ICT4 Revision Sheet
Organisational Structure
The three levels of an organisation are
• Operational (workers)
• Tactical (Middle management) – short-term operational decisions like staff rosters and how many tills to open
• Strategic (Higher management / Directors) – long-term management decisions like where to locate new stores
Management Information Systems
“A management information system is a system to convert data from internal and external sources into information.”
The Purpose of a Management Information System
“This information is communicated in an appropriate form to managers at different levels, enabling them to make effective decisions for planning, directing and controlling activities for which they are responsible.”
An example could be a sales information system.
“A data processing system is for carrying out the low level data capture of repetitive business transactions.”
An example could be an electronic point-of-sale system.
Information Flow
“Formal information flow is a system with fully documented and agreed procedures, stating stages of flow control, exception handling and distribution.”
An example of formal information flow could be the company intranet used to pass internal information on to company employees.
“Informal information is information that naturally arises.”
An example of informal information flow could be that you are chatting to a colleague in the corridor when they tell you what happened in a meeting that you missed.
Reasons for a new MIS being created
• current system is no longer fit for the business purposes
• changes in the business methods
• new legislation
• technical developments mean current system is outdated
• current system is too expensive to run
The Development and Life Cycle of an Information System
The stages in the Systems Development Life Cycle
• Analysis – examining the current system to see what needs to be done
e.g. questionnaire, interview users, formal observation
• Design – designing the new system
• Implementation – actually writing the new system
• Testing and Maintenance – making sure the new system works
“This is a cycle because with every new version of the system the same steps are repeated.”
“Formal methods are mathematical approaches to software and system development.”
e.g. Data Flow Diagrams and SSADM
Reason for formal methods:
They reduce life cycle development costs through improved analysis and design.
Things to be considered at each stage
• Clear Timescales – both parties must set achievable deadlines so that the project can be completed on time
• Agreed Deliverables – they must produce agreed content to agreed standards so that the user’s requirements are met
• Approval to Proceed – the user must sign off a section saying they are satisfied with it, before the development of the project may continue
Factors to be considered when considering the introduction of a new MIS
TELOS Feasibility Study
• Technical feasibility – can it be done technically?
• Economic feasibility – can it be done cost-effectively?
• Legal feasibility – can it be done legally?
• Operational feasibility – can it be done practically within the organisation?
• Schedule feasibility – can it be done on time?
Methods of changeover
• direct
– the users stop using the old system one day and start using the new system the next
• parallel
– the old system continues alongside the new system for a while
• phased
– different parts of the new system are implemented separately at different times
• pilot
– the new system will be used by only a portion of the organisation at first
(e.g. at one branch of the company)
•
Desirable characteristics of an MIS
• Flexible – Allowing for many different ways of analysing data
• Capable of supporting a range of skills and knowledge
• Easy to interrupt work and return to it at a later time
Success of an MIS
Reasons why an MIS might be considered a success
• accomplishment of original objectives
• system being used appropriately
• users are satisfied with the system
Failure of an MIS
This is if it asks about the system
Reasons why an MIS might fail
• lack of management involvement in design
• lack of teamwork
• inadequate analysis
• inappropriate / excessive management demands
• emphasis on computer system
If it asks about the staff, it is a management of change question.
Failure of an MIS at a particular stage of development
Analysis
• Users are not sufficiently involved
• Objectives are poorly defined
• Analysts have poor communication skills and do not obtain adequate information
Design
• Users are not sufficiently involved
• Management are not sufficiently involved
• System is designed to meet current needs, but is not flexible enough to respond to changes in the business environment
Implementation
• Amount of time required is grossly underestimated
• Programmers lack the necessary skills and too much time spent coding
Testing
• Users are not sufficiently involved
• Insufficient test plan
Corporate Information Systems Strategy
“A corporate information systems strategy is a coordinated approach to the planning, resourcing, development and implementation of ICT systems within an organisation.”
Aims of a corporate information systems strategy
To make sure that ICT systems add value to the organisation by contributing to organisational goals (e.g. maximising profit, reducing hospital waiting list etc.) in an efficient, reliable and cost-effective manner.
Things to consider when putting together a corporate information systems strategy
(GoLDRIC)
• What are our GOals?
• What extra Legislation will we have to be aware of?
• How will it aid our Decision making?
• Who will be Responsible for the running of the ICT
system?
• What are our sources of Information & data – where
does our data come from & where does it go?
• What is our Culture? – Acceptance of change?
Resistant to change?
The Management of Change
Issues that will need to be managed
• Re-skilling – training needs must be assessed and specialist staff may need to be employed
• Internal Procedures – changes may need to be
made to codes of practice or security policy.
There may also be legal issues.
• Organisational Structure – this may flatten,
and departments may open or close
• Attitude – staff must be kept informed and there may be resistance to change due to fear of redundancy
Information and Data
Information
Good quality information
• Complete
• Accurate
• Understandable
• right Level of Detail
• Relevant
• ON time
Ways of Classifying Data
Data can be classified by
• Nature – qualitative or quantitative
• Use – Planning, controlling or decision-making
• Time – historical, current or future
• Source – internal or external
Audit Requirements
“An audit trail is a record that allows a transaction to be traced through all stages of processing.”
Things an audit trail might record
• which files have been accessed by which users
• how many times has a server been accessed
• who has logged on, where from and for how long
• how many unsuccessful login attempts have been made
• which software has been used
An ICT Security Policy contains
• Detection of misuse
• Investigation of misuse
• Prevention of misuse
• DIsciplinary Procedures
Legal Aspects
The Data Protection Act 1998
This law exists to protect the privacy of individuals. The main areas being that data and information should be secure, personal data should be accurate and data should not be misused.
Copyright Designs and Patents Act 1988
This law says that it is illegal to copy software or to run pirated software.
The Health and Safety Regulations 1992
These regulations state measures that should be taken to avoid injuries in the workplace.
Methods of enforcing and controlling data protection legislation
• Staff should be aware of company policy. This could be done by including it in the staff handbook, training the staff, or put on notice boards.
• Staff should be responsible for data being kept private. If anybody gives out confidential information, it should be a disciplinary offence.
• A senior manager should be made responsible for seeing that the security policy is enforced.
Methods of enforcing and controlling software misuse legislation
• Use a Commercially available Audit Tool to compile an inventory (a tracking tool to put together a list) of software that is being used. Any illegal software should be deleted immediately.
• Make sure that as an organisation you Buy Enough Licences for the software you need. Make sure the company puts enough money aside to be able to afford these licences. Also, try to get the network to only allow as many people to use the software as you have licences.
• Make regular checks on your software suppliers to make sure that they are not selling you pirate copies of software.
Methods of enforcing and controlling health and safety legislation
• Provide employees with regular breaks, along with facilities so that they can relax and have a drink during their break.
• Make sure that the correct equipment is provided for employees. For example, adjustable chairs, monitors that tilt and swivel, appropriate lighting. They could also make sure that there is not a lot of noise and that there were no obvious hazards, such as cables trailing across the floor.
• The company could bring in a Professional Ergonomist to assess the working environment and make recommendations as to how it could be improved. Things to be considered are things such as workplace design, computer hardware, lighting, cooling, humidity levels and computer software.
Prototyping
“A prototype is a first version of something, from which all later forms are developed.”
Benefits of prototyping (writing a rough first version)
• missing functions may be detected
• misunderstandings between developers and users can be detected
• prototype can be used for training before final system is delivered.
Employee Code of Practice
“A code of practice is an agreement between the organisation and the ICT users governing the usage of the computer systems.”
A company code of practice should address
Responsibilities for use of
• Data
-don’t give your password to other people
• Internet
- the internet must be used for research purposes only
• Software
- programs must only be installed by an official technician
• Hardware
- printers must only be used for the printing out of work
The Reason for a Code of Practice
“These rules, established by an organisation, must be followed by that organisation’s employees. They may refer to the responsibilities of employees and set out penalties for misdemeanours. The code of practice is separate from any legal or ethical considerations.”
Different Ways of Presenting Information
• Graphs and charts to show summaries and trends to senior managers in management meetings
• Written reports for detailed analysis and explanations for company shareholders
Disaster Recovery Management
“A disaster is an event that would cause immediate, total loss of data.”
“A risk analysis means establishing a clear picture of what the risks are to an information system, and what the company stands to lose if disaster strikes.”
Steps involved in a risk analysis
• identify each element of an MIS
• place a value to the business on each element
• identify potential threats to each element
• identify the likelihood of each threat occurring
Threats to an MIS
• physical threats
(e.g. theft of equipment)
• communications breach
(e.g. hackers, poor encryption)
• hardware failure (e.g. hard disk failure)
• natural disasters (e.g. earthquakes, floods)
“A disaster contingency plan is a plan that describes what you would do to get an information system back up and running in the event of a disaster.”
Criteria when choosing a disaster contingency plan
• Nature of the Operation
• Timing (how important to recover immediately?)
• Scale of the Organisation and its IT system
• Likelihood of Disaster happening (based on risk analysis)
User Support
Types of user support
• Helpdesk with someone to give technical advice
• User Guide for people to look up things for themselves
• on-site technical support for the first few weeks
• on-line help for people to get help from experts via e-mail
Maintenance
Types of maintenance
• Corrective – fixing any little problems with the system
• Adaptive – the system is modified slightly to meet a change in the business needs
• Perfective – the system works but you can still
make it better
Training
When planning training you need to consider
• Staff IT literacy
• Staff familiarity with hardware and software
• Level of detail of training material
Types of training
• Classroom training course (in-house or external)
• On-line tutorial
• CBT (Computer Based Training)
• One-to-one training
Project Management and Effective ICT Teams
A project manager must
• Control budgets and salaries
• Analyse risk
• Monitor progress
• Plan and staff a project
Characteristics of an effective development team
• strong leadership
• appropriate allocation of tasks
• close monitoring of progress
• control over resources
• monitoring of costs
Reasons why projects are often sub-divided into teams
• It would make the project easier to control
• Makes testing more manageable
• It can be completed in a shorter time because non-dependent sub-projects can be worked on simultaneously