Business Information Systems Notes
1.0 Introduction
Module aims to develop student abilities in managing business information systems.
Covers technologies, related systems, and management of information systems in business.
Also considers ethical, legal, and moral constraints. Explores the impact of information systems on organizational strategy and competitive advantage.
1.1 Module Aim
Aims to develop student abilities to manage business information systems within organizations. This includes understanding the strategic alignment of IS with business goals and the effective use of IS resources to achieve these goals.
1.2 Objectives
Explain and discuss different types of information required by business functions. This includes operational, tactical, and strategic information needs.
Explain and discuss the requirements of quality business information, such as accuracy, timeliness, relevance, and completeness. Discuss how these requirements impact decision-making.
Appraise the range of activities required in a business information system, including data collection, processing, storage, retrieval, and dissemination.
Assess the contribution of information systems to the operation of the organization. Consider impacts such as improved efficiency, enhanced decision-making, and competitive advantage.
Explain the range of activities involved in information systems management, including planning, organizing, staffing, directing, and controlling IS resources.
Run and use various information system applications. Acquire hands-on experience with software tools relevant to business information systems.
1.3 Assessment Details
Continuous Assessment: 40%
One Test: 20%
Two Assignments (equal weight): 20%
Final Examination: 60%
Total: 100%
1.4 Readings
Prescribed:
Bocij P., Greasley A., Hickie S, (2008), Business Information Systems, FT Prentice Hall, ISBN 9780273716624.
Hardcastle Elizabeth, (2011), Business Information Systems, ISBN 978-87-7681-463-2
Benyon-Davies P. (2009), Business Information Systems, Palgrave MacMillan, Basingstoke
Recommended:
D Knights and F Murray, Managers Divided: Organisations Politics and Information Technology Management (Wiley).
Turban Efrahim, Aronson Jay, (2010), Decision Support Systems and Business Intelligence Systems, Pearson, ISBN 0132453233
Chaffey and Wood, (2005), Business Information Management, FT Prentice Hall, ISBN 0273686550
Gray, Paul, (2006), Manager's Guide to Making Decisions about Information Systems, Wiley ISBN 0471263591
Flower & Fawcett, Management of Information Technology - Bankers Workbook (CIB/Bankers Books)
1.5 Time Frame
Expected to spend at least 60 hours of study time. Allocate study time based on the complexity of topics and assessment deadlines.
2.6 Defining a System
A system is a collection of components working together to achieve a common goal. Systems thinking is crucial for understanding complex organizational processes.
Common elements: Inputs, Processing, Outputs, Feedback, and Control. Each element plays a critical role in the overall functioning of the system.
Classified into open-loop or closed-loop systems.
Open-loop: No way of ensuring objectives are met. Lacks self-regulation and adaptability.
Closed-loop: Feedback and feed-forward control mechanisms. Allows for adjustments and optimization based on real-time data.
2.7 Defining an Information System
Collection of technical and human resources providing storage, computing, distribution, and communication of information. Focuses on how these resources are integrated to manage information effectively.
Responsible for collecting, processing, storing, analyzing, and disseminating information for a specific purpose. Serves as an essential tool for decision-making and operational management.
2.8 Defining a Business Information System
Inter-related components converting data into information for forecasting, planning, control, coordination, decision making, and operational activities. Plays a pivotal role in supporting organizational strategy.
Components: people, hardware, software, communications, and data. These components must be aligned to achieve business objectives.
2.9 Data and Information in Information Systems
Data: Streams of raw facts, meaningless on their own. Requires context and processing to become meaningful.
Information: Processed data. Provides insights and supports informed decision-making.
2.10 Categories of Information Systems
Transaction Processing System (TPS)
Office Automation Systems (OAS)
Knowledge Work Systems (KWS)
Management Information System (MIS)
Decision Support Systems (DSS)
Executive Information Systems (EIS)
Group Decision Support Systems (GDSS)
Collaborative Supported Collaborative Work Systems (CSCWS)
3.6 The Need for Quality Systems and Decision Making
Managers need quality information systems for formulating strategies, creating plans, and executing tactics. Quality information is crucial for effective leadership and management.
3.7 Defining Information Quality
Quality defined as "fitness for purpose." Information should meet the specific needs of its users.
Superior quality information characteristics:
Relevance: Information should be applicable and pertinent to the task at hand.
Accuracy: Information should be error-free and reliable.
Timeliness: Information should be available when needed and up-to-date.
Form: Information should be presented in a clear and understandable format.
Completeness: Information should provide all necessary details and context.
Coherence: Information should be logically consistent and integrated.
Accessibility: Information should be easily obtainable and usable.
Compatibility: Information should be consistent across different systems.
Security: Information should be protected from unauthorized access and modification.
Validity: Information should be based on sound and reliable sources.
3.8 The DIKAR and RAKID Models
DIKAR model: Data, Information, Knowledge, Action, Results. Focuses on transforming data into actionable insights.
RAKID model: Starts with results and deduces the knowledge required. Provides a goal-oriented approach to information management.
3.9 The Effects of Poor Quality Data and Information
Tasks will be performed inefficiently. Leads to wasted time and resources.
Erroneous decisions will be made. Can result in significant financial and operational losses.
Information will not be trusted. Undermines confidence in data and decision-making processes.
No decisions will be made. Paralysis due to lack of reliable information.
3.10 The Cost of Quality in Information Systems
Cost of conformance plus cost of nonconformance. Balancing these costs is key to effective quality management.
Categories:
Prevention cost: Costs incurred to prevent defects in information systems.
Appraisal cost: Costs incurred to evaluate the quality of information systems.
Internal failure cost: Costs incurred when defects are detected before delivery to customers.
External failure cost: Costs incurred when defects are detected after delivery to customers.
Measurement and test equipment costs: Costs associated with tools and equipment used for quality assessment.
3.11 Managing and Improving Quality Systems
Define information quality. Establish clear standards and metrics for information quality.
Conduct information audit. Assess the current state of information quality within the organization.
Develop information quality policy. Create a formal document outlining the organization's commitment to information quality.
Implement information quality policy. Translate the policy into specific procedures and practices.
Control information quality. Monitor and enforce adherence to the information quality policy.
4.6 Security Defined
Ensuring only authorized users can access the system and perform authorized tasks. Protecting assets from unauthorized access, use, disclosure, disruption, modification, or destruction.
4.7 Why do we need security in Information systems?
No wires: Wireless communications are vulnerable to interception.
Receivable by any device: Signals can be intercepted by unauthorized devices.
Susceptible to hackers: Systems can be compromised through vulnerabilities.
AP spoofing is Easy: Attackers can create fake access points to steal information.
Widely used for business applications, critical data: High-value data makes systems attractive targets.
Security breaches are a serious threat: Can result in financial losses, reputational damage, and legal liabilities.
4.8 Categorization of Security Threats
Accidental vs. Deliberate. Understanding the nature of threats helps in designing appropriate countermeasures.
Human Error, Technical Error, Natural Disasters, Deliberate Actions. Each type of threat requires a different approach to mitigation.
4.9 Types of Attacks on Systems
Unauthorized disclosure. Confidential information is accessed by unauthorized parties.
Deception. Misleading or false information is used to gain access or cause harm.
Disruption. Normal operations are interrupted or prevented.
Usurpation. Illegitimate control over system resources is obtained.
4.10 Physical Security Controls
File Backups. Essential for data recovery in case of system failures or attacks.
Maintenance of security copies off site. Protects against physical disasters affecting primary locations.
Power Sources. Uninterruptible power supplies (UPS) ensure continuous operation during power outages.
4.11 Access Security
Burglar alarm equipment
Strict control over visitor and staff access
Have minimal number of entrances
Use of guards or receptionists
Use of Closed Circuit TV (CCTV)
Use of “signing in/out” as authorization and access control
4.12 Data Security
Protect against:
Accidental modification or destruction
Intentional modification or destruction
Unauthorized disclosure
Restricting Access to Data Transmissions by using Encryption Techniques. Protects data confidentiality during transmission.
Passwords and Answerback. Authentication mechanisms to verify user identity.
4.13 Other Security Measures
Use of Anti-virus software
Adherence to Computer Misuse act, making hacking an offence
Use of bio-metric security systems
Implementation of a Backup Plan
5.6 Technology Acquisition Defined
Buying or building information systems for managing the organization. Strategic decision impacting long-term capabilities.
5.7 Approaches to Acquiring Technology Assets
Buying
Leasing
Develop in-house
Build from scratch
Build from components or use of Enterprise application integration
Cloud computing.
6.7 Ethics Explained
Ethical standards are personal or business practices or behaviour which are generally considered acceptable by society. Guides responsible and moral decision-making.
Sarbanes Oxley Act (Sarbox or SOX) redefines legally acceptable accounting practices. Ensures transparency and accountability in financial reporting.
6.8 Internet Governance
Internet governance is the control put in place to manage the growth of the Internet and its usage. Addresses issues such as security, privacy, and access.
6.10 E-Government
E-government refers to the application of e-commerce technologies to government and public services. Enhances efficiency, transparency, and citizen engagement.
6.11 Privacy Defined
In the context of information, privacy refers to an individual’s rights as a customer, employee or citizen about what personal data is held about them by third parties such as companies, employers and government agencies and how it is used. Protecting personal information from misuse and unauthorized access.
6.12 Data Protection Act
The Law was enacted by the British Government and was intended to protect the privacy of consumers’ data through defining how organizations can gather, store, process and disclose personal information.
DP Principles: Fairly and lawfully processed; Processed for limited purposes; Adequate, relevant and not excessive; Accuracy; Not kept longer than necessary; Processed in accordance with the data subject's rights; Secure and Not transferred to countries without adequate protection.
7.6 Privacy and Electronic Communications Regulations Act
Requires consent to receive e-mail communications (Opt-in) or unsubscribe option (Opt-out). Protects individuals from unwanted electronic communications.
Privacy statement must clearly explain how cookies are used. Ensures transparency and user control over data collection.
7.8 Freedom of Information Act
Encourages openness amongst public authorities. Promotes transparency and accountability in government operations.
Public organizations must produce a Publication Scheme. Provides citizens with information about government activities.
7.9 Employee Communications Monitoring
Used to reduce productivity losses through time wasting. Balances employer interests with employee privacy rights.
7.11 Identity Theft
The misappropriation of the identity of another person, without their knowledge or consent
Methods to counter Identity Theft: use of Identity cards; use of Biometrics and Use of RFID tagging of objects or people
7.12 Hacking
Refers to the process of gaining unauthorized access to computer systems typically across a network.
Hacking for monetary gain is usually aimed at identity theft where the personal details and credit card details are accessed for the purpose of fraud
7.13 Phishing
Specialized form of online identity theft, where emails are sent out purporting to be from an organization, inviting recipients to visit a web site to update their details after entering their username and password.
7.14 Computer Misuse Act
3 provisions
Unauthorized access to computer material.
Unauthorized access with intent to commit or facilitate commission of further offences.
Unauthorized modification of computer material.
7.15 Distributed Denial of Service Attacks
Systems are bombarded with many requests for information originating from computers around the world that have been hijacked solely to request information.
7.16 Accessibility Legislation
Intended to protect disabled Internet users
7.17 Web Accessibility Guidelines
Describes common accessibility problems such as Images without alternative text; lack of alternative text for imagemap hot- spots; misleading use of structural elements on pages; uncaptioned audio or undescried video; lack of alternative information for users who cannot access frames or scripts; tables that are difficult to decipher when linearized; or sites with poor color contrast.
7.18 Copyright Law
Designed to protect authors, producers, broadcasters and performers through ensuring they see some returns from their works every time they are experienced.
7.19 Software Piracy
There are many ways in which software can be illegally copied which are facilitated by its digital form. These include: Direct copying of media; exchange of software through peer-to peer file sharing services etc.
8.6 Introduction to MS Application 1 : Microsoft Excel
MS Excel is a spreadsheet used to organize real world data, such as a check register or a rolodex and perform certain functions automatically such as addition and subtraction.
9.6 About word processing
A word processor is a type of computer program that is used to create a variety of documents, from simple letters to fully illustrated newsletters and fliers. Microsoft Word is one of the most popular word-processing software applications in use today.
10.7 What is power Point application?
PowerPoint is a complete presentation graphics package that offers word processing, outlining, drawing, graphing, and presentation management tools- all designed to be easy to use and learn.
11.6 Introduction to the Internet
The Internet stands for INTERnational NETwork and It is simply millions of computers linked across the world by telecommunications - telephone lines, cables, satellites, optic fibres, etc.