Info 3 Revision Guide

1 Information

“Data that has been processed to produce something meaningful.”

Different information needs within an organisation

Organisations need information concerning hours worked and hourly pay rate for individuals
in order to correctly work out pay for people. Retail organisations use “just-in-time” policy
as storing and holding stock is expensive. Getting rid of goods as soon as they become
available is more profitable and relies heavily on ICT systems.

Ordering stuff in a school CS

Teacher sends order form to supplier using Electronic Data Interchange, which is authorised
by bursar. When approved, supplier sends invoice back using EDI again, with payment for
the goods being made using BACS (Bankers Automated Clearing Service – method of
processing financial transactions electronically.)

Different levels of task have different information needs

Strategic – Highest level of authority – Long term decisions made – senior managers at head
office
Tactical – Mid level of authority –Mid-term decisions – Store managers and senior
administrators
Operational – Lowest level of authority – Shortest term decisions – sales assistants on shop
floor

Different personnel have different information needs

Suppliers – Will need information on the materials an organisation needs to order and
method of payment.
- Suppliers will use things like e-mail and telephone for communication purposes
- Use of an extranet which enables suppliers to log in to the organisation’s network, only
accessing relevant parts

Customers – Website FAQs - can quickly deal with popular queries and questions often
asked by customers. Limited to those that have an Internet connection, and is also quite
impersonal. Quick and easy to set up and after use.

- E-mail - Avoids customer waiting in a phone queue, is personalised but not completely
impersonal, and does not have to be answered instantaneously like telephone.

- Internet chat – one-on-one instant messaging and contact with customer, cheap and easy
to set up in today’s current technology climate.
Official and legal bodies
Companies will need to exchange information with government agencies like HM Revenue
and Customs, Inland Revenue for tax and company registration purposes. Directgov website
is a portal that links all the government agencies together.

Exchange of information with external bodies

When communicating with any external body, the company/organisation must adhere to a
set of privacy, security and legal requirements. The DPA ensures personal data cannot be
passed on to foreign companies, not affiliated with the Information Commission, and that it
is kept secure, possibly through the use of encryption.

Companies that operate in an e-commerce environment must ensure that the processing of
financial details is done in a form that would not make them accessible by scammers and
frauds. PayPal is an excellent service that allows security and processing of financial details
to be done separately, and with a peace of mind for the customer’s sake.
2 Systems

The role of ICT in organisations

Organisation is defined by as a set of people with a common purpose. The purpose of an

organisation is to achieve its aims. The role, therefore of ICT, is to help organisation’s
achieve these aims efficiently and effectively. ICT may be used to design and make things,
whilst other systems will help with the selling.

A cost benefit analysis must be used when buying ICT equipment for ICT systems. The cost is
justified when:

 The time saved completing a certain task is often shortened when ICT is used EPOS
systems in shops
 A better overall product may be produced if ICT systems are used to produce it-CAD
design systems
 ICT systems can hip with the estimation of materials needed in a project, or time
forecasted for a certain task to be completed

Critical Success Factors must be met in an organisation for a projector goal to be achieved.

Common ICT systems used in organisations

Payroll – calculates wages and salaries for companies’ employees. Software is bought and
configured in order to make sure correct taxing of an individual is made and Inland Revenue
information is inputted correctly. Personalised wage slips are to be made and distributed
accordingly, plus a P60 form to sum up an employee’s record at the end of the fiscal year.

Human Resources – stores information about employee data contact details, promotions,
and disciplinary incidents. Software bundles sell human resource software in modules so
companies can opt for which is best for them.

The requirements of external agencies

Supply chain - Raw materials to products. The links between each stage. Must be run
smoothly in order for product to be made on time and without delay. As a result, customer
might cancel or order with rival company.

Legacy systems

When changing to a new ICT system, it may not replace the old one completely. Older
“legacy” systems may be used. Data portability must be maintained – transfer data between
different software packages or systems – so data can be interchanged with old legacy
systems and current systems. Data transferability must also be upheld – import data from
an old ICT system to a new one when the new one is being installed.
Types of ICT system and their uses

ICT systems can be split into operational, tactical and strategic levelled based systems. Data
processing systems allow those at operational level work in their environment efficiently.
Tactical level systems summarise data for middle managers in order to allow them to
properly manage the organisation from a medium term stance. Data here is further
summarised so that those at the tactical level can make long term, big decisions to future
the business.

“Back office systems” – The ICT systems that run the internal operations of an organisation
that are not seen or accessible to the public.

Transaction processing systems

Used at operational level of organisations – day-to-day business stuff. Carries out simple
tasks. Price of train ticket, paying a bill.

Workflow management systems

Software that helps organisations analyses and manages their business processes by using
computer models to represent the logic of the workflow.

Document management systems

Store paper based documents electronically. Scanned and stored, then put in library and
indexed. Easily retrievable. Metadata is added to documents to make them easier to find –
get the right one.

Management Information Systems

Takes data from internal and external sources, process it, and provides information that can
be used by managers at different levels to aid effective decision making.

Decision support systems

Computer –based system that analyses data to provide information to help managers make
decisions. Expert systems, based on AI techniques.

Enterprise systems

Serve the enterprise as a whole rather than any individual department. Brings together a
complete organisation which is often complex and very complicated.

Customer Relationship Management (CRM)

Store data about customers in order to improve the service that the customer receives and
increase the likelihood of repeat business. CRM software allows for indications to be made
for mortgages, pension and insurance business. Data warehouses used- storage facility for
large quantities of data-to store the large amounts of generated data in ECRM software.
E-Commerce

Allows customers to browse for goods and place order. Internet can be used to buy
downloaded items, or physical items which are shipped out. Amazon is purely online but
high street retailers use “bricks-and-mortar” technique to get even greater profits. Must be
secure. Https used with padlock. Intermediary banks like PayPal make online transactions
easier and even more secure as actual bank details are not exchanged with supplier and
customer. There are drawbacks, with phishing sites being set up to scam people. Cannot see
actual good “in the flesh” and delivery costs can be high.
3 Management and strategies

Large organisations need robust methods of communicating with everyone within a

business. The Chinese whispers effect takes hold, where through different levels of people,
information becomes distorted and inaccurate. Communicating in the current age comes in
the form of carbon-copying email attachments and messages or using an intranet where
everyone can see the document at the same time. Smaller organisations use word-of-mouth
and simply telling an individual about something, rather than having to send emails or set
up an intranet.

Informal communication in a business, both small and large, is done through the
“grapevine.” It is important that businesses set up appropriate and secure methods of
distributing documents, by making strict controls over access rights and building these
issues into operational and disciplinary procedures.

ICT strategies and policies

Strategic level management of any organisation uses a strategy – long term plan for
achieving a goal – in order to match the aims of the business.

e.g.) Clothes shop needs to expand its key demographic of customers

ICT strategy – set up e-commerce

ICT policy – a statement which defines the organisation’s position on a particular issue and
may determine decisions – employing a web designer to set up an internet site
- Pushing current customers to do the same
- Setting up of methods of online payments – using EDI for EFTPOS

Contribution of ICT management to business strategy

If ICT is to contribute effectively to the strategic aims of an organisation, it is vital that it is

represented appropriately at strategic management level. The CIO must have the proper
information in order to make informed and appropriate decisions on the organisational
strategies of the organisation. Suggesting where to ICT can help the organisation and
managing the unrealistic expectations of others.

Factors influencing ICT strategy

Goals – any ICT development should provide measurable benefits to its users, to the
organisation or its clients. A good development will produce benefits for all three. The
introduction of the new system is important. If it is seen to be advancing the business and
producing benefits. Its introduction would most likely be well received. It is worth spelling
out to all those individuals that the reason for making changes will bring about a large
amount of benefits, even if it brings about difficulties in the short term.

Available finance – Calculating the cost of the new system, using cost benefit techniques.
Would be complex at first but very beneficial to assess how financially viable the cost of
incorporating a new system is.
e.g.) a company combining a nationwide set of smaller system into one company-wide
database, accessible from any UK office.

Costs would include:

 The development of the database
 Software licenses
 Upgrading server hardware
 Upgrading to workstation hardware
 Upgrading to newer OS’s
 Upgrading of communication network to allow form seamless transfer of data
 Importing data from legacy systems
 Training of users

Benefits would include:

 Improvement in efficiency
 Reduction in time spent transferring data between systems
 Faster response to customer queries, which may lead to the redundancy of support staff
 Improvement in responsiveness may attract new clients, and retain current ones

Benefits may take time to materialise but will most likely be profitable in the long-term. A
financial model would be used to see if investment is worthwhile. Reduce in costs may come
from, for example, leasing hardware, however, aspects like these would be made at a
strategic level.

Legacy systems – Not feasible to replace legacy systems when introducing new ones. The
ICT strategy must consider how the old and new systems can work together. Data
transferability or data portability must be considered.

Geographical factors – ICT strategy can be affected by geog. factors. If in an office

environment, then a LAN would be sufficient, however, if there are lots of small hubs over a
county or area, then a WAN should be used. Wider client base would profit from more web-
based trading, but good customer support will need to be in place – other than by means of
direct contact. International organisations must consider laws in other countries.

Compliance with legislation – All data in the UK is bounded by the Data Protection Act. An
ICT strategy may be affected, if, for instance, customers’ data is to be processed in other
countries as part of offshoring – transfer of an organisational function to another country,
be it tele-sales or software production – arrangements. Health and Safety Act must be
adhered to, along with Display Screen Equipment Regulations and the Copyright, Designs
and Patents Act.

Management of information assets over time – ICT strategy must consider for how long
data should be stored before being purged. This will save memory. DPA states that data
should not be kept longer than necessary. Some data would need to be kept for people to
refer to quickly or for “just-in-case” purposes.
Corporate ICT strategies
Large organisations need ICT strategies that are generic to all departments within an
organisation, so everyone follows the same rules.

Keeping pace with developments – Technological developments need to be kept up with by

an organisation in order to future proof their current equipment. This may be in upgrading
current equipment, either by purchase or by leasing. The latter is more favoured as
upgrades continue over time, and is cheaper in the short term. Equipment depreciates over
time, so will be cheaper in future, which is why leasing is the better option some times.

Frequency of replacing equipment must be considered. Some features are often better in
newer software or hardware options.

Information Management – Setting up of access rights and permissions to levels of data, for
different levels of users. Issues of security and confidentiality need to be considered and laid
down repeatedly.

People – Managing of human resources within an organisation. Recruiting new employees,

ensuring they have the competencies for a job, qualifications and experience demanded of
them for a particular job. Making sure sensitive information stored on a network can be
accessed to those with permission, and distributed tasks amongst a large group of people.
Hierarchy of an organisation will also be affected. Responsibilities of individuals within a
department will affect corporate strategy.

Standards
When an ICT strategy is established, standards and protocols must be established. A
communications protocol is an agreed set of rules to ensure the proper transfer of data
between devices. E.g.s) of protocols:

 Open Systems Interconnection (OSI) – protocols that allow geographically distant

computers to be linked together using Open Systems Interconnection.
 TCP/IP – set of working internet practices that allow Internet users to communicate
no matter what the hardware of software being used
 HTTP (HyperText Transfer Protocol) – set of rules used on World Wide Web for
communicating between sites. An online company must use HTTPS.
 FTP (File Transfer Protocol) – standard used for transferring files over the Internet.
Companies that have updates for their software use FTPs to unleash information.
 IP Address – uniquely identifies a computer connected to a network.
 SMTP AND POP3 – both are email protocols
4 Policies and Legislation

Policies
After the establishment of an ICT strategy, an organisation must put in place policies to deal
with the practical implications of ensuring the strategy is implemented. Policies are used
within an organisation covering different aspects of the use of ICT, from security, training
and procurement. Policies then comes together to form part of an employee’s contract of
employment – the legal agreement between an employer and an employee. Breaches of
policies within an organisation are met with disciplinary procedures – laying down the
sanctions for breaking company policies.

Security Policy
How ICT is used to protect a company’s assets. A security policy should aim to ensure the
security – making sure that an organisation’s data is correct, confidential and safe and
privacy of data – not seen or accessed by anyone else unauthorised.

A security policy will lay down the rules of an organisation’s use of data and equipment –
hardware, software, data and storage media. Policy must:
 Identify threats and manage the risks of each
 Allocate responsibilities for data security – telling people how to best use equipment
 State resources needed to maintain data security

Data must be analysed to establish how valuable the data is to the organisation, and the
consequences of breaches to the organisation thereafter. These could be financial
consequences, legal consequences or even a loss of trust by clients.

Data should be classified as either, public – made available to everyone, internal use only –
can be used anywhere in the organisation, but not released outside, or confidential –
restricted to certain members of the organisation only.

Network security
In a security policy, network access rights would be assigned to
 user names,
 passwords,
 biometric identities and
 Any other methods of controlling access to the network.

The network OS can log workstation activity, having the ability to log off workstations that
have remained inactive after a certain time period, for example.

Data transfer
Who has access to the internet and email and whether workstations allow the use of
removable media like USB sticks. Encryption may be used to ensure the integrity of data,
and to protect against fraud. Firewalls should be put in place to block external access to the
network.
Change control and monitoring
Monitoring and logging one’s repeated attempts to access the network thus reducing the
risk of a penchaud accessing the network. Also, data that has been modified can be logged,
especially sensitive data, which can result on disciplinary procedures like sanctions and
smacked bottom.

Uses of laptop
When a laptop is taken out of an organisations direct physical location, the use of the laptop
by family members or friends must be stated in the policy. Data should be backed up, plus,
governing the sensitivity of the data, encrypted, so that pricks can’t seal information if
stolen. Not leaving the laptop on a train or some shit will also be written, plus virus checkers
being regularly up to date.

Backup and recovery policies

*SECTION 7* - Establish how data is to be backed up, and recovery of it in the event of
disaster.

Training policy
When a new brer enters the business, training of employees must occur at various stages in
their career. Should familiarise them with the fundamental procedures of the job.

Continued training will improve aspects of staff development, helping the employees do
their current job well and also perhaps prepare for promotion. Time off is dedicated to staff
training, which often mean external agencies coming in to play, or going out on a course in
the big wide world. *SECTION 8*

Procurement Policy
The setting and controlling of the purchase of ICT equipment. ICT department puts in orders,
or specific departments puts in orders. Bulk buying may mean having a central purchasing
system in place which brings down the price. Getting laptops has its risks too, but has the
benefits of portability.

Policy may also cover the disposal of old machines and obsolete equipment – WEEE

Consumable – toner – is expensive and the policy may pose restrictive measures on the use
of them.

Acceptable use policy

So the use of email and internet is covered mainly here. Email should only be used for work
purposes, so no spamming or defamatory emails. Email should be a “postcard” of
information, rather than a “sealed letter.”

The use of the internet should also be laid down in the policy, with the organisation’s stance
on what is not permitted. This may include:
 Viewing abusive content
 Restricting the downloading and streaming of large media – Live TV, detrimental impacts
on the performance of a network
 Downloading files and introducing viruses to the network as a result

Filter sites can be used to block inappropriate websites, backed up by disciplinary measures
for repeat offenders.

The impact of legislation on ICT policies

The affect that the organisation has by legislation put in place by the government. This will
include:
 Aware of the implications faced if legislation not followed
 Checking how well a company meets legislation criteria
 Identify the areas of non-compliance and correct them
 Update procedures
 Train staff about each of the Acts
 Build the procedures into induction training, contracts of employment and disciplinary
procedures.

Prosecution will result if criteria not met

Data Protection Act

 Appointing someone who is responsible for a company’s data
 Check there is affiliation with the Information Commissioner’s office and that the terms
meet with the actual use of the data
 Procedures put in place to identify what is done with data
 Handling of customer requests to view data - FoIA
 Security of data – setting up access rights
 Updating of data regularly – responsibility?
 NO CHIT-CHAT

Freedom of Information Act

Identify what information that a company can release, and what information has special
exemptions. A procedure will need to be set up on how to handle each request and what
cost there should be.

Computer Misuse Act

Staff must know the disciplinary procedures concerned with attempting to access forbidden
data. Not sharing passwords, writing down shit, not leaving workstation logged on.
Computers should have a built-in function which logs users off after a period of inactivity.

Copyright, Designs and Patents Act

Control of software licenses:
 Audit software scans for and finds illegal software
 Illegal software will need correct license
 Steps taken to ensure unauthorised software cannot be installed
 Staff notified of the importance of only using authorised software, which is licensed.
 The network audit should happen regularly
Wider implication of legislation, which included Intellectual Property and use of material
being copyright free and original.

Health and Safety at Work Act

The Display Screen Regulations are part of the H&S@WA that applies to computer users
who use computers for a long time.
Employers must:
 Carry out risk assessments on each workstations to ensure there are not any health
and safety issues
 Supply suitable adjustable furniture
 Hot-desking used then adjustable workstation components
 Training uses on a safe keying position to prevent RSI
 Provide sufficient desk space
 Consider tasks conducted and build in activities that reduce the time being prone in
one position
 Software with nice colour schemes, reducing key strokes though drop down buttons,
good menu designs and shortcuts
 A system where reports of H&S can be raised and dealt with
 Review workstations at regular intervals
5 Developing ICT solutions

People hope that ICT solutions created to solve their organisations’ problems are a success
and hope they do well to serve employees and the business. There are various factors which
contribute to the development of a successful ICT system, and there are reasons why some
ICT projects fail too. A feasibility study is usually conducted before a system is made to see
if it is 100% viable.

System development lifecycle

However big the system, an ICT project must be planned and adhered to in stages. These
can be illustrated in a Systems Development Lifecycle. “Cycle” is key as there is no end to
the development of an ICT system. In practice, each stage will finish and there will be a
chance to move onto the next part of the cycle. In real life, this is not the case with overlap
and feedback meaning designs being amended and needing for a re-structure. Unexpected
difficulties may arise as the project progresses, which may lead to a slightly different
viewpoint, called the waterfall model.

At the end of each stage, there will be agreed deliverables – documents or systems that
would need to be produced after each stage - which should be signed off by the client with
the approval to proceed – a document saying that the client is happy to move onto the
next stage of the process.

Stages of development
Analysis
Establishing the need and solving of the nature of a problem, before a solution can be
attempted. First step is analysing what is already currently happening as part of a system, be
it paper based or computer based, and deciding what needs to be established. Analysis
would include:
 Exactly what the existing system does
 Strengths and weaknesses
 Requirements of the new system
 Any potential constraints of the new system

Gathering information could be done through:

 Interviews
 Questionnaires
 Analysis of existing paper work
 Observing the normal working day

Analysis could then be fed into software in order to create:

 Data decomposition diagrams – represents the processes within a system
 Mapping processes to data flow diagrams – shows how data moves through a
system, where it comes from, processes it passes through and where it goes
 System flow charts – to define the flow of data through a system

Deliverables include:
 Clear and detailed user requirements specification
  A list of tasks and subtasks to be completed
 A Gantt chart
 An assessment of the users’ current ICT skill level
 Hardware and software requirements
 Performance indicators to measure success of the project
 An outline of the proposed method of solution

Design
Design stage will show how the system is to be produced:
 Data capture and validation methods
 Designs for the user interface
 Processing to be carried out
 Outputs to be produced
 How testing will happen

Deliverables:
 Data structures, processes
 Designs of outputs, on-screen, paper or by other methods
 A test strategy and plan, including test data for module/unit testing, integration
testing, systems testing, user testing and operational testing.
 A detailed time plan

Construction of the solution

Customising an already available solution – less risky to make and give to user than one built
from scratch, plus is cheaper and quicker to produce, plus forums and help staff can aid with
queries. However, will not be bespoke and unique to client, with little free hand of
producing something completely tailor-made.

Writing code – more flexible method of producing a solution. Can be modelled on user
requirements exactly. More chance of bugs, and errors.

Deliverables:
 system,
 documentation of the solution
 plus draft version of user guide

Testing
Testing must happen and occur thoroughly. A testing plan must be made which should tick
off all the relevant boxes.

Module/unit testing
Testing individuals sections of a system to make sure each bit works. White box testing –
checks the details of the programming code and algorithms – is used in module testing
where the programmer has access to internal data structures.

Integration testing
Modules are combined after module testing, and debugged.
Functional testing
Test the operation of the system and pick up errors that were not seen in module testing.
First indication that that the solution is most likely to meet user requirements and is written
from user’s perspective. Black box testing – checks that input gives given output, rather
than the details of the processing involved.

Systems testing
Tests the complete, integrated solution before user testing. Goes from beginning to end to
ensure all is in working order.

User testing
Actual users will be put through the paces of the system and offer comments on how to
improve. Final stage before operation of the system.

Operational testing
Conducted in the environment in which the solution will be working.

Deliverables of testing:
 test data and results
 modified user guide
 client approved to install

Installation and conversion

System put into working environment to be used by client and end users. Conversion of any
existing system, legacy systems, will also need to be done.

System documentation including user guide and other documents will be shown, that may
be needed for future maintenance.

Training of users will also need to take place, even if it happened previously before.

Deliverables:
 fully functioning solution
 Full documentation including user guide and tech. Documents

Review and maintenance

Monitoring of how system is coping is an ongoing process. As a result of the monitoring,
there are three types of maintenance:

 Corrective maintenance – involves correcting errors in the system that still remain,
even after testing
 Adaptive maintenance – making alteration to organisational protocols and new
security risk
 Perfective maintenance – improving software to enhance performance

Successful ICT Developments

Factors which aid a development’s success:

1. Managements and end user involvement – if staff at all levels of an organisation are
involved in stages of the process, the process is more likely to succeed. Different levels of
users have different levels of requirements, which should be accounted for when a
requirements list is drawn up. Testing of the system and initial training of the new system
should also be conducted to ensure work on the new system can be done in confidence

2. Realistic expectations – Not do the impossible. Clear specification ensures all parties
realise what the solution will be aiming to achieve. Time frame and budges needs to be
realistic.

3. Professional standards – no cutting corners, documented thoroughly, have the correct

attitude and skills to complete the jobby.

4. Good teamwork – must mould and successfully work together to ensure a successful
outcome

Failure in ICT developments

1. Inadequate analysis – not analysing the problem properly and missing out aspects of the
system that the client would need

2. Poor design – inappropriate interfaces and frustrating designs can make system slower
than is necessary, and can lead to buggy systems too.

3. Inappropriate testing – major errors will go undetected, which could lead to major
problems of the functioning of the system.

4. Poorly organised installation and changeover – if the transition is not smooth, then this
will affect attitude of end user. Poor training and introduction to the new system will lead to
a lack of client confidence.

5. Poor user support and maintenance – with no secondary support, to back-up queries and
problems which will inevitably befall the end user allegiance, and help on hand will lead to
people developing a poor attitude to the system, and affecting the chances of success.

6. Poor project management – being disorganised and not monitoring costs of tasks and
time scales, will lead to a late system, which overflows on budget allowance.

Formal project management

Breaking down of a larger task into smaller ones, allocating an appropriate amount of time
to complete each one. Progress needs strict monitoring so that the project does not fall
behind.

Projects need to have:

  A timescale
 An approved budget
 An agreed amount of labour and equipment

Project management is made up of:

 A set of specialist skills, knowledge and experience to reduce risk of failure
 A suite of tools such as document templates and registers
 Techniques and processes to monitor and control time, quality, risk and issue
management.

Development methodologies
Can be in two categories – linear methodologies, such as the waterfall method and iterative
methodologies such as Rapid Application Development.

Linear
Each stage of a process is completed before the next can begin. “splash-back” when you
have to revisit a previous stage, but would normally be straightforward otherwise. Easier to
manage than iterative methods, with closer control on time schedules and budgets. Less
able to respond creatively to problems with this methods.

Iterative
Repeating steps till you get the good shit at the end. Only when developers and clients are
happy with a particular stage, then it is all good.

Prototyping
Process of continuous refinement based on experiences. Prototyping gradually evolves to
meet the users’ requirements, who are far more heavily involved, meaning that they will be
happy with final product.

Agile methods
More adaptable than traditional methodologies. Agile methodologies involve producing a
brief, high level plans and then adapting those pans based on the results of what actually
happens. Breaking down development into small pieces, fitting them together at an
appropriate time.

Extreme Programming (XP)

Stories are made by client on what the system needs to do for them. A release planning
meeting is held for clients, developers and managers to create a schedule that everyone
agrees on.

Scrum
People fulfilling separate tasks come together to form a whole. Scrum divides problem into
discrete tasks assigned to groups. Short meetings and discussions ensure project is running
all fine and dandy.

Crystal
Simplest and most compact team structure is processed for an organisation, thus making
the development process faster and more efficient, by reducing paperwork, and improving
communication.

Rapid Application Development (RAD)

RAD uses computer tools to improve development times and quality at low financial costs.
Tools include:
 GUI builders
 Computer Aided Software Engineering (CASE) tools
 4th generation programming languages
 Code generators
 Object-orientated techniques

Meeting business need quickly, and at an acceptable cost.

RAD says that products could be developed faster and of higher quality by:
 Using workshops or focus groups to gather requirements
 Prototyping and user testing of designs
 Re-using software components
 Following a schedule
 Keeping review meetings

Dynamic Systems Development (DSDM)

An extension of RAD with the following principles:
 User involvements produces accurate decisions
 Focus on frequent delivery of products for testing and review
 Delivering a system that meets current critical business needs, rather than a perfect
system
 Development is iterative and users’ feedback taken into consideration
 Testing is continuous
 Communication and cooperation must be efficient and effective.
6 Systems development tools and techniques

Investigating and recording techniques

Interviews – most usual method of gathering client requirements, and most productive,
with the largest degree of knowledge of what the client wants being able to achieve from
the system, being known through this method. Group interviews work well with several
members whose job titles are relevant to the ideas being discussed in the interview. Need to
be prepared in advance, run smoothly, avoid going off on tangents and reported and
documented well after.

Joint Application Development (JAD) – group of people get together and stay in session
until a complete set of requirements is documented and agreed to. With heavy involvement
by client and users, JAD sessions often bring about faster development times and greater
client satisfaction.

Questionnaires – useful for users in remote locations, or who have a lesser role when the
development process of a system is considered. Good for large numbers of people involved
and also good to see how weighted an opinion is, due to the quantifiable nature of
questionnaires.

Observation – visiting the company will make clearer how an organisation operates and give
a better understanding of what goes on

Thought showers – open session where everyone submits their thoughts, share ideas and
will collectively produce something innovative.

Record searching/document analysis – study of material written down by the organisation.

Analysis often results in identifying data that needs to be stored, information that needs to
be produced and the format of the information.

Fact recording – recording what you found out in your techniques and writing them down.
 Permanent record
 If Multiple people are involved, then they can look at notes gathered from fact
recording and go from there
 Helps in analysis
Business process modelling tools
It is essential to understand the processes going on within a business, so it is easy to
document and allow everyone to understand. Use of diagrams makes processes clear,
without the need for waffly descriptions.

SSADM (Structured Analysis and Design Methodology)

A standard method for analysis and design of large scale ICT projects, using a combination of
text and diagrams throughout the whole life cycle of a system design. Precise methodology
that divides development into many small stages, with a rigid structure that makes SSADM
have much control over developing higher quality systems.

Information flow Diagrams

Rectangles are internal processes

and rhombi are external.

So the process will be: Teacher

FOCONFIRM WITH TEACHER

FOSUPPLIERGOODS TO
TEACHER

FOTEACHER CONFIRMFO TELLS

BANK TO SHIFT MONEY

Systems Flow Chart

 System flow charts show the logic of

the processes involved in a system or
program.

 They show inputs, outputs, processes

and decisions.

Decision Tables

The logic of decisions made within the

system. Ordering stock that is needed and
not needed.
Data Flow Diagrams
Illustrate how data is processed and stored within a system

Types of DFDs
Context diagram – provide the least amount of details about the working of the system –
area in which the project is working
 Single process
 Interaction with external entities
 Defines the scope of the system

Level 0 diagram – working of the whole system

 All of the processes occurring
 Explode a single process
into its components
involved
 No more than 7 (+-2) in a
level 0 FD
 Can get very complicated
 In the example:
userdata store
#1allocated job
numberhuman is
attempted to be found to resolvecompleted job
Level 1 or detailed diagrams (too complicated for exam IMO)
 Show only part of a process
 Can be numbered 1.1,1.2,1.3
 no external agents are shown on a Level 1 or lower diagrams, as the entire system is
not being represented
Entity Relationship Diagrams

Entity attribute diagrams

Entity
Entities are data items in the systems which
have data stored about them. Kids in a school.

Attributes describe the entity, giving particular

information about each one. Surname, of a
kid in a school.

Attribute

Entity Relationship diagrams

Entity relationship diagrams show the relationship between entities and form the basis of
relational database design
Techniques for testing
Techniques used for thorough testing include:

 Test harnesses – allows tests to be automated, allowing units of programming codes to

be analysed, monitoring the outputs and processes going on. Economical in terms of
time and money.
 Volume testing – shows how well the system will cope under the stresses of high data
volumes. A good system will be able to cope with large amount, without losing efficiency
and speed.
 Scalability - make sure the system will function correctly and give acceptable
performance levels when the system is “scaled up” to full requirements in future.
 Prototyping – considered a useful technique for gathering feedback from clients about
user interface, and improving it following their comments. Limited version of solution
made, shown to clients, leaving them in control of filling in blanks according to their
specification.
 Multi-platform – running tests on a multitude of different computers to assess if the
system works in different environments, and on different platforms – a combination of
hardware and software, in particular operating systems software that allows
applications software to run.

Use of simulated environments

It is difficult to test system in lots of different computer environments so using simulated
environment to mimic what the use of the system would be like is more economically viable
and less time consuming.
7 Introducing large scale systems

Introducing large scale systems to an organisation brings in extra complications and

difficulties, which are not as defined or apparent in smaller systems. Questions posed:
 How can the reliability of large ICT systems be ensured by testing?
 How can successful installation be carries out?
 What strategies are there for back-up and restoration?

Scale
Can be used in not just one organisation but, multiple smaller ones. An NHS system used in
both trusts and hospitals around the country, and also GP surgeries.

Reliability and testing

Systems must operate reliably. Defects will be looked for and found through:
 Functional defects – a system does not produce what it is expected to do
 Performance defects – does the job but at a very low speed
 Usability defects – if users find interface inefficient or difficult to use
 Security defects – accidental damage to a system without warning or inadequate
protection of most valuable files

Different types of testing:

 Requirements-based testing – user requirements sets benchmark and provides basis
for testing the software
 Program testing – going through code in system and assessing where errors may lay
using test cases – a set of test data and its expected outcomes.
 System testing – makes sure system works according to the specification, and is done
by following the test plan to test individual system functions.
 Regression testing – re-running tests again on modified and changed code, to see if it
made a difference
 Change control – makes sure changes happen in a controlled and coordinated way,
properly documented.
 Alpha testing – carried out by software house while software being developed
 Beta testing – software being tested by select group of real users who will use it
under normal operating conditions.

Large organisations tend to use networks to share resources, like software, so testing the
new system in that environment is also essential.
Installation
Methods of introduction:
 Direct changeover
 Phased changeover
 Pilot running
 Parallel running

Direct changeover – old system stops and new one starts.

Pros – quickest, less risk of staff being confused between old and new
Cons – difficult to train staff with immediate introduction, nothing to fall back on if failure,
small window of transfer for developers to move data from legacy system

Pilot running – new system introduced in one place of an organisation, small sector, and one
office
Pros – easier to control, easy to monitor and evaluate, easy to train staff, lesser risk
Cons - very slow to roll out a pilot, may not show problems that exist in full-scale system

Phased changeover – new system is brought in stages to replace parts of the old system,
until the old one is completely “phased out.”
Pros – structured method allowing evaluation of each stage, less risk than direct, staff can
be trained on each phase.
Cons – slower than direct, complete system evaluation cannot be done until at the very end,
could cause complications

Parallel – old system and new system running alongside each other
Pros – easily comparable, old system can be used to fall-back on, staff can be trained
gradually
Cons – very expensive, may cause confusion

Do Pg 77 – 79

Back-up and Recovery

Data stored in new system must be safe, secure and available to use. Most useful way of
approaching decisions about back-up and recovery is to have a disaster recovery strategy –
plans to avoid data loss and reinstate a working system within an acceptable period of
time.

Risks to data in system

 Inappropriate usage of devices – introduction of viruses
 Network data breaches
 Laptop theft
 Lack of education

Risk analysis carried out to see how valuable information is to organisation, and the speed
with which they need to be recovered.
Mission critical data, like databases of customer records or populations of people, are most
valuable. Each type of data is then set an RTO – Recovery Time Objective – length of time it
will take for a system to be fully operational after crisis. Data recovery point – last point at
which data is backed up – will also need to be set.

For large scale disasters, accommodation may be required:

 Existing accommodation – if system is only destroyed, then people can stay in one
place
 Alternative accommodation – having somewhere else to go
 Reciprocal site – asking friends to lend us a hand and let us borrow their site
 Standby site – “cold” standby site – a site with a duplicate system but is not
necessarily tested or up-to-date – “hot” standby site – duplicate system, live data,
same time processing – failover system – used to provide continuous service for
mission critical systems such as e-commerce.

HOW VALUABLE IS DATA TO AN ORGANISATION, AND HOW MUCH IS IT WILLING TO

SPEND!!!

Back-up operations
 Failover systems – hot and cold sites
 Replicate systems
 Regular snapshots
 Periodic back-up to discs
 Tape backup
 Archiving

Procedures for recovery

 Identifying facilities available to an organisation in the event of a crisis – hot/cold
site, reciprocal agreement with firm/contract with specialist data recovery firm
 Describing process for recovery from various types of failures
 Training of people who will do recovery
 Planning the availability of software and hardware.
 UPS
 Projected time of recovery
 Testing the reinstating of a recovery file to a system

Steps to recovery
1. Estimate situation – extent of problem, cause, approximate amount, file types,
importance of data
2. Evaluate available resources – human and hardware, making sure the required expertise
is available and functioning hard disk space
3. Set up – good hard disks are installed with good power supply and cabling
4. Recovery run – install recovery file
5. Evaluate the results – undertake a manual review of the recovered files
6. Clean up – get rid of corrupted files

Types of maintenance on LSS

Corrective maintenance – correct any errors identified during the installation process
Adaptive maintenance – keep to changes in environment. Hardware changes, new OS’s,
security threats or legislation. Competition from other businesses.
Perfective maintenance – enhancements to the system to increase performance and
enhance user interface. Improvements in software to stop it falling behind.

Systems are easier to maintain if they are:

 Structured well with standard methods
 Use of modern software
 Use of automated tools like CASE tools
 Good data administration
 Experienced maintenance engineers
8 Training and supporting users

It is necessary to train and support users to give them the knowledge and skills they need to
do their job effectively.

Internal and external users

Most training will be for internal users of a system, but there may be the option of offering
training to those outside of an organisation. Customers to use online systems

Types of training
Induction training – training carried out when a new employee joins the organisation.
Familiarisation with ICT policies and procedures

Task-based training – training the user on actual tasks they will be facing in future – how to
fill out entry form or EPOS checkout

Skills-based training – transferable skills that can be used in a variety of ways – if someone
is trained in using spreadsheets, and then they can use those skills for a variety of tasks.

Training users
Must be justification in financial terms. Business will have to see training users as an
investment which will increase productivity and boost profits.

Methods of training
Personal training – user is trained by another person from inside or outside of an
organisation.

Courses-External course away from organisation – individuals going to a place outside of the
business and meeting with fellows of the same job and having training conducted by
professional. Travel and refreshment cost, nice being away from normal operations and
home. Not entirely relevant to an organisation but its good as users can network and a
process called “cascading” can develop.

External trainer giving course from within an organisation – trainer comes in to train large
volume of users at once. Avoids the extra expense of travel and costs for individuals
themselves. Company will pay trainer travel and expenses costs, plus a daily rate for his/her
services. Course will be tailor made to requirements of business. Cheaper than sending all
people to an external; course. Good team building exercise. On the other hand, a lot of
people off duty, this may affect business operations.

Internal trainer – ICT literate employee or member of ICT department who gives training.
Cost is much less but the person giving training is again “off-duty.” May be less forma when
person is giving training to their friends.

One-to-one – Friendly and reassuring way of training someone, if nervous. Interactive, users
can ask questions; have personal responses to their questions, slightly less formal but still
professional. Can be expensive
Other methods

Online tutorials – step-by-step online pages can mimic and simulate the operation of the
software. Interactive, users can work at own pace, replay tutorials for better understanding,
cost-effective as they can be used many times. Impersonal and user cannot ask questions.

Training manuals – usually paper-based and provided by the same people that made the
software. Easy for user to find the bit they find hard, always there for reference, less
expensive than training courses.

Computer based training (CBT) – simulated version of the software that the user can follow,
and learn from. Built-in tests that the user can test themselves on. CBT is cheaper than
courses and can be repeated,

Factors to consider when choosing training:

 How many users need training?
 Is expertise available on site?
 Suitable facilities?
 External courses available?
 How often will staff be trained?
 Can existing staff be used to train others?
 Are good quality use manuals or CBT available?
 Users’ skill level
 Users’ preferences

Supporting users
Software help files – will have search facilities which the user can access and use. Natural
language interface – users type in questions as if it were real terms “am I good at ICT?”
Context-sensitive help – gives users help on the bit they are stuck on can also be used.

User guides and manuals – technical documentation provides all the information needed to
install, maintain and run software. Third party manuals – provided by publishers other than
the software house – can also be sued and support range of level of user.

On site technician/help desk – larger organisations have their own help desk or technician to
resolve queries.

Existing user base – users who already know how to use software and stuff can be used.
Forums and that.

External assistance
External helpdesk
Helpdesk provided by the software manufacturer, or a company with whom a support
contract has been negotiated. Contact made via phone, Can be expensive. Outsourced
telephone jobs in India.
Email and chat support
Cheap way of offering support. Done over the Internet.

Remote support
Log into an organisation’s network and investigate problems and carry out solutions
remotely.

Call-out support
Engineer comes and visits you

Factors that affect choice of call-out method

 Enough work to support idea of getting support staff?
 How complex is the setup to be supported?
 How much support is provided free?
 How much will a support contract cost?
 What will it include?
 How quickly will support be delivered?
 Are there security issues with using external contractors?

Interfaces for customers

Businesses need to look after customers. One way of doing this is by giving them interfaces
that are easy-to-use and effective so that customers do not need to be trained to use them.
Should be clear, easy and with plain instruction.

Bank customers – ATMs are used to do all the things people need to do with their money.
Key-pad buttons and menus are used to allow people to take out money, put money in, top
up phone, and see balance.

Patients in a surgery – touch screen registering system which people use to tell doctor they
are here important that screen is intuitive and no training required. Menu driven with few
options to select.

Online shopping – should be easy for customers to get the shit they want.