1

Table of Contents
MODULE 1: Information Technology in Basics..............................................................3

Unit 01: Information Technology Defined........................................................................ 3

Unit 02: Components of a Computer System..................................................................4

Unit 03: Computer Types and Varieties......................................................................... 12

Unit 04: Evolution of a Computer................................................................................... 14

Unit 05: Information Technology and Emerging Trends............................................... 23

Unit 06: Information Systems........................................................................................ 37

MODULE 2................................................................................................................. 43

Unit 07: Systems Development Life Cycle.....................................................................43

Unit 08: Computer and Internet Etiquette.....................................................................53

Unit 09: Computer and Cybersecurity...........................................................................56

Unit 10: Cybercrime Law................................................................................................61

Unit 11: Security Controls............................................................................................... 82

Final Requirement: User Interface (Prototyping).......................................................... 86

Appendix................................................................................................................... 88

2
 MODULE 1: Information Technology in Basics

Unit 01: Information Technology Defined

Technology has reshaped our lives at home, at work and in
education. Almost all businesses have an online presence and
most business processes require computers in some way.

Information Technology is the use of computer-based systems and communications

technology to create, process, store, secure and exchange all forms of digital information. IT
focuses on the information processing from the collection, to the processing, and the sharing of
information. IT deals with the methods and tools used in the information processing.

Information is now a necessity in today’s society, sometimes even provided real-time and
reaches people in different parts of the world. This is an engagement in the 21st century that is
lucrative in a business setting. IT, beyond communications, offers many personal career paths
and company growth leading to competitive advantage in each respective field. To become
more competent in each respective field, one must know basic computer skills and must build a
foundation using the fundamental technology concepts.

We go beyond learning the basic definition of information technology in the classroom, but also
in an online or digital presence. An individual’s ability to find, evaluate, and compose clear
information through writing and other media on various digital platforms is known as digital
literacy. Computer literacy is also known as digital literacy. An individual must keep up with the
changes in technology and become computer literate.

Now why do we need to study information technology? Simply because we use these
technologies in our everyday lives, and we need to further understand how these hardware and
software are working. Computer skills are needed regardless of setting and field, whether at
home, work, school or play. By understanding computers, you become self-sufficient whether
you use it for research, communications or time management. By mastering fundamentals, you
will develop a strong base to support furthering your knowledge in the years to come.

Some computer roles in our lives

1.​ Tiny embedded computers control alarm clocks, entertainment centers and home
appliances
2.​ Today’s automobiles cannot run efficiently without embedded computer systems

3
 3.​ An estimated 10 mil people work from home instead of commuting to work because of
PCs and networking technologies
4.​ People use social media for communications nearly 10 times as often as snail mail and 5
times more than a telephone.
5.​ Routine daily tasks such as banking, buying groceries are affected by computer
technologies

In a world that is defined by technology and digital trends, the demand for digital literacy has
increased exponentially. We need to expand our knowledge to avoid unfamiliar situations and
modernize our skills to stay relevant in a dynamic work environment. That is why it is important
for us to learn the fundamentals of information technology.

Unit 02: Components of a Computer System

A lot of people believe that computers are extremely complicated devices because of the tasks
they perform. Like any machine, there are components that are complicated from an outsider
perspective, but as soon as you learn about these components, the complexity unravels and
becomes understandable.

As previously discussed, a computer is a machine, a collection of parts that work together. The
collection of parts is categorized in many ways, in this case they are categorized according to
their function. In this unit, we learn the different components (parts) of a computer system. The
most important parts, how the different components work together to achieve success in terms
of using a computer will be shown.

Figure 03-A: The Computer System

4
A computer system is a combination of hardware and software that can be programmed to
perform a variety of tasks. Computer system has four components: COMPUTER HARDWARE,
SOFTWARE, DATA, and USER.

COMPUTER HARDWARE
This is the first component of a computer system. It refers to the tangible, physical computer
equipment and devices which provide support for the major functions of the computer system.
Mainly the mechanical aspects of the computer. As seen in Figure 03-A, the hardware controls
the input of data into the computer system and the output of information from the computer
system. All these devices are interconnected with each other. Below are some classifications of
hardware based on their functions.

1.​ Input Devices – Used to enter data or instructions into a computer system. Input devices fall
into two categories: manual input devices (needs to be operated by a human to input data)
and automatic input devices (can input data on their own). Each input device is concerned
with a specific type of data: Scanner – documents or images, Digital Camera – still and
moving images

​
Figure 03-B: Common Manual​ ​ Figure 03-C: Common Automatic ​
​ Input Devices ​ ​ ​ ​ ​ Input Devices

2.​ Output Devices – Used to convey information from the computer system to one or more
people. When raw data has been processed it becomes usable information. Output devices
are pieces of hardware that send this usable information out of the computer. Output
devices send information out temporarily and some send information out permanently:
temporary output devices (monitors) and permanent output devices (printers which output
information onto paper as hard copy).

5
 Figure 03-D: Common Output Devices

Almost all input and output devices are known as ‘Peripheral Devices’. These are
non-essential hardware components that usually connect to the system externally.
Peripherals are called non-essential because the system can operate without them.

Figure 03-E: Common Peripheral Devices

3.​ System Unit – houses the electronic components to process data

▪​ Motherboard – This is the main circuit board of the system unit. The motherboard is
central to any computer system. All components are plugged into the motherboard
either directly (straight into the circuit board) or indirectly (vis USB ports)

Figure 03-F: Motherboard

6
▪​ Processor – The Central Processing Unit (CPU) is the brain of the computer. Electronic
component that interprets and carries out basic instructions. The CPU 'controls' what
the computer does and is responsible for performing calculations and data processing.

Figure 03-G: Example of a processor

▪​ Memory – Electronic components that store instructions waiting to be executed and

data needed by those instructions. There are two types of internal memory. These two
memories are used to store computer data and this can be directly accessed by the CPU.
The RAM and ROM device are sometimes referred to as ‘primary storage’.
⬥​ ROM (Read Only Memory)
-​ ROM is used to permanently store instructions that tell the computer how to
boot (start-up). It also loads the operating system (e.g. Windows).
-​ These instructions are known as the BIOS (Basic input/output system) or the
boot program.
-​ Information stored in ROM is known as READ ONLY. This means that the contents
of ROM cannot be altered or added to by the user.
-​ ROM is fast memory. Data stored in ROM can be accessed and read very quickly.
-​ ROM is Non-Volatile memory. This means that stored information is not lost
when the computer loses power.
Other examples of ROM include:
-​ DVD/CD ROMS bought in stores containing pre-recorded music and movie files.
These are played back at home but cannot be altered.
-​ ROM in printers which is used to store different font types.

Figure 03-H: Example of a Read-only Memory

7
 ⬥​ RAM (Random Access Memory)
-​ RAM is used to temporarily store information that is currently in use by the
computer. This can include anything from word documents to videos.
-​ RAM can be read from and written to and so the information stored in RAM can
change all the time (it depends what tasks you are using the computer for).
-​ RAM is a fast memory. Data can be written to and read from RAM very quickly.
RAM is generally measured in GB (Gigabytes).
-​ RAM is Volatile Memory and stores date ‘non-permanently’. This means that
information stored in RAM is deleted as soon as the computer is turned off.
-​ The more RAM you have installed in your computer -- the faster it can perform.
You can open and use more programs at the same time without slowing the
computer down.

Figure 03-I: Example of a Random-Access Memory

4.​ Storage Devices – Holds data, instructions and information permanently for future use. It
records (writes) and/or retrieves (reads) items to and from storage media. Secondary
storage devices are used to store data that is not instantly needed by the computer.
Secondary storage devices permanently store data and programs for as long as we need.
These devices are also used to back-up data in case original copies are lost or damaged.
There are two categories of storage devices: internal storage (internal hard disk drives) and
external storage (external hard disk drive, memory sticks, etc.)
Example of Storage Devices
▪​ Magnetic Storage Device - one of the most popular types of storage used.
⬥​ Magnetic Disc – commonly referred to as a hard disk drive (HDD) is a storage device
in a computer that uses a magnetization process to read, write, and rewrite data on
a magnetic disc.
⬥​ Magnetic Tape – a type of storage medium that consists of a thin plastic strip with a
magnetic coating that are wound around two reels, allowing data to be stored
sequentially

8
▪​ Optical Storage Device – uses laser lights as its mode of saving and retrieving data.
⬥​ Blu-ray disc – A digital optical storage device which was intended to replace the DVD
format.
⬥​ CD-ROM disc – An optical storage device that is read-only or cannot be modified or
deleted.
⬥​ CD-R and CD-RW disc – CD-R is a recordable disc that can be written to once, while
CD-RW is a rewritable disc that can be written to multiple times.
⬥​ DVD-R, DVD+R, DVD-RW and DVD+RW disc – DVD-R and DVD+R are recordable discs
that can be written to once, while DVD-RW and DVD+RW are rewritable discs that
can be written to multiple times. The difference between the + and – is in the
formatting and compatibility.

▪​ Flash Memory – an electronic non-volatile computer memory storage medium that can
store data in electronic form functionally similar to rechargeable batteries. Flash
memory devices vary depending on their form factors:
⬥​ Memory card – flash memory in the form of a “card” inserted inside the device
⬥​ Memory stick – flash memory in the form of a “stick” as an external storage medium
of which the most common form factor is the USB flash drive
⬥​ Solid State Drive (SSD) – flash memory in the form of a hard disk drive (HDD) as a
more efficient replacement of the aforementioned type of storage device

▪​ Online and Cloud Storage – is now becoming widespread as people access data from
different devices.
⬥​ Cloud storage – Data is managed remotely and made available over a network. Basic
features are free to use but the upgraded version is paid monthly as a per
consumption rate.
⬥​ Network media – Audio, Video, Images or Text that are used on a computer
network. A community of people create and use the content shared over the
internet.

Classification of Memory and Storage Devices

●​ According to Data Retention
a.​ Volatile Memory
▪​ Device requires power to retain its stored data – data is lost as soon as power
is cut-off from the device
b.​ Non-Volatile Memory
▪​ Device can retain stored data even after computer power is turned-off

9
 ●​ According to Access Technique
a.​ Random Access
▪​ Data stored in the device can be accessed in any order, i.e. random
b.​ Sequential Access
▪​ Data stored in the device can be accessed only in sequential order from start
to finish
▪​ Example: A movie stored in a BluRay Disc is accessed in sequential order so
that the movie stored therein can be viewed from start to finish

●​ According to Access Rights

a.​ Read/Write Access
▪​ The device allows data to be read and written onto it.
b.​ Read-Only Access
▪​ The device only allows data to be read from it – its contents are prefabricated
during the production of the device.
Example:
Memory Device Data Retention Access Technique Access Rights

RAM Device Volatile Random Read/Write

ROM Device Non-volatile Random Read-Only

BluRay Disc Non-volatile Sequential Read-Only

Magnetic Tape Non-volatile Sequential Read/Write

5.​ Communication Devices – Enables a computer to send and receive data, instructions, and
information to and from one or more computers. A hardware device capable of transmitting
an analog or digital signal over the telephone, other communication wire, or wirelessly.

Examples: Bluetooth devices, Infrared devices, Modem (over phone line), Network card
(using Ethernet), Smartphone, Wi-Fi devices (using a Wi-Fi router)

SOFTWARE
This is the second component of a computer system. Software is known as the series of related
instructions that make the computer perform tasks. In other words, software tells the computer
what to do. The term ‘program’ or ‘application’ refers to any piece of software. Some software
exists to help the computer perform tasks and manage resources; some software performs
tasks that are more specific. The types of software are systems software and application
software.

10
 ●​ Systems Software – Systems software includes the programs that are dedicated to
managing the computer itself, such as the operating system, file management utilities,
and disk operating system (or DOS). Without systems software installed in your
computers, no instructions would be executed for the tasks needed to be done.

Examples: Utility software (antivirus, disk tools), system servers, device drivers,
operating systems, windows/graphical user interface (GUI) systems

●​ Application Software – Referred to as applications or simply apps are end-user

programs that execute specific tasks like report generation, spreadsheet management,
running games, sending emails, and online research among other functions. They can be
as simple as a calculator or as complex as a video editing software.

Examples: MS Office Word, Adobe Photoshop, Microsoft Edge, Calculator,

Minesweeper, Steam

DATA
This is the third component of a computer system. It consists of individual facts or pieces of
information that are used by the computer system to produce information. Data by themselves
may not make much sense to a person. The computer’s primary job is to process data in various
ways, making them useful. Without data, the computer wouldn’t be able to function properly.

Example: The grades of fifty students in one class, all different pieces of data which doesn’t
make much sense yet, but when a chart is created from the data, and frequencies are
developed. This now makes sense at a glance.

USERS
This is the fourth component of a computer system. Also referred to as the ‘peopleware’, users
are the ones who operate the computer system to perform a variety of computer-related tasks.
Some computer systems can operate without a human user, but not all computers are totally
autonomous.

11
Unit 03: Computer Types and Varieties
Before we learn the types of computers still being used today, let us define what a computer is.

A computer is defined by Peter Norton as “An electronic device that processes data according to
a predetermined set of instructions that convert data info information useful to people. They
perform specific tasks based on the instructions provided by a software or hardware program”.

Also, according to Gary Shelly, a computer is defined as “An electronic device operating under
the control of instructions stored in its memory that can accept data, process the data, produce
and store results for future use”. Computers can also store data for future use with the
appropriate storage devices.

A computer is a programmable device that can automatically perform a sequence of

calculations or other operations on data once programmed for the task. It can store, retrieve,
and process data according to internal instructions. Computers can be categorized in many
ways: by size and capacity, by data handling and operating system capabilities, based on the
number of microprocessors, and based on the number of users. In this module, we’re going to
classify computers according to the size and capacity.

Before cloud computing and the use of digital systems,

large companies used (01) supercomputers because they
required a big amount of computing power. A
supercomputer has an incredibly high level of
performance. These are usually used on a large-scale
operation like industrial function, space exploration,
weather forecasting, and nuclear testing.

A supercomputer is a computer at the leading edge of data processing capability, with respect
to calculation speed. Supercomputers are used for scientific and engineering problems
(high-performance computing) which crunch numbers and data, while mainframes focus on
transaction processing.

(02) Mainframe computers are like big centralized

machines that contain the large memory, huge storage
space, multiple high-grade processors, so it has
ultra-processing power compared to standard computer
systems. The use of the primary memory and having
multiple processors are done by mainframe computers.

12
These are used in moderate data processing, banking, and insurance. It handles bulk data
processing, statistics, and analysis.

The term originally referred to the large cabinets called “main frames” that housed the central
processing unit and main memory of early computers. Later, the term was used to distinguish
high-end commercial machines from less powerful units. Most large-scale computer system
architectures were established in the 1960s, but continue to evolve. Mainframe computers are
often used as servers.

(03) A server is basically a reliable high quality personal

computer – see ITEM (04) below – with a higher hardware
specification that is connected to a computer network.
They are used to control and handle online access to an
organization’s hardware, software and data resources that
business clients can utilize as a network service.

(04) Personal computers or PCs are computers intended

for individual use by the general public. When used by the
common household they are used to perform personal
productivity tasks like internet browsing, email, multimedia
playback, gaming and so on. On the other hand, when used
in the workplace, they are used to perform office
produc-tivity tasks like word processing, spreadsheets
applications, computer graphics, database administration, programming, and so on.

Personal computers come in two general form factors: desktop computer (as shown in the
picture above) or laptop.

(05) A mobile device refers to any type of handheld computer

that is typically designed to be battery-powered, extremely
portable, and they can often fit in your hand. There are even
some mobile devices that are powerful enough to do many of
the same things you can do with a desktop computer or laptop.

​ Examples of these devices include smartphones, computer

tablets, e-readers such as Amazon Kindle and handheld gaming consoles such as the Nintendo
Switch.

13
 (06) Wearable technology refers to any kind of electronic device that is
meant to be worn on the body. These include smart watches, noise
cancelling ear phones, VR glasses, fitness trackers, and medical
trackers (that monitors a patient’s heart rate, blood sugar level, etc.)
among others.

(07) An embedded computer is a

computer chip embedded in appliances,
equipment, vehicles, physical structures,
and the like with the purpose of making
them “smart” enough to enhance their
functionality and/or improve how they
operate by automating tasks that would
minimize the need for constant human
interaction.

Examples would include smart appliances, smart doors, smart gates, cars, aircrafts, elevators,
security systems, and military grade weapon systems among others.

Unit 04: Evolution of a Computer

The history of computers is a remarkable journey that spans several centuries, witnessing
transformative advancements that have revolutionized human society. From ancient calculating
devices to the powerful supercomputers and smartphones we have today, this course aims to
provide a comprehensive overview of the evolution of computers, highlighting key examples
that illustrate major milestones in this remarkable progression.

14
I. Pre-Computer Era (Pre-20th Century)
A.​ Abacus: One of the earliest known calculating devices, the abacus has roots dating back
to around 2400 BCE in ancient Mesopotamia and China. It allowed users to perform
basic arithmetic operations through the manipulation of beads on rods.

B.​ Pascaline: Invented by Blaise Pascal in 1642, the Pascaline was an early mechanical
calculator capable of performing addition and subtraction. It featured gears and wheels
to handle numerical computations.

15
II. Mechanical Computers (19th Century)
A.​ Analytical Engine: Designed by Charles Babbage in the 1830s, the Analytical Engine was
a conceptual mechanical computer that laid the groundwork for modern computing. It
featured basic arithmetic operations, loops, and conditional branching.

B.​ Jacquard Loom: In the early 1800s, Joseph-Marie Jacquard developed a loom that used
punched cards to control the weaving patterns, effectively introducing the concept of
programming through punched cards.

16
III. Early Electronic Computers (20th Century)

A.​ Colossus: During World War II, British engineer Tommy Flowers developed Colossus, the
world's first programmable electronic digital computer. It was used to break encrypted
German codes and played a crucial role in the Allied victory.

B.​ ENIAC: Completed in 1945, the Electronic Numerical Integrator and Computer (ENIAC)
was the first general-purpose electronic computer. It was massive and used vacuum
tubes for computation.

17
 C.​ UNIVAC I: Developed by J. Presper Eckert and John Mauchly in 1951, UNIVAC I was the
first commercially available computer, widely used for scientific and business
applications.

IV. The Birth of Modern Computing (1950s-1960s)

A.​ Transistors: In 1947, the invention of transistors by John Bardeen, Walter Brattain, and
William Shockley at Bell Labs revolutionized computing. Transistors replaced bulky
vacuum tubes, making computers smaller, faster, and more reliable.

18
B.​ IBM 360: Introduced in 1964, the IBM System/360 series was a family of mainframe
computers that offered compatibility across models, setting a new standard for
computer architecture.

C.​ ARPANET: In the late 1960s, the U.S. Department of Defense's Advanced Research
Projects Agency (ARPA) created ARPANET, the precursor to the modern internet, which
allowed computers to communicate with each other for the first time.

19
V. The Rise of Microcomputers (1970s-1980s)

A.​ Altair 8800: In 1975, the MITS Altair 8800 became one of the first commercially
successful microcomputers, inspiring hobbyists and entrepreneurs like Bill Gates and
Paul Allen to develop software for it.

B.​ Apple II: Introduced in 1977, the Apple II was one of the first mass-produced,
user-friendly personal computers, making a significant impact on the home computing
market.

C.​ IBM PC: Launched in 1981, the IBM Personal Computer (IBM PC) became the industry
standard, accelerating the adoption of personal computers in businesses and homes.

20
VI. The Internet Era (1990s)
A.​ World Wide Web: In 1989, Tim Berners-Lee invented the World Wide Web, making the
internet accessible to non-technical users and transforming the way we access and share
information.
B.​ Dot-com Bubble: The late 1990s saw a surge of internet-based companies, leading to
the dot-com bubble, with examples like Pets.com and Webvan, which eventually burst in
the early 2000s.

VII. Advancements in the 21st Century

A.​ Smartphones and Tablets: The introduction of the iPhone in 2007 revolutionized mobile
computing, leading to a proliferation of smartphones and tablets that have become
integral to modern life.

B.​ Cloud Computing: Cloud computing services, such as Amazon Web Services (AWS) and
Microsoft Azure, provide scalable and on-demand computing resources over the
internet, enabling businesses and individuals to access data and applications from
anywhere.

21
C.​ Artificial Intelligence and Machine Learning: Advancements in AI and ML have led to
breakthroughs in natural language processing, image recognition, autonomous vehicles,
and more.

D.​ Quantum Computing: Quantum computers, exemplified by companies like IBM and
Google, leverage the principles of quantum mechanics to perform complex calculations
exponentially faster than traditional computers.

22
Unit 05: Information Technology and Emerging Trends
Objectives: By the end of this lesson, the student will be able to
1.​ discuss and describe the different industrial revolutions,
2.​ describe what is the difference between innovation and invention
3.​ compute for productivity as an effect of information technology on workers or on the
organization as a whole.

We are living in extraordinary times where extraordinary technologies are within reach from
anywhere, by anyone. We almost always take these technologies for granted because they have
become part of the everyday life of people.

To start with this module, see the presentation for IT Trends: Lesson04GITTechTrends

The rise of information and communication technologies (ICT) – that is, computers, software,
telecommunications and the internet – and the large impact that these new technologies are
having on the way that society functions, have prompted many to claim that we have entered a
new era.

Industrial Revolutions
A period of development in the latter half of the 18th century, where there is change
from one economy to another.

23
 Generally, the term refers to eras when rapid and significant technological changes
fundamentally alter the way that production is carried out in society, affecting not only how
people work but also how they live their lives.

Industrial revolution involves technological, socioeconomic, and cultural aspects. It

occurs when technological change fundamentally transforms the way in which a society carries
out the production and distribution of goods.

The changes could be inventions, innovations, product innovations, or process

innovations. The term ‘invention’ refers to the discovery of new products or processes, while
‘innovation’ refers to the commercialization (bringing to the market) of new products or
processes.

INVENTION is the discovery of new products and processes.

24
 Machines Telephones Automobiles Television

INNOVATION is the commercialization and improvement of the existing products.

Assembly Lines CD’s Flat Screen TV’s Smartphones

Product innovations result in the production of a new product, such as the change from
a three-wheel car to a four-wheel car, or the change from LP (Long Play/Playing) records to CDs
(Compact Discs). Process innovations increase the efficiency of the methods of production of
existing products, for example the invention of the assembly-line technique.

Here are the different Industrial Revolutions with their products / services,
transportation, production system, and communication.

25
FIRST INDUSTRIAL REVOLUTION - 1765
Started in England during the late 18th century, concentrated in Britain and initially focused on
textile manufacturing.
●​ Significant evolutions: Cort’s puddling; rolling process for making iron, Crompton’s mule
for spinning cotton, Watt steam engine
●​ Products / Services – Vegetables, Coal, Iron, Discovery of chemicals
●​ Transportation – Railroads, Basic farming
●​ Production System – Manual Labor to mechanical
●​ Communication - Printed materials

SECOND INDUSTRIAL REVOLUTION - 1870

●​ Significant evolution: Development of electricity, Internal-combustion engine, Railway,
Chemical industry
●​ Products / Services – electricity, chemicals, petroleum, steel
●​ Transportation – automobiles, aircrafts
●​ Production System – machine-aided equipment
●​ Communication – telephone, telegraph

26
THIRD INDUSTRIAL REVOLUTION - 1969
●​ Started with the development of transistors and the rise of electronics and digital
technology.
●​ Products / Services – Internet, rise of electronics, source of energy: nuclear power
●​ Production System - Automation

FOURTH INDUSTRIAL REVOLUTION – 2000 onwards

See Lesson04Video1IndustrialRevolutions.mp4
Klaus Schwab described the fourth industrial revolution as marked by an era of technological
revolution that is blurring the lines between the physical, digital and biological spheres.
Watch Lesson04Video2FourthIndustrialRevolution.mp4
●​ Significant evolution: Development of Artificial Intelligence
●​ Products/Services - Augmented Reality, Virtual Reality, Cryptocurrency

27
FIFTH INDUSTRIAL REVOLUTION
Because the Fourth Industrial Revolution failed to incorporate sustainability into its approach,
countries are looking towards Industry 5.0 to meet a wide range of social demands including
addressing the global environment, human preferences, and a circular economy.

There are different viewpoints as to what the ideal Industry 5.0 would look like. According to
the European Commission, it should be one that is based on sustainability,
human-centeredness, and resilience. Germany proposes a framework of autonomy,
interoperability, and sustainability. In comparison, Japan wants to balance economic
development with the resolution of social issues through systems that integrate cyberspace and
physical space at a high level.

In the Philippines, we take the concept of sustainability and make it personal by emphasizing
the conservation of cultural heritage and its related practices.

IT and PRODUCTIVITY
Economists interested in the pervasive effects of technological change in different
industrial revolutions have devised the concept of a General Purpose Technology (GPT). It is a
technology of wide application used in various industries and whose impact is strong on their
functioning.

Main Characteristics of a GPT

As you read the list, consider how a new technology such as electricity or information
technology fulfills each criterion.

●​ It must have a wide scope for improvement and elaboration - this means that the
technology does not appear as a complete and final solution, but as a technology that
can be improved through the different opportunities for technological change that
surround it.
●​ It must be applicable across a broad range of uses - this means that its use is not
restricted, for example, to only one industry but open to many different types of
industries and consumers.
●​ It must have a potential use in a wide variety of products and processes - this means that
the new technology should not result in the creation of only one set of products (such as
a computer), but a wide set of products (such as complex new air-traffic control systems
or new inventory controls).
●​ It must have strong complementarities with existing or potential new technologies - this
means that the technology does not only replace existing methods but also works with
them, ensuring an even broader impact on the systems of production and distribution.

28
Productivity
Productivity is the quality of producing something. It is a measure of the efficiency of a person,
machine, factory, system, etc., in converting inputs into useful outputs. It is an indication of the
efficiency of production or distribution.

The Effect of Technology on Productivity

Labor productivity can be measured as output produced per hour of labor. For example,
consider an automobile factory that is able to produce 10 cars per day using 100 hours of labor.
If a new invention permits those same workers to produce 20 cars in the same amount of time,
their productivity has been doubled.
Gross Domestic Product (GDP) - Total monetary or market value of all the finished goods and
services produced within a country's borders in a specific time period. Total output divided by
total labor hours in the year gives us a measure of labor productivity. A 5 per cent growth in UK
productivity over a year means that the UK economy has become 5 percent more productive
than it was in the previous year. This should mean that the economy can produce 5 per cent
more output (GDP) with the same amount of inputs.

Example Computation for Productivity

Question1: If a group of workers produces 10,000 units of output in one year, and 12,000 units
the next year. Calculate the percentage increase in productivity.
Answer:
You want to know the percentage increase represented by the second year's output, 12,000,
over the first year's output, 10,000. Subtracting 10,000 from 12,000 gives us the increase.
Divide the answer by 10,000 to calculate the increase relative to the first year. Then multiply
by 100 to turn the answer into a percentage.
2,000
12, 000 − 10, 000 = 2, 000 ; 10,000
* 100 = 20%

So, output increased by 20 percent. As the number of workers stayed the same, this is also
an increase in productivity.

Question2: Calculate the percentage increase in productivity if the output expands from 12,000
in year 2 to 15,000 in year 3.
Answer:

29
Division of Labor and Productivity
The division of labor refers to the degree to which the various tasks involved in the
production of a good or service are divided among different workers.
Productivity increases when the division of labor increases. Increases in productivity can
be transmitted throughout the economy for several reasons:

Productivity – Income
Increases in productivity can lead to higher incomes for an economy's citizens. All output
must be transformed, through the process of production and sale, into someone's income (e.g.
the boss's profits and the workers’ wages).
Hence, increases in productivity, which allow more output to be produced by a given
amount of inputs, also lead to more income per head, that is, greater wealth for society. For
example, if more cars can be produced due to increases in the productivity of car production,
more cars are sold, which means that the car manufacturers’ revenues increase.

Productivity – Cost of Production

If increases in wages are linked to increases in productivity, then workers’ wages may
also rise (or, at least, their employment prospects may be more secure). Second, increases in
productivity diffused throughout the economy have an effect on prices. Increases in
productivity tend to lower the cost of production, precisely because more output can be
produced with the same amount of inputs. Since cost reductions tend to be translated into price
reductions, increases in productivity eventually tend to reduce prices. Indeed, the introduction
of assembly lines made a substantial contribution to the affordability of consumer durables such
as the car. The increase in income per head and the reduction in prices allow consumers to be
better off.

Prices and Industrial Change

How can we look at price changes over time in industries in which the product
undergoes many changes, especially in early stages? We use the concept of the price index.
Indices are used a lot in economics. They are basically a simple way of measuring change.
Price index is a measure of the average level of prices for some specified set of goods
and services, relative to the prices of a specified base period. The most widely used method of
constructing an index is based on the notion of the percentage. An example is provided below.
Suppose that the price of a product is Php 500 in 2000 and Php 750 in 2001 and Php
1000 in 2002. In this simple example, our market basket consists of only one product. Selecting
year 2000 as the base year, we can express the prices in years 2001 and 2002 relative to the
price in year 2000 as follows (see next page):
30
The price in year 2000 (base year) is equal to 100 percent
Price Index: ​ 𝑦𝑒𝑎𝑟 2001 = ( 𝑃 750
𝑃 500 ) * 100 = 150
𝑦𝑒𝑎𝑟 2002 = ( 𝑃 1000
𝑃 500 ) * 100 = 200

Changes in Industry Structure

Industry structure refers mainly to the way in which power is distributed among firms.
This can be described by factors such as the number of firms in the industry and the distribution
of market shares.

Sustainability of Productivity
All economies fluctuate in a business cycle. For a few years, growth is quite rapid, output
and incomes rise, and unemployment falls. This is the ‘boom’. Then the cycle turns. Growth
slows, and in a true recession the total output of the economy falls. This is the down-turn of the
cycle. The industry life cycle focuses on those economic mechanisms that cause firms to be born
(to ‘enter’ an industry), to grow, and to die (to ‘exit’ an industry).

Industry Life Cycle

The industry structure refers to the characteristics of an industry, such as the number of
firms operating in it, the distribution of power between them (whether some are very large and
others very small, or whether they are all very large), and the degree to which new firms find it
easy to enter the industry).
Mechanisms affecting industry structure include the dynamics of entry/exit,
technological change and falling prices. The industry life cycle is characterized by the following
phases:
(examples are set in the year 2018 for reference)
1.​ A pre-market or hobbyist phase, in which the product is produced more as a hobby or
luxury than for commercial purposes. (e.g. self-driving electric cars)
2.​ An introductory phase, in which the product begins to be produced more for commercial
purposes than for hobby reasons. (e.g. self-driving cars)
3.​ A growth phase, in which the industry grows rapidly due to the emergence of a
standardized product. (e.g. electric cars - Tesla Model S)
4.​ A mature phase, in which demand slackens and fewer technological opportunities are
available. (e.g. ford focus car)

31
Game Changing Technologies
See Work-in-the-Digital-Age-1.pdf pages 133-140
●​ Advanced Industrial Robotics - Involves machines which are designed to perform
industrial tasks automatically, with high programmability and the capacity to interact
with their environment thanks to the use of digital sensors, usually seen in
manufacturing or production lines.

●​ Additive Manufacturing - Involving digitally controlled devices to add layer on layer of

material(s) to create objects from 3D digital models. This is usually done in the industrial
sector such as architectural, medical, dental, aerospace, automotive, furniture and
jewelry.

●​ Industrial Internet of Things - the use of connected sensors attached to different objects
throughout the production process to feed live data to central computers, usually seen
on the factory floor.

32
 ●​ Electric Vehicles - vehicles whose main system of propulsion depends on (externally
generated) electricity rather than fuel. (e.g. Tesla)

●​ Industrial Biotech - the use of biological processes of living organisms for industrial
purposes, drawing on recent scientific insights such as systems genomics and
metabolomics. Uses enzymes and microorganisms to make bio-based products in sectors
such as chemicals, food ingredients, detergents, paper, textiles and biofuels.

Advanced industrial robotics, additive manufacturing and Industrial Internet of Things

involve innovations in the manufacturing production process, and have a very wide applicability
across most manufacturing sectors.
Electric vehicles and industrial biotech concern innovations of specific products (and
related processes), and have a more narrow applicability to particular sectors

Effects of Game Changing Technologies

1.​ Increasing centrality of (digital) information – information as a key source value
2.​ Mass Customization – flexible production process with interconnecting objects
3.​ Servitization – technologies involve the gradual replacement of manufacturing as
traditionally understood by a type of economic activity that is closer to the traditional
concept of services
4.​ Increased Labor/Resource Efficiency – more efficient use of materials and energy in
production

33
Effects of Game Changing Technologies on Work and Employment
1.​ Upgrading of occupations
2.​ Higher level of ICT competence
3.​ Decline of repetitive and routine industrial work brought about by digital factories

34
The Platform Economy

See Work-in-the-Digital-Age-1.pdf pages 163-174

A platform is a business that connects people through technology, making an ecosystem
that allows value to be created and exchanged. This works by matching users to each other in
order to make financial or social transactions that create value.

Platforms don’t own the resources that create value, they can grow much faster than
pipeline businesses. These businesses make up a platform-based economy. Some key features
of a platform will include:
●​ Using sophisticated logistics software for matching and payment
●​ Providers on the platforms are independent contractors
●​ Very low barriers to entry for providers on most platforms
●​ Trust is achieved via crowdsourcing of ratings and reputational data.

Platform Model

The platform model shows three components:

●​ Platform - controller of the channel or platform and arbiter of the participants in the
platform
●​ Consumers / Customers - buyers or users of the outputs offered through the platform
●​ Producers / Providers - supplier of the outputs sold through the platform

35
References

●​ NEUFEIND, M., RANFT, F., AND O’REILLY, J. (2018) Work in the Digital Age: Challenges of
the Fourth Industrial Revolution. Rowman & Littlefield International Ltd
●​ The Open University (2016). Information Technology: a new era. Walton Hall, Milton
Keynes, MK7 6AA.
https://www.open.edu/openlearn/people-politics-law/politics-policy-people/
sociology/information-technology-new-era/content-section-1

GRADED ACTIVITY 1
Part 1: Unit 1 (10 pts)
1.​ What do technologies look like when they are still being discovered?
2.​ How did the lives of people change back then?
3.​ Are we going through a similar change right now?
4.​ What’s in store for the future?
5.​ Have we actually progressed as a result of the technologies that we have discovered
throughout time? Explain in 2-3 sentences.

Part 2: Unit 1 (10 pts)

1.​ Which technology of the past do you think had the most impact in the way of life of
people today? Discuss in 3-5 sentences.
2.​ Did new technologies help in making humans more productive or have these caused a
decrease in the efficiency of work of people? Explain your answer in 3-5 sentences.

Part 3: Unit 2 (15 pts)

What do you think is the way forward with the Game Changing Technologies that we currently
have? What are its flaws, and how can these be improved further? Explain your answer in 8-10
sentences.
Part 4 (25 pts)

Take the Quiz on Lesson 02 Assessment

36
Unit 06: Information Systems

Going over the technologies in the past and how it has evolved to the technologies we
have in the present gave us an idea of what is possible in the future. It is with the creativity and
ingenuity of us, human beings, that we are able to make sense of technological developments
and turn them into productivity boosting tools.

But technologies are not developed to match exactly what every person needs. After all,
each person has something different to do and to work on. It is thus important for
these technologies to be transformed into something that is geared towards making
every person productive despite the difference in their needs. Technologies are
being specialized. So how exactly does these technologies work?

Companies use information as a weapon in the battle to increase productivity, deliver

quality products and services, maintain customer loyalty, and make sound decisions.
Information technology can mean the difference between success and failure. Information
technology (IT) is the application of a combination of hardware and software used to retrieve,
store, transmit and manipulate data, often in the context of a business or other enterprise.

Data are facts that are recorded and stored. Information is processed data used in
decision making. The value of information is the benefit produced by the information minus the
cost of producing it.

A System is a set of two or more interrelated components interacting to achieve a goal.

​

37
Information Systems
An information system refers to the systematic way to collect, process, store, and
distribute information to support decision making, coordination, and control.
In a business setting, information systems may help managers and employees analyze
problems, visualize complex subjects and create new products. On a personal level, it helps you
plan out how to go about your daily activities – how would you know if it will rain tomorrow and
how would you proceed with your planned activity if it does rain?

Information systems may be computerized or manual. The following section presents

what an information system looks like if it is computerized.

Information System Components

●​ Hardware – the physical computer equipment and its associated devices

●​ Software – the software applications that users access as computing services to
automate the way information is collected, processed, stored and distributed.
●​ Network – provides the communication infrastructure that enables online access to
information and computing services.
●​ Data – refers to any business-related data that the organization keeps to generate
reports and analytics.
●​ Procedures – describes established business practices, usually imposed as company
policies, that users must follow to properly collect, process, store and distribute
information.
●​ People – refers to stakeholders in and around the business who have vested interest in
the information system. This includes people within the company who create, maintain,
manage, and administer the information system as well as those outside the company
such as customers who transact with the business and external agencies (e.g.
government agencies) in-charge of monitoring the business.
38
 Who develops Information Systems?
●​ Traditionally, a company either developed its own information systems, called in-house
applications, or purchased systems called software packages from outside vendors.
●​ Today, the choice is much more complex. Options include Internet-based application
services, outsourcing, custom solutions from IT consultants, and enterprise-wide
software strategies.

Business and Information Systems

​With the different technological advancements, businesses have adopted new ways in running
their business. The following are the three types of BUSINESS MODELS:
●​ Brick-and-mortar - refers to a traditional street-side business that offers products and
services to its customers face-to-face in an office or store that the business owns or
rents.
●​ Click-and-mortar - is a type of business model that has both online and offline
operations, which typically include a website and a physical store.
●​ Click only - is a business model where business only maintains a website/online
presence without a physical store. They sell their products online through their website
only.

​With regards to how businesses sell their products, businesses can choose from one of the
three types of MARKETING MODELS:
●​ B2C (Business-to-Consumer) is the process of selling products and services directly
between a business and consumers who are the end-users of its products or services.
●​ B2B (Business-to-business) is a form of transaction between businesses, such as one
involving a manufacturer and wholesaler, or a wholesaler and a retailer.
●​ D2C (Direct-to-Consumer) are brand owners who produce their own products and sell
them directly to their customers without resellers, wholesalers, or some middlemen.

39
Business and Information Systems

In the past, IT managers divided systems into categories based on the user group the
system served. Categories and users included office systems (administrative staff), operational
systems (operational personnel), decision support systems (middle-managers and knowledge
workers), and executive information systems (top managers). Today, traditional labels no longer
apply. For example, all employees, including top managers, use office productivity systems.
Similarly, operational users often require decision support systems. As business changes,
information use also changes in most companies. Today, it makes more sense to identify a
system by its functions and features, rather than by its users.

40
 Examples of Information Systems according to support provided
●​ Inventory Control (TPS)
●​ Reservations (TPS, MIS)
●​ Customer Order Processing / Point-of-Sale (TPS)
●​ Records Management (MIS)
●​ Enrollment System (TPS)
●​ Attendance Monitoring (MIS)
●​ Payroll (TPS)

WHAT INFORMATION DO USERS NEED?

Corporate organizational structure has changed considerably in recent years. As part of
downsizing and business process reengineering, many companies reduced the number of
management levels and delegated responsibility to operational personnel. Although modern
organization charts tend to be flatter, an organizational hierarchy still exists in most companies.
A typical organizational model identifies business functions and organizational levels, as shown
in the figure below. Within the functional areas, operational personnel report to supervisors
and team leaders. The next level includes middle managers and knowledge workers, who, in
turn, report to top managers. In a corporate structure, the top managers report to a board of
directors elected by the company’s shareholders.

41
Top managers
●​ Strategic plans

Middle Managers and Knowledge Workers

●​ Middle managers provide direction, necessary resources, and performance feedback to
supervisors and team leaders
●​ Knowledge workers include professional staff members such as systems analysts,
programmers, accountants, researchers, etc.

Supervisors and Team Leaders

●​ Oversee operational employees and carry out day-to-day functions

Operational Employees
●​ Operational employees include users who rely on TP systems to enter and receive data
they need to perform their jobs.

42
 MODULE 2
Unit 07: Systems Development Life Cycle
The aim of an SDLC methodology is to give IT project managers the tools they need to assure
the effective deployment of systems that meet an organization’s strategic and business goals.

ROLE IN THE PROJECT PROPOSAL

System Analyst
●​ A systems analyst investigates, analyzes, designs, develops, installs, evaluates, and
maintains a company’s information systems.
●​ On large projects, the analyst works as a member of an IT department team
●​ Smaller companies often use consultants to perform the work

SYSTEMS DEVELOPMENT
Systems development is the process of defining, designing, testing and implementing a software
application to create a computerized information system or maintain an existing one.

System Development Methods

●​ Predictive approach assumes that systems development can be planned ahead of time
●​ Process models allow project managers to strategize the best way to deliver the project
●​ Process-centered technique ensures that systems development is methodical by
developing the system in stages based on the systems development life cycle (see
below).

SYSTEMS DEVELOPMENT LIFE CYCLE (SDLC)

43
SYSTEMS DEVELOPMENT LIFE CYCLE (SDLC)

Stage 1. PLANNING – It is the initial stage in the systems development life cycle (SDLC). It is the
fundamental process of understanding why an information system should be built and
determining how the project team will go about building it. It describes how IT projects
get started, how systems analysts evaluate proposed projects, the feasibility of a project,
and the reasoning behind the proposed system development.

Stage 2. ANALYSIS – System analysts must do analysis activities when creating a new system or
improving an old system. If an information system is built properly, it will give the
expected benefits to the company. To achieve this goal, system analysts define what the
information system requires by performing the analysis activities.

Stage 3. DESIGN – Now you are ready to begin the physical design of the system that will meet
the specifications described in the system requirements document. Systems design tasks
include output and user interface design, data design, and system architecture.

A video by Johnny Khoury has explained how the Design Phase in SDLC (Lesson07
video01 Design Phase in SDLC) works. It is all about the design phase of creating a
system.

Stage 4. IMPLEMENTATION/CODING – This is where computer programmers write the

computer code to implement the system specifications that were defined in the DESIGN
stage.

Stage 5. TESTING and DEPLOYMENT – This stage begins by letting users test the system and
deploy such system once it gets user approval. The system is installed at this phase to
support the specified business functions. The performance of the system is compared to
the performance targets defined during the planning phase.

Stage 6. MAINTENANCE – System maintenance is a continuous operation that includes

eliminating program design flaws, updating documentation and test data, and updating
user support.

However, if changing user requirements or the emergence of newer technology render

the existing system obsolete making the system unmaintainable, it would require the
systems development process to cycle back to Stage 1. PLANNING starting a new cycle
where stakeholders can start planning how to replace the outdated system with an
updated version.

44
SYSTEMS ANALYSIS REVISITED
The systems analysis phase consists of requirements modeling, and process modeling, object
modeling, and consideration of development strategies.

Watch the Lesson 07 Requirements.mp4 video.

Requirements Modeling
●​ Describes requirements modeling, which involves fact-finding to describe the current
system and identification of the requirements for the new system. These requirements
are:
▪​ Inputs refer to necessary data that enters the system, either manually or in an
automated manner.
▪​ Processes refer to system characteristics such as speed, volume, capacity, availability,
and reliability.
▪​ Outputs refer to electronic or printed information produced by the system.
▪​ Performance refers to the logical rules that are applied to transform the data into
meaningful information.
▪​ Security refers to hardware, software, and procedural controls that safeguard and
protect the system and its data from internal or external threats.

Watch the IPO video: Lesson 07 Video 02 IPO.mp4​

Flowchart
●​ Business flowchart shows the steps that make up a business process, along with who's
responsible for each step.
●​ They are useful for analyzing current processes, planning improvements, and
crystallizing communication between process participants

45
 Types of Flowchart:
●​ Document
▪​ Illustrates the flow of documents and information between areas of
responsibility within an organization.
▪​ A document flowchart is particularly useful in analyzing the adequacy of
control procedures.
●​ System
▪​ System flowcharts depict the relationship among the input, processing,
and output of an AIS
●​ Program
▪​ A program flowchart describes the specific logic to perform a process
shown on a systems flowchart

Check the following videos for further discussion on the Flowcharting process.
●​ Lesson 08 FlowCharting.mp4
●​ Flowchart Tutorial (with Symbols, Guide and Examples)

TYPES OF SYSTEM REQUIREMENTS

In the context of software development and system design, requirements are statements that
describe what the system should do or possess to meet the needs of its users and stakeholders.
These requirements can be broadly categorized into two types: functional requirements and
non-functional requirements.
46
Functional Requirements: These are the requirements that end users specifically demand to
complete a business transaction.

Typical functional requirements that information systems must comply with:

●​ Input requirement: Specifies what data will be collected by the system and how it will
be collected
●​ Process requirement: Specifies how the system will use the collected data to proceed
with the business transaction.
●​ Output requirement: Specifies the output that the system must produce as proof that
the [steps in the] business transaction has been completed

Non-Functional Requirements: Define the attributes and qualities that describe how the
system should perform to enhance customer satisfaction. These requirements focus on aspects
related to system behavior, performance, security, and user experience. Non-functional
requirements answer the question, "How well does the system perform?"

Examples of non-functional requirements of an information system:

●​ Performance: The website should load within 3 seconds to provide a good user
experience.
●​ Scalability: The system should handle an increasing number of users without significant
performance degradation.
●​ Security: User passwords should be securely hashed and stored to prevent unauthorized
access.
●​ Usability: The website's interface should be intuitive and easy to navigate for users of all
experience levels.
●​ Reliability: The system should have at least 99.9% uptime, with minimal downtime for
maintenance.

It's important to note that both functional and non-functional requirements are crucial for
successful system development. Functional requirements define what the system should
achieve in terms of features and capabilities, while non-functional requirements ensure the
system meets the desired levels of performance, quality, and user satisfaction. Both sets of
requirements play a key role in guiding the design, development, testing, and validation of the
system.

47
SYSTEMS DESIGN REVISITED
The systems analyst must understand the logical design of the system.
●​ Data design
●​ User interface
●​ Architecture
●​ System design specification

System Design Objectives

The goal of systems design is to build a system that is effective, reliable, and maintainable
●​ A system is effective if it meets all user needs and business requirements
●​ A system is reliable if it adequately handles errors
●​ A system is maintainable if it is well designed, flexible, and developed with future
modifications in mind

System Design Considerations

●​ User Considerations
■​ Carefully consider any point where users receive output from, or provide input
to, the system
■​ Anticipate future needs of the users, the system, and the organization –
hard-coded
■​ Provide flexibility
■​ Parameter, default

●​ Data Considerations
■​ Data should be entered into the system where and when it occurs because delays
cause data errors
■​ Data should be verified when it is entered, to catch errors immediately
■​ Automated methods of data entry should be used whenever possible
■​ Audit trail
■​ Every instance of entry and change to data should be logged
■​ Data should be entered into a system only once
■​ Data duplication should be avoided

●​ Design Trade-Offs
■​ Most design trade-off decisions that you will face come down to the basic
conflict of quality versus cost
■​ Avoid decisions that achieve short-term savings but might mean higher costs
later
48
Prototyping
​ The method by which a prototype is developed. It involves a repetitive sequence of
analysis, design, modeling, and testing. It is a common technique that can be used to design
anything from a new home to a computer network.

Prototyping Methods
●​ System prototyping - produces a full-featured, working model of the information system.
Because the model is “on track” for implementation, it is especially important to obtain
user feedback, and to be sure that the prototype meets all requirements of users and
management.
●​ Design prototyping or Throwaway prototyping – method of development that employs
technical mechanisms for reducing risk in a project, when the project needs are vaguely
and poorly laid out. The end product of design prototyping is a user-approved model
that documents and benchmarks the features of the finished system.
●​ Prototyping offers many benefits
■​ Users and systems developers can avoid misunderstandings
■​ Managers can evaluate a working model more effectively than a paper
specification
●​ Consider potential problems
■​ The rapid pace of development can create quality problems
■​ In very complex systems, the prototype becomes unwieldy and difficult to
manage

49
Prototyping Tools – systems analysts can use powerful tools to develop prototypes
●​ CASE tools - Computer-aided systems engineering (CASE), also called computer-aided
software engineering, is a technique that uses powerful software, called CASE tool, to
help systems analysts develop and maintain information systems.
●​ Application generators -A tool that supports the rapid development of computer
programs by translating a logical model directly into code. Also called a code generator.
●​ Report generators - a computer program whose purpose is to take data from a source
such as a database, XML stream or a spreadsheet, and use it to produce a document in a
format which satisfies a particular human readership
●​ Screen generators - or form painter, is an interactive tool that helps you design a custom
interface, create screens forms, and handle data entry format and procedures.

Limitations of Prototypes
●​ A prototype is a functioning system, but it is less efficient than a fully developed system
●​ Systems developers can upgrade the prototype into the final information system by
adding the necessary capability. Otherwise, the prototype is discarded

Future Trends in Software Development

Many software development tools and technologies are in transition
●​ Web services
●​ Open source software
●​ Service-oriented architecture (SOA)
●​ Loose coupling
●​ Software quality is more important than ever

Here are some links on how to create prototypes:

●​ Create interactive prototypes with MS PowerPoint
●​ Pencil Project | Free UI Mockup Design Software
●​ Prototyping Tool for Mobile and Websites
●​ Build a WIX Website For FREE in 10 Minutes

50
User Interface
Describes how users interact with a computer system, and consists of all the hardware,
software, screens, menus, functions, output, and features that affect two-way communications
between the user and the computer.

Graphical User Interface - uses visual objects and techniques that allow users to communicate
effectively with the system.

Usability – user satisfaction, support for business functions, and system effectiveness
●​ Process-control systems – allow users to send commands to the system
●​ User-centered systems – how users communicate with the information system, and how
the system supports the firm’s business operations

User interface requires the understanding of human-computer interactions and user-centered

design principles.

Human-Computer Interaction (HCI) describes the relationship between computers and people
who use them to perform their jobs

51
Seven Habits of Successful Interface Designers:
1.​ Understand the Business
The interface designer must understand the underlying business functions and how the
system supports individual, departmental, and enterprise goals. The overall objective is to
design an interface that helps users to perform their jobs.

2.​ Maximize Graphical Effectiveness

​ Studies show that people learn better visually. The immense popularity of Apple’s iOS
and Microsoft Windows is largely the result of their GUIs that are easy to learn and use. A
well-designed interface can help users learn a new system rapidly and be more productive.

3.​ Think Like a User

The designer must learn to think like a user and see the system through a user’s eyes.
The interface should use terms and metaphors that are familiar to users. Users are likely to
have real-world experience with many other machines and devices that provide feedback,
such as automobiles, ATMs, and microwave ovens. Based on that experience, users will
expect useful, understandable feedback from a computer system.

4.​ Use Models and Prototypes

​ From a user’s viewpoint, the interface is the most critical part of the system design
because it is where he or she interacts with the system — perhaps for many hours each day.
It is essential to construct models and prototypes for user approval. An interface designer
should obtain as much feedback as possible, as early as possible.

5.​ Focus on Usability

​ The user interface should include all tasks, commands, and communications between
users and the information system. The opening screen should show the main option. Each
screen option leads to another screen, with more options.

6.​ Invite Feedback

Even after the system is operational, it is important to monitor system usage and solicit
user suggestions. The analyst can determine if system features are being used as intended
by observing and surveying users.

7.​ Document Everything

All screen designs should be documented for later use by programmers.

52
Unit 08: Computer and Internet Etiquette
As people continue to use technology in their everyday lives, from communications to making
transactions online, many have forgotten their proper etiquette when using their computer
systems and when interacting using the Internet.

Internet etiquette, also known as “Netiquette,” is essential in a civilized work environment or

personal relationship. Even though you aren't with others in person, you should remember that
they're still there, on the other end of your communication.

There is no official list of netiquette rules or guidelines, the idea is to respect other users and
those online.

General Guidelines for Computer Etiquette

1.​ When communicating with people online,
remember how you want to be treated, that’s
probably how others want to be treated too,
with respect.
2.​ Always be aware that you are talking to a
person, not a device. Be courteous.
3.​ Adhere to the same standards of behavior
online that you follow in real life.
4.​ Know where you stand. Netiquette varies from
domain to domain. What is acceptable in a chat
room may not be appropriate in a professional
forum so “lurk before you leap”.
5.​ Respect other people’s time and bandwidth.
6.​ Spelling and grammar count! Always check, recheck your posts and keep your language
appropriate.
7.​ Keep under control the posts or content that invoke rage, sadness, humiliation,
self-doubt, and others.
8.​ Respect other people’s privacy. Ask consent for everything! From posts sharing, to
citations, to using materials and more.
9.​ Help out those people who are new to technology.
10.​Read, and research before asking. Try not to waste other people’s time.

53
 11.​Some emotions and meanings do not transmit very well in an email or a post. However,
do not use all caps if you want to communicate strong emotion. All caps will make you
look like you’re shouting. Don’t overuse smileys and emoticons because they make you
look unprofessional. Constructing your sentences carefully and editing what you write
before hitting send is often enough.
12.​Remember that your posts and account can be easily traced back to you even if you
write under an alias or a made-up handle. You leave data footprints whenever you’re
online. These are stored and can be retrieved. Even when using incognito. Always be a
decent and responsible netizen.

Ten Commandments of Computer Ethics

1.​ Thou shalt not use a computer to harm other people – If it is unethical to harm people
by making a bomb, for example, it is equally bad to write a program that handles the
timing of the bomb. Or, to put it more simply, if it is bad to steal and destroy other
people’s books and notebooks, it is equally bad to access and destroy their files.

2.​ Thou shalt not interfere with other people’s computer work – Computer viruses are
small programs that disrupt other people’s computer work by destroying their files,
taking huge amounts of computer time or memory, or by simply displaying annoying
messages. Generating and consciously spreading computer viruses is unethical.

3.​ Thou shalt not snoop around in other people’s computer files – Reading other people’s
e-mail messages is as bad as opening and reading their letters: This is invading their
privacy. Obtaining other people’s non-public files should be judged the same way as
breaking into their rooms and stealing their documents.

4.​ Thou shalt not use a computer to steal – Using a computer to break into the accounts of
a company or a bank and transferring money should be judged the same way as robbery.
It is illegal and there are strict laws against it.

5.​ Thou shalt not use a computer to bear false witness – The Internet can spread untruth
as fast as it can spread truth. Putting out false "information" to the world is bad. For
instance, spreading false rumors about a person or false propaganda about historical
events is wrong.

6.​ Thou shalt not copy or use proprietary software for which you have not paid –
Software is an intellectual product. In that way, it is like a book: Obtaining illegal copies
of copyrighted software is as bad as photocopying a copyrighted book. There are laws
against both. Information about the copyright owner can be embedded by a process
called watermarking into pictures in the digital format.
54
7.​ Thou shalt not use other people’s computer resources without authorization or proper
compensation – Multiuser systems use user id’s and passwords to enforce their memory
and time allocations, and to safeguard information. You should not try to bypass this
authorization system. Hacking a system to break and bypass the authorization is
unethical.

8.​ Thou shalt not appropriate other people’s intellectual output – For example, the
programs you write for the projects assigned in this course are your own intellectual
output. Copying somebody else’s program without proper authorization is software
piracy and is unethical. Intellectual property is a form of ownership, and may be
protected by copyright laws.

9.​ Thou shalt think about the social consequences of the program you are writing or the
system you are designing – You have to think about computer issues in a more general
social framework: Can the program you write be used in a way that is harmful to
society? For example, if you are working for an animation house, and are producing
animated films for children, you are responsible for their contents. Do the animations
include scenes that can be harmful to children? In the United States, the
Communications Decency Act was an attempt by lawmakers to ban certain types of
content from Internet websites to protect young children from harmful material. That
law was struck down because it violates the free speech principles in that country's
constitution. The discussion, of course, is going on.

10.​Thou shalt always use a computer in ways that ensure consideration and respect for
your fellow humans – Just like public buses or banks, people using computer
communications systems may find themselves in situations where there is some form of
queuing and you have to wait for your turn and generally be nice to other people in the
environment. The fact that you cannot see the people you are interacting with does not
mean that you can be rude to them.

55
Unit 09: Computer and Cybersecurity
The vulnerabilities of a computer system should not be left alone for perpetrators. We should
prevent perpetrators from gaining access to our computer systems. To ensure that information
presented by your computer system is reliable and not prone to computer fraud and malware.

Computers and the internet have transformed the lives of many people in many good ways.
Unfortunately, this vast network and its associated technologies also have a number of security
threats. It is our duty to protect ourselves from these threats and attacks. Scammers, hackers
and identity thieves are looking to steal your personal information - and your money.

Computer security, the protection of computer systems and information from harm, theft, and
unauthorized use. Computer hardware is typically protected by the same means used to protect
other valuable or sensitive equipment, namely, serial numbers, doors and locks, and alarms. The
protection of information and system access, on the other hand, is achieved through other
tactics, some of them quite complex. Computer security deals with the protection of computer
systems and information from harm, theft, and unauthorized use.

Cyber security is the practice of defending computers, servers, mobile devices, electronic
systems, networks, and data from malicious attacks. It's also known as information technology
security or electronic information security. The term applies in a variety of contexts, from
business to mobile computing, and can be divided into a few common categories.
●​ Network security is the practice of securing a computer network from intruders,
whether targeted attackers or opportunistic malware.

●​ Application security focuses on keeping software and devices free of threats. A

compromised application could provide access to the data it's designed to protect.
Successful security begins in the design stage, well before a program or device is
deployed.

●​ Information security protects the integrity and privacy of data, both in storage and in
transit.

●​ Operational security includes the processes and decisions for handling and protecting
data assets. The permissions users have when accessing a network and the procedures
that determine how and where data may be stored or shared all fall under this umbrella.

56
 ●​ Disaster recovery and business continuity define how an organization responds to a
cyber-security incident or any other event that causes the loss of operations or data.
Disaster recovery policies dictate how the organization restores its operations and
information to return to the same operating capacity as before the event. Business
continuity is the plan the organization falls back on while trying to operate without
certain resources.

●​ End-user education addresses the most unpredictable cyber-security factor: people.

Anyone can accidentally introduce a virus to an otherwise secure system by failing to
follow good security practices. Teaching users to delete suspicious email attachments,
not plug in unidentified USB drives, and various other important lessons is vital for the
security of any organization.

Security is a constant worry when it comes to information technology. Data theft, hacking,
malware and a host of other threats are enough to keep any IT professional up at night. We’ll
look at the basic principles and best practices that allow users to keep their systems safe.
Individuals and companies must employ the best security measures suitable to their needs to
prevent fraudulent activities.

Figure 02-C: CIA Triad

​
The goal of information security follows three main principles:
1.​ CONFIDENTIALITY is ensuring that information is available only to the intended audience
– An organization obtains or creates a piece of sensitive data that will be used in the
course of its business operations. Because the data is sensitive, that data should only be
able to be seen by the people in the organization that need to see it in order to do their
jobs. It should be protected from access by unauthorized individuals.

57
 2.​ INTEGRITY is protecting information from being modified by unauthorized parties –
Integrity involves maintaining the accuracy, consistency and trustworthiness of data.
Data must not be changed whilst at rest or in transit by unauthorized individuals (which
would demonstrate a breach of confidentiality). Integrity of data is commonly ensured
by implementing security measures such as file permissions and access control models.
Version controls can also be utilized to avoid changes to data made accidentally by
authorized individuals.

3.​ AVAILABILITY is protecting information from being modified by unauthorized parties –

When the individual that needs that piece of data to perform a job duty is ready to
utilize it, it must be readily accessible (i.e. online) in a timely and reliable manner so the
job task can be completed on time and the company can continue its processing.
Availability means that authorized individuals are able to access their data whenever
they want.

Effectively executing all three principles of the Security Triad creates an ideal outcome from an
information security perspective.

Good Security Practices for Individuals

1.​ Install anti-virus and anti-malware software
Software may include bugs as discussed in the previous modules. To limit the
vulnerabilities, make sure that the instructions for install of a software is followed, the
acquisition of the software is legitimate. Anti-virus and anti-malware should also be
installed and kept up to date.

2.​ Use a strong password

Reusing passwords or having the same password for multiple accounts, websites, and
other systems will become more vulnerable. Do not save passwords on websites and
devices that are unsecure. Remember to change your passwords on a schedule to keep
them fresh.

3.​ Log off public computers

Yes, the business centers and cybercafes that offer the use of a computer system are
convenient, but not secure. Since anyone can use them for anything, they have probably
been exposed to viruses, worms, trojans, keyloggers, and other nasty malware. Should
you use them at all? When using a public area computer, be sure to completely log off
when you are finished using it.

58
4.​ Save and Back up
Some events may be inevitable like hardware failure and virus infection, so be sure to
save every now and then. Also back up important information that is important to you.
Make sure to verify if the files you’ve saved can be easily restored.

5.​ Limit social network information

Facebook, Twitter, Google+, YouTube, Pinterest, LinkedIn and other social networks have
become an integral part of our online lives. Social networks are a great way to stay
connected with others, but you should be wary about how much personal information
you post. Learn how to use the privacy and security settings to protect yourself, keep
personal information personal, know and manage your friends, know what to do if you
encounter a problem.

6.​ Download files legally

Avoid peer-to-peer (P2P) networks and remove any file-sharing clients already installed
on your system. Since most P2P applications have worldwide sharing turned on by
default during installation, you run the risk of downloading viruses or other malware to
your computer, and having your personal and/or confidential information inadvertently
shared across the Internet, which could lead to identity theft.

7.​ Keep personal information safe

Do not divulge personal information online if you’re not sure about the sender or the
website. A common fraud, called "phishing", sends messages that appear to be from a
bank, shop or auction, giving a link to a fake website and asking you to follow that link
and confirm your account details.

8.​ Lock your computer

Whenever you leave our devices unattended, make sure that your device/s are locked.

9.​ Do not click on suspicious links or pop-up notifications

Avoid visiting unknown websites or downloading software from untrusted sources.
These sites often host malware that will automatically install (often silently) and
compromise your computer. If attachments or links in the email are unexpected or
suspicious for any reason, don't click on it, just visit the actual sender website.

10.​Keep applications up to date

Turn on automatic updating or make sure that all applications are also up to date.

59
Definition of terms
●​ Firewall: A firewall is a network security device that monitors incoming and outgoing
network traffic and decides whether to allow or block specific traffic based on a defined
set of security rules.
●​ Hackers: A hacker is a person who breaks into a computer system. The reasons for
hacking can be many: installing malware, stealing or destroying data, disrupting service,
and more. But, hacking can also be done for ethical reasons, i.e. finding vulnerabilities.
●​ Threats: A threat is anything that can compromise the confidentiality, integrity, or
availability of an information system.
●​ Vulnerability: A vulnerability is any weakness in the information technology (IT)
infrastructure that hackers can exploit to gain unauthorized access to data.

Some of the most common threats to cybersecurity include:

●​ Malware: This refers to malicious software such as viruses, worms, and Trojan horses
that can infect computers and devices, steal sensitive information, or damage systems.
●​ Phishing: This is the practice of sending fake emails or messages that appear to come
from a trustworthy source, such as a bank or a popular website, in order to trick people
into revealing sensitive information.
●​ Ransomware: This is a type of malware that encrypts a victim's files and demands a
ransom payment in exchange for the decryption key.
●​ Distributed Denial of Service (DDoS) attacks: These attacks overload a website or online
service with traffic, making it inaccessible to users.
●​ Insider threats: Refers to current or former employees, business partners, contractors,
or anyone who has had access to any systems or networks in the past. can be considered
an insider threat if they abuse their access permissions.
●​ Man-in-the-middle attacks: Man-in-the-middle is an eavesdropping attack, where a
hacker intercepts and relays messages between two parties in order to steal data.
●​ Advanced persistent threats (APTs): In an APT, an intruder or group of intruders sneak
into a system and remain undetected for an extended period. The intruder leaves
networks and systems intact to avoid detection so that the intruder can spy on business
activity and steal sensitive data.
●​ Information security, also known as InfoSec, refers to the processes and tools designed
and deployed to protect sensitive business information from modification, disruption,
destruction, and inspection.

60
Unit 10: Cybercrime Law
DISCLAIMER: The following material was copied with permission from the GIT Lecture 9 -
Cybercrime Laws in the Philippines.pptx presentation of Atty. Marco Cunanan from PAO.

A Brief Retrospective View: How It All Started

The I LOVE YOU Worm
●​ On the year 2000 a Filipino named Onel De Guzman created a worm that sent messages
through email with an attachment: “LOVE-LETTER-FOR-YOU.txt.vbs”

●​ When the attachment is opened, the file activates a code that sends an instruction to
forward the same email to all the contacts of the user
●​ The worm spread to e-mail accounts across the globe – including US and Europe –
overwhelming the email systems of private and government organizations causing them
to shut down resulting to estimated damages worth millions of USD
●​ This prompted the FBI to identify the source of the worm, which was then traced back to
the Philippines

61
 “It is not clear whether the author of the virus can even be prosecuted in the Philippines, where computer
use is still uncommon among ordinary citizens and cyber-crimes are not yet defined in the legal code.”

●​ Onel De Guzman was eventually arrested by the Philippine government at the request of
the FBI but was released shortly afterwards because there was NO pre-existing
Philippine laws that he violated

Republic Act 8792: Philippine E-Commerce Act Of 2000

The full title of R.A. 8792 is …
AN ACT PROVIDING FOR THE ​
RECOGNITION AND USE OF ELECTRONIC TRANSACTIONS AND DOCUMENTS, ​
PENALTIES FOR UNLAWFUL USE THEREOF AND OTHER PURPOSES.
NOTE: ​R.A. 8792 was used to define certain illegal activities concerning the use of various
devices in an effort to provide a legal provision to deter future actions similar to what
Onel De Guzman did

PROVISIONS OF R.A. 8792

Chapter II of R.A. 8792 states the following provisions that is implemented by this law:
Section 6. LEGAL RECOGNITION OF DATA MESSAGES
●​ ELECTRONIC DATA MESSAGES such text messages, e-mails, or any other similar modes of
communication done through electronic means [including unaltered screenshots] has the
same legal validity as physical messages

62
Section 7. LEGAL RECOGNITION OF ELECTRONIC DOCUMENTS
●​ ELECTRONIC DOCUMENTS shall have the legal effect, validity or enforceability as any other
document or legal writing.
NOTE: This provision gives softcopy of authentic documents the same legal validity as
physical documents

Section 8. LEGAL RECOGNITION OF ELECTRONIC SIGNATURES

●​ An ELECTRONIC SIGNATURE on the electronic document shall be equivalent to the
signature of a person on a written document

Chapter III of R.A. 8792 states the following penalties in violation of this law:
Section 33. PENALTIES
The following acts shall be penalized by fine and/or imprisonment:
1.​ HACKING/CRACKING
●​ Unauthorized access into a computer system/server or information and
communication system
●​ Any access with the intent to corrupt, alter, steal, or destroy using a computer or
computer system without the knowledge and consent of the owner of the system

2.​ PIRACY
●​ Unauthorized copying, reproduction, storage, uploading, downloading,
communication, or broadcasting of protected material [..] through the use of
telecommunication networks, e.g. the Internet, in a manner that infringes intellectual
property.

3.​ Violations against R.A. 7394: The Consumer Act Of The Philippines
●​ R.A. 7394 was enacted primarily to protect the consumers …
… against hazards to health and safety, and
… against deceptive, unfair and unconscionable sales acts and practices.

NOTE:
●​ Penalty for HACKING/CRACKING and PIRACY:
▪​ Pay a fine amounting to a minimum of one hundred thousand pesos (PhP 100,000)
and a maximum that is commensurate with the damage incurred and …
▪​ Mandatory imprisonment of 6 months to 3 years.
●​ Penalty for violations against R.A. 7394 will be the same penalties as provided by same
law which is to pay a fine of PhP 20,000 to PhP 2000,000 and/or imprisonment of 3 to 6
years
63
 GUIDE QUESTION: R.A. 8792

Does connecting to an open WIFI network (e.g. WIFI with no password), without the consent
of the network owner, constitute a violation of RA 8792?

NO! By merely accessing it, there is no clear intent to “corrupt, alter, steal or destroy”

REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012

R.A. 10175 is an act that adopts sufficient powers to effectively prevent and combat
cybercrime offenses by facilitating their detection, investigation, and prosecution at both the
domestic and international levels

R.A. 10175 defines CYBERCRIME as a crime committed with or through the use of information
and communication technologies such as radio, television, cellular phone, computer and
network, and other communication device or application.

JURISDICTION OF R.A. 10175

Who can be charged with violations of this law?
1.​ Any violation committed by a Filipino national regardless of the place of commission.
2.​ Any of the [cybercrime] elements were committed within the Philippines or committed
with the use of any computer system wholly or partly situated in the country.
3.​ When by such commission, any damage is caused to a […] person who, at the time of
the offense was committed, was in the Philippines

PROVISIONS OF R.A. 10175

Chapter 2 – Section 4 lists the punishable acts under R.A. 10175
Section 4. CYBERCRIME OFFENSES
The following acts constitute the offense of cybercrime punishable under this Act
(a)​ OFFENSES against the CONFIDENTIALITY, INTEGRITY and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS;
(b)​ COMPUTER-RELATED OFFENSES; and
(c)​ CONTENT-RELATED OFFENSES

64
SECTION 4 (a) OFFENSES against the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS
The following acts under this cybercrime includes the following:
1.​ ILLEGAL ACCESS
The access to the whole or any part of a computer system without right.
NOTE:
●​ “access” is the instruction, communication with, storing/retrieving data from or use
of any resources of a computer system of network
●​ “without right” means having no consent from the owner of the computer system

GUIDE QUESTION: R.A. 8792

Does connecting to an open WIFI network (e.g. WIFI with no password), without the
consent of the network owner, constitute a violation of RA 8792?

NO! By merely accessing it, there is no clear intent to “corrupt, alter, steal or destroy”

Does connecting to an open WIFI network (e.g. WIFI with no password), without the
consent of the network owner, constitute a violation of RA 10175?

YES! Illegal access is to “make use of any resources” without right (consent)

2.​ ILLEGAL INTERCEPTION

The interception […] of computer data to, from, or within a computer system.
NOTE:
●​ Interception is listening to, recording, monitoring or surveillance of the content of
communications through the use of electronic eavesdropping or tapping devices at
the same time that the communication is occurring

Illegal interception: Man-in-the-Middle Attack

65
3.​ DATA INTERFERENCE
The intentional or reckless alteration, damaging, deletion or deterioration of computer
data, electronic document or electronic data message without right – including the
introduction or transmission of viruses
NOTE:
GUIDE QUESTION: R.A. 10175

Consider the following situation:

⬥​ A friend sent you a file on a flash drive infected with a virus
⬥​ Both of you is not aware that the flash drive is infected
⬥​ After you insert the flash drive in your computer, your computer get infected
and you lost your documents
Is your friend liable for any violation on RA 10175?

YES! Data interference includes “the intentional or reckless alteration, damaging,

deletion ​
or deterioration of computer data” – even if your friend has no malicious intent it is
still considered as “recklessness” in his/her part causing you to lose your file

4.​ SYSTEM INTERFERENCE

The intentional alteration or reckless hindering or interference with the functioning of
a computer or computer network by inputting, transmitting, damaging, deleting,
deteriorating, altering or suppressing computer data or program, electronic document,
or electronic data message, without right or authority, including the introduction or
transmission of viruses

NOTE:
●​ This is more or less an extension of the previous offense whereby the affected entity
is not just data but the whole system

GUIDE QUESTION: R.A. 10175

Consider the same situation in the previous example:

⬥​ A friend sent you a file on a flash drive infected with a virus
⬥​ Both of you is not aware that the flash drive is infected
⬥​ After you insert the flash drive in your computer, your computer get infected
and you lost all your files and the whole computer system went into error
Is your friend liable for any violation on RA 10175?

66
 YES! Although it may be unintentional, data interference and system interference was
committed

●​ SYSTEM INTERFERENCE EXAMPLE: CRYPTOJACKING or CRYPTOMINING MALWARE

⬥​ Refers to software programs and malware components developed to take over a
computer’s resources and use them for cryptocurrency mining without the user’s
explicit permission
⬥​ When you download through torrent sites like “thepiratebay”, you basically give
them the authority to use your computer’s CPU to “mine” cryptocurrencies – the
reason why downloading a lot of torrent file can cause your computer to heat up

●​ SYSTEM INTERFERENCE EXAMPLE: WEBSITE DEFACING

COMELEC website defaced by Anonymous Philippines (March 27, 2016)

5.​ MISUSE OF DEVICE

The unauthorized use, production, sale, procurement, distribution or otherwise
making available of:
i.​ A device designed for committing any offenses under this Act
ii.​ A computer password, access code, or similar data by which […] a computer
system is […] accessed with the intent of committing any offenses under this act
NOTE:
⬥​ MISUSE OF DEVICE EXAMPLE: SKIMMING DEVICES and KEYLOGGERS

67
 6.​ CYBERSQUATTING
The acquisition of a domain name on the internet in bad faith to profit, mislead,
destroy reputation, and deprive others from registering the same

It is cybersquatting if the domain name that was acquired is:

i.​ Similar, identical or confusingly similar to an existing government-registered
trademark;
ii.​ In case of a personal name, identical or in any way similar with the name of a
person other than the registrant; and
iii.​ Acquired without right or with intellectual property interests in it

NOTE:
●​ CYBERSQUATTING SAMPLE CASE: MikeRoweSoft.com
⬥​ In January 2004, Mike Rowe was a grade 12 student who operated a profitable
web design business as a part time job.
⬥​ He registered the website with the domain name MikeRoweSoft.com
⬥​ Lawyers from Microsoft asked him to stop using the website and Mike Rowe
complied after an undisclosed settlement with the company

SECTION 4 (b) COMPUTER-RELATED OFFENSES

The following are considered as computer-related offenses:
1.​ Computer-related FORGERY
There are two ways where computer-related forgery can be committed:
a.​ The input, alteration, or deletion of any computer data without right resulting in
inauthentic data with the intent that it be considered or acted upon for legal
purposes as if it were authentic
b.​ The act of knowingly using computer data which is the product of computer-related
forgery for the purpose of perpetuating a fraudulent or dishonest design

NOTE:
●​ COMPUTER-RELATED FORGERY EXAMPLE:
Hacking into the SLU Student Portal to change your grade from 65 to 95. Since NO
MONETARY VALUE is involved, this is considered as “forgery” and not “fraud”

68
 2.​ Computer-related FRAUD
The unauthorized input, alteration, or deletion of computer data or program or
interference in the functioning of a computer system, causing damage resulting to
monetary loss

NOTE:
●​ COMPUTER-RELATED FRAUD EXAMPLES:
⬥​ Hacking into a bank’s database to change your balance from 500 to 5000 pesos
⬥​ People asking for “prepaid load” by pretending to be the victim’s “relative”

3.​ Computer-related IDENTITY THEFT

●​ The intentional acquisition, use, misuse, transfer, possession, alteration or deletion
of identifying information belonging to another [person] without right
NOTE:
●​ COMPUTER-RELATED IDENTITY THEFT EXAMPLE:
Those fake social media accounts that has a user profile that contains “identifying
information” – like picture or name – belonging to another person with the
intention of using it for malicious purposes

SECTION 4 (c) CONTENT-RELATED OFFENSES

The following are considered as content-related offenses:
1.​ CYBERSEX
●​ The willful engagement, maintenance, control or operation – directly or indirectly –
any lascivious exhibition of sexual organs or sexual activity, with the aid of a
computer system, for favor or consideration
NOTE:
GUIDE QUESTION: R.A. 10175

Assume that two individuals, who happen to be real-life partners, gave their consent to
each other to record their sexual act.
Is this a case of cybersex?

NO! Since both parties consented and even if these acts are publicly denounced, they
do NOT constitute to cybersex since the act is NOT done for “any favour or
consideration” and without the element of “engagement in business”

2.​ CHILD PORNOGRAPHY

●​ The unlawful or prohibited acts defined and punishable by R.A. 9775: The Anti-Child
Pornography Act of 2009 committed through a computer system
69
 ●​ This includes any representation – whether visual or audio – by electronic or any
other means of a child engaged or involved in real or simulated explicit sexual
activities
NOTE:
GUIDE QUESTION: R.A. 10175

Are “hentai” clips – sexually explicit Japanese comics or anime – considered as a

violation of this law?

NO … unless the hentai clip itself contains a character which is explicitly identified as
a minor. If so, the said material is prohibited and the creator/distributor of the said
material is liable for violation of this law.

3.​ ONLINE LIBEL

●​ Libel is the public and malicious imputation of a crime – real or imaginary – or any
act, omission, condition, status or circumstance tending to cause the dishonor,
discredit, or contempt of a […] person, or to blacken the memory of the dead

●​ FOUR ELEMENTS OF LIBEL

A.​ Allegations of a discreditable act or condition concerning another;
B.​ Publication of the charge;
C.​ The person being defamed is clearly identified; and
D.​ Existence of malice.

NOTE:
GUIDE QUESTION: R.A. 10175

Assume that someone posted this unfounded claim on social media:

“HOY! MARIA DAVID! MAGNANAKAW KA! KAYONG DALAWANG​
“NANAY MO! MGA MAGNANAKAW! IBALIK NIYO YUNG MILYUN-​
“MILYONG PERA NA NINAKAW NIYO!”
Did the person who posted commit online libel?

YES! All the FOUR ELEMENTS OF LIBEL are present!

a.​ FALSE ALLEGATION: MAGNANAKAW KA! KAYONG DALAWA NG NANAY MO!
b.​ PUBLICATION: Allegation was posted on social media
c.​ PERSON DEFAMED is IDENTIFIED: Maria David and her mother
d.​ EXISTENCE OF MALICE: Even though unfounded, the post was published
nonetheless

70
 GUIDE QUESTION: R.A. 10175

If you LIKED/REACTED to the post above, are you liable?

NO! LIKING or REACTING may be a sign of approval to the said post but NO
STATEMENT was mentioned – none of the FOUR ELEMENTS OF LIBEL is present!

If you SHARED the said post, are you liable?

NO! The libelous statement was NOT made by the person who SHARED it!

If you COMMENTED on the said post with “OO NGA!”, are you liable?

NO! Similar to LIKING or REACTING, commenting “OO NGA!” does not discredit or
allege Maria David – none of the FOUR ELEMENTS OF LIBEL is present!

If you COMMENTED on the said post with “OO NGA! MAGNANAKAW KAYONG
MAG-INA”, are you liable?

YES! This statement is not merely an approval but also states an allegation towards
Maria David and her mother. This makes the person liable for libel since the comment
can be seen publicly as well.

To augment your understanding of R.A. 10175, please read the following cases:
1.​ On the constitutionality of the law | Disini v. Secretary of Justice, G.R. No. 203335
2.​ On child pornography | Cadajas v. People of the Philippines, G.R. No. 247348
3.​ On cyberlibel | Dio v. People of the Philippines and Desmond, G.R. No. 208146

PRIVACY UNDER PHILIPPINE LAWS

THE RIGHT TO PRIVACY
The right “to be free from unwarranted publicity, or to live without unwarranted interference
by the public in matters in which the public is not necessarily concerned.”

In DISINI VS. SECRETARY OF JUSTICE, G.R. No. 203335, the Supreme Court identified two
categories of the right to privacy:
1.​ Decisional privacy which involves the right to independence in making certain decisions
of great importance; and
2.​ Informational privacy which involves the right
a.​ to not have private information disclosed; and
b.​ to live freely without surveillance and intrusion.
71
THE 1987 PHILIPPINE CONSTITUTION
THE RIGHT TO PRIVACY
Section 2, Article II:
The Philippines renounces war as an instrument of national policy, adopts the generally
accepted principles of international law as part of the law of the land and adheres to the
policy of peace, equality, justice, freedom, cooperation, and amity with all nations.

This provision is also known as the Doctrine of Incorporation. The Philippines has incorporated
the right to privacy because it is an internationally recognized right in documents such as the:
1.​ United Nations Declaration of Human Rights (Article 12)
2.​ International Covenant on Civil and Political Rights (Article 17)
3.​ World Summit on Information Society Declarations (B5, Item 35)

GUIDE QUESTION: DOCTRINE OF INCORPORATION

Does Congress need to create and pass a new law to make international laws applicable
here in the Philippines?
NO! Further legislation is no longer necessary because the Constitution is recognized
as the supreme law of the land.
Why does the Philippines comply with international law? Are we allowed to simply
ignore it?
Pacta sunt servanda (Translation: “Agreements must be followed”) is a principle in
international law which states that a country is obligated to comply with the treaty or
contract they have signed. The Philippines is a signatory of the aforementioned
documents. Hence, the Philippines is obligated to recognize the right to privacy.

Section 3, Article III:

The privacy of communication and correspondence shall be inviolable except upon lawful
order of the court, or when public safety or order requires otherwise as prescribed by law.

GUIDE QUESTION: CONSTITUTIONAL RIGHT TO PRIVACY

Does the government have the right to disturb private individuals in their homes?
NO! The State recognizes the right of the people to be secure in their houses. No one,
not even the State, except "in case of overriding […] and only under the stringent
procedural safeguards," can disturb them in the privacy of their homes.

72
 Assume that your classmate, without your consent, decided to read your private
messages. Can you accuse them of violating your constitutional right to privacy?
NO! Your classmate is a private individual. The constitutional right to privacy may only
be raised against the State, e.g. barangay officials, police, government personnel, etc.

REPUBLIC ACT 386: CIVIL CODE OF THE PHILIPPINES

THE RIGHT TO PRIVACY
Article 26:
Every person shall respect the dignity, personality, privacy and peace of mind of his neighbors
and other persons.

The following and similar acts, though they may not constitute a criminal offense, shall produce
a cause of action for damages, prevention and other relief:
1.​ Prying into the privacy of another's residence;
2.​ Meddling with or disturbing the private life or family relations of another;
3.​ Intriguing to cause another to be alienated from his friends;
4.​ Vexing or humiliating another on account of his religious beliefs, lowly station in life,
place of birth, physical defect, or other personal condition.

GUIDE QUESTION: CIVIL RIGHT TO PRIVACY

May an individual install surveillance cameras on his own property facing the property of
another? (Hing vs. Choachuy 2013)
NO! A man’s house is his castle, where his right to privacy cannot be denied or even
restricted by others.
It includes any act of intrusion into, peeping or peering inquisitively into the residence
of another without the consent of the latter.

NOTE on the INSTALLATION of CAMERAS:

The installation of surveillance cameras, should NOT cover places where there is
reasonable expectation of privacy, unless the consent of the individual – whose right to
privacy would be affected – was obtained.

73
 Sample Case: (Zulueta vs C.A., 1996)

Situation:

Cecilia entered the clinic of Dr. Martin – her husband – and in the presence of
witnesses, forcibly opened the drawers and cabinet and took 157 documents and
papers consisting of greetings cards, cancelled checks, diaries, and photographs
between Dr. Martin and his alleged paramours.

The said documents were used as evidence in a legal separation case.

Was the right to privacy of Dr. Martin violated?

YES! In the decision of the court: “A person, by contracting marriage, does not shed
his/her integrity or his right to privacy as an individual and the constitutional
protection is ever available to him or her.”
The documents and papers are inadmissible as evidence since the way they were
gathered violated the right to privacy of Dr. Martin

REASONABLE EXPECTATION OF PRIVACY

In OPLE VS TORRES, G.R. No. 127685, the Supreme Court ruled that the reasonableness of a
person’s expectation of privacy depends on a two-part test:
1. Whether by his conduct, the individual has exhibited an expectation of privacy;
2. Whether this expectation is one that society recognizes as reasonable.

GUIDE QUESTION: REASONABLE EXPECTATION OF PRIVACY

Does a person have a reasonable expectation of privacy when posting on social media? If
the audience settings were changed from Public to Friends, does the answer change?
NO! The ruling in Vivares vs. St. Theresa’s College, G.R. No. 202666, says that
individuals have no control over who sees their posts once it has been made available
online; unauthorized third parties can easily view, save, or share posts without anyone
knowing regardless of the audience setting.
Does an employee have a reasonable expectation of privacy in the workplace?
According to a court decision, an employee has LESS or NO expectations of privacy in
the workplace. For instance, CCTV cameras may be watching an employee’s every
move while inside the company grounds. The only place where there is reasonable
expectation of privacy is inside the toilet facilities of the company.

74
REPUBLIC ACT 9995: ANTI-PHOTO AND VIDEO VOYEURISM ACT OF 2009
Included under the REASONABLE EXPECTATION OF PRIVACY is that any person believes that:
●​ He/she could disrobe in privacy, without being concerned that an image or a private
area of the person was being captured;
●​ The private area of the person would not be visible to the public, regardless of whether
that person is in a public or private place.

GUIDE QUESTION: R.A. 9995

What does “PRIVATE AREA OF A PERSON” include?

The “private area of a person” includes naked or undergarment-clad genitals, pubic area,
buttocks, or the female breast of an individual

Section 4: PROHIBITED ACTS.

It is hereby prohibited and declared unlawful for any person:
(a)​ To TAKE photo or video coverage of a person or group of persons performing sexual act
or any similar activity or to capture an image of the private area of a person without
the consent of the person involved and under circumstances in which the person/s
has/have a reasonable expectation of privacy;
(b)​To COPY or REPRODUCE […] such photo or video or recording of (a);
(c)​ To SELL or DISTRIBUTE […] such photo or video or recording of (a); or
(d)​To PUBLISH or BROADCAST […] of (a) through VCD/DVD, Internet, cellular phones and
other similar means or devices.

GUIDE QUESTION: PROHIBITED ACTS of R.A. 9995

Will one be liable for the non-commercial copying or reproduction of said photo or video –
e.g. copy or reproduce for free without asking for money?

YES! The mere copying or reproduction of said material will make one liable under the law
regardless of the reason or whether one profits or not from such act.

If the persons in the photo knew and consented to the video recording or taking of the photo,
can anyone reproduce, distribute, or broadcast it?

NO! The person merely consented to the taking of the photo or the video recording and did
not give written consent for its reproduction, distribution, and broadcasting.

75
Section 4: PENALTIES.
The penalty for the commission of any of the prohibited acts above are as follows:
●​ Imprisonment of 3 years to 7 years imprisonment; and
●​ Fine of Php 100,000.00 to Php 500,000.00

REPUBLIC ACT 10173: DATA PRIVACY ACT OF 2012

PURPOSE
1.​ PROTECTS THE PRIVACY OF INDIVIDUALS while ensuring free flow of information to
promote innovation and growth.
2.​ REGULATES the collection, recording, organization, storage, updating or modification,
retrieval, consultation, use, consolidation, blocking, erasure or destruction of PERSONAL
DATA.
3.​ Ensures that the Philippines COMPLIES WITH INTERNATIONAL STANDARDS set for data
protection.

DEFINITION OF TERMS
1.​ PERSONAL INFORMATION CONTROLLER (PIC)
The individual, corporation, or body who decides what to do with data.

2.​ PERSONAL INFORMATION PROCESSOR (PIP)

One who processes data for a PIC. The PIP does not process information for the PIP’s
own purpose.

3.​ CONSENT OF THE DATA SUBJECT

Any freely given, specific, informed indication of will, whereby the data subject agrees
to the collection and processing of personal information about and/or relating to him
or her.

The agreement must inform:

a.​ Purpose, nature, and extent of processing;
b.​ Period of consent/instruction;
c.​ Rights as a data subject.

4.​ BREACH
A security incident that:
a.​ Leads to unlawful or unauthorized processing of personal, sensitive, or
privileged information;
b.​ Compromises the availability, integrity, or confidentiality of personal data.

76
PERSONAL INFORMATION vs SENSITIVE PERSONAL INFORMATION
PERSONAL INFORMATION SENSITIVE PERSONAL INFORMATION
Any personal information about a particular Any information or opinion about a particular
individual that can be used in identifying a ​ individual that may be used to harm or ​
person. discriminate against a person.
This includes, but not limited to: This includes, but not limited to:
▪​ Name ▪​ Phone number ▪​ Race or ethnic origin
▪​ Address ▪​ E-mail address ▪​ Religious affiliations ▪​ Criminal record
▪​ Medical record

PROCESSING OF PERSONAL INFORMATION

The processing of personal information shall be allowed if it adheres to ALL the following:
1.​ PRINCIPLES OF TRANSPARENCY
●​ The data subject must know:
a.​ What personal data will be collected
b.​ How the personal data will be collected
c.​ Why personal data will be collected
●​ The data processing policies of the PIC must be known to the data subject.
●​ The information to be provided to the data subject must be in clear and plain
language.

2.​ LEGITIMATE PURPOSE PRINCIPLE

●​ Data collected must always be collected only for the specific, explicit, and
legitimate purposes of the PIC.
●​ Data that is not compatible with the purpose [of the data collection] shall not be
processed.

3.​ PRINCIPLE OF PROPORTIONALITY

●​ The amount of data collected for processing should be adequate, relevant, and
not excessive in proportion to the purpose of the data processing.
●​ Efforts should be made to limit the processed data to the minimum necessary.

77
PROCESSING OF SENSITIVE PERSONAL INFORMATION
The processing of sensitive personal information shall be allowed if it adheres to ONE of the
following:
1.​ The consent of data subject has to be given;
2.​ The processing is necessary and is related to the fulfillment of a contract with the data
subject or in order to take steps at the request of the data subject prior to entering into
a contract;
3.​ The processing is necessary for compliance with a legal obligation to which the PIC is
subject;
4.​ The processing is necessary to protect vitally important interests of the data subject,
including life and health;
5.​ The processing is necessary in order to respond to national emergency, to comply with
the requirements of public order and safety, or to fulfill functions of public authority
[…]; or
6.​ The processing is necessary for the purposes of the legitimate interests pursued by the
PIC […], except where such interests are overridden by fundamental rights and
freedoms of the data subject […]

RIGHTS OF THE DATA SUBJECT

1.​ Right to be INFORMED
●​ This is the right to be informed that your personal data shall be, are being, or
have been processed.
●​ The disclosure must be made before the entry of the data into the processing
system or at the next practical opportunity

2.​ Right to OBJECT

●​ The right to refuse the processing of personal data.
●​ This includes the right to be given an opportunity to withhold consent to the
processing in case of any changes or any amendment to the information supplied
or declared.

3.​ Right to ACCESS

●​ The right to find out whether a PIC holds any personal data about you.

78
4.​ Right to RECTIFICATION
●​ This involves the right to dispute the inaccuracy or error in the personal data and
have the PIC correct it immediately.
●​ It also includes access to new and retracted information, and simultaneous
receipt thereof.
●​ Recipients previously given erroneous data must be informed of inaccuracy and
rectification upon reasonable request of the data subject.

5.​ Right to ERASURE OR BLOCKING

●​ This is the right to suspend, withdraw, or order the blocking, removal, or
destruction of his/her personal information from the PIC’s filing system
●​ The right to erase or block can be invoked in the following circumstances:
■​ There is data which are incomplete, outdated, false, or unlawfully
obtained.
■​ The data was used for unauthorized purposes.
■​ The data is no longer necessary for purposes of collection.
■​ The processing of data was found to be unlawful.
■​ The PIC or PIP violated the rights of the data subject.
6.​ Right to DAMAGES
●​ This is the right to receive compensation for any damages sustained due to
inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use
of personal data.
●​ If there are circumstances where you discovered that your personal data was
mishandled, you have the right to ask for compensation for the damage it has
caused you.

7.​ Right to DATA PORTABILITY

●​ The right to obtain a copy of data undergoing processing in [a commonly used]
electronic or structured format that allows for further use by the data subject.
●​ Takes into account the right to have control over personal data being processed
based on consent, contract, for commercial purposes, or through automated
means.

8.​ Right to FILE A COMPLAINT

●​ The right to file a complaint in circumstances wherein the PIC or the PIP has
breached the privacy of the data subject

79
GUIDE QUESTION: R.A. 10173

May a teacher/professor search the contents of a student’s cellular phone?

NO! Any search through a student’s cellular phone without justification under a law or
regulation is UNLAWFUL, and may be considered as “unauthorized processing of data”
However, there are exceptions:
●​ If it was done with student’s consent [except if the student is a minor]
●​ If it is required by the student’s life and health, or by national emergency.

Is an implied (indirect) form of consent valid?

Example:
“By continuing to avail of xxx products and services:, you explicitly ​
“authorize xxx, its employees, duly authorized representatives, ​
“related companies and third-party service providers, to use, process ​
“and share personal data needed in the administration of your xxx”

NO! Consent under the Data Privacy Act has three requirements, none of which are seen in
an implied consent:
●​ Consent must be freely given;
●​ Details about what consent is being asked must be specific; and
●​ There must be an informed indication of will.

Are handwritten signatures considered sensitive personal information?

NO! It is possible that one may share a similar signature as another person. Moreover,
some signatures do not, in any way, show signs of identity of a person.
However, these may be considered personal information when used to identify an
individual such as a signature affixed on the name of a person.

Are usernames, password, IP and MAC address, location cookies and birthday (month and day
only) considered personal information?

YES!*
* Only when they are combined with other pieces of information that may allow an
individual to be distinguished from others.

80
PROHIBITED ACTS OF R.A. 10173
1.​ Unauthorized processing of personal information and sensitive personal information
Process (sensitive) personal information without the consent of the data subject or
without being authorized under the Data Privacy Act or any other law.

2.​ Accessing personal information and sensitive personal information due to negligence
Provided access to (sensitive) personal information due to negligence or was
unauthorized under the Data Privacy Act or any existing law.

3.​ Improper disposal of (sensitive) personal information

Negligently dispose, discard or abandon the (sensitive) personal information of an
individual in an area accessible to the public or placed the (sensitive) personal
information of an individual in a container for trash collection.

4.​ Processing of personal information and sensitive personal information for

unauthorized purposes
Process personal information for purposes not authorized by the data subject or not
otherwise authorized by the Data Privacy Act or under existing laws.

5.​ Unauthorized access or intentional breach

Knowingly and unlawfully violate data confidentiality and security data systems where
personal and sensitive personal information is stored.

6.​ Malicious disclosure

Discloses to a third party unwarranted or false information with malice or in bad faith
relative to any (sensitive) personal information obtained by such PIC or PIP.

To augment your understanding of R.A. 10173, please read the following cases:
1.​ Right to Privacy | Cadajas v. People of the Philippines, G.R. No. 247348
2.​ Right to Privacy | People of the Philippines v. Rodriguez, G.R. No. 263603
3.​ Privileged Communications | Josielene Chan v. Johnny Chan, G.R. No. 179786
4.​ Reasonable Expectation of Privacy | Ople v. Torres, G.R. No. 127685
5.​ CCTVs | Spouses Hing v. Choachuy, G.R. No. 179736
6.​ Privacy in Relationships | Zulueta v. Court of Appeals, G.R. No. 107383
7.​ a. Social Media | Vivares v. St. Theresa's College, G.R. No. 202666
b. Social Media | Demata v. People of the Philippines, G.R. No. 228583
8.​ Data Privacy | JV v. JR of SM Bicutan, NPC Case No. 17-047

81
Unit 11: Security Controls
Security controls are a set of procedures and technological measures to ensure secure and
efficient operation of information within an organization, both general and application controls
for safeguarding information. These control activities are applied throughout an organization.
The most important general controls are the measures that control access to computer systems
and the information stored or transmitted over telecommunication networks. General controls
include administrative measures that restrict employee access to only those processes directly
relevant to their duties, thereby limiting the damage an employee can do.

IT security is about protecting things that are of value to an organization. Security controls exist
to reduce or mitigate the risk to those assets. They include any type of policy, procedure,
technique, method, solution, plan, action, or device designed to help accomplish that goal.
Recognizable examples include firewalls, surveillance systems, and antivirus software.

There are two ways to classify controls in an organization: by type – physical, technical, or
administrative – and by function – preventive, detective, and corrective.

Control Types
●​ Physical Controls – Describes anything tangible that’s used to prevent or detect
unauthorized access to physical areas, systems, or assets. This includes gates, access
cards, CCTVs, and motion sensors.
●​ Technical Controls – (also known as logical controls) Includes hardware or software
mechanisms used to protect assets. Common examples are authentication solutions,
firewalls, and antivirus software.
●​ Administrative Controls – Refers to policies, procedures, or guidelines that define
personnel or business practices in accordance with the organization's security goals.
These can apply to the hiring and termination of employees, equipment and Internet
usage, separation of duties, and auditing.

82
Control Functions
●​ Preventive Controls – This is any security measure that is designed to prevent or stop
any malicious activity from happening. These can be fences, alarms, and antivirus
software.
●​ Detective Controls – These are any security measures taken or implemented to detect
and alert to unwanted or unauthorized activity in progress or after it has occurred. It can
be alerting guards or notifications from a motion sensor.
●​ Corrective Controls – Any measures taken to repair damage or restore resources and
capabilities following an unauthorized or unwanted activity. This may include rebooting
the system, or terminating a process, or quarantining a virus.

CONTROL FUNCTIONS
Preventive Detective Corrective

C Fences, gates, locks CCTV and Repair physical

Physical surveillance camera damage, re-issue
O logs access cards
N
T Firewall, IPC, MFA Intrusion detection Patch a system,
solution, antivirus systems, honeypots terminate a process,
R Technical
software reboot a system,
O quarantine a virus
L
Hiring and Review access Implement a
T termination policies, rights, audit logs, business continuity
Y separation of duties, and unauthorized place or incident
P Administrative data classification changes response plan
E
S
Table 02-A: Examples of Control Functions and Types

83
GRADED ACTIVITY 2

Part 1: Unit 3 (10 pts)

1.​ What use does the internet have for you? Explain in 3-5 sentences.
2.​ If you have a phone, a laptop, or any similar kinds of technology, which 2 apps or
softwares do you use often to be more productive? Explain in no more than 3 sentences
each how you think these apps or softwares work and what makes them useful for you.
Part 2: Unit 3 (15 pts)
1.​ Information is commonly referred to as processed data, data being the raw material. The
key factor here is that data needs to undergo certain processes before it becomes
information. With this in mind, give 5 examples of data being transformed into
information. Present your work in a creative and concise output that organizes the data,
the process it will undergo, and the resulting information.
2.​ Think of any business around you (your bank, convenience store, etc.) and identify ways
on how you think they can be more productive. Explain in 3-5 sentences.
Part 3: Unit 3 (5 pts)
1.​ Computers perform many jobs that previously were performed by people. Will
computer-based transactions and expanded e-commerce eventually replace person
to-person contact? From a customer’s point of view, is this better? Why or why not?
2.​ What types of information systems might a large company use?

Part 4: Unit 4 (10 pts)

Solve the following problem applying the method used in the video uploaded in your
powerpoint presentation. You may check: Lesson 07 Video 01 Payback period
Problem. Assume the following cash flow for 2 projects. Assuming that the cash flows are
occurring at the end of the year. Find the payback period for both these projects.
Year Project 1 Project 2

0 -1000 -1000
1 600 100
2 400 400
3 200 600
4 200 600
5 100 700
Solution:

84
Part 5: Unit 5 (15 pts)

Part 6: Unit 8 (10 pts)

Open and answer the Lesson-10-Assessment

Graded Activity: Midterm Examination

References
●​ https://explorable.com/hawthorne-effect
●​ https://methods.sagepub.com/book/key-concepts-in-social-research/n22.xml
●​ https://online.visual-paradigm.com/diagrams/tutorials/use-case-diagram-tutorial/
●​ https://sites.google.com/site/2012itcs371devsec3fuzzysystem3/3
●​ https://www.investopedia.com/terms/c/click_and_mortar.asp
●​ https://www.mbaskool.com/business-concepts/marketing-and-strategy-terms/2587-clic
k-only-companies.html
●​ https://www.sciencedirect.com/topics/computer-science/sequence-diagram
●​ https://www.slideshare.net/fajarbaskoro/systems-request
●​ https://www.tutorialspoint.com/software_engineering/case_tools_overview.htm
●​ https://www.visual-paradigm.com/support/documents/vpuserguide/2821/286/7114_dr
awingbusin.html
●​ https://www.youtube.com/watch?v=DMPxxijmG7M&fbclid=IwAR0hx6Uo4PSlgqmMmA
OeX4e_R6mq0s4nMw-iwcXUOiixRkvkHeWxK8UTQj8

85
 ●​ https://www.youtube.com/watch?v=rAR5sbaphwU&fbclid=IwAR3EXVa8Rag6iV8zFswXcF
hRFOB_FaiEa7QD6QMukGoyaiQ6cRLH30xiCtY
●​ McCombes, S. (2020, January 13). How to Do a Case Study: Examples and Methods.
Retrieved June 7, 2020, from https://www.scribbr.com/methodology/case-study/
●​ NewLeaf. (2012). ROI or Payback Period? Retrieved June 7, 2020, from
https://newleaf-llc.com/2012/08/roi-or-payback-period/
●​ Requirements Modeling. Part 1 https://www.youtube.com/watch?v=2t0ichoFHG8 Part 2
https://www.youtube.com/watch?v=1u5KQh_B1_U
●​ ROSENBLATT, H. (2014) Systems Analysis and Design, 10th edition. Shelly Cashman
Series. Cengage Learning
●​ Top five causes of scope creep ... and what to do about them. A Guide to the Project
Management Body of Knowledge (PMBOK® Guide)—Fourth edition
https://www.pmi.org/learning/library/top-five-causes-scope-creep-6675

Final Requirement: User Interface (Prototyping)

With the internet being the center for acquiring information nowadays, and more and more
systems being developed to suit the needs of different businesses, all of which make use of the
internet as a medium for marketing and operations, there is a question of how the security of
everyone is maintained. Having a singular tool used as a platform by different businesses and
individuals alike has definitely made it easier for everyone to communicate and do transactions.
But it has also made it easier for others to exploit the vulnerability of persons who are not
knowledgeable about the risks of using the internet.

To start with this module, take some time to reflect on the following questions:
1.​ Have you ever felt that your security is compromised while using the internet?
2.​ Do you think you have done something that might have been illegal?
3.​ Have you ever searched anything in Google and used it as part of one of your outputs?
4.​ Have you created anything that was used by someone else without your consent

86
Explore Activity
1.​ Search for an example of an apparent cybercrime. From this example, give your thoughts on
how you think that could have been prevented.

2.​ Downloading files through the internet is rampant, whether legal or not. An example of
which is downloading movies, TV series, or animes via a torrent client. Currently, this is an
illegal act, but authorities have little resources to stop this completely. Do you think this kind
of activity must be stopped, or do you think this is something that must be accepted as
legal?

References:
•​ Course notes - Atty Marco Polo E. Cunanan. Public Attorney II, PAO San Fernando (P)
District. Lecturer, Tarlac State University School of Law
•​ Federis & Associates Intellectual Property Firm. (2013). What is Copyright? Retrieved
from FEDERIS Intellectual Property Law:
http://www.federislaw.com.ph/faqs-resources/copyright/
•​ Lawphil.net and Chanrobles.com
•​ Republic Act No. 10173. (2012). Retrieved from Official Gazette:
https://www.officialgazette.gov.ph/2012/08/15/republic-act-no-10173/
•​ Republic Act No. 10175. (2012). Retrieved from Official Gazette:
https://www.officialgazette.gov.ph/2012/09/12/republic-act-no-10175/

87
 Appendix
Unit 01 Question2: Calculate the percentage increase in productivity if the output expands from
12,000 in year 2 to 15,000 in year 3.
Answer:

Take the output in year 3 which is 15,000 and subtract it with the output in year 2 which is
12,000 to get the increase from year 2 to year 3.

15,000-12,000 = 3,000

Then divide it from the output from year 2 which is 12,000 then multiply it by 100 to get the
increase by percentage

3,000/12,000 (100) = 25%

The increase in productivity of output from year 2 to year 3 is 25%

88