Information Systems USING INFORMATION Information – Section 1 Data, Information, Knowledge, Metadata Categories of Information – Source, nature, level, time, frequency, use, form and type. Characteristics of information Availability/ accessibility, accuracy, reliability/ objectivity, relevance/ appropriateness, completeness, conciseness/ level of detail, presentation, timing, value and cost. Data-Information-Knowledge Data is raw unprocessed facts and figures that have no context or purposeful meaning. Information is processed data that has meaning and a context. Data Information 36.41 £36.41 – bill for DVDs Binary patterns on a disc Processed data – e.g. display on screen, icons, etc. Knowledge is gained from Information. -We gain knowledge from information and we use that information to make decisions. Explicit Knowledge - is rules or processes or decisions that can be recorded either on paper or in an information system. Tacit knowledge exists inside the minds of humans and is harder to record. It tends to be created from someone’s experiences, so again is a set of rules or experiences. Different people may interpret the same info in different ways. Example The numbers M74 and A8 are stored on a computer as data The numbers M74 and A8 are processed by a route finder program and displayed as possible ways of getting to Glasgow from Bellshill. The user knows that there is roadworks on the A8 and chooses to go via the M74 Metadata Metadata can be thought of as data that describes data. Structured information about a topic Eg. a library index card, A data dictionary in unit 2 is metadata The department of transport uses metadata (data stored on car details) gathered from insurance companies to find cars that are not insured. Forecasters use metadata (data stored on weather data) to look at trends in weather. Metadata is structured and consistent and easy to search. Categorisation of Information to determine its overall usefulness. Source Nature Level Time Frequency Use Form Type. Source The origin of the information Primary/secondary Internal/external Source - Primary/ Secondary • A primary source - Data from the original source document –Where the information appears for the first time. Straight from the horses mouth. • e.g. A customer order form (written by the customer). • An Internet order (straight from the customer) A secondary source of information is one that provides information from a source other than the original. • An order processed by a telesales operator. (not straight from customer) • Where statistical information is gathered, such as in surveys or polls, the survey data or polling data is the primary source and the conclusions reached from the survey or the results of the poll are secondary sources • Primary sources are less likely to contain errors, not been misinterpreted. Source Internal/ External Internal –Generated and processed within the organisation Examples of internal sources: Marketing and sales information on performance, revenues, market share, distribution channels, etc. Production and operational information on assets, quality, standards, etc. Financial information on profits, costs, margins, cash flows, investments, etc. Internal documentation such as order forms, invoices, credit notes, procedural manuals An external source of information is concerned with what is happening beyond the boundaries of the organisation. Generated outwith the organisation • census figures • telephone directories • judgments on court cases • computer users’ yearbook • legislation, e.g. the Data Protection A.ct • gallup & national opinion polls • trade journals • Ordnance Survey maps professional publications • • Financial services agencies such as Dunn and Bradstreet • industry standards • the Internet Nature of information – Formal/ Informal Formal – official, taken seriously information presented in a structured and consistent manner main methods the formal letter, properly structured reports, writing of training materials, etc. in cogent, coherent, well-structured language. Informal less well-structured information transmitted within an organisation or between individuals who usually know each other. Conversations, text, e-mails etc Formal information is prepared carefully, is accurate and reliable Nature of information Quantitative Information information that is represented numerically. Test scores, statistics, not open to interpretation, hard facts. Qualitative Information information that is represented using words. Case studies, essays, reports, interviews, focus groups. Gathers emotions, human reactions, cannot be measure objectively Questions on section 1 Levels of Information Long-term decisions - both internal & external sources Top level of management STRATEGIC TACTICAL Medium-term decisions mostly internal but some external sources Middle management Day-to-day decisions largely internal sources OPERATIONAL Lowest level of staff Time Historic Information gathered and stored over a period of time. It allows decision makers to draw comparisons between previous and present activities. Historic information can be used to identify trends over a period of time. Present Information created from activities during the current work-window (day, week or month). In real-time systems this information would be created instantly from the data gathered (e.g. the temperature in a nuclear power plant turbine) giving accurate and up-to-date information. Future Information that is created using present and historic information to try to predict the future activities and events relating to the operation of an organisation. Frequency of Information Continuous This is information created from data gathered several times a second. It is the type of information created by a real-time system. Periodic Information created at regular time intervals (hourly, daily, monthly, annually). Annually – On an annual basis a company must submit its report and accounts to the shareholders. Monthly – Banks and credit card companies produce monthly statements for the majority of their customers. Daily – A supermarket will make daily summaries of its sales and use the product information to update its stock levels and reorder stock automatically. Hourly – A busy call centre will often update totals for each operator on an hourly basis and give the top employee for the hour some reward. Uses of Information within Organisations Planning is the process of deciding, in advance, what has to be done and how it is to be done. Planning is decisions by management about: What is to be done in the future How to do it When to do it Who is to do it An objective is something that needs to be achieved. A plan describes the activities or actions required to achieve the objective. Uses of Information within Organisations Control is the monitoring and evaluation of current progress against the steps of a pre-defined plan or standard. Operational level the manager’s time will be spent on control activities At higher levels planning and control are more closely linked, with management being concerned with the monitoring of progress against the plan, assessing the suitability of the plan itself, and predicting future conditions. Decision-making – means selecting an action or actions from those possible based on the information available. involves determining and examining the available actions and then selecting the most appropriate actions in order to achieve the required results. is an essential part of management and is carried out at all levels of management for all tasks. is made up of four phases: Finding occasions for decision making Finding possible courses of action Choosing among these courses of action Evaluating past choices. Forms of Information Written Hand-written, word-processed, e-mails. Reports from different classes of software. Reports, memos and tables, receipts, invoices, statements, summary accounting information. Aural Speech, formal meetings, informal meetings, talking on the phone and voice-mail messages. Employee presentations to a group where there may be use made of music and sound effects as well as speech. Visual pictures, charts and graphs. Presentations via data projects, DVDs, etc. Types of Information Detailed An inventory list showing stock levels Actual costs to the penny of goods Detailed operating instructions Most often used at operational level Sampled Selected records from a database Product and sales summaries in a supermarket Often used at a tactical level (maybe strategic) Aggregated Totals created when detailed information is summed together Details of purchases made by customers totalled each month Characteristics of Information Availability / Accessibility Information should be easy to obtain or access Accuracy Information needs to be accurate enough for the use to which it is going to be put. Reliability or Objectivity Reliability deals with the truth of the information or the objectivity with which it is presented. Relevance / Appropriateness Information should be relevant to the purpose for which it is required. It must be suitable. Completeness Information should contain all details required by the user. Level of Detail / Conciseness Information should be in a form that is short enough to allow for its examination and use. There should be no extraneous information. Presentation Information can be more easily assimilated if it is aesthetically pleasing. Timing Information must be on time for the purpose for which it is required. Information received too late will be irrelevant. Value The relative importance of information for decision-making can increase or decrease its value to an organisation. Cost Information should be available within set cost levels that may vary dependent on situation. The difference between value and cost Valuable information need not cost much. Information costly to obtain may not have much value. Organisational Information Systems Collection of information systems Processes data – mostly interconnected. Some are just for admin – some collate data from departments and some process data ‘intelligently’ to assist SMT. There are 4 main types: DPS – Data Processing systems MIS – Management Info Systems DSS – Decision Support systems EIS – Executive Info Systems Categories of Information Systems Data Processing Systems (DPS) - Operational Management Information Systems (MIS) - Tactical Decision Support Systems (DSS) - Tactical Executive Information System (EIS) - Strategic Data Processing Systems Deals with day-to-day transactions Accountancy, invoicing, stock control Items scanned by bar code reader Predefined structured tasks. Provides summarised info for higher levels of management. Needs to be fault tolerant High volume of Input/output DPS are the tools used at the Operational level of an organisation DPS involves use of a computer Data Processing Systems Eg Manufacturing and Production Systems DPS are used to control/ operate/ monitor manufacturing and industrial processes eg.Purchasing materials, shipping items, robotic systems/ inventory of goods. Sales and Marketing – Supports sales – holds customer records – telemarketing – processes sales – invoices – used in POS (electronic scanner) Finance Systems Records flow of funds in an organisation. – payrolls – income statements – balance sheets. All computerised due to repetitive nature of task. Management Information Systems The source of data for an MIS usually comes from numerous databases. These databases are usually the data storage for Data Processing Systems. MIS summarise and report on the organisation’s basic operations. MIS produce reports for managers interested in historic trends on a regular basis. MIS operate at the tactical level. Dedicated to one particular area of an organisation. Large input – summarised output. Can custom report to meet needs. Good for producing reports on repetitive tasks. Eg. Total sales figures for each product. Decision Support Systems Interactive computer based systems to help management (usually at tactical level) make unique, non-recurring, unstructured decisions. One off decisions. Supports tactical level. Allows the manager to explore a range of possibilities eg the effect on profit and loss if the costs decrease. the source of data is a combination of summary info gathered by the dps and mis as well as significant external info. Executive Information Systems EIS provide senior managers with systems to assist in taking strategic and tactical decisions. Purpose – to analyse, compare and identify trends to help the strategic direction of the organisation. EIS incorporate data about external events. They: draw summarised information from internal MIS and DSS. filter, compress, and track critical data. reduce time and effort required to obtain information useful to strategic management. employ advanced graphics software to provide highly visual and easy-to-use representations of complex information and current trends. EIS allow the user to look at specific data that has been summarised from lower levels within the organisation and then drill down to increase the level of detail. Expert Systems An expert system is a computer program that tries to emulate human reasoning. It does this by combining the knowledge of human experts and then, following a set of rules, draws inferences. An expert system is made up of three parts: A knowledge base stores all of the facts, rules and information needed to represent the knowledge of the expert. An inference engine interprets the rules and facts to find solutions to user queries. A user interface allows new knowledge to be entered and the system queried. Expert systems are used for the following purposes: To store information in an active form as organisational memory. To create a mechanism that is not subject to human feelings, such as fatigue and worry. To generate solutions to specific problems that are too substantial and complex to be analysed by human beings in a short period of time. Interrelationships between Information Systems EIS MIS DSS DPS Expert Systems performs tasks that would otherwise be performed by human experts used to replace or help experts three components 1. Knowledge base – problem and domain specific 2. Inference engine - implements the reasoning mechanism and controls transactions 3. User interface – gathers input and outputs results Advantages of Expert Systems preserves expertise information in an active form not subject to human traits eliminate routine and unsatisfying jobs suggest solutions to specific problems Questions Organisational Management Strategies Network strategy Addresses data transfer, distribution, access and security, facilities, storage. Security strategy Deals with access to the network and keeping unauthorised people out. Backup and recovery strategy To ensure data is not accidentally erased and that it can be recovered once backed up. Upgrade strategy To plan new hardware and software and ensure that everything new will work properly. Software strategy Choose between bespoke and standard packages. Network Strategy Networks LAN (Local Area Network) – in one building. WAN (Wide Area Network) – over a city, country or the wide world. Device sharing. Software sharing. Data sharing. Communication. Uses telecommunications. Distributed networks LAN with several servers, data accessible from all over the network. Network Hardware Client-server network Central server stores data files and log-in details. workstation Peer-to-peer network No central server, all stations equal. Cheaper, data less secure. workstation workstation Network Hardware Network Adapter Card Built-in to the computer. Allows the computer to send and receive data around the network. Structured Cabling Cables made from copper wire, co-axial cable, fibre-optic cable and twisted pairs. Twisted pair Ethernet is the most common. Fibre optic used to link over longer distances and to carry a very high bandwidth. Network Software Network Operating System – 2 parts The version that runs on the server. This is needed to control which users and workstations can access the server, to keep each user’s data secure, and to control the flow of information around the network. It is also responsible for file and data sharing, communications between users and hardware, and peripheral sharing. The version that runs on the personal computers to turn them into network stations. Each workstation (computer) connected to the network needs the Network Operating System installed before it can connect successfully to the network facilities. Network Software Network Auditing and Monitoring Software This software keeps a track of network activity. It records user activity and workstation activity. In a commercial organisation this sort of auditing and monitoring can be used to detect fraud and suspicious activity. Security Strategy This covers security, integrity and privacy of data. Data security means keeping data safe from physical loss. Data integrity means the correctness of the stored data. Data privacy means keeping data secret so that unauthorised users cannot access it. A virus This is a piece of programming code that causes some unexpected and usually undesirable event in a computer system. Viruses can be transmitted as attachments to an e-mail as a download on a disk being used for something else. Some viruses take effect as soon as their code takes residence in a system. Others lie dormant until something triggers their code to be executed by the computer. Viruses can be extremely harmful and may erase data or require the reformatting of a hard disk once they have been removed. Security Strategy Hacking This is the gaining of unauthorised access to a computer information system. The offence is to maliciously alter data or steal information. Denial of service This involves flooding an organisation’s Internet server with a large number of requests for information (traffic). This increase in traffic overloads the server, which becomes incapable of dealing with the backlog of requests, and results in the server crashing or needing to be taken offline to resolve the problem. Codes of conduct These apply to users of an information system. Most organisations insist that users follow a set of rules for using their system. Employees have to sign a code of conduct as part of their conditions of employment. A code of conduct can cover basic professional competences as well as obvious statements like “Never disclose your password to anybody else and change your password every week.” Security Strategy BCS code of ethics covers: Professional conduct Professional integrity Public interest Fidelity Technical competence. Password guidelines Minimum length of 5 characters Must consist of letters and numbers Must not contain any words Must not be the same as the previous password Must not use easily guessed strings of letters or numbers (e.g. 123456 and abcdef). Implementing Data Security Virus protection Prevention Prevent users from using floppy disks. Scan incoming e-mails for viruses. Do not open mail or attachments from someone you don’t recognise. Detection Install anti-virus software. Update it regularly to detect new viruses. Repair Anti-virus s/w can quarantine a virus. Can delete the virus code from an infected file. Firewalls Device or software used to prevent unauthorised access to a network. Placed between the server and the Internet connection (router). Can block sections of the network. Only allows authorised users to join the network (dial-in). Encryption Used by on-line retailers to keep card details secure. Needed in order to gain trust of purchasers. 32-bit encryption almost impossible to crack. Implementing Data Security Access rights Read – allows users to read files. Allows files to be made read only. Write – allows users to write (save) files. Create – allows users to create new files. Erase – allows users to erase files. Modify – allows users to modify files. Groups of users may have. Read/write/create/erase on home drive. Read only on shared areas. Back-up Strategy Every computer user should have a strategy in place to back-up their data. Backing up is the process of making a copy of data stored on fixed hard disks to some other media. This can be tape, external portable hard disks, writeable CD-ROM or DVD. The purpose of backing up data is to ensure that the most recent copy of the data can be recovered and restored in the event of data loss. Reasons for loss: electronic disasters such as a damaged disk head files being accidentally erased the disk being attacked by a virus. Archive The process of copying data from hard disk drives to tape or other media for long-term storage. Data verification It is important to check that the data stored on the back-up media can be recovered. Storage methods DAT tape on built-in drives on servers. USB removable hard drives. Frequency and version control Full back-up (weekly) and incremental daily. Grandfather, father, son method Upgrade Strategy Future proofing Making sure that a system has a reasonable life and does not need to be totally replaced too soon. Hardware & software compatibility Will older s/w work with new operating systems, etc? Will older h/w work with newer equipment (e.g. printers with computers)? Integration testing Are the peripheral devices compatible with the hardware and operating system? Does the network software support the hardware and operating system? Is the application software compatible with the operating system and computer? Is the hardware compatible with the operating system? Legacy systems Old information systems running on out-of-date hardware and operating systems are often referred to as legacy systems. Problems with legacy systems lead to many computer companies developing software that conformed to Open Standards. Emulation This allows access to a greater range of applications that might not be available on the given hardware platform. The use of an emulator allows data to be transferred between platforms Software Strategy Needs to take account of the issues: evaluating the software for use, using several key criteria the user support for the software the training supplied for end users of the software the upgrade path of the software. Software evaluation should cover: Functionality – This refers not only to the number of features an application program has but to the number of useable features it has. Also the tasks to be completed need to be evaluated against the features in the software. Performance – The performance of software can be measured by several different criteria depending on the type of software. Speed - Measured against benchmarks. Usability -Look and feel, choices in menus, etc. Compatibility - With operating system. Data Migration - Translating from one format to another. Reliability - Does the job it is supposed to? Resource requirements - Has the computer enough RAM, big enough disks, etc? Portability - Will it work on different systems? Support - Assistance from vendors or writers? Training in Using Software On-the-job A new user needs to be introduced to the software. This means working through a tutorial to become familiar with the functions of the software. It usually involves an online tutorial program or tutorial manual that teaches the user about the software. In-house This is when small groups of staff, within the company, receive a training course delivered by IT staff. External This is offered by specialist training providers for popular application software, such as software created by Microsoft, Macromedia and Adobe. Manuals Installation guide – gives advice on how to install the software and how to configure it to work with various hardware. Tutorial guide – gives step-by-step instructions on how to use the software. Reference manual – is an indexed guide detailing all the functions of the software. On-line help Explains to the user what each feature of the software does. It is a part of the program situated on the computer and is not on the Internet. On-line tutorials Step-by-step instructions on the computer, not on the Internet. Help desk Internal (end user) and external (software vendors). Newsgroups A Newsgroup allows users of a piece of software to post e-mail messages to the wider user community. FAQs This stands for Frequently Asked Questions. It is usually a file that contains a list of commonly asked user queries about a piece of software Issues Affecting Decisions to Upgrade Software Lack of functionality Hardware incompatibility Upgraded computers do not support old software. Software incompatibility Business changes, new technology outdates software. New operating system will not run old software. Perfecting the software Removing bugs and improving it – will existing data work with it? Centralised and Distributed Databases Centralised database All the data is held on a central computer mainframe or server. Advantages mean it is far easier to manage and control if it is only in one location. far easier to back up when it is centralised. Distributed database Consists of two or more files located at different sites on a computer network. Different users can access it without interrupting one another. The DBMS must synchronise the scattered databases to make sure they all have consistent data. Data Warehousing Data warehousing Historical data transactions are separated out from the ongoing business. The data is re-organised in such a way as to allow it to be analysed; the newly structured data is then queried and the results of the query are reported. Data warehousing could be used as a predictive tool, to indicate what should be done in the future. The main use of data warehousing is as a review tool, to monitor the effects of previous operational decisions made in the course of a business. Data Mining Data mining ‘The nontrivial extraction of implicit, previously unknown, and potentially useful information from data.’ It uses machine learning, statistical and visualisation techniques to discover and present knowledge in a form that is easily comprehensible to humans. Data mining is the analysis of data and the use of software techniques for finding patterns and regularities in sets of data. The computer is responsible for finding the patterns by identifying the underlying rules and features in the data. The mining analogy is that large volumes of data are sifted in an attempt to find something worthwhile (in a mining operation large amounts of low-grade materials are sifted through in order to find something of value). Implications of ICT Social implications Legal implications Economic implications Ethical implications Social Implications Ease of access and availability Information rich / poor Impact of IS on social structures Educational qualifications and ICT Knowledge workers Online retail Globalisation The impact on business of an IS-driven business model Identities and personas Privacy Ease of Access and Availability Access to Internet at work and home. Digital satellite TV with all its services. Access to magazines, books & newspapers. Access in social lives – libraries and Internet cafes. We expect Internet access on holiday and in hotel rooms. Fact – There are more telephones in the city of New York than the continent of Africa (and telephones give access to information). Information rich/Information poor Information rich – They will: Have easy access to computers and electronic communications. Get information and news from the Internet Buy the latest products through on-line shopping. Follow computer-based learning and skills training courses at home. Look for jobs that are advertised solely on the Internet. Find it easier to get well-paid jobs and will enjoy a more comfortable and secure life-style. Information poor – They will not: Have easy access to computers. Have the IT skills and confidence to take part in teleshopping, telebanking, Internet chat and news groups. Impact of IS on Social Structures Families Feel more secure with two wages coming into the family. More mothers have careers and they may not have any children till they are 30 or older. Is this change in family patterns partly caused by computerisation? Are there any risks to the family and to society as a whole from this development? Banks Used to be paper based and only for middle and upper classes – for reasons of wealth and trust. Use of IT means anyone can have a bank account – transaction processing and high levels of security. Now widespread use of plastic money – credit and debit cards. Educational Qualifications and ICT Educational qualifications Qualifications in Computing since the early 1960s, but these were solely in universities and colleges. By mid-1980s computing was available in schools. By 1999 the two strands of software and hardware divided into Computing and Information Systems. Now there are very many different courses offered at degree and NC level, all related to ICT. Need for ICT awareness ICT lets people vote by text on game shows, shop on the Internet, use digital TV to order goods. Families send digital photos round the world. Almost all office jobs and professionals need to use ICT. Knowledge Workers Knowledge worker A person who adds value by processing existing information to create new information that could be used to define and solve problems. Examples of knowledge workers Lawyers, doctors, diplomats, law-makers, software developers, managers and bankers. People who use their intellect to convert their ideas into products, services, or processes. Problem solvers rather than production workers. Use intellectual rather than manual skills to earn a living. Core knowledge workers Those in specific ‘knowledge management’ roles. Knowledge managers, librarians, content managers, information officers, knowledge analysts, etc. Everyone else All the other knowledge workers – everyone engaged in some form of ‘knowledge work’. Online Retail Internet shopping – the here and now. Young people much more likely to shop online than older people. Young people spend on low-value goods (CDs, DVDs, books and hair straighteners). Older people spend on high-value items like holidays and make repeat grocery orders. Why Internet shop? Goods can be difficult to buy locally. Goods are often much cheaper. National chains carry the same goods – the Internet gives wider choice. Advantages and Disadvantages of Online Shopping Consumer advantages More choice of goods online. Cheaper prices. Home delivery – Grocery shopping on-line very useful for young families. Consumer disadvantages Often long delivery times. Temptation to spend more money than intended. Social isolation (supermarkets are the new social scene). On-line Retailer advantages Can reach a far wider audience. Doesn’t need expensive showrooms. Doesn’t need to employ trained sales staff. On-line Retailer disadvantages Must spend money on a website with secure payment system. Must accept a high rate of returns. Never meets customers. The Changing Relationships between Retailer and Customer Shoppers are: Becoming intolerant of goods being unavailable or out of stock. Very wary of over-pricing and long delivery times. Consumers are: More willing to go online and order from different retailers. Willing to use a credit card to buy online Aware of the stress of waiting for goods bought when presents don’t turn up on time. We still maintain relationships: With local specialist shops. Customers who buy their groceries on-line and have the same delivery driver every week often build up a good relationship with the driver. In general: The two types of shopping can complement each other, opening up new markets to specialist retailers and giving more choice to customers. Globalisation Globalisation Is the growing integration of economies and societies around the world. Has been a hotly debated topic in economics. Positive aspects Rapid growth and poverty reduction in China, India, and other countries that were poor 20 years ago. Negative aspects It has increased inequality. It contributes to environmental degradation. It is most conspicuous in huge companies producing products as diverse as oil, Cola and burgers. Impact of IS on Business and Societies Multinational companies As diverse as Cola and Oil technology. Achieved globalisation through the use of information systems. Originally a few large companies with mainframe computers. Confined to major US networks and European cities. Present-day examples of globalisation Smaller companies have global presence. Communicate via dedicated worldwide intranet. Publish reports, memos, etc & e-mail round the world. Don’t need mainframe systems. Use web and mail servers to communicate. The Impact on Business of an IS-Driven Business Model Traditional businesses Have embraced IT with open arms. Have had IT forced upon them and adapted. Modern IS-driven businesses Companies without High Street branches. Call centre based companies. Advertise heavily on TV. Much lower overheads than maintaining a network of branches. Call centres can bring employment to smaller towns rather than cities. Identities & Personas Using the Internet as a medium of communication Change is having a dramatic impact on people’s lives. Ability to communicate with anyone regardless of age, sex, location, background, etc. The Internet allows people to develop different identities and personas when communicating. Can join chat rooms and newsgroups and offer an expert opinion even when not an expert. Disadvantages Criminal offence of “grooming” via the Internet. Parents wary of letting teenagers have use of the Internet. Fear of the Internet among certain groups in society. Read about Jonathan Lebed and Marcus Arnold (either online or in the notes). Privacy Private communications across the Internet Should be secure and safe. We feel we have a right to this privacy. Websites we visit should be our business. National security or criminal actions Terrorists use e-mail, mobile phones and the Internet to communicate amongst themselves. Criminals use the Internet to host websites. What about our privacy? Security organisations can scan all e-mail and mobile phone messages looking for tell-tale phrases. FBI caught thousands of paedophiles across USA and Europe via their IP address and phone number. Legal Implications of Information Systems The Data Protection Act 1998 Computer Misuse Act 1990 Copyright Designs and Patents Act 1988 The Regulation of Investigatory Powers Act 2000 The Freedom of Information Act (Scotland) 2002 Health and safety regulations The 1998 Data Protection Act The 8 data protection principles Personal data shall be processed fairly and lawfully. Personal data shall be obtained only for lawful purposes. Personal data shall be adequate, relevant and not excessive. Personal data shall be accurate and kept up to date. Personal data shall not be kept for longer than is necessary. Personal data shall be processed in accordance with the rights of data subjects. Appropriate measures shall be taken against unauthorised or unlawful processing of data. Personal data shall not be transferred to a country outside Europe. In the UK, data must be registered with the Data Commissioner. The 1998 Data Protection Act Unconditional exemptions: Data related to national security. Data which by law has to be made public (e.g. the voters’ roll). Data held by the Police and National Health Service. Conditional exemptions: Mailing lists (names and addresses). Data used for calculating and paying wages. Information used for club memberships. Data used by a data subject at home. The 1998 Data Protection Act Rights of data subjects: To see any personal data stored either electronically or manually about them. The data controller may ask that a small fee be paid to cover their costs in providing the data. To have their data corrected if it is inaccurate. To prevent their data being used by companies to send them junk mail. Responsibilities of data users: Have to register with the Data Protection Registrar if they wish to hold personal information about data subjects. They must be willing to let data subjects see data held about them, and must amend any false data without charge. Data users must also be willing to remove subjects’ names and addresses from mailing lists if asked to. The 1998 Data Protection Act Changes from the 1984 Act: The 1984 DPA had certain shortcomings: It only covered data in electronic form. Companies could circumvent certain provisions. It had no European or worldwide dimension. There was no obligation on data users to tell the data subjects that they held any data about them. The 1998 Act: Covers the transmission of data in electronic form, which was not really an issue in 1984. Harmonised the European Union Data Protection legislation. It also made it a requirement of the Act to ask for the prior consent of data subjects to have data held about them, and it included paper-based records. Computer Misuse Act The Act contains three sections covering: Unauthorised access to computer material Unauthorised access with intent to commit or facilitate commission of further offences Basic hacking – e.g. breaking into the school network, locking a user out of the system, etc. Where a computer system is used to help commit a crime. Unauthorised modification of computer material Expert hacking – modification of data without permission. Also covers the transmission of viruses. Copyright, Designs & Patents Act Software licencing Software can be legally installed on as many computers as the licence allows. Shareware can be used legally for 30 days then either paid for or deleted. Freeware can be downloaded and used free of charge. Computer applications Databases can store vast amounts of copyright data. Act covers extracts from computer databases. Plagiarism to copy work directly from the Web. Music downloads must be paid for and copyright checked. Software piracy a crime - FAST. The Regulation of Investigatory Powers Act 2000 Gives powers to: Police, Special Branch, GCHQ and MI5. Organisations are allowed to monitor employees, e-mail and Web usage. It also provides powers to help combat the threat posed by rising criminal use of strong encryption to try to break into electronic transactions. The Act contains 5 parts It allows the authorities to monitor our personal e-mail and Internet usage. So businesses, local authorities and government departments can and do monitor internal emails. They can also monitor Internet usage of staff, students and pupils. It sounds very “Big Brother”. May enrage and disturb many people to realise this. But when terrorists can be anywhere in our society it may be a relief to know that the authorities are taking active steps to catch them. The Freedom of Information Act (Scotland) 2002 From 1 January 2005 General right of public access to all types of 'recorded' information held by public authorities. Sets out exemptions from that general right. Places a number of obligations on public authorities. The Act applies only to 'public authorities' and not to private entities. Public authorities include Government departments, local authorities and many other public bodies, and also schools, colleges and universities. The Act is enforced by the Scottish Information Commissioner. Responsibilities of public authorities Required to adopt and maintain a Publication Scheme. This sets out the classes of information available (e.g. prospectuses, almanacs and websites); the manner in which they intend to publish the information; and whether a charge will be made for the information. Health and Safety Regulations Covers physical aspects of work Seating: Is the seating comfortable and not causing strain? Lighting: Is the lighting adequate for the work? Employee injuries, etc. Repetitive Strain Injury (RSI): Caused by doing the same repetitive task too long (e.g. typing numbers all day on the number pad). Radiation: Not so much of a problem now but the big old monitors emitted a lot of radiation and were very dangerous. Eye Strain: Caused by spending too much time looking at the screen. Health and Safety Regulations Requirements on employers: To carry out a risk assessment. Employers with five or more employees need to record the significant findings of the risk assessment. Risk assessment should be straightforward in a simple workplace such as a typical office. To provide a safe and secure working environment. Economic Implications of ICT Type of jobs and costs in ICT The effect of new ICT on business Business and ICT Business costs Jobs in ICT Starting positions Programmer / analyst: Responsible for program development and modification. Web administrator: Responsible for developing, managing and co-ordinating the posting of company material from departments onto the company website. Network administrator: Responsible for the dayto-day management and maintenance of the network. Salaries: In the region of £20,000 to £30,000 depending on the level of responsibility. Jobs in ICT Advanced development positions Database manager: Responsible for identifying needs and developing software accordingly. There is an increasing role for data mining and data warehousing experts in this field. Project leader and senior analyst: Sometimes separate posts, sometimes a joint post the project leader will liaise with directors and top managers and translate ideas into computer related documentation. IT manager: Generally in charge of the entire IT operation, staff and equipment. Salaries: These senior posts can carry very high salaries with fringe benefits such as company cars. The Effect of New ICT on Business Costs Investing in a new computerised system is very expensive. Staff training is a major cost. Benefits Increased productivity (fewer staff). Increased functionality. Reports from the computerised system can save the expense of professionals. Business and ICT Competitive advantage Businesses want advantage over their competitors in the same area of business who have not made a similar investment. How to gain competitive advantage Employ a systems analyst. Complete a feasibility study covering technical aspects and legal and economic feasibility. Huge leap of faith? First paper-based mail order company had: to move over to a call centre and telephone ordering. to tie in with an “intelligent warehouse”. to do an exhaustive economic feasibility study to see if they would gain a competitive advantage over their rivals. They did all of this, but was it an even bigger leap of faith to be the first of these companies to introduce Internet ordering? Business Costs Initial costs Huge costs to set up a production line, just-in-time ordering, or a call centre. Computers, software, robots, etc. Running costs Staff required. Paper, ink cartridges, back-up media. Software licences. Maintenance contracts. Ethical Implications of ICT Netiquette Intellectual property rights (IPR) Censorship Regulating the content of the Internet Privacy and encryption Global citizenship Netiquette General points Treat others the way you expect to be treated. Act within the law. Act responsibly and ethically. Advice Do not type e-mails in capitals – shouting. Always fill in the subject field. Don’t abuse people – flaming. Always minimise or compress large files. Do not forward stupid jokes and chain letters. Do not forward hoax virus warnings. Intellectual Property Rights Written work Knowledge is the principal source of competitive advantage. All original work published on the Internet has IPR. IPR applies also to software. Music, etc IPR relates to the Internet sites where music can be downloaded. Copyright material must usually be paid for as the publishers of the music own the IPRs. Censorship On the Internet Current UK censorship laws may not be adequate. Operators of questionable sites can host sites in countries without such laws. Controls can hinder freedom of speech. Now if you visit an illegal site (even if it is legal in its host country) you can be prosecuted. Should “spam” be illegal – freedom of speech? Visiting an illegal site by accident can be a valid defence (e.g. if its description bears no resemblance to the actual contents). Regulating the content of the Internet Dubious material on the Internet Conscious access needs to be made before ‘offensive’ or ‘unacceptable’ material is displayed. Software can be installed that will monitor what accesses are made from which terminals, when and by whom. Internal organisational procedures should deal with this type of situation. Contravening legislation on the Internet Internet is no different from other media – it too can contravene legislation on sensitive matters. Successful libel cases have been taken out against bulletinboard operators for the materials published on their boards. Is current legislation enough? Presumably only time will tell. Future governments and public opinion will influence new legislation. Privacy and Encryption Privacy Text messages, mobile calls, e-mail and Internet usage can all be monitored by security organisations. Criminals are using technology to try and intercept and read personal information. If we are to trust online shopping, then the online vendors must apply security to their site. Encryption Ensures that a card number is encrypted when it leaves the shopper’s computer until it arrives safely at the vendor’s website. PGP (Pretty Good Privacy) uses a 32-bit encryption procedure. PGP is unbreakable and is used by good online retailers who will usually advertise the fact. They may also subscribe to a code of practice (like the Which? Code for Internet Shopping) based on PGP and 32-bit encryption. ICT and Global Citizenship Study of citizenship Gives students the knowledge, skills and understanding to play an effective role in society at local, national and international levels. Global citizenship is generally thought of as being aware of global issues such as environment, commerce, politics and society in general. Use of ICT in citizenship If a student is studying citizenship then the use of the Internet means that information and discussion papers can be found and studied very easily. Newsgroups exist on a wide range of citizenship topics – informed and serious discussions. E-mail links with schools in foreign countries.