INFORMATION SYSTEMS MANAGEMENT

Lecture 1
MIS definition
The Management Information System (MIS) is a concept of the last decade or two. It has been
understood and described in a number ways. It is also known as the Information System, the
Information and Decision System, the Computer- based information System.
MIS has more than one definition, some of which are given below.
1. MIS is defined as a system which provides information support for decision making in the
organization.
2. MIS is defined as an integrated system of man and machine for providing the information to
support the operations, the management and the decision making function in the organization.
3. MIS is defined as a system based on the database of the organization evolved for the purpose
of providing information to the people in the organization.
Though there are a number of definitions, all of them converge on one single point, i.e., the MIS
is a system to support the decision making functions in the organization. The difference lies in
defining the elements of the MIS. However, in today’s world MIS is a computerized, business
processing system generating information for the people in the organization to meet the
information needs and assisting in taking decisions to achieve the corporate objective of the
organization and in the Public sector MIS is designed to deliver services to the citizen also
1.2 Introduction to Management Information Systems (MIS)
Management information system (MIS) provides information that organizations require to
manage themselves efficiently and effectively. Management information systems are typically
computer systems used for managing the organizations. The five primary components of MIS
are:
1) Hardware
2) Software
3) Data (information for decision making)
4) Procedures (design, development and documentation)
5) People (individuals, groups, or organizations).
Management information systems are distinct from other information systems because they are
used to analyse and facilitate strategic and operational activities. Academically, the term is
commonly used to refer to the study of how individuals, groups, and organizations evaluate,

1
design, implement, manage, and utilize systems to generate information to improve efficiency
and effectiveness of decision making, including systems termed decision support systems, expert
systems, and executive information systems.
Management Information Systems (MIS) Concept
The concept of the MIS has evolved over a period of time comprising many different facets of
the organizational function. MIS is a necessity in all the organizations. The initial concept of
MIS was to process the data available in the organization and present it in the form of reports at
regular intervals. The system was largely capable of handling the data from collection to
processing. It was more impersonal, requiring each individual to pick and choose the processed
data and use it for his requirements. This concept was further modified when a distinction was
made between data and information. Information is a product of an analysis of data. This concept
is similar to a raw material and the finished product. However, data can be analysed in a number
of ways, producing different shades and specifications of the information as a product. It was,
therefore, demanded that the system concept be an individual- oriented, as each individual may
have a different orientation towards the information. This concept was further modified, that the
system should present information in such a form and format that it creates an impact on its user,
provoking a decision or an investigation. It was later realized then even though such an impact
was a welcome modification, some sort of selective approach was necessary in analysis and
reporting. Hence, the concept of exception reporting was imbibed in MIS. The norm for an
exception was necessary to evolve in the organization. The concept remained valid till and to the
extent that the norm for an exception remained true and effective. Since the environment turns
competitive and is ever changing, fixation of the norm for an exception becomes a futile exercise
at least for the people in the higher echelons of the organization. The concept was then evolved
that the system should be capable of handling a need based exception reporting. This need maybe
either of an individual or a group of people. This called for keeping all data together in such a
form that it can be accessed by anybody and can be processed to suit his needs. The concept is
that the data is one but it can be viewed by different individuals in different ways. Over a period
of time, when these conceptual developments were taking place, the concept of end user
computing using multiple databases emerged. This concept brought a fundamental change in
MIS. The change was decentralization of the system and the user of the information becoming
independent of computer professionals. When this becomes a reality, the concept of MIS
changed to a decision making system. The job in the computer department is to manage the
information resource and leave the task of information processing to the user. The concept of
MIS in today’s world is a system which handles the databases, provides computing facilities to
the end user and gives a variety of decision making tools to the user of the system and also
enable the citizens / beneficiaries to use the MIS from external source and connect with
organization. The concept of MIS gives high regard to the individual and his ability to use
information. MIS gives information through data analysis. While analysing the data, it relies on
many academic disciplines. These include the theories, principles and concepts from the
Management Science, Psychology and Human Behaviour, making the MIS more effective and
2
useful. These academic disciplines are used in designing the MIS, evolving the decision support
tools for modelling and decision making. The foundation of MIS is the principles of management
and its practices. The concept of management Information System can be evolved for a specific
objective if it is evolved after systematic planning and design. It calls for an analysis of a
business, management views & policies, organization culture and the management style.
Information should be generated in this setting and must be useful in managing the business.
This is possible only when it is conceptualized as a system with an appropriate design. MIS,
therefore, relies heavily on the systems theory and offers solutions to handle the complex
situations of the input and output flows. It uses theories of communication which helps to evolve
a system design capable of handling data inputs, process, and outputs with the least possible
noise or distortion in transmitting the information form a source to a destination. It uses the
principles of system Design, Viz., an ability of continuous adjustment or correction in the system
in line with the environmental change in which the MIS operates. Such a design help to keep the
MIS tuned with the business managements needs of the organization. The concept, therefore, is a
blend of principle, theories and practices of the Management, Information and System giving rise
to single product known as Management Information System (MIS).
History of MIS
Kenneth C. Laudon and Jane Laudon identify five eras of Management Information System
evolution corresponding to the five phases in the development of computing technology:
1) Mainframe and minicomputer computing
2) Personal computers
3) Client/server networks
4) Enterprise computing
5) Cloud computing.
The first era (mainframe and minicomputer) was ruled by IBM and their mainframe computers.
These computers would often take up whole rooms and require teams to run them - IBM
supplied the hardware and the software. As technology advanced, these computers were able to
handle greater capacities and therefore reduce their cost. The second era (personal computer)
began in 1965 as microprocessors started to compete with mainframes and minicomputers and
accelerated the process of decentralizing computing power from large data centres to smaller
offices. In the late 1970s minicomputer technology gave way to personal computers and
relatively low cost computers were becoming mass market commodities, allowing businesses to
provide their employees access to computing ipower that ten years before would have cost lakhs
of rupees. As technological complexity increased and costs decreased, the need to share
information within an enterprise also grew, giving rise to the third era (client/server), in which
computers on a common network access shared information on a server. This lets thousands and

3
even millions of people access data simultaneously. The fourth era (enterprise) enabled by high
speed networks, tied all aspects of the business enterprise together offering rich information
access encompassing the complete management structure. Every computer is utilized. The fifth
era (cloud computing) is the latest and employs networking technology to deliver applications as
well as data storage independent of the configuration, location or nature of the hardware. This,
along with high speed cell phone and Wi-Fi networks, led to new levels of mobility in which
managers access the MIS remotely with laptop and tablet computers, plus smart phones.
Physical view of MIS
The Physical view of the MIS can be seen as an assembly of several subsystems based on the
databases in the organization. These subsystems range from data collection, transaction
processing and validating, processing, analysing and storing the information in databases. The
subsystem could be at a functional level or a corporate level. The information is evolved through
them for a functional or an operational management and it provides the information for the
management of business at the corporate level and also analyses and provides huge data for the
governments in a systematic way for analysis and for designing welfare schemes. MIS, therefore,
is a dynamic concept subject to change, time and again, with a change in the business
management process. It continuously interacts with the internal and the external environment of
the business and provides a corrective mechanism in the system so that the changed needs of
information are met effectively. MIS, therefore, is a dynamic design, the primary objective of
which is to provide the information for decision making and it is developed considering the
organizational fabric, giving due regard to the people in the organizational the management
functions and the managers and the managerial control.
Role of Management Information Systems in an Organization
The role of the MIS in an organization can be compared to the role of heart in the body. The
information is the blood and MIS is the heart. In the body the heart plays the role of supplying
pure blood to all the elements of the body including the brain. The heart works faster and
supplies more blood when needed. It regulates and controls the incoming impure blood,
processes it and sends it to the destination in the quantity needed. It fulfils the needs of blood
supply to human body in normal course and also in crisis. MIS plays exactly the same role in the
organization. The system ensures that an appropriate data is collected from the various sources,
processed, and sent further to all the needy destinations. The system is expected to fulfil the
information needs of an individual, a group of individuals, the management functionaries, the
managers and the top management. MIS satisfies the diverse needs through a variety of systems
such as Query Systems, Analysis Systems, Modelling Systems and Decision Support Systems,
MIS helps in Strategic Planning, Management Control, Operational Control and Transaction
Processing. MIS helps the clerical personnel in the transaction processing and answers their
queries on the data pertaining to the transaction, the status of a particular record and references
on a variety of documents. MIS helps the junior management personnel by providing the

4
operational data for planning, scheduling and control, and helps them further in decision making
at the operations level to correct an out of control situation. MIS helps the middle management in
short them planning, target setting and controlling the business functions. It is supported by the
use of the management tools of planning and control. MIS helps the top management in goal
setting, strategic planning and evolving the business plans and their implementation. MIS plays
the role of information generation, communication, problem identification and helps in the
process of decision making. MIS, therefore, plays a vital role in the management, administration
and operations of an organization.
Impact of MIS on an organization
Since the MIS plays a very important role in the organization, it creates an impact on the
organization’s functions, performance and productivity. With good support, the management of
marketing, finance, production and personnel become more efficient. The tracking and
monitoring of the functional targets becomes easy. The functional, managers are informed about
the progress, achievements and shortfalls in the probable trends in the various aspects of
business. This helps in forecasting and long term perspective planning. The manager’s attention
is brought to a situation which is exceptional in nature, inducing him to take an action or a
decision in the matter. A disciplined information reporting system creates a structured data and a
knowledge base for all the people in the organization. The information is available in such a
form that it can be used straight away or by blending analysis, saving the manager’s valuable
time. MIS creates another impact in the organization which relates to the understanding of the
business itself. MIS begins with the definition of a data entity and its attributes. It uses a
dictionary of data, entity and attributes, respectively, designed for information generation in the
organization. Since all the information system use the dictionary, there is common understanding
of terms and terminology in the organization brining clarity in the communication and a similar
understanding throughout the organization. MIS calls for a systemization of the business
operation for an affective system design. A well designed system with focus on the manger
makes an impact on the managerial efficiency. The fund of information motivates an enlightened
manger to use a variety of tools of management. It helps him to resort to such exercises as
experimentation and modelling. The use of computers enables him to use the tools techniques
which are impossible to use manually. Since the MIS works on the basic systems such as
transaction processing and databases, the drudgery of the clerical work is transferred to the
computerized system, relieving the human mind for better work. It is observed that a lot of
manpower is engaged in this activity in the organization. The study of the individual’s time
utilization and its application has revealed that seventy percent of the time is spent in recording,
searching, processing and communication. This is a large overhead in the organization. MIS has
a direct impact on this overhead. It creates an information based work culture in the organization.

5
MIS: A support to the Management
The management process is executed through a variety of decisions taken at each step of
planning, organizing, staffing, directing, coordinating and control. MIS aids in decision making
if the management is able to spell out the decisions required to be taken. The objective of the
MIS is to provide information for a decision support in the process of management. It helps in
such a way that the business goals are achieved in the most efficient manner. Since decision
making is not restricted to a particular level, MIS is expected to support all the levels of the
management in conducting the business operations. Unless MIS becomes a management aid, it is
not useful to the organization.
Factors contributing to the success of MIS in PSUs (Public Sector)
If an MIS has to become successful then it should have all the features listed as follows.
• MIS is integrated into the managerial functions. It sets clear objectives to ensure that the MIS
focuses on the major issues of the business. Adequate development resources are provided and
the human & organizational barriers to progress are removed.
• An appropriate information processing technology required to meet the data processing and
analysis needs of the users of the MIS is selected.
• MIS is oriented, defined and designed in terms of the user’s requirements and its operational
viability is ensured.
• MIS is kept under continuous surveillance, so that its open system design is modified according
to the changing information needs.
• MIS focuses on the results and goals, and highlights the factors and reasons for non-
achievement.
• MIS is not allowed to end up into an information generation mill avoiding the noise in the
information and the communication system.
• MIS recognizes that a manager is a human being and therefore, the systems must consider all
the human behavioural factors in the process of the management.
• MIS recognizes that the different information needs for different objectives must be met with.
The globalization of information in isolation from the different objectives leads to too much
information and its non-use.
• MIS is easy to operate and, therefore, the design of the MIS has such features which make up a
user-friendly design.
• MIS recognizes that the information needs become obsolete and new needs emerge. MIS
design, therefore, has a basic potential capability to quickly meet new needs of information.

6
• MIS concentrates on developing the information support to manage critical success factors. It
concentrates on the mission critical applications serving the needs of top management.
Factors contribution to MIS failure in PSUs
Many a times MIS is a failure in PSUs. The common factors which are responsible for this are
listed as follows.
• MIS is conceived as a data processing tool and not as an information processing tool and MIS
does not provide that information which is needed by the managers but it tends to provide the
information generally the function calls for. In this case MIS becomes an impersonal system.
• Underestimating the complexity in the business systems and not recognizing it in the MIS
design leads to problems during implementation.
• Adequate attention is not given to the quality control aspects of the inputs, the process and the
outputs leading to insufficient checks and controls in the MIS.
• MIS is developed without streamlining the transaction processing systems in the organization
and lack of training on MIS to stakeholders. Failing to appreciate that the users of the
information and the generators of the data are different and not identifying that both of them
have to play an important & responsible role in the MIS.
• MIS does not meet certain critical and key factors of its users such as, response to the query on
the database, inability to get the processing done in a particular manner, lack of user-friendly
system and dependence on the system personnel.
• A belief that the computerized MIS can solve all the management problems of planning and
control of the business and lack of administrative discipline in following the standardized
systems and procedures, faulty coding and deviating from the system specifications result in
incomplete and incorrect information.
Advantages of MIS
The following are some of the benefits that can be attained from MIS. Organizations are able to
highlight their strengths and weaknesses due to the presence of revenue reports, employees'
performance records etc. The identification of these aspects can help the company improve their
business processes and operations. MIS gives an overall picture of the company and acts as a
communication and planning tool. The availability of customer data and feedback in the MIS can
help the company to align their business processes according to the needs of the customers. The
effective management of customer data can help the company to perform direct marketing and
promotion activities. MIS can help an organization to gain a competitive advantage. Competitive
advantage is a firm’s ability to do something better, faster, cheaper, or uniquely, when compared
with rival firms in the market.

7
1.12 MIS in Public Sector Organizations
Public administration in Government and PSUs has changed considerably over the past few
years as did the use of MIS. A ‘stage of growth’ frame work is developed and used to describe
the relations between various government departments and use of MIS over a period of time.
This framework was applied to certain large public sector organization and it was found that the
use of IS in the PSUs did not develop according to the needs and developments in the
organization over the past few years. Communication and Information are the lifeblood of any
organization. Neither planning nor designing nor any other managerial process is possible
without them. Communication may be viewed as the process of exchange of information, it
provides the means of contact between organizational members and organizational decision
centres. In the recent times, government organizations are inundated with data and information
that are either generated by internal government transactions or gathers from outside sources.
Such data and information are needed for designing future welfare schemes by the government.
The government officials must equip themselves to cope up with the phenomenon of information
explosion, not to be buried in the avalanche of irrelevant data. They must manage information,
that is, a system or structure must be developed to collect, organize, process and disseminate the
right type of information at the right time to the right person. Awareness of this need is very
essential in the development of MIS for public sector organizations. IT is transforming not only
the functioning of the government organizations and its processes but is also redefining the
existing systems in the bureaucratic setup at a very faster pace. In the coming decade most of the
citizens would become IT savvy and the PSUs must therefore be prepared to offer services
tailored to the citizens needs. MIS has evolved as an integration system for financial transactions,
procuring, delivery of services online, auditing . It has become very essential for the staff in the
PSUs to use MIS almost for every work. Under these circumstances, MIS is expected to provide
the staff with various sets of information for decision making and better communication
environment which can be used just on the computer terminal for everyday’s work. Furthermore
communication between the head office and regional offices has become more and more
necessary in the recent times. IT is a resource for PSUs to use in the processes and activities of
the organization. But the similarity of IT with other technologies end here. While other
technologies tend to be applicable only in specific areas and in well defined areas of operation,
the potential uses for IT in government sector is universal. IT can be used both in operational and
management processes in the PSUs. There are an estimated 5870 public sector corporations in
the entire country which are either partially or fully funded either by the central government or
respective state governments. This huge number should have driven the MIS market in PSUs in a
big way but on the contrary MIS in PSUs is still in an early growth stage. It is a small market
dominated by in-house implementations and customized solutions developed by small local
software developers. In terms of technology adaptation, the Indian market is far behind its
counterparts such as China, South Korea, Singapore and Malaysia. Undoubtedly the Indian PSUs
have been very late in realizing the advantages of IT. Lack of awareness, low priority given to

8
financing of IT related investments, lack of suitable solutions as well as absence of professional
decision making has led to low penetration of MIS in PSUs.
a) Low priority to spending on IT by PSUs. PSUs in India give IT budgeting a very low priority
as compared to their counterparts in the private sector. PSUs don’t mind spending crores of
rupees on infrastructure but are very skeptical about spending in the field of IT.
b) Lack of Professional decision making Ideally the team involved in decision making for the
selection of MIS should comprise the PMU consisting of domain expert, top bureaucrats and IT
staff but in the PSUs the officials supervising the IT projects are CIOs or IT Managers who do
not have functional domain knowledge.
c) Lack of suitable solutions Most of the PSUs of the Govt. of India have gone for in-house
solutions or built a customized one from software agencies since appropriate MIS suitable for
PSUs are not available in the market today
d) Lack of awareness Many PSUs have still not realized that importance of implementing MIS
and are not aware of the fact that MIS drives efficiency. They consider IT a capital intensive
investment with little or no returns. This apathy towards MIS has proved to be a major
discouragement. PSUs allocate shoe string budgets for MIS projects and develop in-house or
customized solutions that fail to give them the desired results and do not meet the PSU
requirements. Most of the PSUs which have implemented MIS do not take up all stake holders
training. There have been many major IT initiatives by PSUs in India. However these initiatives
have been confined to navarathna PSUs. As more medium sized and small PSUs realize the
advantages of implementing MIS, allocating higher budgets for IT, there would be an enormous
growth in the field of MIS and the PSUs would be able to serve the citizens in a much better and
innovative way.

9
lecture 2

CONCEPT OF MIS

The MIS is an idea which is associated with man, machine, marketing and methods for collecting
information’s from the internal and external source and processing this information for the
purpose of facilitating the process of decision-making of the business.

MIS is not new, only the computerization is new, before computers MIS techniques existed to
supply managers with the information that would permit them to plan and control business
operations. The computer has added on more dimensions such as speed, accuracy and increased
volume of data that permit the consideration of more alternatives in decision-making process.

The component of an information system includes: a hardware which is used for input/output
process and storage of data, software used to process data and also to instruct the hand-ware
component, data bases which is the location in the system where all the organization data will be
automated and procedures which is a set of documents that explain the structure of that
management information system.

There are huge amount of information available to today’s manager and this had therefore meant
that managers are increasingly relying on management information system to access the
exploding information. Management information services helps manager to access relevant,
accurate, up-to-date information which is the more sure way of making accurate decisions. It also
helps in automation and incorporation of research and management science techniques into the
overall management information system for example probability theory.

The management information services are capable of taking advantage of the computational
ability of the company like processing, storage capacity among others.

Based on this relevancy, management information system should be installed and upgraded in
various organizations since today’s managers need them to access information for managerial
decision making and also management functions.

The scope and purpose of MIS is better understood if each part of them is defined individually,
thus

● MANAGEMENT: Management has been define in process or activities that describe

what managers do in the operation for their organization plan, organize, initiate and
control operations. They plan by setting strategies and goals and selecting the best course
of action to achieve the goals. They organize the necessary tasks for the operational plan,

10
 set these tasks up into homogenous groups and assign authority delegation; they control
the performance standards and avoiding deviation from standard.
The decision-making is a fundamental prerequisite of each of the foregoing process, the
job of MIS is facilitating decisions necessary for planning, organizing and controlling the
work and functions of the business so that specified goals of business are achieved.

Management covers the planning, control, and administration of the operations of a

concern. The top management handles planning; the middle management concentrates on
controlling; and the lower management is concerned with actual administration.
● INFORMATION: Data must be distinguished from information and the distinction is
clear and important for present purpose. Data are facts and figures that are not currently
being used in a decision-making process and usually are taken from the historical records
that are recorded and filled without immediate intent to retrieve for decision-making.

Information consists of data that have been retrieved, processed or otherwise used for
information or interference purpose, argument or as a basis forecasting or decision-
making regarding any business unit. Information is knowledge that one derives from facts
for effective functioning of systems placed in the right context with the purpose of
reducing uncertainty regarding the alternative courses of action as they are based on
description and measurement of attributes of various entities associated with the
enterprise.

Information, in MIS, means the processed data that helps the management in planning,
controlling and operations. Data means all the facts arising out of the operations of the
concern. Data is processed i.e. recorded, summarized, compared and finally presented to
the management in the form of MIS report.
● SYSTEM: The system can be described as a set of elements joined together for a
common objective. A subsystem is a part of a larger system with which one is concerned.
All systems for our purpose the organization is the system and the parts (divisions,
departments, functions, unit etc) are the subsystem.
Data is processed into information with the help of a system. A system is made up of
inputs, processing, output and feedback or control.

The system concept of MIS is, therefore one of optimizing the output of the organization
by connecting the operating subsystems through the medium of information exchange.

The Management information system (MIS) is a concept of the last two decade or two. It has
been understood and described in a number of ways. It is also known as the Information System,
the Information and Decision System, the computer based Decision System.

11
Information is the life blood of an organization, particularly in the case of system approach
management. The MIS or Information system can be define as the knowledge communicated by
others or obtained from investigation or study. It is a system providing needed information to
each manager at the right time in the right form and relevant one which aids understanding and
stimulates the action.

The MIS has more than one definition, some of which are given below:

1. The MIS is defined as a system which provides information support for decision-making
in the organization.
2. MIS is defined as an integrated system of man and machine for the providing of the
information to support the operations, the management and the decision-making function
in the organization.
3. The MIS is defined as a system based on the database of the organization evolved for the
purpose of providing information to the people in the organization.
4. MIS is a set of computer-based system and procedures implemented to help managers in
their routine job of decision-making and planning, expansion and development.
5. A management information system (MIS) is an information system used for decision-
making, and for the coordination, control, analysis, and visualization of information in an
organization; especially in a company.
6. MIS is an organized method of providing past, present and projection information
relating to internal operations and externals intelligence. It supports the planning, control
and operational functions of an organization by furnishing uniform information in proper
time frame to help the process of decision-making.
7. To the managers, Management Information System is an implementation of the
organizational systems and procedures. To a programmer it is nothing but file structures
and file processing. However, it involves much more complexity.
8. MIS means a system for processing data in order to give proper information to the
management for performing its functions.
9. Management Information System or 'MIS' is a planned system of collecting, storing, and
disseminating data in the form of information needed to carry out the functions of
management.
10. Management Information System is generally defined as an integrated user-machine
system for providing information to support operations, management and decision-
making functions in an organization. The system utilizes computer hardware and
software, manual procedure, models for analysis. Information is viewed as a resource
much like land, labor and capital. It must be obtained processed, stored, manipulated and
analyzed, distributed etc. An organization with a well-defined information system will
generally have a competitive advantage over organization with poor MIS and no MIS.

12
Though there are a number of definitions all of them converge on a single point, i.e. the MIS is a
system that support the decision-making function of the organization. The difference lies in
defining the elements of MIS. However, in today’s world, the MIS is a computerized business
processing system generating information for the people in the organization to meet the
information needs for decision-making to achieve the corporate objective of the organization.

MIS is a computer-based system that provides flexible and speedy access to accurate data. The
organizational information system which in general relates to the planning, operation and control
of an enterprise are the most important among them. MIS refers primarily to such an
organizational system which is generally large, sophisticated, structured and dynamically
evolving and of immense commercial values. A large number of programmers and system
analysts are employed by many organizations to build a variety of MIS. Thus, the education of
programmers and system analysts as well as general manager, the subject of MIS, has occupied a
key position.

The objective of MIS is to provide information for a decision support process of management. It
should help in such a way that the business goals are achieved in the most efficient manner.
Since the decision-making is not restricted to a particular level, the MIS is expected to support
all the levels of the management in conducting the business operations. Unless the MIS becomes
a management aid, it is not useful to the organization.

Modern management system relies on MIS, the complexity of business management and
competitive nature of business requires handling of business operations with skill and foresight
to advert the crisis. The management process is executed through a variety of decisions taken at
each step of planning, organizing, staffing, directing, coordinating and controlling. If the
management is able to spell out the decision required to be taken, then the MIS is designed
suitably.

The terms management information systems (MIS), information system (IS) , enterprise
resource planning (ERP), computer science, electrical computer engineering, and information
technology management (IT) are often confused. MIS is a hierarchical subset of information
systems. MIS are more organization-focused narrowing in on leveraging information technology
to increase business value. Computer science is more software-focused dealing with the
applications that may be used in MIS. Electrical computer engineering is product-focused mainly
dealing with the architecture behind computer systems. ERP software is a subset of MIS and IT
management refers to the technical management of an IT department which may include MIS.

Organizational structure and MIS

MIS has been described as a pyramidal structure, with four levels of information resources. The
levels of information would depend upon the organizational structure. The top level supports
strategic planning and policy making at the highest level of management. The second level of
information resources aid tactical planning and decision making for management control. The

13
third level supports day-to-day operations and control. The bottom level consists of information
for transaction processing. It then follows that since decision making is specific to hierarchical
levels in an organization, the information requirements at each level vary accordingly.
Thus, MIS as a support system draws upon:

∙ concepts of organization;

∙ organizational theories, principles, structure, behaviour and processes such as communication,

power and decision making; and

∙ motivation and leadership behaviour.

PHYSICAL STRUCTURE OF MANAGEMENT INFORMATION SYSTEMS

A MIS is an organized system which consists of people, hardware, and communication networks
and data sources that collects, transforms and distributes information in an organization. It is a
tool which helps mangers in making decisions by providing regular flow of accurate information
in an organization.

The physical components of an MIS include hardware, software, database, personnel and
procedures.

Hardware

Hardware consists of all physical components of a computer system like central processing unit
(CPU), input devices, output devices, storage and communication devices.

Software

Software is an interface between the information system and users of information system.
Software can be of two types’ system software and applications. The system software includes
the operating system and special purposes programs. Application is developed to achieve a
specific task. Software plays an important part in MIS.

Database

A database is a centrally managed and organized collection of data. Database helps to store data
in an organized manner and to make available to those who need that data. Database helps to
reduce duplication of data as it is centrally managed data one data can be store at one place
avoiding redundancy and duplication of data.

14
Procedures

Procedures are essential for effective use of information system. Procedures consist of various
instructions like user instructions, instructions for input preparation and operating instructions.
These instructions help in using information system effectively.

Personnel

Number of personnel is required for implementation of MIS like computer operators,

programmers, systems analysts and managers. Human beings are key requirements for
implementation of MIS. In MIS both technical and managerial level people are required for
proper implementation of MIS.

TYPES OF INFORMATION SYSTEM

The following are types of information systems used to create reports, extract data, and assist in
the decision making processes of middle and operational level managers.

● Decision support systems (DSS): are computer program applications used by middle
and higher management to compile information from a wide range of sources to
support problem solving and decision making. A DSS is used mostly for semi-
structured and unstructured decision problems.
● Executive information systems (EIS): is a reporting tool that provides quick access
to summarized reports coming from all company levels and departments such as
accounting, human resources and operations.
● Transaction processing systems: TPS is a type of MIS which records a huge volume
of recurring and routine data. They were introduced in the 1960 and are used widely
today. TPS record transactions relating to inventories, raw materials, customers and
sales. Many organizations use these systems to record day to-day transactions like
banks use these systems to record deposits and payments made into bank accounts
and Manager Use TPS to record transactions related to payments made to suppliers,
customer billing and so on. These systems help manager to determine trends in data
and help them to plan accordingly in order to achieve overall organizational
objectives.

15
 ● Operations information systems: These systems were introduced after TPS. They
access data from TPS and organize data into a useable form. They were basically
used to obtain data related to sales, inventory, and accounting and other performance
related information. Operations information systems are used to plan and schedule
production and assembly functions. They help managers to take various curial
decisions like how much raw materials to be ordered, when to schedule production
and when to assemble the final products. It also help managers to take decisions about
the manpower which will be require in the production and assembly processes.
● Expert systems: These systems uses human knowledge stored in a computer to solve
problems same as human beings. These systems recognize, formulate and solve a
problem. They also explain their solutions and learn from their experience.
● Marketing information systems are management Information Systems designed
specifically for managing the marketing aspects of the business.
● Accounting information systems are focused accounting functions.

● Human resource management systems are used for personnel aspects.

● Office automation systems (OAS): support communication and productivity in the

enterprise by automating workflow and eliminating bottlenecks. OAS may be
implemented at any and all levels of management.
● School Information Management Systems (SIMS) cover school administration,
often including teaching and learning materials.
● Enterprise resource planning (ERP) software facilitates the flow of information
between all business functions inside the boundaries of the organization and manage
the connections to outside stakeholders.
● Local Databases, can be small, simplified tools for managers and are considered to be
a primal or base level version of a MIS.

OBJECTIVES OF MIS
The goals of an MIS are to implement the organizational structure and dynamics of the
enterprise for the purpose of managing the organization in a better way and capturing the
potential of the information system for competitive advantage.
Following are the basic objectives of an MIS

16
 ● Capturing Data

● Processing Data

o making calculations with the data

o sorting data
o classifying data and
o summarizing data

● Information Storage

● Information Retrieval

● Information Propagation

CHARACTERISTICS OF MIS
Following are the characteristics of an MIS

● It should be based on a long-term planning.

● It should provide a holistic view of the dynamics and the structure of the organization.

● It should work as a complete and comprehensive system covering all interconnecting

sub-systems within the organization.

● It should be planned in a top-down way, as the decision makers or the management

should actively take part and provide clear direction at the development stage of the
MIS.

● It should be based on need of strategic, operational and tactical information of managers

of an organization.

17
 ● It should also take care of exceptional situations by reporting such situations.

● It should be able to make forecasts and estimates, and generate advanced information,
thus providing a competitive advantage. Decision makers can take actions on the basis
of such predictions.

● It should create linkage between all sub-systems within the organization, so that the
decision makers can take the right decision based on an integrated view.

● It should allow easy flow of information through various sub-systems, thus avoiding
redundancy and duplicity of data. It should simplify the operations with as much
practicability as possible.

● Although the MIS is an integrated, complete system, it should be made in such a flexible
way that it could be easily split into smaller sub-systems as and when required.

● A central database is the backbone of a well-built MIS.

CHARACTERISTICS OF COMPUTERIZED MIS

Following are the characteristics of a well-designed computerized MIS

● It should be able to process data accurately and with high speed, using various
techniques like operations research, simulation, heuristics, etc.

● It should be able to collect, organize, manipulate, and update large amount of raw data
of both related and unrelated nature, coming from various internal and external sources
at different periods of time.

● It should provide real time information on ongoing events without any delay.

● It should support various output formats and follow latest rules and regulations in
practice.

● It should provide organized and relevant information for all levels of management:
strategic, operational, and tactical.

● It should aim at extreme flexibility in data storage and retrieval.

NATURE AND SCOPE OF MIS

The following diagram shows the nature and scope of MIS

18
The actual MIS process relates to:

1. Collection
2. Organization
3. Distribution
4. Storage of wide information
5. Managerial control and analysis of data

ROLE OF MANAGEMENT INFORMATION SYSTEM

The role of the MIS in an organization can be compared to the role of heart in the body. The
information is the blood and MIS is the heart. In the body the heart plays the role of supplying
pure blood to all the elements of the body including the brain. The heart work faster and supplies
more blood when needed. It regulates and controls the incoming impure blood, processed it and
sends it to the destination in the quantity needed. It fulfills the needs of blood supply to human
body in normal course and also in crisis.

The MIS plays exactly the same role in the organization. The system ensures that an appropriate
data is collected from the various sources, processed and send further to all the needy

19
destinations. The system is expected to fulfill the information needs of an individual, a group of
individuals, the management functionaries: the managers and top management.

Here are some of the roles of the MIS:

1. The MIS satisfies the diverse needs through variety of systems such as query system,
analysis system, modeling system and decision support system.
2. The MIS helps in strategic planning, management control, operational control and
transaction processing. The MIS helps in the clerical personal in the transaction
processing and answers the queries on the data pertaining to the transaction, the status of
a particular record and reference on a variety of documents.
3. The MIS helps the junior management personnel by providing the operational data for
planning, scheduling and control , and helps them further in decision-making at the
operation level to correct an out of control situation.
4. The MIS helps the middle management in short term planning, target setting and
controlling the business functions. It is supported by the use of the management tools of
planning and control.
5. The MIS helps the top level management in goal setting, strategic planning and evolving
the business plans and their implementation.

The MIS plays the role of information generation, communication, problem identification and
helps in the process of decision-making. The MIS, therefore, plays a vital role in the
management, administration and operation of an organization.

OTHER IMPORTANT ROLE OF MIS;

1. To control the creation and growth of records

2. To reduce operating costs
3. To improve efficiency and productivity
4. To assimilate new records management technologies
5. To ensure regulatory compliance
6. To minimize litigation risks
7. To safeguard vital information
8. To support better management decision making
9. To preserve the corporate memory
10. To foster professionalism in running the business

DISADVANTAGES OF MIS

MIS is a useful tool for management for making effective decisions for an organization. But
there are many limitations of MIS which are as follows.

20
 ● MIS cannot be used independently

MIS cannot be use independently in an organization. MIS provides only information

which is useful for an organization but the interpretation and analyses of the information
requires human being and therefore MIS cannot use interpedently in an organization.

● MIS Expense

MIS helps in effective decision making process but the implementation of MIS in an
organization can be very expensive as all the divisions and processes of an organization
should be reviewed. Training of new employees for the MIS can also add up to
implementation charges. Besides this the installation charges are also huge.

● Employee Training

MIS helps in effective decision making through review of all the processes and
operations of an organization and proper trained employees are important for MIS
implementation. Employees are involved in all the operations and processes of an
organization and providing proper training to the employees will help the organization to
achieve their overall objectives.

● MIS Flexibility

MIS once installed in an organization may prove to be inflexible. And Changes in MIS
program may require huge cost

● Information Flaws

MIS helps management in effective decision making by providing information to the

management. The main disadvantage of MIS could be that MIS sometimes gives
improper or inadequate information to the management which makes it difficult for
management in making decisions.

SYNTHESIS OF MIS STRUCTURE

The structure of MIS can be described in terms of operating elements, decision support,
management activity, and organizational functions. These approaches can be synthesized into a
single MIS structure consisting of a physical and conceptual structure.

21
Physical Structure: The physical structure of an MIS consists of integrated processing
activities, software, hardware facilities, etc. It is very difficult to keep all the activities,
applications, programs, etc. completely separate. The integration activity provides various
economies and use of common modules. Integration in physical structure can be achieved by
designing various related applications as a single system, so as to simplify the number of
interconnections and reduce the duplication of input. The physical structure is also influenced by
the use of common modules for many operations.

Conceptual Structure: It is defined as the federation of functional subsystems, which is again

divided into four information processing components like transaction processing, operational
control, managerial control and strategic planning. Each functional subsystem must have some
unique data files and they are used only by the specific functional subsystem. Certain data files
are available for general use, which are arranged into a general database and managed by a
DBMS. A common software also can be introduced for various subsystems. The analytical and
decision models used by many applications, form the model for the information system.

THE OBJECTIVES OF A TOTAL SYSTEM

The main objective of MIS is to improve the management decision making, by providing
accurate and up-to date information about the key aspects of organisational performance.

The major objectives of performance management are discussed below:

▪ To enable the employees towards achievement of superior standards of work

performance.
▪ To help the employees in identifying the knowledge and skills required for performing
the job efficiently as this would drive their focus towards performing the right task in the
right way.
▪ Boosting the performance of the employees by encouraging employee empowerment,
motivation and implementation of an effective reward mechanism.
▪ Promoting a two-way system of communication between the supervisors and the
employees for clarifying expectations about the roles and accountabilities,
communicating the functional and organizational goals, providing a regular and a
transparent feedback for improving employee performance and continuous coaching.
▪ Identifying the barriers to effective performance and resolving those barriers through
constant monitoring, coaching and development interventions.
▪ Creating a basis for several administrative decisions strategic planning, succession
planning, promotions and performance-based payment.

22
 ▪ Promoting personal growth and advancement in the career of the employees by helping
them in acquiring the desired knowledge and skills.

Some of the key concerns of a performance management system in an organization are:

▪ Concerned with the output (the results achieved), outcomes, processes required for
reaching the results and also the inputs (knowledge, skills and attitudes).
▪ Concerned with measurement of results and review of progress in the achievement of set
targets.
▪ Concerned with defining business plans in advance for shaping a successful future.
▪ Striving for continuous improvement and continuous development by creating a learning
culture and an open system.
▪ Concerned with establishing a culture of trust and mutual understanding that fosters free
flow of communication at all levels in matters such as clarification of expectations and
sharing of information on the core values of an organization which binds the team
together.
▪ Concerned with the provision of procedural fairness and transparency in the process of
decision making.

The performance management approach has become an indispensable tool in the hands of the
corporates as it ensures that the people uphold the corporate values and tread in the path of
accomplishment of the ultimate corporate vision and mission. It is a forward-looking process as
it involves both the supervisor and also the employee in a process of joint planning and goal
setting in the beginning of the year.

MANAGEMENT

Management is an integral part of any organization. The survival of any organization is

dependent largely on the quality of management or administration services available.
Management can be simply defined as the organization and mobilization of all human and
material resources in a particular system for the achievement of identified objectives in the
system. The two key words are ‘human’ and materials. It is the business of management that
both human and material resources within a system should be organized and mobilized so that
the objectives of the system can be achieved to the fullest. Then administration or management
therefore influences the results to be achieved, the direction to be pursued and the priorities to be
recognized. Duker (1994) sees management as denoting a function as well as the people who
discharge it. He further regards management as:

23
 ● Taking place within a structured organizational setting and with prescribed roles.

● Directed towards the attainment of aims and objectives.

● Achieved through efforts of other people; and

● Using systems and procedure.

Management Functions
The Management functions include the following:
Fayol developed some universal principles that characterized successful administration and
management. These can be applied to organization, be it industry, education or government.
These elements are:

● P=Planning

● O=Organizing

● D=Directing

● C=Co-coordinating

● C=Controlling

Planning
This is the first step in any administrative function. It involves making arrangements for the
future. It deals on how to use time, personnel and equipment in future. The future may begin

with days, weeks, month or year. Plans are made after or goals and objectives are set. Planning is
usually regarded as a search for the best method of achieving these goals.

Organizing
The manager decides what jobs would have to be filled and the duties and responsibilities
attached to each one. Effective organization implies that the right people are assigned to the
correct jobs at the appropriate time. Activities should be assigned to individuals on the basis of
their ascertained qualification, experience and interests. On the part of the manager, a lot of
wisdom, maturity and objectivity are required.

Directing
Directing involves giving staff details on how to go about their jobs. It is not once for - all
activity but an on-going one. Officers have to be continually put on the right path.

24
Co-ordinating
This relates to the activities of different units to one another to ensure that the different activities
are met, to achieve the set objectives. Coordination occurs when the organization’s numerous
activities are planned, organized, directed and controlled.

Controlling
It is the measuring and correcting of activities are contributing to the achievement of planned
goals. Some authors have pointed out that appraisal, evaluating and supervision are the
administrator’s tools for controlling, directing and leading. These elements of management could
be seen as a cyclical event. Fayol went further to identify a list of fourteen principle upon which
the soundness and good working order of an organization depend:

● Division

● Authority

● Disciple

● Unity of command

● Unity of direction

● Subordination of individual interest to general interest

● Remuneration of personnel

● Centralization of authority

● Chain of command

● Order

● Equity

● Stability of tenure of personnel

● Initiative

● Espirit de corps

MIS EVALUATION

Perhaps the most important lesson of the past decade in the field of MIS has been the maxim that
the relative success of a system application is a direct function of the participation by
management in its design and development. McKinsey (1968) recently summarized this fact in

25
an international survey of industrial corporations, by noting three dimensions of management
system performance: technical feasibility, economic feasibility and operational feasibility. The
third dimension, conspicuously absent in system failures, roughly translates into the requirement
that the developed system be understood and used by managers.

Given that a system (application) has successfully met the tests of technical and economic
feasibility, "will managers adapt to the system, or will they resist or ignore it?" By analogy with
Professor Churchman's (1968) perspective on "systems analysis, "the principals involved in
design and development, technicians and managers, must be sensitive to each other's value
system -they should try to see the world through one another's eyes, having acquired this
"sensitivity," they should put. their relative expertise in perspective.

Within a large organization computer and data processing staff can be expected to possess a
reasonable degree of technical competence, given educational and experience credentials. Staff
technicians, however, rarely possess the broad gauge focus oflline management in understanding
the economic and environmental factors critical for the particular organization's successful
enterprise. One approach to the goals and criterion problem is to seek a general strategy
statement from management for information systems design and development, e.g., Kriebel
(1968). Another technique, that has received acceptance in a variety of forms, is illustrated by the
so-called "Study Organization Plan (SOP)" of IB4 (1963).

In brief SOP approaches a total systems study in three phases:

(1) understanding the present business,

(2) determining system requirements, and

(3) designing the now system.

The first phase of the study seeks a detailed description of the "present business "through are
economic analysis which includes: history and framework, industry background, firm goals and
objectives, firm policies and practices, government regulations, products and markets, materials
and suppliers, and resources (facilities, personnel, inventory, and financial). This description is
then summarized into a list of "activities" which are costed.

Phase2 of SOP analyzes the goals and objectives, economics, and procedure of execution for
each activity in terms of input-output requirements in operational detail. The final phase of SOP
develops specific recommendations and plans for introducing anew business system. IBM gives
five criteria for choosing activities as automatic data processing candidates, viz.:

(1) Dominant performance criteria (e.g., response time to customer inquiry).

26
(2) High affectable dollar saving

(3) Large data processing size (e.g., volumes).

(4) Inefficiencies.

(5) Management preference.

The "technique" includes some well-designed forms to assist conduct of the study at each phase,
and although the ideas are not "new" the logic is well-founded and useful in practice. In the
absence of a direct policy statement by management or an extensive economic analysis of "the
business", perhaps the most important index of the relative worth of a system application is the
criticality of the activity to the organization. Sometimes the index can be measured directly, e.g.,
cost savings or profitability; however, often it in a function of surrogate measures. The role of
surrogates as proximate criteria of performance may often be the only alternative available to the
designer, particularly, if the system application is not directly tied to a management activity --
e.g., file maintenance. Surrogate criteria can also serve in performing a "dominance analysis" of
the attributes or properties of design alternatives, in lieu of a uni-dimensional objective function.
For example, the development of proximate criteria can serve to establish bounds and constraints
on the search for design alternatives in much the same manner as a consumer product testing
organization's report of "best buys" for household items. In, this regard, the decision theory
criterion may provide a useful guideline for directing search.

It is clear today that the magnitude of the problem of MIS evaluation is going to grow during the
next decade and beyond. In the late 1950's and early 1960's clerical displacement, cost reduction
and control of administrative expense were the primary criteria applied to management data
processing system proposals. The direction and scope of MIS has long since left the domain of
administrative and accounting applications. Last year Diebold (1969) projected a time frame for
applications and evaluation criteria over the next 15 years.

What are Information Systems?

Information systems (IS) are formal, socio technical, organizational systems designed to collect,
process, store, and distribute information. In a socio technical perspective, information systems
are composed by four components: task, people, structure (or roles), and technology.
A computer information system is a system composed of people and computers that processes or
interprets information. The term is also sometimes used in more restricted senses to refer to only
the software used to run a computerized database or to refer to only a computer system.
Information Systems is an academic study of systems with a specific reference to information
and the complementary networks of hardware and software that people and organizations use to
collect, filter, process, create and also distribute data. An emphasis is placed on an information

27
system having a definitive boundary, users, processors, storage, inputs, outputs and the
aforementioned communication networks.
Information system, an integrated set of components for collecting, storing, and processing data
and for providing information, knowledge, and digital products.
Why do we need Information Systems?
Business firms and other organizations rely on information systems to carry out and manage their
operations, interact with their customers and suppliers, and compete in the marketplace.
Information systems are used to run interorganizational supply chains and electronic markets.
For instance, corporations use information systems to process financial accounts, to manage their
human resources, and to reach their potential customers with online promotions. Any specific
information system aims to support operations, management and decision-making. Information
systems are the foundation for conducting business today. In many industries, survival
and even existence without extensive use of IT is inconceivable, and IT plays a critical role in
increasing productivity. Although information technology has become more of a commodity,
when coupled with complementary changes in organization and management, it can provide the
foundation for new products, services, and ways of conducting business that provide firms with a
strategic advantage.
Six reasons why information systems are so important for business today include:
I Operational Excellence:
In order for a business to achieve high levels of profitability, they need to improve the efficiency
of their operations. Information systems is a tool that is used in order to achieve high levels of
efficiency and productivity in business operations.

II New Products, Services and Business Models:

Information systems can be used to create new products and services and also an entirely new
business model. A business model describes how a company produces, delivers and how they
sell a product or service to create wealth.

III Customer/Supplier Intimacy:

When a business provides a good product or service customers tend to return and purchase more
frequently which raises revenue and profits. The more a business engages with its suppliers, the
better the supplier can provide vital inputs which can lower costs.

IV Improved Decision-Making:
Many managers who operation in an information bank may never have the right information at
the right time to make an informed decision. This can raise costs and lose customers. However,

28
information systems allow the managers to use real-time data from the marketplace when
making decision.

V Competitive Advantage:
When a firm achieved one or more of these business objectives (operational excellence, new
products, services and business models, customer/supplier intimacy and improved decision-
making), they may have a competitive advantage. By performing better than competitors,
charging less for superior goods and responding to customers and suppliers, higher sales and
profits can be made.

VI To Day Survival:
Businesses must invest in information systems and technology as they are essential to doing
business. This necessity is caused by the industry level changes and firms need to use
information systems and technology in order to provide the capability to respond to these.

Information systems enables companies to react, respond, cater, store, retrieve, disseminate and
control their new valuable asset that is information. In the future, a good information system in a
business will no longer be an option, it will become a compulsory in determining success.

Components of an Information System

The six components that must come together in order to produce an information system are:

• Hardware: The term hardware refers to machinery. This category includes the computer
itself, which is often referred to as the central processing unit (CPU), and all of its
support equipment. Among the support, equipment are input and output devices, storage
devices and communications devices.
• Software: The term software refers to computer programs and the manuals (if any) that
support them. Computer programs are machine-readable instructions that direct the
circuitry within the hardware parts of the system to function in ways that produce useful
information from data. Programs are generally stored on some input/output medium,
often a disk or tape.
• Data: Data are facts that are used by programs to produce useful information. Like
programs, data are generally stored in machine-readable form on disk or tape until the
computer needs them.
• Procedures: Procedures are the policies that govern the operation of a computer system.
"Procedures are to people what software is to hardware" is a common analogy that is used
to illustrate the role of procedures in a system.
• People: This is the most important component. Every system needs people if it is to be
useful. Often the most overlooked element of the system; the people are probably the
component that most influence the success or failure of information systems. This
includes "not only the users, but those who operate and service the computers, those who
29
 maintain the data, and those who support the network of computers and those who design
the components of the system.
• Feedback: it is another component of the IS, that defines that an IS may be provided with
a feedback (Although this component isn't necessary to function).
Data is the bridge between hardware and people. This means that the data we collect is only data
until we involve people. At that point, data is now information.

Types of Information Systems

I Transaction Processing System (TPS)
Transaction processing systems are used to record day to day business transactions of the
organization. They are used by users at the operational management level. The main objective of
a transaction processing system is to answer routine questions such as;
- How many printers were sold today?
- How much inventory do we have at hand?
- What is the outstanding due for John Doe?
By recording the day to day business transactions, TPS system provides answers to the above
questions in a timely manner.
The decisions made by operational managers are routine and highly structured.
The information produced from the transaction processing system is very detailed.
For example, banks that give out loans require that the company that a person works for should
have a memorandum of understanding (MoU) with the bank. If a person whose employer has a
MoU with the bank applies for a loan, all that the operational staff has to do is verify the
submitted documents. If they meet the requirements, then the loan application documents are
processed. If they do not meet the requirements, then the client is advised to see tactical
management staff to see the possibility of signing a MoU.

Examples of transaction processing systems include;

Point of Sale Systems – records daily sales
Payroll systems – processing employees salary, loans management, etc.
Stock Control systems – keeping track of inventory levels
Airline booking systems – flights booking management
II Management Support Systems
- Management Information System (MIS)
Management Information Systems (MIS) are used by tactical managers to monitor the
organization's current performance status. The output from a transaction processing system is
used as input to a management information system.

The MIS system analyzes the input with routine algorithms i.e. aggregate, compare and
summarizes the results to produced reports that tactical managers use to monitor, control and
predict future performance.

30
For example, input from a point of sale system can be used to analyze trends of products that are
performing well and those that are not performing well. This information can be used to make
future inventory orders i.e. increasing orders for well-performing products and reduce the orders
of products that are not performing well.

Examples of management information systems include;

Sales management systems – they get input from the point of sale system
Budgeting systems – gives an overview of how much money is spent within the organization for
the short and long terms.
Human resource management system – overall welfare of the employees, staff turnover, etc.
Tactical managers are responsible for the semi-structured decision. MIS systems provide the
information needed to make the structured decision and based on the experience of the tactical
managers, they make judgement calls i.e. predict how much of goods or inventory should be
ordered for the second quarter based on the sales of the first quarter.

III Decision Support System (DSS)

Decision support systems are used by senior management to make non-routine decisions.
Decision support systems use input from internal systems (transaction processing systems and
management information systems) and external systems.

The main objective of decision support systems is to provide solutions to problems that are
unique and change frequently. Decision support systems answer questions such as;
- What would be the impact of employees' performance if we double the production lot at
the factory?
- What would happen to our sales if a new competitor entered the market?
Decision support systems use sophisticated mathematical models, and statistical techniques
(probability, predictive modeling, etc.) to provide solutions, and they are very interactive.

Examples of decision support systems include;

Financial planning systems – it enables managers to evaluate alternative ways of achieving goals.
The objective is to find the optimal way of achieving the goal. For example, the net profit for a
business is calculated using the formula Total Sales less (Cost of Goods + Expenses). A financial
planning system will enable senior executives to ask what if questions and adjust the values for
total sales, the cost of goods, etc. to see the effect of the decision and on the net profit and find
the most optimal way.
Bank loan management systems – it is used to verify the credit of the loan applicant and predict
the likelihood of the loan being recovered.
• Artificial intelligence techniques in business
Artificial intelligence systems mimic human expertise to identify patterns in large data sets.
Companies such as Amazon, Facebook, and Google, etc. use artificial intelligence techniques to
identify data that is most relevant to you.
31
Let's use Facebook as an example, Facebook usually makes very accurate predictions of people
that you might know or went with to school. They use the data that you provide to them, the data
that your friends provide and based on this information make predictions of people that you
might know.

Amazon uses artificial intelligence techniques too to suggest products that you should buy also
based on what you are currently getting.
Google also uses artificial intelligence to give you the most relevant search results based on your
interactions with Google and your location.

These techniques have greatly contributed in making these companies very successful because
they are able to provide value to their customers.

• Online Analytical Processing (OLAP)

Online analytical processing (OLAP) is used to query and analyze multi-dimensional data and
produce information that can be viewed in different ways using multiple dimensions.

Let's say a company sells laptops, desktops, and Mobile device. They have four (4) branches A,
B, C and D. OLAP can be used to view the total sales of each product in all regions and compare
the actual sales with the projected sales.

Each piece of information such as product, number of sales, sales value represents a different
dimension

The main objective of OLAP systems is to provide answers to ad hoc queries within the shortest
possible time regardless of the size of the datasets being used.

• Business intelligence (BI) systems:

Can turn data into valuable insights. This kind of technology allows for faster, more accurate
reporting, better business decisions and more efficient resource allocation. Another major benefit
is data visualization, which enables analysts to interpret large amounts of information, predict
future events and find patterns in historical data.

• Enterprise resource planning (ERP) software:

used to collect, manage and analyze data across different areas, from manufacturing to finance
and accounting. This type of information system consists of multiple applications that provide a
360-degree view of business operations. NetSuite ERP, PeopleSoft, Odoo and Intacct are just a
few examples of ERP software.

32
Like other information systems, ERP provides actionable insights and helps you decide on the
next steps. It also makes it easier to achieve regulatory compliance, increase data security and
share information between departments. Additionally, it helps to ensure that all of your financial
records are accurate and up-to-date.

Over the years, there have been defined some main types of information systems, but a number
of new technologies have been developed and new categories of information systems have
emerged.
Some examples of such systems are:

• data warehouses
• enterprise resource planning
• enterprise systems
• expert systems
• search engines
• geographic information system
• global information system
• accounting information systems
• office automation.

Activities of Information Systems

Any business, big or small, must have a system in place to collect, process, store and share data.
In the past, these tasks required a lot of time and paperwork. Today, companies use modern
technology to streamline and automate these operations. Information systems are now playing a
crucial role in data processing and decision making. When used correctly, they can positively
impact an organization's overall performance and revenue.

The Benefits of Information Systems

I Modern technology can significantly boost your company's performance and
productivity. Information systems are no exception. Organizations worldwide rely on them to
research and develop new ways to generate revenue, engage customers and streamline time-
consuming tasks.

II With an information system, businesses can save time and money while making smarter
decisions. A company's internal departments, such as marketing and sales, can communicate
better and share information more easily.

III Since this technology is automated and uses complex algorithms, it reduces human error.
Furthermore, employees can focus on the core aspects of a business rather than spending hours
collecting data, filling out paperwork and doing manual analysis.

33
IV Thanks to modern information systems, team members can access massive amounts of
data from one platform. For example, they can gather and process information from different
sources, such as vendors, customers, warehouses and sales agents, with a few mouse clicks.

V At the end of the day, information systems can give you a competitive advantage and
provide the data you need to make faster, smarter business decisions. Depending on your needs,
you can opt for transaction processing systems, knowledge management systems, decision
support systems and more. When choosing one, consider your budget, industry and business size.
Look for an information system that aligns with your goals and can streamline your day-to-day
operations.

VI Essential organizational capabilities are enabled or enhanced by information systems.

These systems provide support for business operations; for individual and group decision
making; for innovation through new product and process development; for relationships with
customers, suppliers, and partners; for pursuit of competitive advantage; and, in some cases, for
the business model itself (e.g., Google). Information systems bring new options to the way
companies interact and compete, the way organizations are structured, and the way workplaces
are designed. In general, use of Web-based information systems can significantly lower the costs
of communication among workers and firms and cost-effectively enhance the coordination of
supply chains or webs. This has led many organizations to concentrate on their core
competencies and to outsource other parts of their value chain to specialized companies. The
capability to communicate information efficiently within a firm has led to the deployment of
flatter organizational structures with fewer hierarchical layers.

Nevertheless, information systems do not uniformly lead to higher profits. Success depends both
on the skill with which information systems are deployed and on their use being combined with
other resources of the firm, such as relationships with business partners or superior knowledge in
the industrial segment.

Careers in Information Systems

The field of information systems is expanding and there are career opportunities in business,
government, non-profit organizations, and education. A degree in information systems provides
you with a wide range of career opportunities. Career choices range from very technical
positions in network administration or programming to more communication-oriented
employment in training or help desk support. A few of the possibilities are described below:

• Network Administration
Network administrators are responsible for the technical support of an organization’s network
infrastructure. This profession includes such tasks as designing the network structure,
establishing and maintaining servers, designing cabling, validating users, providing security, and
ensuring the ongoing day-to-day operations of the network.
34
 • Network Support Personnel
Networks come in many variations and network systems and data communications analysts
analyze, design, test, and evaluate systems such as local area networks (LAN), wide area
networks (WAN), Internet, Intranets, and other data communications systems. These analysts
perform network modeling, analysis and planning; they also may research related products and
make necessary hardware and software recommendations. Telecommunications specialists focus
on the interaction between computer and communications equipment.

• Systems Analysts
Systems analysts identify opportunities for improvement in business processes and design
computer and systems related solutions. Those in this profession help their clients define
technology-related needs and design a system that is most appropriate for them. They help an
organization realize the maximum benefit from its investment in equipment, personnel, and
business processes. This may include planning and developing new computer systems or
devising ways to apply existing systems' resources to additional operations. Systems analysts are
projected by the U.S. Department of Labor to be one of the top three growth occupations from
the years 2000-2010.

• Consultants
Many companies, such as Accenture, Deloitte-Touche, IBM and Unisys, provide advice to their
clients that are attempting to use information technology more effectively. These companies hire
information systems majors to serve as consultants for their clients. Consultants act as systems
analysts, programmers, database administrators, and troubleshooters for their clients. Consultants
work on short and long-term projects frequently reengineering processes or instituting
continuous quality improvement methods.

• Computer Programmers
Computer programmers design, write, test, and maintain the detailed instructions, called
programs, that computers must follow to perform their functions. Many technical innovations in
programming—advanced computing technologies and sophisticated new languages and
programming tools—have redefined the role of a programmer and elevated much of the
programming work done today.

• Database Support Personnel

With the Internet and electronic business creating tremendous volumes of data, there is growing
need to be able to store, manage, and extract data effectively. Database administrators work with
database management systems software and determine ways to organize and store data. They set
up computer databases and test and coordinate changes. It is the responsibility of a database
administrator to ensure performance, security, accuracy and integrity of the organization’s
database. A data analyst works with database administrators, systems analysts and programmers
35
to identify the best method of storing data for an organization. A data analyst is usually
responsible for designing the underlying data structures for an organization. With the volume of
sensitive data generated every second growing rapidly, data integrity, backup, and keeping
databases secure have become an increasingly important aspect for organizations. Some
organizations have created a special position, a data security specialist to handle the increasingly
difficult job of maintaining data security.

• Computer Support Specialists

Computer support specialists provide technical assistance, support, and advice to customers and
other users. This group includes technical support specialists and help-desk technicians. These
troubleshooters interpret problems and provide technical support for hardware, software, and
systems. They answer phone calls, analyze problems using automated diagnostic programs, and
resolve recurrent difficulties. Support specialists may work either within a company that uses
computer systems or directly for a computer hardware or software vendor. Increasingly, these
specialists work for help-desk or support services firms, where they provide computer support on
a contract basis to clients. Computer support specialists and systems administrators are projected
by the U.S. Department of Labor to be among the fastest growing occupations over the year
2000-2010 period.

• Web/Internet Support Specialists

The growth of the Internet and expansion of the World Wide Web, the graphical portion of the
Internet, have generated a variety of occupations related to design, development, and
maintenance of Web sites and their servers. For example, webmasters are responsible for all
technical aspects of a website, including performance issues such as speed of access, and for
approving site content. Internet developers or web developers, also called web designers, are
responsible for day-to-day site design and creation.

• Training
Ubiquitous information systems have created a growing need for education about the most
effective use of the technology. Training personnel are needed to help users on a one-to-one
basis, in small groups and in large classroom formats.

• Technical Sales and Support

Computer hardware, software and networking vendors such as IBM, Unisys, Hewlett-Packard,
Oracle, Microsoft, and Sun Microsystems required competent sales and support personnel. Many
vendors prefer to hire personnel who understand the technology and are comfortable selling to
technical professionals. This is a high-paying career option for those people who combine good
communication skills, technical knowledge, with the ability to speak comfortably and easily with
others.

36
Lecture 3
WHAT IS INFORMATION TECHNOLOGY

Information technology (IT) is the use of computers to store, retrieve, transmit, and manipulate
data, or information, often in the context of a business or other enterprise. IT is considered to be
a subset ICT(Information and Communication Technology).

An information technology system (IT system) is generally an information system, a

communications system or, more specifically speaking, a computer system – including all
hardware, software and peripheral equipment – operated by a limited group of users.

Information technology (IT) – microelectronics based combination of computing and

telecommunications technology to treat information, including in the acquisition, processing,
storage and dissemination of vocal, pictorial, textual and numerical information.

It is defined by the Information Technology Association of America (ITAA) as "the study,

design, development, implementation, support or management of computer-based information
systems, particularly software applications and computer hardware."

Humans have been storing, retrieving, manipulating, and communicating information since the
Sumerians in Mesopotamia developed writing in about 3000 BC, but the term information
technology in its modern sense first appeared in a 1958 article published in the Harvard Business
Review; authors Harold J. Leavitt and Thomas L. Whisler commented that "the new technology
does not yet have a single established name. We shall call it information technology (IT)."

Their definition consists of three categories: techniques for processing, the application of
statistical and mathematical methods to decision-making, and the simulation of higher-order
thinking through computer programs.

WHAT IS MANAGEMENT

Management (or managing) is the administration of an organization, whether it is a business, a

not-for-profit organization, or government body. Management includes the activities of setting
the strategy of an organization and coordinating
the efforts of its employees (or of volunteers) to accomplish its objectives through the application
of available resources, such as financial, natural, technological, and human resources. The term
"management" may also refer to those people who manage an organization.

37
INFORMATION TECHNOLOGY MANAGEMENT

IT management is the process of overseeing all matters related to information technology

operations and resources within an IT organization. IT management ensures that all technology
resources and associated employees are utilized properly and in a manner that provides value for
the organization.

Effective IT management enables an organization to optimize resources and staffing, improve

business processes and communication and enforce best practices. Individuals working in IT
management must also demonstrate abilities in such general management areas as leadership,
strategic planning and resource allocation.

The central aim of IT management is to generate value through the use of technology. To
achieve this, business strategies and technology must be aligned. IT Management is different
from management information systems. The latter refers to management methods tied to the
automation or support of human decision making. IT Management refers to IT related
management activities in organizations. MIS is focused mainly on the business aspect, with a
strong input into the technology phase of the business/organization.

A primary focus of IT management is the value creation made possible by technology. This
requires the alignment of technology and business strategies. While the value creation for an
organization involves a network of relationships between internal and external environments,
technology plays an important role in improving the overall value chain of an organization.
However, this increase requires business and technology management to work as a creative,
synergistic, and collaborative team instead of a purely mechanistic span of control.

Historically, one set of resources was dedicated to one particular computing technology, business
application or line of business, and managed in a silo-like fashion. These resources supported a
single set of requirements and processes, and couldn’t easily be optimized or reconfigured to
support actual demand. This led technology providers to build out and complement their product-
centric infrastructure and management offerings with Converged Infrastructure environments
that converge servers, storage, networking, security, management and facilities. The efficiencies
of having this type of integrated and automated management environment allows enterprises to
get their applications up and running faster, with simpler manageability and maintenance, and
enables IT to adjust IT resources (such as servers, storage and networking) quicker to meet
unpredictable business demand.

IT MANAGERS
38
IT managers have a lot in common with project managers but their main difference is one of
focus: an IT manager is responsible and accountable for an ongoing program of IT services while
the project manager's responsibility and accountability are both limited to a project with a clear
start and end date.

Most IT management programs are designed to educate and develop managers who can
effectively manage the no planning, design, selection, implementation, use, and administration of
emerging and converging information and communications technologies. The program
curriculum provides students with the technical knowledge and management knowledge and
skills needed to effectively integrate people, information and communication technologies, and
business processes in support of organizational strategic goals.

The importance of IT management is to understand managing data. There are also difficulties IT
managers must overcome. The amount of data is increasing and most of the data is collected by
different departments and separated between organizations. This implies that they may not be
using the same method or procedure. Data security, quality and integrity is the most informant in
receiving information. The sources have an impact also on the sources obtained; they may be
internal or external. When the information structures do not transfer properly with each other that
can result in unreliable data.

An important part to understand in an IT management is Data Governance. It is an approach to

managing information across the entire organization or company. Many will also need to know
master data management, which is a process that spans all of the companies’ processes and
business. Without a structure your company will not be able to function properly. Applying these
processes in Data bases, it is your job to be able to communicate with other departments systems
and develop precise communication and holding your organization accountable of certain data
issues. Your design and programs helps increase design and technical knowledge throughout the
business.

IT ARCHITECTURE

IT (Enterprise) architecture defines the enterprise’s mission, the information necessary to

perform the mission, and the processes for implementing new ITs in response to business
changes. To function in the big, cloudy, mobile and social world, companies need a well-
designed set of plans—a blueprint—to guide and govern software add-ons and upgrades,
hardware, systems, networks, cloud services, and other IT. These blueprints are known as IT
architectures, or enterprise architectures. Having the right architecture in place cuts IT costs
significantly and increases productivity by giving decision makers access to information,
insights, and ideas where and when they need them.
39
The overall goal of information management is the design and implementation of a well–planned
out IT architecture, policies, and procedures needed to effectively and efficiently support the
information and decision needs of an organization. Business information is generally scattered
throughout an enterprise, in separate ISs dedicated to specific purposes such as enterprise
resource planning, supply chain optimization, or customer relationship management.

Major organizations have over 100 repositories (storage areas) of information. In many
companies, the integration of these disparate ISs is limited—as is users’ ability to access all the
information they need. Providing easy access to large volumes of information is just one of the
challenges facing organizations. Managing information effectively is an equally tough task.
Despite all the information flowing through companies, executives, managers, and workers
throughout the organization often struggle to find the information they need to make sound
decisions or do their jobs.

The days of simply managing structured data are over. Now, organizations must manage semi-
and unstructured content, which may be of questionable data quality, from external sources—
mostly social media and the Internet. CIOs must ensure data security and compliance with
continually evolving regulatory requirements, Issues of information access, management, and
security must also deal with information degradation and disorder—where people do not
understand what data means

COMPONENTS OF IT ARCHITECTURE

1 Business architecture:
The processes the business uses to meet its goals.

2 Application architecture:
How specific applications are designed and how they interact with each other.

3 Data architecture:
How an enterprise’s data stores are organized and accessed.

4 Technical architecture:
The hardware and software infrastructure that supports applications and their interactions.

The IT architecture reduces the risk of buying or building ISs that are incompatible and
unnecessarily costly to maintain and integrate—and continuously evolves toward the desired or
target architecture, The target architecture is a vision of the future that evolves in advance of it
being achieved. Therefore, at no time will a specific target architecture ever be achieved.
40
An IT architecture defines the following:

1. The organization’s mission, business functions, and future direction

2. Information and information flows needed to perform the mission

3. Processes for implementing new ITs in response to business changes

4. The current baseline architecture

5. The desired target architecture

6. The sequencing plan, which consists of the short- and long-term strategies formanaging the
change from baseline to target architecture

USES AND BENEFITS OF IT ARCHITECTURE

• Maintain a close alignment between IT deliverables and business requirements.

• Improve ability to respond quickly to business changes.

• Develop closer partnerships between business and IT groups.

• Reduce the risk of failed or unnecessary ISs.

• Reduce complexity of existing ISs.

• Improve agility of new IT systems.

• Ensure that legal and regulatory requirements are being met.

INFORMATION SYSTEMS AND INFRASTRUCTURE

Data, or raw data, refers to a basic description of products, customers, events, activities, and
transactions that are recorded, classified, and stored. Data are the raw material from which
information is produced; and the quality, reliability, and integrity of the data must be maintained
41
for the information to be useful. Examples are the number of hours an employee worked in a
certain week or the number of new Toyota vehicles sold in the first quarter of 2013.

A database is a repository that consists of stored data organized for access, search, retrieval, and
update. Information is data that has been processed, organized, or put into context so that it has
meaning and value to the person receiving it. For example, the quarterly sales of new Toyota
vehicles from 2010 through 2014 is information because it would give some insight into how the
vehicle recalls during 2009 and 2010 impacted sales. Information is an organization’s most
important asset, second only to people.

Knowledge consists of data and/or information that have been processed, organized, and put into
context to be meaningful, and to convey understanding, experience, accumulated learning, and
expertise as they apply to a current problem or activity. Knowing how to manage a vehicle recall
to minimize negative impacts on new vehicle sales is an example of knowledge. In its broadest
sense, IT describes an organization’s collection of information systems, their users, and the
management that oversees them. Often the term information technology is used interchangeably
with information system (IS). ISs collect (input) and process data, distribute reports (outputs),
and support decision making and business processes.

THREATS TO INFORMATION SYSTEM SECURITY

Unauthorized Access

One of the most common security risks in relation to computerized information systems is the
danger of unauthorized access to confidential data .The main concern comes from unwanted
intruders, or hackers, who use the latest technology and their skills to break into supposedly
secure computers or to disable them .A person who gains access to information system for
malicious reason is often termed of cracker rather than a hacker.

Computer Viruses

Computer virus is a kind of nasty software written deliberately to enter a computer without the
user’s permission or knowledge ,with an ability to duplicate itself ,thus continuing to
spread .Some viruses do little but duplicate others can cause severe harm or adversely affect
program and performance of the system .Virus program may still cause crashes and data loss .In
many cases ,the damages caused by computer virus might be accidental ,arising merely as the
result of poor programming .Type of viruses ,for example ,worms and Trojan horses .

Theft

42
The loss of important hardware, software or data can have significant effects on an
organization’s effectiveness .Theft can be divided into three basic categories: physical theft, data
theft, and identity theft.

Sabotage

With regard to information systems , damage may be on purpose or accidental and carried out an
individual basis or as an act of industrial sabotage .Insiders have knowledge that provide them
with capability to cause maximum interruption to an agency by sabotaging information
systems .Examples include destroying hardware and infrastructure ,changing data ,entering
incorrect data ,deleting software ,planting logic bombs ,deleting data ,planting a virus .

Vandalism

Deliberate damage cause to hardware, software and data is considered a serious threat to
information system security .The threat from vandalism lies in the fact that the organization is
temporarily denied access to someone of its resources .Even relatively minor damage to parts of
a system can have a significant effect on the organization as a whole.

Accidents

Major of damage caused to information systems or corporate data arises as a result of human
error .Accidental misuse or damage will be affected over time by the attitude and disposition of
the staff in addition to the environment .Human errors have a greater impact on information
system security than do manmade threats caused by purposeful attacks .But most accidents that
are serious threats to the security of information systems can be mitigated.

CHALLEGES TO INFORMATION MANAGEMENT IN THE ORGANIZATION

1. Data silos:

Information can be trapped in departments’ data silos (also called Information silos), such as
marketing or production databases. They are called silos because their data are not accessible by
other ISs that need it or outside that department. Since silos are unable to share or exchange data,
they cannot consistently be updated. When data are inconsistent across multiple enterprise
applications, data quality cannot (and should not) be trusted without extensive verification.

Data silos exist when there’s no overall IT architecture to guide IS investments, data
coordination, and communication. Data silos support a single function, and as a result, do not
support an organization’s cross functional needs. For example, most health care organizations are

43
drowning in data, yet cannot get reliable, actionable insights from this data. Physician notes,
registration forms, discharge summaries, documents, and more are doubling every five years.

Unlike structured machine-ready data, this is messy data that takes too much time and effort for
healthcare providers to include in their business analysis. So valuable messy data are routinely
left out. Millions of patient notes and records sit inaccessible or unavailable in separate clinical
data silos because historically there’s been no easy way to analyze it.

2. Lost Or Bypassed:
Data can get lost in transit from one IS to another. Or data might never get captured because of
inadequately tuned data collection systems, such as those that rely on sensors or scanners. Or the
data may not get captured in sufficient detail.

3. User-Fierce Formats:
Despite all the talk about user-friendly interfaces, some ISs are horrible to deal with. Poorly
designed interfaces or formats that require extra time and effort to figure out increase the risk of
errors from misunderstanding the data or ignoring it.

4. Non-standardized:
Data formats are not displayed in a uniform way or standardized format. These situations can
make data analysis and comparisons difficult or impossible and increase the risk of errors. For
example, if the Northeast division reports monthly net sales per product, you cannot compare
their performance without extensive additional data analysis.

Consider the extra effort needed to compare temperature-related sales, such as air conditioners,
when some temperatures are expressed in Fahrenheit degrees and others in Centigrade degrees.

5 Moving Targets:
The information that decision makers want keeps changing—and changes faster than ISs can
respond to because of the first four reasons in this list. Tracking tweets, YouTube hits, and other
human information requires expensive investments—which managers find risky in an economic
downturn.

These situations persist when investing in information management—done correctly—is not a

priority. Companies undergoing fast growth or merger activity or those with decentralized
systems (each division or business unit manages its own IT) end up with a patchwork of
reporting processes. As you’d expect, patchwork systems are more complicated to modify, too
rigid to support an agile business, and yet are expensive to maintain.

44
Lecture 4
THE GLOBALLY INTEGRATED ENTERPRISE

Beyond Multinational
The multinational corporation (MNC), often seen as a primary agent of globalization, is taking
on a new form, one that is promising for both business and society. From a business perspective,

45
this new kind of enterprise is best understood as “global” rather than “multinational.” The
corporation has evolved constantly during its long history. The MNC of the late twentieth
century had little in common with the international firms of a hundred years earlier, and those
companies
Were very deferent from the great trading enterprises of the 1700s. The type of business
organization that is now emerging—the globally integrated enterprise—marks just as big a leap.
Global Integration
The shift from multinational corporation to globally integrated enterprise has assumed two
distinct forms. The first has involved changes in where companies produce things; the second,
changes in who produces them. Until recently, companies generally chose to produce goods
close to where they sold them. As a consequence, most foreign investments targeted specific
foreign markets. Today, overseas investments continue to be made with a view to gaining access
to important sources of foreign demand, but companies are investing more to change the way
they supply the entire global market. The global integration of production cuts costs and taps
new sources of skills and knowledge.
Systemic Changes
The globally integrated enterprise will require fundamentally deferent approaches to production,
distribution, and work-force deployment. This is already happening. Because new technology
and business models are allowing companies to treat their deferent functions and operations as
component pieces, firms can pull those pieces apart and put them back together again in new
combinations, based on strategic judgments about which operations the company wants to excel
at and which it thinks are best suited to its partners. These decisions are not simply a matter of 4

46
avoiding noncore activities, nor are they mere labor arbitrage. They are about actively managing
deferent operations, expertise, and capabilities so as to open the enterprise up in multiple ways,
allowing it to connect more intimately with partners, suppliers, and customers. The extraordinary
growth of service firms providing specialized expertise makes this possible
Opportunities and Challenges
The globally integrated enterprise can deliver enormous economic benefits to both developed
and developing nations. The integration of the work force in developing countries into global
systems of production is already raising living standards, improving working conditions, and
creating more jobs in those countries. Small and medium-sized businesses everywhere,
particularly, are benefiting: as new services— from administration to sales support—create
infrastructures once only adorable to large organizations, these businesses can now
participate in the global economy.
The opportunities for more such stories are enormous. But shifting to the model of globally
integrated enterprises also presents big challenges for leaders in every sector of society. The very
fact that so many more people all over the world are gaining equal access to the production
process and the marketplace means much more trade and competition. Although this will create
wealth and opportunity, it will also bring disruption and fear, both of which could threaten global
integration. Legitimate concerns about job loss and skill shortages must be addressed in realistic
and constructive ways. The single most important challenge in shifting to globally integrated
enterprises—and the consideration driving most business decisions today—will be securing a
supply of high-value skills. Nations and companies alike must invest in better basic educational
and training programs. New kinds of managerial skills are also needed. Hierarchical, command-
and-control approaches simply do not work anymore. They impede information flows inside
companies, hampering the fluid and collaborative nature of work today.
A second important step will be the sensible regulation of intellectual property worldwide. On
the one hand, piracy deprives individual inventors of their rights and incentives, and it must be 5

47
curtailed. On the other hand, collaboration between corporations and their partners, suppliers,
and customers—a key feature of contemporary innovation and of the integration of technologies
and business models—must be encouraged and protected. A balance between these two interests
must be struck—and it must be enforced consistently worldwide. Otherwise, the huge innovative
potential of a globally integrated economy will be diluted. Intellectual property will become one
of the key geopolitical issues of the twenty-first century. Fortunately, some promising new
approaches are being tested. Already, focus has begun to shift from protecting intellectual
property, which calls for limiting use, to maximizing intellectual capital, which is based on
shared ownership, investment, and capitalization.
A third challenge will be to figure out how to maintain trust in enterprises based on
increasingly distributed business models. A company’s standards of governance, transparency,
privacy, security, and quality need to be maintained even when its products and operations are
handled by a dozen organizations in as many countries. A reliance on hierarchies contained
within one function, enterprise, or nation must be supplemented by new ways of establishing
trust, based on shared values that cross borders and formal organizations.
Finally, global corporate integration will involve significant changes in organizational culture,
new forms of partnership among multiple enterprises and segments of society, and many new
standards for managing a much more complex marketplace. These changes—which are as
momentous as the shift from the vertical integration and mass production of a century ago to
today’s integrated supply chains—will take time. The globally integrated enterprise is an
inherently better and more profitable way to organize business activities, but capital markets are
awash with money invested for short-term returns. Moving toward the globally integrated
enterprise will require long-term vision and continuous investment from business leaders—as
well as a focus not on prospective returns but on real earnings that generate capital for growth
and innovation. It will also call for patience and understanding from stockholders. 6

48
ENTERPRISE MANAGEMENT
Enterprise Management is an innovative business management solution geared to improve
productivity in distribution, manufacturing goods and services. Enterprise management is a term
used for modern examples of ERP that allow businesses to manage vital day-to-day processes
such as inventory management, accounting, human resources and customer relationship
management (CRM). Enterprise management supports how different business units work by
sharing information through a shared database.
Enterprise Management is a procedure to manage IT Project along with various other changes
they go under while growth and also test environment to live production environment. Enterprise
management plays a major function in taking care of modifications in the IT community. It has a
lot of benefits in the direction of the management of the IT community. It works as an end-to-end
release and project administration, uses cross job partnership and alignment, recognizes the task
risks and many more.
The Importance of Enterprise Management
• • It helps in Achieving Group Goals: It arranges the factors of production, assembles
and organizes the resources, integrates the resources in effective manner to achieve goals.
• • Optimum Utilization of Resources: Management utilizes all the physical & human
resources productively. This leads to efficacy in management.
• • Reduces Costs: It gets maximum results through minimum input by proper planning
and by using minimum input & getting maximum output. This helps in cost reduction.
• • Establishes Sound Organization: To establish sound organizational structure is one of
the objectives of management which is in tune with objective of organization and for fulfillment
of this, it establishes effective authority & responsibility relationship.
• • Establishes Equilibrium: It enables the organization to survive in changing
environment. It keeps in touch with the changing environment. With the change is external
environment, the initial co-ordination of organization must be changed. It is responsible for
growth and survival of organization.
• Essentials for Prosperity of Society: Efficient management leads to better economical
production which helps in turn to increase the welfare of people. Organization comes with new
products and researches beneficial for society.

It also increases responsiveness of the business which indirectly enhances the product
dependencies. Every business working with the IT ecosystem are totally dependent on the
responsive approach of their business. It leads to the better & responsive approach which would
help you enhance the Business.
The value of enterprise management to growing businesses
If you’ve been working in the business technology space, you may well have encountered the
acronym ERP, and heard that this technology is a vital backbone to enterprises and mid-sized
businesses.
ERP stands for enterprise resource planning. It is also known as enterprise management software
– allowing growing, medium and large businesses to manage vital day-to-day processes such as
49
inventory management, accounting, human resources and customer relationship management
(CRM). At the most basic level, you can say enterprise management software supports how
different business units work by sharing information through a shared database.
How can enterprise management software be powerful for your business?
This depends on the needs of your business and industry it’s part of – and that’s why
implementations of ERP can vary so much.
However, we can drill down to some of the core ways enterprise management software can help
employees of all organizations work more effectively through smashing the barriers between
business units.
1. It allows you to see your data in a single place

Instead of using multiple pieces of software to get information, integration into one single
database allows managers to see what’s happening to every side of the business – from finance
and HR to sales, inventory and distribution. 8

2. It can update data in real time

It can be invaluable for managers and employees to see a global, real-time view of data. Without
enterprise management, you might not know how much inventory a business has and what it
requires at a given moment in time. For many industries, such as manufacturing and distribution,
this information is crucial.
3. It can help maintain existing customers and find new ones

With one source of information for both billing and relationship tracking, it allows a business to
serve customers better, as well as automate certain processes, which can free up time for
employees to spend on more useful activities.
Problems with ERP
One reason why there seems to be confusion around ERP is due to the changes in the way the
software has been implemented in the past.
ERP has been criticized for taking a long time to implement, as well as being expensive and
difficult to use.
Also, many businesses would naturally have their own specific requirements for an ERP
solution, which would require extra customization and the need for more money to be spent.
Today though, we have enterprise management software that is much more robust and
comprehensive than the ERP solutions we’ve seen in the past, supporting more functions within
an organization that are very often industry-specific.
Also, in the past decade, software-as-a-service or cloud computing has made enterprise
management software easier to implement for organizations that want to see both short and long-
term business benefits, with prices falling for newer and mid-sized businesses.
However, do consider that many companies (particularly in the enterprise space) will still opt for
on-premise solutions due to their specific business requirements.
50
However, if you’re thinking about enterprise management for your growing organization, here
are some basic tips to get started.
1. Get the support you need

A new enterprise management software implementation is a big decision for any organization, so
it’s important that there is boardroom or upper management support. Obviously, they don’t need
to know every technical detail but they should at least be aware of issues that delay or could
cause problems for a project.
2. Have a clear list of requirements

You’ll need to understand the scope of the project, the specific business processes that will be
affected and the technical requirements required. This means it will be much easier for enterprise
management software vendors to tailor proposals that match what you need.
3. Think about usability, mobile users and security

You want your employees to successfully use the system you choose, so make sure you bring in
a solution that is easy to use. Make sure mobile and security are considered – you’ll likely have
people trying to access your shiny new enterprise management system via a smartphone or
outside of the office.
4. Carefully evaluate your options

Make sure you pick an enterprise management software solution that works for your business,
rather make any kind of decision based on big promises and a dazzling sales pitch. You need to
use the research as well as input from stakeholders to make a judgement that provides you with a
system that is accepted and used by your employees.
5. Understand what you want to customise and why

Reputable vendors will generally offer enterprise management software solutions that are
customisable, or ready for the demands of different industries. The business objectives and
demands for retailers for instance, might be very different from advertising firms. 10

51
Challenges in Enterprise Management
Managers and owners of very small enterprises face many challenges in managing their
businesses. These challenges can include financing the business, creating products that appeal to
customers, finding and retaining qualified employees, completing various objectives and even
keeping abreast of laws and regulations. The managers that are most successful in meeting
adversity have a conceptual knowledge of business functions. They are familiar with marketing,
product development and the responsibilities of all departments.
1. Finance: One of the foremost challenges in managing an enterprise is financing it. Running a
successful business requires a significant amount of capital especially during the start-up phase.
Sole proprietors and partners must finance their businesses from their savings. Corporations must
rely on the interest and investment of shareholders.
2. Identification: Business Managers must properly identify the needs of their consumers or
business customers. That way, they can create the right products and features to satisfy those
needs. Identifying customer needs can largely be accomplished through marketing research
surveys.
3. Function: Business Management faces challenges in finding qualified employees to fill
employment needs, especially during economic boom periods. Regardless of the economy,
companies will always vie with key competitors for the most experienced and educated workers.
4. Considerations: Managers that are best at completing projects have excellent organization
skills. They know how to break projects into various tasks, then allocate a certain time period for
these tasks. Managers that are most effective with time management also know how to delegate
tasks to their subordinates and hold them accountable for the completion of these tasks.
5. Prevention/Solution: Small enterprise owners will always face certain challenges with federal
regulations as well as local and state laws.
11

52
WHAT IS GLOBAL MANAGEMENT?
Global management refers to the way an organization manages its business internationally,
including its sales, marketing, hiring and finance practices.
As technology continues to connect the world, many organizations have taken advantage of the
opportunity to conduct business globally. Global management combines knowledge of business,
culture, history and social practices to help companies find their niches in the international
business community and successfully work with other cultures.
As a global manager, you'll not only need to understand business principles, but you'll also need
a firm grasp of the local customs, professional life and regional policies of the countries that your
company wants to partner with. Many companies also look for managers who speak multiple
languages and have experience representing more than one country, as well as those who are
willing to move from one location to another.
Important Facts About Global Managers Bilingual, clear written and spoken
Key Skills communication, attention to detail, problem
solving, social awareness, leadership,
organization, observation, negotiation
Work Environment Predominately office settings with extensive
travel mixed in
Similar Occupations Account executives; account mangers;
business development directors; directors of
sales and marketing; general / operations
managers; national account managers
Job Duties and Skills
Working as a global manager, you'll be in the unique position of managing a company's business
and staff in a land that may have vastly different cultural and professional customs. In many
regions, managers are needed to help companies tailor their business to the local culture. For
example, as a global manager, you might need to learn the hiring practices of another country or
12

53
the specific way that people communicate in the workplace to avoid potentially offending or
confusing your foreign colleagues. You'll then need to train other employees in appropriate
practices, such as pitching products to foreign customers in a polite manner consistent with their
culture.
In order to carry out their jobs effectively, global managers need strong communication and
interpersonal skills. They need to be highly sensitive to and respectful of cultural differences.
Having an open mind and complex critical thinking skills is also essential.
Training Programs
If you want to receive a global management education, graduate programs are offered by a
number of accredited business schools. Some bachelor's degree programs are available, though
graduate certificate and degree programs are the most commonly offered. Global management
training can be offered as part of a Master of Business Administration (MBA) or Master of
Public Administration (MPA) program. You also can earn a Master of Science in Global
Management.
MANAGEMENT CHALLENGES IN THE GLOBAL ENTERPRISE
- PRINCIPLES OF MANAGEMENT
We have just seen that there are clear advantages to going global, and an increasing number of
firms are doing just that. However, managing a global enterprise represents a significant
challenge. When a firm goes global, it encounters a whole set of decisions that managers in
purely domestic enterprises do not face. These decisions include
1. whether to treat the world as a single market or customize the firm’s products to reflect
differences across nations;
2. the best mode for entering a foreign market;
3. where to locate different business activities; and
4. how best to manage subsidiaries. Here we look at each issue in turn.
13

54
GLOBAL STANDARDIZATION OR LOCAL CUSTOMIZATION
One of the most important decisions managers face is whether to treat the world as a single
market or customize products for different nations. When a firm treats the world market as a
single entity, selling the same basic product around the globe, we say that it is pursuing a global
standardization strategy. Alternatively, when an enterprise varies some aspect of its products
or marketing messages to take country or regional differences into account, we say that it is
pursuing a local customization strategy.
The global standardization strategy enables a firm to realize substantial scale economies by
mass-producing a standardized output and using the same marketing strategy worldwide.
However, such a strategy ignores local differences in consumer tastes and preferences, local
business systems and culture, and so on. If such differences are profound, the firm may do better
with a local customization strategy, even though that may mean fewer scale economies and
higher costs. Choosing between these strategic postures is not easy, and firms often seek a
balance between standardization and customization.
ENTRY MODE
There are five main modes for entering a foreign market:
• • Exporting

• • Licensing

• • Franchising

• • entering a joint venture with a local enterprise

• • and setting up a wholly owned subsidiary.

Exporting involves producing a good at home and then shipping it to another country.
Licensing involves an enterprise licensing a foreign firm to produce its product in a country or
region in return for royalty fees on any sales that the licensee makes.
Franchising is similar to licensing, but here what is licensed to the foreign enterprise is not the
right to produce a physical good, but the right to offer a service in a particular format.
Franchising is popular among fast-food enterprises (like McDonald’s and KFC) as well as
international hotel chains. 14

55
Joint ventures are agreements between a firm and its foreign partner to establish a new
enterprise, the joint venture, in which they each take an equity stake.
Wholly owned subsidiaries are foreign subsidiaries that are 100 percent owned by the firm.
The choice between these different entry modes is complex, and a full discussion is beyond the
scope here. A few brief points can be made, however. First, exporting is a good strategy when
the firm can mass-produce at a single location, thereby realizing economies of scale and
lowering its costs. In this regard, exporting is consistent with a global standardization strategy.
But many firms have found advantages to producing in local markets. Basing production in a
country or region can facilitate local customization (because products are designed and built
closer to where customers are), and it may be more politically acceptable to produce locally.
For example, Toyota has set up production facilities in all its major markets—Japan, North
America, and Europe. These facilities produce products that are customized to local
requirements. Thus Toyota’s European operation makes small cars designed for European
customers and not sold in the United States. Similarly, Toyota products sold in America, such as
the Toyota Tundra truck, are not made or sold in Europe. Toyota also established production
facilities in America and Europe to reduce the threat that high levels of exports from Japan might
result in the imposition of trade barriers.
Second, licensing is not often used, primarily because it gives the firm little ongoing
involvement in a foreign market beyond the current licensing contract. In addition, many firms
are reluctant to license products that incorporate valuable technology because they fear that
ultimately the licensee might develop its own version of the technology and no longer need to
license from the firm. To forestall this possibility, many firms enter using other modes.
Third, joint ventures are favored when a local partner can bring valuable expertise to the
partnership, such as local market knowledge. In addition, in some countries a joint venture may
be more acceptable to the government than a wholly owned subsidiary. This was certainly the
case in China for a while, and many early Western entrants into the Chinese market began with
joint ventures. The problem with joint ventures, however, is that disputes betweenpartners over
strategy and investments can lead to their failure. 15

56
Fourth, although wholly owned subsidiaries involve the highest up-front cost (the firm must
bear all costs of opening a foreign market), this entry mode gives the firm maximum control over
the future direction of the subsidiary. Moreover, the firm captures all profits from the venture, as
opposed to having to share them with a joint venture partner or taking only a share of them in the
form of royalty payments from a licensee. Thus many managers prefer to enter foreign markets
through a wholly owned joint venture.
Even when a product is manufactured elsewhere and exported to a country, they might still
establish a wholly owned subsidiary to market, sell, and distribute the product in that country.
LOCATING ACTIVITIES
Another key decision is where to locate the various activities of the enterprise. As we have seen,
there are advantages to dispersing the activities of an enterprise to locations around the globe
where they can be performed most efficiently. Making the right choice involves two steps. First,
managers have to break the operations of the firm into discrete steps or activities— such as
product design, purchasing, production, marketing, sales, service and customer care, and so on.
Second, each activity has to be located in the best place given a consideration of factors such as
country differences in labor costs and infrastructure, transportation costs, tariff barriers, likely
currency exchange rates, and strategic orientation. Managers need to evaluate the cost of
performing an activity at a given location and how much value can be added to a product at a
certain location—which is not easy.
Moreover, the attractiveness of key locations changes over time. Ten years ago, for example, few
American software firms outsourced software testing and debugging activities toIndian
companies. Now such a move is commonplace. Similarly, as discussed in the introduction, only
in the last few years have American accounting firms started to outsource the work associated
with compiling individual tax returns to accountants located in India. 16

57
58
59
60
61
\

62
63
64
65
66
Lecture 5: ENTERPRISE SYSTEMS
Enterprise systems (ES) are large-scale application software packages that support business
processes, information flows, reporting, and data analytics in complex organizations. While ES
are generally packaged enterprise application software (PEAS) systems they can also be
bespoke, custom developed systems created to support a specific organization's needs.
Types of enterprise systems include:
• • enterprise resources planning (ERP) systems,

• • enterprise planning systems, and

• • customer relationship management software.

Although data warehousing or business intelligence systems are enterprise-wide packaged

application software often sold by ES vendors, since they do not directly support execution of
business processes, they are often excluded from the term.
Enterprise systems are built on software platforms, such as SAP’s NetWeaver and Oracle's
Fusion, and databases.
From a hardware perspective, enterprise systems are the servers, storage and associated software
that large businesses use as the foundation for their IT infrastructure. These systems are designed
to manage large volumes of critical data. These systems are typically designed to provide high
levels of transaction performance and data security.
1. Enterprise resource planning (ERP) is the integrated management of core business
processes, often in real-time and mediated by software and technology.

ERP is usually referred to as a category of business management software — typically a suite of

integrated applications—that an organization can use to collect, store, manage, and interpret data
from these many business activities.
ERP provides an integrated and continuously updated view of core business processes using
common databases maintained by a database management system. ERP systems track business
resources—cash, raw materials, production capacity—and the status of business commitments:
orders, purchase orders, and payroll. The applications that make up the system share data across
various departments (manufacturing, purchasing, sales, 20

67
accounting, etc.) that provide the data. ERP facilitates information flow between all business
functions and manages connections to outside stakeholders.
Enterprise system software is a multibillion-dollar industry that produces components supporting
a variety of business functions. IT investments have become the largest category of capital
expenditure in United States-based businesses over the past decade. Though early ERP systems
focused on large enterprises, smaller enterprises increasingly use ERP systems.
The ERP system integrates varied organizational systems and facilitates error-free transactions
and production, thereby enhancing the organization's efficiency. However, developing an ERP
system differs from traditional system development. ERP systems run on a variety of computer
hardware and network configurations, typically using a database as an information repository.
2. Enterprise Planning System covers the methods of planning for the internal and external
factors that affect an enterprise.

These factors generally fall under PESTLE. PESTLE refers to political, economic, social,
technological, legal and environmental factors. Regularly addressing PESTLE factors falls under
operations management. Meanwhile, addressing any event, opportunity or challenge in any one
or many factors for the first time will involve project management.
As opposed to enterprise resource planning (ERP), enterprise planning systems have broader
coverage. Enterprise planning systems address the resources that are available or not available to
an enterprise and its ability to produce products or resources and/or provide services. It also
considers those factors that will positively or negatively affect the firm's ability to run these
actions.
Enterprise planning systems will tend to vary and are flexible. These are due to the periodic and
adaptive nature of strategy formation. These will also have tactical aspects. Typically, enterprise
planning systems are part of a firm's knowledge base or corporate structure whether it formally
identified and structured or simply executed these when the need appeared. 21

68
3. Customer-relationship management (CRM) is an approach to manage a company's
interaction with current and potential customers. It uses data analysis about customers' history
with a company to improve business relationships with customers, specifically focusing on
customer retention and ultimately driving sales growth.

One important aspect of the CRM approach is the systems of CRM that compile data from a
range of different communication channels, including a company's website, telephone, email,
live chat, marketing materials and more recently, social media. Through the CRM approach and
the systems used to facilitate it, businesses learn more about their target audiences and how to
best cater to their needs.

69
Lecture 6
PLANNING AND IMPLEMETING CHANGE
Planning for Change
A plan is predetermined course of action. It combines organizational goals and the activities
necessary to achieve those goals. Proper planning for change in information system is a key
ingredient in avoiding disaster in the management of organizational resources and in
ensuring that strategic management objectives are met. Each time we plan, we try to
anticipate the future. We postulate various sets of decisions that are interrelated in a complex
way and evaluate the outcome of these sets of decisions before accepting any of them and
believing that the particular one chosen would yield a positive or favorable outcome.
Prior to the implementation of change in any organization, there will a proper planning
because if change is not implemented correctly, the results can range from inconvenient to
disastrous, such as inefficiencies, duplicated efforts, and lost business opportunities.

Analyze the
Organization’s
Environment

Establish Mission Develop

Forecast Internal Articulate the
and External Goals Strategies Organization’s
Development Objective Plan
Policies

Evaluate Develop
Accomplishment Implementations
and Resources Methods and
Control

Feedback
Organizational Planning Process
Types of Planning
Planning efforts must be divided into three types:
⮚ Strategic Planning

70
⮚ Tactical Planning

⮚ Operational Planning

Strategic Planning: Strategic planning is an organizational management activity that is

used to set priorities, focus energy and resources, strengthen operations, ensure
that employees and other stakeholders are working toward common goals, establish
agreement around intended outcomes/results, and assess and adjust the organization's
direction in response to a changing environment. A strategic plan is a document used to
communicate with the organization the organizations goals, the actions needed to achieve
those goals and all of the other critical elements developed during the planning
exercise. It is a disciplined effort that produces fundamental decisions and actions that
shape and guide what an organization is, who it serves, what it does, and why it does it,
with a focus on the future. Effective strategic planning articulates not only where an
organization is going and the actions needed to make progress, but also how it will know
if it is successful.

Tactical Planning: Tactical information systems planning builds on the strategies

developed in the strategic planning stages. It produces project proposals for the
development of new or improved information systems that implement the information
technology architecture created at the strategic planning level. The project proposals are
evaluated, ranked, and fitted into a multilayer development plan. Tactical planning is
done for setting short term goals and action plan in order to achieve the long term goals
set by the strategic planning in a company. The horizon is hence shorter than the strategic
plans and this type of planning is generally executed by independent departments or
company functions. Thus the tactical planning is the prerogative of Middle/departmental
level managers in an organization.
Tactics are generally flexible in nature according to the strategy of the company and less
risk is associated with the failures of the tactical plans. Unlike the strategic plans which
when fail, do great harm to the company, the tactical plans are changeable from time to
time and thus do less harm to the company if gone wrong. Tactics are generally flexible
in nature according to the strategy of the company and less risk is associated with the
failures of the tactical plans. Unlike the strategic plans which when fail, do great harm to
the company, the tactical plans are changeable from time to time and thus do less harm to
the company if gone wrong. Flexibility is the main characteristic of the tactical plans.

Operational Planning: The purpose of the Operational Plan is to provide organization

personnel with a clear picture of their tasks and responsibilities in line with the goals and
objectives contained within the Strategic Plan. It is the process by which administrators
ensure that resources are obtained and used effectively and efficiently in the

71
 accomplishment of the strategic objectives. Operational planning focuses on present
resources, operational problems, and stability. Operational objectives are usually
program, project, and staff-oriented and are directed at required internal activity and
outcome. It is designed to obtain the desired ends with a minimal or efficient use of
organizational and societal resources using methods that stay within policy constraints.
The Difference between Strategic Plans and Operational Plans

Strategic Plans Operational Plans

A general guide for the management of A specific plan for the use of the
the organization organization’s resources in pursuit of
the strategic plan

Suggests strategies to be employed in Details specific activities and events

pursuit of the organization’s goals to be undertaken to implement
strategies

Is a plan for the pursuit of the mission in Is a plan for the day-to-day
the longer term (3 - 5 years) management of the organization (one
year time frame)

A strategic plan enables management to An operational plan should not be

formulate an operational plan. formulated without reference to a
strategic plan

The strategic plan, once formulated, Operational plans may differ from
tends not to be significantly changed year to year significantly
every year

The development of the strategic plan is The operational plan is produced by

a responsibility shared and involves the chief executive and staff of the
different categories of stakeholders. organization.

Facts to Consider Prior to the Implementation of Change

72
⮚ Think about your reasons for change: Write down why you believe your business
needs change and what you need to change. List the problems, risks, weaknesses or
inefficiencies that you have identified as being threats to business growth.
⮚ Test your argument for change: Measure your reasons for change against your business
and market knowledge to ensure the argument for change is strong. Consider the list of
problems you have identified and review your market research, business strategy and
business records to revisit and refine your argument for change. Consider whether your
information source is reliable.
⮚ List the steps you need to take: Describe the actions required to make changes that will
last - and that will address the problems you have identified. Consider whether there are
any other options that can help you overcome the problems and achieve the gains you
need.
⮚ State your case: Undertake a cost-benefit analysis and write out your argument for
change. This will help you show your staff that you have considered all other options,
and secure their trust and confidence in your change decision.
⮚ Set and clarify project goals: Consider the outcomes you want to achieve through your
change process and define a clear set of goals. These goals should describe how you want
your business to look, operate, behave and position itself in the market. For example,
your goals might identify the market share you want to achieve, the kind of operating
environment you want to create, or the reputation and relationship you want with your
customers.
⮚ Set your targets: Your targets should define what you want to achieve and when you
want to achieve it. Establish a series of targets that help you realize each of your goals.
⮚ Establish change management objectives: Your objectives should focus on the kind of
change environment you want to create for your staff. Your objectives might define the
level of commitment, involvement and motivation you want to secure from your staff.
⮚ Identify critical stages or milestones: Define the stages of your change process. These
stage descriptions will help you identify the steps you need to take to reach each of your
goals and targets. From here, you can develop an action plan that helps you bring your
change process to life.

Implementation of Technical Change

Implementation is a process that carries out plans for changes the business use of
information technology developed in the planning process. Implementation begins after

73
 management gives the go ahead for the proposed plan for changes in the business
information systems. Any new way of doing things generates some resistance by the
people affected thus; managers who are interested in implementing technical change in
their group or organization should have or be able to obtain people with skills,
knowledge, and training in at least two areas:

⮚ Diagnosis

⮚ Implementation

Diagnosis: The first and most important stage of any change effort is diagnosis. The
skills of diagnosis involve techniques for asking the right questions, sensing the
environment of the organization, establishing effective patterns of observation and data
collection, and developing ways to process and interpret data. In diagnosing the change,
managers should attempt to find out what is actually going on or happening in a
particular situation; and what is likely to be happening in the future if no change effort is
made.
Implementation: The implementation process involves:

⮚ Identifying alternative solutions and appropriate implementation strategies to use

in attempting to reduce the discrepancy between what is actually happening and
what you would like to be happening.
⮚ Anticipating the probable consequences of using each of the alternative strategies.

⮚ Choosing a specific strategy and implementing it.

Techniques for Implementing Change in an Organization

As an organization grows and evolves, it will experience change. Implementing change can be a
challenge if improper techniques are used. Developing efficient ways to introduce and
implement change can ease the stress your staff feels when change is introduced, and it can also
help your vendors, customers and business partners adjust to any changes in the way you do
business. Changing a business doesn't always happen easily, but it need not be painful.
Furthermore, change must occur in any industry. Government regulations sometimes force
changes to occur. Pressure or demand from the public also plays a role in driving change. New
methods of production and the increasing need to "go green" and develop an online presence
strongly inspire change as well. While change can pose a challenge, instituting it can make your
business even more competitive.

⮚ Determine Roles: To plan for changes, you must determine who will play which role.
Determine who has a say in deciding which changes to adopt. Outline your procedures

74
 for handling possible changes. Hold a meeting with the group of people you identify as
the principal players to discuss their roles and the overall process of adopting changes.

⮚ Decide on Changes: Involve all stakeholders in a dialogue about possible changes. If

considering redesigning a product, for instance, consult with the people who manufacture
product components as well as engineers and marketing professionals. Determine which
changes will maximize profits without sacrificing other essential objectives, such as
environmental and social well-being. Then develop a plan for implementing these
changes. Decide how you'll adapt to changing system or resource requirements, and
develop a backup plan.

⮚ Create a Drive for Change: Share reasons why the change must occur with all
employees and stakeholders. Identify threats that the change would resolve, and
opportunities you can take advantage of by making the change. Share solid evidence to
back up your claims. This process will create a sense of urgency throughout the
organization for implementing the change. Give all involved the information they need to
implement the change as well.

⮚ Implement and Monitor the Change: Remind everyone of his role as your company
begins to implement the change. Those in charge of monitoring the change must do so
closely, communicating with other involved parties. They must develop clear, thorough
reports about the progress of the change, and share them in stakeholder meetings.
Evaluate the progress of the change regularly, and modify the plan as needed.

⮚ Recognize Short-Term Objectives: Keep people motivated and inspired by recognizing

the objectives you've met as a team. When people know which stage you've reached and
what must occur next, change will continue to happen more smoothly.

⮚ Share Your Progress: Share your company's progress with stakeholders and the public
once you've implemented the change. This may mean distributing and promoting a new
product, or sharing the fact that you're using all-organic ingredients. Distribute press
releases to the media and hold meetings with stakeholders to share the news, or do so in a
newsletter.

⮚ Build on Your Vision: Once you've fully implemented the change, don't grow lax about
monitoring it. Continue reviewing progress reports on the change. Discuss what your

75
 company can continue to improve, and continue to challenge yourselves to step beyond
your initial goal.

Resistance to Change
Organizational change efforts often run into some form of human resistance. Although
experienced managers are generally all too aware of this fact, surprisingly few take time before
an organizational change to assess systematically who might resist the change initiative and for
what reasons. Instead, using past experiences as guidelines, managers all too often apply a
simple set of beliefs—such as “engineers will probably resist the change because they are
independent and suspicious of top management.” This limited approach can create serious
problems. Because of the many different ways in which individuals and groups can react to
change, correct assessments are often not intuitively obvious and require careful thought.

Of course, all people who are affected by change experience some emotional turmoil. Even
changes that appear to be “positive” or “rational” involve loss and uncertainty. 4Nevertheless, for
a number of different reasons, individuals or groups can react very differently to change—from
passively resisting it, to aggressively trying to undermine it, to sincerely embracing it.

To predict what form their resistance might take, managers need to be aware of the four most
common reasons people resist change. These are a desire not to lose something of value, a
misunderstanding of the change and its implications, a belief that the change does not make
sense for the organization, and a low tolerance for change.

Reason why People Resist Change in Organizations

76
 ⮚ Misunderstanding and lack of trust: People also resist change when they do not
understand its implications and perceive that it might cost them much more than they will
gain. Such situations often occur when trust is lacking between the person initiating the
change and the employees.

⮚ Parochial self-interest: One major reason people resist organizational change is that they
think they will lose something of value as a result. In these cases, because people focus
on their own best interests and not on those of the total organization, resistance often
results in “politics” or “political behaviour.”

⮚ Different assessments: Another common reason people resist organizational change is

that they assess the situation differently from their managers or those initiating the
change and see more costs than benefits resulting from the change, not only for
themselves but for their company as well.

⮚ Low tolerance for change: People also resist change because they fear they will not be
able to develop the new skills and behaviour that will be required of them. All human
beings are limited in their ability to change, with some people much more limited than
others. Organizational change can inadvertently require people to change too much, too
quickly.

Dealing with Resistance to Change

Many managers underestimate not only the variety of ways people can react to organizational
change, but also the ways they can positively influence specific individuals and groups during a
change.

77
⮚ Education and Communication: One of the most common ways to overcome resistance to
change is to educate people about it beforehand. Communication of ideas helps people
see the need for and the logic of a change. The education process can involve one-on-one
discussions, presentations to groups, or memos and reports.

⮚ Participation and Involvement: If the initiators involve the potential resisters in some
aspect of the design and implementation of the change, they can often forestall resistance.
With a participative change effort, the initiators listen to the people the change involves
and use their advice.

⮚ Facilitation and Support: Another way that managers can deal with potential resistance to
change is by being supportive. This process might include providing training in new
skills, or giving employees time off after a demanding period, or simply listening and
providing emotional support.

⮚ Negotiation and Agreement: Another way to deal with resistance is to offer incentives to
active or potential resisters. For instance, management could give a union a higher wage
rate in return for a work rule change; it could increase an individual’s pension benefits in
return for an early retirement.

⮚ Explicit and Implicit Coercion: Finally, managers often deal with resistance coercively.
Here they essentially force people to accept a change by explicitly or implicitly
threatening them (with the loss of jobs, promotion possibilities, and so forth) or by
actually firing or transferring them. As with manipulation, using coercion is a risky
process because inevitably people strongly resent forced change. But in situations where
speed is essential and where the changes will not be popular, regardless of how they are
introduced, coercion may be the manager’s only option.

78
Lecture 7:INTRODUCTION
Definition – What does IT Management mean?
IT management is a broad term applied to the many different kinds of systems and resources
needed to support a business-IT architecture. IT management can be applied to hardware setups
and specific IT infrastructure, as well as to staffing and support services for infrastructure and to
software products that help control hardware systems.
WHAT IS INFORMATION TECHNOLOGY SECURITY MANAGEMENT?
IT Security Management has evolved into an essential element in the 21st century workplace.
Organizations thrive and gain competitive advantage using information technology by way of
information systems and other electronic means. The ability to secure these systems is critical. IT
Security Management is the practice of protecting information systems from internal and
external network attacks. The core elements of IT Security Management have a core based on the
CIA Triad, which includes the following:
Confidentiality – ensuring that those that have access are the only person(s) that can view
information
Integrity – ensuring information is not modified or deleted by unauthorized users or systems
Availability– ensuring that systems and information is available to those that require access at
all times required
These IT professionals have primary responsibilities that include the utilization of the CIA Triad
principles to ensure information systems are secure. There are many ideas and thoughts of what
makes a system secure, but the IT Security Management industry follows standards and
guidelines to ensure consistency and effective means to securing critical systems.
INFORMATION RISK MANAGEMENT
This is a process which involves the assessment of the risks an organization must deal with in the
management and protection of assets, as well as the dissemination of the risks to all appropriate
stakeholders. This of course requires proper asset identification and valuation steps, including
evaluating the value of confidentiality, integrity, availability, and replacement of assets. As part
of information security management, an organization may implement an information security
management system and other best practices found in the ISO/IEC 27001, ISO/IEC 27002, and
ISO/IEC 27035 standards on information security.
RISK MANAGEMENT AND MITIGATION
Managing information security in essence means managing and mitigating the various threats
and vulnerabilities to assets, while at the same time balancing the management effort expended
on potential threats and vulnerabilities by gauging the probability of them actually occurring. A

79
meteorite crashing into a server room is certainly a threat, for example, but an information
security officer will likely put little effort into preparing for such a threat.
After appropriate asset identification and valuation has occurred [2] , risk management and
mitigation of those assets involves the analysis of the following issues.
THREATS:
Unwanted events that could cause the deliberate or accidental loss, damage, or misuse of
information assets
VULNERABILITIES:
How susceptible information assets and associated controls are to exploitation by one or more
threats
IMPACT AND LIKELIHOOD:
The magnitude of potential damage to information assets from threats and vulnerabilities and
how serious of a risk they pose to the assets; cost–benefit analysis may also be part of the impact
assessment or separate from it
MITIGATION:
The proposed method(s) for minimizing the impact and likelihood of potential threats and
vulnerabilities.
Once a threat and/or vulnerability has been identified and assessed as having sufficient
impact/likelihood to information assets, a mitigation plan can be enacted. The mitigation method
chosen largely depends on which of the seven information technology (IT) domains the threat
and/or vulnerability resides in. The threat of user apathy toward security policies (the user
domain) will require a much different mitigation plan than one used to limit the threat of
unauthorized probing and scanning of a network (the LAN-to-WAN domain).
THE FOLLOWING ARE INFORMATION MANAGEMENT SUB-PROCESSES AND
PROCESS OBJECTIVES:
Designing Security Controls: To design suitable organizational and technical measures to
guarantee the availability, integrity and confidentiality of an organization's data, information and
IT services
Security Testing: To ensure that all security mechanisms are subjected to regular testing
Managing Security Incidents: To identify and fight intrusions and attacks and also to minimize
damages incurred due to security breaches

80
Security review: To review whether the safety measures and processes are still in accordance
with risk perceptions from the business side, and also to validate whether these safety measures
and processes are consistently managed and tested.
The ITIL terms and information objects that are widely used in the security management process
in order to signify process inputs and outputs are as follows:

● Availability/IT service continuity management (ITSCM)/security testing schedule

● Correlation rules and event filtering

● Information security policy

● Information security report

● Security management information system (SMIS)

● Test report

● Underpinning Information security policy

● Security advisories

● Security alert

STEPS FOR MANAGING CYBER SECURITY

Although the media loves a shady computer hacker story. usually adorned with images of a man
in a hoodie sitting in a dark room, the reality is that rogue employees can often do much more
damage to an organization’s data integrity.
The insider threat can come from, malicious actors, whether that’s an Edward Snowden, who
leaks information for normative reasons, or someone who sells off personal information. But
commonly it’s just regular employees engaging in risky behaviour without realising.
What is the biggest threat to the security of your business? Well in fact it is human apathy and
ignorance, Latrobe University associate professor Sara Smyth told last week’s ConnectExpo tech
conference.

81
An attack can be as simple as someone calling up an employee, pretending to be a colleague, and
asking for confidential information, a password, perhaps, or customer data. This makes people an
organisation’s biggest security weakness, as convicted-hacker-turned-security-consultant Kevin
Mitnick has pointed out:
A company can spend hundreds of thousands of dollars on firewalls, intrusion detection systems
and encryption and other security technologies, but if an attacker can call one trusted person
within the company, and that person complies, and if the attacker gets in, then all that money
spent on technology is essentially wasted. It’s essentially meaningless. Clicking fake links in
emails is another soft spot, as the Democrats found out in the United States election. Phishing is
such a problem for Australia Post, where many employees don’t seem to care about the risks,
that its IT department recently took to testing whether they should scare reckless staff by making
it appear their computer had been locked with ransom ware.
Software developers and vendors want us to think that the secret to cyber security is better
security technologies, but in fact it’s not, Smyth says. It’s not up to the security geeks sitting the
corner of the room, it’s up to the management of organisations to have effective training,
education and risk management procedures.
While she does not advocate throwing the technology out the window. It’s obviously necessary,
it needs to be combined with policies that promote security awareness alongside good behaviours
that protect the overall security of the organisation.
There’s even new software that can identify anomalous behaviour among employees. it looks
weird if Jane from HR is accessing a certain file at 3am, for example but what if a rogue
employee is acting within the scope of their authorised activities?
One problem is that a lot of employees and contractors have access to too much information,
Smyth explains. Perhaps you need to have a policy in place, or a strategy in place initially to
review the scope of that authority, and to perhaps quarantine some of that information. To not
allow some employees to bring their own devices to work, to not allow them to take confidential
information off premises.
Well-meaning staff who create cyber security risks through negligence are the most insidious,
she says.
That can result from a lack of understanding about internal security policies, or the absence of
policies altogether, or a lack of communication of those policies to staff by management.
A recent study by Cisco found that as many as two-thirds of employees have done things that can
put their company’s IT security at risk like walking away from their computer without logging
off, leaving the organisation with corporate data copied to their tablet, smartphone or a USB, or
moving files to dropbox without permission. Leaving computer passwords in open sight. Losing
devices like a laptop.

82
The good news is that negligence can at least be reduced through education and communication.
SMYTH SUGGESTS FIVE STEPS TO MANAGE CYBER SECURITY THREATS:
1. Identify And Evaluate Risks:
Prevention is the best way to mitigate against cyber threats, figure out what your risks are and
put a plan in place.
Obviously an organization’s assets can’t be protected if their value and loss is not well
understood. You first need to ask yourself, what does cyber security mean for this organization?
Smyth asks. Is it possible that at least part of the system is susceptible to compromise through
cyber attacks?
Organizations need to question whether, in the event of malicious or inadvertent damage, from
malware or hacking or some other disruption that takes their systems offline, their data is secure,
she notes. Is the information only available to those who have the authority to access it? Who are
the threat actors who could target your organization? Are they insiders or outsiders, or both?
Has your agency been targeted in the past? Is there corporate memory of past incidents, and if
not, can you learn from others who have been targeted?
2. Assess Ability To Shoulder Risk:
Organizations need to work out what the risks are, but how those risks impact vital
infrastructure.
What is the value of your data and where is it located? What part of the data is critical to the
functioning of your business? Smyth asks “What data can you absolutely not afford to have
compromised or lost?”
Although it can be difficult to quantify how much money might be saved by investing in cyber
security measures and thus may not always look appealing to managers trying to reduce costs, a
serious breach can put the entire organization at risk. It makes sense financially to pay money to
secure that data, she argues.
3. Develop And Implement Risk Reduction Measures:
Who is protecting your organisation’s data? Who is responsible for the day to day management
of data security? Do you have someone internally? If not, do you need to hire someone outside
the organisation? questions Smyth.
Do you even have a cyber risk management strategy, and have you tested it out, or had it
externally audited? And this means that you need to clearly identify your cyber security risk
requirements and trace how those requirements are being met or not met, right through the
supply chain to the end user or customer.

83
She also recommends thinking about cyber insurance. The premium for cyber insurance, a
relatively new phenomenon, will often be lowered if an organisation has already taken risk
mitigation steps first.
4. Implement, Monitor And Revise:
You need to have a process for reviewing and updating cyber security policies and
communicating those to your staff. You need to measure and track whether those policies are in
fact working, and you need to consider compliance measures, including those that are required
by your insurance policy.
5. Disclose Risks And Strategies:
You need, of course, to advise your employees and brief them about what to do in the event of an
attack. You need to implement employee awareness and training seminars within your
organization. It’s important to ensure senior managers are setting the right tone for the
organisation, communicating good cyber security policy and practicing what they preach.
Cyber security, is more than just an IT issue. It affects the entire organisation, and requires a
response from the whole organisation.
We know that cyber criminals spend a lot of time thinking about how to improve their success
rates, reduce costs and take advantage of new innovations. It makes it very difficult for us to
predict what will happen.
INFORMATION SECURITY MANAGEMENT SYSTEM
The information security management system (ISMS) represents the collation of all the
interrelated/interacting information security elements of an organization so as to ensure policies,
procedures, and objectives can be created, implemented, communicated, and evaluated to better
guarantee an organization's overall information security. This system is typically influenced by
organization's needs, objectives, security requirements, size, and processes. An ISMS includes
and lends to effective risk management and mitigation strategies. Additionally, an organization's
adoption of an ISMS largely indicates that it is systematically identifying, assessing, and
managing information security risks and "will be capable of successfully addressing information
confidentiality, integrity, and availability requirements. However, the human factors associated
with ISMS development, implementation, and practice (the user domain) must also be
considered to best ensure the ISMS' ultimate success.
IMPLEMENTATION AND EDUCATION STRATEGY COMPONENTS
Implementing effective information security management (including risk management and
mitigation) requires a management strategy that takes note of the following;
1. Upper-level management must strongly support information security initiatives, allowing
information security officers the opportunity "to obtain the resources necessary to have a

84
 fully functional and effective education program" and, by extension, information security
management system.

2. Information security strategy and training must be integrated into and communicated
through departmental strategies to ensure all personnel are positively affected by the
organization's information security plan.

3. A privacy training and awareness " risk assessment" can help an organization identify
critical gaps in stakeholder knowledge and attitude towards security.

4. Proper evaluation methods for "measuring the overall effectiveness of the training and
awareness program" ensure policies, procedures, and training materials remain relevant.

5. Policies and procedures that are appropriately developed, implemented, communicated,

and enforced "mitigate risk and ensure not only risk reduction, but also ongoing
compliance with applicable laws, regulations, standards, and policies."

6. Milestones and timelines for all aspects of information security management help ensure
future success.

Without sufficient budgetary considerations for all the above—in addition to the money allotted
to standard regulatory, IT, privacy, and security issues—an information security management
plan/system can not fully succeed.

85
Lecture 8
THE CONCEPT OF ETHICS
The notion of ethics is regularly drawn upon in the context of expected patterns of behaviours
written or unwritten, consistent with generally accepted standards for those to whom it may
concern. However, there are various perspectives on the concept of ethics. Griffin cited in
Agbonifoh (2002) defines the concept as an individual’s personal belief about what is right or
wrong, good or bad. Conversely, Miner (2002) defined ethics as right or wrong actions that
stems from the value and expectation of society. Mintz and Morris (2007) notes that ethics are
acceptable standards of behaviour that define how people ought to act (i.e. prescriptive) not how
people really act (i.e. descriptive).
Nevertheless, the generic sociological meaning of the concept of ethics seems to provide a
common ground for most of them. Sociologically speaking, ethics are provided in order to
render behaviour intelligible and to “prevent conflicts from arising by bridging the gap between
action and expectation” (Scott & Lyman, 1968).
In the context of an operational definition with regards to professions, Ethics generally refers to
those principles and codes of behaviour that guide the conduct of any profession. The term
usually carries along moral values, normative judgments and moral obligations. At any rate,
every profession possesses its own ethics. However, there are some commonalities in
professional ethics. These ethics that are common derive from the general expectations of the
public from either a public officer or a professional practitioner. The issue of ethics usually goes
along with allocation of value judgment such as good or bad; right or wrong. Fisher (2004)
defines the concept as an individual’s personal belief about what is right or wrong, good or bad.
It is the arbiter of an individual’s evaluation of the “rightness” or otherwise of his or her actions.
Though often regarded as subjective, it is traceable to the foundation of an individual’s belief
system and judged within context. Conversely, Logsdon and Yuthas (1997) notes that the
ethical stance of a firm is constructed based on the expectation of society, that is, the legitimate
claims made by the constituencies to whom the firm interacts. According to Hanekom (1984),
the question of ethics is one that is linked with the history of mankind. Ethics deals with the
character and conduct and morals of human beings. It deals with good or bad, right or wrong
behaviour. It evaluates conduct against some absolute criteria and puts negative orpositive values
on it. It is the reflective study of what one ought to do, or how one ought to live. Erondu,
Sharland and Okpara (2004) hold that the study of “ethics” focuses on issues of practical

86
decision making, including the nature of ultimate value, and standards by which a human action
can be judged right or wrong, good or bad. For Adenubi (1999), ethics applies to any system or
theory of moral values or principles. For Beauchamp and Bowie (2001), ethics is the general
term referring to both moral beliefs and ethical theory on human conduct
Ethics is a reflection on morality. It refers to the principles of right and wrong in making choices
by individuals. It has been described as the art and science that seeks to bring sensitivity and
methods to the discernment of moral values (Carbo, 2006). Thus, ethics guide human and
societal behavior. Capuro (2006) had no difficulty in asserting that ethics is an unending quest on
explicit and implicit use of the moral code.
It can also be describe as the rules of conduct or moral principles that are recognised in respect to
a particular class of human action or a particular group, culture, profession.

ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Before now, business success was built on the ability to move goods and services with speed and
accuracy. Today, information has become the fuel that propels business success. Information
technology has been defined as the processing and distribution of data using computer hardware,
software, telecommunications and digital electronics.
As noted by Carbo (2006) ethical considerations for ICT related issues first appeared under the
topic ‘’information ethics’’ in the Annual Review of Information Science and Technology in
1992. This suggests that there is an ethical agenda associated with the use of ICT. The impact of
ICT on human relationship has been tremendous. ICT has helped to enhance family relationship
(e.g. mobile phones, palmtops, laptops, virtual conferencing and so on), as well help to separate
family and friends from each other. ICT has enabled new friendshipand relationships in virtual
communities. How genuine are such relationship? What does it portend for individual
satisfaction? In the workplace for instance, new kinds of jobs are being created such as data
miners, web-counselors etc, but these opportunities are also endangered by problems of
unemployment from computer replacing humans. A wide range of new laws, regulations, rules
and practices are therefore needed if society is to manage these workplace and other changes and
development brought about by ICT. Thus the society need to consider the following ethical and
social challenges related to ICT use:

⮚ Recognition for personal and corporate ethics associated with ICT.

⮚ Striking a balance between ethical, economic and technological (Rogerson, 2008) as well
as political considerations.
1. Intellectual property rights issue (trademarks, patents, copyright and trade
secrets).

87
 2. Non violation of privacy and associated rights amidst electronic information data
mining.
3. The opportunity to commit crime with ICT (computer crime).
4. Legal issues and limitations.
5. Consequence of using ICT.
6. Professional responsibilities (Kallman and Grillo, 1999)

CONCEPTS OF ETHICAL ISSUES

In the rapidly changing technological environment in which we live; ethical issues are
increasingly been raised, demanding attention and efforts towards resolution. Of particular
interest for us and the information society are those related to information communication
technologies (ICTs). The explosive growth of ICT and the use of its enabling technologies have
had major impacts on society and thus raise serious ethical questions for individuals and
organisations. These issues have been raised to a new and often perplexing level which has
greatly affected the society in various ways. The pressing issues raised by ICT include the
invasion of individual and corporate privacy, intellectual property rights, individual and societal
rights, values preservation and accountability for the consequences arising from the use of ICT,
etc. These issues have thrown up important challenges in the area of employment; working
conditions and individuality. However, not much progress has been made in addressing these
issues and challenges associated with ICT.
According to Fielden, (2004), Information Technology (IT) has a central role in commerce,
industry, government, medicine, education, entertainment and society at large. Its economic and
social benefits hardly need explanation. But like any other technologies, IT also has problematic
implications, and some negative impacts on our society. It poses and createssome problems
related to ethics, and contains in general three main types of ethical issues: personal privacy,
access right, and harmful actions. In terms of personal privacy, IT enables data exchange of
information on a large scale from anybody, on any locations or parts of the world, at any times.
In this situation, there is increased potential for disclosing information and violating the privacy
of any individuals and groups of people due to its widespread disseminations worldwide. It is our
challenge and responsibility to maintain the privacy and integrity of data regarding individuals.
This also includes taking precautions to ensure the accuracy of data, as well as protecting it from
unauthorized access or accidental disclosure to inappropriate individuals. The second aspect of
ethical issues in computing systems is access right. Due to the current popularity of international
commerce on the Internet, the topic of computer security and access right has moved quickly
from being a low priority for corporations and government agencies to a high priority. This
interest has been heightened by computer breakins at places like Los Alamos National
Laboratories and NASA in the US. Many attempts of such illegal access to United States
government and military computers by computer hackers have been widely reported. Without

88
implementation of proper computer security policies and strategies, network connections on the
Internet can’t be made secure from illegal accesses (Grimesm Fleischman & Jaeger 2009).
Grimes, Fleischman & Jaeger (2009) notes that in computer ethics, harmful action means injury
or negative consequences, such as undesirable loss of information, loss of property, property
damage, or unwanted environmental impacts. This principle prohibits use of computing
technology in ways that result in harm to any of users, the general public, employees, and
employers. Harmful actions include intentional destruction or modification of files and programs
leading to serious loss of resources or unnecessary expenditure of human resources such as the
time and effort required to purge systems from "computer viruses. We shall also examine other
specific ethical issues arising from IT below;
I Plagiarism
Plagiarism is where the work of others is copied, but the author presents it as his or her own
work. This is a highly unethical practice, but happens quite frequently, and with all the
information that is now available on the Internet it is much easier to do and is happening more
often.
Information and Copyright
Education
Commerce and industry are certainly arenas in which the Internet has had a profound effect, but
what of the foundational institutions of any society—namely, those related to education and the
production of knowledge? Here the Internet has had a variety of effects, some of which are quite
disturbing. There aremore computers in the classroom than ever before, but there is scant
evidence that they enhance the learning of basic skills in reading, writing, and arithmetic. And
while access to vast amounts of digital information is convenient, it has also become apparent
that most students now see libraries as antiquated institutions better used for their computer
terminals than for their book collections. As teachers at all education levels can attest, students
typically prefer to research their papers by reading online rather than wandering through a
library's stacks.
In a related effect the Internet has brought plagiarism into the computer era in two distinct
senses. First, electronic texts have made it simple for students to “cut and paste” published
sources (e.g., encyclopaedia articles) into their own papers. Second, although students could
always get someone to write their papers for them, it is now much easier to find and purchase
anonymous papers at Web sites and to even commission original term papers for a fixed fee.
Ironically, what the Internet gives, it also takes away. Teachers now have access to databases of
electronically submitted papers and can easily compare their own students' papers against a vast
archive of sources. Even a simple online search can sometimes find where one particularly well-
turned phrase originally appeared.

89
II Piracy
Piracy, the illegal copying of software, is a very serious problem, and it is estimated that
approximately 50% of all programs on PCs are pirated copies. Programmers spend hours and
hours designing programs, using elaborate code, and surely need to be protected. Although some
might argue that some pirating at least should be permitted as it can help to lead to a more
computer literate population. But, for corporations, in particular, this is a very serious issue, and
can significantly damage profit margins (White 2002).

III Hacking
A hacker is an individual who is knowledgeable enough to gain access without authorization to
computer systems to identify security flaws. Hackers break into, or ‘hack’ into a system.
Hacking can be undertaken for a variety of reasons, such as the wish to damage a system or the
wish to understand how a system works, so that money can be made out of it. Alternatively, there
might be a desire to alert people to the fact that a system is insecure and needs improving. Due to
this some argue that there are ‘hackerethics’. Hacking can present a moral dilemma. This is
because ‘reformed hackers’ sometimes offer their expertise to help organisations protect
themselves against other hackers. Hackers cannot just wander into a system, as they could into
an unlocked door. Instead, it requires a lot of skill. With this skill hackers can demonstrate that a
system is insecure and needs improving. In this way, it could be argued that hackers play a
valuable role. Many argue that hacking might lead to some improvements, but that it causes such
a lot of disruption that it is not worth it in the long-run (McCarthy, Halawi ., Aronson, 2005)
IV Computer Crime
By some estimates the personal records of about 73 million people in the U.S. were accidentally
disclosed, lost, or stolen in 2006. In one high-profile case, a burglary at the home of an employee
of the U.S. Department of Veterans Affairs resulted in the theft of a computer that contained
personal data on more than 26 million current and former members of the U.S. military. The
computer was later recovered, its data apparently untouched by the thieves, who had not realized
what they had taken. There were fears that millions of other people might not be so lucky,
however. In many cases the lost information included credit-card and Social Security numbers,
which fueled concerns that stolen information could lead to widespread consumer fraud. In an
18-month period during 2005–06, well over 200 different security breaches at companies and
government agencies were reported. As a result, credit-card issuers tried to reduce their
vulnerability by pressuring companies that handled credit-card transactions to comply with strict
new credit-card security standards that were backed by Visa and MasterCard. As the year ended,
it appeared that identity theft had not risen to the level suggested by the amount of personal
information that had been compromised, but there was no way to know whether identity thieves

90
were simply biding their time before they used the information to steal money through bank or
credit-card accounts.
Perpetrators of identity theft who had been caught recounted the ease with which they cashed in
on stolen information. Thieves typically stole identity information when it was inadvertently
disclosed or through “phishing” schemes, in which they used e-mail to persuade people to submit
a credit card number or other personal information to a fake Web page that pretended to
represent a real business. Using a stolen credit-card number, the thieves then transferred money
to themselves from a victim's account or purchased goods by using the victim's identity. The
scope of the theft efforts was huge; in a single month more than 17,000 phishing attacks were
reported to volunteer groups trying to prevent identity theft.
V Malicious Codes
Malicious code attacks include a number of types of computer programs that were created with
the intention of causing data loss or damage. The three main types of malicious code attacks are
viruses, Trojan horses, and worms.
A virus is malicious software that is attached to another program to execute a particular
unwanted function on a workstation. An example is a program that is attached to command.com
(the primary interpreter for Windows systems) and deletes certain files and infects any other
versions of command.com that it can find.
A Trojan horse is different only in that the entire application was written to look like something
else, when in fact it is an attack tool. An example of a Trojan horse is a software application that
runs a simple game on a workstation. While the user is occupied with the game, the Trojan horse
mails a copy of itself to every address in the user's address book. The other users receive the
game and play it, thereby spreading the Trojan horse to the addresses in each address book.
Viruses normally require a delivery mechanism, a vector, such as a zip file or some other
executable file attached to an email, to carry the virus code from one system to another. The key
element that distinguishes a computer worm from a computer virus is that human interaction is
required to facilitate the spread of a virus.
Worms are self-contained programs that attack a system and try to exploit a specific vulnerability
in the target. Upon successful exploitation of the vulnerability, the worm copies its program from
the attacking host to the newly exploited system to begin the cycle again A virus consists of a set
of instructions that attaches itself to other computer programs, usually in the computer's
operating system, and becomes part of them. In most cases, the corrupted programs continue to
perform their intended functions but surreptitiously execute the virus's instructions as well. A
virus is usually designed to execute when it is loaded into a computer's memory. Upon
execution, the virus instructs its host program to copy the viral code into, or “infect,” any number
of other programs and files stored in the computer. The infection can then transfer itself to files
and code on other computers through magnetic disks or other memory-storage devices, computer

91
networks, or online systems. The replicating viruses often multiply until they destroy data or
render other program codes meaningless. A virus may simply cause a harmless joke or cryptic
message to appear on a computer user's video monitor each time he turns on his computer. A
more damaging virus can wreak havoc on an extremely large computer system within a matter of
minutes or hours, causing it to crash and thereby destroy valuable data. Clearly writing and
spreading virus programs are unethical acts; they have very serious consequences, and cause
systems to crash and organisations to cease operating for certain periods. One of the most
concerning consequences of such actions is when viruses interrupt the smooth functioning of an
organisation which could in extreme cases even cause people to die. Logic bombs are also
sometimes planted. There is obviously a lot of anti-virus software on the market now though that
helps to deal with this ever-growing problem.
VI Ergonomics/health Issues
There are many ergonomic/health issues related to I.T. Responsible/ethically-minded employers
will, hopefully, give due consideration to this, as indeed should all employers. This includes
issues such as the importance of taking adequate breaks from using the computer and ensuring
that the screens comply with the regulations. Also, ensuring that the positioning of the chair and
the computer is appropriate for the user and providing foot rests, when required. Some
organisations will give special advice to their employees on these matters. Without such
ethical/moral awareness and taking the necessary action, many workers will suffer health
problems directly from I.T., such as back problems, eyestrain and eye infections and repetitive
strain injury (RSI).
VII Job displacement/work pressures imposed on computer professionals Computers are
changing the face of the work scene. For some people, their jobs are becoming redundant or they
have to play quite different roles, and others are suffering increasing levels of stress from work
pressures. Others are, obviously, reaping the benefits of having more rewarding jobs, and there is
certainly more emphasis on knowledge, information and I.T. skills than ever before. However,
this all clearly poses various ethical issues. Should those that lose their jobs be compensated?
How can the pressure be eased on those that are suffering stress? Is it acceptable for computer
programmers to be made redundant ‘on the spot’ etc? There are many ethical issues that need to
be addressed here.

92
Lecture 9:
COMPUTER/CYBER FRAUD
The term fraud may be defined as the intentional misrepresentation of financial information by
one or more individual among management, employees or third parties.
The use of a computer as an instrument to further illegal ends, such as committing fraud,
trafficking in child pornography and intellectual property, stealing identities, or violating
privacy. Cybercrime, especially through the Internet, has grown in importance as the computer
has become central to commerce, entertainment, and government.
Because of the early and widespread adoption of computers and the Internet in the United States,
most of the earliest victims and villains of cybercrime were Americans. By the 21st century,
though, hardly a hamlet remained anywhere in the world that had not been touched by
cybercrime of one sort or another.
Defining cybercrime
New technologies create new criminal opportunities but few new types of crime. What
distinguishes cybercrime from traditional criminal activity? Obviously, one difference is the use
of the digital computer, but technology alone is insufficient for any distinction that might exist
between different realms of criminal activity. Criminals do not need a computer to commit fraud,
traffic in child pornography and intellectual property, steal an identity, or violate someone's
privacy. All those activities existed before the “cyber” prefix became ubiquitous. Cybercrime,
especially involving the Internet, represents an extension of existing criminal behaviour
alongside some novel illegal activities.
Most cybercrime is an attack on information about individuals, corporations, or governments.
Although the attacks do not take place on a physical body, they do take place on the personal or
corporate virtual body, which is the set of informational attributes that define people and
institutions on the Internet. In other words, in the digital age our virtual identities are essential
elements of everyday life: we are a bundle of numbers and identifiers in multiple computer

93
databases owned by governments and corporations. Cybercrime highlights the centrality of
networked computers in our lives, as well as the fragility of such seemingly solid facts as
individual identity.
An important aspect of cybercrime is its nonlocal character: actions can occur in jurisdictions
separated by vast distances. This poses severe problems for law enforcement since previously
local or even national crimes now require international cooperation. For example, if a person
accesses child pornography located on a computer in a country that does not ban child
pornography, is that individual committing a crime in a nation where such materials are illegal?
Where exactly does cybercrime take place? Cyberspace is simply a richer version of the space
where a telephone conversation takes place, somewhere between the two people having the
conversation. As a planet-spanning network, the Internet offers criminals multiple hiding places
in the real world as well as in the network itself. However, just as individuals walking on the
ground leave marks that a skilled tracker can follow, cybercriminals leave clues as to their
identity and location, despite their best efforts to cover their tracks. In order to follow such clues
across national boundaries, though, international cybercrime treaties must be ratified.
In 1996 the Council of Europe, together with government representatives from the United States,
Canada, and Japan, drafted a preliminary international treaty covering computer crime. Around
the world, civil libertarian groups immediately protested provisions in the treaty requiring
Internet service providers (ISPs) to store information on their customers' transactions and to turn
this information over on demand. Work on the treaty proceeded nevertheless, and on November
23, 2001, the Council of Europe Cybercrime Convention was signed by 30 states. Additional
protocols, covering terrorist activities and racist and xenophobic cybercrimes were proposed in
2002. In addition, various national laws, such as the USA PATRIOT Act of 2001, have expanded
law enforcement's power to monitor and protect computer networks.
Types of Cybercrime
Cybercrime ranges across a spectrum of activities. At one end are crimes that involve
fundamental breaches of personal or corporate privacy, such as assaults on the integrity of
information held in digital depositories and the use of illegally obtained digital information to
blackmail a firm or individual. Also at this end of the spectrum is the growing crime of identity
theft. Midway along the spectrum lie transaction-based crimes such as fraud, trafficking in child
pornography, digital piracy, money laundering, and counterfeiting. These are specific crimes
with specific victims, but the criminal hides in the relative anonymity provided by the Internet.
Another part of this type of crime involves individuals within corporations or government
bureaucracies deliberately altering data for either profit or political objectives. At the other end
of the spectrum are those crimes that involve attempts to disrupt the actual workings of the
Internet. These range from spam, hacking, and denial of service attacks against specific sites to
acts of cyber terrorism— that is, the use of the Internet to cause public disturbances and even
death. Cyber terrorism focuses upon the use of the Internet by non state actors to affect a nation's

94
economic and technological infrastructure. Since the September 11 attacks of 2001, public
awareness of the threat of cyber terrorism has grown dramatically.
Identity theft and invasion of privacy
Cybercrime affects both a virtual and a real body, but the effects upon each are different. This
phenomenon is clearest in the case of identity theft. In the United States, for example, individuals
do not have an official identity card but a Social Security number that has long served as a de
facto identification number. Taxes are collected on the basis of each citizen's Social Security
number, and many private institutions use the number to keep track of their employees, students,
and patients. Access to an individual's Social Security number affords the opportunity to gather
all the documents related to that person's citizenship—i.e., to steal his identity. Even stolen credit
card information can be used to reconstruct an individual's identity. When criminals steal a firm's
credit card records, they produce two distinct effects. First, they make off with digital
information about individuals that is useful in many ways. For example, they might use the credit
card information to run up huge bills, forcing the credit card firms to suffer large losses, or they
might sell the information to others who can use it in a similar fashion. Second, they might use
individual credit card names and numbers to create new identities for other criminals. For
example, a criminal might contact the issuing bank of a stolen credit card and change the mailing
address on the account. Next, the criminal may get a passport or driver's license with his own
picture but with the victim's name. With a driver's license, the criminal can easily acquire a new
Social Security card; it is then possible to open bank accounts and receive loans—all with the
victim's credit record and background. The original cardholder might remain unaware of this
until the debt is so great that the bank contacts the account holder. Only then does the identity
theft become visible. Although identity theft takes places in many countries, researchers and law-
enforcement officials are plagued by a lack of information and statistics about the crime
worldwide. Interpol, the international policing agency, has not added any type of cybercrime,
including identity theft, to its annual crime statistics. Cybercrime is clearly, however, an
international problem.
In 2003 the U.S. Federal Trade Commission released the first national survey on identity theft;
according to the report, in the previous year 3.3 million Americans had their identities
fraudulently used to open bank, credit card, or utility accounts, with losses of $32.9 billion to
businesses and $3.8 billion to individuals. The report also stated that 6.6 million Americans were
victimized by account theft, such as use of stolen credit cards and automatic teller machine
(ATM) cards, with losses of $14 billion to businesses and $1.1 billion to individuals.
Internet fraud
Schemes to defraud consumers abound on the Internet. Among the most famous is the Nigerian,
or “419,” scam; the number is a reference to the section of Nigerian law that the scam violates.

95
Although this con has been used with both fax and traditional mail, it has been given new life by
the Internet. In the scheme, an individual receives an e-mail asserting that the sender requires
help in transferring a large sum of money out of Nigeria or another distant country. Usually, this
money is in the form of an asset that is going to be sold, such as oil, or a large amount of cash
that requires “laundering” to conceal its source; the variations are endless, and new specifics are
constantly being developed. The message asks the recipient to cover some cost of moving the
funds out of the country in return for receiving a much larger sum of money in the near future.
Should the recipient respond with a check or money order, he is told that complications have
developed; more money is required. Over time, victims can lose thousands of dollars that are
utterly unrecoverable.
In 2002 the U.S. Internet Fraud Complaint Center reported that more than $54 million dollars
had been lost through a variety of fraud schemes; this represented a threefold increase over
estimated losses of $17 million in 2001. In the United States, the largest source of fraud was
online auctions. In many cases, individuals would put products up for sale on Internet auction
sites, demand money before delivery, and never fulfill their obligations to the consumer. Such
scams accounted for 46 percent of the fraud cases in 2002, with an average individual loss of
$299. Unlike identity theft, where the theft occurs without the victim's knowledge, these more
traditional forms of fraud occur in plain sight. The victim willingly provides private information
that enables the crime; hence, these are transactional crimes. Few people would believe someone
who walked up to them on the street and promised them easy riches; however, receiving an
unsolicited e-mail or visiting a random Web page is sufficiently different that many people easily
open their wallets. Despite a vast amount of consumer education, Internet fraud remains a growth
industry for criminals and prosecutors. Europe and the United States are far from the only sites
of cybercrime. South Korea is among the most wired countries in the world, and its cybercrime
fraud statistics are growing at an alarming rate. In 2003 some 40,000 cases of cybercriminal
activity, mostly fraud, had been reported to authorities. This represented an 18 percent increase
from 2002. Japan has also experienced a rapid growth in similar crimes; in 2003 official National
Police Agency statistics cited a 94 percent increase in Internet fraud since 2000.
ATM fraud
Computers also make more mundane types of fraud possible. Take the automated teller machine
(ATM) through which many people now get cash. In order to access an account, a user supplies a
card and personal identification number (PIN). Criminals have developed means to intercept
both the data on the card's magnetic strip as well as the user's PIN. In turn, the information is
used to create fake cards that are then used to withdraw funds from the unsuspecting individual's
account. In 1999 there were 251 reported cases of ATM fraud in the United States; in 2002 the
New York Times reported that more than 21,000 American bank accounts had been skimmed by
a single group engaged in acquiring ATM information illegally. A particularly effective form of
fraud has involved the use of ATMs in shopping centres and convenience stores. These machines
are free-standing and not physically part of a bank. Criminals can easily set up a machine that

96
looks like a legitimate machine; instead of dispensing money, however, the machine gathers
information on users and only tells them that the machine is out of order after they have typed in
their PINs. Given that ATMs are the preferred method for dispensing currency all over the
world, ATM fraud has become an international problem with multiple solutions. In August 2003
an individual in Australia pleaded guilty to stealing $A 623,000 from bank customers by using a
small camera and an electronic recording device at multiple ATMs. Australia is now considering
a ban on the purchase of equipment that criminals might use in ATMs to defraud customers.
However, the range of equipment under consideration is quite large and useful for a variety of
legitimate purposes as well.
File sharing and piracy Sales of compact discs (CDs) are the major source of revenue for
recording companies. Although piracy—that is, the illegal duplication of copyrighted materials
—has always been a problem, especially in the Far East, the proliferation on college campuses of
inexpensive personal computers capable of capturing music off CDs and sharing them over high-
speed (“broadband”) Internet connections has become the recording industry's greatest
nightmare. In the United States, the recording industry, represented by the Recording Industry
Association of America (RIAA), attacked a single file-sharing service, Napster, which from 1999
to 2001 allowed users across the Internet access to music files, stored in the datacompression
format known as MP3, on other users' computers by way of Napster's central computer.
According to the RIAA, Napster users regularly violated the copyright of recording artists, and
the service had to stop. For users, the issues were not so clear-cut. At the core of the Napster case
was the issue of fair use. Individuals who had purchased a CD were clearly allowed to listen to
the music, whether in their home stereo, automobile sound system, or personal computer. What
they did not have the right to do, argued the RIAA, was to make the CD available to thousands
of others who could make a perfect digital copy of the music and create their own CDs. Users
rejoined that sharing their files was a fair use of copyrighted material for which they had paid a
fair price. In the end, the RIAA argued that a whole new class of cybercriminal had been born—
the digital pirate—that included just about anyone who had ever shared or downloaded an MP3
file. Although the RIAA successfully shuttered Napster, a new type of file-sharing service,
known as peer-to-peer (P2P) networks, sprang up.
These decentralized systems do not rely on a central facilitating computer; instead, they consist
of millions of users who voluntarily open their own computers to others for file sharing.
The RIAA continues to battle these file-sharing networks, demanding that ISPs turn over records
of their customers who move large quantities of data over their networks, but the effects have
been minimal. The RIAA's other tactic has been to push for the development of technologies to
enforce the digital rights of copyright holders. So-called digital rights management technology is
an attempt to forestall piracy through technologies that will not allow consumers to share files or
possess “too many” copies of a copyrighted work. As companies work on the hardware and
software necessary to meet these goals, it is clear that file sharing has brought about a
fundamental reconstruction of the relationship between producers, distributors, and consumers of

97
artistic material. As broadband Internet connections proliferate, the motion-picture industry faces
a similar problem, although the digital videodisc (DVD) came to market with encryption and
various built-in attempts to avoid the problems of a video Napster.
Child pornography
With the advent of almost every new media technology, pornography has been its “killer app,” or
the application that drove early deployment of technical innovations in search of profit. The
Internet was no exception, but there is a criminal element to this business bonanza—child
pornography, which is unrelated to the lucrative business of legal adult-oriented pornography.
The possession of child pornography, defined here as images of children under age 18 engaged
in sexual behaviour, is illegal in the United States, the European Union, and many other
countries, but it remains a problem that has no easy solution. The problem is compounded by the
ability of “kiddie porn” Web sites to disseminate their material from locations, such as states of
the former Soviet Union as well as Southeast Asia, that lack cybercrime laws. Some law
enforcement organizations believe that child pornography represents a $3-billion-a-year industry
and that more than 10,000 Internet locations provide access to these materials.

ETHICAL CHANLLENGES ON INFORMATION TECHNOLOGY

As much as information technology is important to our lives, it is facing some serious ethical
challenges, and it is up to the IT experts and users of information technology to be ready for
these challenges. As more emerging information technologies pop up on the market, most of the
IT experts and users do not know how to go about the challenges brought by these technologies.
Information technology is facing one of its biggest challenges which are lack of privacy,
security, copyright infringement and increased computer crimes. This has stimulated criminals to
exploit users of IT basing on the lope holes left in these technologies. Since information
technology speeds the access and flow of information, many businesses and organizations are at
risk of losing this data because experienced criminals can easily tap that information for their
personal use. Also unfaithful employees can use information technology to archive their personal
goals which might be harmful to an organization. IT is not bad by its self, but the way humans
use the tools provided by information technology has brought some serious challenges.
Below are some issues on Ethical Challenges of Information Technology

⮚ Security: With tools like the internet, hackers have found it very easy to hack into any
computer or system as long as it is connected on internet. Hackers can easily use an IP
(Internet Protocol) address to access a user’s computer and collect data for selfish
reasons. Also the wide spread of internet cookies which collect information whenever we
use the internet , has exposed IT users to high risks of fraud and conflicting interests.
Many big companies use these cookies to determine which products or service they can

98
 advertise to us. When it comes to online banking, the transfer of money can easily be
interrupted by a hacker and all the money will be transferred to their desired accounts ,
which affects both the bank and the customers who is using online banking technology
⮚ Copyright Infringement: Information technology has made it easy for users to access
any information or artifact at any given time. With the increased development of music
sharing networks and photo bookmarking sites, many original creators of these works are
losing the credibility of their works, because users of IT can easily gain access and share
that data with friends. Free music and file downloading sites are popping up on internet
every day , lots of original work like music albums, books , are being downloaded for
free. In this case one legitimate user will purchase the book , software, web template or
music album, and they will submit it to a free download site where others will simply just
download that data for free. It is good news for the users because it saves them money,
but it harms the original creator of these works. The government has closed some of these
sites likeMEGAUPLOAD.COM , but many are popping up using funny URLs.
⮚ Increased pressure on IT experts. Since information technology systems have to run
all the time, pressure is mounted on IT experts to ensure the accuracy and availability of
these systems. Many big organizations which need to operate 24 hours will require a
standby IT team to cater for any issues which might arise during the course of operation.

Enterprise Information System (EIS

An Enterprise Information System (EIS) is any kind of information system which improves
the functions of enterprise business processes by integration. This means typically offering high
quality of service, dealing with large volumes of data and capable of supporting some large and
possibly complex organization or enterprise. An EIS must be able to be used by all parts and all
levels of an enterprise.
The word enterprise can have various connotations. Frequently the term is used only to refer to
very large organizations such as multi-national companies or public-sector organizations.
However, the term may be used to mean virtually anything, by virtue of it having become the
latest corporate-speak.

Purpose
Enterprise information systems provide a technology platform that enables organizations to
integrate and coordinate their business processes on a robust foundation. An EIS is currently
used in conjunction with customer relationship management and supply chain management to
automate business processes.An enterprise information system provides a single system that is
central to the organization that ensures information can be shared across all functional levels and
management hierarchies.

99
An EIS can be used to increase business productivity and reduce service cycles, product
development cycles and marketing life cycles.It may be used to amalgamate existing
applications. Other outcomes include higher operational efficiency and cost savings.
Financial value is not usually a direct outcome from the implementation of an enterprise
information system. At the design stage the main characteristic of EIS efficiency evaluation is the
probability of timely delivery of various messages such as command, service.

Information Processing Modes

Batch processing
Alternatively referred to as a batch system, batch processing is a technique of processing data that
occur in one large group instead of individually. Batch processing is usually done to help conserve
system resources and allow for any modifications before being processed. For example, a banks will
batch process all their transactions once every hour instead of processing each transaction immediately.
Another example, is the Microsoft Outlook e-mail program, which will keep all your e-mails in an Outbox
that is processed every few minutes allowing you to edit or delete Simple Batch Systems. The user
prepares a job (which consists of program, data and some control information), submits it to
the computer operator and receives the output after the program is executed. The job is usually
punched on cards and the output is usually printed. To speed up processing, jobs with similar
needs can be batched together and run as a group. Thus, the operator sorts the programs with
similar requirements into batches, runs each batch and sends the output to the programmer.
Therefore in a batch operating system there is a lack of interaction between the user and the
job while that job is executing.
The operating system is always in memory and its job is to transfer control automatically from
one job to the next.
As the I/O devices are slower than the speed of the CPU (the difference may be three orders of
magnitude or more), the CPU is often idle. For using the system more efficiently, cards can be
read from the card reader onto the disk. The operating system records their location on disk in
a table. When a job requests the printer, the output is copied into a system buffer and is
written to the disk. When the job is completed, the output is printed. This form of processing is
called spooling (simultaneous peripheral operation on line). Spooling is also used for processing
data at remote sites. The CPU send the data via communication paths to a remote site and the
processing is done with no CPU intervention. The CPU just needs to be notified when the
processing is completed, so that it can spool the next batch of data. Spooling overlaps the I/O of
one job with the computation of other jobs. During the execution of one job, the spooler may
be reading the input of another job while printing the output of a different job.

100
 Real-time Systems

Real-time systems are special purpose operating systems. They are used when there are rigid
time requirements on the operation of a processor or the flow of data, and thus it is often used
as a control device in a dedicated application (eg. fuel injection systems, weapon systems,
industrial control systems, …). It has well defined, fixed time constraints. The processing must
be done within the defined constraints, or the system fails.
Two types:
- Hard real-time systems guarantee that critical tasks complete on time.
- In Soft real-time systems, a critical real-time task gets priority over other tasks, and the
task retains that priority until it completes.
- s.

Computer Installation
Installation (or setup) of a computer program (including device drivers and plugins), is
the act of making the program ready for execution. Installation refers to the particular
configuration of a software or hardware with a view to making it usable with the
computer. A soft or digital copy of the piece of software (program) is needed to install it.
There are different processes of installing a piece of software (program). Because the
process varies for each program and each computer, programs (including operating
systems) often come with an installer, a specialised program responsible for doing
whatever is needed (see below) for the installation. Installation may be part of a larger
software deployment process.
Installation typically involves code (program) being copied/generated from the
installation files to new files on the local computer for easier access by the operating
system, creating necessary directories, registering environment variables, providing
separate program for un-installation etc. Because code is generally copied/generated in
multiple locations, un installation usually involves more than just erasing the program
folder. For example, registry files and other system code may need to be modified or
deleted for a complete un installation.
Types of Installation
Attended installation
On Windows systems, this is the most common form of installation. An installation process
usually needs a user who attends it to make choices, such as accepting or declining an end-user
license agreement (EULA), specifying preferences such as the installation location, supplying
passwords or assisting in product activation. In graphical environments, installers that offer a
wizard-based interface are common. Attended installers may ask users to help mitigate the
errors. For instance, if the disk in which the computer program is being installed was full, the
installer may ask the user to specify another target path or clear enough space in the disk. A
common misconception is unarchivation, which is not considered an installation action because
it does not include user choices, such as accepting or declining EULA.

101
Silent installation
Installation that does not display messages or windows during its progress. "Silent installation" is
not the same as "unattended installation" (see below): All silent installations are unattended but
not all unattended installations are silent. The reason behind a silent installation may be
convenience or subterfuge. Malware is almost always installed silently.[citation needed]
Unattended installation
Installation that is performed without user interaction during its progress or with no user present
at all. One of the reasons to use this approach is to automate the installation of a large number of
systems. An unattended installation either does not require the user to supply anything or has
received all necessary input prior to the start of installation. Such input may be in the form of
command line switches or an answer file, a file that contains all the necessary parameters.
Windows XP and most Linux distributions are examples of operating systems that can be
installed with an answer file. In unattended installation, it is assumed that there is no user to help
mitigate errors. For instance, if the installation medium was faulty, the installer should fail the
installation, as there is no user to fix the fault or replace the medium. Unattended installers may
record errors in a computer log for later review.
Headless installation
Installation performed without using a computer monitor connected. In attended forms of
headless installation, another machine connects to the target machine (for instance, via a local
area network) and takes over the display output. Since a headless installation does not need a
user at the location of the target computer, unattended headless installers may be used to install a
program on multiple machines at the same time.
Scheduled or automated installation
An installation process that runs on a preset time or when a predefined condition transpires, as
opposed to an installation process that starts explicitly on a user's command. For instance, a
system administrator willing to install a later version of a computer program that is being used
can schedule that installation to occur when that program is not running. An operating system
may automatically install a device driver for a device that the user connects. (See plug and play.)
Malware may also be installed automatically. For example, the infamous Conficker was installed
when the user plugged an infected device to their computer.
Clean installation
A clean installation is one that is done in the absence of any interfering elements such as old
versions of the computer program being installed or leftovers from a previous installation. In
particular, the clean installation of an operating system is an installation in which the target disk
partition is erased before installation. Since the interfering elements are absent, a clean
installation may succeed where an unclean installation may fail or may take significantly longer.
Network installation
Not to be confused with network booting.

Network installation, shortened netinstall, is an installation of a program from a shared network

resource that may be done by installing a minimal system before proceeding to download further
packages over thenetwork. This may simply be a copy of the original media but software
publishers which offer site licenses for institutional customers may provide a version intended
for installation over a network.

102
Lecture 10
What is electronic data interchange?

Electronic data interchange (EDI) is the intercompany communication of business documents in

a standard format. With EDI, the information moves directly from a computer application in one
organization to an application in another. EDI standards, which specify what information goes
where in an EDI document or message, eliminate the need to manually rekey information so that
it can be accepted. This automated capability enables information to be shared rapidly, instead of
the hours, days or weeks required with paper documents or other methods.

Businesses use EDI to integrate and share a range of document types — from purchase orders to
invoices to requests for quotations to loan applications and more. In most instances, these
organizations are trading partners that exchange goods and services frequently as part of their
supply chains and business-to-business (B2B) networks.

Interoperability Case Study: Electronic Data Interchange

(EDI)
The book is an extension of their 2007 study and paper, “Breaking Down Digital Barriers: When
and How ICT Interoperability Drives Innovation” (Berkman Center Research Publication, 2007).
Interop: The Promise and Perils of Highly Interconnected Systems focuses on the relationship
between interoperability and innovation in the Information and Communication Technology
(ICT) environment and beyond. Palfrey and Gasser seek to sharpen the definition of
interoperability and identify its relevance for consumers, companies, governments, and the
public by examining its driving forces and inhibitors, while considering how it can best be
achieved, and why.
The forth case study in our interop series looks into Electronic Data Interchange interoperability.
The case was researched with the help of our wonderful Berkman student fellow Matthew B.
Becker. He submitted the following blog post as an introduction to the case:
Electronic data interchange (EDI) provides an excellent context for examining how
interoperability at the technological and data level can also produce profound effects at a higher,
institutional level. Originally conceived as a means for speeding up the delivery of invoices and
purchase orders by sending them electronically, EDI resulted in significant shifts with regard to
retailer-supplier relations that went far beyond transaction efficiency.
In tandem with the introduction of bar codes (the subject of another case study in our Interop
series), which provided greater insight into sales trends, the use of EDI allowed retailers to
automate their purchase orders, increasing inventory replenishment speed and redefining supply
chain management; i.e., allowing the merging of Internet technology with JIT (just-in-time), a
Japanese manufacturing management method that was developed in the 1970s. Retailers and
suppliers who had previously guarded their sales and inventory information and made deals at
arms-length, found that they had much to gain by radically integrating their operations and using
EDI to share their inventory data immediately and automatically. One of the first and largest
adopters of the merged EDI-JIT system were the three major U.S. automakers (GM, Ford, and
Chrysler), in which they used electronic “mailboxes” to acquire information on production and

103
non-production parts as well as to manage their order and requests electronically. Retailers such
as Wal-Mart and Sears quickly followed suit, in which whenever a sale was made, that
information was immediately transferred electronically so that the data could be used to update
inventory, calculate sales and create other statistical reports.
With the merger of EDI and JIT, purchase decisions were shifted to the suppliers themselves,
who examined sales trends to provide retailers with the products they would need as soon as
required, and not before. Not only was this approach more responsive to customer demand, it
also reduced expensive inventory back stock and remaindering costs. Through a similar
integration with shippers, warehousing costs were slashed as products were shipped directly
from suppliers to retailers, without need for expensive storage.
Over the past decade, EDI has been undergoing a significant shift, as some businesses and
organizations (e.g. Lufhansa AirPlus) have started employing XML-based EDI (XML/EDI), with
the promise of even greater flexibility and interoperability. However, adoption has been limited,
and many of those who are using XML/EDI have implemented it in a less-than-fully
interoperable manner. Additionally, support from major software companies, which appeared
strong around the turn of the 21 st century, has largely dissipated. As such, although the
implementation of traditional EDI provides a good example of how private actors and third-party
organizations can establish viable interoperable technology, the stalling of XML/EDI
demonstrates that this approach is not always successful.
Because the route to an established interoperable standard involves many nuances and
complexities, one might argue that there may be a role for government when private actors
appear unable to succeed on their own. However, this study, authored by Matthew Becker,
concludes by noting that if this is indeed the case, the best approach may actually be a very light
one, in which government involvement is limited to setting a general objective and a timeline,
leaving the innovation and implementation to the private sector.
Results story
Saving time and driving expansion
By automating its mission-critical EDI processes with IBM Sterling Supply Chain Business Network,
TMLC can continue its fast-paced growth and focus on developing functionalities to support the
business.
“By adopting the managed services model, we estimate that we avoided the need to employ three
additional FTEs, which is a significant cost-saving,” says Rekau. “We believe we can
comfortably accommodate ongoing trading partner growth for at least the next 12 months with
the same headcount.”
She adds: “When the time does come to add new personnel, training them will be significantly
faster and easier. We recently had a new person move into the team, and in less than two weeks
she was fully up to speed with IBM Sterling Supply Chain Business Network.”
With IBM Sterling Business Transaction Intelligence supporting non-technical EDI users across
the organization, TMLC can track its transactions faster than ever.
“IBM Sterling Business Transaction Intelligence allows our business users to easily track an
order from inception to cash,” explains Rekau. “In the past, if one of our customers called in to
ask about the status of a purchase order, our order management personnel would have to spend
significant amounts of time piecing together the information they needed from technical EDI

104
documents. Today, our team uses IBM Sterling Business Transaction Intelligence to cut through
that complexity. As a result, they can find the answer to customer questions in minutes, and pass
on any necessary information to our sales or compliance team in the event of an issue.”
She adds: “These kinds of business insights are also extremely valuable for our accounts
receivable team. If a customer has acknowledged one of our invoices but not paid it, it’s often
because they need additional information on the order. In the past, our accounts receivable
personnel relied on the EDI team to retrieve this data, but thanks to IBM Sterling Business
Transaction Intelligence they can now pull up the information themselves — streamlining the
process.”
With managed services to support its fast-changing EDI requirements, TMLC is already rolling
out support for new business models rapidly. When TMLC acquired a major safe manufacturer
called Sentry Safe, it needed to bring the company’s 200 trading partner maps onboard quickly,
and support drop-ship orders for the first time.
“If we’d carried out the Sentry Safe EDI migration on our own, we estimate it would have taken
at least 12 months to complete the process,” recalls Rekau. “By engaging IBM, we completed the
mapping work within just 6 months — 50 percent faster.”
On key retail events like Black Friday, the reliability of IBM Sterling Supply Chain Business
Network helps TMLC take advantage of every opportunity.
“We see spikes in EDI traffic of around 250 percent on some points in the retail year, and many
of those customers need their orders to be shipped within just 48 hours,” concludes Rekau.
“Unplanned EDI downtime can make or break a year. I report on the availability of IBM Sterling
Supply Chain Business Network every month to our executive team, and it’s never been less than
100 percent. As our business continues to grow, we’re confident that we have the EDI platform
we need to effectively engage with more trading partners worldwide.”

105