Unit 2 Introduction to Information Systems

This unit discusses information systems and their development, capabilities, and security. It
includes explanations on how computer-based information systems contribute to the success of
business organizations. Furthermore, it describes how information systems improve the
processes and operations of businesses. Real-world scenarios and examples are included to
further discuss information systems.

UNIT OUTLINE
2.1 Information Systems and Their Capabilities
2.2 Computer-based Information System
2.3 Developing Information Systems
2.4 Information System Security

LEARNING ONJECTIVES
At the end of this unit, the student should be able to:
1. understand the basic concepts of an information system and explain its contributions to
business organizations;
2. describe the nature and scope of computer-based information systems and explain how
they are used in a business;
3. identify appropriate system development methodologies in designing and developing
information systems; and
4. provide a clear overview of the concepts, issues, and
approaches in information system security.

2.1 INFORMATION SUSTEMS AND THEIR CAPABILITIES

In the Digital Age, an information system (IS) is used by people and business organizations for
the improvement of processes and operations to make things simpler and easier. It is a combined
set of modules for gathering, processing, and storing of data and for delivering of information and
digital products. IS remains in a state of constant development and change to respond to the
needs of people and business organizations. Furthermore, IS focuses on the development of
technological innovation.

Understanding an Information System

Data versus Information
Data, from the Latin word, datum, refer to raw, unorganized, and unprocessed facts. Data can be
in the form of a number. alphabets, date, measurement, and even statement.
a. A student's class attendance
b. A car's accident record
c. The price of a meal at McDonalds
d. A student's exam scores
e. The postcode of a customer used by a call center agent
Information is popularly described as refined, structured, and organized data. A process is
required to transform data into information.

Listed below are examples of information:

a. A financial statement
b. The average exam scores in a class
The collection of data for whatever reason should always have a clear purpose and plan for their
use. A business organization's main reason for collecting data is to monitor and improve
performance.
For example, if company XYZ Corporation wants to collect data to get feedback from its customers
regarding its services and performance, it must consider the following:
a. Indicators must be clearly defined to measure effective
performance.
b. Collected data must be complete, relevant, reliable, and
accurate.
c. Collected data must be gathered on time.
d. Data must be convertible into information that is
needed.
e. Data must be entered into the computer system.
f. Information must be analyzable using appropriate technological tools and allow for proper
interpretation.
System
A system can be defined as a collection of parts that interact, interconnect, and work together to
accomplish certain objectives. A subsystem is a part of a whole system that has its own area of
immediate focus. For example, the College of Computer Studies is only a subsystem of a
university. Similarly, the Finance Department is a subsystem of any business organization.
The specific objectives of a system depend on its type.
The following are the types of systems:
a. Natural systems. These systems are made by nature. Examples are weather systems
such as typhoons, floods, and other forces of nature.

b. Man-made systems. These systems are designed, developed, and implemented by

human beings. Examples are transportation systems, computer systems, and healthcare
and education systems.
A computer system takes inputs and processes them to create outputs.

The diagram shows the cycle of a computer system, which consists of a program, input, process,
output, storage, feedback, and control. In today's modern understanding of a computer system,
after the set of outputs has been generated, it can proceed to three stages: storage (to store the
output in a specific storage location, i.e., database or cloud), getting appropriate feedback from
users, and control (to correct problems that occur during the process and make sure that the
system fulfills its purpose).

Input
The fundamental idea of a computer system is that in every input, there is an expected output.
Users are required to input data into a specific program or computer system using input devices
such as a keyboard, mouse, scanner, and so on. The data could be text, graphics, audio, or even
videos. Then, the data will be processed.
For example, a user enters data in a Microsoft Word program using a keyboard. The text will
automatically appear on the monitor. In this example, the keyboard serves as the input device.

Process
Every computer has a microprocessor. The central processing unit or the CPU is considered the
brain of a computer and the one responsible for controlling all activities and handling input/output
(I/O) operations within a computer system. Data inputted into a system is processed by the CPU.

Output
The output is the result after data processing. It is usually presented externally from the computer
system. The output can be presented using an output device. Output devices include printers,
monitors, and speakers.

Storage
Storage devices help users keep data, information, and instructions from specific programs.
Storage devices are primarily divided into two types: (1) primary storage device and (2) secondary
storage device. Primary storage devices include random-access memory (RAM) and read-only
memory (ROM).
These devices are also called internal memories located insidethe CPU, which can easily be
accessed by the processor anytime. On the other hand, secondary storage devices are known as
any alternative storage. It allows users to store data, information, files, and programs temporarily
for future use.

Listed below are examples of storage devices:

a. CD-ROM
b. Cloud storage
c. DVD
d. USB flash drive
e. Hard drive disk
f. Zip diskette
g. Memory card

Introducing Information Systems

An information system (IS) is a man-made system that collects, stores, retrieves, processes,
manages, disseminates, and analyzes information needed to facilitate a business organization's
operational functions and support its management in making decisions. IS is essential for
business firms as it manages and organizes their operations.
Like any other system, it operates within a specific environment. It includes inputs, processes,
and outputs. Data and instructions are part of the input; these are processed in a specific IS to
produce valuable outputs such as reports, analyses, or calculations that will be sent later on to
the concerned users or other systems. A feedback mechanism is also included.
Take an IS used to maintain and manage student records in a university as an example. The
possible inputs are a student's ID, name, program, subjects, subject schedule, and tuition fees.
An IS processes these to update a student's registration records in the database (storage), and it
gives a valuable output: the list of registered students in a particular subject or program.
Assume that while users enter data about registration, they must also enter related information
such as who will register the subject, how the student will pay his/her tuition fees, and why the
student has decided to be part of the program. These data will be stored in a storage location
(master data) of the IS and can produce outputs such as annual reports in the future. It could also
help an organization analyze the available data for future reference or improvements.
Master data are relatively permanent data that are stored in the IS for a long time. These data
may include customer master data (complete customer information), employee master data
(complete details of an employee), and subject master data (including information related to the
subject, i.e., subject name, description, schedule, and so on).

There are two (2) types of updates that can be made in the master data of an IS: (a) information
processing (IP) and (b) data maintenance (DP).

Information processing refers to data processing functions that are commonly related to internal
operations (e.g., manufacturing) and economic and financial activities.

Data maintenance refers to a system's functional activities such as adding, saving, deleting,
updating, retrieving, and editing data from the master data.

An IS is more concerned about the organization's business processes. The following are the three
(3) logical components of a business process within the scope of an IS:
a. Information process
b. Operations process
c. Management process

Information process refers to a portion of an IS closely related to a specified business process. It

plays a crucial role in making these three components work together to attain a specific objective.

Information users for this particular process include the staff, employees, management, and
customers. Maintaining customer data and receiving a customer's complete order from an e-
commerce website are examples of this process.

Operation process refers to a man-made IS that consists of people, policies, procedures, and
equipment whose main objective is to accomplish a certain goal of a particular business
organization. The people involved in this process include those from human resources and those
who are tasked with product distribution. Attaching shipment details and including the tracking
information about a product are examples of this process.

Management process refers to a man-made IS that consists of people, policies, procedures, and
equipment whose main objective is to plan, manage, and control the overall operations of a
business organization. These processes include activities concerning planning and decision-
making. Creating new policies and procedures on delivering products to customers is an example
of this process.

Difference between information Technology and information System

IT refers to any technological or computer-based tool primarily used for supporting the needs of
business organizations. On the other hand, an IS collects, stores, retrieves, processes, manages,
disseminates, and analyzes information needed to facilitate business organizations' operational
functions and support management in making decisions. An IS is used by a business organization
to attain its common goal.

Capabilities of an Information System

For business organizations to thrive in the modern business environment, they must take
competition seriously. They must expect powerful capabilities with regard to an IS. The following
are the capabilities of an IS.

a. Processing transactions quickly and precisely

Each activity done over an IS is called a transaction. In a bank, for example, the
transactions are bank deposits and withdrawals. For a university, transactions include
registering in courses, paying tuition fees, and viewing attendance summaries. Business
organizations can produce thousands to millions of transactions per day, and these are
managed by an IS. This is referred to as transaction processing wherein an IS can
record, store, delete, capture, and update data easily.
The most common example of a transaction processing system is a point of sale (POS).
This POS can be seen in malls, retail stores, restaurants, and supermarkets that use
automated cash registers and bar code readers to record and store data.

b. Managing large-capability storage and fast and easy access storage

An IS should focus not only on providing a vast data storage for business organizations
but also on fast and
easy access to any type of storage.
c. Efficiently communicating through a network
An IS must have strong communication features that can easily transfer information from
one computer to another or from one user to another. Through the use of networks,
employees of business organizations can easily and quickly communicate with each other.
In addition, networks could transmit data, such as text, audio, video, and documents
simultaneously.

d. Easing information overload for users

IS, including networks, contribute a lot of information to users, particularly to people in
charge of decision-making. The amount of information available over the Internet
nowadays are doubled and even tripled every day. As a result, top-management users
(managers, supervisors, and executives) are having difficulty making decisions because
of information overload. Thus, an IS must be designed to analyze problems and support
decision-making to reduce information overload.

e. Supporting decision-making
One of the most popular ISs is the decision support system or DSS. This system helps
users make decisions anytime at all levels of a business organization. The IS allows low-
level employees to participate in information sharing, which is necessary for decision-
making.

f. Serving as a competitive weapon against competitors

More than a decade ago, ISs were viewed as a waste of money for business organizations.
Today, ISs are viewed as profit makers and a means for competitive advantage over
competitors. For example, many years ago, airline ticket reservations were restricted to
one travel agency with a specific system that was not linked to other branches of the travel
agency. The worst scenario was that this travel agency was also not linked to another
travel agency (organization to organization). Therefore, profit was limited, access was
poor, transactions were done slowly, and information may have been inaccurate.
Nowadays, a travel agency integrates its IS with other travel agencies and coordinates
closely with their suppliers.

g. Uniting an organization through the coordination of its big and small groups
This capability allows organizations or parts of them to come together toward achieving a
common goal or objective.

h. Strengthening organizational memory and learning and exploring new things

This means practices and knowledge in the past have vast influences on current
organizational operations or activities.

i. Determining the process of separating products and services

j. Automating Business Processes
This refers to labor-saving technology by which business processes or procedures are
executed using IS with minimum human assistance and to reduce costs and expedite
work.
2.2 COMPUTER-BASED INFORMATION SYSTEM
IS these days are mostly computer-based. These computer- based ISs (CBISs) use both
computer and telecommunications technology to perform certain tasks.

The basic components of CBISs are as follows:

1. Hardware. Hardware consists of the system's physical devices.
Examples: printer, mouse, keyboard, scanner, microcomputers, workstations, servers,
storage devices (RAM, ROM, hard drive), network devices (switches, hubs, fiber optics,
routers), and other devices (ATM, ID readers/systems)

Computer Hardware and Its Components

The hardware is always referred to as the physical component of a computer. It can be
found in an internal component of the central processing unit (CPU) such as the
motherboard, which serves as the brain of the computer.

The hardware and software are connected to each other, which means that a computer
will not work without either of them.

2. Software. Software refers to the set of computer programs that control the overall
operation of the computer system.

Examples: word processor and multimedia software

Computer Software and Its Types

A computer software can be categorized into two (2) different types:

 System software. It refers to a program that controls the overall operations of a

computer. File management utilities and operating systems are the best examples
for this type of software. Examples: disk operating system (DOS) and Unix

 Application software. It refers to an end- user program, also known as a

productivity program, such as MS Office applications, game applications, Internet
browsing, and email applications. This type of software is specifically designed to
answer the needs of its users. It is simple and easy to use.

3. Database. It refers to a collection of related files and records that are stored in a special
location for easy access.
Examples: MS Access and Oracle

4. Networks. It refers to the connection of two or more computers established for the purpose
of sharing various data.
Examples: local area network (LAN), metropolitan area network (MAN), and wide area
network (WAN)

5. Procedures. These are the rules, policies, and methods that administer the operation of a
computer system. They are as significant as the people using the system. The procedures
 state the appropriate software to use with the hardware and clarify the role of the
components in the CBIS.

6. People. They are the most crucial component of an IS. They are the people who work with
an IS to produce useful outputs.

Other Computer-Based IS Components

1. Telecommunications. It refers to the electronic transmission of information within a specific
distance.
2. Internet. It is the largest type of network that allows users to share information worldwide.
3. World Wide Web. It is accessible through the Internet, and it consists of multimedia
collections that are stored in a particular database of a CBIS.

Other Types of IS

1. Transaction Processing Systems (TPS)

A TPS is also known as a real-time processing system. It is an IS for all types of business
transactions. It captures, stores, classifies, maintains, updates, and retrieves transaction
data for record keeping and inputting data to other types of CBISs. The characteristics of
a TPS include quality performance, reliability, and consistency.

In a TPS, there is no delay in batch processing, and the results of each transaction are
immediately available. In the case of a delay in batch processing, errors usually occur;
they are uncommon but acceptable and will not demand a shutdown of the entire system.

For an organization to achieve quality performance, reliability, and consistency of

transaction processing, data must be readily accessible in a data warehouse, and backup
procedures, as well as recovery processes, must be put in place to deal with system and
human failure, computer viruses, software application glitches and incompatibilities, and
natural disasters.

2. Management Information Systems (MIS)

An MIS is a CBIS that consists of hardware and software applications that support all the
organization's business transactions. This IS collects raw data from different computer
systems, analyzes and processes them, and reports them to assist and serve in decision-
making. An MIS, as well as the study on how such system works, should be considered.

The MIS collects and gathers data, such as employee profile, project timeline, financial
status, inventory management, raw materials, and marketing and manufacturing; places
them in a data warehouse; and makes them ready for access at all times to managers and
higher-ups who want to evaluate the data from the reports generated.

3. Decision Support Systems (DSS)

A DSS is a computer-based application that helps companies identify and give solutions
 by making decisions on how to solve problems including issues on raw data, documents,
employee and company profiling and management, and business models.

The DSS is responsible for delivering information to managers who make assessments
about specific scenarios that are not well-managed. Other DSS applications include
medical diagnosis, business management, forest management, railroad projects, and
financial verification (for credit loan, credit card application, and so on).

4. Executive Information Systems (EIS)

An EIS is a specialized DSS that assists senior executives of organizations in making
decisions. It provides easy access to valuable information necessary to achieve
organizational goals. It is usually made up of four components: hardware, software,
telecommunication, and user interface.

As with other computer systems, the software is the one that controls the computer
hardware in terms of execution in an ElS. Telecommunication is the process of
transmitting data from one location to another and facilitating communication among
users. User interface (UI) refers to the means by which a person deals with a system, that
is, how he/she accesses the system or experiences it. A typical EIs has a user-friendly Ul,
which means that the operating system is easy to use, and the output is easy to interpret.

Early ElSs were built as programs for mainframe computers to help company
administrations provide information in terms of the company's profile and business
performance for the senior executives. EIS data that are available in a company are
assisted by technologies such as computers, machines, and workstations done through a
network known as LAN or the local area network, which is a type of network that consists
of a group of computers and associated devices that share common communication lines
or wireless links to a server. This network allows employees to deliver appropriate and
accurate information, as well as ideas, both to the company's higher and lower
management levels.

2.3 DEVELOPING INFORMATION SYSTEMS

This chapter will discuss the different approaches involving how information system (IS) is
developed and implemented by whom and by what.
Systems development consists of the procedures in building and upholding IS. It includes the five
main components of IS such as hardware, software, data, procedures, and people, which have
been already discussed in the previous chapter. It has a combination of one's technical expertise
with knowledge and management skill in business.

System Development Life Cycle (SDLC) is one of the methodologies used in software
development. However, many developed systems fail to meet the needs and requirements of a
business. One of the many reasons for such failure is that the systems are not fully functional or
not so flexible to adjust to the changing needs of the business. The DLC emphasizes that the
system can be developed in a series of phases. This simply means that each phase must be
completed first before other phase commences. In terms of programming, the development phase
(building the system) will only commence once the users' requirements have already been
determined, and the system design has been produced.

An SDLC is composed of multiple phases. In general, it follows the following: (1) planning, (2)
analysis, (3) design, (4) development, (5) testing, (6) implementation, and (7) maintenance. The
SDLC emphasizes that a system can be developed in a series of phases. It simply means that
each phase must be completed first before another phase commences. In terms of programming,
the development phase (building the system) will only commence once the users' requirements
have already been determined, and the system's design has been produced.

Phases of the System Development Life Cycle

1. Planning
The system project plan is composed of the following:
 Determining a business problem or verifying if there are problems and
opportunities that might exist
 Investigating if the solution to be given to the problem(s) is feasible such that there
would be an improvement on the IS to be executed
 Obtaining a project management plan approval for implementation
 Identifying appropriate system requirements, which includes:
a. Five components of the IS in terms of what hardware devices would be needed,
software that would be used, data that must be gathered, procedures that
would be followed, the people who would be followed, and the people who
would be involved in developing the system
b. Criteria for the requirements analysis to start, which should always be
approved by a project manager

2. Analysis
The following are done in this phase:
 Identifying and taking into account the risks that are related to how the technology
to be used for the project will be integrated into the standard operating procedures
 Studying and gathering the functional and nonfunctional requirements of the
business process

Software applications (e.g., computer programming languages), files, and data flow must
not be considered yet during the system analysis stage.
3. Design
This phase aims to transform the system requirements that have been identified during
the previous stages into a more detailed system architecture that will be feasible, full.
bodied, and valuable to the organization.

4. Development
This phase aims to convert the approved system architecture and design into a working
system that is reliable and stable through the functional as well as technical and
 nontechnical requirements that were identified and observed during the earlier stages of
the life cycle solutions.

Solutions in coding may be through the following:

 The availability of technical specifications
 Approved and signed-off blueprints of the system architecture by clients,
stakeholders, managers, and the like

5. Testing
This phase executes the system integration testing of the created and developed system.
It guarantees that the developed systems have brought together all the technical and non-
technical requirements with the necessary components and subsystems integrated.

The system test may require a series of tests depending on the scope and involvedness
of the requirements, including the six main quality characteristics: functionality, reliability,
usability, efficiency, maintainability, and portability.

The entire system must be prepared for the congregation before proceeding to the
integration and testing stage, meaning:
 All hardware and software configurations must have been constructed and
tested successfully
 All integration plans are ready and prepared

6. Implementation
The deployment or implementation phase first installs the system in the production
environment and makes it ready for operation. It then ensures that the system is fully
developed and free from system errors.

 The following must be confirmed:

 The fulfillment of all the functional and nonfunctional requirements
 The approval of business necessities
 An observation of all authorizations, physical constraints, and service-level
agreements (e.g., SOA)
 The operations as mentioned and discussed in the user manuals

7. Maintenance
This phase involves making changes to the hardware, software, and documentation
process to support and sustain the system's operational effectiveness.

This is the phase where modifications are made to enhance the system's performance,
solutions to the problems or system errors encountered are derived, security
enhancements are performed, and user requirements are addressed.

Security enhancement during this phase is essential to ensure that information and the
entire system are free from malware or malicious software.
2.4 INFORMATION SYSTEM SECURITY
Information security means protecting information and ISs from malicious software and
unauthorized access, use, disclosure, modification, disruption, or destruction.
Information security management is the process of identifying the security controls to keep and
defend information assets.
The succeeding chapters will provide more information about IS security.