The Institute of Chartered Accountants of Bangladesh (ICAB)

Course Name: IT Application Session: March-May, 2012

Professional Stage (Application Level) Lecture Synopsis-3
Course Teacher: Abdulla-Al-Mahmud FCA, FCMA, FCS, MBA, LL.B

Chapter: Management information system:

Data:
Data consist of the raw numbers that computers organize to produce information. It is the streams
of raw figures and facts representing events such as business transactions.

Information:
Information is data that has been processed into a form that is meaningful to the recipient and is of
real or perceived value in current or progressive decision. Information is valuable when it is
reliable, clear, complete, timely, right quantity and relevant. Information depicts the precise,
structural and organized presentation of data indicating, summarizing the position of a
phenomenon. Basically, information is used for decision making, calculating or exchanging ideas
and plans. The evolution of technology started due to increase demand of information. Information
should be preserved and retrieved whenever want.

Data → Data transformation → Information

The Difference between Data and Information:

It often seems that computers must understand human language because human being
understands the information they produce. However, computers cannot understand anything.
Computers recognize two distinct physical states produced by electricity, magnetic polarity or
reflected light. Essentially, they understand whether a switch is on or off. In fact, the CPU, which
acts like the “brain” of the computer, consists of several million tiny electronic switches, called
transistors. A computer appears to understand information only because it operates at such
phenomenal speeds, grouping its individual on/off switches into patterns that become meaningful
to us.
In the world of computing, data is the term use to describe the information represented by groups
on/off switches. Although the words data and information often are used interchangeably, there is
an important distinction between the two words. In the strictest sense, data consist of the raw
numbers that computers organize to produce information. Information depicts the precise,
structural and organized presentation of data indicating, summarizing the position of a
phenomenon. Basically, information is used for decision making, calculating or exchanging ideas
and plans. The evolution of technology started due to increase demand of information. Information
should be preserved and retrieved whenever want. Technology is used in these arenas also in the
form of database concept. So, it can be said that technology is the technique used to play with the
information.

Characteristics of useful information:

Information should have certain characteristics to make it valuable and meaningful and they are as
follows:
 Accurate;
 Timely;
 Complete;
 Relevant;
 Cost effective.

Information system:
An information system is organized combination of people, hardware, software, communication
network and data resources that collets, transforms and disseminates information in an
organization. In other way Information system is a mechanism that helps people to collect,
organize and use information.
Components of an information system:

1
An information system contains information about the organization and surrounding environment.
The basic components of information system are input, processing and output. Form all these
components, organization gets information for decision and control the organization. An
information system also requires feedback and control components to meet the objectives.
Input: The connection of computer with outside world is made through input devices. Input devices
enable users to input characters such as letters and numbers. It is the activity of gathering and
capturing raw data from within the organization and /or from its external environment.
Processing: The microprocessor performs processing tasks under the direction of a program.
Processing involves converting or transforming data into more meaning form.
Output: Output shows the results of processing operations. It involves producing useful
information in a proper from such as reports, paychecks or documents and transferring the
processed information to the users. Output from one information system can become input for
another.
Feedback:
Feedback or control mechanism to allow people to evaluate the performance of the systems and
make necessary changes to input or processing activities.

Input → Process → Output

↓ ↓
→ Feedback ←

Fig: Information system

Information technology:
In the broadest sense, information technology refers to both the hardware and software that are
used to store, retrieve and manipulate information. It is the use of computers and software to
manage information. The information technology department of an organization would be
responsible for storing information, protecting information, processing the information, transmitting
the information as necessary and later retrieving information as necessary. Information technology
can help business process, managerial decision making and workgroup collaborations. The
following information technologies are used in a computer based information system:
 Computer based hardware technologies;
 Computer based software technologies;
 Telecommunication network technologies;
 Data resource management technologies.

Information access management:

Access of information system plays a vital role in management. If the information is not accessible
by the managers then the information becomes useless. Unauthorized access to information
system can be harmful for the organization. For this information access management that means
organization information must be accessible to the authorized persons.

Importance to management of the accessibility of information:

Information is the most valuable things for decision making and managers need to access the
information when they need. The importance of information for decision making of the
management is as follows:
 Easy information access enables organizational knowledge workers to quickly and easily
access the relevant documents, work product, people, projects, enterprise, relationships
and other information they need to do their jobs more effectively, which in turn makes the
organization more efficient and competitive;
 Managers need to use information for decision making and making sense of changes and
developments in their external environment.
 Managers also need to generate new knowledge which can be applied to design new
products and services, enhance existing offerings and improve organizational process.
 Managers do not characteristically solve problems but not apply rules and copy solutions
from others.

Information access authorization:

2
Criteria for access authorization are:
 Granting access: Departmental heads are responsible for authorizing access to systems
with sensitive information.
 Restricting access: Access to sensitive information is restricted until granted.
 Identity based access: Each user requires a unique user ID in order to gain access to
sensitive information.

Information access establishment and modification:

Implement policies and procedures that based upon the organization access authorization polices,
establish, document, review and modify user’s right of access to workstation, transaction program
and /or process by the following ways:
 Establishing and documenting access authorization;
 Maintenance to access rights.

Information security:
Information security means protecting information and information systems from unauthorized
access, use, disclosure, disruption, modification or destruction. It can be accomplished by
implementing a plan that incorporates the appropriate components for providing the required
protection, including controls, rules, procedure, user training and computer hardware and software.
Once the plan is completed, the following steps must be taken to ensure that the organization’s
information security objectives include:
 Implementing the plan;
 Monitoring logs to verify compliance and identify problems;
 Measuring the results;
 Identifying potential improvements;
 Refining processes and procedures.
Information security ensures the confidentiality, integrity and availability of data of the organization.
Confidentiality is the term used to prevent the disclosure of information to unauthorized
individuals or systems.
Integrity means data cannot be modified without authorization.
Availability ensures the information or data must be served when it is needed.

Importance of information security:

Major importance of information security is as follows:
 Information systems & communications that deliver the information are truly persuasive
throughout organizations-from the user’s platform to local & wide area networks to serves
to mainframe computers;
 Organizations depend on timely, accurate, complete, valid, consistent, relevant & reliable
information;
 Executive management has a responsibility to ensure that the organization provides all
users with a secure information systems environment.

Tools for information security:

Effective security management can minimize errors, fraud and losses in the information system.
Currently common security tolls used by the organization and individuals are as follows:

Encryption:
Encryption of data has become an important way to protect sensitive information transmitted over
Internet and other networks. Encryption is the coding and scrambling of messages to prevent
unauthorized access to or understanding of the data being transmitted. A message can be
encrypted by applying a secret numerical code, called an encryption key, so that the data are
transmitted as a scrambled set of characters (The key consists of a large group of letters, numbers
and symbols). To be read the message must be decrypted (unscrambled) with a matching key.
There are several alternative methods of encryption, but public key encryption is becoming
popular. Public key encryption has two keys, one private key and one public key. The keys are
mathematically related so that data encrypted with one key can be decrypted using only the other
key. To send and receive messages, communicators first create separate pairs of private and
public keys. The public key is kept in a directory and private key must be kept secret. The sender
encrypts a message with the recipient’s public key. On receiving the message, the recipient uses
his or her private key to decrypt it. Encryption is especially useful to shield messages on the

3
Internet and other public networks because they are less secure than private networks. Encryption
helps protect transmission of payment data, such as credit card information and addresses the
problems of message integrity and authentication.

Firewalls:
A computer within a LAN uses a gateway to connect to the Internet, the worldwide consortium of
computer networks. The connection is a security risk, as a LAN has no control over users on the
Internet. Applications transferred through the Internet to the LAN may contain computer viruses
that can harm the components of the LAN. Besides, unauthorized users may have other objectives
such as prying into a competitor's database or obtain classified information that are otherwise not
available for public use. A firewall is a special gateway that protects the users within a LAN from all
such hazards while letting item access the external information.
Firewalls use to prevent unauthorized users from accessing private networks. A Firewall isolates a
computer system from unauthorized access of another computer system on the Internet. As
growing numbers of businesses expose their networks to Internet traffic, firewalls are becoming a
necessity. A firewall is a combination of hardware and software that controls the flow of incoming
and outgoing network traffic. It is generally placed between the organization's private internal
networks and un-trusted external networks such as the Internet, although firewalls can also be
used to protect one part of a company's network from the rest of the network. The firewall acts like
a gatekeeper that examines each user's credentials before access is granted to a network. The
firewall identifies names, Internet Protocol (IP) addresses, applications and other characteristics of
incoming traffic. It checks this information against the access rules that have been programmed
into the system by the network administrator. The firewall prevents unauthorized communication
into and out of the network, allowing the organization to enforce a security policy on traffic flowing
between its network and other un-trusted networks, including the Internet.
In large organizations, the firewall often resides on a specially designated computer separate from
the rest of the network so no incoming request can directly access private network resources.
There are a number of firewall screening technologies, including static packet filtering, stateful
inspection, Network Address Translation and application proxy filtering. The following techniques
are used in combination to provide firewall protection.
To create a good firewall, an administrator must write in very fine detail and maintain the internal
rules identifying the people, applications or addresses that are allowed or rejected. Firewalls can
deter, but not completely prevent, network penetration by outsiders and should be viewed as one
element in an overall security plan. To deal effectively with Internet security, broader corporate
policies and procedures, user responsibilities and security awareness training may be required.

E-mail monitoring:
Internet and other online e-mail systems are one of the favorite avenues of attack by hackers for
spreading computer viruses or breaking into networked computers. For this e-mail is also the
battlefield for attempts by the organization to enforce policies against illegal, personal or damaging
messages by employees through monitoring software.

Virus defense:
Corporate antivirus protection is a centralized function of information technology by adopting anti-
virus program runs in the background. Large organization builds defenses against the spread of
viruses by centralizing the distribution and updating of antivirus software as responsibility IT
department. Other organizations are outsourcing the virus protection responsibility to their internet
service providers or to telecommunications or security management companies.

Security code:
Security codes are a type of multilevel password system for security management. An end user
logs into the computer system by entering his or her unique identification code or user ID and the
user is then asked to enter a password in order to gain access in the system.

Back-up files:
Back-up is nothing but copying of data and programs or whatever computers document it is, on to
spare magnetic tapes/disk to provide security. The simplest and the most inexpensive way to avoid
disastrous loss of data are to implement a schedule of periodic backups with storage off-site. It is
one of the few simple, economical ways to ensure that data safe and usable. Back-up files are
kept in off-premises for ensuring future security. The following resources must be considered;

4
  Personnel;
 Hardware;
 Facilities;
 Documentation;
 Supplies;
 Data/Information;
 Application software;
 System software.

Security monitors:
Security of a network may be provided by specialized system software packages known as system
security monitors. System security monitors are programs that monitor the use of computer system
and networks and protect them from unauthorized use, fraud and destruction.

Biometric security:
The word biometric can be defined as "life-measure". It is used in security and access control
applications to mean measurable physical characteristics of a person that can be checked on an
automated basis. Security personnel look for biometric data that does not change over the course
of one’s life; that is, they look for physical characteristics that stay constant and that are difficult to
fake or change on purpose. Biometric identification is becoming commonplace as hardware and
software come down in price.
Biometric security is a fast-growing area of computer security. This security measure is provided
by computer devices that measure physical traits that make each individual unique. This includes
voice verification, fingerprints, hand geometry, signature dynamics, keystroke analysis, retina
scanning, face recognition and genetic pattern analysis.

Computer failure control:

To ensure the information availability computer systems failures must be controlled. Computer
system fails for several reasons-power failures, electronic circuitry malfunctions, and
telecommunications network problem, hidden programming errors, computer viruses, computer
operator errors and electronic vandalism. To avoid these failures a backup computer system can
be arranged with disaster recovery organizations.

Faults tolerant system:

Sometimes being able to recover data from a hardware failure is not enough. Some LANs must not
experience any down time or data or money will be lost. Many Enterprise uses fault tolerant
computer systems that have redundant processors, peripherals and software that provide fail over
capability to back-up components in the event of system failure. One can use replication to allow
the network to continue to operate in the absence of a server and can implement fault tolerance in
servers to make it less likely for a hardware failure to cause a server to go down. This may provide
a fail-safe capability where the computer system continues to operate at the same level even if
there is a major hardware or software failure.
Windows NT server supports RAID (Redundant Arrays of Inexpensive Disks) for fault tolerance.
The levels of fault tolerance are as follows:
Level 0: Level 0 increases disk performance but does not make server more-fault tolerance.
Level 1: Mirroring: Disk mirroring or RAID level 1 make an exact copy of hard drive partition on
another hard, drive partition in the system.
Level 5- Striping with parity: Disk stripping with parity, also called RAID Level 5, protects from
failure of anyone disk in computer by spreading the information to be stored on disk across several
disks and by including error-correction information on the disks. Disk striping with parity requires at
least three partitions of the same size and each partition should be on a different physical drive.
Striping with parity wastes less disk space than does mirroring and it also often results in taster
disk performance because the operating system can request the data from all the striped drives at
the same time.

Disaster recovery:
Natural and manmade disasters do happen. Hurricanes, earthquakes, fires, floods, criminal and
terrorist acts and human error can all severely damage an organization's computing resources and
thus the health of the organization itself. Many organizations like airlines, banks and online
services, for example, are crippled by losing even a few hours of computing power. Many firms

5
could survive only a few days without computing facilities. That's why organizations develop
disaster recovery procedures and formalize them in a disaster recovery plan. It specifies which
employees will participate in disaster recovery and what their duties will be; what hardware,
software and facilities will be used and the priority of applications that will be processed.
Arrangements with other companies for use of alternative facilities may be done in disaster period.

A diagram of disaster recovery policy is as follows:

Disaster event

Notification and execute

telephone tree

Assess damage and execute

appropriate contingency plan

Assemble systems recovery Assemble user recovery

team at command center team at command center

Retrieve critical data from Notify customers, notify

offside vault senior user management,
assemble administrative
support

Notify support vendors on

required hardware
Initiate transportations of
critical operations support
personnel to hot-side

Configure hot-side for critical

operations

Establish temporary
communication link
between the hot-side and
Commence
Information systemoperations
controls: the command center

6
Information system controls are methods and devices that attempt to ensure the accuracy, validity
and propriety of information system activities. Information system controls must be developed to
ensure proper data entry, processing techniques, storage methods and information output. These
controls are designed to monitor and maintain the quality and security of the input, processing,
output and storage activities of any information system.

Auditing information technology security:

Auditing information services department should be periodically examined or audited by internal
auditing personnel from the business firm. In addition, periodic audits by external auditors from
professional accounting firms are a general business practice. Such audits systems should review
and evaluate whether proper and adequate information system controls, procedural controls,
facility controls and other managerial controls have been developed and implemented. There are
two basic approaches for auditing information systems that is auditing the information processing
activities of computer-based information systems. They are known as:
Auditing through the computer system: Involves verifying the accuracy and integrity of the
software that processes the data as well as the input of data and output produced by the computer
systems and networks.
Auditing through the computer requires knowledge of computer system, network
operations and software development: Some firms employ special EDP auditors for this
assignment. They may use special test processing accuracy and the control procedures built into
the software. The auditors may develop special test programs or use audit software packages.

Steps of audit control process:

IT security management should be periodically examined or audited by an organization’s internal
auditing staff or external auditors from professional accounting firms. The following are the steps of
audit control process:
 Determine the activities that will be tracked or audited;
 Select the tools that will be deployed for auditing and system activity reviews;
 Develop and deploy the information system activity review or audit policy;
 Develop appropriate standard operating procedure;
 Implement the audit or system activity review process.

The role of auditing in the control process:

How does management know that information systems security and controls are effective? To
answer this question, organizations must conduct comprehensive and systematic audits. An MIS
audit identifies all of the controls that govern individual information systems and assesses their
effectiveness. To accomplish this, the auditor must acquire a thorough understanding of
operations, physical facilities, telecommunications, security systems, security objectives, orga-
nizational structure, personnel, manual procedures, and individual applications.
The auditor usually interviews key individuals who use and operate a specific information system
concerning their activities and procedures. Security, application controls, overall integrity controls
and control disciplines are examined. The auditor should trace the flow of sample transactions
through the system and perform tests, using, if appropriate, automated audit software.
Security audits should review technologies, procedures, documentation, training and personnel. A
very thorough audit will even simulate an attack or disaster to test the response of the technology,
information systems staff and business employees. The auditor lists and ranks all control
weaknesses and estimates the probability of their occurrence. It then assesses the financial and
organizational impact of each threat.

Audit trail:
An audit trail can be defined as the presence of documentation that allows a transaction to be
traced through all stages of its information processing. This journey may begin with a transaction's
appearance on a source document and may end with transformation into information on a final
output document or record. The audit trail of manual information systems was quite visible and
easy to trace. However, computer based information systems have changed the form of the audit
trail information formerly available to the auditor in the form of visual records may no longer be
available. Now auditors must know how to search electronically through magnetic disk and tape
files of past activity to follow the audit trail of most business systems.
Many times, this electronic audit trail takes the form of control logs that automatically record all
computer network activity on magnetic disk or tape devices. This audit feature can be found on

7
many online transactions processing systems, performance and security monitors, operating
systems and network control programs. Software that records all network activity is also widely
used on the Internet, especially the World Wide Web, as well as corporate intranets and extranets.
Such an audit trail helps auditors check for errors or fraud, but also helps IS security specialists
trace and evaluate the trail of hacker attacks on computer networks.

Different levels of management:

The terms levels of management refers to a line of demarcation between various managerial
positions in an organization. The number of levels in management increases when the size of the
business and workforce increases. The level of management determines a chain of command, the
amount of authority and status enjoyed by a managerial position. The level of management can be
classified by three broad categories and they are:
 Top level/administrative level;
 Middle level/executor;
 Low level/supervisory/operative/first-line managers.

Information requirement of management levels:

The following is the information requirement of the various levels of management:
Top level management: To management analyzes broader trends in the economy, the business
environment and overall company performance, in order to conduct long-range planning for the
entire organization;
Middle level management: Middle manager needs summaries and analyses for setting
intermediate and long-range goals for the department or projects under their supervision;
First level management: First line managers need information to oversee the day-to-day details
of their departments or projects.

Types of decisions in management:

There are three different kinds of management in an organization. Each of these levels has
different information requirements for decision support and responsibility for different types of
decisions. Decisions can be classified into three categories:
 Unstructured decisions;
 Structured decisions;
 Semi-structured decisions.

Information systems in different organizational levels:

Three main categories of information systems serve different organizational levels: operational-
level systems, management-level systems and strategic-level systems.

Operational-level systems:
These support operational managers by keeping track of the elementary activities and transactions
of the organization such as sales, receipts, cash deposits, payroll, credit decision, flow of materials
in factory etc. The principal purpose of the systems at this level is to answer routine questions and
to track the flow of transactions through the organization.

Management-level systems:
These serve the monitoring, controlling, decision-making and administrative activities of the middle
managers. It ensures that all the things of the organization are working well. Management-level
systems typically provide periodic reports rather than instant information on operations. Some
management-level systems support non-routine decision making. They tend to focus on less-
structured decisions for which information requirements are not always clear.

Strategic-level systems:
It helps senior management tackle and address strategic issues and long-term trends, both in the
firm and in the external environment. Their principal concern is matching changes in the external
environment with existing organizational capability.

Decision making levels:

The following are the different decisions making level in an organization:

8
Strategic: To forecast the future plan, policies of the organization;
Tactical: Tracks the reason of better performance or worse performance of the activities of the
organization;
Knowledge: To design promotional and/or other important documents of the organization for
betterment of its activities;
Operational: To record daily transactions.

Major types of information systems in the organization:

Generally the following six types of information systems are correspond to each organizational
level. The organization has executive support systems (ESS) at the strategic level, management
information systems (MIS) and decision support systems (DSS) at the management level,
knowledge work system (KWS) at knowledge level and transaction processing systems (TPS) and
office automation system (OAS) at the operational level. Systems at each level in turn are
specialized to serve each of the major functional areas.

Transaction processing systems (TPS):

These are the basic business systems that serve the operational level of the organization. A
transaction processing system is a computerized system that performs and records the daily
routine transactions necessary to conduct business. Examples are; sales order entry, hotel
reservation systems and payroll, employees record keeping etc. At the operational level, task,
resources and goal are predefined and highly structured. Transaction processing systems are
often so central to a business that TPS failure for a few hours can lead to organization demise and
perhaps that of other organizations linked to it. Managers need TPS to monitor the status of
internal operations and the organization relations with the external environment. TPS are also
major producers of information for other types of systems.

Management information system (MIS):

An MIS can be defined as a network of computer-based data processing procedures developed in
an organization and integrated as necessary with manual and other procedures for the purpose of
providing timely and effective information to support decision making and other necessary
management functions. MIS usually generates regular periodic reports to feed management
functional areas to help management decision making and operations. MIS also provides needed
adhoc and special query reports.
MIS reports must cater information with following attributes:
 Accuracy;
 Timeliness;
 Completeness;
 Conciseness.
MIS design must consider the three levels of management-the top level, the middle level and the
lower or supervisory level.
Top level managers need a general understanding of the organization’s activities. They need the
type of information that will support long-range strategic plans and decisions.
Middle level managers are responsible for making the tactical decisions that will allocate the
resources and establish the controls needed to implement the top level plans.
And lower level managers make day-to-day operational decisions to schedule and control specific
tasks. The actual results of an operation may be checked daily against planned, expectations and
corrective actions may be taken as needed.

Decision support system (DSS):

Decision support system (DSS) refers to the process in which the managers take assistance of the
components and facilities of the MIS hardware and software in order to make some adhoc analysis
of some special problems faced by them and generate useful insights into the decision criteria
involved. The analyses are totally adhoc and not done by the MIS as a routine. The analyses help
management to make better decisions. This is common practice in case of relatively unstructured
problems where there is a high degree of uncertainty. DSS often involves simulations expert
systems and so called information centers where needed DSS facilities are clustered together for
use by managers.
DSS concept requires that the managers get ready access to computer hardware and software
tools nearby in order to make decisions more effectively often in an interactive manner with
concerned managers. Modern advancement in hardware and software technologies has been of

9
great help in this direction. Development of PC's, computer networks, communication systems,
internets, all types of software’s has basically helped in wide use of DSS concept in business,
industry, management and many other fields
DSS has come of age and is preceding hand-in-hand with MIS. MIS is the backbone information
system for management and DSS is providing the constant scope for adhoc optimization with
management intervention. Management has to be resourceful and well-equipped to derive the
benefits. The evaluation of computer and communication technology is realty helping the process
very well.
Characteristics of DSS:
 They support semi structured or unstructured decision making;
 They are flexible enough to respond to the changing needs of decision makers; and
 They are easy to use.
Component of DSS:
A DSS has four basic components:
 The users;
 Database;
 Planning languages;
 Model base
Example of DSS:
 Cost accounting system;
 Capital budgeting system;
 Budget variance analysis system;
 General decision support system

Executive support systems (ESS):

The most practical and widely implemented application of artificial intelligence in business is the
development of expert systems. An executive support system (ESS) or expert system is a
knowledge-based information system that uses its knowledge about a specific, complex
application area to act as an expert consultant to end users. Executive support systems provide
answers to questions in a very specific problem area by making humanlike inferences about
knowledge contained in a specialized knowledge base. They must also be able to explain their
reasoning process and conclusions to a user. So ESS can provide decision support to end users in
the form of advice from an expert consultant in a specific problem area. Through using an expert
system non-expert can achieve performance comparable to an expert in that particular domain.
Components of an ESS:
The components of an expert system include a knowledge base and software modules that
perform inferences on the knowledge and communicate answers to a user’s question. The
components are as follows:
Knowledge base:
The knowledge base of an expert system contains (1) facts about a specific subject area and (2)
heuristic (rules of thumb) that express the reasoning procedures of an expert on the subject. There
are many ways that such knowledge is represented in expert systems. Some of the methods of
knowledge representation are:
Case-based reasoning: Representing knowledge in an expert system's knowledge base in the
form of cases, that is examples of past performance, occurrences and experiences.
Frame-based knowledge: Knowledge represented in the form of a hierarchy or network of
frames. A frame is a collection of knowledge about an entity consisting of a complex package of
data values describing its attributes.
Object-based knowledge: Knowledge represented as a network of objects. An object is a data
element that includes both data and the methods or processes that act on those data.
Rule-based knowledge: Knowledge represented in the form of rules and statements of fact.
Rules are statements that typically take in the form of a premise and a conclusion such as: If
(condition), Then (conclusion).
Software resources:
An expert system software package contains an inference engine and other programs for refining
knowledge and communicating with users. The inference engine program processes the
knowledge (such as rules and facts) related to a specific problem. It then makes associations and
inferences resulting in recommended courses of action for a user. User interface programs for
communicating with end users are also needed, including an explanation program to explain the
reasoning process to a user if requested.

10
Criteria for applications of expert system:
The basic factors that should be taken into account for an expert system is required to be
developed for a potential application area are as follows:
Domain: The domain or subject area of the problem is relatively small and limited to well-defined
problem area.
Expertise: Solutions to the problem require the efforts of an expert. That is a body of knowledge,
techniques and intuition is needed that only a few people possess.
Complexity: Solution of the problem is a complex task that requires logical inference processing,
which would not be handled as well by conventional information processing.
Structure: The solution process must be able to cope with ill-structured, uncertain, missing and
conflicting data and a problem situation that change with the passage of time.
Availability: An expert exists who is articulate and cooperative, and who has the support of the
management and end-users involved in the development of the proposed system.

Benefit and limitations of expert system:

All computer application expert systems offer some real benefits but there are also some
limitations. An expert system captures the expertise of an expert or group of expert in a computer-
based information system. Thus, it can outperform a single human expert in many problem
situations.
The benefits of expert system can accrue to both managers and the organization:
Benefits of expert systems to managers: The major benefits of expert systems to managers are
as follows:
 An expert system is faster and more consistent, can have the knowledge of several
experts and does not get tired or distracted by overwork or stress;
 Make better decisions by considering more alternatives;
 Apply a higher level of logic in evaluating the alternatives;
 More time to evaluate decision results;
 Achieve a consistency in the decisions taken.
Benefits of expert systems to the organizations: An organization that implements an expert
system can expect:
 Better performance for the organization;
 Maintain control over the organization's knowledge;
 Expert systems also help to preserve and reproduce the knowledge of experts. They allow
an organization to preserve the expertise of an expert before leaves the organization.
 Finally, expert systems can have the same competitive advantages as other types of
information technology. That is, the effective use of expert systems can allow a firm to
significantly improve the efficiency of its business processes or produce new knowledge
based products and services.
Limitations of expert systems:
The major limitations of expert systems are:
 They have limited focus, inability to learn, maintenance problems and high developmental
cost;
 Expert systems excel only in solving specific types of problems in a limited domain of
knowledge, but they fail miserably in solving problems requiring a broad knowledge base
and subjective problem solving;
 They cannot handle inconsistent knowledge;
 They cannot apply the judgment and intuition recognized as important ingredients of
problem solving;
 They cannot apply to unstructured/partially-structured problems.
However, some of these limitations can be overcome by combining expert systems with AI
technologies such as fuzzy logic and neural networks or by the use of expert system
developmental tools that make the job of development and maintenance easier.

Office automation system (OAS):

Office automation systems are information technology applications designed to increase data
workers productivity by supporting the coordinating and communicating activities of the typical

11
office. It is also known as enterprise collaboration system and this system enhance team and work
group communications and productivity.

Relationship between information systems:

The basic relationship between the TPS, MIS, ESS, DSS, KWS and OAS are as follows:
 TPS supports all other systems.
 KWS and OAS support MIS and DSS.
 MIS supports ESS, DSS, KWS and OAS.
 DSS supports only ESS.

Artificial intelligence:
Artificial intelligence (AI) is a branch of computer science concerned with designing intelligent
computer systems, that is, systems that exhibit the characteristics we associate with intelligence in
human behavior-understanding, language, learning, reasoning, solving problems and so on. AI is
an interdisciplinary field. It is influenced and shaped by disciplines such as psychology,
mathematics, cognitive science, computational linguistics, data processing, decision support
systems and computational modeling. AI is made up of various branches of study, such as expert
systems, fuzzy logic, generic algorithms, virtual reality, intelligent agents, natural language
interfaces, neural networks and robotics.
Some of the attributes of intelligent behavior that AI is attempting to duplicate these capabilities in
computer-based-systems are as follows:
 Think and reason;
 Use reason to solve problems;
 Learn or understand from experience;
 Acquire and apply knowledge;
 Exhibit creativity and imagination;
 Deal with complex or perplexing situations;
 Respond quickly and successfully to new situations;
 Recognize the relative importance of elements in a situation;
 Handle ambiguous, incomplete or erroneous information.
Though much work has been done in many of the subgroups that fall under the AI umbrella, critics
believe that no computer can truly pass the Turing test. They claim that developing intelligence to
impart true humanlike capabilities to computers is simply not possible. But progress continues and
only time will tell if the ambitious goals of artificial intelligence will be achieved and equal the
popular images found in science fiction.

Knowledge workers and knowledge work:

Knowledge workers include researchers, designers, architects, scientists and engineers who
primarily create knowledge and information for the organization. Knowledge workers usually have
high levels of education and memberships in professional organizations and are often asked to
exercise independent judgment as a routine aspect of their work. For example, knowledge workers
create new products or find ways of improving existing ones. Knowledge workers perform three
key roles that are critical to the organization and to the managers who work within the
organization:
 Keeping the organization current in knowledge as it develops in the external world-in
technology, science, social thought and the arts;
 Serving as internal consultants regarding the areas of their knowledge, the changes taking
place and opportunities;
 Acting as change agents, evaluating, initiating and promoting change projects.
Most knowledge workers rely on office systems, such as word processors, voice mail, e-mail,
videoconferencing and scheduling systems, which are designed to increase worker productivity in
the office. However, knowledge workers also require highly specialized knowledge work systems.
These knowledge work systems (KWS) are specifically designed to promote the creation of
knowledge and to ensure that new knowledge and technical expertise are properly integrated into
the business. Moreover, knowledge work is segmented into many highly specialized fields and
each field has a different collection of knowledge work systems that are specialized to support
workers in that field.
Requirements of knowledge work systems/how knowledge worker differ from other worker:
Knowledge work systems have characteristics that reflect the special needs of knowledge workers.
First, knowledge work systems must give knowledge workers the specialized tools they need, such

12
as powerful graphics, analytical tools and communications and document management tools.
These systems require great computing power to handle the sophisticated graphics or complex
calculations necessary for such knowledge workers: a scientific researcher, product designers and
financial analysts. Because knowledge workers are so focused on knowledge in the external world,
these systems also must give the worker quick and easy access to external databases.
A user-friendly interface is very important to a knowledge worker's system. User-friendly interfaces
save time by enabling the user to perform needed tasks and get to required information without
having to spend a lot of time learning how to use the computer. Saving time is more important for
knowledge workers than for most other employees because knowledge workers are highly paid.
Wasting a knowledge worker's time is simply too expensive and knowledge workers can easily fall
prey to information overload. Knowledge workstations often are designed and optimized for the
specific tasks to be performed; so, for example, a design engineer requires a different workstation
setup than a financial analyst. Design engineers need graphics with enough power to handle three
dimensional computer-aided design (CAD) systems. However, financial analysts are more
interested in access to a myriad of external databases and technology for efficiently storing and
accessing massive amounts of financial data.

The end

13