on).
Management (DRM)
Digital signature Any electronic signature technology that verifies the user. U.S. law now
recognises digital signatures as equivalent to handwritten ones. The most
secure system is to obtain a digital certificate from a public company that
24
verifies each person’s identity. But the IRS accepts a simple PIN issued by
the agency as a digital signature.
Digital subscriber A special phone service connection available to customers within 3 miles of
line (DSL) the phone company’s switch. It provides about 1 Mbps transmission speed for
Internet connections.
Digital A digital format primarily used for storing video and movies. However, it can
video/versatile disk also hold audio and traditional computer data. One side of the disk can hold
(DVD) over 3 gigabytes of data.
Direct sequence A network transmission protocol commonly used for wireless connections. It
spread spectrum subdivides the allocated frequency to send multiple packets at the same time.
(DSSS) Communication packets can shift frequencies at each time slot. By making
more efficient use of the spectrum, more data can be transmitted.
Disintermediation In an e-commerce context, using a Web-based system to skip over sections of
the production chain, such as manufacturers selling directly to consumers.
The approach can give the manufacturer a higher percentage of the sale price,
but risks alienating retailers, resulting in lost sales.
Distribution centre A central point in a supply chain where incoming bulk goods are split and
(DC) merged into multiple shipments to the final destination. For example, a
truckload of bread would be unloaded and individual boxes placed on other
trucks, along with other food items for distribution to a grocery store.
Distribution channel The layers of distributors in between the manufacturer and the final customer.
If a producer can gain control over this means of getting the product to the
consumers, the producer can prevent new rivals from entering the industry.
Improved communication systems offer the possibility of eroding control
over some distribution channels.
Diverge The property of an iterative model where successive computations keep
leading to larger values (in magnitude). The model never reaches a stable
solution. Generally due to insufficient or incorrect feedback mechanisms.
Documentation Descriptions of a system, its components, the data, and records of changes
made to the system.
24
Domain name A set of computers on the Internet that converts mnemonic names into
system (DNS) numeric Internet addresses. The names are easier for humans to remember,
but the computers rely on the numeric addresses.
Download To transfer files from a remote computer to a local computer (usually a
personal computer). See also upload.
Drill down To use an information system to get increasingly detailed data about a
company. In an enterprise information system, the ability to look at overall
company data, and then select breakdowns by regions, departments, or
smaller levels.
Dot-com Abbreviation given to the many internet firms formed in the late 1990s
because their internet names ended with the .com suffix. For a couple of
years, having a dot-com name was prestigious and attracted funding. When
hundreds of these firms failed in 2000 and 2001, they became known as dot-
bombs.
Dots per inch (dpi) A measure of the resolution of devices including printers and displays. Higher
values representing more dots per inch provide more detailed images and text.
Some people use the term pixels (ppi) instead of dots.
Drill down The action in a data analysis package or executive information system where
the user clicks a link to obtain more detail about a specific situation. See also
roll up.
Dual-key encryption A method of encrypting a message that requires two keys: one to encrypt and
one to decrypt. One of the keys is a public key that is available to anyone.
The other key is private and must never be revealed to other people. RSA is a
popular dual-key encryption system. Dual-key systems can also be used to
authenticate the users.
Dynamic data (DHCP)
exchange
Dynamic host
control protocol
25
An early standard internet method for assigning internet addresses to a computer. A
method of DHCP server is given a database with a range of IP addresses and it assigns
linking data an unused number to a computer when it requests one on start-up. The
from process
multiple
sources with
the windows
operating
system. The
software
packages
literally
send
messages to
other
software
packages,
which
enables
them to
combine
and update
data. See
also
dynamic
integration
as well as
Object
Linking and
Embedding
(OLE).
The
25
means that IP addresses on specific computers can change over time unless
the computer is allocated a static address in the database.
Dynamic integration A means of linking data from multiple documents. One compound document
(or container) can hold data objects created by other software. As the original
data is changed, it is automatically updated in the container document. See
also static integration.
e-B usiness Electronic business. The process of conducting any type of business over the
internet. It includes all forms of e-commerce and m-commerce, as well as
internal processes and web services.
e-C ommerce (EC) Electronic commerce. The process of selling items over the internet. The most
familiar form is business-to-consumer, but it includes business-to-business
and auction sites like eBay.
e-Discovery Electronic discovery. In legal cases, a request for all electronic data—
particularly e-mail communications, but might also include accounting or
other data from any computer system. Companies establish policies to define
storage life and destruction policies to ensure old data is deleted
automatically from systems.
E-mail Electronic mail, or messages that are transmitted from one computer user to
another. Networks transfer messages between the computers. Users can send
or retrieve messages at any time. The computer holds the message until the
recipient checks in.
EBCDIC: Extended A method of numbering characters so that they can be processed by machines.
Binary Coded Used exclusively by large IBM and compatible computers. See also ASCII.
Decimal Interchange
Code
Economies of scale The concept from economics that larger firms can obtain significantly lower
average costs because of their size (scale). Particularly important in networks
where high fixed costs of fibre installation are recovered at scale with huge
bandwidth values. These economies drive cloud computing making it
profitable for a few huge firms to rent out servers and networks.
25
Electronic data Exchanging transaction data with entities outside the control of your firm.
interchange (EDI) Private connections can be established directly between two firms. Public
networks are also being formed where one provider collects data and routes it
to the appropriate client.
Encryption A method of modifying the original information according to some code, so
that it can be read only if the user knows the decryption key. It is used to
safely transmit data between computers.
End-user Managers and workers are to develop their own small systems using database
development management systems, spreadsheets, and other high-level tools.
Enterprise network A network that connects multiple sub networks across an entire firm. Often,
the networks use different protocols and different computer types, which
complicates transmitting messages.
Enterprise resource An integrated computer system running on top of a DBMS. It is designed to
planning (ERP) collect and organise data from all operations in an organisation. Existing
systems are strong in accounting, purchasing, and HRM.
Entrepreneurship The act of creating and organising a business. Generally, an entrepreneur
takes the risks to create a new business in search of a profit.
Ergonomics The study of how machines can be made to fit humans better. One of the
main conclusions of this research in the computer area is that individuals need
to be able to adjust input (and output) devices to their own preferences.
Escrow key In an encryption system, it is a special key that can be used by government
officials to decrypt a secret conversation. The Clipper chip uses escrow keys.
Ethernet A network communications protocol that specifies how machines will
exchange data. It uses a broadcast system in which one machine transmits its
message on the communication medium. The other machines listen for
messages directed to them.
Ethics The concept that various elements of society have obligations to the others. In
IT, it focuses on the roles of users, developers, and vendors.
Event-driven A user-interface approach where the user controls the sequence or operations
approach and the software responds to these events. Events can range from a simple
key- press to a voice command. Modern, window-based software does not
25
follow a
25
sequential process. Instead, actions by users generate events. The
programmes respond to these events and alter data or offer additional choices.
Typical events include mouse clicks pointing to items on the screen,
keystrokes, changes to values, or transmissions from other systems.
Exabyte A count of the number of bytes one step above petabyte and one below
zettabyte. The new IEC definition uses exbibyte for binary data and exabyte
only for decimal data which is 1018.
Exbibyte The new IEC definition for binary-based counting instead of exabyte. The
binary version is 260. Technically 2 raised to the 60th power or
1024*1024*1024*1024*1024*1024 (6 times).
Exception report Report that is triggered by some event to signify a condition that is unusual
and needs to be handled immediately.
Executive A type of decision support system that collects, analyses, and presents data in
information system a format that is easy to use by top executives. To achieve this objective, the
(EIS) EIS is based on a model of the entire company. In most cases the model is
presented graphically and the executives retrieve information by pointing to
objects on the screen.
Exhaustive testing Testing every possible combination of inputs to search for errors. Generally
not a feasible option, so most computer systems will always contain errors.
Expert system (ES) System with the goal of helping a novice achieve the same results as an expert.
They can handle ill-structured and missing data. Current expert systems can
be applied only to narrowly defined problems. Diagnostic problems are
common applications for expert systems.
Expert system shell A programme that provides a way to collect data, enter rules, talk to users,
present results, and evaluate the rules for an expert system.
Export An older method of exchanging data among various software packages. One
package exports the data by storing it in a format that can be read by other
software. Object Linking and Embedding is a more powerful way to
exchange data.
25
Extensible business A specific XML style for reporting financial data in a standard way.
reporting language Predefined tags are used to mark the financial data to make it easier for
(XBRL) computers to extract and compare data from diverse companies.
Extensible markup A tag-based notation system that is used to assign names and structure to
language (XML) data. It was mainly designed for transferring data among diverse systems.
External agents Entities that are outside the direct control of your company. Typical external
agents are customers, suppliers, rivals, and governments. Competitive
advantages can be found by producing better-quality items or services at a
lower cost than your rivals. Also, many firms have strengthened their
positions by building closer ties with their suppliers and customers.
External entity Objects outside the boundary of a system that communicate with the system.
Common business examples include suppliers, customers, government
agencies, and management.
Extraction, The process in data warehouses that involves taking data from existing
transformation, and systems, cleaning it up, and moving it into the data warehouse.
loading (ETL)
Extranet A network configured to give certain outsiders, usually customers and
suppliers, limited access to data using web-based systems.
Extreme A new version of development loosely based on prototyping. Pairs of
programming (XP) developers rapidly build and simultaneously test applications. The goal is to
build releases and then modify them to meet the changing needs of the users.
Facsimile (Fax) A combination scanner, transmitter, and receiver that digitises an image,
compresses it, and transmits it over phone lines to another facsimile machine.
Fault tolerance The ability of a computer or a system to continue functioning properly even if
some of the components fail. Fault-tolerant machines rely on duplication of
subsystems with continuous monitoring and automatic maintenance calls.
Feasibility study A quick examination of the problems, goals, and expected costs of a proposed
system. The objective is to determine whether the problem can reasonably be
solved with a computer system.
25
Feedback Well-designed systems have controls that monitor how well they meet their
goals. The information measuring the goals and providing control to the
system is known as feedback.
Fibre optic cable A thin glass or plastic cable that is internally reflective. It carries a light wave
for extended distances and around corners.
File server Computer on a network that is used to hold data and programme files for
users to share. To be effective, it should use a multitasking operating system.
File transfer protocol A standard method of transferring files on the internet. If you control a
(FTP) computer, you can give other users access to specific files on your computer
without having to provide an account and password for every possible user.
Firewall A small, fast network computer device that examines every packet entering a
company. Rules or filters can be created that will reject certain packets that
are known to be dangerous to the network.
First mover In a model of rivalry, the firm that takes the initial action. Sometimes the first
mover gets a benefit by setting the strategy and the market. But the costs are
often higher because the technology is newer. Games such as chess recognise
that the first mover has a slight benefit.
Five Forces model Michael Porter’s model used to search for competitive advantage. The Five
Forces are: rivals, customers, suppliers, potential competitors, and substitute
products.
Floating point The number of mathematical calculations a processor can perform in one
operations per second. Typically measured in millions (mega-FLOPS) or billions (giga-
second (FLOPS) FLOPS). Bigger numbers represent faster processors.
Flow chart An old pictorial method for describing the logic of a computer programme. It
has largely been replaced by pseudo code.
Font size An important characteristic of text is its size. Size of type is typically
measured in points. For reference, a capital letter in a 72-point font will be
approximately 1 inch high.
Forward chaining In an expert system, the ES traces your rules from the data entry to a
recommendation. Forward chaining is used to display questions, perform
calculations, and apply rules.
25
Frame A related set of information that humans group together. Sometimes
groupings can be arbitrary. A concept used in discussing AI applications and
human cognition.
Frame relay A network communication system that uses variable-length packets. It is
useful for high-speed, large bursts of data. It is being used for long-distance
network communications.
Franchise A means of organising companies. Independent operators pay a franchise fee
to use the company name. They receive training and benefit from the name
and advertising of the parent company. They purchase supplies from the
parent company and follow the franchise rules.
Frequency division Supporting multiple communications at the same time by assigning a specific
multiplexing (FDM) frequency range to each participant. For example, television and radio
stations are assigned specific frequency ranges to avoid collisions.
Front-end processor A simple communications device for large central computers that accepted all
of the terminal wires and then assigned each user to an open communications
port on the computer. This device decreased the number of physical access
ports required on the computer.
Full duplex A method of transferring data, usually over phone lines, so that data is
transmitted in both directions simultaneously. In terms of speaker phones, it
means that people on both ends of a call can talk at the same time. With half
duplex, the initial speaker blocks others from talking.
Functions See methods.
Fuzzy logic A way of presenting and analysing logic problems that is designed to handle
subjective descriptions (e.g., hot and cold).
General ledger A collection of accounts that break financial data into specific categories.
Common categories include accounts receivable, accounts payable, inventory,
and cash.
Geographic Designed to identify and display relationships among business data and
information system locations. Used to display geographical relationships. Also used to plot
(GIS) delivery routes and create maps.
25
Gibibyte The IEC definition for billion in binary base 2 (230). It replaces the term
gigabyte which now is to be used for decimal billion.
Gigabyte Approximately 1 billion bytes of data. Technically, 2 raised to the 30th power
or 1024*1024*1024 (3 times). It is one step above megabyte and one below
terabyte.
Global positioning A system of 24 satellites created by the U.S. Department of Defence. The
system (GPS) civilian receivers will identify a location to within about a few feet. Used for
navigation, track vehicles, and plotting delivery routes.
Graphical user A system that is based on a graphics screen instead of simple text. Users
interface (GUI) perform tasks by clicking a mouse button on or manipulating objects on the
screen. For example, copies are made by dragging an item from one location
on the screen to another. Pronounced as “gooey.”
Grid computing A system that networks multiple computers so that they cooperatively process
the designated tasks, effectively functioning as a single computer.
Group breaks Reports are often broken into subsections so that data in each section is
grouped together by some common feature. For example, a sales report might
group items by department, with subtotals for each department.
Group decision A type of groupware that is designed to facilitate meetings and help groups
support system reach a decision. Each participant uses a networked computer to enter ideas
(GDSS) and comments. Votes can be recorded and analysed instantly. Comments and
discussion are automatically saved for further study.
Groupware Software designed to assist teams of workers. There are four basic types:
communication, workflow, meeting, and scheduling. The most common is
communication software that supports messages, bulletin boards, and data file
transfers and sharing.
Hacker Primarily used to indicate a person who devotes a great deal of time trying to
break into computer systems.
Hardware The physical equipment used in computing.
25
High-bandwidth The digital rights management technology created by the movie and
digital content television industries to make it more difficult for people to copy high-
protection (HDCP) definition TV signals. To play protected videos all of your equipment will
need to support the HDCP standard.
High-Definition Transmission of television signals in digital form. It provides clearer
Television (HDTV) reception. It also supports encrypted transmissions so that broadcasters can
control who receives the images. HDTV also supports compression, so that
more data (better pictures or more channels) can be transmitted in the same
frequency space.
Hot links See dynamic integration.
Hot site A facility that can be leased from a disaster backup specialist. A hot site
contains all the power, telecommunication facilities, and computers necessary
to run a company. In the event of a disaster, a company collects its backup
data tapes, notifies workers, and moves operations to the hot site.
Hub A network device used to connect several computers to a network.
Commonly used in a twisted-pair LAN. A cable runs from each computer’s
NIC to the hub. The hub is often connected to a router.
Hypertext markup The standard formatting system used to display pages on the internet. Special
language (HTML) tags (commands inside angle braces, e.g., <HTML>) provide formatting
capabilities. Several software packages automatically store text in this format,
so users do not have to memorise the tags.
Icon A small picture on a computer screen that is used to represent some object or
indicate a command. A classic example is the trash can used to delete files on
the Apple Macintosh.
Image A graphic representation that can be described by its resolution and the
number of colours. They can be stored as bit-mapped or vector images.
Import An older method of exchanging data among various software packages. Most
software (e.g., a database management system) can export or store data in a
text file format. Another software package (e.g., a spreadsheet) can import or
26
retrieve this data. Object Linking and Embedding is a more powerful way to
exchange data.
Inference engine Within an expert system, the inference engine applies new observations to the
knowledge base and analyses the rules to reach a conclusion.
Information Data that has been processed, organised, and integrated to provide insight.
The distinction between data and information is that information carries
meaning and is used to make decisions.
Information centre An MIS group responsible for supporting end users. It typically provides a help
desk to answer questions, programmers who provide access to corporate
databases, training classes, and network support people to install and maintain
networks.
Information rights A system to control exactly what each group can do with digital data,
management (IRM) including documents, music, and video files. A good IRM system can prevent
a document from being read by outsiders, even if the document is somehow
shipped outside the company’s computers.
Information system A collection of hardware, software, data, and people designed to collect,
process, and distribute data throughout an organisation.
Information The hardware and software used to create an information system. Sometimes
technology (IT) used as an abbreviation for management information systems.
Information threats There are two classes of threats to information: (1) physical, in the form of
disasters; and (2) logical, which consists of unauthorised disclosure,
unauthorised modification, and unauthorised withholding of data. The
primary source of danger lies with insiders: employees, ex-employees,
partners, or consultants.
Information warfare The use of information in a conflict setting. It includes protecting your own
(IW) information, providing misinformation to the enemy, and monitoring and
disrupting the enemy’s information.
Inheritance Creation or derivation of objects from other object classes. Each derived class
inherits the attributes and methods of the prior class. For example, a savings
account object can be derived from an account object. The savings account
26
object will automatically have the same attributes and methods. Attributes and
methods specific to the savings account can be added.
Initial public offering The step when firms first sell stock to the public. A method of raising additional
(IPO) funds and a major step for most start-up firms.
Input devices People do not deal very well with binary data, so all data forms must be
converted into binary form for the computer. Input devices—for example,
keyboards, microphones, and bar code readers—make the conversion.
Input-Process-Output A shorthand description of a subsystem. Each subsystem receives inputs and
performs some process. The output is passed to another subsystem.
Instant Messaging A two-way electronic communication in real time. Short comments that you
(IM) type are immediately displayed on the recipient’s screen. It generally requires
that both parties run the same software.
Integrated data The practice of combining data from different sources to make a decision.
Data can come from different departments throughout the business, and it can
come in many different forms. Networks, groupware, and products that
support dynamic linking are all useful tools to integrate data to make better
decisions.
Integrated Services A set of services, and a transmission and control system, offered by telephone
Digital Network companies. It uses complete digital transmission of signals to improve
(ISDN) transmission speed and quality.
Intellectual property As defined by copyright laws, the concept that property such as music, books,
software, and movies can be protected. The laws clearly define the owners of
the property and specify that the owners can establish any type of copy
protections they desire.
Internet A collection of computers loosely connected to exchange information
worldwide. Owners of the computers make files and information available to
other users. Common tools on the Internet include e-mail, ftp, telnet, and the
World Wide Web.
Internet Assigned The internet committee that is responsible for allocating IP address segments.
Numbers Authority It generally focuses on technical issues, manages the DNS root zone and
(IANA) coordinates the global numbering system.
26
Internet Corporation The internet committee founded in 1998 that coordinates the internet naming
for Assigned Names system. It is largely a political committee, formed within the United States,
and Numbers but with international membership, it discusses new top level domains,
(ICANN) internationalisation issues and so on.
Internet Engineering The primary technical committee that defines internet standards. It is
Task Force (IETF) responsible for standards such as router protocols and HTML.
Internet service A private company that provides connections to the internet. Individuals pay
provider (ISP) a fee to the ISP. The ISP pays a fee to a higher-level provider (e.g., NSP) to
pass all communications onto the internet.
Intranet A network within an organisation that utilises standard internet protocols and
services. Essentially, this includes web sites that are accessible only for
internal use.
Intrusion detection A software tool containing sensors and a set of rules that monitors network
system (IDS) traffic looking for attackers. Snort is a commonly-used tool for IDS because it
is freely available from the open-source community.
Intrusion prevention Similar to an IDS but more active. It uses software to monitor network
system (IPS) activity and a set of rules to indicate when an attack occurs. It then uses router
and system commands to shut down or delay access to attackers.
Iterative solution Building a model and evaluating it until the parameter values converge to a
fixed solution. Sometimes an iterative model will diverge and never reach an
acceptable solution. See also circular reference.
Intrusion detection A combination of hardware and software that monitors packets and
system (IDS) operations on the network and computers. It watches for suspicious patterns
that might indicate an attack.
Internet Protocol A set of standards that define how raw data is transmitted on the internet and
version 6 (IPv6) how machines are addressed. Version 6 contains several improvements to the
older version 4. For example, version 6 supports 128-bit addresses compared
with 32 bits in version 4. It will take several years for people to move to
version 6.
Joint application A method to reduce design time by putting everyone in development sessions
design (JAD) until the system is designed. Users, managers, and systems analysts
26
participate
26
in a series of intense meetings to design the inputs (data and screens) and
outputs (reports) needed by the new system.
Just-in-time (JIT) A production system that relies on suppliers delivering components just as
inventory they are needed in production, instead of relying on inventory stocks. JIT
requires close communication between manufacturers and suppliers.
Kerberos A security system created at MIT that enables systems to have a single sign-
on. Users log into the Kerberos server and other systems can validate the
user’s identity from that server. Much simpler than requiring users to log in
multiple times. Named after the hound that guards the gates of Hades (spelled
Cerberus in Latin).
Key performance A numerical measure that provides useful information about the current state
indicator (KPI) of the business. Many EIS tools exist to collect and display KPIs--including
gauges--but managers need to identify the values that are most useful.
Kilobyte Approximately one thousand bytes of data. Technically it is 2 to the tenth, or
1024. The next step up is megabyte.
Knowledge A higher level of understanding, including rules, patterns, and decisions.
Knowledge-based systems are built to automatically analyse data, identify
patterns, and recommend decisions.
Knowledge base Within an expert system, the knowledge base consists of basic data and a set
of rules.
Knowledge engineer A person who helps build an expert system by organising the data, devising the
rules, and entering the criteria into the expert system shell, trained to deal
with experts to derive the rules needed to create an expert system. The
engineer also converts the data and rules into the format needed by the expert
system.
Knowledge A system that stores information in the context of a set of decisions. It
Management (KM) contains cross-references and search methods to make it easy for workers to
understand how and why decisions were made.
Last mile The connection from an ISP to individual households and businesses. In
many cases, the most difficult connection to make because of the cost and
monopoly control. Most households are limited to a few choices: telephone
26
and cable TV.
26
Some technologies exist to run communications over power lines. The other
option is wireless.
Latency The delay between initiating an action and seeing a result. In
communications, it is the delay between sending a message and receiving a
reply. Often a problem with satellite connections because the signal must
travel huge distances.
Legacy system Information systems that were created over several years and are now crucial
to operating the company. They probably use older technology, and the
software is difficult to modify. However, replacing them is difficult and likely
to interfere with day-to-day operations. Any changes or new systems must be
able to work with the older components.
LIKE An SQL command used within a WHERE clause to search for patterns in
text. Two pattern-matching characters are used. A % (* in Access) matches
any characters. An _ (? in Access) matches exactly one character. For
example, WHERE Last Name LIKE ‘Jo*’, matches any last name beginning
with those two letters.
Limited liability A legal variation of organising a company. It protects the owners with the
company (LLC) same separation of funds offered to corporations, but because it does not
allow it to issue stock, the record keeping is somewhat easier.
Local area network A collection of personal computers within a small geographical area,
(LAN) connected by a network. All of the components are owned or controlled by
one company.
Magnetic hard drives Magnetic hard drives (or disk drives) consist of rigid platters that store data
with magnetic particles. Data is accessed by spinning the platters and moving
a drive head across the platters to access various tracks.
Magnetic ink A special typeface printed with ink containing magnetic ink. It can be read
character recognition rapidly and reliably by computers. Banks are the primary users of MICR.
(MICR) Checks are imprinted with MICR routing numbers. MICR readers are more
accurate than straight OCR because they pick up a stronger signal from
magnetic particles in the ink.
26
Mail filters Programmes that automatically read e-mail and sort the messages according
to whatever criteria the manager prefers. Junk mail can be discarded
automatically.
Malware A generic term used to describe software that does nasty things. It includes
viruses, Trojan Horses, spyware, and so on.
Management An MIS consists of five related components: hardware, software, people,
information system procedures, and databases. The goal of management information systems is to
(MIS) enable managers to make better decisions by providing quality information.
Manufacturing An integrated approach to manufacturing. Beginning with the desired
Resource Planning production levels, we work backward to determine the processing time,
(MRP II) materials, and labour needed at each step. These results generate schedules
and inventory needs. Sometimes known as a demand-pull system.
Market basket A data mining technique pioneered to see if two items are commonly
analysis purchased at the same time. Can also be used to identify any pairs of items
that are associated with each other.
Mass customisation The ability to modify the production line often enough to produce more
variations of the main product. The goal is to cover virtually all of the niche
markets.
Materials An early production system, where at each stage of production, we evaluate
requirements the usage of materials to determine the optimal inventory levels.
planning (MRP)
Mathematical model A model that is defined by mathematical equations. This format is easy to use
for forecasts and for simulation analyses on the computer. Be careful not to
confuse precision with accuracy. A model might forecast some value with
great precision (e.g., 15.9371), but the accuracy could be quite less (e.g.,
actual values between 12 and 18).
Mebibyte (MiB) An International Electrotechnical Commission (IEC) replacement for the term
megabyte. Mebibyte is base 2 (220), megabyte is for base 10 (106).
Media For transmissions, the means of connecting computers in a network. Common
methods include twisted-pair and coaxial cable; fibre-optic lines; and radio,
micro, and infrared waves.
26
Media access control The network protocol that governs how data bits are sent across a connection
(MAC) medium. Almost always implemented in a LAN card. It is most commonly
noticed when you need to control security based on physical cards—in which
case you need the MAC address that is uniquely assigned to every network
interface card.
Megabyte Loosely, 1 million bytes of data. Technically, it is 1,048,576 bytes of data,
which is 2 raised to the 20th power or 1024*1024. The next step up is
gigabyte.
Megaflops Millions of floating-point operations per second. A measure of the processor
speed, it counts the number of common arithmetical operations that can be
performed in one second.
Megahertz One million cycles per second, a measure of the clock chip in a computer,
which establishes how fast a processor can operate.
Menu tree A graphical depiction of the menu choices available to users in a system.
Metadata Describes the source data, and the transformation and integration steps, and
defines the way the database or data warehouse is organised.
Methods Descriptions of actions that an object can perform. For example, an employee
object could be hired, promoted, or released. Each of these functions would
necessitate changes in the employee attributes and in other objects. The
methods carry out these changes.
Microsecond One-millionth of a second. Few computer components are measured in
microseconds, but some electrical devices and controllers operate in that
range. One microsecond compared to one second is the same as comparing
one second to 11.6 days.
Million instructions A measure of computer processor speed. Higher numbers represent a faster
per second (MIPS) processor. However, different brands of processors use different instruction
sets, so numbers are not always comparable.
Millisecond One-thousandth of a second. Disk drives and some other input and output
devices perform operations measured in milliseconds. One millisecond
compared to one second is the same as comparing 1 second to 16.7 minutes.
26
Mirror drive A backup system where data is automatically written to a second disk drive.
If the primary drive fails, operations can be switched instantaneously to the
mirror drive.
Model A simplified, abstract representation of some real-world system. Some
models can be written as mathematical equations or graphs; others are
subjective descriptions. Models help managers visualise physical objects and
business processes. Information systems help you build models, evaluate
them, and organise and display the output.
Modem Modulator-demodulator. A device that converts computer signals into sounds
that can be transmitted (and received) across phone lines.
Morphing Digital conversion of one image into another. The term is an abbreviation of
metamorphosis. True morphing is done with digital video sequences, where
the computer modifies each frame until the image converts to a new form.
Motherboard The main board in a computer that contains sockets for the process and RAM.
It also contains an interface bus so that interface cards can be added to the
system.
Multimedia The combination of the four basic data types: text, sound, video, and images
(animation). In its broadest definition, multimedia encompasses virtually any
combination of data types. Today, it typically refers to the use of sound, text,
and video clips in digitised form that are controlled by the computer user.
Multitasking A feature of operating systems that enables you to run more than one task or
application at the same time. Technically, they do not run at exactly the same
time. The processor divides its time and works on several tasks at once.
Musical A collection of standards that define how musical instruments communicate
Instrument Data with each other. Sounds are stored by musical notation and are re-created by
Interchange synthesisers that play the notes.
(MIDI)
Nanosecond One-billionth of a second. Computer processors and memory chips operate at
times measured in nanoseconds. One nanosecond compared to 1 second is the
same as comparing 1 second to 31.7 years.
27
Natural language A human language used for communication with other humans, as opposed to
a computer programming language or some other artificial language created
for limited communication.
Near-field A very short range wireless communication method useful for touch less
communication payments because the short range makes it difficult to intercept the
(NFC) transmission or misidentify the sender. Typically a range of a few centimetres
with a relatively low bandwidth. Similar to RFID, but with a shorter range.
Network A set of items connected together. In MIS, it is typically a connection of
computers. And social networks are connections of people.
Network address A network configuration where internal computers use non-routable
translation (NAT) addresses (usually in the 10.0.0.0 range). When connecting to devices on the
internet, the boundary router temporarily assigns a real IP address and then
directs the incoming messages to the original computer by changing the
address within the packets.
Network attached A disk drive unit that stands alone and is connected to the high-speed local
storage (NAS) area network instead of directly to a single computer. Similar to a SAN but it
uses standard network connections and is accessible to any computer attached
to the network.
Network effect The concept that a network becomes more valuable and useful as the number
of participants increases. In social networks, larger networks attract more
people, enabling them to grow even larger.
Network interface The communication card that plugs into a computer and attaches to the
card (NIC) network communication medium. It translates computer commands into
network messages and server commands.
Network operating A special operating system installed on a file server, with portions loaded to
system (NOS) the client machines. It enables the machines to communicate and share files.
Network service A high-level internet service provider offering connections to ISPs. The NSP
provider (NSP) leases high-speed, high-capacity lines to handle the communication traffic
from hundreds of ISPs.
Neural network A collection of artificial neurons loosely designed to mimic the way the
human brain operates. Especially useful for tasks that involve pattern
27
recognition.
27
Neuron The fundamental cell of human brains and nerves. Each of these cells is
relatively simple, but there are approximately 100 million of them.
Newsgroups A set of electronic bulletin boards available on the internet. Postings are
continuously circulated around the network as people add comments.
Nondisclosure A written agreement where the signer agrees to keep certain information
agreement (NDA) confidential and not tell anyone. Commonly used by start-up companies to
keep basic technology, general operating practices, and marketing plans
secret.
Normalisation A set of rules for creating tables in a relational database. The primary rules
are that there can be no repeating elements and every non-key column must
depend on the whole key and nothing but the key. Roughly, it means that
each table should refer to only one object or concept.
Numbers One of the basic data types, similar to text on input and output. Attributes
include precision and a scaling factor that defines the true size or dimension
of the number.
Object A software description of some entity. It consists of attributes that describe
the object, and functions (or methods) that describe the actions that can be
taken by the object. Objects are generally related to other objects through an
object hierarchy.
Object hierarchy Objects are defined from other base objects. The new objects inherit the
properties and functions of the prior objects.
Object Linking and A standard created by Microsoft for its Windows operating system to create
Embedding (OLE) compound documents and dynamically link data objects from multiple
software packages. You begin with a compound document or container that
holds data from other software packages. These data objects can be edited
directly (embedded). Most OLE software also supports dynamic linking.
Object orientation An approach to systems and programming that classifies data as various
objects. Objects have attributes or properties that can be set by the
programmer or by users. Objects also have methods or functions that define
the actions they can take. Objects can be defined from other objects, so most
are derived from the four basic data types.
27
Object-oriented A database system specifically created to hold custom objects. Generally
DBMS supports developer-defined data types and hierarchical relationships.
Object-oriented The ultimate goal of the object-oriented approach is to build a set of reusable
design objects and procedures. The idea is that eventually, it should be possible to
create new systems or modify old ones simply by plugging in a new module
or modifying an existing object.
Object-oriented The process of writing software using sets of extensible objects. Programmers
programming (OOP) first create objects that encapsulate internal data structures with software
methods. New objects can be created by inheriting properties and methods
from more generic classes. A goal of OOP was to encourage reuse of objects
to reduce the time it takes to create new applications.
Offshoring The practice of sending jobs to an outside contractor located in a different
country.
One-to-many Some object or task that can be repeated. For instance, a customer can place
relationship many orders. In database normalisation, we search for one-to-many
relationships and split them into two tables.
Online analytical A computer system designed to help managers retrieve and analyse data. The
processing (OLAP) systems are optimised to rapidly integrate and retrieve data. The storage
system is generally incompatible with transaction processing, so it is stored in
a data warehouse.
Open operating An operating system that is supposed to be vendor neutral. It should run on
system hardware from several different vendors. When a buyer upgrades to a new
machine, the operating system and software should function the same as
before.
Online transaction A computer system designed to handle daily transactions. It is optimised to
processing (OLTP) record and protect multiple transactions. Because it is generally not
compatible with managerial retrieval of data, data is extracted from these
systems into a data warehouse.
Open source A method of creating software where the source code is released to the public
development and anyone can contribute to the project by writing sections of the code.
Usually one person takes the lead to control the integration changes and
27
planning for new releases. The Linux operating system initiated by Linus
Torvalds is a common example.
Open system An open system learns by altering itself as the environment changes.
Operating system A basic collection of software that handles jobs common to all users and
programmers. It is responsible for connecting the hardware devices, such as
terminals, disk drives, and printers. It also provides the environment for other
software, as well as the user interface that affects how people use the
machine.
Operations level Day-to-day operations and decisions. In a manufacturing firm, machine
settings, worker schedules, and maintenance requirements would represent
management decisions at the operations level. Information systems are used
at this level to collect data and perform well-defined computations.
Optical character The ability to convert images of characters (bitmaps) into computer text that
recognition (OCR) can be stored, searched, and edited. Software examines a picture and looks
for text. The software checks each line, deciphers one character at a time, and
stores the result as text.
Optimisation The use of models to search for the best solutions: minimising costs,
improving efficiency, or increasing profits.
Output devices Data stored in binary form on the computer must be converted to a format
people understand. Output devices—for example, display screens, printers,
and synthesisers—make the conversion.
Outsourcing The act of transferring ownership or management of MIS resources
(hardware, software and personnel) to an outside MIS specialist.
Packets Network messages are split into packets for transmission. Each packet
contains a destination and source address as well as a portion of the message.
Packet switching A communications protocol in which each message is placed into smaller
network packets. These packets contain a destination and source address. The packets
are switched (or routed) to the appropriate computer. With high-speed
switches, this protocol offers speeds in excess of 150 megabits per second.
Page footer Data that are placed at the bottom of each page in a report. Common items
include page totals and page numbers.
27
Page header Data that is placed at the top of every page in a report. Common items include
the report title, date, and column labels.
Parallel processing Using several processors in the same computer. Each processor can be assigned
different tasks, or jobs can be split into separate pieces and given to each
processor. There are a few massively parallel machines that utilise several
thousand processors.
Parameter Variables in a model that can be controlled or set by managers. They are used
to examine different situations or to tailor the model to fit a specific problem.
Patent Legal protection for products (and sometimes business processes). It grants
the owner sole right to sell or create modifications of the product for 20 years.
No one can create the same product unless approved by the patent owner.
Peer-to-peer A method of sharing data and information directly with colleagues and peers,
communication instead of transferring data through a shared central server.
Peer-to-peer network A network configuration in which each machine is considered to be an equal.
Messages and data are shared directly between individual computers. Each
machine continuously operates as both a client and a server.
Personal digital A small, portable handheld computer designed primarily to handle contacts,
assistant (PDA) schedules, e-mail, and short notes. Some models have more advanced
features to support documents, spreadsheets, photos, and music. A few have
wireless connections; others have to be synchronised with desktops to transfer
e-mail and update schedules. Replaced by smartphones.
Pebibyte The new IEC definition for quadrillion bytes in binary (250) denoted PiB. It
replaces the term petabyte which is now to be used for decimal values.
Technically 2 raised to the 50th power or 1024*1024*1024*1024*1024 (5
times).
Petabyte One quadrillion bytes of data. One step above terabyte and one below
exabyte. The new IEC definition uses pebibyte for binary data and petabyte
for decimal values or 1015.
Phased An implementation method that introduces the new system in phases or steps.
implementation One phase is completed before the next is undertaken. The pieces could be
software components, different divisions, different locations, or a similar
27
split.
27
Phishing Pronounced as fishing. The act of sending out false messages, typically
pretending to be from a bank, in an attempt to get users to provide usernames
and passwords to access sensitive systems. Almost any e-mail message
purportedly sent to you by a financial institution should be ignored. Anything
that does not include your name should be deleted immediately.
Photo-CD A standardised system created by Kodak to convert photographs to digital
(bitmap) form and store them on optical disks.
Pivot table A tool within Microsoft Excel used to extract and organise data. It enables
users to examine aggregated data and quickly see the accompanying detail.
Pixel Picture element, or a single dot on an image or video screen.
Podcast An audio message distributed via a web site designed for storage and
playback on an Apple iPod. But the term today includes almost any type of
audio file containing messages.
Point of sale (POS) A means of collecting data immediately when items are sold. Cash registers
system are actually data terminals that look up prices and instantly transmit sales data
to a central computer.
Polymorphism In an object design, different objects can have methods that have the same
name but operate slightly differently. For example, a checking account object
and a savings account object could each have a method called pay interest.
The checking account might pay interest monthly, whereas the savings
account pays it quarterly.
Portable document A file format often used on the internet. It can display documents with
format (PDF) detailed precision, including special fonts and shading. Defined by Adobe,
readers are freely available for many machines. Special software must be
purchased to create the files.
Precision (numeric) In computers, numeric precision represents the number of digits stored to the
right of the decimal point. So, 10.1234 is more precise than 10.12; however, it
is not necessarily more accurate. The original value might not have been
measured beyond two digits.
27
Prediction Model parameters can be estimated from prior data. Sample data is used to
forecast future changes based on the model.
Pretty good privacy A dual-key encryption system based on the Diffie-Hellman approach similar
(PGP) to RSA. Created by Philip Zimmermann and commonly used to encrypt e-
mail. Free copies for non-commercial use are still available from MIT.
Primary key A column or set of columns that contains data to uniquely identify each row
in a relational database table. For example, each customer must have a unique
identifier, possibly a phone number or an internally generated customer
number.
Privacy (1) The concept that people should be able to go about their lives without
constant surveillance, that personal information about people should not be
shared without their permission. (2) Collecting personal data only when you
have a legitimate use for it, allowing customers to correct and remove
personal data. Protecting confidential data so that it is not released to anyone.
Giving customers the option so that you do not sell or lease their personal
data.
Private key In a dual-key encryption system, the key that is protected by the owner and
never revealed. It is generally a very large number.
Problem boundary The line that identifies the primary components of the system that are creating
a specific problem. Subsystems inside the boundary can be modified to solve
the problem or enhance the system. Subsystems outside the boundary cannot
be altered at this time.
Procedures Instructions that help people use the systems. They include items such as user
manuals, documentation, and procedures to ensure that backups are made
regularly.
Process An activity that is part of a data flow diagram. Systems can be built to process
goods or to process data. Most information system work focuses on processes
that alter data.
Process control The use of computers to monitor and control the production machines and
robots. Production lines generally use many different machines, each
requiring several adjustments or settings. Computer control simplifies and
27
speeds the setup.
28
Process innovation Evaluating the entire firm to improve individual processes, and to search for
integrated solutions that will reduce costs, improve quality or boost sales to
gain a competitive advantage. See also reengineering.
Processor The heart of a computer. It carries out the instructions of the operating system
and the application programmes.
Product The ability to make your products appear different from those of your rivals,
differentiation thus attracting more customers. Information systems have been used to alter
products and provide new services.
Program logic Writing programme code requires defining the steps or logic that the
computer should follow to complete a task. A programme must also use the
correct words, symbols, and punctuation, known as syntax.
Properties See attributes.
Protect document A method of restricting changes to Microsoft Office files. A limited version of
information rights management that will allow people to read a document but
not make changes.
Protocols A set of definitions and standards that establish the communication links on a
network. Networks are often classified by their choice of protocol. Common
protocols include Ethernet, Token Ring, and TCP/IP.
Prototyping An iterative system design technique that takes advantage of high-level tools
to rapidly create working systems. The main objective of prototyping is to
create a working version of the system as quickly as possible, even if some
components are not included in the early versions.
Pseudocode A loosely structured method to describe the logic of a programme or outline a
system. It uses basic programming techniques but ignores issues of syntax
and relies on verbal descriptions.
Public key In a dual-key encryption system, the key that is given to the public. Each
person wishing to use dual-key encryption must have a different public key.
The key works only in tandem with the user’s private key.
28
Pure Internet plays Dot-com firms that have no direct tie to traditional business. Firms that make
all their revenue from internet sales or other internet firms. A popular concept
in 1999, but most pure internet firms failed in 2000 and 2001.
Quality of service Applied to network transmissions, a method of establishing a connection that
(QOS) ensures a specified level of speed and minimal delays. Part of the IPv6
specification but business facilities to use it have been slow to be developed.
Query by example A visual method of examining data stored in a relational database. You ask
(QBE) questions and examine the data by pointing to tables on the screen and filling
in templates.
Query system A method of retrieving data in a DBMS. It generally uses a formal process to
pose the questions (1) what columns should be displayed? (2) What
conditions are given? (3) What tables are involved? and (4) How are the
tables connected? See query by example and SQL.
Radio frequency Small, passive computer chips that are powered by radio waves. When
identification (RFID) triggered by a reader, the chip returns data stored in its memory by
modulating the radio signals. Readable range is limited to a few feet or less. If
price drops far enough, they might replace bar codes.
Random access High-speed memory chips that hold data for immediate processing. On most
memory (RAM) computers, data held in RAM is lost when the power is removed, so data must
be moved to secondary storage.
Rapid application The goal of building a system much faster than with traditional SDLC
development (RAD) methods. Using powerful tools (database management system, high-level
languages, graphical toolkits, and objects), highly trained programmers can
build systems in a matter of weeks or months. Using workgroups,
communication networks, and CASE tools, small teams can speed up the
Read Only Memory development and design steps. A type of memory on which data can be stored
(ROM) only one time. It can be read as often as needed but cannot be changed. ROM
keeps its data when power is removed, so it is used to hold certain core
programmes and system data that is rarely changed.
28
Really simple A technique used with blogs to automatically push new versions down to
syndication (RSS) subscribers. Users can configure a web browser to connect to a favourite
blogger. New versions are automatically displayed on the browser.
Reduced instruction When designing a RISC processor, the manufacturer deliberately limits the
set computer (RISC) number of circuits and instructions on the chip. The goal is to create a
processor that performs a few simple tasks very fast. More complex problems
are solved in software. Because RISC processors require fewer circuits, they
are easier to produce.
Redundant array of A system consisting of several smaller drives instead of one large drive.
independent Disks Large files are split into pieces stored on several different physical drives.
(RAID) The data pieces can be duplicated and stored in more than one location for
backup. RAID systems also provide faster access to the data, because each of
the drives can be searching through their part of the file at the same time.
Reengineering A complete reorganisation of a company. Beginning from scratch, you
identify goals along with the most efficient means of attaining those goals,
and create new processes that change the company to meet the new goals.
The term reengineering and its current usage were made popular in 1990 by
management consultants James Champy and Michael Hammer.
Relational database A database in which all data is stored in flat tables that meet the normalisation
rules. Tables are logically connected by matching columns of data. System
data—such as access rights, descriptions, and data definition—are also stored
in tables.
Repetitive stress An injury that occurs from repeating a stressful action. For instance, several
injury (RSI) people have complained that constant typing damages their wrists. Ergonomic
design, adjusting your work space, and taking breaks are common
recommendations to avoid repetitive stress.
Replay attack If an attacker captures a set of network transmissions, the attacker could
replay those same messages by sending them again to gain access to a server
or duplicate a financial transaction.
28
Replication The intentional process of duplicating data in a database so that it can be
transported and accessed in multiple locations. The DBMS has the ability to
synchronise data changes between the master copy and any replicas.
Report A printed summary or screen display that is produced on a regular basis by a
database management system. The main sections of a report are report
header, page header, group/break header, detail, group/break footer, page
footer, and report footer.
Request for proposal A list of specifications and questions sent to vendors asking them to propose
(RFP) (sell) a product that might fill those needs.
Requirements A key step in the development process where business analysts identify the
analysis primary goals and features of a proposed system.
Resolution The number of dots or pixels displayed per inch of horizontal or vertical
space. Input and output devices, as well as images and video, are measured by
their resolution. Higher values of dots per inch yield more detailed images.
Reusability The ultimate goal of object-oriented systems. By defining an object up front
and storing it in a repository the object can be used in many applications,
instead of requiring developers to recreate it every time a new system is built.
Reverse engineering The process of taking older software and rewriting it to modernise it and make
it easier to modify and enhance. Reverse engineering tools consist of software
that reads the program code from the original software and converts it to a
form that is easier to modify.
RGB Red-green-blue. A colour scheme used for video displays. Colours are
specified by identifying the desired strength of each primary colour. In most
implementations the colour value ranges from 0 to 255 (one byte). See also
CMYK.
Rivals Any group of firms that are competing for customers and sales. Similar to
competitors, but “competition” carries an economic definition involving
many firms. Even an industry with two firms can experience rivalry.
Rivest-Shamir- Three mathematicians who developed and patented a dual-key encryption
Adelman (RSA) system. The term often refers to the encryption technique. It is based on the
28
computational difficulty of factoring very large numbers into their prime
components.
Rocket scientists Mathematically trained financial analysts who build complex mathematical
models of the stock market and help create and price new securities.
Router A communication device that connects sub networks together. Local
messages remain within each sub network. Messages between sub-networks
are sent to the proper location through the router.
Row A horizontal element that contains all of the data to describe an entity or
object in a relational database or spreadsheet.
Rules A set of conditions that describe a problem or a potential response. Generally
expressed as “If… Then” conditions. Used by expert systems to analyse new
problems and suggest alternatives.
Sampler An input device that reads electrical signals from a microphone and stores the
sound as a collection of numbers. It measures the frequency and amplitude of
the sound waves thousands of times per second.
Scalability The ability to buy a faster computer as needed and transfer all software and
data without modification. True scalability enables users to buy a smaller
computer today and upgrade later without incurring huge conversion costs.
Scope creep The process in any project where people keep trying to add new features to
the project. An easy way to drive a project out of control. As the number of
features added begins to exceed the original plan, the costs increase and the
project is delayed.
Script kiddie A lazy attacker who downloads code from the internet to attempt to find and
exploit known holes. Can be stopped by ensuring your software contains all
current patches.
Scrolling region On a data entry form, a sub-form or section that is designed to collect
multiple rows of data. Much like a spreadsheet, the user can move back and
forth to alter or examine prior entries.
Search engine A practice of making a web site more compatible with search engines. The
optimisation goal is to make the page appear higher in the list of results when users search
for the desired topic. Most good SEO techniques define the page precisely
28
so that it
28
matches exactly how a person perceives the page. Black hat or bad SEO
methods try to trick the search engine—which usually results in the site being
blacklisted by the search engine.
Secondary storage Data storage devices that hold data even if they lose power. Typically cheaper
than RAM, but slower. Disk drives are common secondary storage devices.
Secure sockets layer A system that provides encryption for internet transmissions. Commonly used
(SSL) to establish a secure connection between client browsers and e-commerce
servers. It is established with dual-key encryption by installing a digital
security certificate on the server.
Serifs The small lines, curlicues, and ornamentation on many typefaces. They
generally make it easier for people to read words and sentences on printed
output. Sans serif typefaces have more white space between characters and
are often used for signs and displays that must be read from a longer distance.
Server farm A collection of dozens or hundreds of smaller servers. Software allocates
tasks to whichever server is the least busy. This approach to scalability is
fault- tolerant and easy to expand, but can be difficult to manage.
Service level A formal written agreement between a user group and a service provider that
agreement (SLA) specifies guaranteed levels of service and compensation for failure to meet
those levels. SLAs are commonly used in outsourcing deals to ensure the
contracted party is providing adequate levels of service, particularly with
network providers.
SharePoint Microsoft’s web-based tool for teamwork. It supports file sharing, version
control, discussion groups, and surveys.
Sign-off In a systems development life-cycle approach, the approval that managers
must give to forms, reports, and computations at various stages of the
development. This approval is given when they sign the appropriate
documents.
Simple object access A standard, easy-to-implement method of exchanging information and
protocol (SOAP) messages among different computers on the Internet. A protocol that works
with XML to support web-based services.
28
Simulation Models are used to examine what might happen if we decide to make changes
to the process, to see how the system will react to external events, or to
examine relationships in more detail.
Single sign-on A comprehensive security authentication system so that users can log in (sign
on) one time. Once the user’s identity has been established, all applications
obtain the credentials from a central server to recognise the user and
determine access rights.
Social engineering A method used by attackers to obtain usernames and passwords to obtain illegal
access to a system. An attacker might call a user and pretend to be a system
administrator asking for confirmation of a password. Relatively easy to stop
by never telling your password to anyone. Systems administrators will never
need your password.
Social legitimacy At one time, mainstream organisations were identified by the quality of their
presentation and their image. Large firms spend millions of dollars on graphic
artists, professional designers, and professional printing. The decreasing cost
of computers enables even small organisations to create an image that is hard
to distinguish from large organisations.
Social networking Contacts with friends and businesspeople. Many web sites such as Facebook,
Flickr, and YouTube were built to support social networking—enabling users
to find each other and share information online.
Software A collection of computer programmes that are algorithms or logical
statements that control the hardware.
Software as a service Selling software for usage or monthly fees instead of charging a fixed upfront
(SaaS) price. Easiest to implement with cloud computing but it can also be done with
in-house software. Upgrades and maintenance are typically included in the
price and sometimes the maintenance work is handled by the developing
company.
Software The act of fixing problems, altering reports, or extending an existing system
maintenance to improve it. It refers to changes in the software, not to hardware tasks such
as cleaning printers.
28
Software piracy The act of copying software without paying the copyright owner. With few
exceptions (e.g., backup), copying software is illegal. Companies and
individuals who are caught have to pay thousands of dollars in penalties and
risk going to jail. It is commonly accepted that piracy takes money away from
the development of improved software.
Software suites Collections of software packages that are designed to operate together.
Theoretically, data from each package can be easily shared with data from the
others. So word processors can incorporate graphics, and spreadsheets can
retrieve data from the database management system. Suites are often sold at a
substantial discount compared to buying each package separately.
Solid state drive A disk drive replacement or data storage mechanism that uses electronic
components to store data instead of a movable platter. Most SSDs are similar
to flash drives but with greater capacity and faster data transfer speeds.
Sound One of the basic data types. There are two methods to describe sound:
samples or MIDI. Digitised (sampled) sound is based on a specified sampling
and playback rate, and fits into frequency and amplitude (volume) ranges.
Spam Unsolicited commercial e-mail, or junk mail. Unwanted messages sent by
commercial entities or hackers trying to steal your system or your money. It
makes up over 50 percent of e-mail traffic. Most nations have made it illegal,
but it is hard to stop. The name refers to a Hormel meat product, but its use is
often attributed to a Monty Python sketch.
Speech recognition The ability of a computer to capture spoken words, convert them into text, and
then take some action based on the command.
Spyware Software that stealthily installs itself on your computer, records your
activities or keystrokes. Commonly used by attackers who collect the data to
learn your account passwords. Extremely dangerous because once installed it
can gain total access to your system. Software scanning tools can spot most
common spyware programmes. Windows Vista has other tools to prevent
programmes from installing themselves without your knowledge.
SQL A structured query language supported by most major database management
systems. The most common command is of the form: SELECT column list
28
FROM table list JOIN how tables are related WHERE condition ORDER BY
columns.
Standard operating A set of procedures that define how employees and managers should deal with
procedures certain situations.
Standards An agreement that specifies certain technical definitions. Standards can be
established by committees or evolve over time through market pressures. As
technology changes, new standards are created.
Static HTML Simple HTML pages that are changed only by humans, so they are rarely
changed. Generally used only for the pre-purchase information stage of e-
commerce.
Static integration A means of combining data from two documents. A copy of the original is
placed into the new document. Because it is static, changes made to the
original document are not automatically updated. See also dynamic
integration.
Statistical quality The statistical analysis of measurement data to improve quality. Several
control (SQC) statistical calculations and graphs are used to determine whether fluctuations
are purely random or represent major changes that need to be corrected.
Stock options A right to purchase a specific stock at a given price. Often granted to workers
and managers in start-up companies. If the company grows rapidly, its stock
price should increase. The option owner can cash in the options and receive
the difference between the current price and the option price.
Storage area network A method of storing computer data on devices attached to a high-speed local
(SAN) connection instead of placing them into each computer. Separating data from
the computer and centralising it makes it easier to upgrade, control, and
provide backups. Fibre optic connections are often used for SAN drives.
Strategic decisions Decisions that involve changing the overall structure of the firm. They are long-
term decisions and are unstructured. They represent an attempt to gain a
competitive advantage over your rivals. They are usually difficult and risky
decisions. MIS support for strategic decisions typically consists of gathering,
analysing, and presenting data on rivals, customers, and suppliers.
Structured decisions Decisions ¬that can be defined by a set of rules or procedures. They can be
29
highly detailed, but they are defined without resorting to vague definitions.
29
Structured A review process in which the objective is to reveal problems, inaccuracies,
walkthrough ambiguities, and omissions in the system’s design before the programme code
is finalised. The users are presented with a prototype or mock-up of the
proposed system.
Subchapter S A legal variation of a corporation that can be chosen by the owners. The IRS
corporation and some states impose limits on the type of company that can elect this
option. It avoids the problem of double taxation by passing income and losses
directly to the owners’ personal income tax statements.
Supply chain Organising the entire supply process including vendor selection, parts
management (SCM) management, ordering, tracking, payment, and quality control.
Switch A network device used to connect machines. Unlike a router, a switch creates
a virtual circuit that is used by a single machine at a time.
Switching costs The costs incurred in creating a similar information system when a customer
switches to a rival firm. Information technology creates switching costs
because customers would have to convert data, re-create reports, and retrain
users.
Synchronisation A method of sending data from multiple computers to provide up-to-date data
on both computers. Data changes are sent to each computer participating in
the synchronisation process to ensure each participant has the same set of
data.
Syntax The set of command words, symbols, and punctuation used by a computer
programming language. When writing programmes, you must type the exact
words and symbols so the computer understands what you want it to do. See
also programming logic.
Synthesiser An electronic device to convert electrical signals into sound. One basic
technique is FM synthesis, which generates and combines fixed waves to
achieve the desired sound. A newer method combines short digitised samples
of various instruments with waveforms to create more realistic sounds.
Sysop System operator. Person in charge of an electronic bulletin board who
organises files and controls access and privileges.
System A collection of interrelated objects that work toward some goal.
29
Systems analysis and A refinement of the scientific method that is used to analyse and build
design information systems.
Systems analyst A common job in MIS. The analyst is responsible for designing new systems.
Analysts must understand the business application and be able to
communicate with users. Analysts must also understand technical
specifications and programming details.
Systems A formal method of designing and building information systems. There are
development life five basic phases: (1) feasibility and planning, (2) systems analysis, (3)
cycle (SDLC) systems design, (4) implementation, and (5) maintenance and review.
T1, T3 An older communication link provided by phone companies. Used to carry
digitised analog signals, it is being replaced with ISDN links. T1 refers to a
group of 24 voice-grade lines and can carry 1.544 megabits per second
(Mbps). A T2 trunk line is equivalent to 96 voice circuits providing 6.312
Mbps. T3 provides 44.736 Mbps, and T4 can carry 139,264 Mbps. Services
can be leased at any of these levels, where greater bandwidth carries higher
costs.
Table A method of storing data in a relational database. Tables contain data for one
entity or object. The columns represent attributes, and data for each item is
stored in a single row. Each table must have a primary key.
Tactical decisions Tactical decisions typically involve time frames of less than a year. They
usually result in making relatively major changes to operations but staying
within the existing structure of the organisation. MIS support consists of
databases, networks, integration, decision support systems, and expert
systems.
Telnet A method supported on the internet that enables users of one computer to log
on to a different computer. Once logged on to the new system, the user is
treated as any other user on the system.
Table The basic method of storing data in a DBMS. Each table represents one
object or entity. Relational databases require that tables be defined following
specific data normalisation rules.
Tebibyte The new IEC definition for trillion in base 2 (240). It replaces terabyte which
29
is to be used for decimal numbers. Denoted with TiB.
29
Telepresence A large, high-resolution video conferencing system that has the goal of
providing a distance meeting as comfortable as in person.
Template A method of creating objects such as forms, reports, and web sites to ensure
that they follow the same format. A designer creates a template and all
objects follow those design standards.
Terabyte Approximately 1 trillion bytes of data. Technically, it is 2 to the 40th power
or 1024*1024*1024*1024 (4 times). The step lower is gigabyte, the step
above is petabyte.
Text The simplest of the four basic data types, it also includes numbers. In its most
basic form, text is made up of individual characters, which are stored in the
computer as numbers. More sophisticated text is described by its typeface,
font size, colour, and orientation (rotation).
Thin client Simpler hardware than a full-blown personal computer, with minimal
software. It is generally used to display applications running on the server and
to accept input from the user.
Time division A method of sharing a communication medium with multiple users where
multiplexing (TDM) each computer is allowed to send data for a specified amount of time, then
releases it to the next computer. Typically handled by requiring devices to
send short packets of data.
Token Ring A communications protocol that describes when each machine can send
messages. A machine can transmit only when it receives a special message
called a token. When the message is finished or a time limit is reached, the
token is passed to the next machine.
Top-down An approach to designing and building systems that begins with an analysis
development of the entire company and works down to increasing detail. A complete top-
down approach is usually impossible because it takes too long to analyse
everything. See also bottom-up development.
Top-level domain One of the internet domains handled by registrars and controlled by ICANN.
(TLD) Originally limited to country codes and com, net, org, edu, mil, int, gov.
Firms can now create and control their own TLDs by paying a large fee.
29
Total cost of The cost of purchasing and running a client computer (personal computer). A
ownership (TCO) highly subjective number, it typically includes the hardware cost, the software
license fees, maintenance costs, and training costs.
Total quality A management doctrine stating that quality must be built into every process
management (TQM) and item. Every step and each person must be dedicated to producing quality
products and services.
Track changes A method in Microsoft Word that highlights the changes made by each
person. The original author can then choose to accept or reject each change.
A useful groupware tool when several people need to cooperate on writing a
document.
Transaction- A system that records and collects data related to exchanges between two
processing system parties. This data forms the foundation for all other information system
capabilities. MIS support typically consists of databases, communication
networks, and security controls.
Trans border data The transfer of data across national boundaries. Some countries place
flow (TBDF) restrictions on the transfer of data, especially data that relates to citizens (and,
of course, data related to “national security”). Some people have discussed
taxing the flow of data.
Transmission The physical method of connecting communication devices. The most
medium common media in use are electrical wires, fibre optics, and radio or micro
waves.
Triggered rule In an expert system, if a rule is used in an application, it is said to have been
triggered or fired.
Trojan Horse A special programme that hides inside another program. Eventually, when the
main programme is run, the Trojan Horse programme might delete files,
display a message, or copy data to an external computer.
True colour Humans can distinguish about 16 million colours. Devices that can display
that many colours are said to display true colour. It requires the device to use
3 bytes (24 bits) for each pixel.
Turing test A test proposed by Alan Turing in which a machine would be judged
“intelligent” if the software could use conversation to fool a human into
29
thinking it was talking with a person instead of a machine.
29
Turn-key systems Computer application systems designed for a specific task that can be installed
easily. Common examples include applications for specific types of
businesses, such as a system for physicians or dentists.
Twisted-pair cable Common dual-line wire. Often packaged as three or four pairs of wires. The
cable can be run for only a limited distance, and the signal is subject to
interference.
Two-factor A login process that requires two types of systems for identifying users. The
authentication most common examples are: (1) username/password, and (2) a generator card
that creates a random number every minute that is synchronised to the central
computer.
Typeface A defined way to draw a set of text characters. Several thousand typefaces
have been created to meet different artistic and communication needs. A
common characterisation is serif and sans serif typefaces.
Ultra-wideband A wireless communication protocol that is radically different from other
(UWB) wireless systems. Designed for short range, the system uses very low power
but very high frequency bandwidth. The low power enables it to be invisible
to existing applications, so it can use large amounts of bandwidth to send
multiple bits of data at the same time—transmitting in parallel form it can
quickly send large files. Proposed as a replacement for physical connection
cables, particularly video connectors.
Unicode An international standard that defines character sets for every modern (living)
language and many extinct languages (e.g., Latin).
Uninterruptable A large battery and special circuitry that provide a buffer between the
power supply (UPS) computer and the power supply. It protects the computer from spikes and
Universal brownouts.
description, A public web-based directory system designed to enable computers to find
discovery, and and use Web services offered by other companies. For example, someday
integration (UDDI) your computer could automatically find all companies that can use current
exchange rates to convert prices.
UNIX A popular operating system created by Bell Labs. It is designed to operate the
same on hardware from several different vendors. Unfortunately, there are
29
several varieties of UNIX, and software that operates on one version often
must be modified to function on other machines.
Unstable model A model that cannot be solved for a single solution. The solution might
continually diverge, or it could oscillate between several alternatives,
generally due to insufficient or incorrect feedback mechanisms.
Upload To transfer files from a local computer (usually a personal computer) to a
distant computer. See also download.
Use case A design concept object-oriented development. Each main use of a system is
drawn with a simple diagram to highlight the interaction of the users with the
system objects. Often used to clarify the screens where developers focus on
user interaction.
Usenet See newsgroups.
User resistance People often resist change. Implementation of a new system highlights this
resistance. Managers and developers must prepare for this resistance and
encourage users to change. Education and training are common techniques.
Value chain A description of the many steps involved in creating a product or service.
Each step adds value to the product or service. Managers need to evaluate the
chain to find opportunities to expand the firm and gain more sales and profits.
Vector image A stored collection of mathematical equations, representing lines, circles, and
points. These equations can be rescaled to fit any output device or to any
desired size. Users deal with the base objects, not the mathematical
definitions.
Venture capital Money offered by specialised firms to start-up companies. Banks rarely give
money to start-ups, so venture capitalists finance risky ventures in the hope of
high profits when the company goes public. Many strings can be attached to
the money—including a loss of control.
Version control Software that tracks changes made to other documents. Often used in
software development to enable developers to go back to prior version. It is
also available for common business documents and files. A limited version is
embedded into Microsoft Word.
29
Video One of the basic data types. Video combines the attributes of images and
sound. An important attribute is the frames per second definition. U.S.
standard video operates at 30 frames per second, movie films run at 24 frames
per second. Digitising video requires capturing and playing back the frames at
the appropriate speed.
Videoconference A meeting tool that transmits images and sound of at least one participant.
Often, video cameras are available to everyone involved in the conference.
High-end systems enable the participants to control the cameras.
View A stored query. If you have a complex query that you have to run every week,
you (or a database specialist) could create the query and save it as a view with
its own name. It is then treated much like a simple table.
Virtual machine A software-based definition of a computer that is stored and run on top of a
(VM) physical computer. A single physical computer can host several VMs.
Physical processors, RAM, disk space, and network connections are shared
among the VMs. Generally, the physical elements can be reallocated to
whichever VM currently needs more capacity.
Virtual mall A collection of web-based merchants who join together for marketing
purposes. Generally they share a common web host and the same commerce
server software. By sharing costs, they can survive without a huge amount of
sales.
Virtual private Software installed on a company network and on each client that
network (VPN) automatically encrypts all communications between the two; useful when
workers travel or need to reach the company servers from home using the
internet.
Virtual reality (VR) Virtual reality describes computer displays and techniques that are designed to
provide a realistic image to user senses, including three-dimensional video,
three-dimensional sound, and sensors that detect user movement that is
translated to on-screen action.
Virus A malicious programme that hides inside another programme. As the main
programme runs, the virus copies itself into other programmes. At some
point, the virus displays a message, shuts down the machine, or deletes all of
30
the files.
30
Visual Basic A modern variation of the BASIC programming language created by
Microsoft for application programming in Windows. A variation resides
inside many of the Microsoft applications, enabling programmers to
manipulate and exchange data among the database, spreadsheet, and word
processor.
Visual table of A graphical design method that shows how modules of a system are related.
contents Versions of the technique are also used to display menu trees.
Voice mail A messaging system similar to telephone answering machines but with
additional features like message store and forward. You can use your
computer to send messages to co-workers. There are tools that will read e-
mail and fax messages over the phone, so managers can stay in touch while
they are away from the computer.
Voice over Internet Connecting telephones to the network and using the internet to transfer phone
protocol (VoIP) conversations—instead of traditional phone lines.
Voice recognition The ability of a computer to capture spoken words and convert them into text.
Web 2.0 A second generation of web sites—dedicated to providing shared services

such as the social networking sites. The term is not precisely defined and
people disagree on what to include, but it excludes first-generation text and
EC sales sites.
Webmaster Specialised IS worker who is responsible for creating, maintaining, and
revising a company’s World Wide Web site. Webmasters use technical and
artistic skills to create sites that attract browsers.
Whois A utility supported by some operating systems and the network registrars to
provide information about the ownership of domain names and internet
access connections. Unfortunately, many people lie (illegally) when they fill
out the required information.
Wide area network A network that is spread across a larger geographic area. In most cases, parts
(WAN) of the network are outside the control of a single firm. Long-distance
connections often use public carriers.
WiFi Short for wireless fidelity. An early protocol for defining wireless
connections, commonly used in homes and businesses. It has a relatively
30
short range
30
(perhaps 100 meters). Transfer speeds initially were less than 11 mbps (using
802.11b), but have increased to 54 mbps (802.11a and 802.11g), and are
potentially up to 100 or 200 mbps (802.11n). The higher speeds are achieved
by using multiple frequencies at the same time. Actual speeds are
considerably lower (as low as half the rated maximum).
Wiki A Web site designed to enable multiple people to create and revise content.
The most famous is Wikipedia where anyone can create encyclopaedic
entries. The tools can be used for business teamwork applications.
Wi-Max A wireless technology designed for relatively high speeds and medium
distances—up to several kilometres. It can support point-to-point
transmissions to create high-speed internet connections to service providers,
or multipoint systems to handle many users at the same time. Clear wire and
sprint led the way at installing the technology in the U.S. and joined forces in
2007.
Window A portion of the computer screen. You can move each window or change its
size. Windows enable you to display and use several applications on the
screen at one time.
Wisdom A level above knowledge. Wisdom represents intelligence, or the ability to
analyse, learn, adapt to changing conditions, and create knowledge.
Workflow software A type of groupware that is designed to automate forms handling and the flow
of data in a company. Forms and reports are automatically routed to a list of
users on the network. When each person adds comments or makes changes, it
is routed to the next process.
Workstations Computers attached to a network, designed for individual use. Typically,
personal computers.
World Wide Web A first attempt to set up an international database of information. Web
(WWW) browsers display graphical pages of information, including pictures.
Hypertext connections enable you to get related information by clicking
highlighted words.
WYSIWYG What you see is what you get. With a true WYSIWYG system, documents
will look exactly the same on the screen as they do when printed. In
30
addition to
30
format, it means that the printer must have the same typefaces as the video
display. Colour printers use a system to match the colours on the monitor.
Zebibyte The IEC term for binary counting with the value 270. It replaces zettabyte,
which is to be used for decimal-based counting.
Zero-day attacks Attacks on computers that are based on flaws found in software that have not
yet been patched. The zero-day means attackers found the flaw before or
simultaneously with security researchers.
Zettabyte In the IEC definition, it is the decimal base number 1021. It falls above
zettabyte and below yottabyte. The binary version is called zebibyte.
zShops Amazon.com offers small companies a relatively inexpensive e-commerce
solution with little or no fixed costs. Useful for small firms, the system
provides marketing, visibility, and a payment mechanism. Amazon more
commonly refers to Marketplace shops, but zShops was the original title. By
2010 it was renamed to the Webstore.
30

BUAD 822 Note-MIS-ICT Management

Uploaded by

Copyright:

Available Formats

BUAD 822 Note-MIS-ICT Management

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BUAD 822 Note-MIS-ICT Management

Uploaded by

Copyright:

Available Formats

DISTANCE LEARNING

CENTRE AHMADU BELLO

MASTERS IN BUSINESS ADMINISTRATION (MBA)

BUAD 822: MANAGEMENT INFORMATION SYSTEM/ICT

First published 2018 in Nigeria

Published and printed in Nigeria by:

Ahmadu Bello University Press Ltd.

Ahmadu Bello University,

ii. COURSE INTRODUCTION AND DESCRIPTION

iii. COURSE PREREQUISITES

iv. COURSE LEARNING RESOURCES

vi. ACTIVITIES TO MEET COURSE OBJECTIVES

Specifically, this course shall comprise of the following activities:

vii. TIME (TO COMEPLETE SYLLABUS/COURSE)

B. Summative assessment (Semester examination)

C. Grading Scale (as appropriate for the course):

Management Information Systems (MIS)

2 Study Session 2 1. Read Courseware for the corresponding Study Session.

2. Listen to the Audio on this Study Session

3. View any other Video/U-tube (https://goo.gl/HjrPiw )

3 Study Session 3 1. Read Courseware for the corresponding Study Session.

4. View referred Animation (https://goo.gl/Lfw89K )

5 Study Session 2 1. Read Courseware for the corresponding Study Session.

Information Systems 2. Listen to the Audio on this Study Session

and Societal Issues on MIS

Management, and Ethical

9 Study Session 3 1. Read Courseware for the corresponding Study Session.

10 Study Session 4 1. Read Courseware for the corresponding Study Session.

Week 16 & 17 SEMESTER EXAMINATION

Study Module 2: Information Systems and the Management of

1.0 Learning Outcomes

2.0 Main Outcome

Planning and managing an organisation’s IT infrastructure is a difficult and

2.2 Information System

ITQ 1: What is information systems?

2.3 Management Information System (MIS)

ITQ 2: What is Management Information System (MIS)?

2.4 Components of Information Systems

Five basic components of information systems

2. Software: (programmes and procedures).Software Resources includes all sets of

5. Procedures: are the commands for combining the components above to

2.5 Development of Information Systems

The activities that go into producing an

2.6 Use of Information Systems

2. Increases boundary spanning: An individual can access any information in

4. Helps in forecasting and long term planning: A disciplined IS creates a

ITQ 4: What is Information System Development?

Common information products include messages, reports, forms, and graphic

2.7 Information Characteristics

For example, a market research company may give information on users’

Level of detail/ Conciseness

2.8 Information Systems for Problem Solving and Decision Making

value chain: a series of activities undertaken by the company to produce a product

• Threat of substitute products or services: How easily can a product or service

ITQ 6: What does it mean when a company has a competitive advantage?

2.9 Using Information Systems for Competitive Advantage

3.0 Tutored Marked Assignment

4.0 Session Summary

4.0 Self-Assessment Questions