This note is only for reference purpose.

CBS will not be liable for

any mistake.
MANAGEMENT INFORMATION SYSTEM
Chapter 1
Information Systems in Global Business Today

Introduction
Computers and Information technology (IT) are changing every aspect of
our lives from entertainment to shopping, from the work we do and where
we do it, to how we communicate with friends and relatives. Many
companies are remodeling their businesses and information systems with
the Internet in mind. IT is dramatically changing the business landscape
and significantly affecting strategic options and creating opportunities and
issues that managers need to address in many aspects of their business.
Some of the key impacts of technology and the implications for
management are:
 Business Strategy - collapsing time and distance, enabling electronic


commerce
 Organization Culture - encouraging the free flow of information
 Organization Structures - making networking and virtual
corporations a reality
 Management Processes - providing support for complex decision


making processes
 The workplace - allowing work from home and on the move 

The Role of Information Systems in Today’s Business

Information systems are essential for conducting day-to-day business as
well as achieving strategic business objectives. Some firms, such as
Amazon and ETrade, would be nonexistent without information systems.
It is difficult to imagine some service industries, such as finance, insurance,
and real estate industries, could not operate without information systems.
The ability of a firm to use IT is becoming intertwined with the firm's
ability to implement corporate strategy.
 As electronic business and electronic commerce grow in popularity and
more firms digitize their operations, having useful information is
becoming even more important to the global business community.
Business firms invest heavily in information systems to achieve six
strategic business objectives: operational efficiency, new products, services
& business models, customer and supplier intimacy, better decision
making, competitive advantage, and survival.

How Information Systems Are Transforming Business

Wireless communications, including computers and mobile hand-held
computing devices, are keeping managers, employees, customers,
suppliers, and business partners connected in every way possible. Email,
online conferencing, the Web, and the Internet, are providing new and
diverse lines of communication for all businesses, large and small.
Through increased communication channels and decreased costs of the
communications, customers are demanding more of businesses in terms of
service and product, at lower costs. E-commerce is changing the way
businesses must attract and respond to customers.

What’s New in Management Information Systems?

The use of technology now extends far beyond the simple desktop
computer, especially in the business world. There are three interrelated
changes that are affecting companies worldwide:
 The emerging mobile digital platform: More and more business
computing is moving from PCs and desktop machines to mobile
devices like IPhones, iPads, Smart Phones etc. Managers are
increasingly using these devices to coordinate work, communicate
with employees, and provide information for decision making.

 Growth of businesses use of big data: The use of Big Data — large
pools of data that can be brought together and analyzed to discern
patterns and make better decisions — will become the basis of
competition and growth for individual firms, enhancing productivity
and creating significant value for the world economy by increasing
the quality of products and services.

2
 All companies need to take Big Data and its potential to create value
seriously if they want to compete. For example, some retailers
embracing big data see the potential to increase their operating
margins.
 Growth of cloud computing: Cloud computing is a type of
computing that relies on sharing computing resources rather than
having local servers or personal devices to handle applications. Main
objective is to provide different services — such as servers, storage
and applications —to an organization's computers and devices
through the Internet. The cloud has changed the fundamental nature
of computing and how business gets done. According to the research
done by Global Industry Analysts Inc, cloud computing came as a
boon for companies during tough economic and financial climate,
given that the technology can potentially slash IT costs by over 35%

Globalization Challenges and Opportunities: A Flattened World

Customers no longer need to rely on local businesses for products and
services. They can shop at any time and any day of a week for virtually
anything and have it delivered to their door or desktop. Companies can
operate at any time from any geographic location around the world. Jobs
can just as easily move across the state or across the ocean. The emergence
of the Internet into a full blown international communications system has
drastically reduced the costs of operating and transacting business on a
global scale.

The move to a global economy has been facilitated by advanced

telecommunications networks and particularly by the Internet. At the same
time globalization adds challenges to businesses. In a global market cost of
labor, varies widely among countries. In general, labor costs are higher in
developed countries than in developing countries. Also, developed
countries usually pay high fringe benefits to employees, which make the
cost of doing business even higher. Therefore, many labor-intensive
industries have moved their operations to countries with low labor costs.
These moves are greatly facilitated with IT.

3
 The Emerging Digital Firm
A digital firm is one in which nearly all of the organization‘s significant
business relationships with customers, suppliers, and employees are
digitally enabled, and key corporate assets are managed through digital
means. These digital networks are supported by enterprise class
technology platforms that have been leveraged within an organization to
support critical business functions and services. Some examples of these
technology platforms are Customer Relationship Management (CRM),
Supply Chain Management (SCM), Enterprise Resource Planning (ERP),
Knowledge Management (KMS), Enterprise Content Management (ECM),
and Warehouse Management
System (WMS). Making a firm digital is not about just adding a computer
system to the mix. Throwing a computer system at outdated business
processes is exactly the wrong thing to do. A truly digital firm has several
characteristics that distinguish it from most of the firms claiming to be
digitized:
 Significant business relationships with customers, suppliers, and
employees are digitally enabled and mediated.

 Core business processes are accomplished through digital networks
spanning the entire organization or linking multiple organizations.

 Key corporate assets – intellectual property, core competencies, and
financial and human assets – are managed through digital means.

 They sense and respond to their environments far more rapidly than
traditional firms.

 They offer extraordinary opportunities for more flexible global
organization and management, practicing time-shifting (business
being conducted 24 hrs x7 day) and space-shifting (business being
conducted globally or beyond traditional geographic boundaries).

Strategic Business Objectives of Information Systems

Strategic planning for an organization involves long-term policy decisions,
like location of a new plant, a new product, diversification etc. Information
technology has played an important part in the U.S. and global economies.
Companies rely on IT for fast communications, data processing and market

4
 intelligence. Specifically, business firms invest heavily in information to
achieve six strategic business objectives:
  Operational excellence
  New products, services, and business models
  Customer and supplier intimacy
  Improved decision making
  Competitive advantage
 Survival
Operational Excellence: This relates to achieving excellence in business in
operations to achieve higher profitability. For example, a consumer goods
manufacturer may decide upon using a wide distribution network to get
maximum reach to the customers and exposure. A manufacturing
company may pursue a strategy of aggressive marketing and mass
production.
New Products, Services, and Business Models: This is part of growth
strategy of an organization. With the help of information technology, a
company might even opt for an entirely new business model, which will
allow it to establish, consolidate and maintain a leadership in the existing
market as well as provide a competitive edge in the industry. As successful
as Apple Inc., BestBuy, and Walmart were in their traditional brick-and-
mortar existence, they have all introduced new products, services, and
business models that have made them even more competitive and
profitable.
Customer and Supplier Intimacy: When a business really knows its
customers, and serves them well, the way they want to be served, customers
generally respond by returning and purchasing more. The result is increased
revenues and profits. Likewise with suppliers: The more a business engages
its suppliers, the better the suppliers can provide vital inputs. The result is a
lower cost of doing business. JC Penney is an excellent example of how the
use of information systems and technologies are extensively used to better
serve suppliers and retail customers. Its information system digitally links the
supplier to each of its stores worldwide. Suppliers are able to ensure the
continuous flow of products to the stores in order to satisfy customer
demands.
Improved Decision Making: A very important pre-requisite of strategic
planning is to provide the right information at the right time to the right
person, for making an informed decision. Well planned Information
Systems and technologies make it possible for the decision makers to use
real-time data from the marketplace when making decisions. Previously,
managers did not have access to accurate and current data and as such
relied on forecasts, best guesses, and luck. The inability to make informed
decisions resulted in increased costs and lost customers.
Competitive Advantage: Doing things better than your competitors,
charging less for superior products, and responding to customers and
suppliers in real time all add up to higher sales and higher profits that
your competitors cannot match. Toyota and Walmart are prime examples
of how companies use information systems and technologies to separate
themselves from their competition. Toyota worked its way to top of its
industry with the help of its legendary information system. Walmart is the
most efficient retail store in the industry based in large part on how well it
uses its information resources.
Survival: Firms also invest in information systems and technologies
because they are necessities for doing business. Information systems are
not a luxury. In doing so, they had a major competitive advantage over
their competitors. In order to remain and survive in the retail banking
industry, other banks had no choice but to provide ATM services to
banking customers.

6
 Data Vs Information
Data is a collection of raw facts that may or may not be meaningful for
managers. Input to any system may be treated as Data. It is very difficult
to understand data and needs to be processed to understand. Data may not
be in the order.

Information is the outcome derived after processing the data and is always
meaningful. Output after processing the system is Information. Processing
is performed by performing arithmetic logical calculations on data of
simply by rearranging the data. It is very easy to understand information.
Information should be in the order.

For example, researchers who conduct market research survey might ask a
member of the public to complete questionnaires about a product or a
service. These completed questionnaires are data; they are processed and
analyze in order to prepare a report on the survey. This resulting report is
information.

Characteristics of Information
Good information is that which is used and which creates value.
Experience and research shows that good information has numerous
qualities.

Availability/accessibility: Information should be easy to obtain or
access. Information kept in a book of some kind is only available and
easy to access if you have the book to hand. A good example of
availabilityis a telephone directory, as every home has one for its
 local area.

Accuracy: Information needs to be accurate enough for the use to
which it is going to be put. To obtain information that is 100%
accurate is usually unrealistic as it is likely to be too expensive to
produce on time. Accuracy is important. As an example, if
government statistics based on the last census wrongly show an 
increase in births within an area, plans may be made to build schools

7
 and construction companies may invest in new housing
developments. In these cases any investment may not be recouped.

Reliability or objectivity: Reliability deals with the truth of
information or the objectivity with which it is presented. You can only
really use information confidently if you are sure of its reliability and
objectivity. Unless you know who the author is, or a reputable
university or government agency backs up the research, then you
cannot be sure that the information is reliable. Some Internet websites
are like vanity publishing, where anyone can write a book and pay
 
certain (vanity) publishers to publish it.

Relevance/appropriateness: Information should be relevant to the
purpose for which it is required. It must be suitable. What is relevant
for one manager may not be relevant for another. The user will
become frustrated if information contains data irrelevant to the task in
hand. For example, a market research company may give information
on users‘ perceptions of the quality of a product. This is not relevant
for the manager who wants to know opinions on relative prices of the
product and its rivals. The information gained would not be relevant
 
to the purpose.

Completeness: Information should contain all the details required by the
user. Otherwise, it may not be useful as the basis for making a decision.
For example, if an organization is supplied with information regarding
the costs of supplying a fleet of cars for the sales force, and servicing and
maintenance costs are not included, then a costing based on the
 
information supplied will be considerably underestimated.

Level of detail/conciseness: Information should be in a form that is
short enough to allow for its examination and use. There should be no
extraneous information. For example, it is very common practice to
summaries financial data and present this information, both in the
form of figures and by using a chart or graph. We would say that the
graph is more concise than the tables of figures as there is little or no
extraneous information in the graph or chart. Clearly there is a trade-
 
off between level of detail and conciseness.

Presentation: The presentation of information is important to the 
user. Information can be more easily assimilated if it is aesthetically

8
 pleasing. For example, a marketing report that includes graphs of
statistics will be more concise as well as more aesthetically pleasing to
the users within the organization.

Timing: Information must be on time for the purpose for which it is
required. Information received too late will be irrelevant. For
example, if you receive a brochure from a theatre and notice there was
a concert by your favorite band yesterday, then the information is too
late to be of use.

Information Systems
In a simplest sense, a system that provides information to people in an
organization is called information system (IS). It can be defined as a
collection of interrelated components working together to collect, process,
store, and disseminate information to support decision making,
coordination, control, analysis, and visualization in an organization. An
information system is an organized combination of people (persware),
hardware, software, communication networks, and data resources.

Information systems in organizations capture and manage data to produce

useful information that supports an organization and its employees,
customers, suppliers and partners. So, many organizations consider
information system to be the essential one. Information systems produce
information by using data about significant people, places, and things
from within the organization and/or from the external environment to
make decisions, control operations, analyze problems, and create new
products or services. As already mentioned, Information is the data
shaped into a meaningful form. Data, on the other hand, are the collection
of raw facts representing events occurring in organizations or the
environment before they have been organized and arranged into a form
that people can understand and use.

9
 Environment
Suppliers Customers

Information System
Processing:
Input classify Output
arrange
calculate
Feedback

Regulatory
Agencies Stockholders Competitors

The three basic activities to produce information in an information system

are input, processing, and output.
 Input captures or collects raw data from within the organization or
from its external environment for processing. Normally input is
hardware component of information systems.

 Processing converts raw data into the meaningful information.
Normally processing is done by software. Processing is done either
by performing arithmetic or logical calculations on the data or by
simply rearranging the data.

 Output transfers information produced from processing data to the
people who will use it or to the activities for which it will be used.

Information systems also include two additional components: feedback and

control.
10
 • Feedback: It is data about the performance of a system. It is the idea
of monitoring the current system output and comparing it to the
system goal. For example, data about sales performance is feedback
to a sales manager.

• Control: On the basis of feedback, the control function makes
necessary adjustments to a system‘s input and processing
components to ensure that it produces proper output. For example,
a sales manager exercises control when reassigning salespersons to
new sales territories after evaluating feedback about their sales
performance.

The two types of information systems are formal and informal. Formal
information systems are based on accepted and fixed definitions of data
and procedures for collecting, storing, processing, disseminating, and
using these data with predefined rules. Informal information systems, in
contrast, relay on unstated rules. Formal information systems can be
manual as well as computer based. Manual information systems use
paper-and-pencil technology. In contrast, computer-based information
systems (CBIS) relay on computer hardware and software for processing
and disseminating information.

Dimensions of Information Systems

An information system represents a combination of management,
organization, and technology elements. The management dimension of
information systems involves leadership, strategy, and management
behavior. The technology dimensions consist of computer hardware,
software, data management technology, and
networking/telecommunications technology (including the Internet). The
organization dimension of information systems involves the organization‘s
hierarchy, functional specialties, business processes, culture, and political
interest groups.

11
 Organizations
Organizations are formal social units developed to the attainment of
specific goals. The key elements of an organization are its people,
structure, operating procedures, politics, culture, and functional
specialties.

People: Organizations require many different kinds of skills and
people like managers (such as senior, middle, and operational) who
make decisions and plans to solve organizational problems,
knowledge workers (such as engineers, architects, or scientists) who
design products or services and create new knowledge, data
workers (such as secretaries, bookkeepers, or clerks) who process
the organizations paperwork, and production or service workers
(such as machinists, assemblers, or packers) who actually produce
 
the organizations products or services.

Structure: Organizations coordinate work through a structured
hierarchy. The hierarchy arranges people in a pyramid structure of
rising authority and responsibility. The upper levels of hierarchy
consist of managerial, professional, and technical employees,

 whereas the lower levels consist of operational personnel.

Standard Operating Procedures (SOPs): Standard operating
procedures (SOPs) are formal rules that have been developed over a
long time for achieving organizational
 goals. Firm‘s business
processes are based on its SOPs.

12
 
Organizational Politics: People in organization occupy different
positions with different specialties, concerns and perspectives. As a
result, they naturally have divergent and differing viewpoints about
how Resources, Rewards, and Punishments should be distributed.
This will result in political struggle
 for resources, competition and
 conflict within every organization.

Organizational Culture: It is a set of fundamental assumptions
about what products the organization should produce, how it
should produce them, where, and for whom. Organizational culture
is a powerful restraint on change, especially technology change. Any
technological change that threatens commonly held cultural
 assumptions usually meets a great deal of resistance.

Business Functions: The major business functions, or specialized
tasks performed by business organizations include sales and
marketing (selling the organization‘s products and services),
manufacturing and production (producing products and services),
finance (managing the organization‘s financial assets like cash,
stocks, etc.), accounting (maintaining the organization‘s financial
 
assets and accounting the flow of funds), and human resources
(attracting, developing, and maintaining the organization‘s labor
force; maintaining employee records).

Management
Management‘s job is to make decisions and formulate action plans to solve
organizational problems. Managerial roles and decisions vary at different
levels of the organization. Senior managers occupy the topmost hierarchy
and are responsible for making long-range decisions. Middle managers
occupy in the middle of the organizational hierarchy who are responsible
for carrying out the plans and goals of senior management. Operational
managers monitor the day-to-day activities of the organization.

13
 Top
Management

Middle Management

Low Level Management

Fig: Different level of management

Managers play an important role in organizations. We can understand
managerial functions by examining classical and contemporary models of
managerial behavior.
• Classical Models of Management: The classical descriptions of
management focuses on five classical functions of managers like
planning, organizing, leading, and controlling. These terms actually
describe formal managerial functions and are unsatisfactory as a
description of what managers actually do in their jobs. For example,
these terms do not address what managers actually do when they plan,
decide things, and control the work of others.

14
 Planning

Controlling Organizing

Leading

Above figure shows systems relationship among the management functions.

Planning includes setting objectives and determining in advance exactly how
the objectives will be met. Organizing means delegating and
coordinating tasks and allocating resources to achieve objectives.
Managers should also show leadership. He/she should influence
employees to work towards achieving objectives. Controlling means
managers should establish and implement mechanisms to ensure that
objectives are achieved.

• Behavioral Models of Management: These models describe

management based on what managers actually do in their jobs.
Managers‘ day-to-day behavior can be classified into 10 managerial
roles. Managerial roles are expectations of activities that managers
should perform in an organization. These roles fall into three categories:
interpersonal, informational, and decisional.
15
 
Interpersonal Roles: Interpersonal management roles are grouped
into three roles involving working with other people. Managers act
 as figureheads, leaders, and liaisons.

Informational Roles: Informational management roles are divided
into three different communication-based roles.Managers act as
 nerve centers, disseminators, and spokespersons.

Decisional Roles: Decisional management roles are sorted into four
action-based roles for making and implementing decisions.
Managers act as entrepreneurs,
 disturbance handlers, resource
allocators, and negotiators.

Information Technology
Information technology is the tool used by managers to deal with change.
The technology dimension consists of computer hardware, software, data
management technology, and networking/telecommunications technology

Computer Hardware: It is the physical equipment used for input,
processing, and output activities in an information system. It consists
of processing unit; various input, output, and  storage devices; and
 physical media to link these devices together.

Computer Software: It consists of detailed preprogrammed
instructions that control and coordinate the work of computer
 hardware components in an information system.

Data Management Technology: In order to keep track of all of the
information stored, we need data management software that is

16
 designed to organize the information so that we can readily retrieve
what we are looking for.

Communication technology: It includes physical devices and
software that link various computer hardware components that
transfer data from one physical location to another. This technology
helps to connect computers and communication equipments for
sharing voice, data, images, sound, or video in networks.A network
links two or more computers to share data and resources.

All the above technologies collectively form the firm‘s information

technology (IT) infrastructure. The IT infrastructure provides the foundation
or platform on which the firm can build its specific information systems. So,
each organization must carefully design and manage its IT infrastructure
according to the needs of the information system.

A Business Perspective on Information Systems

From a business perspective, an information system provides a solution to
a problem or challenge facing a firm and provides real economic value to
the business. The decision to build or maintain an information system
assumes that the returns on this investment will be superior to other
investments in buildings, machines, or other assets. These superior returns
will be expressed as:
 • Increased productivity
 • Increased Revenues
• Superior long-term strategic Positioning

As already mentioned information systems collects data from environment

and produces information. This information is useful for managers to
perform managerial tasks such as planning, coordinating, controlling and
decision making. On the other hand information produced by these
systems will be helpful to different business processes such as supply-
chain management, customer relationship management, and knowledge
management. Combination of these two perspectives ultimately helps in
increasing firm‘s profitability and achieving strategic position. There are
three ways an information system can add value to a business:

17
 • Help managers make better decisions
 • Help make business processes more efficient
• Increase profitability

Figure: The Business Information Value Chain

Complementary Assets: Organizational Capital and the Right Business

Model
Assets that are required to derive value from primary investment are
called complementary assets. For example, to get real value from water
resources requires investments in hydropower‘s, transmission lines, legal
regulatory structures etc. Thus theses investments are complementary for
getting real values from investments in water resources. In the same way
investing just in IT may not give attractive returns to organizations.

Studies show that there are considerable variations in returns from

investments in information technology. Some organizations invest great
deal of amount and also able to achieve great deal of values from this
investment. On the other hand some organizations invest great deal of

18
 amount and are only able to achieve little value from this. Third variation
is the organizations that invest little in information technology but able to
get great deal of returns. The fourth types of organizations are those that
invest little in IT and also get little and also get little returns from it. This
clearly indicates that investing in information technology does not
guarantee good returns. The reason behind this is the concept of
complementary assets.

Investments in information technology alone cannot make managers and

organizations more effective. Thus, to get proper returns from investment
in IT, organizations needs to invest in complementary assets also. Some
organizations do not invest in discovering new business model or seeks to
preserve existing business model even after investing in new technology.
Due to this organization may be unable to take advantages of new
technology and hence unable to get returns from investment in new
technology.

According to Kauffman et. al. complementary assets for investment in

information technology are investment in new business models, new
business process, management behavior, organizational culture, trainings
etc. Organizations that do not invest in theses complementary assets can
no get superior returns from investments in IT.

Main complementary assets for investment in information technology can

be categorized into following three classes:
 Organizational Assets: It includes investments in selecting
appropriate business model, efficient business process,
decentralization, distributed decision making rights, supportive
organizational culture that values effectiveness and efficiency,
Strong team for developing information systems.

 Managerial Assets: It includes senior management that supports
investments in new technologies and change, incentives for new
management innovations, Collaborative work environment,
Training programs to enhance skills of using information systems in
decision making etc.

19
  Social Assets: It includes investments in establishing internet and
telecom based infrastructure, conducting and launching IT-enriched
educational programs, developing standards, laws and regulations
etc.

Contemporary Approaches to Information Systems

When an information system is being developed, much importance should
be given to the structure of the organization, culture of the organization,
etc. But along with these, especial attention should also be given to the
technical side of MIS. The various contemporary approaches to MIS
development are: Technical Approach, Behavioral Approach, and Socio
Technical Approach.

The Technical Approach

Technical approach says that all business information systems were
combinations of computer science, management science, and operations
research. Computer science considers knowledge of subjects like Data
structures and algorithms, Database Management Systems, Computer
Networking, Theory of computing, Business data processing,
Programming languages, System Analysis and design etc. was essential for

20
designing any business information system. Management science
considers theories like motivation and leadership theories and models had
their impact on the information system. Operation Research Techniques
such as Linear Programming, Game theory, Transportation Problem,
Fuzzy logic etc helped to enhance capabilities of information systems.
Business Management adopted Operation Research Techniques such as
CPM & PERT for project management in the management process through
information system.

Behavioral Approach
MIS also concerned with behavioral issues surrounding the development,
use, and impact of information systems, which are typically discussed in
the fields of sociology, economics, and psychology. Business Organizations are
social economic groups wherein individuals work together with common
motive. Every individual possesses certain values, beliefs and assumptions
and have specific mind set. Therefore every individual have their influence
on shaping up the information system. This social aspect influenced
development of every information system and people in the world along
with time e.g. e-Banking, e-Governance, e-Booking etc. Psychology refers
to cognitive capability of human beings. The individual as well as group
psychology has its own influence on the information system. People are
still scared of e-Transactions like e-Payments. Study of economics plays
vital role in planning and while designing of any information system. We
can find out the ways for profit, growth and sales maximization as
economics includes the study of labor, land, and investments, of money,
income, and production, and of taxes and government expenditures.

Socio Technical Approach

In the socio technical view of systems, optimal organizational performance
is achieved by jointly optimizing both the social and technical systems
used in production. Adopting a socio technical systems perspective helps
to avoid a purely technological approach to information systems.
Technology must be changed and designed, sometimes even "de-
optimized," to fit organizational and individual needs. Organizations and

21
individuals must also be changed through training, learning, and planned
organizational change to allow technology to operate and prosper.

MIS Hands on Project: Sales Trend Analysis and Forecasting

The term trend implies a change over time. One type of forecasting is
quantitative, and involves analyzing time-series data, and then predicting
what the future might be. For example, sales at an ice cream stand at the
town park in June of each of the last five years has been good, but in July it
was about 20% more than in June. If this year, the stand took in $10,000 in
June (a new record), how much would you predict it will take in July?
Well, if we were correct in our assumption based on the historical data,
we'd estimate the July figure would be 20% higher, or $12,000.

Microsoft Excel offers some built-in tools for forecasting. One of these
allows you to add a trendline to existing data points on a chart. This allows
the user to interpolate (i.e., to find a data point between existing points) or
to extrapolate (i.e., to find a data point past either end of the current data,
either by forecasting foreword, or backcasting to an earlier period). Besides
this, MS Excel provides built-in forecast function to predict future. Given
the following historical data of a company, MS Excel is used to identify
trend and to make prediction of upcoming five years data. Based on this
prediction management can make better decisions to develop plans for
future.

In the above table value of last five rows are predicted by using MS. Excels
FORECAST function. The FORECAST(x, known_y's,known_x's) function
returns the predicted value of the dependent variable (represented in the
data by known_y's) for the specific value, x, of the independent variable
(represented in the data by known_x's) by using a best fit (least squares)
linear regression to predict y values from x values. The parameter x must
have a numeric value, known_y's and known_x's must be arrays or cell
ranges that contain equal numbers of numeric data values. If we plot
graph for above data and add trend lines, it looks like below:

22
XYZ Companies Sales History, Trend Analysis and Prediction of Future Sales

Items_Sold (in Sales Amount (in Net profit (in

Year 00000) millions) millions)
2001 184 341 12
2002 230 523 23
2003 279 641 37
2004 324 660 51
2005 332 810 73
2006 470 915 98
2007 523 1045 132
2008 602 1040 175
2009 621 1205 211
2010 758 1295 252
2011 824 1372 260
2012 896 1506 274
2013 974 1637 289
2014 1049 1752 305
2015 1138 1894 322
2016 1171 1944 367
2017 1250 2043 395
2018 1330 2151 422
2019 1409 2264 448
2020 1487 2367 472

23
 To plot this graph we can flow following steps
  Select the historical data
  Click insert menu and select proper scatter from it
  Select one of the data point representing value of items sold
  Right click on it and select add trendline option in popup menu
 Select proper trendline options. In above graph forecast is set to 5
 forward periods
 Repeat previous step for all scatters in the plot

24
Chapter 2

Global E-Business and Collaboration

Business Process
Business processes refer to the manner in which work is organized,
coordinated, and focused to produce a valuable product or service.
Business processes also refer to the unique ways in which
organizations coordinate work, information, and knowledge, and the
ways in which management chooses to coordinate work. Every
business can be seen as a collection of business processes. Business
processes are designed to add value for the customer and should not
include unnecessary activities. The outcome of a well designed
business process is increased effectiveness (value for the customer)
and increased efficiency (less costs for the company). There are three
types of business processes:
1. Management Processes: The processes that govern the
operation of a system. Typical management processes include
corporate governance and strategic management
2. Operational Processes: The processes that constitute the core
business and create the primary value stream. For example,
taking orders from customers, and opening an account in a
bank branch.
3. Supporting Processes: Theses processes support the core
processes. Examples include Health & Safety, accounting,
recruitment, call center, technical support.

25
The performance of a business firm depends on how well its business
processes are designed and coordinated. Many business processes are
tied to a specific functional area, such as sales and marketing, while
others cross many different functional areas and require coordination
across departments.

Table given below describes some typical business processes for each
of the functional areas of business.

26
 Business Processes and Information Systems
In order to operate, business must deal with many different pieces of
information, they must organize work activities that use this
information to operate efficiently and enhance the overall
performance of the firm. Information systems make it possible for
firms to manage all their information, make better decisions and
improve the execution of their business processes

How Information Technology Improves Business Processes

Information systems automate many steps in business processes that
were formerly performed manually. But today, information
technology actually can change the flow of information even the way
the business works and drive to a new business models. Information
technology enhances business processes in two main ways:
 Increasing efficiency of existing processes: Automating steps
or processes that were manual

 Enabling entirely new processes that are capable of
transforming the businesses: This is done by changing flow of
information, or by replacing sequential steps with parallel
steps, or by eliminating delays in decision making

Types of Information Systems

There are different kinds of systems according to different interests,
specialists, and levels in an organization. Single system cannot
provide all the information needed by an organization.

27
Systems for Different Management Groups
.1 The four main types of information systems that serve different
management groups are: Transaction processing systems, Management
information systems, Decision support systems, and Executive support
systems.

Transaction Processing Systems

These are the computerized systems that perform and records the
daily routine transactions necessary to conduct business. These
systems serve the operational level of the organization. Some
examples include sales order entry, hotel reservation systems,
payroll, employee record keeping, and shipping.

Transaction processing systems are central to a business. TPS failure

for a few hours can cause a firm‘s demise and perhaps other firms
linked to it. Managers need TPS to monitor the status of internal
operations and the firm‘s relations with external environment. TPS
are also major producers of information for the other types of
systems.

28
Online transaction processing systems (OLTPS) is an interactive
data processing system that involves a direct connection between TPS
programs and users. As soon as a single transaction is entered into a
computer system, the program interacts immediately with the user
for that transaction. It is often known as the live system where there
is no time lag between data creation and its processing. A good
example of this system is online ticket reservation system. Most of the
OLTPS system requires the support of networks that is spread over
number of organizations or branches for performing it‘s operations.

Unlike the OLTPS, Batch processing systems accumulates the

transaction over a time, makes a queue of the processes depending
upon the priorities and processes them periodically at the later time.
Some of the TPS must follow batch processing due to business
process of the organization. For example, opening an account and
getting ATM card is batch processing system. In this case all requests
for ATM card collected during the day time but these requests are

29
only processed after some hour or even if after some days. This is the
reason that we need to wait some time for activating of our ATM
cards.

2.Management information systems

These are the information systems at the management level of an
organization and serve management-level functions like planning,
controlling, and decision-making. These systems provide routine
summary of reports and, in some cases, with online access to the
organization‘s current performance and historical records to
managers. Typically, these systems use internal data provided by the
transaction processing systems. Normally, these systems are used for
structured decision-making.

MIS usually serve managers interested in weekly, monthly, bi-

monthly results—not day-to day activities. MIS generally provides
answers to the routine questions that have been specified in advance
and have predefined procedures for answering them.

30
 MIS Files
Order
Order Processing
System Sales
Data

Materials
Production resource MIS Reports

M anagers
master file planning
System Product
cost/cha
nge data

General
Ledger Expense
Accounting
System Data
Files

Fig: How MIS takes data from TPS

3.Decision-support systems
These systems also serve at the management level of the
organization. These systems combine data and sophisticated
analytical models or data analysis tools to support semi-structured
and unstructured decision-making. These systems use internal
information from TPS and MIS, and often information from external
sources, such as current stock prices or product prices of competitors.
DSS have more analytical power than other systems. DSS helps
managers to make decision that are unique, fast changing and not
easily specified in advance. DSS that supports and facilities the
decision making process by a group is called group decision support
system (GDSS). Three quantitative models often used by DSS include:


Sensitivity analysis is the study of the impact that changes in
one (or more) parts of the model have on other parts of the

31
 model. Users change the value of one variable repeatedly and
observe the resulting changes in other variables.

What-if analysis checks the impact of a change in an
assumption on the proposed solution. For example, ―What will
happen to the supply chain if a blizzard in Alberta reduces
holding inventory from 30 percent to 10 percent?‖ Users repeat
this analysis
 until they understand all the effects of various
 situations.

Goal-seeking analysis finds the inputs necessary to achieve a
goal such as a desired level of output. Instead of observing how
changes in a variable affect other variables as in what-if
analysis, goal-seeking analysis sets a target value (a goal) for a
variable and then repeatedly changes other variables until the
target value is achieved. For example, ―How many customers
are required to purchase a new product to increase gross profits

to $5 million?‖
TPS External
Data

DSS
Database

DSS software system models:

OLAP tools, Data mining tools

User
Interface

User

Fig: DSS and its components

4.Executive support systems

32
These systems serve the strategic level of the organization. These
systems are designed to address unstructured decision making
through advanced graphics and communication. These systems
incorporate data about external events such as new tax laws or
competitors, but they also draw summarized information from
internal MIS and DSS.

These systems are not designed to solve a specific problem but they
provide a generalized computing and telecommunication capacity
that can be applied to a changing array of problems. ESS helps senior
executives to monitor firm performance, spot problems, identify
opportunities, and forecast trends. These systems can filter out
extraneous details for high level overviews, or they can drill down to
provide senior managers to detailed transaction data if required.

ESS helps senior managers to analyze, compare, and highlight trends

so that they may easily monitor organizational performance or
identify strategic problem and opportunities. There is less use of
analytical tools (as compared to DSS) in ESS. It is not necessary for
users to be an expert in computer-based information system to be
33
able to use them. Therefore executive system must be easy to use and
the information must be easily manipulated.

Systems for Linking the Enterprise

No business can afford disjointed information systems that don't
work together to produce a coherent picture of the entire
organization. All the functions of a business must be integrated
across traditional lines of demarcation. Islands of information can be
devastating to a company if data cannot be shared throughout the
company. Even worse, the islands of information can create problems
if each faction of an enterprise has differing information that conflicts
with other islands of information. These kinds of problems are what
gave rise to enterprise applications that share the same data
anywhere it's needed in an organization. As networks of all kinds
take hold, from the Internet to intranets to extranets, Web-based
enterprise applications are increasingly widespread.

Enterprise applications are the systems that can coordinate activities,

decisions, and knowledge across many different functions, levels,
and business units in a firm. Enterprise applications include:
enterprise systems, supply chain management systems, customer
relationship management systems, and knowledge management systems.
➢ 
Enterprise systems
These systems are also known as enterprise resource planning (ERP)
systems and are used to bridge the communication gap between all
departments and all users of information within a company. If the
production department enters information about its processes, the
data are available to accounting, sales, and human resources. If sales
and marketing is planning a new advertising campaign, anyone
anywhere within the organization will have access to that

34
information. Enterprise systems truly allow a company to use
information as a vital resource and enhance the bottom line.
➢ 
Supply Chain Management:
Supply chain management is the close linkage and coordination of
activities in buying, making, and moving a product. It integrates
supplier, manufacturer, distributor, and customer logistics processes
to reduce time, redundant effort, and inventory cost. The supply
chain is a network of organizations and business processes for
procuring materials, transforming raw materials into intermediate
and finished products, and distributing the finished products to
customers. It links suppliers, manufacturing plants, distribution
centers, conveyances, retail outlets, people and information through
processes such as procurement, inventory control, distribution, and
delivery to supply goods and services from source through
consumption. Supply chain also includes reverse logistics in which
returned items flow in the reverse direction from buyer back to the
seller.

35
 Information systems make supply chain management more efficient
by helping companies coordinate, schedule, and control
procurement, production, inventory management, and delivery of
products and services. Supply chain management systems can be
built using intranets, extranets, or special supply chain management
software. Information systems for supply chain management can
help participants in the supply chain in the following activities:
  
Decide when and what to produce, store, and move
  
Rapidly communicate orders
  
Track the status of orders
  
Check inventory availability and monitor inventory levels
  
Reduce inventory, transportation, and warehousing costs
  
Track shipments
  
Plan production based on actual customer demand
 
Rapidly communicate changes in product design
Inaccurate or untimely information in the supply chain causes
inefficiencies such as parts shortages, underutilized plant capacity,

36
excessive finished goods inventory, or runaway transportation costs.
One recurring problem in supply chain management is the bullwhip
effect, in which information about the demand for a product gets
distorted as it passes from one entity to next across the supply chain.

Supply chain management uses systems for supply chain planning

(SCP) and supply chain execution (SCE). Supply chain planning
systems enable the firm to generate demand forecasts for a product
and to develop sourcing and manufacturing plans for that product.
Supply chain execution systems manage the flow of products
through distribution centers and warehouses to ensure that products
are delivered to the right locations in the most efficient manner.
➢ 
Customer Relationship Management systems
Customer relationship management (CRM) is a term that refers to
practices, strategies and technologies that companies use to manage
and analyze customer interactions and data throughout the customer
lifecycle, with the goal of improving business relationships with
customers, assisting in customer retention and driving sales growth.
An information system that maintains data about customers and all
their interactions with the organization is called Customer Relation
Management (CRM) System.

A major benefit of using CRM systems is to develop better relations

with existing customers, which can lead to increased sales. By better
anticipating the needs of the customers businesses can predict further
purchases based on past historic trends. It also allows a cross-selling
of other products by highlighting and suggesting alternatives and
enhancements. By implementing a CRM system it can also lead to a
better marketing of products by using a target market and a more
personal approach. Ultimately this could lead to enhanced customer
satisfaction and retention. Ensuring a good reputation in the market
allows for the company to continuously grow.

37
 ➢ 
Knowledge Management Systems
Knowledge management (KM) is the process of capturing,
developing, sharing, and effectively using organizational knowledge.
Knowledge management efforts typically focus on organizational
objectives such as improved performance, competitive advantage,
innovation, the sharing of lessons learned, integration and
continuous improvement of the organization.

Knowledge Management System (KM System) refers to

a
(generally IT based) system for managing knowledge in
organizations for supporting creation, capture, storage and
dissemination of information. Knowledge management systems (KMS)
collect all relevant knowledge and experience in the firm and make it
available wherever and whenever it is needed to support business
processes. The idea of a KM system is to enable employees to have
ready access to the organization's documented base of facts, sources
of information, and solutions. For example an engineer could know
the metallurgical composition of an alloy that reduces sound in gear
systems. Sharing this information organization wide can lead to more
effective engine design and it could also lead to ideas for new or
improved equipment.

Systems for Collaboration and Team Work Social Business

Globalization now allows companies to work around the clock,
around the world. It‘s not unusual for major corporations to shift
work from one time zone to another, one country to another.
Somehow, the people in all the geographically-separated locations
have to be able to easily communicate and share information with
each other. Working in teams is now becoming the de facto practice
in the business world.

38
 What Is Collaboration?
Let‘s first determine exactly what the term collaboration means
working with others to achieve shared and explicit goals. All
members that involve in collaborative work environment focus on a
particular task or mission. Collaboration and teamwork has grown in
popularity over the last few years because new technology has made
it much easier for people to communicate and share information,
files, and documents. Collaboration and teamwork are central to the
success of many businesses. Here are six reasons why businesses
promote collaboration and teamwork:
• Changing nature of work—traditionally work was
organized into silos. Now, most new jobs require interaction
among employees, suppliers, and customers.

• Growth of professional work—most professional jobs
require close coordination and sharing information and
opinions with other professionals.

• Changing organization of the firm—traditionally
organizations used a managerial hierarchy. Now, many firms
have been ―flattened‖ and expertise and decision-making
powers are pushed down to groups and teams.

• Changing scope of the firm—globalization has created
organizations that are disbursed to many geographically
separated locations that require close coordination.

• Emphasis on innovation—innovation comes more from
teams and groups than from a single individual.
Collaborative practices and technologies increase the likely
success of innovation.

• Changing culture of work and business—diverse teams
tend to produce better outputs and do it faster than
individuals.

39
 Collaboration among employees, suppliers, and customers is
becoming an important tool in increasing a company‘s competitive
advantage. Social networking platforms like Facebook, Twitter, and
Pinterest help improve a company‘s social business to establish and
improve interactions with groups inside and outside the
organization. Information sharing, innovation, and decision-making
are enhanced through these technologies.

Business Benefits of Collaboration

Nearly all writers agree that collaboration is now more required
within and between firms than was true in the past (for reasons
outlined above).Some of the benefits of collaboration are discussed
below:
➢
Productivity: People working together can complete a complex
task faster than the same number of people working
 in isolation
 from one another; there will be fewer errors.
➢
Quality: People who work collaboratively can communicate
errors, and take corrective actions faster, when they work
 together than if they worked in isolation.
➢
Innovation: People working collaboratively in groups can come
up with more innovative ideas for products, services, and
administration than
 the same number working in isolation
 from one another.
➢
Customer Service: People working together in teams can solve
customer complaints and issues faster and more effectively

 than if they were working in isolation from one another.
➢
Financial performance (profitability, sales, and sales growth):
As a result of all of theabove, collaborative firms have superior
financial performance

40
 Figure: Requirements for Collaboration

Tools and Technologies for Collaboration and Social Business

Many new systems for interacting with other employees, managers,
vendors, and customers have been developed. You probably use
some of them without realizing how essential they‘ve become in
creating an environment that supports a collaborative culture.
• E-mail and instant messaging: billions of messages flow
everyday between employees, managers, suppliers, and
customers.

• Social networking: more than just a way to socialize among
friends, these tools give corporations another way for users to
share ideas and collaborate with each other. According to its
Forrester Research survey of 1,217 business decision makers
worldwide late last year, 95% use social networks to some
extent.

• Wikis: Wikis are a type of Web site that makes it easy for users
to contribute and edit text content and graphics without any
knowledge of Web page development or programming

41
 techniques. The most well-known wiki is Wikipedia. It relies on
volunteers, makes no money, and accepts no advertising. Wikis
are ideal tools for storing and sharing company knowledge and
insights.
• Virtual worlds: able to house online meetings, training
sessions, and lounges, this type of tool is gaining popularity as
a way to meet, interact, and exchange ideas.

• Virtual Meeting Systems: With a virtual meeting system you
can hold strategy sessions once or twice a week instead. You
would feel like all of your teammates are physically located in
the same place if you use telepresence technology. You can
share ideas and documents in real-time. Best of all, you don‘t
 have all the travel hassles and you can sleep in your own bed.
 • Google Apps and Google sites: One of the most widely used
―free‖ online services for collaboration is Google Apps/Google
Sites. Google Sites allows users to quickly create online, group-
editable Web sites. Google Sites users can design and populate
Web sites in minutes and, without any advanced technical
skills, post a variety of files including calendars, text,
spreadsheets, and videos for private, group, or public viewing
and editing. Google Apps works with Google Sites and
includes the typical desktop productivity office software tools
(word processing, spreadsheets, presentation, contact
management, messaging, and mail).

• Microsoft SharePoint: SharePoint is a browser-based
collaboration and document management platform, combined
with a powerful search engine that is installed on corporate
servers. SharePoint has a Web-based interface and close
integration with everyday tools such as Microsoft Office
desktop software products. SharePoint software makes it
possible for employees to share their Office documents and
collaborate on projects using Office documents as the
foundation.
42
 • Lotus Notes: A third Internet-based collaboration environment
your team could use is IBM‘s Lotus Notes. It provides all the
basic collaboration tools as Google Apps/Google Sites and
SharePoint do but with a few added features.

The Information Systems Function in Business

Many people focus on the job losses caused by technological
advances and changes. On the other hand, many new jobs have been
created because of technology. Information systems departments,
previously a tiny group of people usually assigned to the financial
group, have moved into the mainstream of most companies.

The Information Systems Department

Programmers have taken on more important positions within
organizations. They must understand not only the technical side of
computing, but they must also know business processes so they can
adapt the technology to the needs of their company. Systems
analysts serve as the bridge between the techies and the nontechies.
Heading this group of people are the information systems managers.
Their importance to businesses has grown as the emphasis on
technology‘s role within organizations has grown.

Just as most organizations have a Chief Financial Officer, the position

of Chief Information Officer has been created to handle the myriad
of problems and opportunities businesses face in today‘s
technologically driven environment. Very large corporations appoint
a Chief Security Officer who‘s responsible for enforcing the firm‘s
information security policy and training users and information
systems technologists about security. The CSO keeps other executives
and managers aware of security threats and maintains security tools
and policies.

43
 Chief Privacy Officer protects an organization‘s data from misuse
and abuse and makes sure the company complies with data privacy
laws. Another new position that of Chief Knowledge Officer, has
been created in larger corporations to deal with effectively using
knowledge management systems.

Organizing the Information Systems Function

Deciding how to organize the Information Systems function within a
business is not as easy as deciding how to organize other functional
areas. After all, sales and marketing has a much different mission
than production and manufacturing. Information Systems on the
other hand has similar tasks regardless of the functional area it is
supporting. Sales and marketing needs access to data the same as
production and manufacturing.

Larger companies and organizations develop an IT governance that

helps decide the best way to organize the IT department for the
benefit of all. Some of the issues to be decided upon are:
 • Strategy and policies for using IT
• Accountability toward the organization‘s strategies and
 objectives
 • How much centralization will take place within the IT function
• Does the organization receive a positive return on its IT
investments?

Systems For Functional Areas

The typical information systems that support each of major business
functions are: sales and marketing systems, manufacturing and
production systems, finance and accounting systems, and human
resources systems. These systems serve at every organizational level.
Sales and Marketing Systems
44
 Sales and marketing function is responsible for selling the
organization‘s products or services. Marketing is concerned with
identifying the customers for the firm‘s products or services,
determining what they need or want, planning and developing
products and services to meet their needs, and advertising and
promoting these products and services. Sales is concerned with
contacting customers, selling the products and services, taking
orders, and following up on sales. Sales and marketing information
systems support sales and marketing activities.

These information systems are arranged by organizational level. At

strategic level, these systems monitor trends affecting new products
and sales opportunities, support planning for new products and
services, and monitor the performance of competitors. At the
management level, these systems support market research,
advertising and promotional campaigns, and pricing decisions; they
also analyze sales performance and the performance of the sales staff.
At the knowledge level, these systems support market analysis
activities. At the operational level, these systems assist in locating
and contacting prospective customers, tracking sales, processing
orders, and providing customer service support.

Manufacturing and Production Systems:

The manufacturing and production function is responsible for
producing firm‘s goods and services. Manufacturing and production
is concerned with the planning, development, and maintenance of

45
production facilities; the establishment of production goals; the
acquisition, storage, and availability of production materials; and
scheduling of equipment, facilities, materials, and labor required to
fashion finished products. Manufacturing and production
information systems support manufacturing and production
activities.

These information systems are also arranged by organizational level.

At the strategic level, these systems deal with the firm‘s long term
manufacturing goals, such as where to locate new plants or whether
to invest in new manufacturing technology. At the management
level, these systems analyze and monitor manufacturing and
production costs and resources. At knowledge level, these systems
deal with creating and distributing design knowledge or expertise to
drive the production process. At the operational level, these systems
deal with the status of production tasks.

Finance and Accounting Systems

The financial function is responsible for managing the firm‘s
financial assets, such as cash, stocks, bonds, and other investments in
order to maximize the return on these financial assets. It also
manages the capitalization of the firm (finding new financial assets in
stocks, bonds, or other forms of debt). The finance function must also
obtain a considerable amount of information from sources external to
the firm in order to determine whether the firm is getting the best
return on investments.

46
The account function is responsible for maintaining and managing
the firm‘s financial records (such as receipts, disbursement,
depreciation, payroll) to account for the flow of funds in the firm.
Finance and accounting information systems support finance and
accounting activities.

These information systems are also arranged by organizational level.

At the strategic level, these systems establish long-term investment
goals for the firm and provide long-range forecasts of the firm‘s
financial performance. At the management level, these systems help
managers oversee and control the firm‘s financial resources. At the
knowledge level, these systems support finance and accounting by
providing analytical tools and workstations for designing the right
mix of investments to maximize returns for the firm. At the
operational level, these systems track the flow of funds in the firm
through transactions.

Human Resources Systems:

The human resource function is responsible for attracting,
developing, and maintaining the firm‘s work force. This function
support activities such as identifying potential employees,
maintaining complete record on existing employees, and creating
programs to develop employees‘ talent and skills. Human resources
information systems support these activities.

47
These information systems are also arranged by organizational level.
At the strategic level, these systems identify the manpower
requirements (skills, educational level, types of position, number of
positions, and cost) for meeting the firm‘s long-term business plans.
At the management level, these systems help managers monitor and
analyze the recruitment, allocation, and compensation of employees.
At the knowledge level, these systems support analysis activities
related to job design, training, and the modeling of employee career
paths and reporting relationships. At the operational level, these
systems track the recruitment and placement of the firm‘s employees.

48
 Chapter 3
Information Systems, Organizations, and Strategy

Organizations and Information Systems

Relationship between information systems and organization is like chicken-and-
egg theory. We need to design information systems that serve the existing
organization. At the same time we must be ready and willing to restructure the
organization to take advantage of the improvements an information system can
offer. So which one takes precedent—the organization or the information
system? Actually neither one. The goal is to adapt one to the other.

What Is an Organization?

An organization is very similar to the information system. Refer to the figures

given below:

Figure: The Technical Microeconomic Definition of the Organization

49
These two figures have many things in common. Both information systems and
organizations require inputs and some sort of processing, both have outputs, and
both depend on feedback for successful completion of the loop. Information
systems use data as their main ingredient and organizations rely on people.
However, the similarities are remarkable. Both are a structured method of
turning raw products (data/people) into useful entities (information/producers).

Features of Organizations
The class you‘re enrolled in is an organization of sorts, isn‘t it? Think about it—
how many of the following characteristics fit your class? How many fit any
organization you‘re in?
 Clear division of labor
 Hierarchy of authority
 Abstract rules and procedures
 Impartial judgments
 Technical qualifications for positions
 Maximum organizational efficiency
These characteristics describe organizations that are called bureaucracies.

Organizational Structure
Table given below shows some common organizational structures.

50
How Information Systems Impact Organizations and Business
Firms
Two major types of theories about how information systems affect organizations
are: economic theories and behavioral theories.

Economic Impacts
It‘s sometimes cheaper to hire a computer than to hire a person. To better
illustrate this concept, let‘s take a look at how a company can find it cheaper to
use an information system to develop and disseminate a Human Resources
policy for employee dress codes. The HR assistant may write the first draft of the
policy and give it to the HR director on paper. The director will review it and
make changes. The assistant then must incorporate the changes and reprint the
document. If there is an information system, the assistant can submit the draft to
the director electronically and the director can make changes to the electronic
version of the file and return it to the assistant. This will reduce time and cost of
the task.

Of course others in the organization must review the new dress code policy. The
proposed policy can be printed in 15 copies, a person can manually send the
copies out, track who they went to and when, and then track all the changes
made to the proposal. If we use information systems, the proposed policy can be
sent electronically to reviewers who will electronically collaborate on necessary
changes. Each of the reviewers can see what the others think and the changes
they would like to make. This is another point where we can huge amount of
human effort and some amount of time and money also. One manager can
oversee ten employees (agents) rather than four employees because information
is cheaper and easier to disseminate.

Organizational and Behavioral Impacts

IT Flattens Organizations
Rather than five layers of management in an organization, information
technology allows companies to flatten the layers to three, maybe even two.
Here‘s how:

51
 • IT pushes decision-making rights lower in the organization because
lower-level employees receive the information they need to make
decisions without supervision.

• Managers now receive so much more accurate information on time, they
become much faster at making decisions, so fewer managers are required.

• Management costs decline as a percentage of revenues, and the hierarchy
becomes much more efficient.

The Internet and Organizations

The example used earlier of posting personnel policies to the company intranet is
just one small example of how businesses are using network technologies to
reduce costs and enhance their business processes. Business-to-business
commerce is growing at a tremendous pace because of the cost savings the
Internet allows. The Internet provides an open platform technology that allows
transaction processing between businesses at much cheaper costs and provides an easy-
to-use interface. The innovative ways organizations are using the Internet,
intranets, and extranets to improve their business processes and lower costs is
simply fascinating.

Using Information Systems to Achieve Competitive Advantage

Porter’s Competitive Forces Model

Porter‘s competitive forces model tells that much of the success or failure of a
business depends on its ability to respond to its external environment. Figure
below shows five external forces that every business must contend with at one
time or another.

52
 Figure: Porter’s Competitive Forces Model

It‘s important to understand from this model that a firm‘s success is not
predicated on how well it does internally. It must also pay attention to:
• Traditional competitors: Always trying to steal your customers with new
 products and services.
• New market entrants: Not constrained by traditional ways of producing
goods and services, they can easily jump into our markets and steal
 customers away with cheaper or better products and services.
• Substitute products and services: Customers may be willing to try
substitute products and services if they decide our price is too high or the
 quality of our products and services is too low.
• Customers: They are now armed with new information resources that
make it easier for them to jump to our competitors, new market entrants,
 or substitute products.
• Suppliers: The number of suppliers used may determine how easy or
difficult our business will have in controlling our supply chain. Too few
suppliers and you lose a lot of control.

Information System Strategies for Dealing with Competitive Forces

Many companies have found that effective and efficient information systems
allow them to deal with external forces in one of four ways: low-cost leadership,
product differentiation, focus on market niche, and strengthen customer and
supplier intimacy.

Low-Cost Leadership
By using information systems to lower our operational costs we can lower our
prices. That will make it difficult for traditional competitors and new market
entrants to match our prices.

Product Differentiation
A very effective use of strategic information systems is to create products or
services that are so different that they create barriers for the competition. Product
differentiation is at the heart of Apple Computer‘s success. People like to feel
that they are unique individuals with their own needs and desires. One of the
best strategies for dealing with competitors is to offer customers exactly what
they want, when they want it, and how they want it. The Internet provides a new
outlet for mass customization by allowing customers to order one-of-a-kind
products.
53
Focus on Market Niche
If an organization is in a tough competitive market, it can choose to focus on a
very narrow segment of the market rather than a broad general audience. A firm
can gather very specific information about its customers using data mining
techniques. Then it creates a focused differentiation business strategy to market
directly to those consumers. Apple Computer uses focused differentiation to
help sell its computers to a narrow target market of graphic designers and
educators rather than the general population of computer users.

Strengthen Customer and Supplier Intimacy

Supply chain management (SCM) systems increase supplier intimacy while
customer relationship management systems increase customer intimacy. SCM
systems create immense switching costs between a company and its suppliers
because of the investment of hardware and software necessary to make the
system successful. Customer relationship management systems allow companies
to learn details about customers that give them the competitive advantage over
traditional competitors and new market entrants.

The Internet’s Impact on Competitive Advantage

The Internet allows traditional competitors to introduce new products and
services and attract customers. It provides a low cost avenue for new market
entrants. Consumers can easily and quickly find substitute products and services
through the Internet. Customers can use information provided on the Internet to
create new competition between companies while suppliers can increase their
market power. Table below summarizes the impact the Internet is having on
many industries.

54
Because of the tremendous growth of the Internet and its influence on all five
elements of Porter‘s model, businesses must continually monitor the
organizational environment, especially the external environment for potential
challenges and opportunities. Those businesses that adapt their business model
stand a chance of success. Those businesses who ignore the environmental
changes and remain stagnant, risk everything they have.

The Business Value Chain Model

A value chain is a set of activities that a firm operating in a specific industry
performs in order to deliver a valuable product or service for the market. Porter
described a chain of activities common to all businesses, and he divided them
into primary and support activities, as shown below.

55
 Figure The Value Chain Model
❖ 
Primary Activities
Primary activities relate directly to the physical creation, sale, maintenance and
support of a product or service. They consist of the following:
• Inbound logistics – These are all the processes related to receiving,
storing, and distributing inputs internally. Your supplier relationships are
a key factor in creating value here.

• Operations – These are the transformation activities that change inputs
into outputs that are sold to customers. Here, your operational systems
create value.

• Outbound logistics – These activities deliver your product or service to
your customer. These are things like collection, storage, and distribution
systems, and they may be internal or external to your organization.

• Marketing and sales – These are the processes you use to persuade clients
to purchase from you instead of your competitors. The benefits you offer,
and how well you communicate them, are sources of value here.

56
 • Service – These are the activities related to maintaining the value of your
product or service to your customers, once it's been purchased. 
❖ 
Support Activities
These activities support the primary functions above. In our diagram, the dotted
lines show that each support, or secondary, activity can play a role in each
primary activity. For example, procurement supports operations with certain
activities, but it also supports marketing and sales with other activities.
• Procurement (purchasing) – This is what the organization does to get the
resources it needs to operate. This includes finding vendors and
negotiating best prices.

• Human resource management – This is how well a company recruits,
hires, trains, motivates, rewards, and retains its workers. People are a
significant source of value, so businesses can create a clear advantage with
good HR practices.

• Technological development – These activities relate to managing and
processing information, as well as protecting a company's knowledge
base. Minimizing information technology costs, staying current with
technological advances, and maintaining technical excellence are sources
of value creation.

• Infrastructure – These are a company's support systems, and the functions
that allow it to maintain daily operations. Accounting, legal,
administrative, and general management are examples of necessary
infrastructure that businesses can use to their advantage.

By effectively using an information system in a strategic role at any, or preferably

all, levels of the organization, a digital firm can provide more value in their
products than the competition. If they can‘t provide more value, then the
strategic information system should help them provide the same value but at a
lower price.

Using Systems for Competitive Advantage: Management Issues

Strategic information systems often change the organization as well as its
products, services, and operating procedures, driving the organization into new
behavioral patterns. Successfully using information systems to achieve a

57
competitive advantage is challenging and requires precise coordination of
technology, organizations, and management.

Sustaining Competitive Advantage

Using information systems to beat the competition and increase the value of a
product is not easy. Because competitors can quickly copy strategic systems,
competitive advantage is not always sustainable. Sustaining a competitive
advantage constantly requires changing processes and methods of conducting
business. Managers simply cannot rest on their success with today‘s fast paced,
fast changing technological advances. Technology changes much faster than
organizations can adapt. As soon as employees and managers become
comfortable with a particular system, it‘s almost time to make some more
changes.

Aligning IT with Business Objectives

It‘s such a basic idea—an organization should align its information technology
with its business objectives. It‘s an easy thing to have happen when the techies
and the non-techies fail to work together to plan, implement, and maintain
information systems that support their company‘s business objectives and
competitive strategy.

Employees and managers in all the functional areas must be active players in the
IT game. They can‘t sit on the sidelines and let someone else decide what kind of
information system the company will have. They can‘t claim ignorance and say
they don‘t know that much about computers.

Managing Strategic Transitions

A vital attribute of any manager‘s success is the ability to adapt to change. The
pace of technological change is at its highest level ever. With each advance, the
organization must use strategic transitions, to take its advantage. Making
changes in the information systems should trigger a review of associated
processes to make sure they are in sync.

58
 Chapter 5
Information Technology Infrastructure

59
 Overview
Information technology is the application of computers and telecommunication
equipments to store, retrieve, transmit and manipulate data, often in the context
of a business or other enterprise. The term is commonly used as a synonym for
computers and computer networks, but it also encompasses other information
distribution technologies such as television and telephones. Humans have been
storing, retrieving, manipulating and communicating information since the
Sumerians in Mesopotamia developed writing in about 3000 BC, but the term
information technology in its modern sense first appeared in a 1958 article
published in the Harvard Business Review; authors Harold J. Leavitt and
Thomas L.

As information becomes a valuable resource of a digital firm, the infrastructure

used to care for it is also considered as valuable resource of an organization. This
Chapter will examine all of the components that comprise todays and
tomorrow‘s IT infrastructure and how it can be managed in best way.

What is IT Infrastructure?
IT infrastructure refers to the composite hardware, software, network resources
and services required for the existence, operation and management of an
enterprise IT environment. It allows an organization to deliver IT solutions and
services to its employees, partners and customers and is usually internal to an
organization and deployed within owned facilities. Typically, a standard IT
infrastructure consists of the following components:
• Hardware: Servers, computers, data centers, switches, hubs and routers,


etc.
• Software: Enterprise resource planning (ERP), customer relationship


management (CRM), productivity applications and more.
• Network: Network enablement, Internet connectivity, firewall and


security.
• Persware: Human users, such as network administrators, developers,
designers and generic end users with access to any IT appliance or service
are also part of an IT infrastructure, specifically with the advent of user-
centric IT service development.

To round out the list of IT infrastructure components we need to add the

following services to computing hardware and software:
60
 • Computing services: Provide platforms that ensure a coherent digital
environment

• Telecommunications services: Determine appropriate data, voice, and
video that connect employees, customers, and suppliers

• Data management services: Not just store, but manage massive amounts
of corporate data and make it available for users to analyze

• Application software services: Enterprise resource planning, customer
relationship management, supply chain management and knowledge
management systems

• Physical facilities management services: Physical installation of
computing, telecommunications, and data management services

• IT management services: Plan and develop infrastructures, coordinate IT
services among business units, account for IT expenditure, and provide
project management services

• IT standards services: Develop policies that ensure interoperability of all
IT infrastructure components

• IT education services: Train employees to properly use IT investments and
educate managers about planning for and managing the investments

• IT research and development services: Research future IT projects and
investments

Firms
Business Strategy

Customer

Firms IT Strategy IT Services Supplier

Infrastructure provided by the
Firm Business
Partners

IT Capabilities

Fig: Connection between Firm, IT Infrastructure and Business Capabilities

61
Evolution of IT Infrastructure
Reviewing the evolution of corporate IT infrastructure offers some insight into
where we may be headed. Five stages in the evolution of IT infrastructure can be
identified. Which are described below:
General-purpose mainframe and minicomputer era (1959 to present)
The introduction and continued use of mainframes. Mainframes were the first
powerful computers that could provide time sharing, multi tasking, and virtual
memory, and became powerful enough to support thousands of remote
terminals. The mainframe era was a period of highly centralized computing
controlled by programmers and system operators. In this era dumb terminals
were normally connected with centralized computing facilities. Minicomputers
are, powerful yet less expensive computers, began to change this pattern,
allowing decentralized computing customizable to individual departments or
business units. It‘s interesting to note that IBM began this era and remains the
sole supplier of mainframe computing. Although the experts and pundits
predicted the death of mainframes in the mid-1980s, they have evolved and
remain a strong, viable component in many IT infrastructures because of their
ability to store and process huge amounts of data and transmissions

Personal computer era (1981 to present)

The appearance of the IBM PC in 1981 is usually considered the beginning of the
PC era. Advances developed for personal computers in the home have given rise
to much of the advances in corporate computing in the last 25 years. As the home

62
user became more comfortable with using computers, and more applications
were developed for personal computers, employees demanded increased use of
computers in the workplace. While the Wintel PC standard has dominated this
era, open-source software is starting to put a big dent into that stronghold.

Client/server era (1983 to present)

In client/server computing, desktop or laptop computers called clients are
networked to server computers that provide the clients with services and
capabilities. Computer processing work is split between these two types of
machines. The client is the user point of entry, whereas the server typically
processes and stores shared data, serves up Web pages, or manages network
activities. The term server refers to both the software application and the
physical computer on which the network software runs. The server could be a
mainframe, but today server computers typically are more powerful versions of
personal computers. In two-tiered client/server architecture, a client computer is
networked to a server with processing split between the two. In multi-tiered (N-
tier) client/server architecture, the work of the entire network is balanced over
several different levels of servers. Distributing work across a number of smaller
inexpensive machines cost much less than minicomputers or mainframes.

63
Enterprise computing era (1992 to present)
The Internet networking technology Transmission Control Protocol/Internet
Protocol (TCP/IP) suite enables enterprises to link disparate devices and local
area networks (LANs) into single enterprise-wide networks. Integrated
computing environments allows for much faster and seamless gathering and
distribution of data. Perhaps no other era has seen the explosive growth in
functionality and popularity as this era. The problems created by proprietary,
closed systems are being solved by the standards and open-source software
created in this era.

Cloud and mobile computing era (2000 to Present)

Cloud computing is defined as a type of computing that relies on sharing
computing resources rather than having local servers or personal devices to
handle applications. Cloud computing enables companies to consume compute
64
 resources as a utility -- just like electricity -- rather than having to build and
maintain computing infrastructures in-house. Cloud computing promises several
attractive benefits for businesses and end users. Three of the main benefits of
cloud computing includes:
 Self-service Provisioning: End users can spin up computing resources for
almost any type of workload on-demand.

 Elasticity: Companies can scale up as computing needs increase and then
scale down again as demands decrease.

 Pay per use: Computing resources are measured at a granular level,
allowing users to pay only for the resources and workloads they use.

Technology Drivers of Infrastructure Evolution

There are five important features or characteristics of information technology
today that act as drivers toward the expansion and further development of
technology. These include:
Moore’s Law and Microprocessing Power
Moore‘s Law states that microprocessing power doubles in every two years.
Variations of this law assert that
• Microprocessing power doubles in every 18 months

• Computer power doubles in every 18 months

• The price of computing falls by half in every 18 months.

Perhaps no other law holds as much weight in the evolution of computers as

Moore‘s Law. Microprocessor chips using transistors have helped increase
computing power exponentially. At the same time packing more transistors into
less space has driven down transistor cost dramatically as well as the cost of the
products in which they are used. An Intel® processors today can contain as

65
many as 1 billion transistors, run at 3.2 GHz and higher, deliver over 10,000
MIPS, and can be manufactured in high volumes with transistors that cost less
than 1/10,000th of a cent.

Nanotechnology uses individual atoms and molecules to create computer chips

thousands of times smaller than current technologies permit. Nanotubes have
potential uses as minuscule wires or in ultrasmall electronic devices. Other
technologies promise to further miniaturize transistors and improve chip
technology.

The Law of Mass Digital Storage

The Law of Mass Digital Storage states that while the amount of digital
information produced worldwide doubles every year, the cost of storing digital
information is falling at an exponential rate. In the early evolution of computing,
storage needs were based on written text. Now we need the extra storage for
photos, music, and video. From 1980 to 1990, hard disk drive capacities for PCs
grew at the rate of 25 percent annual compound growth, but after 1990, growth
accelerated to more than 65 percent each year.

Metcalfe’s Law and Network Economics

Metcalfe's Law described the value of a network grows exponentially with each
increase in membership to the network. Demand for information technology has
been driven by the social and business value of digital networks, which rapidly
multiply the number of actual and potential links among network members. If
you build a network for ten users, you‘ll spend the necessary money for the basic
equipment. If you already have the equipment in place, you can add one more
user at nominal costs. However, the additional user will bring value to the
network far beyond what it costs to add him/her.

Declining Communications Costs and the Internet

One of the biggest drivers in the exploding use of computers is directly
attributable to the Internet. It‘s getting cheaper every day to connect to the
Internet because of declining communication costs. As more and more users
connect to the Internet, businesses must find ways to meet the expectations and
demands of users, especially in the area of mobile computing devices.

The rapid decline of communication costs and the exponential growth in size of

66
Standards and Network Effects
Technology Standards and specifications establish the compatibility of products
and the ability to communicate in a network, unleash powerful economies of
scale and result in price declines as manufacturers focus on products built to a
certain standard. Some of the important standards that have shaped IT
infrastructure include ASCII, UNIX, TCP/IP, Ethernet, the IBM/Microsoft/Intel
Personal Computer, and the World Wide Web.

ASCII stands for American standard code for information interchange and made
it possible to exchange data among computers developed by different
manufacturers. UNIX is an open source multitasking operating system that is
used by variety by computers developed by different manufacturers. TCP/IP
stands for transmission control protocol/internet protocol and is a suit of
communication protocols that defines common language for establishing
communication between different computers attached in a network. Ethernet
enables desktop computers to local area networks. IBM/Microsoft/Intel Personal
Computer is the standard Wintel design for personal computers based on Intel
processors and other devices and Microsoft Windows operating systems.

Infrastructure Components
In the early days of personal computers, the printer you had your eye on may
not have worked with your brand of computers. You had to buy a scanner built
specifically for your computer. You couldn‘t connect to the Internet unless you
had the correct modem for your Internet Service Provider. The evolution we are
now experiencing is aiming to fix these problems and make computing
ubiquitous anytime, anywhere. IT infrastructure is composed of seven major
components that aim to achieve above mentioned goal.

1. Computer Hardware Platforms: It includes client machines and server

machines, as well as modern main frames produced by IBM. Blade Servers
are ultrathin servers, intended for a single dedicated application, and are
mounted in space-saving racks.
2. Operating System Platforms: It includes platforms for client computers,
dominated by Windows operating systems, and servers, dominated by the
various forms of the UNIX operating system or Linux. Operating

67
 Systems are software that manage the resources and activities of the
computer and act as an interface for the user.
3. Enterprise and Other Software Applications: It includes SAP, Oracle, and
PeopleSoft, and middleware software that are used to link a firm's existing
application systems.
4. Data Management and Storage: It is handled by database management
software and storage devices include traditional storage methods, such as
disk arrays and tape libraries, and newer network-based storage
technologies such as storage area networks (SANs). It is the network that
connects multiple storage devices on dedicated high-speed networks.
5. Networking and Telecommunications Platforms: It includes Windows
server operating systems, Novell, Linux, and UNIX. Nearly all LANs and
many wide area networks (WANs) use the TCP/IP standards for
networking.
6. Internet Platforms: It overlaps with, and must relate to, the firm's general
networking infrastructure and hardware and software platforms. Internet-
related infrastructure includes the hardware, software and services to
maintain corporate Web sites, intranets, and extranets, including Web
hosting services and Web software application development tools. A Web
hosting service maintains a large Web server, or series of servers, and
provides fee-paying subscribers with space to maintain their Web sites.
7. Consulting and System Integration Services: Theses are relied on for
integrating a firm's legacy systems with new technology and
infrastructure and providing expertise in implementing new
infrastructure along with relevant changes in business processes, training,
and software integration. Legacy systems are generally older transaction
processing systems created for mainframe computers that continue to be
used to avoid the high cost of replacing or redesigning them.

68
Hardware Platforms and Emerging Technologies
If some of these IT infrastructure components like storage and
telecommunications have gotten so cheap, why does it seem like companies are
spending more and more money on information technology? This is because
users are demanding better, faster, and easier ways to use computers and more
ways to communicate with others. Let‘s discuss some of these hardware
technologies that are helping companies meet the growing technology demand
of employees, customers, suppliers, and business partners.

The Emerging Mobile Digital Platform

Anytime, anywhere, 24/7, 365. That‘s what computer users now expect.
Technology manufacturers are meeting the demand with a host of new
communication devices like cell phones and smartphones. The newest gadgets

69
 on the market are tablets and e-book readers like the Kindle from Amazon.com
or Barnes & Noble‘s Nook reader. Smartphones are getting —well—smarter, and
proving more reasons for users to migrate away from traditional desktop PC
computing.. Tablets are miniaturized subnotebooks that are built specifically for
wireless communications and Internet access. Even though they may be small in
size, they still pack a lot of computing power.

Grid Computing
Take a moment and think about how much time you don’t use your personal
computer. It‘s actually quite a lot. In fact, most computers are idle more time
than not. What if you could combine all the idle time of hundreds or thousands
of computers into a continuous, connected computing capacity to capture,
process, manage, store, and retrieve data? You wouldn‘t have to purchase
mammoth, super computers to realize this capability and capacity.

Grid computing is the technique that utilizes the idle computational resources of
separate, geographically remote computers to create a single virtual
supercomputer. In this process, a server computer breaks data and applications
into discrete chunks that are parceled out to the grid's machines. Three reasons
why grid computing is appealing to companies include:
  Cost savings
  Computational speed
 Computational agility

Virtualization and Multicore Processors

Virtualization is the process of presenting a set of computing resources (such as
computing power or data storage) so that they can all be accessed in ways that
are not restricted by physical configuration or geographic location. Server
virtualization enables companies to run more than one operating system at the
same time on a single machine. Most servers run at just 10 to 15 percent of
capacity, and virtualization can boost utilization server utilization rates to 70
percent or higher. Here‘s a list of the benefits businesses enjoy from using
virtualization:
 • Increase equipment utilization rates
 • Conserve data center space and energy usage
 • Require fewer computers and servers
 • Combine legacy applications with newer applications
• Facilitate centralization and consolidation of hardware administration

70
 A Multicore processor is an integrated circuit that contains two or more
processors. This technology enables two or more processing engines with
reduced power requirements and heat dissipation to perform tasks faster than a
resource-hungry chip with a single processing core.

Cloud Computing and the Computing Utility

Cloud computing is already defined in this chapter. Basically, cloud computing
is defined by five characteristics:
 On-demand self-service: Users can access computing capabilities
whenever and wherever they are.

 Ubiquitous network access: No special devices are necessary for
accessing data or services.

 Location independent resource pooling: Users don‘t need to be
concerned about where the data are stored.

 Rapid elasticity: Computing resources expand and contract as necessary
to serve users.

 Measured service: Users pay only for the computing capabilities actually
used.

Figure 5-10 Cloud Computing Platform

71
 Almost any type of computing device can access data and applications from
these clouds through three types of services:
 Cloud infrastructure as a service: Allows customers to process and store
data, and use networking and other resources available from the cloud.

 Cloud platform as a service: The service provider offers infrastructure
and programming tools to customers so they can develop and test
applications.

 Cloud software as a service: The vendor provides software programs on a
subscription fee basis.

Cloud computing is becoming popular because customers only pay for the
computing infrastructure that they actually use. In many cases users experience
lower IT costs than if they had to buy all the equipment, hire the technical staff to
run it and maintain it, and purchase software applications. This type of on-
demand computing is beneficial to small and medium-size companies since they
can easily scale up and down their IT requirements as the pace of their business
demands it. Larger organizations however, may not want their most sensitive
data stored on servers which they don‘t control. System reliability is also a special
concern to all businesses. The unavailability of business data and applications for
even a few hours may be unacceptable. Three kinds of clouds are available:

 Public cloud: A public cloud is basically the internet. Service providers

use the internet to make resources, such as applications and storage,
 available to the general public. Examples of public clouds include
 Amazon Elastic Compute Cloud (EC2), IBM‘s Blue Cloud, Sun Cloud,
 Google AppEngine and Windows Azure Services Platform.
 Private cloud: These clouds are data center architectures owned by a
single company that provides flexibility, scalability, provisioning,
automation and monitoring. The goal of a private cloud is not sell ―as-a-
service‖ offerings to external customers but instead to gain the benefits of
cloud architecture without giving up the control of maintaining your own
data center.

 Hybrid cloud: By using a Hybrid clud, companies can maintain control of
an internally managed private cloud while relying on the public cloud as
needed. For instance during peak periods individual applications, or
portions of applications can be migrated to the Public Cloud.

72
 Autonomic Computing
Autonomic computing is a step toward creating an IT infrastructure that is able
to diagnose and fix problems with very little human intervention. It is an
industry-wide effort to develop systems that can configure, optimize, repair, and
protect themselves against intruders and viruses, in an effort to free system
administrators from routine system management, reduce costly system crashes.
Today's virus software with automatic virus updates is one example of
autonomic computing. Thus autonomic computing features systems that can:
  Configure themselves
  Optimize and tune themselves
  Heal themselves when broken
 Protect themselves from intruders and self-destruction

Although this type of computing is still rather new, it promises to relieve the
burden many companies experience in trying to maintain massive, complex IT
infrastructures.

Software Platform Trends and Emerging Technologies

You can have all the computer hardware money can buy, but if you don‘t have
the right software, you can‘t do very much with the hardware and you've wasted
a lot of money. There are five major themes in contemporary software platform
evolution:
1. Linux and open-source software
2. Java
3. Enterprise software
4. Web services and service-oriented architecture
5. Software outsourcing

Linux and Open-Source Software

Open-Source software is software produced by a community of several hundred
thousands of programmers around the world, and is available free of charge to
be modified by users, with minimal restrictions. The premise that open-source
software is superior to commercial software is based on the ability of thousands
of programmers modifying and improving the software at a much faster rate. In
return for their work, programmers receive prestige and access to a network of
other programmers, and additional for-pay work opportunities. The process of

73
improving open source software is monitored by self-organized, professional
programming communities. Thousands of open-source programs, ranging from
operating systems to office suites, are available from hundreds of Web sites.

Linux is an operating system related to UNIX, is one of the most well-known

open-source software, and is the world's fastest growing client and server
operating system, along with related Linux applications. The rise of open-source
software, particularly Linux and the applications it supports, has profound
implications for corporate software platforms: cost reduction, reliability and
resilience, and integration, because Linux works on all the major hardware
platforms from mainframes to servers to clients. Because of its reliability, low
cost, and integration features, Linux has the potential to break Microsoft's
monopoly of the desktop.

Open-source software isn‘t limited to Linux but includes applications such as

Mozilla Firefox Web browser and free office suite software such as OpenOffice.
OpenOffice.org is the result of over twenty years‘ software engineering.
Designed from the start as a single piece of software, it has a consistency other
products cannot match.
.
Software for the Web: Java, AJAX, and HTML
Java is an operating system-independent, object-oriented programming
language, has become the leading programming environment for the Web, and
its use has migrated into cellular phones, cars, music players, and more. For each
of the computing environments in which Java is used, Sun has created a Java
Virtual Machine that interprets Java programming code for that machine. In this
manner, the code is written once and can be used on any machine for which
there exists a Java Virtual Machine. A Macintosh PC, an IBM PC running
Windows, a Sun server running UNIX, and even a smart cellular phone or
personal digital assistant can share the same Java application.

AJAX stands for Asynchronous JavaScript and XML. AJAX is a new technique
for creating better, faster, and more interactive web applications with the help of
XML, HTML, CSS, and Java Script. Conventional web applications transmit
information to and from the sever using synchronous requests. It means you fill
out a form, hit submit, and get directed to a new page with new information
from the server. With AJAX, when you hit submit, JavaScript will make a request
to the server, interpret the results, and update the current screen. In the purest

74
 sense, the user would never know that anything was even transmitted to the
server. Simply we can say that AJAX is about updating parts of a web page,
without reloading the whole page.

Hypertext markup language (HTML) is the language that used for creating web
pages. The original version of HTML was created when the Web was first borne.
It never took into account that eventually people would want to incorporate
audio, video, and pictures within a Web page. More importantly, the authors of
basic HTML language never envisioned that people would want to access the
Web through small handheld devices, smartphones, tablets, and notebooks. As
our computing hardware has evolved, so too must the software that provides
information to all those devices. The next evolution of HTML is HTML5.

Web Services and Service-Oriented Architecture

Web services are XML-based information exchange systems that use the Internet
for direct application-to-application interaction. These systems can include
programs, objects, messages, or documents. Software applications written in
various programming languages and running on various platforms can use web
services to exchange data over computer networks like the Internet in a manner
similar to inter-process communication on a single computer. This
interoperability (e.g., between Java and Python, or Windows and Linux
applications) is due to the use of open standards. Four software standards and
communication protocols provide easy access to data and information via Web
services:
 XML—eXtensible Markup Language: Describes data in Web pages and
databases.

 SOAP—Simple Object Access Protocol: Allows applications to exchange data
and instructions.

 WSDL—Web Services Description Language: Describes a Web service so that
other applications can use it.

 UDDI—Universal Description, Discovery, and Integration: Lists Web services
in a directory so users can find them.

A service-oriented architecture (SOA) is architecture in computer software

design in which application components provide services to other components
via a communication protocol, typically over a network. The principles of
service-orientation are independent of any vendor, product or technology.

75
 Software Outsourcing and Cloud Services
Like businesses were going to outside vendors to meet their hardware needs,
Organizations are now doing much the same for their software needs. Three
external sources for software outsourcing are: Software packages from a
commercial vendor, cloud-based software services and tools, and outsourcing
custom application development

 Software Packages and Enterprise Software: A commercial software

package is a prewritten set of software programs for certain functions,
eliminating the need for a firm to write its own software program.
Rather than design, write, test, and maintain legacy systems, many
organizations choose to purchase software packages from other
companies that specialize in certain programs. Enterprise software is
large and complex software that includes content, collaboration, and
communication software. These systems are so complex that few
corporations have the expertise to develop these in house. Vendors such
as SAP and PeopleSoft have developed powerful software packages that
can support business processes such as customer relationship
management, supply chain management, human resource management.

 Software Outsourcing: Outsourcing is a mechanism in which a firm
contracts custom software development or maintenance to outside
firms, normally to the firms operating in low-wage areas of the world.
With the growing sophistication and experience of offshore firms, more
and more new-program development is outsourced. The Internet has
made this option more viable than it ever was. Companies primarily
outsource to reduce certain costs — such as peripheral or "non-core"
business expenses, high taxes, high energy costs, excessive government
regulation/mandates, production and/or labor costs. The incentive to
outsource may be greater for U.S. companies due to unusually high
corporate taxes and mandated benefits, like social security, Medicare,
and safety protection

 Cloud-based Software Services and Tools: Small and mid-size companies
in need of sophisticated software can rent only what they need and can
afford through online software as a service (SaaS) providers. For
instance, Right Now Technologies provides applications services via the
Internet for customer service and marketing programs. Because these

76
 services are Web-based, data are accessible from virtually any computer
connected to the Internet. Workers can collaborate with others in distant
offices through a Web-based SaaS, and no one has to worry about their
files being compatible with others. There is some danger to outsourcing
your information resources to this kind of service. Remember, all your
data are stored on another company’s server computers and you have
little control of it. What happens if the service provider goes out of
business? How secure are data stored on the servers? These are just
some of the issues managers must address when they consider using
SaaS providers versus in-house technology support. Businesses must
exercise caution when using software outsourcing or SaaS providers.
Service level agreements (SLA) help protect both customers and the
service providers.

Mashups and Apps

The term mash-up refers to a new breed of Web-based applications created by
programmers to mix at least two different services from disparate, and even
competing, Web sites. The term mash-up comes from the hip-hop music practice
of mixing two or more songs. Mash-ups are often created by using a
development approach called Ajax . Here's a sampling of mash-up Web sites:
 Panoramio : a mash-up of Google Maps and geopositioned photographs


of locations
 Hiking Outpost : a mash-up of Amazon and online hiking information


resources
 HousingMaps : a mash-up of Google Maps and Craigslist rental ads that
displays geographical information for rental properties.

App is an abbreviated form of the word application, and are very small
programs that perform one particular task. They can be loaded to your hand-
held computing device, including smartphones, e-book readers (in some cases)
or tablet computers like the iPad. It‘s worth noting that most apps are developed
for a specific device or devices from a specific company. Apps that are written
for the Apple company will run on any Apple device. However, apps written for
an Apple device will generally not run on a device manufactured or sold by
Samsung or a BlackBerry. More and more apps are being created for the business
user that lets her access server documents, call up sales data from the corporate
database, or schedule meetings with colleagues or customers.

77
Chapter Unit 6
Foundations of Business Intelligence: Databases and Information
Management
Data vs. Information
Data is raw facts collected from environment about physical phenomena or
business transactions. Data can be in any form-numerical, textual, graphical,
image, sound, video etc. It has no meaning. It is input to any system in an
organization. For example, data would be the marks obtained by students in
different subjects.
On the other hand information is defined as refined or processed data that has
been transformed into meaningful and useful form for specific users. For
example, after processing the marks obtained by student it transformed into
information, which is meaningful and from which we can decide which student
stood first, second and so forth. Information comes from data and takes the form
of table, graphs, diagrams etc.

Data hierarchy \file organization concept

A computer system organizes data in a hierarchy that starts with bits and bytes
and progresses to fields, records, files, and databases. A bit represents the
smallest unit of data a computer can handle. A group of bits, called a byte,
represents a single character, which can be a letter, a number, or another symbol.
A grouping of characters into a word, a group of words, or a complete number
(such as a person‘s name or age) is called a field. A group of related fields, such
as the student‘s name, the course taken, the date, and the grade, comprises a
record; a group of records of the same type is called a file.

Bit

Character

Field

Record

File

Database

78Storage Hierarchy
Figure: - Data
Organizing Data in a traditional file environment
File management systems (FMS) are also called flat file systems. It stores data in
a plain text file. A flat file is a file that contains records, and in which each record
is specified in a single line. Fields from each record may simply have a fixed
width with padding, or may be delimited by whitespace, tabs, commas or other
characters. Extra formatting may be needed to avoid delimiter collision. There
are no structural relationships and the data are "flat" as in a sheet of paper. For
example, the records in Figure below could constitute an author file. A group of
related files makes up a database (E.g. files author, book, and publisher etc
makes up a database publication). The author file illustrated in Figure below
could be grouped with files on book and publisher to create a publication
database.

Publication database
Database Author file Book file Publisher file

Author
Aid Aname Address Email
File A01 Arjun Balkhu
[email protected]
A02 Dilli Baglung
[email protected]

Aid Aname Address

Record
Email

Field Bhupendra (Author name)

Byte 0101 0001

Bit 0 or 1
In this approach each application has data files related to it containing all the
data records needed by the application. Thus, an organization has to develop
number of application programs each with an associated application-specific
data files. For example, in a college MIS, the library programs, accounting

79
 programs, and examination programs would have their own data files as shown
in figure below:

Student Data
Library ▪

▪ Teacher Data
Programs
Library Data ▪ Book Data
Files ▪ Book Issue Data

Accounting ▪ Student Data

Programs ▪ Teacher Data
Account Data ▪ Salary Info
Files ▪
Financial Aid

Examination ▪ Student Data

Programs ▪ Teacher Data
Exam Data Files ▪ Marks Info
Figure: File-based approach to data processing

▪ Course Info

Problems with the traditional file environment

The key problems in the traditional file environment are listed below:
  
Data Redundancy
 
 Data Inconsistency
 
 Data Isolation
 
 Difficulties in accessing data
 
 Integrity problem
 
 Atomicity problem
 
 Concurrent access anomalies
 
Security problems
Data redundancy: Data redundancy means duplication of same data or data files
in different places. Flat file systems are suffered from the problem of high data
redundancy. For example, record (such as student id, name, level, program,
section etc) of a student may appear in library data files as well as examination
data files. This redundancy leads to higher storage and access cost. On the other
hand database management systems can greatly reduce the problem of data
redundancy. Note that DBMS cannot remove data redundancy problem
completely.

80
Data inconsistency: Data inconsistency is side effect of data redundancy. Data is
said to be inconsistent if various copies of the same data may no longer agree.
Data inconstancy occurs if changed data is reflected in data files in one place but
not elsewhere in the system. For example, if library data file contains cell number
of a student as 9841567843 but examination data files stores 9851167895 as cell
number of the student then we can say that data is inconsistent. Flat file systems
may suffer from the problem of data inconsistency. But database systems can
remove the problem of data inconstancy by automatically propagating data
updates done in one file in the database in other data files.

Data isolation: Because data are scattered in various files, and files may be in
different formats, writing new application programs to retrieve the appropriate
data is difficult in flat file systems. For example, one data file may contain data
separated of comma and another data file may contain data separated by white
space.
Student Data file Book Data file
S01, Suman, BBA,Mahendranagar B05 DBMS SaudArjun Kanchanpur
S02, Binu, B.Sc. CSIT, Kathmandu B06 java. SharmaDilli Baglung
S03, Ronit, B.E. Computer, Chitwan B07 MIS BhattaJagadish Kanchanpur

(a) (b)
Figure: Data files (a) Data separated by comma (b) Data separated by white space
Database management systems provide shared access to centrally stored data
therefore it is easy for application programs to retrieve required data from
centralized database. Application programs do not need to bother about format
of stored data.

Difficulty in accessing data: File processing systems do not allow required data
to be retrieved in efficient and convenient way. For example, assume we already
have program to generate the list of books on the basis of subject. Now, if we
need to generate the list of books on the basis of author name, either we need to
extract the data from book data files manually or we should request the
programmer to write a program to retrieve required data from the book data file.
Both of the alternatives are not satisfactory.

81
Integrity problems: Integrity means correctness of data before and after
execution of a transaction. Integrity constraints are condition applied to the data.
For example, if maximum salary in an organization is 150,000 then we have the
integrity constraint ―salary ≤ 150,000‖. Integrity constraints are important to
maintain correctness of data. It plays vital to prevent users from doing mistakes.
For example, if user mistakenly types 200,000 in place of 20,000 while
transferring salary of an employee in his/her account, specified integrity
constrain is violated and hence the system tell the user about the mistake.
Unfortunately, flat file systems do not allow us to specify integrity constraint and
hence it is difficult to maintain correctness of data. On the other hand, database
management systems allow us to specify integrity constraints on data therefore
relatively it is easy to maintain correctness of data .

Atomicity problems: Execution of transactions must be atomic. This means

transactions must execute at its entirety or not at all. If execution of transaction is
not atomic, it leaves database in incorrect sate. Consider the example of
transaction that transfers 5000 rupees from account A to account B.
If the execution of transaction is failed at the point specified in above figure, it
causes 5000 rupees to be deducted from account A without depositing it in
account B. File processing system do not guarantee atomic execution of
transactions and hence this type of problems may occur in databases. But
database systems guarantees atomicity of execution of transaction and hence
above mentioned problem can be eliminated.
Read (A)

A=A-5000

Write (A) Point of

Failure
Read (B)

B=B+5000

Write (B)

Concurrent-access anomalies: Concurrent updates to same data by different

transactions at the same time may result in inconsistent data. Consider bank
account ‗A‘, containing 50,000 Rs. If two customers withdraw funds say 15,000

82
and 20,000 respectively from account A at about the same time, the result of the
concurrent executions may leave the account in an incorrect (or inconsistent)
state, if the programs executing on behalf of each withdrawal read the old
balance as below. Flat file systems do not supports execution of concurrent
transactions and hence may suffer from the problem mentioned below. But,
database systems support concurrent execution of transactions on the same data
without resulting into inconstant data.

Withdraw by Customer1 Withdraw by Customer2

(T1) (T2)
Read (A)
A=A-15000
Read (A) Reads old balance
A=A-20000 Final Balance=30000
Write (A) Wrong!!!!!!!!
Write (A) It must be 15000

Security problems: In database system we may create different user accounts

and provide different authorization to different users. Thus we are able to hide
certain information from some users. For example, in a banking system, payroll
personnel need to see only that part of the database that has information about
the various bank employees. They do not need access to information about
customer accounts. This type of restriction is essential for security purpose. But,
file processing system do not allow us to create user accounts thus all users have
equal access to the data. Due to this it is difficult to maintain security of flat file
systems. Besides this file processing systems do not have any provisions for
periodic backup of data and recovery from data loss which are provided by
database management systems.

The database approach to data management

Database technology cuts through many of the problems of traditional file
organization. A more rigorous definition of a database is a collection of data
organized to serve many applications efficiently by centralizing the data and

83
 controlling redundant data. Rather than storing data in separate files for each
application, data are stored so as to appear to users as being stored in only one
location.

Database Management Systems (DBMS)

A database is an organized collection of logically related data that contains information
relevant to an enterprise. The database is also called the repository or container for a
collection of data files. For example, university database maintains information about
students, courses and grades in university.

A Database Management System (DBMS) is the set of programs that is used to store,
retrieve and manipulate the data in convenient and efficient way. Main goal of database
management system (DBMS) is to hide underlying complexities of data management from
users and provide easy interface to them. Some common examples of the DBMS software
are Oracle, Sybase, Microsoft SQL Server, DB2, MySQL, Postgres, Dbase, Ms-Access
etc. Database management system that maintains relationship between multiple data files
is called Relational Database Management system (RDBMS).

Program-ID Program-Name
C002 BBA
Student
C021 B. Sc CSIT
C112 BIM
S-ID Name Address Program-ID
Fi C321 B. ed.
S-12 Pawan Joshi C002
Foreign Keys
S-14 Yamman Karki C021 g: Primary key and foreign key
S-51 Abin Saud C321 A database system consists of
database, database Management
S-11 Binak Singh C112 Program
system, and application programs.
mply, we can say that application software that uses DBMS for data Relationships
management is called database system. Thus MS word is just an application
program but it is not database systemPrimarybecauseKeys it does not use DBMS
for the purpose of managing data. On the other hand a library management
information system can be database system if it uses DBMS for the purpose
managing database. As mentioned above database is a repository for a collection
of computerized data files. Users of database system can perform a variety of
operation on such file. For example, in a database management system, the
library system, accounting management system, and examination system

84
 programs would have a common database. This database based approach to data
processing is shown in fig below:
Library
Database Management Programs
Database system (DBMS) Accounting
Programs
Examination
Programs

Figure: Database system approach to data processing

Capabilities of database Management systems

A DBMS includes capabilities and tools for organizing, managing, and accessing
the data in the database. The most important are its data definition language,
data dictionary, and data manipulation language.
DBMS have a data definition capability to specify the structure of the content of
the database. It would be used to create database tables and to define the
characteristics of the fields in each table. This information about the database
would be documented in a data dictionary. A data dictionary is an automated or
manual file that stores definitions of data elements and their characteristics. The
key capabilities of database management systems are listed below:
  
Querying and reporting
 
 Maintaining complex relationship among data
 
 Provide backup and recovery
 
 Data availability
 
 Maintaining data integrity
 
 Minimize data redundancy
 
 Improve data security
 
Handling concurrent access anomalies

Querying and reporting

The database contains the huge amount of data. Querying helps to filter the data
and present only what the user requires. The most popular type of query
language is SQL. It uses English like structured syntax for creating queries.
Now after filtering data from the database through query languages it is equally
necessary to present the data in an appropriate structure. DBMS have the
85
capabilities to generate reports on the user-desired data based on user-desired
structure. Crystal report is a popular report generator for large corporate DBMS.

Maintaining complex relationship among data

A database is the collection of interrelated data. The DBMS has the capabilities of
creating a link between the data in various tables. This capability helps to
retrieve complete information in a timely fashion as well as efficient update of
data. In DBMS this type of relation can be created by using the concept of
primary key and foreign key i.e. using referential integrity constraint concept.

Provide backup and recovery

DBMS has the capability to create a backup of the data. This backup can be used
to recover the lost data when accidental loss of data occurs.

Data availability
One of the principle advantages is that the same business data can be made
available to different employees anytime anywhere. DBMS enables multi-user
access to information that is available remotely and 24 hours a day, 7 days a
week.

Maintaining data integrity

Data accuracy, consistency and relevant data is a sign of data integrity. With the
help of DBMS, companies can foster the integrity of their business records
because changes to the data only have to be made in one place.

Minimize data redundancy

DBMS has the capabilities to keep the relationship among different tables due to
which there is less chances of data redundancy. Information in DBMS is kept
concise and appears just once. This capability reduces data redundancy.

Improve data security

86
DBMS allows user authentication through password. Authorized users can
access only the data for which they are granted privilege. Thus it provides a
system of permissions to restrict user access to certain data resources.
Handling concurrent access anomalies
Database management system prevents from accessing the data concurrently. It
is achieved through isolation, which guarantees that other operations cannot
access data that are being processed or modified during the transaction until it is
completed.

How a DBMS Solves the Problems of the Traditional File Environment?

A DBMS reduces data redundancy and inconsistency by minimizing
isolated files in which the same data are repeated. The DBMS may not enable the
organization to eliminate data redundancy entirely, but it can help control
redundancy. Even if the organization maintains some redundant data, using a
DBMS eliminates data inconsistency because the DBMS can help the
organization ensure that every occurrence of redundant data has the same
values. The DBMS uncouples programs and data, enabling data to stand on their
own. Access and availability of information will be increased and program
development and maintenance costs reduced because users and programmers
can perform ad hoc queries of data in the database. The DBMS enables the
organization to centrally manage data, their use, and security.

Designing Database
To create a database, you must understand the relationships among the data, the
type of data that will be maintained in the database, how the data will be used,
and how the organization will need to change to manage data from a company-
wide perspective. Designing a database requires an understanding of the
business functions you want to model. It also requires an understanding of the
database concepts and features that you want to use to represent those business
functions. Make sure that you accurately design the database to model the
business, because it can be time-consuming to significantly change the design of

87
 a database after you implement it. A well-designed database also performs
better.
The database requires both a conceptual design and a physical design. The
conceptual, or logical, design of a database is an abstract model of the database
from a business perspective, whereas the physical design shows how the
database is actually arranged on direct-access storage devices.
The conceptual database design describes how the data elements in the database
are to be grouped. The design process identifies relationships among data
elements and the most efficient way of grouping data elements together to meet
business information requirements. The process also identifies redundant data
elements and the groupings of data elements required for specific application
programs. Groups of data are organized, refined, and streamlined until an
overall logical view of the relationships among all the data in the database
emerges.
The conceptual database design deals with two important concepts:
  
Normalization and
 
Entity relationship diagram

1) Normalization
“The process of decomposing unsatisfactory "bad" relations by breaking up their
attributes into smaller relations is called normalization”
While designing a database out of an entity–relationship model, the main
problem existing in that raw database is redundancy. Redundancy is storing the
same data item in more one place. A redundancy creates several problems like
the following:
▪ Extra storage space: storing the same data in many places takes large
amount of disk pace.

▪ Entering same data more than once during data insertion.

▪ Deleting data from more than one place during deletion.

▪ Modifying data in more than one place.

▪ Anomalies may occur in the database if insertion, deletion, modification
etc are no done properly. It creates inconsistency and unreliability in the
database.
To solve this problem, the raw database needs to be normalized. This is a step by
step process of removing different kinds of redundancy and anomaly at each
88
step. At each step a specific rule is followed to remove specific kind of impurity
in order to give the database a slim and clean look. The process of reducing data
redundancy and removing database modification anomaly in a relational
database is called normalization.
In brief the process of creating small, stable, yet flexible and adaptive data
structures from complex groups of data is called normalization.
Example: Let‘s take a relation that is in un-normalized form
as, Student
Sid Sname Address Phone_No
1 Bishnu Kalanki 9849145464, 9813335467
2 Ramhari Balkhu 9841882345, 099392844
3 Geeta Kirtipur 9848334898,
4 Dipika Pokhara 9849283847
5 Monika Ratopool 9840084732, 9803267499
Since in this relation multi-valued attribute exist thus this relation is not in
normalized form. Now converting this relation into normal form by
decomposing this relation into two relations as,

Student Phone
Sid Sname Address Sid Phone_No
1 Bishnu Kalanki 1 9849145464
2 Ramhari Balkhu 1 9813335467
3 Geeta Kirtipur 2 9841882345
4 Dipika Pokhara 2 099392844
5 Monika Ratopoo 3 9848334898
l 4 9849283847
5 9840084732
Fig: Relations in Normalized 5 9803267499 form

Example 2: Employee-Department
Emp-Id Emp-Name Emp-Salary Dept-No Dept-Name
1 Bhupi 40000 D1 BBA
1 Bhupi 40000 D2 CSIT
2 Bindu 30000 D3 BBS

89
 3 Arjun 60000 D1 CSIT
In the above relation {Emp-Id, Dept-No} is the primary key. Emp-Name, Emp-
Salary and Dept-Name all depend upon {Emp-Id, Dept-No}. Again Emp-
  
Id Emp-Name, Emp-Id Emp-Salary and Dept-No Dept-Name, thus there
also occur partial dependency. Due to which this relation is not in 2 NF.
Now converting this relation into 2 NF by decomposing this relation into three
relations as,
Employee Emp-Dept Department
E_Id E_Name E_Salary E_Id D_No D_No D_Name
1 Bhupi 40000 1 D1 D1 BBA
2 Bindu 30000 1 D2 D2 CSIT
3 Arjun 60000 2 D3 D3 BBS
3 D1
Fig: Relations in 2 NF

2) Entity relationship diagram

An E-R diagram is a specialized graphical tool that demonstrates the
interrelationships among various entities of a database. It is used to represent the
overall logical structure of the database. While designing E-R diagrams, the
emphasis is on the schema of the database and not on the instances. This is
because the schema of the database is changed rarely; however, the instances in
the entity and relationship sets change frequently. Thus, E-R diagrams are more
useful in designing the database. E-R diagram focuses high level database design
and hides low level details of database representation therefore it can be used to
communicate with users of the system while collecting information. Example:

Tid Name S Name Roll No

Teacher Teaches Students

Sid Level
Qualification Post

90
Using databases to improve business performance and decision
making
In a large company, with large databases or large systems for separate functions,
such as manufacturing, sales, and accounting, special capabilities and tools are
required for analyzing vast quantities of data and for accessing data from
multiple systems. These capabilities include data warehousing, data mining, and
tools for accessing internal databases through the Web.
Data Warehouse
A data warehouse is a repository of multiple heterogeneous data sources
organized under a unified schema at a single site to facilitate management
decision making. A data warehouse is a subject-oriented, integrated, time-variant
and nonvolatile collection of data in support of management‘s decision-making
process.
a. Subject-Oriented: A data warehouse can be used to analyze a
particular subject area. For example, "sales" can be a particular subject.
b. Integrated: A data warehouse integrates data from multiple data
sources. For example, source A and source B may have different ways of
identifying a product, but in a data warehouse, there will be only a single
way of identifying a product.
c. Time-Variant: Historical data is kept in a data warehouse. For
example, one can retrieve data from 3 months, 6 months, 12 months, or
even older data from a data warehouse. This contrasts with a transactions
system, where often only the most recent data is kept. For example, a
transaction system may hold the most recent address of a customer, where
a data warehouse can hold all addresses associated with a customer.
d. Non-volatile: Once data is in the data warehouse, it will not
change. So, historical data in a data warehouse should never be altered.

A data warehouse is a repository of current and historical data of an

organization that are organized to facilitate reporting and analysis. The data
originate in many core operational transaction systems, such as systems for sales,
customer accounts, and manufacturing, and may include data from Web site
transactions. The data warehouse consolidates and standardizes information
from different operational databases so that the information can be used across

91
the enterprise for management analysis and decision making. Figure below
illustrates how a data warehouse works. The data warehouse makes the data
available for anyone to access as needed, but it cannot be altered. A data
warehouse system also provides a range of ad hoc and standardized query tools,
analytical tools, and graphical reporting facilities. Many firms use intranet
portals to make the data warehouse information widely available throughout the
firm.

Operation
al data

Customer OLAP
data Analysi
Met
ETL
a
Extraction,
data
Transformatio
Manufactu
n Reportin
ring data Sum
Loading - g
mary

Historical
Raw
data
data
Data
mining
External
data

Flat iles

Data warehouse

92
How does a data warehouse differ from a database?
There are a number of fundamental differences which separate a data warehouse
from a database. The biggest difference between them is that most database place
an emphasis on a single application, and this application will generally be one
that is based on transaction. If the data is analyzed, it will be done within a single
domain. In contrast, data warehouses deal with multiple domains
simultaneously.
Because data warehouse deals with multiple subject areas, the data warehouse
finds connections between them. This allows the data warehouse to show how
the company is performing as a whole, rather than in individual areas.
Another powerful aspect of data warehouse is their ability to support the
analysis of trends. They are not volatile, and the information stored in them
doesn‘t change as much as it would in a common database. Some of the major
differences between them are listed below:
Database Data Warehouse
1. In database tables and joins of 1. In data warehouse tables and joins
different tables are complex since are simple since they are de-
they are normalized for RDBMS. normalized. This is done to reduce
This is done to reduce redundant the response time for analytical
data and to save storage space. queries.
2. Entity Relational modeling 2. Data modeling techniques are used
techniques are used for RDBMS for Data Warehouse design.
database design. 3. High performance for analytical
3. Performance is low for analysis queries
queries. 4. Data warehouse is the place where
4. Database is the place where the data the application data is managed for
is taken as a base and managed to analysis and reporting purpose.
get available fast and efficient access. 5. Optimized for read operations.
5. Optimized for write operation. 6. Used forOnline Analytical
6. Used forOnline Transaction Processing (OLAP). This reads the
Processing (OLTP) but can be used historical data for the users for
for other purpose such as data business decision.
warehousing. This records the data
from the user for history.

93
 Data Marts
Data mart is a database that contains a subset of data present in a data
warehouse. We can divide a data warehouse into data marts after the data
warehouse has been created. A data mart is a subset of a data warehouse in
which a summarized or highly focused portion of the organization‘s data is
placed in a separate database for a specific population of users. For example, a
company might develop marketing and sales data marts to deal with customer
information. A data mart typically focuses on a single subject area or line of
business, so it usually can be constructed more rapidly and at lower cost than an
enterprise-wide data warehouse.

Data sources

Data marts

Data warehouse

Reasons for creating a data mart

• Creates collective view by a group of users

• Easy access to frequently needed data

• Ease of creation

• Improves end-user response time

• Lower cost than implementing a full data warehouse

• Potential users are more clearly defined than in a full data warehouse

• Contains only business essential data and is less cluttered

Tools for business Intelligence

94
Once data have been captured and organized in data warehouses and data
marts, they are available for further analysis using tools for business intelligence.
Business intelligence tools enable users to analyze data to see new patterns,
relationships, and insights that are useful for guiding decision making. Principal
tools for business intelligence include software for database querying and
reporting, tools for multidimensional data analysis (online analytical processing),
and tools for data mining.

Online analytical processing (OLAP): Multidimensional data analysis

OLAP supports multidimensional data analysis, enabling users to view the same
data in different ways using multiple dimensions (data cube). Multidimensional
data models are designed expressly to support data analyses. The goal of
multidimensional data models is to support analysis in a simple and faster way
by executives, managers and business professionals. These people are not
interested in the overall architecture.
Suppose your company sells five different products—Laptops,
Computers, TVs, Camera and Mobiles—in the East, West, North and Central
regions. If you wanted to ask a fairly straightforward question, such as how
many Computers were sold in the last week, you could easily find the answer by
using sales database. But what if you wanted to know how many Computers
sold in each of your sales regions and compare actual results with projected
sales, then the querying becomes complicated. In such a case OLAP is used.
Each aspect of information—product, pricing, cost, region, or time
period—represents a different dimension. So, a product manager could use a
multidimensional data analysis tool to learn how many Computers were sold in
the East reason in this week, how that compares with the previous week, and
how it compares with the sales forecast. OLAP enables users to obtain online
answers to ad hoc questions such as these in a fairly rapid amount of time, even
when the data are stored in very large databases, such as sales figures for
multiple years.
Time Product Location Sales
2072-01-01 Computer East region 30
2072-01-01 Laptop West region 20
2072-01-01 Camera Central region 50
2072-01-07 Mobile East region 11

95
 2072-01-07 TV North region 23
2072-01-15 Computer West region 54
2072-01-15 Laptop Central region 09
2072-01-25 Laptop East region 32
2072-01-25 TV West region 19
Fig: Tabular representation

50
CR
Locati

N 1 Time
on

Product 20
WRFig: multidimensional representation
Figure above shows a multidimensional model t hat cou ld25be created to represent
30
E 15
products, regions, time, and sales. 7
Mobile Camera Laptop
Data mining
Data mining refers to extracting or ―mining‖ knowledge, interesting information
or patterns from large amount of data. Data mining is a process of discovering
interesting knowledge from large amounts of data stored either, in database,
data warehouse, or other information repositories.
It is the semi-automatic process of extracting and identifying patterns
from stored data. A data mining application, or data mining tool, is typically a
software interface which interacts with a large database containing customer or
other important data. Data mining is widely used by companies and public
bodies for such uses as marketing, detection of fraudulent activity etc. That is,
data mining deals with ―knowledge discovery in databases. There are a wide
variety of data mining applications available, particularly for business uses, such
as Customer Relationship Management (CRM). These applications enable
marketing managers to understand the behaviors of their customers and also to
predict the potential behavior of prospective clients.
Data mining is a logical process that is used to search through large
amount of data in order to find useful data. The goal of this technique is to find
patterns that were previously unknown. Once these patterns are found they can
further be used to make certain decisions for development of their business.
96
 .
Functions of data mining
The types of information obtainable from data mining include associations,
sequences, classifications, clusters, and forecasts.
• Association: Association is one of the best known data mining technique.
In association, a pattern is discovered based on a relationship between
items in the same transaction. That is the reason why association
technique is also known as relation technique. The association technique is
used in market basket analysis to identify a set of products that customers
frequently purchase together. For instance, books that tends to be bought
together. If a customer buys a book, an online bookstore may suggest
other associated books. If a person buys a camera, the system may suggest
accessories that tend to be bought along with cameras.

• Prediction: The prediction, as it name implied, is one of a data mining
techniques that discovers relationship between independent variables and
relationship between dependent and independent variables. For instance,
the prediction analysis technique can be used in sale to predict profit for
the future if we consider sale is an independent variable, profit could be a
dependent variable. For instance, when a person applies for a credit card,
the credit-card company wants to predict if the person is a good credit
risk. The prediction is to be based on known attributes of the person, such
as age, income, debts, and past debt repayment history.

• Classification: Classification is a classic data mining technique based on
machine learning. Basically classification is used to classify each item in a
set of data into one of predefined set of classes or groups. Classification
method makes use of mathematical techniques such as decision trees,
linear programming, neural network and statistics. For example, we can
apply classification in application that ―given all records of employees
who left the company; predict who will probably leave the company in a
future period.‖ In this case, we divide the records of employees into two
groups that named ―leave‖ and ―stay‖. And then we can ask our data
mining software to classify the employees into separate groups.

• Clustering: Clustering is a data mining technique that makes meaningful
or useful cluster of objects which have similar characteristics using
automatic technique. The clustering technique defines the classes and puts
97
 objects in each class, while in the classification techniques, objects are
assigned into predefined classes. For example in a library, there is a wide
range of books in various topics available. The challenge is how to keep
those books in a way that readers can take several books in a particular
topic without hassle. By using clustering technique, we can keep books
that have some kinds of similarities in one cluster or one shelf and label it
with a meaningful name.

Text mining
Text mining is the discovery of patterns and relationships from large sets of
unstructured data—the kind of data we generate in e-mails, phone
conversations, blog postings, online customer surveys, and tweets.

Web mining
The discovery and analysis of useful patterns and information from the World
Wide Web or simply web is called web mining. Web mining is the application of
data mining technique to find interesting and potentially useful knowledge from
web data. So web mining is the application of data mining technique to extract
knowledge from web data, including web documents, hyperlinks between
documents, usage logs of web sites etc.
Businesses might turn to Web mining to help them understand customer
behavior, evaluate the effectiveness of a particular Web site, or quantify the
success of a marketing campaign. For instance, marketers use Google Trends and
Google Insights for Search services, which track the popularity of various words
and phrases used in Google search queries, to learn what people are interested in
and what they are interested in buying.

98
 Chapter 7
Securing Information Systems

As our society and the world come to depend on computers and information
systems more and more, firms must put better effort in making their systems less
vulnerable and more reliable. The systems must also be more secure when
processing transactions and maintaining data.

System Vulnerability and Abuse

As firms become more technologically oriented, they must become more aware
of security and control issues surrounding their information systems and protect
the resources.

Why Systems Are Vulnerable?

Vulnerability is weakness or flaw in a computer system that can be exploited by
a threat. Security threat is a possible danger that might exploit vulnerabilities in
a computer system to breach security and thus cause possible harm. Information
systems are vulnerable to technical, organizational, and environmental threats
from internal and external sources. If managers at all levels don‘t make security
and reliability their number one priority, then the threats to an information
system can easily become real. The figure below gives you an idea of some of the
threats to each component of a typical network.

Figure: Contemporary Security Challenges and Vulnerabilities

99
Businesses that partner with outside companies are more vulnerable. Partnering
companies may not protect information as strictly. Employees of the partnering
firm may not view security as diligently as the primary business. In today‘s
business environment, it‘s not enough to protect hardware and software
physically located within an organization. Mobile computing devices like
smartphones, cell phones, netbooks, and laptops, add to the vulnerability of
information systems by creating new points of entry into information systems.
Internet Vulnerabilities
If you connect to the Internet with a cable modem or DSL you are much more
vulnerable to hackers on your home PC than if you connect with a dial-up
modem. That‘s because you are always connected, with a permanent IP address,
which makes it easier for hackers to find you. The only smart thing to do is keep
your software up-to-date and include firewall protection.

Because distributed computing is used extensively in network systems, you have

more points of entry, which can make attacking the system easier. The more
people you have using the system, the more potential for fraud and abuse of the
information maintained in that system. That‘s why you have to make it
everybody‘s business to protect the system.

Malicious Software
Malicious software, commonly known as malware, is any software that brings
harm to a computer system. It can be used to disrupt computer operation, gather
sensitive information, or gain access to private computer systems. Malware can
be in the form of worms, viruses, Trojans etc., which steal protected data, delete
documents or add software not approved by a user. Malware takes partial to full
control of our computer to do whatever the malware creator wants. Most
malware requires the user to initiate its operation. Some form of attacks includes
attachments in e-mails, browsing a malicious website that installs software after
the user clicks ok on a pop-up.

Worms
This type of Malware uses network resources for spreading. This class was called
worms because of its peculiar feature to creep from computer to computer using
network, mail and other informational channels. Worms intrude our computer,
calculate network addresses of other computers and send to these addresses its
copies. Many worms that have been created are designed only to spread, and do
not attempt to change the systems they pass through. The biggest danger with a
worm is its capability to replicate itself on your system, so it could send out
hundreds or thousands of copies of itself, creating a huge devastating effect.

100
One example would be for a worm to send a copy of itself to everyone listed in
your e-mail address book. Then, the worm replicates and sends itself out to
everyone listed in each of the receiver's address book, and the manifest continues
on down the line. Due to the copying nature of a worm and its capability to
travel across networks the end result in most cases is that the worm consumes
too much system memory (or network bandwidth), causing web servers,
network servers and individual computers to stop responding.
Father Christmas is an example of worm. It was distributed in 1987 and was
designed for IBM networks. It was an electronic letter instructing recipient to
save it and run it as a program that drew Christmas tree, printed ―Merry
Christmas!‖ It also checked address book, list of previously received email and
sent copies to each address. The worm quickly overwhelmed the IBM networks
and forced the networks and systems to be shut down

Virus
A computer virus is a program that inserts itself into one or more files and then
performs some (possibly null) action. Computer virus works in two phases. The
first phase, in which the virus inserts itself into a file, is called the insertion
phase. The second phase, in which it performs some action, is called the
execution phase. Almost all viruses are attached to an executable, which means
the virus may exist on our computer but it actually cannot infect your computer
unless we run or open the malicious program. It is important to note that a virus
cannot be spread without a human action, (such as running an infected program)
to keep it going. Because a virus is spread by human action people will
unknowingly continue the spread of a computer virus by sharing infecting files
or sending emails with viruses as attachments in the email.

The Brain (or Pakistani) virus, written for IBM PCs is an example of this category.
It is thought to have been created in early 1986 but was first reported in the
United States in October 1987. It alters the boot sectors of floppy disks, possibly
corrupting files in the process. It also spreads to any uninfected floppy disks
inserted into the system.

Torjan Horse
Trojan horses are the files that claim to be something desirable but, in fact, are
malicious code or logic. The Trojan Horse, at first glance will appear to be useful
software but will actually do damage once installed or run on your computer.
Receivers of a Trojan Horse are usually tricked into opening them because they
appear to be receiving legitimate software or files from a legitimate source. When
a Trojan is activated on your computer, the results can vary. Some Trojans are
designed to be more annoying than malicious like changing our desktop, adding
silly active desktop icons etc. Sometimes they can cause serious damage by
deleting files and destroying information on your system.

101
Trojans are also known to create a backdoor on your computer that gives
malicious users access to your system, possibly allowing confidential or personal
information to be compromised. Unlike viruses and worms, Trojans do not
reproduce by infecting other files nor do they self-replicate. A program named
"waterfalls.scr" serves as a simple example of a Trojan Horse. The author claims
it is a free waterfall screensaver. When run, it instead unloads hidden programs,
commands, scripts, or any number of commands without the user's knowledge
or consent.

Spyware
Spyware is any software installed on your PC that collects your information
without your knowledge, and sends that information back to the creator so they
can use your personal information in some nefarious way. This could include
keylogging to learn your passwords, watching your searching habits, changing
out your browser home and search pages, adding obnoxious browser toolbars, or
just stealing your passwords and credit card numbers.

Since spyware is primarily meant to make money at your expense, it doesn't

usually kill your PC—in fact, many people have spyware running without even
realizing it, but generally those that have one spyware application installed also
have a dozen more. Once you've got that many pieces of software spying on you,
your PC is going to become slow.

Did you know? What is backdoor?

A backdoor in a computer system is a method of bypassing normal
authentication, securing unauthorized remote access to a computer, obtaining
access to plain text, and so on, while attempting to remain undetected.

Hackers and Computer Crime

A hacker is someone who seeks and exploits weaknesses in a computer system or
computer network. Hackers may be motivated by a multitude of reasons, such as
profit, protest, challenge, enjoyment, or to evaluate those weaknesses to assist in
removing them. Hacking practice can either be ethical or unethical. The activity
where one breaks into the system but do not violate its security and credentials is
called Ethical Hacking. Ethical hackers aim to bring into the administrator‘s notice
and vulnerabilities in the system thereby, improvising the robustness and
security. Thus term hacker does not mean criminal or bad guy. Actually, hackers
are the persons with flawless programming skills and hands-on knowledge on
both computer hardware and software.

102
On the other hand, there are people who can though break into systems, get
access to secured accounts but their actions are usually unauthorized while they
make a backdoor entry into your system. These people (often misinterpreted as
hackers) are called as crackers. They try and crack passwords, security codes, etc
using various hacking software‘s which are already available. Such software‘s
are meant to break the code using millions of trials programmed into it by other
hackers.
Spoofing and Sniffing
These are two methods that hackers and criminals use to gain improper or illegal
access to computer systems. Spoofing is becoming a common way to steal
financial information through fake Web sites. The spoofed site is almost a mirror
image of the real site and unless the unsuspecting user examines the spoof
closely, he/she may inadvertently give out important personal and financial
information.
Using a sniffer program is a popular way to ―grab‖ information as it passes
over transmission lines regardless of whether they are hard-wired or wireless. It
is almost impossible to detect and encryption is about the only way to safeguard
against it.
Denial of Service Attacks
As companies and organizations expand their business to Web sites, they are
opening another point of vulnerability through denial of service attacks. Using
botnets to launch distributed denial of service attacks is becoming all too
common. The hackers seem to enjoy attacking the most popular Web sites like
Facebook and Twitter.

Denial of service attacks are at the core of some of the most serious forms of
cyberwarfare being played out across the world between countries and
governments. From Russia to Iran to South Korea, government networks are
being targeted through these kinds of attacks. The use of botnets makes it very
difficult to determine the origin of the attacks and pinpoint responsibility.

Computer Crime
Computer crime is a growing national and international threat to the continued
development of e-business and e-commerce. When the Internet was first created
in the late 1960s, the designers intentionally built it to be open and easily
accessible. Little did they know 40 years later, that structure would be the very
cause of so much crime and vandalism. Table below lists the best known
examples of computer crime.

103
It‘s very difficult for our society and our governments to keep up with the rapid
changes in the types of computer crime being committed. Many laws have to be
rewritten and many new laws must be implemented to accommodate the
changes.
Identity Theft
The fastest growing crime off or on the Internet is identity theft. Even though
identity theft is most likely to occur in an offline environment, once your
personal information has been stolen it's easy to use it in an online environment.

There are many precautions people can take to help prevent identity theft. One
way is to scrutinize emails or phone calls that ask for your personal information
or financial account information. No legitimate financial institution will ever
send an email requesting you to supply your account information. That is the
number one indicator that the email is a phishing email. You should ignore and
delete the email immediately.

Click Fraud
All those ads you see on Web sites cost the sponsor money. Every time
someone clicks on an ad, the sponsor is charged a pay-per-click fee. The fee is
104
based on the popularity of the search words that generated the ad. What if
your company is paying for an ad with little or no resultant traffic to your Web
site? That’s what happens in the case of click fraud. A person or a software
program continually hits on the ad, driving up the advertising fees, without
any intention of actually visiting the site.

Internal Threats: Employees

It is surprising to learn that most computer crime against companies is
committed by current or former employees. They know the system best, are
entrusted with huge amounts of data, and have the easiest access. Managers and
executives need to be aware of potential internal threats to their systems and put
special measures in place to safeguard systems and data. They also need to
impress upon all employees how important security is throughout the system
right down to the last person.

Password theft is the easiest way for hackers to gain access to a system. No, they
don‘t come into your office at night and look at the piece of paper in your desk
drawer that has your password written on it. They generally use specially
written software programs that can build various passwords to see if any of them
will work. That‘s why you should use odd combinations of letters and numbers
not easily associated with your name to create your password. The longer the
password, the harder it is to replicate. The same password should not be used for
more than one access point. Using multiple passwords limits the damage done if
a hacker does manage to obtain a single password.

Safeguarding individual passwords from social engineering maliciousness is the

responsibility of everyone in the organization. An effective way of limiting access
to data is to establish computer-generated logs that show every employee who
logged on, what they did, what part of the system they accessed, and whether
any data were used or updated. Logs are easily created by system software
programs and should be periodically reviewed by the information technology
staff and department managers. If nothing else, it gives them an idea of what
their employees are doing.

Business Value of Security and Control

Transactions worth billions and trillions of dollars are carried out on networks
every day. Think of the impact if the networks experience downtime for even a
few minutes. It may create serious harm to business reputation of the
organization.

105
 If a business doesn‘t adequately protect its systems for any other reason, it
should just to avoid expensive and time-consuming legal action. The national
retailer T.J. Maxx was forced to spend about $200 million in court case and
damage costs after it experienced a serious security breach in 2008.

Legal and Regulatory Requirements for Electronic Records

Management
Because so much of our personal and financial information is now maintained
electronically, the government needs to pass laws mandating how the data will
be protected from unauthorized or illegal misuse. Govt. of Nepal has already
passed a cyber law outlining the requirements for electronic records
management and is in process of modifying the law and creating new laws.
All of these laws are in response to computer crimes and abuses that businesses
or individuals have committed or experienced.

Electronic Evidence and Computer Forensics

Several things are happening in the corporate worlds that are changing the
requirements for how companies handle their electronic documents:
 Companies are communicating more and more with email and other
 forms of electronic transmissions, and
 Courts are allowing all forms of communication to be held as evidence.
Therefore businesses must develop methods of capturing, storing, and
presenting any and all electronic communications including email, instant
messaging, and e-commerce transactions.

Computer forensics is the application of investigation and analysis techniques to

gather and preserve evidence from a particular computing device in a way that is
suitable for presentation in a court of law. It can be used in the detection and
prevention of crime and in any dispute where evidence is stored digitally.
Computer forensics is a growing field because of the increasing digitization of
documents and communications. Many people believe that just because they
delete a file from a computer file directory that it‘s no longer available or
recoverable. That‘s a false belief. Data remains on hard drives in magnetic form
long after it‘s apparently been deleted. People trained in computer forensics are
able to uncover ambient data and other forms of electronic evidence that can be
used in courts of law. Businesses and employees must increase their awareness
of the necessity for keeping good records.

Establishing a Framework for Security and Control

To prevent security related problems one of the best ways is to institute controls
into our information system through methods, policies, and procedures.

106
 Information Systems Controls
These are just a few examples to get you to think about the fact that the company
designs the security into the building from the beginning. It doesn‘t wait until
everything is built. You should do the same thing with an information system.
It‘s no different from any other system that requires planning and well-thought-
out policies and procedures before construction begins.

The two types of information system controls are:

• General controls: Software, physical hardware, computer operations,

data security, implementation process, and administrative. Table given
 below describes each of these.
• Application controls: Input, processing, and output.

Risk Assessment
Companies and government systems constantly use risk assessment to
determine weak links in their physical building security. You can use the same
methodology to assess the risk in your information system. Use risk assessment
to set up cost comparisons for developing and maintaining security against the
loss potential. It‘s done all the time in other systems, so use it for your
information system as well.

107
 Security Policy
Because of the increasing liability for security breaches, many companies are now
establishing a chief security officer position to help ensure the firm maximizes
the protection of information resources. Some tools available to the CSO are:

• Security policy: Principle document that determines security goals and

 how they will be achieved.
• Acceptable use policy: Outlines acceptable and unacceptable uses of
 hardware and telecommunications equipment.
• Identity management system: Manages access to each part of the
information system.

Identity management is one of the most important principles of a strong, viable

security policy. It includes:
• Business processes and software tools for identifying valid system users.
 • Controlling access to system resources.
• Policies for identifying and authorizing different categories of system
 users.
• Specifying what systems or portions of systems each user is allowed to
 access.
• Processes and technologies for authenticating users and protecting their
identities

Disaster Recovery Planning and Business Continuity

Planning
Floods, fires, hurricanes, even tsunamis, happen without a moment‘s notice.
Perhaps the most important element of a successful system is a disaster recovery
plan. Those firms that had completed business continuity planning were able to
carry on business, while those that hadn‘t, spent days and weeks recovering
from the terrorist attacks. It‘s important that managers and employees work with
information system technicians to develop these plans.

The Role of Auditing

Companies audit their financial data using outside firms to make sure there
aren‘t any discrepancies in their accounting processes. Perhaps they audit their
supply systems on a periodic basis to make sure everything is on the up-and-up.
They should also audit their information systems. After all, information is as an
important resource as any other in the organization. MIS audits verify that the
system was developed according to specifications, that the input, processing, and
output systems are operating according to requirements, and that the data is

108
 protected against theft, abuse, and misuse. In essence, an MIS audit checks all the
controls we‘ve discussed in this chapter.

Note:- This note was provided by Plos Shah.

This note is only for reference purpose. CBS will

not be liable for any mistake.
109