Definition: An information system can be any organized combination of people, hardware, software, computer networks and data resources

that stores and retrieves, transforms, and disseminates information in an organization. Roles of IS in Business: There are three fundamental reasons for all business applications of information technology. They are found in the three vital roles that information system can perform for a business enterprise. Support of its business processes and operations. Support of decision making by its employees and managers. Support of its strategies for competitive advantage. Trends in IS: The business applications of information systems have expanded significantly over the years. Data Processing (1950s 1960s): Electronic data processing systems which includes transaction processing, record keeping, and traditional accounting applications. Management Reporting (1960s 1970s): Management information systems that include preparation of management reports of pre specified information to support decision making. Decision Support (1970s 1980s): Decision support systems include interactive ad hoc support of managerial decision making process. Strategic and End User Support (1980s 1990s): o End user computing systems: Direct computing support for end user productivity and work group collaboration. o Executive information systems: Critical information for top management. o Expert Systems: Knowledge based expert advice for end users. o Strategic Information Systems: Strategic products and services for competitive advantage. Electronic Business and Commerce (1990s 2000s): o Internet based e-business and ecommerce systems: Web enabled enterprise and global e-business operations and electronic commerce on the internet, intranets, extranets, and other networks. What is MIS? Right Information To the right person At the right place At the right time In the right form At the right cost Why MIS? Increased Business & Management Complexities o Technological Revolution

o Research & Development o Explosion of Information Increased Management Complexities o Management Science Technologies o Decision-making o Onset of Computers Types of Information System: Conceptually the applications of information systems that are implemented in todays business world can be classified in several different ways. Several types information systems can be classified as either operations or management information systems. Operations Support System: information systems have always been needed to process data generated by and used in, business operations. Such operations support systems produce a variety of information products for internal and external use. However they do not emphasize producing the specific information products that can best be used by managers. The role of a business firms operations support system is to efficiently process business transactions, control industrial processes, support enterprise communications and collaborations and update corporate databases. Transaction Processing Systems: Are an important example of operations support system that record and process data resulting from business transactions. Process Control Systems: Monitors and controls physical processes. They enhance team and workgroup communications and productivity, and include applications that are sometimes called as office automation systems. Management Support Systems: When information systems applications focus on providing information and support for effective decision making by managers, they are called management support systems. Providing information and support for decision making by all types of managers and business professionals is a complex task. Conceptually, several major types of management support system includes: Management Information System: MIS provides information in the form of reports and displays to managers and many business professionals. Decision Support System: DSS give direct computer support to managers during the decision making process. Executive Information System: EIS provide critical information from a wide variety of internal and external sources easy to use touch screen terminals to instantly view text and groups display that highlights key areas of organizational and competitive performance. Information System Resources: An information system consists of five major resources: people, hardware, software, data and networks.

 People Resources: People are an essential

Outputting: Information in various forms is

transmitted to end users and make available to them in the output activity. The goal of information system is the production of appropriate information products for end users. Common information products include messages, reports, forms and graphic images, which may be provided by video displays, audio responses, paper products and multimedia. Storing: Storage is the basic system component of information system. Storage is the information system activity in which data and information are retained in an organized manner for later use. This facilitates their later use in processing or retrieval as outputs when needed by users of a system. Controlling: An important information system activity is the control of system performance. An information system should produce feedback about its input, processing, output, and storage activities. The feedback must be monitored and evaluated to determine if the system is meeting established performance standards.

ingredient for the successful operation of all information system. The people resources include end users and IS specialists. Hardware Resources: The concept of hardware resources include all physical devices and materials used in information processing. Specifically, it includes not only machines, such as computers and other equipment, but also all data media, from sheets of paper to magnetic or optical disks. Software Resources: The concept of software resources includes all sets of information processing instructions. This generic concept of software includes not only the set of operating instructions called programs, which direct and control computer hardware, but also the sets of information processing instructions called procedures that people need. Data Resources: Data are more than raw materials of information system. The concept of data resources has been broadened by managers of information systems professionals. They realize that data constitute valuable organizational resources. Thus data is viewed as an important resource that must be managed effectively to benefit the end users in an organization. Network Resources: Telecommunications technologies and networks like the internet, intranet and extranet are essential to the successful electronic business and commerce operations of all types of organizations and their computer based information systems. Telecommunications networks consist of computers, communications processors and other devices interconnected by communication media and controlled by communications software.

System Concepts:

IS Activities: The basic information processing activities that occur in information system includes inputting, storing, processing, outputting and controlling. Inputting: Data about business transactions and other events must be captured and prepared for processing by the input activity. Input typically takes the form of data entry activities such as recording and editing. End users typically enter data directly into a computer system, or record about transactions on some type of physical medium such as a paper form. This usually includes a variety of editing activities to ensure that they have recorded data correctly. Once recorded data may be transferred onto a machine readable medium such as a magnetic disk until needed for processing. Processing: Data are typically subjected to processing activities such as calculating, comparing, sorting, classifying and summarizing. These activities organize, analyze, and manipulate data, thus converting them into information for end users. The quality of any data stored in an information system must also be maintained by a continual process of correcting and updating activities.

UNIT 3: Computer Hardware: What is a Computer System: Computer hardware is composed of CPU, Input/Output devices, Primary & Secondary storage & Communication devices. The input devices accept data and instructions and convert them into a format that the computer can understand. The CPU manipulates the data and controls the task done by other components. The primary storage temporarily stores data and programs instructions during processing. It also stores intermediate results of the processing. The secondary storage stores data and programs for future use. Finally the communication devices provide for the flow of data from external computer networks to the CPU and vise versa. Evolution of Computer Hardware:

Computer hardware has evolved through four stages or generations of technology. Each generation has provided increased processing power and storage capacity while simultaneously decreases in cost. Featu 1st 2nd 57- 3rd (64- 4th 5th re (46 63 79) (808856) 88) Circui Vacu Transist Integra LSI/VL ULS try um ors ted SI I Tubes Circuits Prima 2 kb 64 kb 4 mb 16mb 64 ry mb Stora ge Cycle 100 10 mc 500 n 800 p 200 Time mi sec sec sec 0 p sec sec Fifth Generation: In this generation massively parallel processing with process of multiple instructions are used in computer. This type of computer use flexibly connected networks linking thousands of inexpensive commonly used chips to address large computing problems attaining super computer speeds. With enough chips networked together a trillion floating point operation per second can be possible. Future Generations: A DNA computation is done by coding a problem into the alphabet and then creating conditions under which DNA molecules are formed that encode all possible solutions of a problem. DNA computer process in parallel are potentially double as fast as todays super computers. In addition modern storage media stores information at a density 1 bit per 1012 nm while DNA computers have storage density of 1 bit / cubic nm. Optical Computers: Scientist are working on a machine that uses beams of light instead of electrons called optic electronics. These computers are expected to process information several hundred times faster then current computers. Types of Computer: Computers are distinguished on the basis of their processing capabilities. Super Computers: The primary activity of super computers had been in scientific and military work but their use is growing rapidly in business as their prices decreases. These are especially valuable for large simulation models, complex mathematical representations and calculations are required for image creation and processing. Super computers uses technology of parallel processing. Mainframes: This is an ultra high performance computer made for high volume processor intensive computing. It is capable of supporting large data processing, high performance online transaction and extensive data storage and retrieval. Large

corporations where data processing is centralized and large databases are maintained most often use mainframe computer. Example of mainframe computer are IBMs ES000, VAX 8000, and CDC 6600. Mini Computer: This is a small digital computer normally able to process and store less data than a mainframe but more than a micro computer. Mini computer is designed to meet the computing needs for several people which is capable of supporting 4 to 200 simultaneous users. It is a multi user system and used for real time controls and engineering design works. Example: PDP 11, IBM 8000 series and VAX 7500. Micro Computer: This is a small low cost digital computer consist of micro processor storage unit input and output channels all of which may be in 1 chip inserted into one or several PC boards. Originally this was designed for individual users but now days they have become powerful tools for many business that are networked together. E.g. IBM PC Pentium 100, 200, and Apple mackintosh Micro computers includes desktop, laptop and handheld models.

Computer System (Architecture): Any computer system has three important components. CPU, Input unit and Output Unit. CPU: CPU or the microprocessor is referred as the brain of the computer with VLSI chip inside the system plugged on to the mother board. A processor controls all internal and external devices operates only on binary data composed of 1 or 0 to perform arithmetic and logic operations. Basic functions of CPU are Issues commands to all parts of computer. Controls sequence of operation as per stored instructions, Stores data and programs. Performs data processing operations Sends results to output unit CPU consists of control unit, ALU, Registers & Primary Storage. ALU The ALU performs required arithmetic and competitions or logic operations. The ALU adds, subtracts, multiplies, divides compares and determines whether a number is positive, negative or zero. The ALU operations are performed sequentially based on instructions from the control unit. For these operations to be performed the data move from the storage to the arithmetic registers in the ALU. Control Unit: This unit checks the instructions & directs other components of the computer system to perform the function required by the program. It interprets and carries instructions, contents, in computer, selecting program statements from primary storage, moving them to the instructions registers in the control unit. It

controls input and output devices and data transfer processes from and to memory. Memory Unit: This unit holds the intermediate results during the course of calculation and provides the data as and when required. It stores the program instruction and data on which the processor is working. The internal storage section is called primary memory or main memory which stores processed data and intermediary results. When the processing is finished it transfers the final results to an output device. Registers: The registers are special purpose high speed temporary memory units which holds various information such as data instructions addresses and intermediate results of calculations. Registers are known as CPUs working memory. Important registers within CPU are Program counters, Instructions Register, Memory Address Registers, Memory Buffer Register, Accumulator and Data Register. Size and length of each register determined by its function and instruction register holds the instructions to be executed and same number of its as the instructions. Buses: set of wires used for interconnection in CPU is known a system bus. System bus has a certain size and width called data path which is measured in bits. It is further divided into three logical units called address bus, data bus and control bus. Input/Output Unit: Computer system incorporates Input & Output devices which acts as a communication medium. Input unit accepts instructions and data from the uses to the computer. Some of the input devices are keyboard, mouse, light pen etc. Output units are instruments of interpretation and communication between human and computer. These devices take the machine coded output results from the processor and converts them into a form that can be used as a machine input in another processing cycle. Monitors, Printers and Plotters are examples. UNIT 5: Managing Organisational Data & Information Database Management System: DBMS is a collection of interrelated data and a set of programs to access those data. The primary goal of a DBMS is to provide a way to store and retrieve database information that is both convenient and efficient. Database systems is a computerized record keeping system which provides mechanisms for the safety of the stored information from data corruption and unauthorized access. DBMS Architecture: The ANSI/SPARC architecture is divided into three levels, known as the internal, conceptual and external level. Internal Level: This is also known as the physical level is the one closest to the physical storage i.e. it is the one

concerned with the way the data is physically stored. External Level: This is also known as the user logical level is the one closest to the users it is the one concerned with the way the data is seen by individual users. Conceptual Level: This is also known as the community logical level, or sometimes just the logical level, unqualified is a level of indirection between the other two. Working Principle: The DBMS is a software that handles all access to the database. Conceptually what happens is the following: A user issues an access request, using some particular data sublanguage typically SQL) The DBMS intercepts that request and analyzes it. The DBMS inspects, in turn, the external schema for that user, the corresponding external/conceptual mapping, the conceptual schema, the conceptual/internal mapping, and the storage structure definition. The DBMS executes the necessary operations on the stored database. Data Models: Underlying the structure of a database is the data model, a collection of conceptual tools for describing data, data relationships, data semantics, and consistency constraints. A data model provides a way to describe the design of a database at the physical, logical and view level. The data models can be classified in four different categories. Relational Model: The relational model uses a collection of tables to represent both data and the relationships among those data. Entity Relationship Model: The entity relationship model is based on a perception of a real world that consists of a collection of basic objects called entities and of relationship among these objects. The object oriented data model is another data model, which can be seen as an extension of E-R model with notations of encapsulation, methods, and object identity. The object relational data model combines features object oriented data models and relational model. Semistructured Data Model: The semistructured data model permits the specification of data where individual data items of same type may have different set of attributes. The Extended Markup Language (XML) is widely used to represent semistructured data. Database Languages: A database system provides a data-definition language to specify the database schema and a data-manipulation language to express database queries and updates. In practice, the data definition and data manipulation languages are not separate languages, instead they simply form parts of a single language, such as the widely used SQL language. Database Design: Database systems are designed to manage large bodies of information. Database design mainly

involves the design of database schema. The design of a complete database application environment that meets the needs of the enterprise being modeled requires attention to a broader set of issues. Benefits of a Database Systems: Database systems arose in response to early methods of computerized management of commercial data. The typical file processing systems is supported by conventional operating system. Using the database approach has the following benefits over the traditional file processing approach. Data Redundancy: This refers to duplication of data. In non database system each application with own separate files often lead to redundancy in store data which results in wastage of space. Database systems does not maintain separate copies of the same data. All the data kept in one place and various application refer from this centrally controlled system. Data Inconsistency: Database is said to be inconsistent when contradictory information will be supplied to the users. DBMS ensures the database is always consistent by ensuring that any change made to either of the two or more entities is automatically applied to the other one also. This process is also known as propagating update. Sharing of Data: Sharing of data allows the existing application to use the data by multiple users of the database system. Due to shared data it is possible to satisfy the data requirement of new applications without creation of additional stored data or marginal modification. Enforcement of Standards: DBMS uses standard measures in naming, formatting and structuring while creating and using data within the organization. This ensures easier enforcement of data usage particularly in migrating and interpreting data between two different systems. Data Security: To ensure security DBMS provides security tools such as user codes and passwords so that data security checks can be carried out whenever access is attempted to sensitive data. Concurrent Access: For the sake of overall performance and faster response time many systems uses multiple users to update the data simultaneously. In such environment interactions of concurrent updates may result in data inconsistency. DBMS guards against this possibility by maintaining some form of supervision into such applications. Atomicity Problems: A computer system like any other mechanical device is subject to failure. In many applications it is crucial that if a failure occurs the data is restored to the consistent state that existed prior to the failure. DBMS takes care of such problems by making the transactions atomic it must happen in entirety or not at all. Data Integrity:

Data integrity refers to ensuring data in database is accurate. This is ensured through enforcing various integrity constraints during the time of creation of data structure. Better Interaction with Users: In case of DBMS the availability of up-to-date information improves and makes it easy to respond to unforeseen information request. Centralizing the data in database allows users to obtain new and combined information. Efficient System: in DBMS the contents of stored data can be changed easily and do not have any impact on the application programs. Initial cost of DBMS may be high but overall costs is less compared to conventional system. Unit 6: Telecommunications & Networks: A communication system is defined as the collection of software and hardware that facilitates inter system exchange of information between different devices. Sharing of info is of 2 types. 1) Local (face to face communication) 2) Remote (Communication over distance). The fundamental characteristics of data communication is considered as follows. 1) Delivery ( The system must delver data to the correct destination 2) Accuracy ( The system must deliver data accurately 3) Timeliness ( System must deliver data in a timely manner without enough time lags Data Communication. Components. 1) Message: It is the info. That is to be communicated 2) Sender: I is the device that sends the message 3) Receiver: Device that receives the message 4) Medium: The transmission medium is the physical path that communicates the message from sender to receiver. 5) Protocol: Protocol refers to a set of rules that coordinates the exchange of info. Both the sender and receiver should follow the same protocol to communicate data. Data transmission mode: 1) Simplex mode: It is unidirectional. The info flows in one direction across the circuit with no capability to support response in the other direction. Eg. TV transmission 2) Half Duplex: In this mode each communication device can receive and transmit info but not at the same time. When one device is sending the other can only receive at that point of time. Eg wireless handsets 3) Full Duplex (Duplex): This mode allows both communicating devices to transmit and receive data simultaneously. Eg. Telephone network. Data Communication Measurement. The quantity of data that is communicated is measured in terms of bandwidth. Bandwidth refers to the maximum volume of info that can be transferred. It is measured in bits per second (BPS) or KBPS. The level of bandwidth falls into 3 categories :

1) Narrow band: Single transmission channel of 64 KBPS or less. 2) Wide Band: 1.544 MBPS to 45 MBPS 3) Broadband: 45 MBPS or more Transmission Media Transmission is the physical media thru which data and info are transmitted. It is divided into 2 categories: 1) Guided media 2) Unguided media. Guided Media: This uses a cabling system that guides the data signal along a specific path. There are 4 basic types of guided media. 1. Open wire cable, 2. Twisted pair cable, 3. Coaxial cable, 4. Optical Fiber Unguided Media: data signals flow thru the air. Eg. Radio frequency propagation, Microwave propagation, Satellite. Analog & Digital Data transmission. Analog Signal: It is a continuous wave form that changes smoothly over time. The sine wave is the most fundamental form of an analog signal. Sine waves are characterized by 3 things. 1) Amplitude (Magnitude for electrical signals it is measured in volts or amperes) 2) Frequency (Measured in Hertz) 3) Wavelength refers to the distance between similar points of a given wave measured in Armstrong. Digital Signals: It is the data stored in the form of 0s and 1s. Modulation: It refers to the process of impressing information thru a carrier wave by changing some of the waves characteristics viz. amplitude, frequency or phase, so that it is more suitable for transmission over the medium between transmitter and receiver. There are 2 forms of modulation 1. Amplitude modulation and 2. Frequency Modulation. Multiplexing: Multiplexing refers to the process of transmitting more than one signal over a single link, root or channel. There are 2 basic multiplexing techniques 1. FDM (Frequency Division Multiplexing) Info from multiple channels can be allocated bandwidth on a single wire based on frequency. 2. TDM (Time Division Multiplexing) Info from multiple channels can be allocated based on time slot. Asynchronous vs. Synchronous Transmission: Asynchronous: It refers to the transmission of one character at a time, with intervals of varying lengths, with start bits at the beginning and stop bits at the end to control the transmission. Synchronous: Here data is sent in blocks without the need for start and stop bits. Switching: Switching refers to routing traffic by setting up of temporary connections between 2 or more network points. A temporary connection is

achieved by devices located at different locations on the network called switches. There are 3 methods of switching:1. Circuit Switching: It is a type of communication in which a dedicated channel is established between 2 devices for the duration of the network. E.g. PSTN Public switch telephone network. 2. Packet Switching: This introduces the idea of breaking data into packets. Each packet contains addresses for the machine sending it and the machine expected to receive it. At The destination the packets are reassembled to form the original message. 3. Message Switching: It uses a message store and forward system where each message contains a destination address and is passed from source to destination thru intermediate nodes. At each transfer point in the connection incoming data is stored in its entirety and then forwarded to the next point. This process continues until the data reaches its destination. TCP/IP MODEL : Transmission Control Protocol / Internet Protocol The TCP/IP protocol contains 5 main layers 1) Application 2) Transport 3) Network 4) Data link 5) Physical. The data unit initially created at the application layer (by an application viz. e-mail, web browser) is called as a message. A message is actually broken down into segments by the transport layer. The transport layer of the TCP/IP contains 2 protocols 1) TCP (Transmission control protocol) 2) UDP (User datagram protocol. TCP is more often used. The transport layer then adds its own header to the segment and gives it to the network layer. The network layer adds the IP (Internet protocol) header to this block and gives the result to the data link layer. The data link layer adds the frame header and gives it to the physical layer for transmission. At the physical layer the actual bits are transmitted as voltage pulses. An opposite process happens at the destination ends where each layer removes the previous layers headers and finally the application layer receives the original message.

Unit 7: The Internet, Intranet and Extranets Internet Concepts: With the growing popularity of computers and subsequent networking abilities inter communication between diff. computers became easier and led to the phenomenon called internet. Derived from two words interconnection and networks, internet is a world wide system of computer networks i.e. a network of networks. It allows the participants to share information on those millions of linked computers. This high level of connectivity gives rise to an unparalleled degree of communication, resource sharing and information access. Evolution of Internet The origin of internet dates back to 1960s and is the result of an experiment conducted by the US department of defense. In 1969 a 4 computer network called Arpanet was designed for communication of the US defense scientist. By 1970 ARPA (advanced research projects agency) developed a new protocol named as TCP/IP (transmission control protocol/ internet protocol) for transferring data between networks. In 1980s National Science Foundation (NSF) used Arpanet to link super computers at measure universities for sharing wok. The rapid growth of the Internet was due to networking giants like British Telecom, Hyundai, AT&T and others setting up fast and reliable networks that encircled the globe. These networking giants gave access to the internet via gateways Using ISP gateway it is perfectly possible to route business or commerce data from one point of globe to another. An ISP gateway generally consist an ISP server to the internet called its internet pipeline. ISP pipeline bandwidth of 2 to 10 GB is quite common. Clients that log into Internet via ISP commonly use only 33.6 kilobytes of ISPs bandwidth. Occasionally a client whose data traffic is very high will use special connectivity methods (ISDN) to an ISP server and use 64kbps to 128kbps of ISP bandwidth. MNCs directly negotiate with networking giants to have their own private gateway and then make use of huge bandwidth for its data transfers. However modern day internet became popular in the 1990s after the development of World Wide Web (WWW) by European research organization (CERN). The CERN developed the protocol based on hyper text (HTTP) for connecting to content using hyper link. The WWW also permitted access to information using a Graphical User Interface (GUI). Working of Internet TCP/IP is the only protocol used to send data on the internet. It is the combination of two individual sections TCP, a set of communication protocols and IP, a unique address. Every machine connected to internet most have an unique IP address assigned by the Internet Service Provider (ISP) to identify that machine. This unique IP address therefore points to an actual computer known as domain which is connected via a gateway to the internet. A physical domain (server) having a permanent IP address can provide

Gateway to other computers, Information for internet users to read, A physical location on which several virtual domains can be hosted known as websites e.g. www.microsoft.com Virtual domains are identified by a name (e.g. www.microsoft.com). Virtual domain names needs to be unique on the Internet. All virtual domain names must be registered with InterNIC. Virtual domains can be conceptualized as subdirectories on an internet servers hard disk. The information that internet clients wish to read would be Files within the subdirectory. When an Internet client requests for connection to a virtual domain on the internet, the request is routed to the proper Internet Server using TCP/IP. The Web Server running on this Internet Server then handles the request, resolves the Virtual Domain Name sent along with this request, to an appropriate subdirectory on the Internet Server where the website is hosted. Computers that only read information offered need not have a permanent IP address. However when logged into internet a client requires a unique IP address. This IP address enables the Internet server called, to reply accurately. The ISP server via which the client connects to the Internet temporarily assigns a unique IP address to the client. ISPs purchase a block of unique IP address from internationally recognized networking bodies. Thus whenever a client logs on, via the ISPs server one of the unique IP address is temporarily assigned to the computer. The maximum number of computer that can log into an ISP server is therefore limited to the blocks of unique IP address purchased by the ISP from the international body. Resolving Domain Names: When any client wishes to communicate with any internet server, using a web browser, the client sends out a broadcast using the Servers Domain name as its identifier. The ISP Internet Server intercepts this request first. Should the Domain Name be unknown to the ISPs Internet Server. The ISP Internet Server will broadcast to an InterNIC Root Server. In the InterNIC Root Servers Hosts file the Domain Name will be mapped to an IP address. This IP address will be returned to the ISPs server. The ISPs server will now pass this IP address back to the client browser. The Client browser will now broadcast a request to connect directly to the Internet Server using its IP address. As soon as this call is heard by the Internet Server it will respond and a link is established between the client and the Internet Server. Web Server software running on the Internet Server takes care of connecting a client to the virtual domain as required. Once the client is connected to the appropriate domain, the Web Server Software delivers the client the first HTML page of that domain and browsing for the specific domain can begin. The TCP/IP:

TCP/IP uses IP to deliver packets to the upper layer applications and provides a reliable stream of data among computers on the network. Once the packets arrives at the correct IP address, TCP goes to work. TCP main task is error checking, to make sure that the right number of packets are received and they are in proper order. Thus TCP guarantees that the information that was received by a computer on TCP/IP network, is exactly the same information that was sent to by another computer in the network. The IP is responsible for basic network connectivity when mapped to the TCP/IP layers, the IP works with the Network Layer in networking there has to be a physical location to send data to or receive data from. To make this happen every physical location must have a unique network address. Hence every computer on a TCP/IP network must have an IP address, which is unique to that computer. The IP address is a set of numbers separated by periods. An IP address is a 32 bit number, divided into two sections, the network number and the host number. Address are written as four fields, eight bits each separated by a period. Each field can be a number ranging from 0 to 255. this method of addressing is called dotted decimal notation. TCP/IP consists of protocols, applications, and services. Protocols enable a server application to offer services, and a client application to use these services Getting connected The basic requirements for online are 1. A TCP/IP enabled computer with a browser 2. An account with an ISP 3. A telephone line or WAP 4. Modem to connect the computer to telephone line.

4. Telnet: derived from telecommunications and

network. This protocol allows the user to log on to a remote computer any where in the world and use it as if it is available locally. Internet relay chat (IRC): IRC is a service that allows communicating in real time and carrying on conversations via the computer with one or more people. Instant messaging: Communication in real time by typing text, also used for sending Sass Internet Telephony: Use of internet to exchange spoken or telephonic information bypassing traditional telephone infrastructure. Video conference: Same technology as IRC but provide sound and video. A VC system has two or more parties in different location using a combination of video, audio and data. E-commerce: Conducting business on the internet. This refers to buying and selling of goods and services online. Concepts of B2B, B2C, C2C, Internet banking etc e..g. www.amazon.com, www.ebay.com. News groups: International discussion groups that focus on particular topic and help in gathering information about that topic. Mailing list: The internet is a home to a large community of individuals organized around topic oriented forums. To carry out active discussions distributed via email. Search engines: Searching the wealth of information on just about any topic using special tools called search engines e.g. www.google.com.

5.

6. 7. 8.

9.

10. 11.

12.

the

Types of internet connections Common types of internet access available for the users depending on the requirements are 1. ISDN (Integrated services digital network) 2. Cable modem 3. Leased lines of very high connectivity 4. Digital subscribed line (BSNL broad band) 5. Satellite broadband 6. Dial up connection. Internet Services: Due to the colossal growth of internet the user has access to a wide verity of services available on the net. 1. World Wide Web (www): It is a subset of internet and presents a wide variety of information in the form of text, images, animation, video, sound and multimedia on a single interface. 2. Email: it is the most used application on the net. Each user of email has a mailbox address to which messages are sent and the mailbox can be accessed from any where, any time. 3. File transfer protocol (FTP): Software programmed that enables user to log on to another computer and transfer information.

Unit 8: Electronic Commerce: E-COMMERCE : Electronic commerce (also referred to as EC, ecommerce or ecommerce) consists primarily of the distributing, buying, selling, marketing, and servicing of products or services over electronic systems such as the Internet and other computer networks. The information technology industry might see it as an electronic business application aimed at commercial transactions; in this context, it can involve electronic funds transfer, supply chain management, e-marketing, online marketing, online transaction processing, electronic data interchange (EDI), automated inventory management systems, and automated data collection systems. Electronic commerce typically uses electronic communications technology of the World Wide Web, at some point in the transaction's lifecycle, although of course electronic commerce frequently depends on computer technologies other than the World Wide Web, such as databases, and e-mail, and on other non-computer technologies, such as transportation for physical goods sold via ecommerce History: Electronic commerce applications began in the early 70s with such innovations as electronic transfer of funds. However, the applications were limited to large corporations. Then came EDI, which expand EC from financial transactions to other

kinds of transaction processing and extend the types of participating companies from financial institutions to manufacturers, retailers, services and other forms of business. With the commercialization of the Internet making available 60 million potential customers, EC applications have expanded rapidly. Over the last five years we have witnessed many innovative applications from advertisement to auctions and virtual reality experiences. The EC Area: The EC applications are supported by infrastructure (five categories) and the implementation of these applications depends on four major areas: people, public policy, technical standards and protocols, and other organizations. The EC management coordinates the applications, infrastructures and pillars. Another way to look at the EC field is to divide it into the following two components: Interorganisational Information Systems (IOS): IOS involves information flow among two or more organizations. Its major objective is efficient transaction processing, such as transmitting orders, bills, and payments using EDI. All relationship are predefined, there is no negotiation, just execution. Interorganisational systems are used exclusively for b2b applications. Benefits and Limitations of e-Commerce: Few innovations in human history encompass as many benefits as electronic commerce. The global nature of the technology, the low cost, the opportunity to reach hundreds of millions of people, the interactive nature, the variety of interaction possibilities, and the resourcefulness and rapid growth of the supporting infrastructure, especially the Internet, result in many benefits to organizations, individuals and society etc. the benefits are just starting to materialize, but they will increase significantly as EC expands. Benefits to Organizations: EC expands the market place to national and international markets. With minimal capital outlay, a company can easily and quickly locate more customers, the best suppliers and the most suitable business partners worldwide. EC decreases the cost of creating, processing, distributing, storing and retrieving paper based information. EC allows reduced inventories and overheads by facilitating pull type supply chain management where the process starts from customer orders and uses just in time processing. This allows product customization and lowers inventory costs. EC reduce the time between the outlay of capital and the receipt of products and services. EC supports BPR efforts. When processes are changed, productivity of salespeople, knowledge workers, and administrators can increase by 100% or more. EC lowers telecommunications cost; the Internet is much cheaper than VANs.

EC helps small businesses to compete against large companies. EC enables organizations to reach customers outside their immediate area at a minimum cost. EC allows organizations to reach a wide range of suppliers, thereby reducing the cost of suppliers can share benefits. EC allows companies to auction surpluses or obsolete products quickly with little expenses. EC facilitates global trade, allowing companies to penetrate foreign markets.

Benefits to Customers: EC provides customers with more choice; they can select from many vendors and from more products. EC frequently provides customers with less expensive products and services by allowing them to shop in many places and perform quick comparisons. In some cases EC allows quick delivery of products and services. Customers can get relevant and detailed information in seconds. EC makes it possible to participate in virtual auctions. EC allows customers to interact with other companies in electronic communities and to exchange ideas and experiences. Technical Limitations: Lack of system security, reliability and standards and communication protocols. Insufficient telecommunications bandwidth The s/w development tolls are still evolving and changing rapidly. Difficult in integrating the Internet and EC s/w with some existing applications and databases. The need for special Web servers in additions to network servers. Classification of eCommerce: B2B eCommerce: Business-to-Business Electronic Commerce, also known as E-Business, is experiencing an explosive growth rate on the Internet. Companies of all sizes and types are now mutually buying and selling products and services on the Internet. B2B also offers unique benefits such as less human intervention, less overhead expenses, fewer inadvertent errors, more efficiency, more advertising exposure, new markets and new physical territories equate to an intelligent method of mutual business. It is a win-win situation for both buyer and seller. These are just a few of the benefits that B2B Ecommerce can offer. It is already well accepted in the business community, that the potential return of doing business on the Internet is far greater than the investment. The bottom line is greater profits for the business. Currently there are 2 main issues to deal with when conducting a B2B E-commerce

Supply Chain Management - to co-ordinate the fields of competition turned to efficiency in manufacturing. In the 80's, concepts like Lean Manufacturing, Design for Manufacturability, Just-in-Time, and Stockless Production emerged. If properly managed, the operating costs of such systems can be substantially reduced. Reduction in costs can be in the form of reduced inventory cost, obsolescence, transportation and other logistics costs, overhead and direct labor costs. All have pointed out potential savings in costs that could amount to billions when companies can engage in supply chain integration efforts. Electronic Procurement System - using Internet technologies to handle product distribution to the buyer and from supplier while at the same time removing the complexity of multi-level paper and processing which are labors intensive. This allows the business to run more efficiently and allows purchasing professionals to have more time to focus on complex acquisitions and supplier negotiation. Besides reducing cost and hassle, it must be designed expressly for casual use by untrained employees and it must also provide extensive management controls, reporting, and integration with existing systems. B2C e-Commerce: B2C (Business-to-Consumer) is basically a concept of online marketing and distributing of products and services over the Internet. It is a natural progression for many retailers or marketer who sells directly to the consumer. The general idea is, if you could reach more customers, service them better, and make more sales while spending less to do it that would the formula of success for implementing a B2C e-commerce infrastructure. For the consumer, it is relatively easy to appreciate The importance of e-commerce: Why waste time fighting the very real crowds in supermarkets, when, from the comfort of home, one can shop on-line at any time in virtual Internet shopping malls, and have the goods delivered home directly. Who should use B2C e-Commerce? Manufacturers - to sell and to retail the business buyers Distributors - to take orders from the merchants they supply Publisher - to sell subscriptions and books Direct Sales Firms - as another channel to reach the buyers Entertainment Firms - to promote new products and sell copies Information Provider - to take payment for downloaded materials Specialty Retailers - Niche marketers of products ranging from candles, coffees, specialty foods, books use it to broaden their customer reach. Insurance Firms - On-line rate quotes and premium payments have made it easier for this industry to attract and retain customers. In fact, virtually any business that can deliver its

products or provide its services outside its doors is a potential user C2C e-Commerce: It is sometimes referred to Peer2Peer (P2P) exchanges involve all transactions between and among consumers. These transactions can also include third party involvement, usually in the form of those who facilitate the marketplace such as EBay.com. C2C exchanges can include classified ads (the Trading Post online), music and file sharing, career and job websites (Seek and CareerOne) and also personal services such as dating websites (Lavalife). In C2C networks, consumers sell goods and services to other consumers. There are millions of sellers with different items to sell and an equally large number of buyers. Finding each other can incur quite a high cost to both buyer and seller, and thus this is why intermediaries like eBay are so important. They simply mediate between consumers who want to buy and sell, and take small cuts of the sellers profit as a fee for bringing their customers to one marketplace. Consumer2Consumer e-commerce has given online shopping and trading a new dimension. While this sort of trading is prevalent in the offline world (garage sales, etc) it was not expected to take off so well online, due to the anonymity of users. The advantage of consumer to consumer ecommerce is most often the reduced costs and smaller but profitable customer base. It also gives many small business owners a way to sell their goods without sinesses involve items such as handmade gifts, personal artwork, clothing, running a highly profit draining bricks-and-mortar store. Uses of E-Commerce: Advertising, Online Publishing and Push Technology: Advertisement and dismissing of products or service information are currently the largest commercial activities on the internet. This is generally conducted through organizations owns website, other organizations web site electronic publishers web site electronic commerce vendors pages information kiosks electronic malls news groups and other innovative approaches. Banking, Personal Finance and Stock Trading: Electronic banking also known as cyber banking, virtual banking, home banking and online banking includes various banking activities conducted from home, business, or on the road instead of a physical bank location. It has capabilities ranging from paying bills to securing a loan electronically saves time and money for users.

A DSS promotes learning, which leads to new demands and refinement of application, which leads to additional learning and so forth. A DSS usually utilizes models (standard and/or custom made) A DSS allows the easy execution of sensitivity analysis.

Unit 10: Data Knowledge & Decision Support: Decision Support System: The concepts involved in DSS were first articulated in the early 1970s in the early 1970s by Scott Morton. He defined such system as interactive computer based system, which makes decision makers utilize data and models to solve unstructured problems. DSS like the term MIS and MSS, means different things to different people. DSS can be viewed as an approach or a philosophy rather than a precise methodology. Why DSS? Most companies now operate in unstable economy. Most organization now faces increasing foreign and domestic competition. Tracking the numerous business operation are becoming increasingly difficult. Companies existing computer system did not support the objectives of increasing efficiency, profitability, and entry into profitability markets. The IS department could not begin to address the diversity of the companys needs or management inquiries. Business analysis functions were not present within the existing system. Other reasons for using DSS that were found in surveys are: Accurate information is needed. DSS is viewed as a organizational leader. New information is needed. Management mandated the DSS Timely information is provided Cost reduction is achieved. Characteristics and Capabilities: A DSS provides support for decision makers at all management levels, whether individual or groups, mainly in semistructured and unstructured situations by bringing together human judgments and computerized information. A DSS supports several interdependent and/or sequential decisions. A DSS supports all phases of the decision making process intelligence, design, choice, and implementation. Supports variety of decision making processes and styles. A DSS is adaptable by the user over time to deal with changing condition. A DSS is easy to communicate and use.

Structure and Components: Every DSS consists of at least data management, user interface, and model management components. Data Management Subsystem: Data management includes the database(s) which contains relevant data for the situation, managed by database management system (DBMS). User Interface Subsystem: This component is other wise known as human machine communication) subsystem. The user can communicate with and command the DSS through this subsystem. Model Management: This includes software with financial, statistical, management science, or other quantitative models that provide the systems analytical capabilities and an appropriate software management program to manage the models. Knowledge Management: This subsystem can support any of the other subsystems or act as an independent component, providing knowledge for the solution of the specific problem. The components are put together for DSS either o by programming them from scratch o by gluing together existing components o or by using comprehensive tools called DSS generators. End user constructed DSSs are built with integrated tools, such as Excel or Lotus 1 2 3, which include spreadsheets, graphics, and database management systems. Data Management Subsystem: The data management subsystem is similar to any other data management system. The necessary data can flow from several sources and are extracted prior to their entry to a DSS database. In some DSS there is no separate DSS database, and data are entered into the DSS as needed. In many DSS applications, data come from a data warehouse. A data warehouse includes DSS relevant data extracted from different sources and organized as a relational database.
Other Other Computer Computer based Systems based Systems

Data Data Management Management Knowledge Knowledge Manager Manager Dialog Dialog Management Management

Model Model Management Management

Manager/User Manager/User Tasks Tasks

Model Management Subsystem:

The model base contains all the models and the model building blocks used to develop applications to run the systems. The major functions of MBMS include: Creates models easily and quickly, either from scratch, from exciting models or from building blocks. Allows users to manipulate models so they conduct experiments and sensitivity analysis. Stores and manage a wide variety of different types of models in a logical and integrated manner. Access and integrates the model building blocks Catalogs and displays the directory of models. Tracks models, data, and application usage. Interrelates models with appropriate linkage through the database Manages and maintains the model base with management functions analogous to database management. The model management subsystem of DSS has several elements: model base; model base management system; modeling language; model directory; and model execution, integration, and command. Knowledge Management Subsystem: Many unstructured and semi structured problems are so complex that they require expertise for their solutions. Such expertise can be provided by an expert system. Therefore, the more advanced DSS are equipped with component called knowledge management. Such a component can provide the required expertise for solving some aspects the problem or knowledge that can enhance the operations of the other DSS components.

Need for rapid status updates on different issues Need for increased effectiveness Need to be able to identify historical trends Need to access corporate databases Need for more accurate information EIS: An EIS is a computer based system that serves the information needs of top executives. It provides timely information and direct access to management reports. EIS is very user friendly, is supported by graphics, and provides exception reporting and drill down capabilities. It is also connected with online information services and electronic mail. ESS: An ESS is a comprehensive support system that goes beyond EIS to include analysis support, communications, office automation and intelligence. Capabilities and Characteristics of ESS: EIS vary in their capabilities and benefits. The following capabilities are common to most EIS. Drill Down: The capability called drill down provides details of any given information. In certain cases, this drill down process may continue through several layers of details. To provide this capability, the EIS may include several thousand menus and submenus. Drill down can also be achieved by direct query of the database, and by using a browser. Systems that use intelligent agents to conduct drill down and bring results to user are under development. Critical Success Factor: The factors that must be considered in attaining the organizational goals are called critical success factors. Such factors can be strategic, managerial, or operational success factors and they are mainly defined from three sources: organizational factors, industry factors. They can exist at the corporate level, as well as the division, plant and department level. Sometimes it is even necessary to consider the CSF of individual employees. Critical success factors, once identified can be monitored, measured and compared to standards. CSF Profitability Financial Marketing Human Resources Planning Economic Analysis KPI Profitability measures of each department, products, region etc Financial ratios, Balance sheet Analysis, Cash reserve position, Rate of return on investment. Market share, Advertisement Analysis, Product Pricing, Sales Result, Customer sales potential. Turnover rates, Skill Analysis, Absenteeism Rate etc. Corporate Partnership, Ventures, Growth/Share Analysis Market trends, Foreign Exchange Values, Industry trends, Labour cost

Executive Information (Support) Systems: The majority of personal DSSs support the work of professionals and middle level managers. Organizational DSSs provide support primarily to planners, analysts, researchers or to some managers. Rarely do we see a DSS used directly by top or even middle level executives. An executive support systems (EIS) also known as executive support systems (ESS) is a technology emerging in response to managers specific needs. Factors driving the needs for EIS: External Factors: Increased Competition Rapidly changing environment Need to be more proactive Need to access external databases Increasing government regulations Internal Factors: Need for timely information Need for improved communication Need for access to operational data

Consumer Trend

trends. Customer confidence level, purchasing habits, demographical data. Status Access: In the status access mode, the latest data or reports on the status of key indicators or other factors can be accessed at any time. Trend Analysis: In analyzing data, it is extremely important to identify trends. The executive likes to examine trends, especially when changes in data are detected. Trend analysis can be done using forecasting models which are included in many ESSs. Ad Hoc Analysis: Executive support systems provide ad hoc analysis capabilities instead of merely providing access to data analysis. Executives can thus use the ESS to do creative analysis on their own. They may even select the programming tools to be used, the outputs, and the desired presentation of the information. Exception Reporting: Exception reporting is based on the concept of management by exception, in which an executive should give attention to significant deviation from standards. Here an executives attention will be directed only to cases of very good and very bad performance. This approach saves considerable time for both producers and readers of reports.

Input and Output are structured. o Since the processed data are fairly stable, they are formatted in a standard fashion. High level of detail is usually observed, especially in input data often in output as well. Low computation complexity (simple mathematical/statistical) is usually evident in TPS. A high level of accuracy, data integrity, and security is needed. o Sensitive issues such as privacy of personal data are strongly related in TPS. High reliability is required. o TPS can be viewed as lifeblood of the organization. Interruption in the flow of TPS data can be fatal to the organization. Inquiry Processing is a must. o TPS enables users to query files and databases (even online and real time) Characteristics: TPS is the backbone of the organizations information system. TPS Monitors Collects Stores Processes Disseminates information for all routine core business transactions. An organization may have one integrated TPS or several, one for each specific business processes. Objectives: To provide all information needed by law and/or organizational policies to keep the business running and efficiently. The key objectives of a traditional TPS are as under: To allow effective operation of organization To provide timely documents and reports To increase the competitive advantage of the corporation. To provide the necessary data for tactical and strategic systems. To assure accuracy and integrity of data To safeguard assets and security of information. Activities: Regardless of the specific data processed by a TPS, a fairly standard process occurs, whether in a manufacturer, in a service firm, or in a govt. organization. First data is collected by people or sensors and entered into the computer via any input device. Generally speaking organizations try to automate the TPS data entry as much as possible because of large volume. Next the system processes data in one of the two basic ways. Batch Processing In batch processing the firm collects transaction as they occur, placing them into groups or batches. The system then prepares and processes the batches periodically. Online Processing

EIS Types & Issues: In recent years, the EIS has been enhanced with relation and multidimensional analysis and presentation, friendly data access, user friendly graphical interface, imaging capabilities, hypertext, internet access, emails, intranet access and modeling. These are helpful for any executive. We can distinguish between two types of EIS One designed especially to support the top executives. The other intend to serve a wider community of users. Transaction Processing System: In every organization there are major business processes that provides the mission critical activities. Business transactions occurs when a company produces a product or provides a service. An Information System that supports transaction processing is called the Transaction Processing System. Why TPS? Large amounts of data can be processed. The sources of data are mainly internal and the output is intended mainly for internal audience. o This characteristic is changing since trading partners may contribute data and be permitted to use TPS output directly. The TPS provides information on a regular basis. Large storage (database) capacity is required. High processing speed is needed due to high volume. TPS basically monitors and collects past data.

In online processing, data are processed as soon as a transaction occurs. For example: When an item such as a toy is sold in a store, the POS terminal immediately notifies the inventory system. The sale of toy causes other files to be updated in real time Tactical Tasks: Transaction processing exists in all functional areas. However it has major impact in accounting and finance areas. The major components of a TPS and its processes are the following. Order Processing The Ledger Accounts Payable and Receivable Receiving & Shipping Inventory on Hand Fixed Asset Management Payroll Personal Files & Skills Inventory Government Reports Periodic Reports & Statements.

Unit 12: Strategic Information System and Reorganisation: IT Planning: Improving the planning processes for information systems has long been one of the top concerns of ISD management. The society for Information Management found this to be

the number one issue in surveys of senior IS executives. It planning still represents a challenging issue for IS executives. Basic information systems planning address the following four general issues. Aligning the IT plan with the organizational business plan Designing IT architecture for the organizations in such a way that users, applications, and databases can be integrated and networked together. Efficiently allocating information systems development and operational resources among competing applications. Planning information systems projects so that they are completed on time and within budget and include the specified functionalities. A Four Stage Model of IT Planning: Several models were developed to facilitate IT planning. Of special interest is Wetherbes four stage model of planning, which is based on observation of planning efforts, promotional literature, and analysis of various methodologies used in planning processes. The model consists of four major activities: strategic planning, requirements analysis, resource allocation and project planning. These activities correspond to the four general issues of IT planning. Strategic IT Planning: The first stage of the IT planning model includes several some what different types of activities. On the one hand it refers to identifying a set of new applications a portfolio through which an organization will conduct its business. These applications make it possible for organizations to implement its business strategies in a competitive environment. On the other hand, SIP can also refer to the process of searching for strategic information systems applications that enable an organization to develop a competitive advantage rather than just maintaining its position. In either case, SIP must be aligned with overall organizational planning. To accomplish this alignment, the organizational must do the following. Set the IT mission. Access the environment. Access existing system availabilities and capabilities Set IT objectives, strategies and policies Access the potential impacts on IT. The output of the process should include the following: A new or revised IT charter and assessment of the state of the ISD: An accurate evaluation of the strategic aspirations and directions of the organization;

And a statement of the objective, strategies and policies for the IT effort.

To carry out the above tasks there exist several methodologies; the major ones are Business System Planning Nolans Stages of IT Growth model Ends/Means Analysis Critical Success Factors. Information Requirements Analysis: The goal of the second stage of the model, the information requirements analysis, is to ensure that the various information systems, databases, and networks can be integrated to support decision making and operations. There are several alternative approaches for conducting the requirements analysis. Step 1: Define Underlying Organizational Subsystems: The first step of requirement analysis is to identify the underlying organizational processes, such as other fulfillment or product analysis. Step 2: Develop Subsystem Matrix: Once the underlying organization processes are identified, the next phase of requirements analysis exercise is to relate specific managers to organizational processes. The matrix is developed by reviewing the major decision responsibilities of each middle to top manager and relating them to specific processes. Step 3: Define and Evaluate Information Requirements for Organizational Subsystem: In this phase of the requirements analysis managers with major decision making responsibility for each process are interviewed in groups by information requirements of each organizational process. Step 4: Defining Major Information Categories and Map Interviews into Them: The process of defining information categories is similar to how data items for individual information system are factored into entities and attributes. Step 5: Developing Information/Subsystems Matrix: Mapping information categories against organizational subsystems creates an information categories by organizational process matrix. Information categories can be accounts receivable, customers demographics or product warranties. In each cell of the matrix an importance value is inserted.

 Resource Allocation: The third stage of the model for information planning consists of developing hardware, software, data communication, facilities, personnel, and financial plans needed to execute the master development plan as defined in the requirement analysis. Resource allocation is a contentious process in most organizations because opportunities and requests for spending far exceed the available funds. This can lead to intense, highly political competition between organizational units. Funding requests from the ISD fall into two categories. Some projects and infrastructure are necessary for organization to stay in business. On the other hand the IT planning process identifies an information architecture that usually requires additional funding for less critical items: new projects, maintenance or upgrades of existing system, an infrastructure to support these systems and future needs. After setting aside funds for the above category, the organization can use the remainder of the IT budget for projects related mainly to the improved information architecture developed by using information requirement analysis. Project Planning: The fourth and final stage of our model for information system planning, project planning, provides an over all framework within which specific applications can be planned, scheduled, and controlled. Guidelines for IT Planning: To determine how much IT planning is needed, an organization should assess the extent to which each stage of IT planning has been accomplished. It can implement this assessment through a series of questions related to major activities and outputs in each of the stages of the four stage planning model. After determining the IT planning needs at each stage, it can select appropriate methodologies. Strategic Planning: In assessing the strategic planning stage, organizations need to answer questions such as: Is an IT mission clearly expressed in an IT charter? Is there a compressive assessment of the environment? Are the IT capabilities adequately assessed? Have new opportunities been identified? Is the current business environment understood? Is the current application portfolio defined and documented? Is the ISD image healthy? Is there a clear definition of organizational objectives and strategies? Has the strategic organizational plan

been reviewed? Have strategic applications been identified to improve strategic advantage? Are IT policies, objectives, and strategies defined? Is the ISD structure appropriate for overall organization? Is the IS technology focus appropriate to the technology focus of the organization? Are the objectives for allocating IT resources appropriate? Are the IS management process appropriate? Are the functional capability objectives appropriate?

Requirement Analysis: To conduct an assessment of the requirement analysis stage, an organization should answer the following questions. Is there an adequate assessment of the organizational information requirements? Is the overall information architecture identified? Is there a good understanding of current information needs of the organization? Is there a good understanding of projected information needs of the organization? Are the major databases and their relationships defined? Is there a master IT development plan? Are IT projects well defined? Are projects ranked by priority? Is there a multi year development schedule? Resource Allocation: To assess the resource allocation stage, an organization should answer the following questions: Does the organization have resource requirement plan? Are trends identified? Is there a hardware and software plan? Is there a data management plan? Is there a data communication plan? Is there a personnel plan? Is there a facilities plan? Is there a financial plan? Does the organization have an adequate procedure for resource allocation? Project Planning: To have a complete review of IT planning processes, an organization should answer the following questions in regard to project planning: Is there a procedure for evaluating projects in terms of difficulty or risk? Are projects tasks usually identified adequately? Are project cost estimates generally accurate? Are project time estimates generally accurate? Are checkpoints defined to monitor progress of projects? Are projects generally completed on schedule? If an organization does not get satisfactory answers to the project planning questions, it should review the project planning techniques.

Problems with IT Planning: IT planning can be an expensive and time consuming process. A study of five large scale planning projects found that these projects involved 10 or more employees, on half-time and full-time basis, for periods lasting from 10 weeks to a year. The estimated costs of the projects ranged from $450,000 to $1.9 million. A survey of 80 firms with formal IT planning projects found that 53% were dissatisfied with their experiences. Managerial Issues: Importance: Getting IT ready for future that is, planning is one of the most challenging and difficult tasks facing all the management, including the IS management. Each of the four steps of IT strategic planning process setting the mission, assessing the environment, including the organizational goals and objectives, and finally setting the IS objectives strategies and policies presents its own unique problems. Yet, without planning, or with poor planning, the organization may be doomed. Organising for Planning: Many issues like what should be the role of the ISD? How should it be organized? Staffed? Funded? How should human resource issues, such as training, benefits, and career path for IS personnel be handled? What about the environment? The competition? The economy? Government regulations? Emerging technologies? What is the strategic direction of the host organization? What are its key objectives? Finally with these strategies and objectives and the larger environment, what strategies and objectives should IS pursue? Fitting the IT Architecture: Management of an organization may become concerned that their IT architecture is not suited to the needs of the organization. In such a case there has likely been a failure on the part of the IT technicians

to determine properly the requirements of the organization. Perhaps there has also been a failure on the part of the management to understand the type and manner of IT architecture that they have allowed to develop or that they need. IT Architecture Planning: IT specialists versed in the technology of IT must meet with business users and jointly determine the present and future needs for IT architecture. Plans should be written and published as part of the organizational strategies. Plan should also deal with training, career implications, and other secondary infrastructure issues. IT Policy: IT architecture should be based on corporate guidelines or principles laid out in policies. These policies should include the roles and responsibilities of IT professionals and users, security issues, cost benefit analysis for evaluating IT, and IT architectural goals. Policies should be communicated to all personnel who are managing or directly affected by IT. Ethical & Legal Issues: Conducting interviews for finding managers needs and requirements must be done with full cooperation. Measures must be taken to protect privacy. IT Strategy: In planning IT, it is necessary to examine three basic strategies:

o Be

a Leader in technology: The advantages of being a leader are the ability to attract customers, to provide unique services and products and to be a cost leader. However there are high development costs of new technologies and high probability of failures. o Be a Follower: This is a risky strategy of being left behind. However, you do not risk failures, and you implement new technologies at a fraction of the cost. o Be an Experimenter: This way you minimize your research and development investment and the cost of failure. Yet, if new technologies prove to be successful you can move fairly fast for full implementation.

Unit 13: Information System Development: Developing IS Solutions: Developing successful information systems solutions to business problems is a major challenge for business managers and professionals today. Most computer based information systems are conceived, designed, and implemented using some form of systematic development process. Using the systems approach to develop information system solutions can be viewed as a multi step process called the information systems development cycle, also known as the system development life cycle (SDLC). What goes on in each stage of this process, which includes the steps of

Project Initiation System Analysis & Feasibility Study L ogical Analysis & Design Accusation or Development Implementation Operation Post Audit Maintenance Go Back to the Previous Stage or Stop

Project Initiation: Somebody needs to start the project. Usually it is a manager outside the IS organization who has a problem or sees an opportunity related to the area where he are she works. A formal planning process also may identify new systems that can help the organization meet its objectives. Sometimes the IS group initiates the projects that will improve its own operations or deal with common problems among the user areas.

System Analysis : Once the project is initiated, the system analysis phase begins. System analysis refers to the investigation of existing situation. Some of the major activities include isolating the symptoms of the problem and determining its cause. Other activities are the identification of business process and their interrelations and the flow of information related to these process. System analysis aims at providing a through understanding of the existing organization, its operation, and the situation relevant to the system. o System Analysis: System analysis refers to the investigation of the existing situation. It is a process that may take weeks, or months involving many activities. It aims at providing a thorough understanding of existing organisations and its operations. o System Analysis Activities Isolating the symptoms of the problem Determining the cause Identification of business process and their interrelations. Flow of Information related to these processes o System Analysis deals with People Procedures involved The existing information system technology The environment surrounding the problem o System Analysis Methods Observation Review of Documents Interviews Performance Measurements Feasibility Studies: To determine the probability of success of a proposed solution. May be conducted several times throughout SDLC. To test whether the solution is achievable with given organisational resources and constraints. o Technological Feasibility: Are the performance requirements achievable utilizing current information technology? If not, are they attainable through capabilities that will be available by the time the project finishes? Will newer technologies supersede in the proposed project before the organisation recovers its investment? o Economical Feasibility Are the expected benefits greater than the costs? Can the organisation afford the costs in terms of spending and personal requirements? Are the risks including the possibility of cost and schedule overruns, acceptable for an investment of this size. o Organisational Factors Is the proposed system reasonably compactable with organisational culture, internal political considerations, and work rules. Are the skill levels to use the new system consistent with employees who will operate it. o Legal Ethical & Other Constraints Is the new or automated process ethical to employees and customers? Does it meets all regulatory requirements? Are any of the constraints in danger of being violated? Logical Analysis & Design: The emphasis is on o Identification of information requirements o Specification of generic IS functions, such as input, output and storage. o Not on program writing or identifying hardware. Logical Designing Tools o Data Flow Diagram o Entity Relationship Diagram o Flow Charts o Hierarchy Inputs Process Outputs Charts o Organisational Charts Physical Design Translation of abstract logical model into the specific technical design for the new systems. Emphasis is on o User requirements of the system o Computing requirements to features of available software o Less time on designing systems. o Configuration requirements for commercial packages Acquisition or Development

o Using the specifications proposed in Logical Design hardware and software are purchased. o Configuration of the same as per the system requirements. o Programmers write code for parts of the system where commercial sources are not appropriate. o Technical writers develop documentation and training materials. o Testing is done by IS personnel and some users for bugging and comparing system performance. Implementation: Implementing a new system requires conversion from a previous system Approaches: o Parallel Conversion: o Old and New system operate concurrently o Safest approach o The most expensive o Direct Cutover: o The Old system is turned off, and new system is turned on o Fastest and least expensive o Risk factor is the maximum o Pilot Conversion: o The new system is implemented in a subset of locations. o Is like a direct cutover for pilot locations o But for the whole organisation, it is like parallel conversion o Both risks and costs are relatively low. o Phased Conversion: o Large systems often are built from distinct modules. If the modules were originally designed to be relatively independent, it may possible to replace the modules one at a time. o Relatively safer o Takes longer & requires more testing Operation: After successful conversion, the system will operate for an indefinite period of time, until o The system is no longer adequate o Necessary o Cost effective

Post Audit Evaluation Maintenance: Unit 14: Security & Ethical Issues: Information systems are made up of many components that may be in several locations. Thus, each information system is vulnerable to many potential hazards. The vulnerability of information system is increasing as we move to a world of networked computing. Theoretically, there are hundreds of points in a corporate information system that can be subject some threat. These threats can be classified as unintentional or intentional. Unintentional Threats: These are divided into three major categories human errors, environmental hazards and computer system failures Human Error: Errors can occur in the design of the hardware and/or information systems. They can also occur in the programming, testing, data collection, data entry, authorization, and instructions. Human errors contribute to the vast majority control and security related problems in many organizations. Environmental Hazards: This includes earthquakes, hurricanes, severe snow, sand storms, floods, tornadoes, power failures or strong fluctuations, fires, defective air conditioning, explosives, radio active fallout and water cooling system failures. Computer System Failures: This can be result of poor manufacturing of defective materials. Unintentional malfunction can happen for other reasons ranging from lack of experience to incompatibility of software. Intentional Threats: Computer system may be damaged as a result of intentional actions. Here are some examples. Theft of Data Inappropriate use of data Theft of mainframe computer crime Theft of equipment and/or programs Deliberate manipulation in handling, entering, processing, transferring or programming data. Labor strikes, riots or sabotage. Malicious damage to computer resources Destruction from viruses and similar attacks. Miscellaneous computer abuses and crimes. Computer Crimes:

According to CSI 64% of all corporations experienced computer crimes in 1997. The number, magnitude and diversity of computer crimes and abuse are increasing rapidly. Lately increased fraud related to the Internet and electronic commerce is in evidence. Types of Computer Crimes In many ways, computer crimes resemble conventional crimes. They can occur in four ways. First, the computer can be target of the crime. For e.g. a computer may be stolen or destroyed or virus may destroy data. Second, the computer can be the medium of the attack by creating an environment in which a crime or fraud can occur. For e.g. false data are entered into computer system to mislead individuals. Third, the computer can be the tool by which a crime is perpetrated. Forth, the computer can be used to intimidate or deceive. For instance, a stock broker stole $50 million by convincing his clients that he had a computer program with which he could increase their return on investment by 60% per month. Security Challenges: Knowing about major potential threats to information systems is important, but understanding ways to defend against these threats is equally critical. Defending information systems is not a simple or inexpensive task for the following reasons. Hundreds of potential threats exist Computing resources may be situated in many locations. Many individuals control information assets. Computer networks can be outside the organization and difficult to protect Rapid technological changes make some controls obsolete as soon as they are installed. Many computer crimes are undetected for a long period of time so it is difficult to learn from experiences. People tend to violate security procedures because the procedures are inconvenient. Many computer criminals that are caught go unpunished, so there is no deterrent effect. The amount of computer knowledge necessary to commit computer crime is minimal and one can learn hacking for free in the internet. The cost of preventing hazards can be very high. Therefore most organizations simply cannot afford to protect against most possible hazards. It is difficult to conduct a cost benefit justification for controls since it is difficult to assess the value of hypothetical attacks. Protecting Information Systems: Protection of IT is accomplished by inserting controls defense mechanisms intended to prevent accidental hazards, deter intentional acts, detect problems as early as possible, and enhance damage recovery and correct problems. Controls can be integrated into hardware and software during the software development phase. They can also be implemented once the system is in operation or during its maintenance. The important point is that defense should stress prevention; it does no good after the crime. Since there are many threats, there are many defense mechanisms. Defense Strategies: The selection of a specific strategy depends on the objectives of the defense and on the perceived cost benefit. Controls for Prevention: Properly designed controls may prevent errors from occurring, deter criminals from attacking the system, and better yet, deny access to understand people. Detection: It may not be economically feasible to prevent all hazards and deterring measures may not work. Therefore, unprotected systems are vulnerable to attacks. Like a fire the earlier it is detected the better it is to combat. Limitation: This means to minimize losses once a malfunction has occurred. This can be accomplished by including a fault tolerant system that permits operations in a degraded mode until full recovery is made. Recovery: A recovery plan explains how to fix damaged information systems as quickly as possible. Replacing rather than repairing components is one route to fast recovery. Correction: Correcting damaged systems can prevent the problem from occurring again. Information System Controls: They can be divided into two major categories general system controls and application controls. General Controls: These are used to protect the systems regardless of specific applications. The major categories of general controls are physical controls, access controls, data security controls, communication controls and administrative controls. Physical Controls: Appropriate physical security may include several controls such as the following: Appropriate design of data center. Shielding against electromagnetic fields. Good fire prevention, detection and extinguishing system, including sprinkler system, water pumps, and adequate drainage facilities. A better solution is fire-enveloping system. Emergency power shutoff and backup batteries, which must be maintained in operational condition. Properly designed, maintained and operated air conditioning system.

 Motion detector alarms to detect physical intrusion. Access control Access control is the restriction of unauthorized user access to a portion of a computer system or to the entire system. To gain access, a user must be authorized. Then when the user attempts to gain access he or she must be authenticated. Access procedures match every valid user with a unique user identifier. They also provide an authentication method to verify that users requesting access to the computer system really who they claim to be. User identification can be accomplished when the following identifies each user. Something only the user knows such as a password Something only the user has such as a smartcard Something only the user is such as signature, voice, fingerprint, or retinal scan, iris scan, DNA code implemented via biometric control Data Security Controls: Data security is concerned with protecting data from the accidental disclosure to unauthorized persons or from unauthorized modification or destruction. Data security functions are implemented through operating systems, security access control programs, database or data communication products recommended backup/recovery procedures, application programs and external control procedures. Data security must address the issues like confidentiality of data, access control, and critical nature of data and integrity of data. Communication/Network Controls: Network is becoming extremely important as the use of internet/intranet and ecommerce increases. Encryption: Encryption encodes regular digitized text into unreadable scrambled text or numbers to be decoded upon receipt. Encryption accomplishes three purposes. 1. Identification: (helps identify legitimate senders and receivers) 2. Control: (prevents changing a transaction or message) and 3. Privacy (impedes eavesdropping). A widely accepted encryption algorithm is Data Encryption Standard (DES), produced by the US National Bureau of Standards. Many software products are available for encryption. Traffic padding can further enhance encryption. Here a computer generates random data that are intermingled with real data making it virtually impossible for an intruder to identify true data. To ensure secure transactions of the internet, Revising and VISA developed encrypted digital certification systems for credit cards that allows customers to make purchases on the internet. Credit card holders create a digital version of their credit card, Revising confirms validity of the buyers credit card, and then it issues a certificate to that effect even the merchants do not see the credit card number. Firewalls: A firewall is a system or a group of systems that enforces an access control policy between two networks. It is commonly used as a barrier between the secure corporate intranet or other internal networks and the internet which is assumed to be unsecured. Firewalls are used to implement control access policies. The firewalls follows strict guidelines that either permits or blocks traffic, therefore, a successful firewall is designed with clear and specific rules about what can pass through. Several firewalls may exist in one information system. Administrative Controls: Administrative controls deal with issuing guidelines and monitoring compliance with the guidelines. Representative examples of such controls include the following: Appropriately selecting, training and supervising people Fostering company loyalty Immediately revoking access privileges of dismissed, resigned or transferred employees. Requiring periodic modification of access controls Developing programming and documentation standards Instituting separation of duties Holding periodic & random audits of the system.