0% found this document useful (0 votes)
13 views14 pages

Ais FT Rev

The document outlines various information systems used in business, including Management Information Systems (MIS), Transaction Processing Systems (TPS), Customer Relationship Management (CRM), Decision Support Systems (DSS), Strategic Information Systems (SIS), Vendor Management Systems (VMS), Accounting Information Systems (AIS), Human Resource Management Systems (HRMS), and Enterprise Resource Planning (ERP). Each system serves distinct functions, such as supporting decision-making, managing customer relationships, and automating accounting processes. Additionally, it discusses IT governance, security threats, and the importance of data accuracy and compliance in managing information technology.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
13 views14 pages

Ais FT Rev

The document outlines various information systems used in business, including Management Information Systems (MIS), Transaction Processing Systems (TPS), Customer Relationship Management (CRM), Decision Support Systems (DSS), Strategic Information Systems (SIS), Vendor Management Systems (VMS), Accounting Information Systems (AIS), Human Resource Management Systems (HRMS), and Enterprise Resource Planning (ERP). Each system serves distinct functions, such as supporting decision-making, managing customer relationships, and automating accounting processes. Additionally, it discusses IT governance, security threats, and the importance of data accuracy and compliance in managing information technology.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 14

5.

1 MANAGEMENT INFORMATION SYSTEM (MIS)


MIS is defined as the integrated machine system that provides relevant information in order to
support business operations, management, and decision-making.
MIS has subsystems that are approached according to the following:
 Organizational functions
 Managerial activities
The following are some examples of functional subsystems of MIS and its uses:
1. Management or top management. MIS is used by the top management mainly for strategic
planning. However, many top management officials use it for resource allocation as well.
2. Logistics. MIS is used for planning, control, and distribution.
3. Marketing. MIS is used for planning, sales forecast, or sales or customer analysis.
4. Human Resources. MIS is used to plan relevant employee requirements, analyze employee
performance, or administer salaries.
5. Finance and Accounting. MIS is used in financial analyses, cost analyses, and so on.
Users of Management Information System in Relation to Its Activities
1. Clerical staff. It refers to the users that handle direct transactions, process the inputs, and
answer various inquiries.
2. Managers (first level). It refers to users that obtain data related to operations and assist in
scheduling, planning, or making decisions.
3. Information specialists. They refer to users that would analyze information and assist in
planning and reporting.
4. Top management. It refers to users that would check and analyze reports regularly, retrieve
requests, and assist in the identification of problems and opportunities and decision-making.
Management Information System for Decision-Making
1. Structured or programmable decisions
A decision can be considered structured of programmable if and only if the rules of instantly
recognizable decisions rules have been specified in advance. This could be depicted in a
flowchart or a decision table. As the rules or decisions have been pre-specified, they can be
handled by any lower-level personnel with limited knowledge. However, it is not possible to pre-
specify a decision procedure or rule to handle different situations.
2. Unstructured or nonprogrammable decisions.
A decision can be considered unstructured or nonprogrammable if there was no pre-established
decision procedure or rule. It is uncommon to justify the organizational cost in the preparation of
the procedure possibly because the decision procedure is unclear or unpredictable.
5.2 TRANSACTION PROCESSING INFORMATION SYSTEMS (TPIS)
A transaction processing system (TPS) is an IS that captures and processes a company's business
transactions necessary to update data and support its basic operations. It plays a significant role
in recording, collecting, storing, modifying, validating, manipulating, processing, and retrieving
diverse data transactions.
Functions of a Transaction Processing System
1. Input function. This function involves the capturing of data coming from the users or other
systems based on a certain source document. Then, it enters data into the TPS and checks
data entry.
2. Process function. This part manipulates the data entered into the system.
3. Output function. This produces valuable results in the form of a report (i.e., summary report).
4. Storage function. This stores data files into the database, as well as accesses, sorts, updates,
and deletes stored data.
The following steps are provided to further explain how a TPS processes data:
1. Basic data entry. This refers to data entered by users into the system.
2. Data validation. A TPS uses a set of programs that would allow for the computation and
validation of data entered by users.
3. Data verification. A TPS verifies data coming from specific users.
4. Data process. A TPS validates data from users, checks their accuracy and authenticity, and
processes the data based on the instructions given by the users.
5. Data storage. After processing the data, a TPS stores data in a memory device either for a
short or long period of time, depending on the instruction of the users.
6. Report of information. When the processed data turn into pieces of information, a TPS
displays the information according to the template of certain reports.
Features of a Transaction Processing System
1. Rapid processing. A TPS is devised to instantly process transactions to ensure the availability
of customer data when needed. With the quick advancement of technology, customers expect
companies to meet their needs immediately; thus, fast data processing has become necessary.
2. Reliability. A TPS also has the ability to protect information and prevent the system from
crashing. Transactions and site operations should be secure and stable for customer
satisfaction.
3. Standardization. Standardization makes data processing efficient. A TPS should uniformly
perform transactions, meaning every process of transaction should be similar regardless of
who the customer is.
4. Controlled access. A TPS should be accessible only to a select group of people to maintain
information and transaction security. Restricted access is implemented to avoid access by
uncertified employees.

Transaction Processing System Qualifiers


For a TPS to be qualified, the transactions processed by the system must pass the four stages of
the ACID test as follows:
1. Atomicity
A transaction could only be processed completely either in full or not at all. For example, a fund
transfer would only be authentic if both a withdrawal from one account and a deposit to another
take place. If one exists without the other, it is not a legitimate transaction. A TPS makes sure
that the entire process of a transaction is performed.
2. Consistency
A TPS observes integrity constraints or rules that ensure the consistency of the processed
information. For example, an integrity constraint that requires a positive value will reject a
negative value.
3. Isolation
Transactions should appear isolated in a TPS. For example, a fund transfer requires the debit and
credit of two accounts. The two processes should occur at the same time, not one after another.
4. Durability
Transactions performed by a TPS are irreversible. In the event of a system failure, a log must be
made which documents all finished transactions.

Types of Transaction Processing System


1. Batch Processing. A business organization collects data from transactions, which
accumulate over a period of time, puts them together in a group or batch, and allows the
system to process the entire batch all at once.
2. Online and Real-time Processing. This involves data being processed immediately upon
entry or if a transaction occurs. It is more expensive than batch processing, and its database is
always up to date. It requires a fast secondary storage such as magnetic disks.
3. Hybrid Processing. This is a combination of two methods, batch and online and real-time
processing. It collects data upon entry but processes them in a specific period of time or in
intervals.
5.3 CUSTOMER RELATIONSHIP MANAGEMENT (CRM)
Customer relationship management or CRM refers to the strategies and technologies used by
business organizations to manage and analyze data from their stakeholders, current customers,
and potential customers. A CRM system helps business organizations reach out to and stay
connected with their customers, improve profitability, and streamline processes.
Components of a Customer Relationship Management System
1. Marketing automation
To ease marketing efforts, CRM systems could automate routine work such as sending marketing
materials to prospective customers through online messages.
2. Salesforce automation
CRM systems ease customer information tracking and automated business functions, which help
the sales divisions of business organizations acquire new customers.
3. Contact center automation
A CRM software provides pre-recorded audio for customer troubleshooting and inquiries to
alleviate the workload of a company's contact center agents, as well as to diminish call time.
Tools can also be installed on an agent's computer to streamline customer service procedures.
4. Geolocation technology or location-based services
Some CRM software also provide geolocation technologies which can help identify a customer's
location, build networks, and find prospective customers using their location.
5. Workflow automation
CRM systems help simplify a company's operations by managing workloads to improve
employee creativity and performance.
6. Lead management
Sales teams can scan for leads by inputting and analyzing data using certain CRM software.
7. Human resource management
The human resources department can also benefit from using CRM systems when they check
employee information, contact details, and performance reviews.
8. Analytics
CRM systems help companies analyze customer data to provide better products and services to
customers, as well as produce appropriate product marketing materials.
9. Artificial intelligence
CRM technologies have built-in artificial intelligence to perform routine tasks and identify
patterns in customer behavior, purchases, and so on.

Types of Customer Relationship Management Technology.


1. On-premises
CRM This type of CRM system allows a company to use the software for the management,
organization, security, and maintenance of its operations. This arrangement requires the
company to purchase the system and comply with system upgrades.
2. Cloud-based CRM
This type of system works by having company data stored in a remote, external network that
is accessed by employees using the Internet. A third-party service provider can be hired to
install the CRM system for a company. This CRM system is appealing to companies. that are
short on technological resources. The system is paid for through monthly or annual
subscriptions.
3. Open-source CRM
This CRM system makes a source code available to the public, allowing changes with zero
cost. This system is beneficial for companies that dwell on social media for customer
interaction. Adding and customizing are enabled with this CRM system. Examples of open-
source CRM platforms are OroCRM, SugarCRM, and SuiteCRM.

5.4 DECISION SUPPORT SYSTEM (DSS)


Decision-making becomes easier with the help of a DSS which uses data, knowledge,
communication technologies, and models to assist the decision-makers of a company. A DSS
may use Al to present detailed information to senior employees or executives Data such as assets,
legacy and relational data sources, comparative data figures, projected figures, consequences of
alternative decisions, and so on are the ones usually retrieved and presented by a DSS. There are
different types of DSSs and are categorized as such:
1. Communication-driven DSS
Focusing on the internal aspect of a company, a communication-driven DSS provides a platform
for people to meet and/or collaborate. This type of system makes use of the Internet or
client/server links such as messaging software and online meeting systems.
2. Data-driven DSS
This type of DSS is used for seeking answers from a given database. Managers, staff, and
suppliers use the Internet, a main frame system, or a client/server link to access databases. An
example of this DSS is a database with a query system for the checking and incorporation of new
data.
3. Document-driven DSS
This type of DSS is the most common. It is used to search through websites and pages to find
documents using keywords. This system uses the Internet and a client/server system.
4. Knowledge-driven DSS
This type of DSS has a broad range of users, from employees of a company and its customers to
third-party entities. It is used to spread management instructions or to choose products and/or
services. This system uses servers, the Internet, or a PC software.
5. Model-driven DSS
This is complex system used by staff and managers to analyze and make decisions regarding a
business. Different models are used depending on their intended purpose. This DSS uses a PC
software and hardware, the Internet, and client/server systems.
5.5 STRATEGIC INFORMATION SYSTEM (SIS)
In 1982, Dr. Charles Wiseman introduced the SIS, which had the primary purpose of gaining
competitive advantage for businesses. An SIS uses an IS that analyzes business initiatives to
create strategies. These systems are used by companies for more efficient, effective, and
controlled operations.
Types of Strategic Information System
1. Financial systems. These computerize the operations of a business relating to finance, such as
accounting and budgeting.
2. Operational systems. Also known as service systems, these control the business.
3. Strategic systems. These combine business strategies with computer strategies.
Characteristics of a Strategic Information System
1. Main task. It should use business strategies to gain competitive advantage.
2. Key objective. It must aim to maximize opportunities with the integration of IS and business
strategies.
3. Direction. The direction should come from the command of executives and employees and
should reinforce the integration of the management with IS,
4. Main approach. The SIS should be entrepreneurial and multiple.
5.6 VENDOR MANAGEMENT SYSTEM (VMS)
A vendor management system (VMS) is defined as the web- based procurement application that
allows business organizations to directly manage the process of procurement for both temporary
and permanent staff and contract and contingent staff.

5.7 ACCOUNTING INFORMATION SYSTEM (AIS)


Computers have become very useful for business and accounting purposes. A computerized
accounting system is a software that helps maintain account records, automatically generate
financial statements, calculate billing amounts, and more.
AIS is organized into three levels or subsystems:
 Basic level
 Intermediate level
 Top level
Other documents required for this type of system are the following:
a. General ledger This provides complete details of all the accounts used by a business
organization.
b. General journal The original entries for business transactions are done in this journal.
c. Special journal - This records special types of transactions.
d. Subsidiary journal This maintains accounting information.

5.8 HUMAN RESOURCE MANAGEMENT SYSTEM (HRMS)


An HRMS is a system that combines HRM and IT processes to automate human resource
activities within a business organization.
HRMSs can also be run in various web-based methods such as the following:
1. Intranet. An HRMS could use an intranet where system operation is limited only within the
business organization.
2. Extranet. An HRMS could use an extranet where system operation could be shared outside
the business organization.
3. Portals. They offer various links to business internal information and can also access the
internet.
5.9 ENTERPRISE RESOURCE PLANNING (ERP)
Enterprise resource planning or ERP is an integrated software tool that uses, maintains, and
manages enterprise data. It helps business organizations manage the supply chain, production,
human resources, customer orders, and other important business functions.
SAP is the leading software for ERP in various sectors such as manufacturing, distribution,
service, and more. Systems Applications and Products (SAP) is a German company and market
leader in ERP. It is considered the third largest software company in the world. SAP solutions
cater mostly to small- and medium-sized enterprises (SMEs).
UNIT 6
IT Governance, Ethical, and Security Issues in Information Technology
Data Governance (DG)
DG is the basic level that implements IG. It refers to the involvement of various processes and
controls in order to ensure that data and information gathered are unique, true, and accurate and
can meet the prescribed standards and business rules in a system.
Information Technology Infrastructure Library (ITIL)
ITIL refers to a set of an organization's best process-oriented practices that is identified in order
to regulate the delivery of its IT services management. This approach is widely acceptable for
both public and private sectors that focus on IT service management.
Information Governance (IG)
The IG approach focuses on how an organization controls its information generated by IT and
other office-related systems. This approach is applied to control information assets, reduce risks,
ensure the compliance with rules and regulations, implement information security, and improve
information quality and accessibility.

6.2 SECURITY THREATS TO INFORMATION TECHNOLOGY AND INFORMATION


SYSTEM
A. Software Attacks
1. Infection Methods
a. Virus. A virus has the ability to clone itself multiple times and attach itself to a program of a
computer through files such as videos, songs, and so on. A virus is capable of travelling through
a system and/or the Internet. The first virus detected by ARPANET was the Creeper Virus.
b. Worms. Similar to a virus, worms are able to replicate themselves. However, a worm works
differently from a virus in that, instead of attaching itself to a program, it infects computers that
are within a network. A worm can spread through computers only if they are connected by a
network. A worm does not cause harm unlike a virus, but it can consume space in a computer
hard disk, thereby affecting the computer's speed.
c. Trojan. Computer Trojans got their origins from the Trojan Horse of Greek mythology where
the Greeks used a wooden horse to enter the city of Troy and attack from the inside. Just like the
myth, a computer Trojan hides itself inconspicuously inside a seemingly legitimate software that,
if opened, could then enable the Trojan to execute its malicious purpose. It also offers a backdoor
for programs to enter the computer to steal information unknown to and/or unauthorized by the
user.
d. Bots. Bots are advanced versions of worms that do not require human interaction to work. It
can affect a system either positively or negatively. Botnet is a network of infected systems

2. Malware Actions
a. Adware. Adware is not malicious; however, it breaches users' privacy. It usually displays ads
on anyone's computer desktop or in any individual program. It is normally associated with free
software. For example, an attacker of the system can embed malicious code in any of your
software and adware can only monitor your system's activities and compromise your system.
b. Spyware. True to its name, a spyware works just like a spy by monitoring a user's computer
activities and gathering information that might be of interest to a third party. A common spyware
is the keylogger. A keylogger records timestamped keystrokes of a user and takes important
personal information such as usernames, pins and passwords, credit card information, and so on.
c. Ransomware. A ransomware has the ability to encrypt files and lock a computer, rendering
them inaccessible. Information on the screen is then shown to make the user aware of the cost it
would take to unlock the computer.
d. Rootkits. A rootkit is devised to give a hacker administrative control in a computer's system.
This gives him/her the power to perform whatever task on the system.
e. Scareware. A scareware disguises itself as a tool that will help fix a computer system, that if
activated, infects and completely damages a system. It notifies a user to pay the hackers to fix the
system.
f. Zombies. A zombie works just like a spyware; however, it does not necessarily spy on the
user's activity. Instead, it stays put until commanded by the hacker.

B. Theft of Intellectual Property


This is considered as a violation against intellectual property rights, which involves copyright
and patents, among others.
C. Identity Theft
This is the action of impersonating someone in order to acquire his/her information. This issue is
popular across social media where a hacker can act like someone else and access the latter's
account with the use of log-in credentials.
D. Information Extortion
This refers to the stealing of a business organization's information for a certain amount of money.
An example of information extortion is through the use of a ransomware where a hacker could
lock information and demand money for its unlocking.
E. Theft of Equipment and Information
Because of modern technology, particularly mobile devices, it has become easier for hackers and
thieves to steal information and gadgets.
F. Sabotage
Sabotaging a company with the use of technology could be through destroying their website
which would lead to customer dissatisfaction.
5.3 SECURITY THREATS TO INTERNET SERVICES
Types of Computer Security Threats and Most Common Internet Threats
1. Computer virus
A computer virus is among the most common threats against cybersecurity. In 2018, research
shows that around 33% of home or personal computers are infected with malware, with more
than half being viruses. A computer virus can spread easily due to its various manifestations such
as downloaded files or e-mail attachments. Viruses can damage a system.
2. Rogue security software
Scammers have found a way to manipulate users' fears of computer viruses to their advantage
through fraud. A rogue security software is used to deceive users that their systems are infected
with a virus or that they have outdated security measures.
3. Trojan horse
A computer Trojan is a malicious software or code that disguises itself as a genuine program,
fooling users to install it. It can come in the form of an e-mail attachment, which a user could
download, without knowing that it would infect his/her computer system.
4. Adware and spyware
Adware is any software that could track a user's browsing behavior, and through that, suggest
advertisements through pop-ups. Pop-ups can affect Internet and computer processor speeds. A
user is informed of an adware's data collection. An adware will only be considered malicious if it
is downloaded without the user's consent.
On the other hand, spyware is installed on a user's computer without his/her knowledge and
consent. Spyware could access e-mail addresses, passwords, and other important information that
could lead to identity theft.
5. Computer worm
A computer worm is a form of malware that replicates itself quickly through contact lists of
infected computers. A worm not only harms a system but is also used to test a software for
vulnerabilities.
6. DoS and DDoS attacks
A denial-of-service (DoS) is caused by a computer system connected to the Internet. A DoS
attack can be a flooded website, preventing users from accessing the website's contents.
However, it is impossible for a single computer to overload a server, making DoS attacks
uncommon.
7. Phishing
Phishing involves collecting sensitive user information, which are usually passwords and credit
card numbers. Phishing is usually done through e-mails or messages that are disguised as
genuine. For instance, when a malicious link intended for a phishing attack is unwittingly opened
by a user, a malware would automatically infect his/her computer. Another example is a phishing
e-mail supposedly coming from a bank asking for verification of personal details.
8. Rootkit
A rootkit allows a hacker to obtain administrative access on a user's computer and/or network.
Once installed, the rootkit can track user records, steal passwords, and disable antivirus
programs. A rootkit enters a computer by appearing as a legitimate program or software that is
installed and allowed to make changes on the system. A rootkit is activated by a hacker who uses
e-mails, links, software, and files to access computers of targeted users.
9. SQL injection attack
This form of attack is considered one of the most harmful issues against data confidentiality.
SQL injections attack data-based applications by breaching security measures and using a code
that could collect, alter, or delete classified data and interrupt certain transactions on websites.
10. Man-in-the-middle attack
This type of attack allows a hacker to tap and listen to conversations between two people. The
hacker can interrupt a conversation between two entities by appearing as one of them while
obtaining their private keys. This enables the hacker to alter messages with a user's private key
and disguise himself as one of the involved parties in the conversation,
11. Spam
It is a reality that most e-mail accounts come with Junk Mail, or the commonly used term, Spam
folder. This implies that spam e-mails are massive issues, with more than 50% of e-mails being
drawn off into these folders. Spam e-mails may not be a direct threat; however, these e-mails
may contain malware.
12. Keyloggers
It is similar to a spyware through which a keylogger records a user's keyboard actions. Like a
sniffing attack, most keyloggers are simply looking for discernable keyboard entries, such as
bank card details, passwords, and personal information. This keylogging attack is frequently
associated with identity and intellectual property theft.
13. Pharming
Pharming is a more complicated version of phishing which misuses the domain name system
(DNS). Pharmers regularly create web pages that copy that of a reliable business, such as an
online banking log-in page. Users will, then, enter their personal details, thinking they are
logging in to their usual service provider, and their details will be stolen by the pharmer.
Solutions to Overcome Security Threats
 Install an anti-virus software.
 Ensure that the anti-virus software is up-to-date.
 Employ a firewall to protect networks.
 Filter all e-mail traffic.
5.4 ETHICAL ISSUES IN INFORMATION TECHNOLOGY
1. Privacy is an individual's right to determine what information they would like others to know
about themselves, which people are permitted to know that information, and when those people
can access that information.
Internet privacy refers to the privacy and security of personal data published online. It concerns
and uses a variety of factors, techniques, and technologies. for the protection of sensitive and
private data, communications, and preferences.
2. Hacking generally refers to the unauthorized entry into a computer network. A person
facilitating hacking activities is known as a hacker.
A hacker is a person who breaks programming codes and passwords to benefit from the
unauthorized entry or access to computer systems.
3. A virus is a malicious software that could damage a computer system upon its installation.
Viruses can replicate themselves and enter and infect files. However, some viruses are not
designed to damage a system.
. Data access rights is the permission granting the location and reading of digital information to a
user or computer program. Digital access rights are important for information security and
compliance.
4. Plagiarism is known as the practice of taking someone else's work or ideas and passing them
off as one's own. It is commonly being experienced at schools, offices, and organizations. For
example, taking or copying the work of others found online and moderately modifying it to make
it appear as your own is considered plagiarism.
5. Ergonomy refers to the improvement of IT tools to make them more efficient for users. The
structure and design of such tools are made according to certain standards for the benefit of
users. Failure to take ergonomy into account in a business environment could pose certain
problems and discomfort, which could ultimately be detrimental for users if left unchecked.
7. Health issues in IT play a significant part in the provision of quality care, controlled costs, and
efficiency boosts. The healthcare industry, whether public or private, make the most of IT tools
to reach higher standards and provide better service for patients and customers.
The following are "technology innovation" regarding health care in relation to IT:
a. Health informatics
There are health policies being refined and created that will require all health organizers and
providers to demonstrate the meaningful use of all medical benefits and support.
b. Mobile health and BYOD
The demand of using mobile technologies nowadays has reached the healthcare industry. The use
of mobile devices in healthcare encourages organizations to implement BYOD policies. For
example, healthcare workers prefer to access. duty schedules using healthcare mobile.
applications.
c. Wireless networking
Nowadays, healthcare providers and workers increasingly rely on wireless network access in
medical facilities. Wireless access facilities are in need of a vast number of access points and
wireless WANs to perform.
d. Telemedicine
Constant change in the policies that dictate how telemedicine is used and reimbursed interferes
with its proper implementation.
e. Patient engagement
Putting a significant amount of healthcare responsibility on a patient can be challenged. The use
of phones and applications help. patients monitor their health conditions and goals; however,
product limitations might dissuade eager patients.
f. Clinical data analysis
Data analytics can provide assistance in the treatment and prevention of illnesses. Improvement
in the quality of care can be realized through data analysis. However, investments on data
analysis, such as the systern, its warehouse, and security can be costly and complicated.
g. Storage infrastructure
Data retention laws are created to limit the number and the length of time data can be stored.
Storage area networks (SAN), which provide virtual storage, can help companies store data and
information.
h. Cloud-based electronic health record system
The cloud is an Internet storage infrastructure that brings light to queries regarding data
encryption and ownership. WHO compliance, and overall security.

You might also like