The New Management System (NMS), budgeted at $71 million, has been under fire
since it was deployed in October of 1997. The AID inspector general’s office criticized
NMS for data errors and slow performance. In some cases, users had to spend days
trying to process a single transaction.
The new system can’t handle the large amount of data that passes among AID
offices, McCall said. The agency must decide whether to boost expensive satellite
network bandwidth to handle real time transactions or move to some batch
processing. “I don’t think people understood the amount of data that would be
transmitted over the system”, he said.
Designers also initially failed to gasp the difficulty of integrating legacy accounting
systems. “We thought we had three primary accounting systems,” McCall said. But
numerous infield alterations to basic systems over the years meant the agency had
closer to 80 different accounting systems. Some of the resulting data didn’t import
correctly into the new system.
In addition, McCall said, system designers should have stayed focused on core
requirements instead of trying to immediately add features that users requested after
early tests. For example, some overseas employees wanted to be able to call up
data from any foreign site. Although that is an attractive feature, he said, “that taxes the system. You don’t really need that now.”
12.7.2 Systems conversion
Four different methods have been described for the conversion to a new system: the parallel, pilot, phased or “big bang” approach. Compare these four alternatives in terms of the likely time frame involved, level of risk incurred, and user “buy-in” to the new system.
148
Discovering Information Systems
Section IV
13. Using Information Systems
13. Using Information Systems
Many factors can affect the ability of an information system to fulfil its goal of supporting business processes. Before an information system is developed, its purpose must be aligned with the goals of the business, a cost benefit study should be completed, and user
requirements must be carefully analysed to ensure that it will provide the appropriate
functionality. During the system development process, organisational standards need to be adhered to in respect of the various deliverables of the SDLC and the overall IT architecture of the organisation. But over and above these planning and acquisition issues, the final measure of success for an information system depends on how it is used – are employees happy to incorporate it into their data processing activities; does it deliver the information that they need; is the integrity of information guaranteed; can human or technical problems be identified and corrected? No matter how carefully a system has been developed, there are still potential problems associated with its use in the real world, which need to be included in an IS management strategy.
13.1 Change Management
One of the main reasons that information systems fail, is that users resist change. Many individuals believe that their skills and experience will be of less value in an automated environment, which threatens their job or status. Users may refuse to adapt to new methods of working, or while using the new system may attempt to undermine its efficiency. Acceptance of the system can be significantly improved through the implementation of a change
management strategy.
During the systems analysis phase, users should be involved in the identification of problems that occur in existing systems, and given the opportunity to express their own information requirements. If they are made aware of shortcomings in the old system and of how these will be alleviated when the new system has been implemented, then they are more likely to accept the change. Where decisions need to be made between alternatives, users should be part of the decision-making process rather than being presented with a unilateral solution.
The design phase of the SDLC involves the “make or buy” decision. The evaluation of commercial packages should be done by a team that includes users as well as managers and technicians, so that any operational concerns can be raised and clarified. If a system is to be developed in-house (or outsourced), then the users should be consulted about the layout of screens for data capture, and the format of reports. Finally, if the new system will result in changes to existing work procedures, the impact should be discussed and any problems or
training needs identified.
User training falls within the systems implementation stage of the SDLC, and should involve more than just teaching users how to operate the new system. They must also understand what the purpose of the system is, what benefits it is expected to generate for the business, what problems could result if it is incorrectly used, and the importance of their role in its successful implementation.
Discovering Information Systems
149
13. Using Information Systems
Section IV
13.2 Ergonomics
Ergonomics refers to design principles that support safety and efficiency in the workplace.
Uncomfortably aligned computer monitors and keyboards, or the incorrect height of chairs and desks, may result in neck or back pain; eye strain can be caused by screen glare or poor display resolution; and repetitive strain injuries (RSI) such as carpal tunnel syndrome, may affect the wrists and hands of data entry personnel. Correct attention to ergonomics will not only reduce health risks, but also improves employee morale and productivity.
Examples of how ergonomic principles can be incorporated in an IS environment include:
• The use of keyboards with built in wrist rests
or specially contoured design to reduce RSI.
• Chairs with variable seat height and back
support.
• Correct adjustment of the angle of computer
monitors.
• In addition to adjusting the brightness and
contrast of the computer monitor, an additional transparent screen can be used to
reduce glare.
An infrequent but potentially life-threatening new health hazard that has recently been
identified by medical practitioners is “e-thrombosis”, which may result from sitting immobile for long periods. This is similar to the condition sometimes experienced by travellers on long flights, in which a blood clot forms in the leg veins, and may subsequently break off and travel to the lungs or other vital organs.
13.3 Ethics
The increased use of information systems in business has given rise to new opportunities for behaviour that could negatively affect the organisation, its employees and its customers. The study of ethics examines the moral quality of a decision or course of action, and is based on what is right rather than what is legal. Four major areas of ethics that are affected by information technology are privacy, property, accuracy and access, and many businesses have a code of ethics determining the expected standard of conduct for their employees.
13.3.1 Privacy
Most companies store information about their customers and staff in corporate databases – not only details like names and addresses, but also transaction histories, payment records, etc.
One ethical issue regards the privacy of that information. By law it may not be passed on to a third party without the consent of the subject of the information. However, within the
organisation itself accumulated information may be used, for example through data mining or neural networks, to decide on credit limits or to target customers for promotions, even though the information was not originally supplied with that use in mind. A member of staff who applies for a more senior post, may find that her previous record of sick leave influences the outcome of her application. If you were ill on the day of your final IS exam, you would apply 150
Discovering Information Systems
Section IV
13. Using Information Systems
to write a deferred examination: would you think it fair to have your performance in other courses taken into account when deciding whether the deferred exam for IS should be
granted? Another cause for concern is the viewing of personal data by employees when this is not actually required for business purposes: if an attractive member of the opposite sex joins your organisation, is it ethical for you to check his/her age and marital status? What about HIV status? And in many countries, governments are now debating the balance between the
right to personal privacy of information and the need for national security.
13.3.2 Property
Computer software and data have been the subject of a number of ethical issues related to
property. Software piracy (the copying of copyrighted software) is illegal, but what about the copying of software that has not been copyrighted? If you are confident that you can get away with copying your friend’s tutorial preparation, do you think that it is acceptable to do so?
Copying of other people’s ideas without acknowledgement is plagiarism, which is generally regarded as unethical even if society does not always consider it to be illegal. Employees who leave an organisation may take with them confidential knowledge about the firm and its
business plans, which they gained while they were working for the organisation but which could be useful to a competitor. Even within the organisation itself, employees may be
reluctant to volunteer their knowledge for inclusion in an expert system, since this may reduce their own importance. The Internet has facilitated the unauthorised copying of intellectual property across national boundaries, such as the swapping of music files between individuals, which is practically impossible to control without the cooperation of the individuals involved.
13.3.3 Accuracy
Accuracy of information at the transactional level can to some extent be controlled through validation checks within the database and software design. Individuals are entitled by law to check and correct personal information that is stored in corporate databases. Nevertheless, since the users of information systems are human and fallible, the use of technology alone will not prevent the production of inaccurate information, either intentionally or by accident.
Again, the growth of the Internet has made the dissemination of incorrect information
extremely difficult to control, and raises ethical issues about the responsibility for its consequences. An unresolved problem concerns the retouching, or digital alteration of
photographs, where the key issue appears to be whether the intended information content of the image has been changed.
13.3.4 Access
Access to information can be protected through the use of technology, such as passwords, electronic and biometric controls. Databases can allow or restrict access for different types of users. But what about equal access to information for those who do not have computers, or who are unable to use them because of physical disabilities? Many people feel that it is unethical for society to condone the lack of access to information for specific groups. On the other hand, employees who have access to organisational computing resources are often
guilty of abusing the privilege by using company time and equipment for personal pursuits such as emailing and web surfing.
Discovering Information Systems
151
13. Using Information Systems
Section IV
13.4 Data Processing Controls
An important function in computer auditing is the review and analysis of information systems security. One element of this is physical access control; another is software-based data processing controls that are intended to prevent data errors from occurring, to identify any errors that have occurred, and to assist with recovery from errors. Validation checks may be built into the database structure, or coded as part of a software application, to enforce business rules such as credit limits or minimum and maximum charges. Network and database access
may be selectively restricted, and network monitoring software keeps track of which users log on to the system, what files they access, and what changes they make. Audit trails provide a transaction history showing where each entry originated and who was responsible, and serve an important function not only in identifying the source of problems but also in determining where staff training is needed. Sequential numbering of transactions and of audit reports ensures that every business activity is recorded. Where financial totals are transferred from subsidiary journals to the general ledger, the corresponding general ledger audit report should cross reference the audit report that reflects the individual transactions, and control totals in both ledgers must be reconciled. Exception reports should be produced in the case of transactions or totals exceeding previously specified limits.
Further data processing security for complex transactions can provided by database
management systems. A single transaction may result in updates to a number of different
files, e.g. a sale will affect both the accounts receivable and inventory files. In this case, all the required updates must be made successfully before the transaction is committed to the database; if an error occurs at any stage after the start of processing, then all the updates will be rolled back (i.e. undone), to prevent the possibility of inconsistent entries.
Additional management controls should be implemented to reduce data processing risk.
Employees should be thoroughly trained in the software and procedures that they are expected to use. Regular backups should be made and stored in secure off-site locations. Separation of duties among employees reduces the risk of deliberate fraud, and awareness of ethical
standards should be a part of company policy.
13.5 Disaster Recovery
Natural disasters, sabotage, theft, viruses – any of these can result in damage to, or even destruction of, an organisation’s information systems. Reliance on corporate databases and powerful servers increases the vulnerability of the system. A disaster recovery plan is needed to document how the business would be able to recover from either the total loss of
computing capabilities, or else the interruption of critical services.
Regular backup of data and programs is the first essential for recovery from mishap. Backups should be kept off-site and in a fireproof container or safe, and should be tested at intervals to ensure that the restore procedures function successfully.
A hot site provides an alternative computing facility that can be used in the event of a major disaster, such as occurred at the World Trade Centre in New York in September 2001.
Backup copies of application programs and corporate data can be run on equipment at the hot site with minimal interruption to business. Because the duplication of computer hardware is 152
Discovering Information Systems
Section IV
13. Using Information Systems
expensive, this facility may be shared between a number of firms operating in different
geographical locations. (In fact, the internal systems used to manage the twin towers of the World Trade Centre, each had their disaster recovery facilities located in the opposite tower, since the likelihood of both towers being destroyed simultaneously was believed to be
remote.)
Some disasters can be minimised through avoidance and early warning systems. An
uninterrupted power supply (UPS) will prevent data corruption resulting from power spikes, and in the event of a total power failure, can run the system for a limited period before shutting it down in an orderly fashion and without data loss. Temperature control systems, smoke detectors and water sprinklers or gas fire suppression systems should be installed to reduce fire risk, while physical controls such as door locks and alarm systems will protect against unauthorised intruders. Expert systems can be used to monitor the network for faults and to protect against communications threats such as viruses and hackers.
13.6 How IS Affects You
Every department of an organisation uses information technology in some way, and even if you are not an IS major, IS is likely to be an important element of your future career in commerce.
• In finance and accounting, information systems are used to forecast revenues, plan business activities, manage financial resources and audit the performance of the
organisation.
• In sales and marketing, information systems are used to determine the potential market for new products, to plan advertising campaigns and predict sales revenues, to
determine product prices and manage customer relations.
• Many of the processes in an organisation’s value chain can be enhanced through the
use of computer-based information systems, from procurement to manufacturing to
after-sales service. The operations manager who has a sound knowledge of
information technology will be able to apply it effectively in order to maintain
competitive advantage in the market.
• Human resource management is no longer focused solely on employee record
keeping. The internet has become a powerful employment tool; company intranets
empower staff to manage their benefits, leave and training requirements. IT now has
an important role to play in the hiring and retention of staff.
• Of course, if you intend becoming an IS specialist, then the development and
management of information systems will be central to your future career, and this is
only the beginning of your studies in the field of IS. Even if you focus on a particular aspect of IS, such as database or network administration, you will need a solid
foundation of basic principles that will enable you to integrate your area of
responsibility with the goals of the business and the IT architecture that supports
them.
Whatever your future career, we trust that your introduction to information systems will have opened your eyes to the wide variety of ways in which IS can be used to support the activities Discovering Information Systems
153
13. Using Information Systems
Section IV
of any business.
13.7 South African Perspective
The Computer Society of South Africa (CSSA) has adopted the following code of conduct for its members:
“A professional member of the Computer Society of South Africa:
1. Will behave at all times with integrity. He or she will not knowingly lay claim to a level of competence that he or she does not possess and he or she will at all times
exercise competence at least to the level he or she claims.
2. Will act with complete discretion when entrusted with confidential information.
3. Will act with impartiality when purporting to give independent advice and must
disclose any relevant interest.
4. Will accept full responsibility for any work which he or she undertakes and will
construct and deliver what he or she purports to deliver.
5. Will not seek personal advantage to the detriment of the Society.
6. Will not discriminate on the basis of race, sex, creed or colour.”
13.8 Beyond the Basics
When an organisation invests in new technology, four different stages are experienced in its assimilation. If these are understood and supported by management, the introduction and
spread of the technology can be facilitated.
Phase 1: Technology identification and investment. A team of technological specialists and business users is needed to explore and evaluate new technologies. When the decision is made to acquire a new technology, the initial investment should include staff training and management of the implementation.
Phase 2: Technological learning. Staff must be supported in their efforts to use the new technology, and encouraged to experiment in order to gain experience and knowledge of its capabilities. Use of the system should not be restricted only to existing business tasks.
Phase 3. Technological learning. Technical staff and experienced users together define possible applications of the new technology and determine the most cost-effective ways in which it can be incorporated within business processes.
Phase 4. Widespread technology transfer. Once the new technology has a base of
experienced users and clear plans have been developed for its future use, it can be transferred throughout the organisation. At this stage, tighter management control instead of the previous policy of experimentation is needed to achieve the expected return on investment.
154
Discovering Information Systems
Section IV
13. Using Information Systems
13.9 Exercises
13.9.1 Ethics
Would you consider the following scenarios to be ethical or unethical? Explain why you think this.
• A company requires employees to wear name badges that track their whereabouts
while they at work.
• The network manager reads an employees e-mail.
• An employee forwards an e-mail to a third party without obtaining permission from
the sender of the message.
• An employee uses his computer at work to send personal e-mail to a friend.
• A student uses the university computer labs to send personal e-mail to a friend.
• A student copies text from the Web and incorporates it in an essay without
acknowledging the source.
• A student is required to create a Web page for an assignment, so she finds an existing page that she likes and then modifies its contents.
Discovering Information Systems
155
Case Study
Section IV
CASE STUDY: CREAM ADVERTISING
Refer back to the Cream Advertising case study that was introduced at the end of Chapter 10.
Jade Smith has come to the conclusion that rather than trying to add new functions to her existing information systems, which are in any case somewhat outdated, new systems should be introduced at all levels of the organisation. This would include applications to provide transaction processing support, management reports, trend analysis and forecasting, and
access to information about their market and competitors. Groupware would be an important factor in supporting team work and client communications.
Jade is also is concerned about the growing number of rival advertising companies who have included the internet in their business strategies. She is reluctant to spend money on
something that will not necessarily increase business income, but she is aware that her clients feel that Cream is falling behind the times. In her view, the only way that the added expense of e-commerce would be justified, is if they are able to expand their business to cater for a global market and attract new overseas clients.
(a) Explain why it is important to plan for the integration of the different systems, rather than simply acquiring individual software packages and the appropriate hardware from
different vendors?
(b) It will probably be necessary to develop software interfaces between the various systems to ensure that data can be transferred between them. Would you advise Jade to employ a
technical programmer for this purpose, or should the job be outsourced?
(c) How can Jade best manage the introduction of the new systems to ensure that staff will use them as efficiently as possible? What ongoing support arrangements should be put in
place?
(d) The new systems will give all staff access to the internet, as well as to corporate data and applications. What ethical problems might arise and how can they be pre-empted?
(e) In expanding to a web-based global marketplace, are there any cultural or social issues that Jade should be alerted to?
156
Discovering Information Systems
Index
INDEX
3GL 62
business process reengineering (BPR)
80/20 principle 31
8
acceptance testing 144
byte 15
Access 156
C++ 64
Accuracy 156
Cache memory 45
ActiveX controls 152
CASE 149
ad hoc reports 4
CD-R 48
AI 104
CD-ROM 48
ALGOL 62
centralised processing 89
alias 88
Chain printer 51
ALU 41
Reads:
127
Pages:
90
Published:
Sep 2023
I hope you enjoy this FREE ebook. Thanks for downloading it.
Formats: PDF, Epub, Kindle, TXT
Reads:
103
Pages:
74
Published:
Sep 2023
Databases are crucial for managing and utilising data effectively in various industries and applications. The aim of this book is to enable the reader to revi...
Formats: PDF, Epub, Kindle, TXT
Reads:
31
Pages:
293
Published:
Jul 2023
How-to's are step-by-step tutorials that are designed to help you learn more about Maya.
Formats: PDF, Epub, Kindle, TXT
Reads:
115
Pages:
176
Published:
Apr 2023
"No Filter, No Problem" by Famium is your ultimate guide to creating a visually stunning, engaging Instagram presence. Packed with insider secrets and practic...
Formats: PDF, Epub, Kindle, TXT