Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security
Uploaded by Sijoy Almeida

Management Information System(MIS)

advertisement 
Management Information System(MIS)
1.
2.
3.
4.
Concept, Definition,etc.
Personnels in Information System.
Managing Multi processor Enviroment.
MIS Security Issues.
Concept of MIS
Management
Information
System
Concept of MIS
Management Information System (MIS)
Information
Management
System
Concept of MIS
Management Information System
Information
Information:
Management
System
Concept of MIS
Management Information System
Information
Management
Information:
Does Information & Data means the same?
System
Concept of MIS
Management Information System
Information
Management
System
Information:
Information is a data that has been processed into a form that is meaningful
to recipient and is of real or perceived value in the current or the prospective
action or decision of recipient.
Concept of MIS
Management Information System
Information
Example:Random data. :- 69391769
Management
System
Concept of MIS
Management Information System
Information
Random data :- 69391769
Random data :- 0250
Management
System
Concept of MIS
Management Information System
Information
Management
Random raw data :- 69391769
Random raw data :- 0250
Processed Data :-
0250 - 69391769
Information
System
Concept of MIS
Management Information System (MIS)
Information
Management :
Management
System
Concept of MIS
Management Information System (MIS)
Information
Management
System
Management :
Management is the coordination and administration of tasks to achieve a
goal. Such administration activities include setting the organization’s
strategy and coordinating the efforts of staff to accomplish these objectives
through the application of available resources. Management can also refer
to the seniority structure of staff members within an organization.
Concept of MIS
Management Information System (MIS)
Information
Management
Basic operations of a
Management
1.Setting objectives
2.Organizing
3.Motivating the team
4.Devising systems of measurement
5.Developing people
System
Setting objectives
Is manager a MIS Personnel?
• Setting and achieving objectives is the primary way a manager
accomplishes and maintains success. They must also be able to convey
them to their staff or employees in a compelling manner. For instance,
a restaurant manager could state they want to improve service times
and remind employees that faster service increases revenue and tips.
Organizing
• Managers evaluate the type of work, divide it into achievable tasks and
effectively delegate it to staff. Organization consists of a series of
relationships among individual staff as well as departments or entities inside
the organization. It is the manager’s responsibility to ensure that these
individuals and entities work together in harmony, which includes motivating
staff members and departments to stay on task. A good manager is skilled at
building interpersonal relationships among their team members and can
troubleshoot when members confuse their encounter challenges.
• Organization also requires a manager to establish relationships of authority
among their team members. Maximizing organizational arrangements can
help businesses enhance the company’s efficiency in the market, reduce the
costs of business and improve productivity.
Motivating the team
• In addition to the tasks of organization and delegation, motivation
includes having the skills to handle different types of personalities in a
team. An effective manager must know how to form and lead
successful teams and know how to galvanize team members around a
cause.
Devising systems of measurement
• Managers need to set targets or key performance indicators that the
team aims for and then generate ways to measure whether their team is
on track to meet those goals. Because it can be challenging to come up
with measurable ways of understanding performance, managers must
often be creative and thoughtful. However, like the other functions of
management, measurement is critical to improving business
performance.
Developing people
• In addition to leading their team toward a goal and measuring their
progress along the way, good managers invest in their staff’s
development. Managers can, for example, work with their team to help
them set goals to move up in their careers.
• Managers must have leadership skills to use these five operations
successfully. They are responsible for coaching their team members by
helping them recognize their strengths and weaknesses and improve
their performance. Different managers may have different styles of
leadership. Regardless of their style, managers should develop their
leadership skills to be an effective supervisor.
Concept of MIS
Management Information System
Information
System:
Management
System
Concept of MIS
Management Information System
Information
Management
System
System: a system is an organized collection of parts (or subsystems) that are highly
integrated to accomplish an overall goal. The system has various inputs, which go
through certain processes to produce certain outputs, which together, accomplish the
overall desired goal for the system.
Definition of MIS
• A Management Information System is an information system
that collects, analyzes, and processes an organization's data to
produce meaningful and useful information based on which the
management can take right decisions to ensure future growth of
the organization.
Some Important Terminologies
• Data − The raw material of information.
• Information − Data organized and presented by someone.
Knowledge discerned from data.
• Knowledge − Information read, heard, or seen, and
understood.
• Business Intelligence − Information Management pertaining to
an organization's policy or decision-making, particularly when
tied to strategic or operational objectives.
Information/Data Collection Techniques
• Surveys − A questionnaires is prepared to collect the data from the field.
• Secondary data sources or archival data: Data is collected through old
records, magazines, company website etc.
• Objective measures or tests −
An experimental test is conducted on the
subject and the data is collected.
• Interviews −
Data is collected by the system analyst by following a rigid procedure
and collecting the answers to a set of pre-conceived questions through personal
interviews.
Classification of Information
Classification by Characteristic
• Strategic Information − Strategic information is concerned with long term policy
decisions that defines the objectives of a business and checks how well these objectives
are met. For example, acquiring a new plant, a new product, diversification of business
etc, comes under strategic information.
• Tactical Information − Tactical information is concerned with the information needed
for exercising control over business resources, like budgeting, quality control, service
level, inventory level, productivity level etc.
• Operational Information − Operational information is concerned with plant/business
level information and is used to ensure proper conduction of specific operational tasks as
planned/intended. Various operator specific, machine specific and shift specific jobs for
quality control checks comes under this category.
Classification by Application
• Planning Information − These are the information needed for establishing standard norms and
specifications in an organization. This information is used in strategic, tactical, and operation planning of
any activity. Examples of such information are time standards, design standards.
• Control Information − This information is needed for establishing control over all business activities
through feedback mechanism. This information is used for controlling attainment, nature and utilization of
important processes in a system. When such information reflects a deviation from the established
standards, the system should induce a decision or an action leading to control.
• Knowledge Information − Knowledge is defined as "information about information". Knowledge
information is acquired through experience and learning, and collected from archival data and research
studies.
• Organizational Information − Organizational information deals with an organization's environment,
culture in the light of its objectives. Karl Weick's Organizational Information Theory emphasizes that an
organization reduces its equivocality or uncertainty by collecting, managing and using these information
prudently. This information is used by everybody in the organization; examples of such information are
employee and payroll information.
• Functional/Operational Information − This is operation specific information. For example, daily
schedules in a manufacturing plant that refers to the detailed assignment of jobs to machines or
machines to operators. In a service oriented business, it would be the duty roster of various personnel.
This information is mostly internal to the organization.
• Database Information − Database information construes large quantities of information that has multiple
usage and application. Such information is stored, retrieved and managed to create databases. For
example, material specification or supplier information is stored for multiple users.
Personnels in Information System.
Personnels in Information System.
1) People
People are involved in information systems in just about every way you can think of: people imagine
information systems, people develop information systems, people support information systems, and,
perhaps most importantly, people use information systems.
Personnels in Information System.
1) People
The Creators of Information Systems
Personnels in Information System.
1) People
The Creators of Information Systems
The first group of people we are going to look at play a role in designing, developing, and building
information systems. These people are generally very technical and have a background in
programming and mathematics. Just about everyone who works in the creation of information
systems has a minimum of a bachelor’s degree in computer science or information systems, though
that is not necessarily a requirement.
Personnels in Information System.
1) People
The Creators of Information Systems
2) Systems Analyst
The role of the systems analyst is to straddle the divide between identifying business needs
and imagining a new or redesigned computer-based system to fulfill those needs. This individual will
work with a person, team, or department with business requirements and identify the specific details
of a system that needs to be built. Generally, this will require the analyst to have a good
understanding of the business itself , the business processes involved, and the ability to document
them well.
Personnels in Information System.
1) People
The Creators of Information Systems
2) Systems Analyst
3) Programmer
4) Computer Engineer
Computer Engineer
• Hardware Engineer :-A
hardware engineer designs hardware components, such as
microprocessors. Many times, a hardware engineer is at the cutting edge of computing technology,
creating something brand new. Other times, the hardware engineer’s job is to engineer an existing
component to work faster or use less power. Many times, a hardware engineer’s job is to write code to
create a program that will be implemented directly on a computer chip.
• Software Engineer :-Software
engineers do not actually design devices; instead, they
create new programming languages and operating systems, working at the lowest levels of the
hardware to develop new kinds of software to run on the hardware.
• Systems Engineer :-A systems engineer takes the components designed by other engineers
and makes them all work together. For example, to build a computer, the mother board, processor,
memory, and hard disk all have to work together. A systems engineer has experience with many
different types of hardware and software and knows how to integrate them to create
new functionality.
• Network Engineer :-A network engineer’s job is to understand the networking
requirements of an organization and then design a communications system to meet those
needs, using the networking hardware and software available.
Personnels in Information System.
1) People
The Creators of Information Systems
2) Systems Analyst
3) Programmer
4) Computer Engineer
Information-Systems Operations and Administration
Personnels in Information System.
1) People
The Creators of Information Systems
2) Systems Analyst
3) Programmer
4) Computer Engineer
Information-Systems Operations and Administration
Another group of information-systems professionals are involved in the day-to-day operations and
administration of IT. These people must keep the systems running and up-to-date so that the rest of
the organization can make the most effective use of these resources.
Information Systems Operations and Administration
Another group of information-systems professionals are involved in the day-to-day operations and
administration of IT. These people must keep the systems running and up-to-date so that the rest of
the organization can make the most effective use of these resources.
Information Systems Operations and Administration
5) Computer Operator
Information Systems Operations and Administration
5) Computer Operator
A computer operator is the person who keeps the large computers running. This person’s job is to
oversee the mainframe computers and data centers in organizations. Some of their duties include
keeping the operating systems up to date, ensuring available memory and disk storage, and
overseeing the physical environment of the computer. Since mainframe computers increasingly have
been replaced with servers, storage management systems, and other platforms, computer operators’
jobs have grown broader and include working with these specialized systems.
Information Systems Operations and Administration
5) Computer Operator
6) Database Administrator
Information Systems Operations and Administration
5) Computer Operator
6) Database Administrator
A database administrator (DBA) is the person who manages the databases for an organization. This
person creates and maintains databases that are used as part of applications or the data warehouse.
The DBA also consults with systems analysts and programmers on projects that require access to or
the creation of databases.
Information Systems Operations and Administration
5) Computer Operator
6) Database Administrator
7) Help-Desk/Support Analyst
Information Systems Operations and Administration
5) Computer Operator
6) Database Administrator
7) Help-Desk/Support Analyst
Most mid-size to large organizations have their own information-technology help desk. The help desk
is the first line of support for computer users in the company. Computer users who are having
problems or need information can contact the help desk for assistance. Many times, a help-desk
worker is a junior-level employee who does not necessarily know how to answer all of the questions
that come his or her way. In these cases, help-desk analysts work with senior-level support analysts or
have a computer knowledgebase at their disposal to help them investigate the problem at hand. The
help desk is a great place to break into working in IT because it exposes you to all of the different
technologies within the company. A successful help-desk analyst should have good people and
communications skills, as well as at least junior-level IT skills.
Information Systems Operations and Administration
5) Computer Operator
6) Database Administrator
7) Help-Desk/Support Analyst
8) Trainer
A computer trainer conducts classes to teach people specific computer skills. For example, if a new
ERP system is being installed in an organization, one part of the implementation process is to teach
all of the users how to use the new system. A trainer may work for a software company and be
contracted to come in to conduct classes when needed; a trainer may work for a company that offers
regular training sessions; or a trainer may be employed full time for an organization to handle all of
their computer instruction needs. To be successful as a trainer, you need to be able to communicate
technical concepts well and also have a lot of patience!
Managing Information Systems
The management of information-systems functions is critical to the success of information systems
within the organization. Here are some of the jobs associated with the management of information
systems.
Managing Information Systems
9) CIO
• The CIO, or chief information officer, is the head of the information-systems function. This person
aligns the plans and operations of the information systems with the strategic goals of the
organization. This includes tasks such as budgeting, strategic planning, and personnel decisions for
the information-systems function. The CIO must also be the face of the IT department within the
organization. This involves working with senior leaders in all parts of the organization to ensure
good communication and planning.
• Interestingly, the CIO position does not necessarily require a lot of technical expertise. While
helpful, it is more important for this person to have good management skills and understand the
business. Many organizations do not have someone with the title of CIO; instead, the head of the
information-systems function is called vice president of information systems or director of
information systems.
Managing Information Systems
9) CIO
10) Functional Manager
As an information-systems organization becomes larger, many of the different functions are grouped
together and led by a manager. These functional managers report to the CIO and manage the
employees specific to their function. For example, in a large organization, there is a group of systems
analysts who report to a manager of the systems-analysis function. For more insight into how this
might look, see the discussion later in the chapter of how information systems are organized.
Managing Information Systems
9) CIO
10) Functional Manager
11) ERP Management
Organizations using an ERP require one or more individuals to manage these systems. These people
make sure that the ERP system is completely up to date, work to implement any changes to the ERP
that are needed, and consult with various user departments on needed reports or data extracts.
Managing Information Systems
9) CIO
10) Functional Manager
11) ERP Management
12) Project Managers
Information-systems projects are notorious for going over budget and being delivered late. In many
cases, a failed IT project can spell doom for a company. A project manager is responsible for keeping
projects on time and on budget. This person works with the stakeholders of the project to keep the
team organized and communicates the status of the project to management. A project manager does
not have authority over the project team; instead, the project manager coordinates schedules and
resources in order to maximize the project outcomes. A project manager must be a good
communicator and an extremely organized person. A project manager should also have good people
skills. Many organizations require each of their project managers to become certified as a Project
management Proffesionals.
Managing Information Systems
9) CIO
10) Functional Manager
11) ERP Management
12) Project Managers
13) Information-Security Officer
An information-security officer is in charge of setting information-security policies for an
organization, and then overseeing the implementation of those policies. This person may have one or
more people reporting to them as part of the information-security team. As information has become a
critical asset, this position has become highly valued. The information-security officer must ensure
that the organization’s information remains secure from both internal and external threats.
Managing Information Systems
9) CIO
10) Functional Manager
11) ERP Management
12) Project Managers
13) Information-Security Officer
Security of an Information System
Security of an Information System
• What are Cyber Threats?
Security of an Information System
• What are Cyber Threats?
• Cyber threats in the modern day
Security of an Information System
• What are Cyber Threats?
• Cyber threats in the modern day
• Where do cyber threats come from?
Security of an Information System
• What are Cyber Threats?
• Cyber threats in the modern day
• Where do cyber threats come from?
• Types of Cybersecurity Threats
Security of an Information System
• What are Cyber Threats?
• Cyber threats in the modern day
• Where do cyber threats come from?
• Types of Cybersecurity Threats
• Why is it necessary to protect from cyber threats?
Security of an Information System
• What are Cyber Threats?
• Cyber threats in the modern day
• Where do cyber threats come from?
• Types of Cybersecurity Threats
• Why is it necessary to protect from cyber threats?
• Best Practices for Cyber Defense and Protection
What are Cyber Threats?
• A cyber or cybersecurity threat is a malicious act that seeks to
damage data, steal data, or disrupt digital life in general. Cyber
threats include computer viruses, data breaches, Denial of
Service (DoS) attacks and other attack vectors.
• Cyber threats also refer to the possibility of a successful cyber
attack that aims to gain unauthorized access, damage, disrupt,
or steal an information technology asset, computer network,
intellectual property or any other form of sensitive data. Cyber
threats can come from within an organization by trusted users
or from remote locations by unknown parties.
Cyber threats in the modern day
• Today, the term is almost exclusively used to describe
information security matters. Because it’s hard to visualize how
digital signals traveling across a wire can represent an attack,
we’ve taken to visualizing the digital phenomenon as a physical
one.
• A cyber attack is an attack that is mounted against us (meaning
our digital devices) by means of cyberspace. Cyberspace, a
virtual space that doesn’t exist, has become the metaphor to
help us understand digital weaponry that intends to harm us.
• What is real, however, is the intent of the attacker as well as the
potential impact. While many cyber attacks are merely
nuisances, some are quite serious, even potentially threatening
human lives.
Where do cyber threats come from?
• Hostile nation-states: National cyber warfare programs
provide emerging cyber threats ranging from propaganda,
website defacement, espionage, disruption of key infrastructure
to loss of life. Government-sponsored programs are
increasingly sophisticated and pose advanced threats when
compared to other threat actors. Their developing capabilities
could cause widespread, long-term damages to the national
security of many countries including the United States. Hostile
nation-states pose the highest risk due to their ability to
effectively employ technology and tools against the most difficult
targets like classified networks and critical infrastructure like
electricity grids and gas control valves.
Where do cyber threats come from?
• Terrorist groups: Terrorist groups are increasingly using cyber
attacks to damage national interests. They are less developed
in cyber attacks and have a lower propensity to pursue cyber
means than nation-states. It is likely that terrorist groups will
present substantial cyber threats as more technically competent
generations join their ranks.
Where do cyber threats come from?
• Corporate spies and organized crime
organizations: Corporate spies and organized crime
organizations pose a risk due to their ability to conduct industrial
espionage to steal trade secrets or large-scale monetary theft.
Generally, these parties are interested in profit based activities,
either making a profit or disrupting a business's ability to make
a profit by attacking key infrastructure of competitors, stealing
trade secrets, or gaining access and blackmail material.
Where do cyber threats come from?
Hacktivists: Hacktivists activities range across political ideals
and issues. Most hacktivist groups are concerned with spreading
propaganda rather than damaging infrastructure or disrupting
services. Their goal is to support their political agenda rather than
cause maximum damage to an organization.
Where do cyber threats come from?
Disgruntled insiders: Disgruntled insiders are a common
source of cyber crime. Insiders often don't need a high degree of
computer knowledge to expose sensitive data because they may
be authorized to access the data. Insider threats also include
third-party vendors and employees who may accidentally
introduce malware into systems or may log into a secure S3
bucket, download its contents and share it online resulting in
a data breach. Check your S3 permissions or someone else will.
Where do cyber threats come from?
• Hackers: Malicious intruders could take advantage of a zeroday exploit to gain unauthorized access to data. Hackers may
break into information systems for a challenge or bragging
rights. In the past, this required a high level of skill. Today,
automated attack scripts and protocols can be downloaded from
the Internet, making sophisticated attacks simple.
Where do cyber threats come from?
• Natural disasters: Natural disasters represent a cyber threat
because they can disrupt your key infrastructure just like a
cyber attack could.
• Accidental actions of authorized users: An authorized user
may forget to correctly configure S3 security, causing a
potential data leak. Some of the biggest data breaches have
been caused by poor configuration rather than hackers or
disgruntled insiders.
Types of Cybersecurity Threats
• Malware: Malware is software that does malicious tasks on a device or
network such as corrupting data or taking control of a system.
• Spyware: Spyware is a form of malware that hides on a device providing
real-time information sharing to its host, enabling them to steal data like
bank details and passwords.
• Phishing attacks: Phishing is when a cybercriminal attempts to lure
individuals into providing sensitive data such as personally identifiable
information (PII), banking and credit card details and passwords.
• Distributed denial of service (DDoS) attacks: Distributed denial of
service attacks aim to disrupt a computer network by flooding the network
with superfluous requests to overload the system and prevent legitimate
requests being fulfilled.
• Ransomware: Ransomware is a type of malware that denies access to a
computer system or data until a ransom is paid.
Types of Cybersecurity Threats
• Zero-day exploits: A zero-day exploit is a flaw in software,
hardware or firmware that is unknown to the party or parties
responsible for patching the flaw.
• Advanced persistent threats: An advanced persistent threat is
when an unauthorized user gains access to a system or network and
remains there without being detected for an extended period of time.
• Trojans: A trojan creates a backdoor in your system, allowing the
attacker to gain control of your computer or access confidential
information.
• Wiper attacks: A wiper attack is a form of malware whose intention
is to wipe the hard drive of the computer it infects.
• Intellectual property theft: Intellectual property theft is stealing or
using someone else's intellectual property without permission.
Types of Cybersecurity Threats
• Theft of money: Cyber attacks may gain access to credit card
numbers or bank accounts to steal money.
• Data manipulation: Data manipulation is a form of cyber attack
that doesn't steal data but aims to change the data to make it
harder for an organization to operate.
• Data destruction: Data destruction is when a cyber attacker
attempts to delete data.
• Man-in-the-middle attack (MITM attack): A MITM attack is
when an attack relays and possibly alters the communication
between two parties who believe they are communicating with
each other.
Types of Cybersecurity Threats
• Drive-by downloads: A drive-by download attack is a download that
happens without a person's knowledge often installing a computer
virus, spyware or malware.
• Malvertising: Malvertising is the use of online advertising to spread
malware.
• Rogue software: Rogue software is malware that is disguised as
real software.
• Unpatched software: Unpatched software is software that has a
known security weakness that has been fixed in a later release but
not yet updated.
• Data centre disrupted by natural disaster: The data centre your
software is housed on could be disrupted by a natural disaster like
flooding.
Why is it necessary to protect from
cyber threats?
• Cyber threats are a big deal. Cyber attacks can cause electrical blackouts, failure of
military equipment and breaches of national security secrets. They can result in the
theft of valuable, sensitive data like medical records. They can disrupt phone and
computer networks or paralyze systems, making data unavailable. It’s not an
exaggeration to say that cyber threats may affect the functioning of life as we know it.
• The threats are growing more serious, too. Gartner explains, “Cybersecurity risks
pervade every organization and aren’t always under IT’s direct control. Business
leaders are forging ahead with their digital business initiatives, and those leaders are
making technology-related risk choices every day. Increased cyber risk is real — but
so are the data security solutions.”
• The US government is taking cyber threats seriously but appears to be moving too
slowly to mitigate them. The White House’s Office of Management and Budget
revealed that, of 96 federal agencies it assessed, 74 percent were either “At Risk” or
“High Risk” for cyber attacks. They needed immediate security improvements.
• The US government has experienced numerous crippling data breaches in the last
few years. Examples include the massive breach of the Federal Office of Personnel
Management and the theft of secret US Naval codes. Both attacks have been
attributed to Chinese state intelligence agencies.
Best Practices for Cyber Defense and
Protection.
Cyber Defense for Businesses
• Enterprise best practices for defense from cyber defense include basic but extremely
important countermeasures like patching systems. When a tech vendor discovers (or is
informed of) a security flaw in their product, they typically write code that fixes or
“patches” the problem.
• For example, if Microsoft finds that a hacker can gain root access to Windows Server
through a code exploit, the company will issue a patch and distribute it to all owners of
Windows Server licenses. They, among many others, do this at least once a month. Many
attacks would fail if IT departments applied all security patches on a timely basis.
• A host of new technologies and services are coming onto the market that make it easier to
mount a robust defense against cyber threats. These include:
• Outsourced security services
• Systems that enable collaboration between security team members
• Continual attack simulation tools
• Point solutions for anti-phishing and secure browsing
Best Practices for Cyber Defense and
Protection.
Cyber Defense for Individuals
• For individuals, the best practices are simple. The good news is that in most cases, some
pretty big security organizations stand between the consumer and the hacker, e.g. the
SecOps team at Verizon or AT&T. There are still preventative measures you should take
to help ensure your information’s safety:
1.Password hygiene. Big security organizations cannot protect consumers against
phishing or hackers who can guess passwords like “1234.” Common sense and password
hygiene can go a long way to protect consumers from cyber threats.
2.Anti-virus software. Subscribe to anti-virus software and keep your system up to date
with automated, scheduled scans.
3.Caution against phishing attacks. Be careful about opening file attachments. Phishing
and spear phishing emails ones that look real but are not. if you pay attention. For instance,
if you get an email that says “past due invoice” with a PDF attachment, don’t open it unless
you are 100% sure you know who sent it. If you double check, you’ll probably see it comes
from an unusual email, like this one, from anny234526426@gmail.com:
Related documents
View session overview, activities and output
View session overview, activities and output
What is information security?
What is information security?
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
solving national security challenges with information technology by
solving national security challenges with information technology by
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
Download
advertisement