BMS 400 Management Information System
2.
Shareware: this software is freely available for certain duration
INTRODUCTION
of time after which you are required to pay a nominal fee to
Basic Terminologies used:
continue using the software. Shareware can used to advertise
Computer system: It’s an electronic device that accepts data input,
and promote little software in the market. Some shareware
processes the data to produce information output, stores programs
versions contain limited edition with few essential features.
and data for future reference under a set of instructions called
3.
Public Domain Software: this is freely available software which
programs.
is not copyrighted. The codes used to develop the software are
Advantages of a Computer:
freely distributed to allow other developers to improve it. You
1.
Computers are fast, they can process a lot of data within a
can get public domain software from friends, universities,
fraction of seconds.
software vendors, software developers and the internet.
2.
3.
They are accurate, the electronic technology that computer
5.
propriety software, which can be bought off the shelf or from
not computers.
the internet. A software license give the user a right to use the
They offer compact storage, large volumes of data can be
software and other rights to training, documentation, support,
stored in small storage devices, for example; a flash disk can be
updates, installation, e.t.c.
5.
Application service providers – these are organizations that buy
They produce quality output and improve information
and install large pieces of software systems and provide
accessibility.
software services to subscribing firms.
They are diligent and can do boring and repetitive tasks
Classification of software:
without complain or getting tired
6.
Purchase a software license / Commercial software: these are
uses is very precise and errors are as result of human beings
used to store to the tunes of 10GB of data.
4.
4.
They make work easier by automating tasks and activities
reducing the effort and time required to perform them
Disadvantages of a Computer:
1.
System software
2.
Application software
3.
Programming software
System Software:
1.
It requires training to use them effectively.
2.
It needs a constant supply of power
3.
Long use and exposure to computer systems results in health
-
system and peripheral devices.
-
hazards such as; miscarriages, eye problems, hand and wrist
4.
5.
6.
They include the operating system, language translators
and utilities.
problems/ disorders, radiations.
Examples of operating systems will include; Windows XP, Windows
They are numerous security challenges associated with
Vista, Windows 98, MS-DOS, UNIX, MAC O/S, Android O/S.
computers such as; theft, virus attack, hack attack.
Language translators
Computer technology changes very fast rendering huge
Language translators are used to convert programs written in high
investments obsolete within short periods of time
level language (source code) to low level language (object code) that
It is has promoted fall in moral standards
the computer system can understand and use. Examples include:
Compilers, assemblers and interpreters.
SOFTWARE:
A program is a collection of statements and instructions that perform
certain tasks. A collection of these programs together with their
Utilities
Utilities are components of the system software that performs
common housekeeping task or tasks performed by many computer
associated documentation is known as software.
users such as screen savers, disk management utilities, compression
How to acquire software:
1.
It controls and manages the operations of the computer
Freeware: this is freely available software but it is copyrighted,
this means that you can’t change it, you have to use it the way it
utilities, Back-up and restore utility, power management utilities, Sort
utility, debuggers, text editors, Merge utility etc.
Application Software:
is.
by Oteino B
Page 1 of 33
-
-
These are software programs that aid user to perform various
In a traditional file management system each and every department
tasks.
or user are responsible for maintaining their own files or the
They are largely classified into:
programs that interact with those files.
1.
Bespoke, customized or tailor made software
Traditional file system has a lot of limitations that include;
2.
Commercial or off-the-shelf, readymade software

Lack of data/ program independence

High level of data redundancy.

Lack of data integrity or security

Lack of data sharability

Difficulty of enforcing standard
Advantages of customized software:
1.
It meets specific user needs.
2.
You own the copy right and hence one is able to change the
software.
3.
Database management system
It is unique and provides strategic advantages.

centrally managed.
Advantages of Readymade software:

1.
It is readily available.
2.
It is less costly, since development costs are shared
Databases store data about important entries in an
organization e.g. a student database voter’s database etc.

amongst potential buyers.
3.
A database – is a collection of files that is logically organized or
A Database management system- a software system used to
control the structure of a database or access to the data e.g. of
It is well tried and tested.
DBMS include;
Software selection factors
Components of DBMS;

Utility – The use and purpose of the software.
Most DBMS consist of three components namely;

Usability – Ease of use.

Data manipulation language (DML)

Performance – Speed, quality, volumes that it can handle.

Data dictionary (DD)

Security – Protect software from unauthorized access and

Data definition language (DDL)
alteration.
Data manipulation language
Compatibility – How well the software works with other
The DML is used to manipulate the database by; adding data,
systems.
deleting data, editing data or copying data from the database

Maintainability – Ease of making changes.
Data dictionary

Versions and edition of the software.
It’s used to describe the data elements that make up the database.

Quality of documentation of the software.
It stores the data definitions and descriptions of the structure of

Support and after sales services
data used in the database

Files and databases
Data definition language
Computers have ability to manage vast and complex amounts of
It’s used to describe the structure of the database
data accurately and fast. Business store records about the major
It identifies the database fields their data types and field size
events and activities such as sales and marketing, investments,
amongst others etc.
products and services. For this reason computers are currently
Advantages of DBMS
holding important business trade data and transactions. The data in

Minimized data redundancy – in a DBMs data is stored only
the computers are organized in terms of files and databases. The
once with minimum redundancy to allow for interrelationship
reports, trends and patterns produced from the databases are used
between data elements
for decision making and judgemental purpose. Moreover the

Improved data integrity & security – since in a database the
databases can be analysed using data mining tools and drill down
database is updated only once, this minimizes chances of data
tools to provide more insights into decision making. The major
inconsistencies that results in updating data in several files
challenge of the database is the need to protect them from security
threats and ensure unauthorized access to the database.

Using passwords or username, users can be limited on the type
& amount of data they access for security purposes.
FILE MANAGEMENT SYTEM & DATA BASE MANAGEMENT SYSTEM
by Oteino B
Page 2 of 33

Data sharability: in a database system many user can share the

same data or even different views of data that is provided in

Program / data independence-In a DBMs the structure of

Using data tools new or complex relationship about data can
be discovered.
database can be changed without affecting the data.

better decision making.

the database
Get organization wide view of information or external views for
Disadvantages/challenges
Enforcement of standards – DBMs provides tools that allow for
It’s very expensive to maintain a warehouse
enforcements of integrity rules and also validation and
It’s complex or difficult to manage
verification checks.
Consolidation of data creates vulnerability
Ease of data maintenance – using DBMS tools users can easily
Information overload
add edit & delete record from a database ease of primary
Data mining
system failure

The procedure for extracting or mining knowledge from large
Disadvantages of DBMs
qualities of data, to establish new or complex inter relationship

between data elements.
Database systems are large & complex pieces of s/w that are

difficult to manage & administer.


The consolidation of large amounts of data in centralized
amounts of data in order extract hidden patterns or meaning
locations increases security vulnerability.
and to discover new knowledge.

DBMS systems especially the large ones are costly.
Data warehouse


It’s a central repository for data a large storage location for

A number of activities work under data mining or this include;
data.

Data cleansing: removing inconsistences between data
Data stored in the data warehouse is collided from multiple
elements.

past or current activities, data about transactions that take
place in the organization or data from various department in

A data warehouse usually resides in a single site.

The data is stored under a unified scheme that is under



Data transformation: data is consolidated by summarizing or
aggregating.
It’s a subset/ part of a data warehouse in summarized or highly
Steps in data mining;
focused portion.
1.
2.
Data cleansing: data are cleaned and checked for errors or
inconsistencies.
It focuses on a single subject area and can be consolidated
3.
more rapidly and at lower cost than the data warehouse.
Data sources: Data is collected from many sources both from
internal or external.
It stores data in a separate data base for a specific population
of tasks.
Meta-data: the cleansing process yields both the cleansed up
data and meta-data (data about data)
It provides faster access and updating of data.
4.
Benefits of data warehouse
Data transport to the data warehouse: both the data and metadata are sent to the data warehouse.

Improved quality of decision making.

Enable decision makers to access the data as enter as needed

Pattern evaluation: in which interesting patterns between data
elements are observed.
Data mart

Data selection: where the data relevant to the analysis are
retrieved from the data base.
common data base structure.

Data integration: this is where multiple data sources may be
combined.
the organization.

It’s useful in many applications such as credit railings, counter
terrorism, marketing, sports etc.
sources that include; internal or external sources, data about

Computer assisted process of sifting through or analyzing vast
without affecting performance of underlying operational
TELECOMMUNICATION AND NETWORKS
systems.
Most of the information systems we use today require networks
Manager can
and communication technology. Companies, large and small from all
over the world, are using networked systems and the Internet to
by Oteino B
Page 3 of 33
locate suppliers and buyers, to negotiate contracts with and to
product formula, or even government secrets. Networks are
service their trades. Networked systems are fundamental to
vulnerable to virus attack, Hackers attack, and a variety of malicious
electronic commerce and electronic business.
software
Data communication is the movement of encoded multimedia data
Initial Cost
from one point to another using optical, electrical and free space
The computer network requires the net work card and special
transmission system. Multimedia data take the form of text, voice,
network software as well as special communication cables like the
video, pictures, graphics and animations.
coaxial cable, twisted pair. Hence the initial costs are high although
A network is an interconnection of computers and peripheral
the benefits accrued to networking are many.
devices to facilitate sharing of resources and data. Network can be
Networks are complex to manage and administer
wired or wireless. A wired network uses cables to connect computer
It requires skills and training to effectively manage and control
systems together while a wireless network uses free space or
network operations
airwaves to connect computer systems together.
Failure of networked systems can greatly affect business
Advantages of networking
operations
Resource Sharing
Network interlink important business process that if one failure
Networks facilitate sharing of resources such as printers,
result in failure of other system which depend on it
processors, memory, and data and so on to reduce on operation
Types of networks
costs.
LAN – Local Area Network
Security
It is a network within a small geographical area such as building, a
Through the use of the network administrator control can be
business premises. It is a privately owned network that belongs
ensured through the use of passwords. This ensures that the
exclusive to one organization.
unauthorized users don’t have access to the organization data.
WAN – Wide Area Network
Remote communication
It is a network that covers a wide geographical area such as
This is well illustrated by the use of Internet. It eliminates the need
between towns and cities. It even can cover the entire world for
for people to travel to attend meetings. People can hold meetings
example the internet. The ownership of wide area network is
through ‘virtual technology’.
sharable.
Rapid Dissemination of information
MAN – Metropolitan Area Network
Using systems such as emails, chatting, and internet telephony
It is a network within a city or the suburbs of a city. For example a
networks makes it easy to distribute and share information from
bank can have network of bank branches within different parts of
one point to another.
the city.
Telecommuting
CAN – Campus Area Network
Using networks people can work away from the office and continue
Most universities and colleges have established campuses in various
to complete important assignment and duties even at home or
part of town or a country that need to be connected together to
travelling.
form one administrative unit. Such networks which connects the
Management and control
different campuses are called CAN
Networked systems can easily, cheaply and effectively be managed
PAN – Personal Area Network
from remote locations. They do not require managers to travel or be
It is a network that connects personal hand held and mobile devices
present to conduct management duties
such as palm top computers, printers, mobile phones, personal
digital assistant and digital cameras within several feet’s of each
Disadvantages of networking
other. The devices are able to exchange low volumes of data using
Data and Network Security
transmission systems such as blue tooth and infrared technology.
The mere existence of data communication capabilities poses a
threat to security. One is able to enter into a company’s computer
COMPONENTS AND FUNCTIONS OF A TELECOMMUNICATIONS
system and tap very secret information of the company such as
SYSTEM
by Oteino B
Page 4 of 33

Telecommunications is the communication of information by
Co-axial cable
Thin coax-RG5
electronic means usually over some distance. Today, a great deal of
telecommunications transmission is digital data transmission using
Thick coax -RG8-thicknet

Fiber – optic cable
Mono mode fiber
computers to transmit data from one location to another.
Multimode fiber
TELECOMMUNICATIONS SYSTEM COMPONENTS
Wireless channels
A telecommunications system is a collection of compatible

Microwaves
hardware and software arranged to communicate information from

Satellites
one location to another. Telecommunications systems can transmit

Radio waves
text, graphic images, voice, or video information. The major

Infrared
components of telecommunications following:-
Various types of wireless technologies

Computers to process information

Blue tooth technologies

Terminals or any input/output devices that send or receive data

Wifi technologies

Communications channels, the links by which data or voice are

Hotspots
transmitted between sending and receiving devices in a
Twisted Wire
network. Communications channels use various
communications media, such as telephone lines, coaxial cable,
fiber-optic cable, and wireless transmission.

Communications processors, such as modems, multiplexers,
Twisted wire consists of strands of
controllers, and front-end processors, which provide support

functions for data transmission and reception
copper wire twisted in pairs. Twisting gives the wires physical
Communications software, which controls input and output
strength and minimizes the levels of cross talk noise. Many of the
activities and manages other functions of the communications
telephone systems in buildings had twisted wires installed for
network
analog communication, but they can be used for digital
communication as well
Coaxial Cable
COMMUNICATIONS CHANNELS
Communications channels are the means by which data are
Coaxial cable, like that used for cable television,
transmitted from one device it a network to another.
consists of thickly insulated copper wire which can
Definitions
transmit a larger volume of data than twisted wire.
1.
Bandwidth –it’s a measure of the capacity of a communication
channel i.e. the amount of data that a communication channel can
Fiber Optics and Optical Networks
transmit. It’s also the range of frequency, i.e. the difference
between the highest frequency and lowest frequency in a
communication channel. The larger the bandwidth the more the
data that can be carried or transmitted over a communication
channel.
2. Transmission speed – its measured in bits per second. It’s a
measure of the rate at which data is transmitted within
a communication channel for example a network card can operate
thickness of a human halt which are bound into cables. Data are
at speeds of 10 megabits per second 10Mbps
transformed into pulses of light, which are sent through the fiber-
Wired channel

Twisted pair cable
Fiber-optic cable consists of strands of clear glass fiber, each the
optic cable by a laser device at a rate from 500 kilobits to several
Telephone line.
Unshielded twisted pair (UTP)
Shielded twisted pair (STP)
trillion bits per second. Fiber-optic cable is considerably faster,
lighter, and more durable than media and is well suited to systems
requiring transfers of large volumes of data.
by Oteino B
Page 5 of 33
Wireless Transmission
optical fiber forms a closed loop. Data are passed along the ring
Wireless transmission that sends signals through air or space
from one computer to another and always flow in one direction.
without being tied to a physical line. Today, common technologies
for wireless data transmission include microwave transmission,
communication satellites, pagers, cellular telephone; personal
communication services (PCS), smart phones, personal digital
assistants (PDAs), and mobile data networks.
Microwave systems, both terrestrial and celestial, transmit highfrequency radio signals through the atmosphere and are widely
used for high-volume, long-distance, point-to-point communication.
Satellites are typically used for
communications in large, geographically
dispersed organizations that would be
difficult to tie together through cabling
media or terrestrial microwave. With such
wireless networks, businesspeople will be able to travel virtually
anywhere in the world and have access to full communication
capabilities including videoconferencing and multimedia-rich
Internet access.
COMMUNICATIONS NETWORKS
A number of different ways exist to organize telecommunications
components to form a network and hence provide multiple ways of
classifying networks. NETWORK TOPOLOGIES
The Star Network
The star network consists of a central host computer connected to a
number of smaller computers or terminals. This topology is useful
for applications where some processing must be centralized and
some can be performed locally.
The Bus Network
The bus network links a number of computers by a single circuit
made of twisted wire, coaxial cable, or fiber-optic cable. All of the
signals are broadcast in both directions to the entire network, with
special software to identify which components receive each
message (there is no central host computer to control the network).
The Ring Network
LAN Technologies
Each computer in the network can communicate directly with any
This is a network that spans a small geographical region as business
other computer, and each processes its own applications
premises or between adjacent buildings. LAN are privately owned
independently. in a ring topology, the connecting wire, cable, or
by Oteino B
Page 6 of 33
by the organization that sets up the network. It can be set-up using
charges and transmission costs because the costs of using the
wired or wireless channels. It is easier to secure than WAN
network are shared among many users.
LAN’s can be set-up as either peer to peer networks or client/server
Many companies are now using the Internet to transmit their data
networks.
because it is less expensive than using VANs.
Peer-to-peer network
Client/server network
NETWORK CONVERGENCE


Computers are
Most companies maintain separate networks for voice, data, and
in status and can provide
designated as being
video, but products are now available to create converged
and receive network
either servers or clients.
networks, which can deliver voice, data, and video in a single
services
Servers are powerful
network infrastructure. These multi service networks can potentially
Every computer is
computers that store
reduce networking costs by eliminating the need to provide support
responsible for managing
and programs and
services and personnel for each different type of network. Multi
its own files and programs
provides network
service networks can be attractive solutions for companies running

Less costly to set-up
services to clients.
multimedia applications, such as video collaboration, voice-data call

It’s difficult to secure and
Clients request and
centers, distance learning or unified messaging, or for firms with
protect files
receive network services
high costs for voice services. Unified messaging systems combine
Suitable for a network
from the server
voice mail, e-mail, and faxes so they can all be obtained from one
Files and programs are
system.
Failure of one computer
managed centrally by
ELECTRONIC BUSINESS AND ELECTRONIC COMMERCE
doesn’t greatly affect the
the server.
TECHNOLOGIES

More costly to set-up
Electronic mail (e-mail), groupware, voice mail, facsimile machines

Suitable for a network
(fax), digital information services, teleconferencing, data
with many computers.
conferencing, videoconferencing, and electronic data interchange
It’s easier to secure and
are key applications for electronic commerce and electronic
manage files since they
business because they provide network-based capabilities for
are managed centrally.
communication, coordination, and speeding the flow of purchase


All nodes/computers are
with few computers

network



Failure of the server can
and sale transactions.
MANAGEMENT ELECTRONIC MAIL AND GROUPWARE
greatly affect the
E-mail eliminates costly long-distance telephone charges, expediting
network
communication between different parts of an organization.
Popular LAN protocols include: Ethernet and token ring for wired
Although e-mail has become a valuable tool for communication,
groupware provides additional capabilities for supporting
networks while those of wireless network include Wi-Fi and
enterprise-wide communication and collaborative work. Individuals,
Bluetooth.
teams, and work groups at different locations in the organization
NETWORK SERVICES AND BROADBAND TECHNOLOGIES
In addition to topology and geographic scope, networks can be
can use groupware to participate in discussion forums and work on
shared documents and projects.
classified by the types of service they provide.
VOICE MAIL AND FAX
Value-Added Networks (VANs) - Value-added networks are an
alternative to firms designing and managing their own networks.
Value-added networks (VANs) are private, third-party-managed
networks that offer data transmission and network services to
subscribing firms. Subscribers pay only for the amount of data they
transmit plus a subscription fee. Customers do not have to invest in
network equipment and software and may achieve savings in line
A voice mail system digitizes the sender's spoken message,
transmits it over a network, and stores the message on disk for later
retrieval. When the recipient is ready to listen, the messages are
reconverted to audio form.
Facsimile (fax) machines can transmit documents containing both
text and graphics over ordinary telephone lines. A sending fax
machine scans and digitizes the document image. The digitized
by Oteino B
Page 7 of 33
document is transmitted over a network and reproduced in hard
Although distance learning can be accomplished with print-based
copy form by receiving fax machine. The process results in a
materials, the distance learning experience is increasingly based on
duplicate, or facsimile, of the original.
information technology, including videoconferencing, satellite or
TELECONFERENCING, DATACONFERENCING, AND
cable television, or interactive multimedia, including the Web. The
VIDEOCONFERENCING
term e-learning is increasingly being used to describe instruction
People can meet electronically, even though they are hundreds or
using purely digital technology such as CD-ROMs, the Internet, or
thousands of miles apart, by using teleconferencing, data
private networks. Some distance learning programs use
conferencing, or videoconferencing. Teleconferencing allows a
synchronous communication, where teacher and student are
group of people to confer simultaneously via telephone or via e-mail
present at the same time during the instruction, even if they are in
group communication software. Teleconferencing that includes the
different places. Other programs use asynchronous communication,
ability of two or more people at distant locations to work on the
where teacher and student don't have person-to-person interaction
same document or data simultaneously is called data conferencing.
at the same time or place.
With data conferencing, users at distant locations are able to edit
ELECTRONIC DATA INTERCHANGE
and modify data (text, such as word processing documents;
Electronic data interchange (EDI) is a key technology for electronic
numeric, such as spreadsheets; and graphic) files. Teleconferencing
commerce because it allows the computer-to-computer exchange
in which participants see each other over video screens is termed
between two organizations of standard transaction documents
video teleconferencing, or videoconferencing.
such as invoices, bills of lading, or purchase orders. EDI lowers
Desktop videoconferencing systems typically provide windows for
transaction costs because transactions can be automatically
users to see each other and capabilities for participants to work on
transmitted from one information system to another through a
the same document from different locations.
telecommunications network, eliminating the printing and handling
Most desktop systems provide audio capabilities for two-way, real-
of paper at one end and the inputting of data at the other.
time conversations and a whiteboard. The whiteboard is a shared
INFORMATION SYSTEMS
drawing program that lets multiple users collaborate on projects by
Definition of information:
modifying images and text online. Software products such as
This is processed data, it is meaningful, has value and utility (use). It
Microsoft NetMeeting and CU-SeeMe provide low-cost tools for
is used for decision making, judgment and also for control.
desktop videoconferencing over the Internet.
Information provides managers with facts and reasons to make
certain decisions and not others
DIGITAL INFORMATION SERVICES, DISTANCE LEARNING, AND E-
Characteristics of good information:
LEARNING

Powerful and far-reaching digital electronic services enable
Reliability – the provision of information for decision making
should be certain and dependable.
networked PC and workstation users to obtain information from

outside the firm instantly without leaving their desks. Stock prices,
accurately and to the point

periodicals, competitor data, industrial supplies catalogs, legal
research, news articles, reference works, and weather forecasts are
some of the information that can be accessed online. Many of these
Accuracy and precision – information should be provided
Format – it should be presented in a form that is meaningful to
the recipient and decision makers

services provide capabilities for e-mail, electronic bulletin boards,
Cost effectiveness – the process of acquiring, processing and
dissemination information should be affordable
online discussion groups, shopping, and travel reservations as well

Comprehensive – the information should be easy to understand
as Internet access.

Completeness – the information should contain all relevant
Organizations can also use communications technology to run
facts needed for decision making

distance learning programs where they can train employees in
remote locations without requiring the employees to be physically
Accessibility – the information should be readily available
whenever required.
present in a classroom. Distance learning is education or training
Organizations and enterprises that effectively handle information
delivered over a distance to individuals in one or more locations.
have a competitive edge.
by Oteino B
Page 8 of 33
Definition of information system:
Information systems provide information for decision making.
This is a set of resources that handle information in an enterprise.
Different managers make different kinds of decisions in the
It’s a set of people, tools and technologies that are used to collect,
organization. Therefore the nature and type of information they
process, distribute and manage information in an enterprise. An
need varies greatly. Information can be classified according to
information system can be manual, mechanized or computer based.
management levels

A manual information system uses pen and paper only.
The main management levels include;

Mechanized information system in addition to pen and paper,
Strategic management – this is the top level management that
uses simple machines such as calculators, cash registers, tax
makes long-term decisions in the organization. They include CEOs,
registers etc.
Chairpersons, Managing directors etc. They make decision such as
Computer based information system uses computers to handle
whether to buy a competitor firms who is not doing well in the
information. They accurately handle information, can provide
market or merger decisions or to invest in a new country e.t.c
easy accessibility to information and can easily distribute
Tactical management – they make decisions that affect the
information between decision makers.
organization in the medium-term over 1 to 2 they include:

Components of an information system:
departmental heads and group heads. Example of the decision can

People - these are divided into two categories:
be where to locate a new facility for distribution and pricing

End users – consume and use information provided by
decisions
information systems. They include; Business managers,
Knowledge based management-these are special categories of
accountants, secretaries etc.
managers that include scientists, lawyers accountants etc that
Information system professionals – create information
create new knowledge in the organization. They bring new ideas
systems. They include; network managers, system analyst,
into the organization. They will create new products and services.
programmers, web designers etc
Operations management- They manage the organization on a day to
Hardware resources - they are computer resources such as
day basis and make short term decisions. They include supervisors,
scanners, printers, disks, CDs e.t.c that are used to create,
foremen, general managers etc.
process, distribute and store information.
Types of information systems
Software resources – these are collection of programs, system
TRANSACTION PROCESSING SYSTEM TPS
software and application software used to manage and control
It is a computerized system that performs and records the daily
information systems.
routine transactions and activities that are necessary to conduct
Data base resources – this is a collection of meaningful
business. These activities include: handling sales reservations,
information that relates to the entities in the enterprise e.g. it is
payroll, employee record keeping etc.
information about workers, products and services, sales and
TPS deals with tasks and activities that are well defined and highly
purchase etc Data resources are organized and managed as a
structured such as what amount of goods to produce, what credit
database.
amount to give to a customer etc.
Rules and Procedures – this represents the way in which
Characteristics of TPS
business activities are to be conducted in the enterprise e.g.






when to give a discount or credit to a customer, how many
products to produce, what quality level should we adhere to?
business.

How to price the products etc

They accumulate information from internal operations of the
They collect specific data in specific formats and in accordance
with clearly defined rules and policies.
Telecommunication resources – this include network

They act as input to higher level systems such as MIS and DSS
equipment that facilitate distribution of information from one

They provide detailed reports about system performance
point to another. The resources include mobile phones,

They have limited analytical capability
wireless networks, radio and broadcasting and the telephone.

They provide accurate and precise data
Types of information systems:
TYPES OF TPS
by Oteino B
Page 9 of 33
In sales and marketing- TPS is used for sales management, market

They have limited analytical capabilities
research promotion and pricing. Using systems such as Sales Order

They provide the feedback path in the target vs. actual results
Systems, Market Research System and Sales Communication
enabling management control on key organisational issues
Systems.

In finance and accounting- TPS is used for budgeting maintaining
KNOWLEDGE BASED INFORMATION SYSTEM KBIS
the general ledger billing etc. Using systems such as Accounts
There are two types of workers in the organization
Payable Systems.
Data workers –who have less formal qualification, tend to use and
In manufacturing and production- TPS is used for scheduling
process information rather than create it. They include clerks,
activities, purchasing, shipping operations etc. Using systems such
secretaries managers etc. Knowledge workers- who are people with
as Purchase order system, Machine Control System and quality
formal education and members of recognized profession s such as
control system.
engineers, doctors and accountants. They create integrate and
In human resource-TPS is used for maintaining personnel records,
disseminate new knowledge in the organization. KBIS are
benefits of employees, training etc. Using systems such as Benefit
specialized systems used to create integrate and disseminate new
and Employee management system.
knowledge in organization.
MANAGEMENT INFORMATION SYSTEM MIS
OFFICE AUTOMATION SYSTEMS OAS
It is also called Management Reporting system MRS. It provides
This is an information system that helps automate the performance
routine information to decision makers to make structured
of office tasks. These systems are at almost all levels of
decisions such as re stocking decisions on bonus award etc. They
management. The OAS can be categorized into;
focus on operational efficiency and provide summaries of data. They
Software systems
are mostly used by middle managers and they summarise data from

They mostly deal with internal data
Word processors and desktop publishing- that includes Ms-
TPS and provide it in a useful format for decision making. Most of
word, PageMaker etc Used for managing documents such as
the information from MIS is provided to inform of reports that
letters, memos etc

include regular or periodic reports.
Spreadsheets - Ms-Excel that are ideal for handling numerical
Regular or periodic report- These are reports produced periodically
and financial data on issues such as budgets, cash flow,
on stated dates and times. This can be daily, weekly or even monthly
purchase and payments

e.g. daily sales of a supermarket for a period of one week.
On demand report-They provide specific information upon request.
They can also be regular reports demanded before their reporting
Image processing systems - PowerPoint, Corel draw used for
presentations, reporting etc

Communication systems - Ms-Outlook express use for
cycle e.g. a sales manager must be interested in knowing sales per
correspondence and communication within and outside the
hour instead of the usual per day.
office.

Exception reports-They are also called trigger reports and are
supposed to make the managers to act quickly to the situation. They
Others include systems such as internet explorer, presentation
software, graphic software,
are reports produced to describe unusual circumstances or out of
In the addition to the above software an automated office will
ordinary situations such as excessively high or low sales.
include a number of devices such as:-
Adhoc reports-these are reports that are requested in a format that

Scanners, printers , Fax machines and Photocopier
is not pre defined in a system.eg requesting for accounting records

Electronic Typewriters
for the last 8 years if the system only stores records for 7 years.

Digital cameras
CHARACTERISTICS OF MIS

Computers & Computers networks

They summarise key data and present information in standard

Phones
formats.

TV and Radio

They are stable over a significant time period

internet

They are oriented towards reporting on the past and not the
Advantages of OAS
present

by Oteino B
Minimize paper work
Page 10 of 33

They automate office task minimizing errors and increasing

Data driven DSS- they emphasize access to and manipulation of
efficiency task
time series of internal company data and sometimes of

Better and cheaper correspondence in the office
external data

Production of high quality system

Rapid dissemination of information

Increased increase speed and accuracy of performing task

Reduce cost of running the office
person working on shared tasks. They support group decision

Facilitate faster access and retrieval of documents
models

Model driven DSS –they emphasize access to and manipulation
of statistical, financial, optimization or simulation models


DECISION SUPPORT SYSTEMS DSS
This provides manages with information and analytical capabilities
Communication driven DSS –they support more than one
Knowledge driven DSS –they provide specialized problem
solving expertise stored as facts rules and procedures
to aid in the decision-making process. They support semi-structured
EXECUTIVE INFORMATION SYSTEM EIS
decisions that are partly well defined and partly unclear. They can be
It’s an information system intended to facilitate and support the
used in quite number of decision making scenarios such as loan
information and decision-making needs of strategic manages by
amount to give to clients, product pricing, level and quality of
providing easy to access internal and external information relevant
workforce to maintain and managing costs or expenditure etc
to meeting strategic goals of the organization.
DSS have user interfaces that are highly interactive that manages
ElS are used to analyse business performance in general, analyse
can we to ask what if questions to analyze that possible outcome of
action of competitors and economic trends and patterns in order to
a number of scenarios
develop strategic plans for the future.
Components of DSS
Internally they draw their data from MIS and DIS. With external
Database-it contains information about external and internal data
sources the data is filtered to only include important information
that will contribute to the decision-making process. This data is
necessary for their decision-making.
summarized from TPS and IMIS
They provide an easy way to use interface with lots of table and
Model base-it contains a set of algorithms and formula that aid in
graphs. They provide stronger reporting capabilities and drill down
the decision-making. This includes accounting, financial,
capabilities that have abilities to establish and define complex and
mathematical models that outline the relationship between
hidden relationship among data elements. They can be used to
variables used in the decision-making current ratio = C.A/C.L it helps
analyse, compare and highlight trends in important variables so that
to determine the liquidity of the firm and hence help in decision-
they can monitor performance and identify opportunities and
making.
problems. They evolve with the decision-making styles of top
User interface-it aids user interaction with the DSS system, provide
management. They have less analytical capabilities.
summarized information inform of tables and graphs. It is highly
Advantages of EIS
interactive and easy to navigate

The decision maker – this is a person with some knowledge in the
decision making area who use their and DSS to make decisions.
They aid top managers to make quality decisions by providing
both summarized internal and external information.

Characteristics of DSS
They are able to determine hidden & complex relationship
between data element.

They support semi and unstructured decision problems.


They can be used for individual or group decision-making.

They are adaptable and flexible.

They support a variety of decision making process and decision-
They evolve with the decision-making style of top management
improving decision-making efficiency and speed.

They are easy to use and don't require extensive computer
knowledge.
making styles.
Disadvantages of EIS

They are highly interactive and easy to use.

They are expensive to build and implement.

They have good analytical capabilities.

They have limited analytical capability and can't perform
Classification of DSS
complex computations.

by Oteino B
The benefits of EIS are difficult to quantify.
Page 11 of 33


Executives may encounter information overload.
They can't make creative responses as human experts would, in
EXPERT SYSTEM ES
unusual circumstance.
It's a knowledge based information system that uses its knowledge
Uses of ES
about a specific complex, application area to act as an expert

For customer service to direct customer queries to a specific
consultant to end users. They provide answers to questions in a very
source for help
specific problem domain by making human like inferences about

Provide an accurate estimation for insurance claims
knowledge contained in a specialized knowledge base. They are

To assist financial to make investment decision such as which
able to explain their reasoning process and conclusion to a user.
They are mostly used where there is shortage of human experts or
stock to buy or sell.
Summary review
to supplement their knowledge – You will find them in credit
Type
Informati
Processing
Information
Uses
application systems, machine diagnostic system business to
s of
on Inputs
Graphics
Outputs
Strategic
minimize costs and optimize profit and as medical systems that are
I.S
-
simulations
able to diagnose a patient’s ailment and give a recommendation for
1.EIS
Aggregat
and
medication. ES are used in artificial intelligence technology that
e data,
interactive.
provides computer systems and machines with human-like
both
intelligence. Making such machines able to reason, talk and behave
internal
like human beings.
and
Components of ES
external




Knowledge base- this represents knowledge that has been
2.DS
Database
Interactive,
Reports,
Professional
captured from a number of experts in form of a database of
S
s
simulation
responses to
staffs and
decision rules and outcomes.
analytical
and
queries, deci
managers
Inference engine – It gives the expert system ability to find
models,
analysis
sion analysis
solutions to diagnostic and prescriptive problems using if then
data
rules. It represents the search algorithm
analysis
Explanation sub-system – It’s responsible for providing reasons
tools
and explanations why certain decisions were made or
3.MI
Summary
Routine
Reports –
Used by
suggested.
S
transactio
reports,
summary
tactical
User Interface – It provides interaction between the users and
n
low-level
-scheduled
managers
the expert system. It allows users to present questions and
Data and
analysis,
-exceptional
information to the expert system and also the expert system to
simple
simple
supply the users with responses to the inference engine.
models
models
4.KB
Knowledg
Modeling,
Graphics
Professional
IS
e base
simulations
and models
and technical
Advantages of ES

It is deemed to have superior knowledge than any expert
because it collects knowledge from no.of experts.
design
They are reliable and provide consistent answers to repetitive
Specificati
tasks,
on,

They can easily be replicated.
modeling

They supplement shortage of experts in technical areas.

management
Disadvantages of ES

They are expensive to design, model and implement.

They are inflexible and can't be easily adapted.

They lack common sense needed in some decision-making.
by Oteino B
staffs
5.TP
Transacti
Sorting,
Detailed
Operation
S
on data,
messaging,
reports, lists
management
event
updating
and
and
summaries
supervisors
Page 12 of 33
6.OA
Documen
Document
Documents,
clerical
S
ts,
manageme
schedules
workers and
schedules
nt,
and mails
office
scheduling
7.ES
Human Resource
workers
and
At strategic level-HR systems identify man-power requirements to
communica
meet firms long-term business plans.
tion
At management level-IS are used to monitor and analyse
recruitment, allocation and compensation of employees.
Knowledg
Simulation,
Response to
All
e base,
modeling
queries
management
models
At operational level-IS is used to track recruitment and placement of
employees.
interactive
Information Systems from a functional perspective
-Information systems can also be categorized according to the
functional areas of an organization. This include:-
Enterprise Wide Information Systems
Enterprise systems, also known as enterprise resource planning
Finance and Accounting
(ERP) systems solve this problem by providing a single information
At the strategic level, information systems establish long term
system for organization-wide coordination and integration of key
investment goals of the firm and provide long range forecasts of the
firm’s financial performance.
business processes. Discrete business processes from sales,
production, finance, and logistics can be integrated into
At management level it helps managers to oversee and control the
firm’s financial resource.
company-wide business processes that flow across organizational
levels and functions. Enterprise systems integrate the key business
At operational level IS tracks flow of funds in the firm through
processes of an entire firm into a single software system that
transaction such as payments, receipts, cheques e.t.c
enables information to flow seamlessly throughout the
organization. These systems focus primarily on internal processes
but may include transactions with customers and vendors.
The enterprise system collects data from various key business
Manufacturing and Production
processes in manufacturing and production, finance and
At strategic level - IS supports the firm long term manufacturing
accounting, sales and marketing, and human resources and stores
such as where to locate new plants or whether to invest in new
the data in a single comprehensive data repository where they can
manufacturing technology,
be used by other parts of the business. Managers emerge with more
At management level - IS analyze and monitor manufacturing and
precise and timely information for coordinating the daily operations
production cost and recourses.
of the business and a firmwide view of business processes and
At operational level-IS is used for inventory management
information flows. The system transmits information for calculating
the salesperson’s commision to the payroll department. The system
also automatically recalculates the company’s balance sheets,
accounts receivable and payable ledgers, cost-center accounts, and
Sales and Marketing
available cash. Corporate headquarters
At strategic level-IS is used to monitor trends affecting new
Benefits
products and sales opportunities, support , planning for new

Firm structure and organization: One Organization
products and services and monitor performance of competitors.

Management: Firm wide Knowledge-based
At management level-Is support market research, advertising

Management Processes
promotional campaigns and pricing decisions.

Technology: Unified Platform
At operational level-provide customer service support,

Business: More Efficient Operations and Customer driven
processing of orders and locating and contacting customers.
Challenges
by Oteino B
Page 13 of 33

Daunting Implementation
How can organizations obtain a sizable payoff from their

High Up-front Costs and Future Benefits
investment in information systems? How can management ensure

Inflexibility
that information systems contribute to corporate value?
SUPPLY CHAIN MANAGEMENT - SCM
2. The strategic business challenge: What complementary assets are
Supply chain management systems are outward looking systems
needed to use information technology effectively? Despite heavy
focusing on helping the firm manage its relationship with suppliers.
information technology investments, many organizations are not
It facilitates close linkage and coordination of activities involved in
realizing significant business value from their systems, because they
buying, making, and moving a product.
lack—or fail to appreciate—the complementary assets required to
It link suppliers, manufacturing plants, distribution centers,
make their technology assets work. The power of computer
conveyances, retail outlets, people, and information through
hardware and software has grown much more rapidly than the
processes such as procurement, inventory control, distribution, and
ability of organizations to apply and use this technology. To benefit
delivery to supply goods and services from source through
fully from information technology, realize genuine productivity, and
consumption.
become competitive and effective, many organizations actually
Information systems can help participants in the supply chain to:-
need to be redesigned. They will have to make fundamental

Decide when and what to produce, store, and move
changes in employee and management behavior, develop new

Rapidly communicate orders
business models, retire obsolete work rules, and eliminate the

Track the status of orders
inefficiencies of outmoded business processes and organizational

Check inventory availability, transportation, and warehousing
structures. New technology alone will not produce meaningful
costs
business benefits.

Track shipments
3. The globalization challenge: How can firms understand the

Plan production based on actual customers demand
business and system requirements of a global economic

Rapidly communicate changes in product design
environment? The rapid growth in international trade and the
CUSTOMER RELATIONSHIP MANAGEMENT - CRM
emergence of a global economy call for information systems that
CRM focuses on managing all of the ways that a firm deals with
can support both producing and selling goods in many different
existing and potential new customers. CRM uses information
countries. In the past, each regional office of a multinational
systems to integrate all of the business process surrounding the
corporation focused on solving its own unique information
firm’s interactions with its customers in sales, marketing and
problems. Given language, cultural, and political differences among
service.
countries, this focus frequently resulted in chaos and the failure of
CRM systems facilitate:-
central management controls. To develop integrated, multinational,

Unified view of customers
information systems, businesses must develop global hardware,

Consistent message to customers
software, and communications standards; create cross-cultural

End to end customer care

Long term customer relationship

Identification of best customers
accounting and reporting structures; and design transnational
business processes.
4. The information technology infrastructure challenge: How can
organizations develop an information technology infrastructure
The Challenge of Information Systems: Key Management Issues
Although information technology is advancing at a blinding pace,
that can support their goals when business conditions and
technologies are changing so rapidly? Many companies are saddled
with expensive and unwieldy information technology platforms that
there is nothing easy or mechanical about building and using
cannot adapt to innovation and change. Their information systems
information systems.
are so complex and brittle that they act as constraints on business
There are five major challenges confronting managers:
strategy and execution. Meeting new business and technology
1. The information systems investment challenge: How can
organizations obtain business value from their information systems?
challenges may require redesigning the organization and building a
new information technology (IT) infrastructure.
by Oteino B
Page 14 of 33
5. Ethics and security: The responsibility and control challenge: How
The internet is a global network of computers. It is multimedia
can organizations ensure that their information systems are used in
based i.e. it presents information inform of text, voice, video,
an ethically and socially responsible manner? How can we design
animation, pictures e.t.c.
information systems that people can control and understand?
It is based on clients/server architecture in which some computers
Although information systems have provided enormous benefits
are designated as server and others as clients. Clients can be
and efficiencies, they have also created new ethical and social
computers, mobile phones, smart phones that access services from
problems and challenges.
servers. Servers are the main computers on the internet that
Knowledge Management Systems
provide internet services such as web, email, file transfer, database,
The value of a firm’s products and services is based not only on its
and communication e.t.c.
physical resources but also on intangible knowledge assets. Some
It’s based on packet switching technology in which message are
firms perform better than others because they have better
subdivided and packed into message units called data packets. The
knowledge about how to create, produce, and deliver products and
typical structure of a data packets include
services. This firm knowledge is difficult to imitate, unique, and can
Source
Destination
Message
Packet
Error
be leveraged into long-term strategic benefit. Knowledge
Address
Address
Unit
Sequence
check
Number
bits
management systems collect all relevant knowledge and experience
in the firm and make it available wherever and whenever it is
Data packets travel independently and can follow different routes in
needed to support business processes and management decisions.
the internet depending on network conditions upon reception have
They also link the firm to external sources of knowledge.
to be reassembled into the original message.
Knowledge management systems support processes for acquiring,
It is based on mesh topology that provides multiple paths for
storing, distributing, and applying knowledge, as well as processes
routing data packets from one destination to another.
for creating new knowledge and integrating it into the organization.
It is based on universally acceptable standards and protocols called
They include enterprise-wide systems for managing and distributing
TCP/IP protocol. Transmission control protocol ensures reliable
documents, graphics, and other digital knowledge objects, systems
delivery of data packets on the internet and that data packets are
for creating corporate knowledge directories of employees with
received without getting lost or received in errors.
special areas of expertise, office systems for distributing knowledge
Internet protocol IP is responsible for routing data packets from
and information, and knowledge work systems to facilitate
one point to another using the most reliable efficient route. It
knowledge creation.
chooses the best path and most economical to transfer the data
Other knowledge management applications are expert systems that
packets. Other protocol of the TCP/IP protocol include; FTP, UDP,
codify the knowledge of experts in information systems that can be
TELNET, ARP e.t.c.
used by other members of the organization and tools for
All devices on the internet are all assigned unique IP address to
knowledge discovery that recognize patterns and important
facilitate sending and receiving data. Two versions of addresses are
relationships in large pools of data. Examples of knowledge
currently used:-
management systems
IPv4 – That uses 4 decimal numbers between 0 and 255 separated
by 4 full stops. Example includes 192.168.01.24. It can provide a
maximum of 4.2biliion addresses.
IPv6 – that uses hexadecimal numbers separated by 6 full colons.
Example include 100E:27BD:FACE:1970:BD75:48F9. It is downward
compatible with IPv4 and can accommodate up to 2128 addresses.
To connect to the internet you need

An ISP connection, TCP/IP protocol suite, Web browsing
software, Internet enabled device or network, Routers for
LANs and WANs, Switches and Hubs, Cables 4 wired
Internet
connections, Network cards
by Oteino B
Page 15 of 33
replace existing distribution channels or extend them, creating
Internet
Intranet
Extranet
outlets for attracting and serving customers who otherwise would
Public network
Private network
Private network
not patronize the company. For example, Web-based discount
accessible by all
accessible only by
accessible by
brokerages have attracted new customers who could not afford
users
employees of the
employees
paying the high commissions and fees charged by conventional
organization
together and
brokerage and financial services firms. Internet technology is
trusted
helping companies radically reduce their transaction costs.
customers,
What’s more, Internet technology is providing the infrastructure for
suppliers and
running the entire business because its technology and standards
business
enable information to flow seamlessly from one part of the
partners
organization to another. Internet technology provides a much less
Based on TCP/IP
Based on TCP/IP
Based on
expensive and easier to use alternative for coordination activities
protocol and
protocol and
TCP/IP protocol
than proprietary networks.
standards
standards
and standards
Managers are using e-mail and other Internet communication
Covers mostly a
Covers a wide
capabilities to oversee larger numbers of employees, to manage
Covers a wide
small geographical
geographical
many tasks and subtasks in projects, and to coordinate the work of
geographical area
area but can also
area WAN
multiple teams working in different parts of the world. Internet
WAN
cover wide area for
standards can link disparate systems, such as those for order
multinational
processing and logistics tracking, which previously could not
organizations
communicate with each other. The Internet also reduces other
Less Secure
Very Secure
agency costs, such as the cost to coordinate activities of the firm
Secure
with suppliers and other external business partners. The low-cost
Internet Technology and the Digital Firm
connectivity and universal standards provided by Internet
For a number of years, companies used proprietary systems to
technology are the driving force behind the explosion of electronic
integrate information from their internal systems and to link to their
business and the emergence of the digital firm.
customers and trading partners. Such systems were expensive and
based on technology standards that only a few companies could
follow.
The Internet is rapidly becoming the infrastructure of choice for
electronic commerce because it offers businesses an even easier
way to link with other businesses and individuals at a very low cost.
It provides a universal and easy-to-use set of technologies and
technology standards for all organizations, no matter which
computer system or information technology
platform the organizations are using.
Trading partners can directly communicate with each other,
bypassing intermediaries and inefficient multilayered procedures.
Web sites are available to consumers 24 hours a day.
Some information-based products, such as software, music, and
videos, can actually be physically distributed over the Internet.
Vendors of other types of products and services use the Internet to
EXTRANET
distribute the information surrounding their wares, such as product
An extranet is similar to an intranet but it is made accessible to
pricing, options, availability, and delivery time. The Internet can
selected external partners such as business partners, suppliers, key
by Oteino B
Page 16 of 33
customers, etc, for exchanging data and applications and sharing
3.
Improved customer service - better access to accurate and
information.
consistent information by your staff leads to enhanced levels of
Benefits of extranets
customer service
1.
2.
3.
4.
5.
6.
7.
More integrated supply chains through the use of online
4.
Reduction in paperwork - forms can be accessed and
ordering, order tracking and inventory management
completed on the desktop, and then forwarded as appropriate
Reduced costs by making manuals and technical
for approval, without ever having to be printed out, and with
documentation available online to trading partners and
the benefit of an audit trail
customers
THE WOLRD WIDE WEB (WEB)
More effective collaboration between business partners -
The web is a system of universally accepted standards of storing,
perhaps members of a project team by enabling them to work
retrieving, formatting and displaying information using the chart
online on common documentation
server architecture on the internet. The web combines text, video,
Improved business relationships with key trading partners
sound etc i.e. it’s multimedia. It uses a graphical user interface for
because of the close collaborative working that extranets
ease of viewing and navigation
support
The documents in web are formulated according to the accepted
Improved customer service by giving customers direct access
standards
to information and enabling them to resolve their own queries

HTML-Hyper Text Mark Up Language
Improving the security of communications between you and

XML-Extension Mark Up Language
your business partners, since exchanges can take place under a

WML-Wireless Markup Language
controlled and secure environment

XHML- Extensible Hyper Text Mark Up Language
Shared news of product development exclusively with partner
A collection of documents or web pages that belong to an
companies
organisation, an individual, a group or a government is called a
website
INTRANET
In a website, the most important web page is called the home page.

It refers to an organization private or internal network
It’s the start up page that welcome the users to the website. It
designed using web standards and is protected from public
allows users to navigate to or the resources and services offered by
visits by firewalls.
the website by providing links that direct you to those services
Access rights are only given to the employees or member
To access a website, you must know its URL (uniform resource
within an organization.
locator). The URL points to a specific address of a specific resource
Firewalls are security systems that consist of hardware and
such as a website on the web. For example the URL of Kenyatta
software placed between an organization . Internal network
University is Http://www-kenyattauniversity.ac.ke
and an external network including the internet. They are
In a web page, the documents are formulated to have hyper links
programmed to intercept each message packet passing
which when you select or click on direct you to other website on a
between the two networks, examine the characteristics of the
web. The hyperlinks are either a hypertext which is a text that
message and reject unauthorized messages or access attempts.
contains a hyperlink or a hyper-media which can be a picture, an
Intranets require no special hardware and can run over any
image, a video or animation containing a hyperlink
existing network infrastructure.
To search for info on the web we use search digits such as Google,



Lycos, Ask com, Alta vista.
Benefits of intranets
A web portal like yahoo.com and MSN.com provide users with
1.
Better internal communications - corporate information can be
access to a variety of online products, services and resources on the
stored centrally and accessed at any time
web that include email, sports, news, weather, finance and health
Sharing of resources and best practice - a virtual community
etc.
can be created to facilitate information sharing and
Web Hosting
2.
collaborative working
by Oteino B
Page 17 of 33
For users to access a website it must be hosted. Web hosting is the
counter .The electronic wallet enters the shopper’s name, credit
process of uploading a website to a web server and assigning it an
card no. and shipping information automatically when invoked to
IP address and a domain name to facilitate access. A variety of
complete the purchase e.g yahoo wallet
options exist for web hosting that include:-
2.

Hosting your own websites
They are mostly used for purchase of low value goods /services e.g.

Outsourcing web hosting services
downloading music clips, posters etc they are implemented in two

Using virtual web hosting services
different ways.

Using sub domains


U
sing free web hosting services
Micro-payment system
Accumulated balance digital payment system-that allows users
to make micro-payment and on the web, accumulating debit
balance that they must pay periodically using credit cards e.g.
E-COMMERCE AND E-BUSSINESS
Qpass
E-commerce is buying and selling products and services using the

ii) Stored value payment system-enables consumer to make
internet
instant online payment based on a value stored in a digital
E-business in addition to buying and selling using the internet also
account
includes activities such as pricing, distribution, marketing,
3. Smart card
payments, shipping and other support activities to ensure
It’s a plastic card almost the size of a credit card that store and
successful online trading.
process digital information it serves as an electronic purchase in
Mobile commerce-it’s buying and selling products and services on
place of cash. it can be able to record details of financial
the internet using hand held devices such as mobile phones,
transactions and update account balances e.g. American express
internet phones, smart phones and palm top computers
blue smart card
CATEGORIES OF E-COMMERCE
4. Digital cash (E-cash) they are suitable for large purchases. Digital
E-commerce transactions can be classified into a no. of groups
cash is currently represented in electronic form that moves outside
including
normal network of money. users are supplied with direct software
1. Business to consumer E-commerce - B2C
and can exchange money with another E-cash user over internet
It involves retailing products and services to individual shoppers in
e.g. E-coin.net
the internet e.g. Barnes and Nobbs.com it sells book soft ware and
5. Digital cheque-payment system such as western union money
music to individual customers
transfer extend functionality of existing chequeing account to be
2. Business to Business E-commerce - B2B
used for online payment, they are less costly, the cheque can be
It involves selling of goods and services among businesses using the
encrypted to secure them
internet for example milpro.com is a website for selling cutting
6.Use of credit cards and debit cards
tools, grinding wheels and metal work fluid to other hundreds of
Advantages of E-commerce to business
small machining businesses
1. E-commerce system offers round the clock operations
3. Consumer to consumer E-commerce - C2C
2. Global customer reach
It involves consumer selling directly to other consumers using the
3. Low cost of acquiring services and retaining customers
internet e.g. eBay.com is a giant web auction site that allow people
4. Improved customer service
to sell their goods and services to other consumers by auctioning
5. Disintermediation such that customers and suppliers can be
the merchandise to the highest bidder
reached directly eliminating expensive middle men
Other forms of E-commerce include business to government E-
6. Firms can deploy knowledge of customer behavior using
commerce and govt to govt E-commerce
customization and tracking tools
MODES OF E-COMMERCE PAYMENTS
7. Reduce business transaction costs through use of systems such as
1.
EDS and EFT
E-commerce payment system
It securely stores credit cards and owners identification info and
Advantages of E-commerce to consumers
provide the info whenever required on E-commerce site checkout
1. Easy and convenient shopping
by Oteino B
Page 18 of 33
2. A wide variety of goods to choose from

Text Ads - e.g. Google, Facebook
3. Affordable goods to choose from

Video Ads - e.g. YouTube
4. 24 hrs shopping

Audio Ads – e.g. Saavn
5. Better customer support and services

Promoted Content - e.g. Twitter, Facebook
6. Prices of products/services can easily be compared

Paid content promotion

Recruitment Ads - e.g. LinkedIn

Classifieds - e.g. JustDial, Quikr

Featured listings - e.g. Zomato, CommonFloor
built around the internet are not yet proven

Email Ads – e.g. Yahoo!, Google
2. Legal issues-Law governing E-commerce are still being written

Location-based offers - e.g. Foursquare
Disadvantages of E-commerce
1. Unproven business models-Not all companies make money on the
web; many companies have shut down because it’s difficult to
generate enough revenue to sustain web business. Business models
and most are not enforceable as law e.g. the legality of E-mail
2. Freemium model
contact is still questionable, other problems include location laws
Perhaps the most common model used by Web services. The idea
between different countries
here is to sell a basic free product to as many customers as possible,
3. Trust, security and privacy-Many consumers have remained
but keep the premium features exclusively for paying customers. A
hesitant to make purchase over the web from unfamiliar vendors
large number of SaaS products use this model. For instance,
due to privacy, fraud and security concerns
Dropbox offers 2GB of free cloud data storage. But if one wants
4. E-commerce and E-business systems require radical changes in
more space, one has to pay up. Dropbox's purchase plans. Other
business process and environments. These create uncertainty in the
examples include Adobe Flash, Evernote, Google Docs/Drive,
organization and are likely to be resisted by employees
LinkedIn, Prezi, Slideshare, Skype, Wordpress, and many mobile
5. Difficulty of inspecting goods that are not within physical reach of
games like Farmville, Angry Birds etc.
buyer (i.e.) WYSWYG(What you see is what you get)
3. E-commerce
The traditional world of retail comprising of malls and high street
stores changed forever in the 90s when companies
like Amazon emerged. Because they could save on expensive real
estate costs, the prices offered on these stores were significantly
lower.
Selling through e-commerce can include:

Retailing – e.g. Myntra

Marketplace – e.g. Snapdeal

Sharing Economy - AirBnB

Aggregators – e.g Taxi for Sure

Group buying – e.g. Groupon

Digital goods / downloads – e.g. iTunes

Virtual goods – e.g. Zynga
1. Advertising

Training – e.g. Coursera, SimpliLearn
One of the oldest money-making sources, this model is under

Pay what you want – e.g. Instamojo (optional)
constant evolution. With the general internet population having

Auction commerce – e.g. eBay
access to ad-blocking tools, the industry has gone on to employ

Crowdsourced Services – e.g. Elance, oDesk
The common internet revenue models include:-
complex and creative methods to stay relevant.
4. Affiliate Marketing

Display Ads - e.g. Yahoo!
Mostly followed by high-traffic blogs, this is a model wherein the

Search Ads - e.g. Google
publisher signs up for affiliate programs related to their
by Oteino B
Page 19 of 33
service/content and convert their users to customers of their

Search Data – e.g. Google
affiliates/advertisers. In most cases this involves a publisher earning

Benchmarking services – e.g. Comscore
a commission when a user follows a link on their blog to another

Market research – e.g. MarketsandMarkets
site and this converts into the user buying something at the affiliate
The famous annual appeal from Jimmy Wales
site.A recent example is several well-known bloggers pushing out
8. Sponsorship/Donations
MotoG reviews and then linking to the Flipkart exclusive sale site for
Many services are sponsored by government organizations and
commissions.
major funds if it directly helps them or the world at large, for
5. Subscription Model
example, Khan Academy is funded by the Gates Foundation and
Newspapers, Gym, Magazines – yes, all of them use a subscription
Google. Then there is the Wikipedia model where the users are
model. So, it has been existent since long.In the digital domain,
asked to willingly donate small to large amounts of donation to help
software, which was once dominated by the licensing model, is
support the initiative. Many browser extensions and Wordpress
slowly moving towards a subscription model. Generally, unlimited
plugins etc. also follow this route.
usage is offered, but a few have a specified cap above which they
9. Build to sell (to Google, Facebook and others)
charge a higher rate.
This might be counterintuitive and not the best of ‘revenue models’
The different sub-models are:
because there is no revenue involved. But many companies have

Software as a Service (SaaS) – e.g. Freshdesk
built traction over time and never worried about how they are going

Service as a Service – e.g. PayU
to make money, and have finally sold for big bucks to the internet

Content as a Service
giants, for example, Instagram, Pinterest.

Infrastructure/Platform as a service – e.g. AWS, Azure
Mobile and Gaming Revenue Models

Membership Services – e.g. Amazon Prime

Paid App Downloads – e.g. WhatsApp

Support and Maintenance – e.g. Red Hat

In-app purchases – e.g. Candy Crush Saga, Temple Run

Paywall – e.g. ft.com, NYtimes

In-app subscriptions – e.g. NY Times app
6. Licensing

Advertising – e.g. Flurry
Licensing could be for usage, which is the model for Intellectual

Transactions – e.g. Airtel Money
Property (patents, copyrights, trademarks). This type of license is

Freemium – e.g. Zynga
usually limited by time, territory, types of products, volume, etc. The

Subscription -- e.g. World of Warcraft
other kind is for certification, like the McAfee SECURE trustmarks

Premium – e.g. xBox games
used for Internet websites.

Downloadable Content – e.g. Call of Duty

Ad-supported

Per Device/Server License – e.g. Microsoft products

Per Application instance – e.g. Adobe Photoshop

Per Site License – e.g. Private cloud on internal

E-GOVERNMENT
infrastructure
This refers to the application of electronic means in the interaction
Patent Licensing – e.g. Qualcomm
between government and citizens, government and businesses as
7. Selling Data
well as in internal government operations to simplify and improve
High-quality, exclusive data is very valuable in the digital age. Many
democratic and business aspects of governance
companies specialize in lead generation of potential customers and
Areas where E-government is beneficial and applicable
sell them to third parties. You don’t pay for services like Google,

Online license applications and renewals
Twitter and Facebook. But they aggregate high quantities of data

Online renewal of car tags and vehicles registration
about you and several millions like you and show you contextual

Payment of property taxes online
advertisements based on this data. Which is why ‘you are not the

Payment of utility bills online
customer, you are the product being sold.’

Registering and voting online

Downloading of forms on websites e.g. passport application

User data – e.g. LinkedIn
by Oteino B
Page 20 of 33

Submitting forms online e.g. ID application
One of the benefits of outsourcing is that your organization will be

Online help with filling forms e.g. permits, birth and death
free to concentrate on your core business. By outsourcing all your
certificates
non-core functions, your employees can be put to better use and
Online repository of public information such as laws, rules and
you will be able to see a huge growth in your core business.
regulations
7. Improved customer satisfaction

Online polls and questionnaire
With timely deliveries and high-quality services you can impress your

Online discussion groups to facilitate democratic exchange of
customers. Outsourcing can help you benefit from increased
Ideas
customer satisfaction and your customers will remain loyal to your

Advantages of E-government
organization.

It reduces government expenditure as a result of reduced work
8. Increased efficiency
force
Another benefit of outsourcing is increased efficiency. Your non-

Cheaper and better services for citizen of a nation
core business functions will be performed efficiently by your

Round the clock services i.e. services can be provided anytime
outsourcing partner, while your core functions can be efficiently

Services can easily and cheaply reach geographically dispersed
carried out in-house.
areas
Disadvantages of Outsourcing
Disadvantages of E-government
· Loss of managerial control, because it is more difficult to manage

outside service providers than managing one’s own employees
Expensive to implement and establish due to very high costs to
be incurred in the installation of ICT hardware and software

Limited access to only those with the knowledge to use the
between two companies and the time spent to coordinating the
Insecurity threats due to use of vulnerable networks and
contract.
systems

· Often the hidden costs are difficult to calculate or prepare for.
These include legal costs related to putting together a contract
systems

working possibly in the same building.
Control and management of systems might be a challenge
· Threat to security and confidentiality. If your company is
outsourcing processes like payroll, medical transcriptions or other
confidential information, a company must be very careful in
OUTSOURCING
The process of turning over an organization’s computer center
choosing which process it wants to outsource and to which
provider.
operations, telecommunications networks or applications
· A possible loss of flexibility in reacting to changing business
development to external vendors is called outsourcing
conditions, lack of internal and external customer focus and sharing
The Benefits of Outsourcing
cost savings may also be a disadvantage of outsourcing.
1. Take advantage of the cost-advantages
Outsourcing can give you access to cost-effective services. Getting
access to high-quality services at a cost-effective price is the biggest
· Unfavorable contract lengths, loss of competitive edge, problems
in contract renewal, and contractual misunderstandings.
• The company that outsourcers can get into serious trouble if the
benefit that you can get while outsourcing.
service provider refuses to provide business due to bankruptcy, lack
2. Save Big
One of the benefits of outsourcing is that you can save on every
of funds, labor etc
• Outsourcing requires the control of the process being outsourced
aspect of your business and increase your profits. When you
by transferred to the service provider. Thus the company may lose
outsource, you can save on time, effort, infrastructure and
control over its process
manpower.
3. Get access to specialized services
By outsourcing you can get expert and skilled services. This benefit
of outsourcing has been the key reason why several outsourcers opt
Michael porter’s five forces model
According to Michael Porter, a firm can survive and succeed in the
for outsourcing.
long run if it successfully develops strategies to confront five
4. Concentrate more on your core business
by Oteino B
Page 21 of 33
competitive forces that shape the structure of competition in its

Differentiate
industry. These include:

Innovate
1. Rivalry of competitors within its industry

Promote Growth
2. Threat of new entrants

Develop Alliances
3. Threat of substitutes

Improve quality and efficiency
4. Bargaining power of customers

Build an IT platform
5. Bargaining power of suppliers

Use inter organizational information systems to create
A variety of competitive strategies can be developed to help a firm

confront these competitive forces.
Cost Leadership Strategy
switching costs that lock in customers and suppliers.
-
Use investments in IT to build barriers to entry against industry
outsiders.

Become a low cost producer of products and services
Find ways to help suppliers or customers reduce their costs
Use IT components to make substitution of competing
products unattractive.
Increase the costs of competitors.
Differentiation Strategy
Improving Business Processes:
Develop ways to differentiate products and services from
Investments in information technology can help make a firm’s
competitors. Reduce the differentiation advantages of competitors.
operational processes substantially more efficient, and its
Innovation Strategy
managerial processes much more effective. By making such
-
Find new ways of doing business:
improvements to its business processes a firm may be able to:
Develop new products & services
1.
Dramatically cut costs
Enter new markets or marketing segments.
2.
Improve the quality and customer service
Establish new business alliances
3.
Develop innovative products for new markets
Find new ways of producing products/services
Find new ways of distributing products/services
Promoting Business Innovation
Growth Strategies
Investments in information systems technology can result in the
Significantly expand the companys capacity to produce goods and
development of new products, services, and processes. This can:
services.
1. Create new business opportunities
Expand into global markets
2. Enable a firm to enter new markets
Diversify into new products and services
3. Enable a firm to enter into new market segments of existing
Integrate into related products and services.
markets.
Alliance Strategies
Lock In Customers & Suppliers
Establish new business linkages and alliances with customers,
Investments in information technology can also allow a business to
suppliers, competitors, consultants and other companies (mergers,
lock in customers and suppliers (and lock out competitors) by
acquisitions, joint ventures, forming virtual companies, etc.).
building valuable new relationships with them. This can be
accomplished by:
Strategic Roles for Information Systems:
1. Deters both customers and suppliers from abandoning a firm for
How can the preceding competitive strategy concepts be applied to
its competitors or intimidating a firm into accepting less
the strategic role of information systems? Information technology
profitable relationships.
can be used to implement a variety of competitive strategies. These
include the five basic competitive strategies (differentiation, cost,
innovation, growth, alliance), as well as other ways that companies
2. Offer better-quality service to customers allows a company to
differentiate themselves from their competitors.
3. Create inter organizational information systems in which
can use information systems strategically to gain a competitive
telecommunications networks electronically link the terminals
edge. For example:
and computers of businesses with their customers and

suppliers, resulting in new business alliances and partnerships.
Lower Costs
by Oteino B
Page 22 of 33
Creating Switching Costs
2. Break geographic barriers.
A major emphasis in strategic information systems is to build
3. Break cost barriers.
switching costs into the relationships between a firm and its
4. Break structural barriers.
customers or suppliers. That is, investments in information systems
Breaking Time Barriers
technology can make customers or suppliers dependent on the
Information technology is used to shorten the intervals between
continued use of innovative, mutually beneficial inter organizational
the various critical steps in a business process. Telecommunications
information systems. Then, they become reluctant to pay the cost
is a lot faster than most other forms of communications, thus, it
in time, money, effort, and inconvenience that it would take to
provides information to remote locations immediately after it is
change to a firm’s competitors. Example: APOLLO (USA) airline
requested.
reservation system, and GEMNI (CAN) airline reservation system
Breaking Geographic Barriers
Raising Barriers to Entry
Telecommunications networks enable you to communicate with
Investment in information technologies that increase operational
people almost anywhere in the world. Telecommunications and
efficiency can erect barriers to entry for new players in the industry,
computing technologies make it possible to distribute key business
and can discourage firms already in the market. This can be
activities to where they are needed, where they are best performed,
accomplished by:
or where they best support the competitive advantage of a
1. Increasing the amount of investment or the complexity of the
business.
technology required to compete in a market segment.
Breaking Cost Barriers
2. Discourage firms already in the industry and deter external firms
Computers and telecommunications can often significantly reduce
from entering the industry.
the cost of business operations when compared with other means
Leveraging a Strategic IT Platform
of information processing and communications. For example, they
Information technology enables a firm to build a strategic IT
can reduce costs in such areas as production, inventory,
platform that allows it to take advantage of strategic opportunities.
distribution, or communications. Information technologies have
Typically, this means acquiring hardware and software, developing
also helped companies cut labour costs, minimize inventory levels,
telecommunications networks, hiring information system
reduce the number of distribution centres, and lower
specialists, and training end users. A firm can then leverage
communications costs.
investment in information technology by developing new products
and services.
Information systems security
Developing a Strategic Information Base
Introduction
Information systems allow a firm to develop a strategic information
It is very difficult to secure computer systems due to their
base that can provide information to support the firm's competitive
complexity and cost. The security of computer system is further
strategies. A firms’ database is considered a strategic resource
complicated by the need to balance between security and
which is used to support strategic planning, marketing, and other
productivity, since too strict security measures curtail productivity.
strategic initiatives. These resources are being used by firms in such
The other important issue is that to be viable security policy and
areas as:
framework should be duly implemented and enforced in the
1. Strategic planning
organization. Employees, system auditors, managers and other
2. Marketing campaigns
users who have either direct or indirect access to computer systems
3. Erecting barriers to entry for competitors
are likely to be the major perpetrators of computer security attacks.
4. Finding better ways to lock in customers and suppliers
Employees and other stakeholders have to be monitored and
Breaking Business Barriers:
motivated to actively take the initiative to protect and secure
Several vital capabilities of information technology that break
computer systems.
traditional barriers to strategic business success include:
Computer systems are difficult to protect for a number of reasons
1. Break time barriers.
that include:by Oteino B
Page 23 of 33

The complexity of computerized systems
may involve modification, deletion or destruction.

The difficulty of detecting changes to computerized systems
There are many ways in which computer systems can be attacked

The many possible security threats and attacks such as virus
and threatened. This include
attack, hacking, malware, password attack e.t.c
1.
Virus attack – A virus is an illegitimate program capable

The prohibitive cost of securing computerized systems
replicating very fast and infecting and damaging computer

The many access points in computerized systems especially
programs and data. A time bomb is a virus program whose
networked system increase vulnerability
damage is triggered by the attainment of a certain specific
Properties of a secure system
time.
Authentication – Identify and ensure that users are who they
2.
purport to be. It requires that users provide usernames and
Theft – Stealing computer hardware and software and other
devices such as camera, printers, e.t.c
passwords.
3.
Password attack –This is where someone try to figure out your
Authorization – Once users have been authenticated they are
password and use it to illegally access computer systems
allowed to access all or part of the computer system depending on
without your authority for malicious intentions.
who they are. The system should provide different rights and
4.
Hacking – This is unauthorized access to computer systems
privileges to different categories of users. For example systems
with malicious intentions. Crackers also illegally access
administrators are given unlimited access to computerized systems
computer systems but not with malicious intention however
unlike normal users who are have limited access
they can cause damage and heavy losses just like hackers
Confidentiality - Protect information value and preserve the
5.
Malware – Targets organizations connected to the Internet.
confidentiality of sensitive data. Information should not be
Cyber vandals use data flowing through the Internet to
disclosed without authorization.
transmit computer viruses, which disable the computers they
Integrity - Ensure the accuracy and reliability of the information
"infect".
stored on the computer systems. Information should not be altered
6.
Spyware –They are software routines that travel in the
without authorization. Communication channels should relay
network with capability to intercept confidential information
messages in a secure manner to ensure that integrity.
that is conveyed in such networks
Availability - Ensure the continued of the information system and
7.
Spamming - usually targets organizations connected to the
all its assets to legitimate users at an acceptable level of quality of
Internet. Marketers send out unsolicited mass e-mail to
service. Any event that degrades performance or quality and of a
recipients who have not requested the information.
system affects availability
8.
Jamming - Targets organizations connected to the Internet.
Legislation - Ensure conformity to laws, regulations and standards
Jammers use software routines to tie up the computer hosting
Security refers to the policies, procedures, and technical measures
a website so that legitimate users can't access the site.
used to prevent unauthorized access, alteration, theft, or physical
9.
Sniffing - Targets organizations linked to the Internet. Sniffing,
damage to information systems. Security can be promoted with an
a form of eavesdropping, involves placing a piece of software
array of techniques and tools to safeguard computer hardware,
to interpret information passing from a user to the computers
software, communications networks, and data.
hosting a website. This information can include credit card
A security attack is the act or attempt to exploit vulnerability in a
numbers and other confidential data.
system. Security controls are the mechanisms used to control an
10. Phishing – It is a criminal and fraudulent process of attempting
attack. Attacks can be classified into active and passive attacks.
to acquire sensitive information such as user names,
Passive attacks - attacker observes information without interfering
passwords, and credit user details by sending e-mails and pop
with information or flow of information. He/she does not interfere
up advertisement that entice users to provide such
with operation. Message content and message traffic is what is
information.
observed.
11.
Active attacks - involves more than message or information
Spoofing - Targets organizations linked to the Internet
Spoolers fraudulently misrepresent themselves as other
observation. There is interference of traffic or message flow and
by Oteino B
Page 24 of 33
organizations, setting up false websites where they can collect
confidential information from unsuspecting visitors to the site.
12. Eavesdropping / Tapping – It is intercepting electronic
22. Trojan horse - It is a category of virus program which pretends
to be an otherwise genuine program and can easily hide
beneath the genuine programs. It can be able to cause damage
transmission as they travel from one point to another.
and delete files and programs without easily being detected.
Espionage mostly involves spying with a view to obtain
They are mostly spread using pirated computer games, music,
confidential data and information.
video and software.
13. Denial of service attack - In the denial of service attack, the
23. Piggy backing – It is the act following an authorized user
hacker flooded the server with requests to connect to other
through a secured door or electronically attaching to a
servers that did not exist. The server would try to establish
telecommunication link to intercept and possibly alter
connections with the nonexistent servers and wait for a
transmission in order to gain access to computer resources.
response while being flooded with thousands of other bogus
24. Piracy – It is the illegal act of copying, reproducing, and
connection requests. This caused the server to deny service to
distributing software programs without authority. Software
legitimate users because it was overwhelmed trying to handle
pirates download software programs from the internet or get
the bogus requests
the software from other users and crack the product key which
14. Cyber terrorism – It is perpetuating acts of terrorism using
computers and internet resources. It can involve sending
allows them to use the software free without purchasing it.
25. Worms – It is like a virus program however it does not damage
threatening messages and posting scary videos and pictures of
computer files and programs. The worms have ability to
the internet.
replicate very fast and take up any available storage space and
15. Identity theft / Masquerading – It is assuming somebody’s
transmission space preventing users from saving data in
identity by falsifying information, profiles or stealing their
computer systems or even be able to transmit data from one
passwords and user names. It is usually done for malicious
point to another by clogging transmission networks.
intention and to fraudulently obtain favours and information
about the person.
26. Vandalism – Disrupting telecommunication transmission by
vandalizing cables and power transmissions.
16. Errors – Errors are either intentional or unintentional. They are
due to mistakes, lack of knowledge and skills. Errors can be
caused by hardware failure, software faults, or people actions.
17. Natural disaster –These are natural calamities such as floods,
earthquakes, strong winds, wild fires e.t.c that are caused by
27. Equipment failure – Hardware system and other peripheral
devices fail due to fault in their systems.
28. Data diddling – It is also called data corruption. It involves
changing and altering data without authority and for malicious
intentions and personal gains.
situation beyond the control of human beings.
18. Sabotage – It is a criminal activity that involves affecting the
CREATING A CONTROL ENVIRONMENT
normal operation of the computer system and provision of
To minimize errors, disasters, interruptions of service, computer
services. These can involve acts such as cutting cables,
crimes, and breaches of security, special policies and procedures
interfering with power supply, pouring water on the server
must be incorporated into the design and implementation of
e.t.c.
information systems. The combination of manual and automated
19. Salami slicing – It involve taking small but insignificant sum of
measures that safeguard information systems and ensure that they
money from many people or business transactions. If the
perform according to management standards is termed controls.
money is accumulated it becomes significant and of high value.
Controls consist of all the methods, policies, and organizational
20. Trap door – A program installed on a computer that permits
procedures that ensure the safety of the organization's assets, the
access to the computer, thus bypassing the normal
accuracy and reliability of its accounting records, and operational
authentication process.
adherence to management standards.
21. Fraud – Committing financial misappropriation using
computerized and electronic systems for personal gains.
Physical security procedures that may be adopted:
by Oteino B
Page 25 of 33
1. Bolting door locks — These require the traditional metal key to

Internet downloads and attachments
gain entry. The key should be stamped 'Do not duplicate.'

Pirated computer software, games, music and video
2. Combination door locks — These utilize a numeric keypad or

Hackers and malicious programmers
dial to gain entry. The combination should be changed at regular

Device drivers that accompany hardware and peripheral
intervals or whenever an employee with access is transferred, fired
devices
or subject to disciplinary action.
Virus protection measures
3. Electronic door locks — these utilize a magnetic or embedded

Use updated antivirus program to regularly scan computers
chip-based plastic card key or token entered into a sensor card
and files. These are programs such as Internet Kaspersky,
reader to gain access. A special code internally stored in the card or
Norton, Mr Clean, Macfee.
token is read by the sensor device that activates the door locking

Use diskless workstations
mechanism.

Ensure that all programs are installed only by authorized
4. Biometric door locks — use of individual’s unique body features,
persons
such as voice, retina, fingerprint or signature, activates these locks.

Internet downloads and attachments must be scanned
5. Manual logging — All visitors should be required to sign a

Protect against password cracking
visitor's log indicating their name, company represented, reason for

Maintain backup of important files and programs
visiting and person to see. Logging should be at the front reception
Protecting against password cracking
desk and at the entrance to the computer room.
The following principles can be observed when using passwords
6. Electronic logging — All access should be logged with

unsuccessful attempts highlighted.
Do not use your background information such as name, date of
birth, and anniversary as passwords.
7. Identification Badges (Photo Ids) — Badges should be worn

and displayed by all personnel. Visitor badges should be a different
memorisable

colour from employee badges for easy identification.
Passwords should not be written down they should be
8. Video cameras — They should be located at strategic points
Use a mixture of letters, numbers and special symbols as
passwords e.g. P@ssw0rd or xyz@2012
and monitored by security guards.

Passwords should be unique to an individual
9. Security guards — They could be used together -with video

Periodically change your passwords
cameras for efficiency.

Once a password has been used do not use it again i.e. recycle
10. Controlled visitor access - All visitors should be escorted by a
it

responsible employee.
11. Alarm systems — should be linked to inactive entry points,
Allow users a maximum of 3 attempts when trying to use their
passwords
motion detectors and the reverse flow of enter or exit only doors.

12. Controlled single entry point A controlled single entry point
Passwords should neither be too long or too short around 5-8
characters
monitored by a receptionist should be used by all incoming
Physical security measures
personnel.

Bolting door locks – use of keys and padlocks
Virus protection

Combination door locks – use of combination of unique

Signs that the computer has virus

The computer performance and speed suddenly degrades

Electronic door locks – use of swipe cards

Size of the file increase and decrease

Biometric door locks – use of biological features to gain access

The computer suddenly reboots or hangs

Manual logging and electronic logging

The computer posts funny or unfamiliar messages on the

Use of security personnel
screen

Use of badges and uniforms
A message or alert from the antivirus program

Escort agents
Sources of computer virus

CCTV cameras


Terminal locks

numbers to gain access
Infected storage devices such as flask disks
by Oteino B
Page 26 of 33
Environmental control measures
Private Key encryption
It includes measures such as
The same key is used to decrypt the data as well as encrypt the data.

Use of fire extinguisher
This private key must be known by both the sending and receiving

Use of fire and water detectors
encryption devices. Its main disadvantage is the safe and reliable

Strategically locating the computer and server room
distribution of the private key among the numerous encryption

Using uninterruptible power supply
devices. Since if the private key is intercepted, then the integrity of

Use of fire proof materials such as asbestos
the encryption systems are compromised.

Emergency power switch off
Public key encryption

Properly wiring and cabling ensuring that cables and wires are
It combines the use of both private and public key. In public key
placed in their panels and conduits
encryption the sending encryption devices encrypts a document
Logical access control measures
using the intended recipient public and the originating parties’

Use of usernames and passwords
private keys. The public keys are readily available in the public key

Firewalls
encryption directories. To decrypt the document the receiving

Encryption
encryption/decryption device must be programmed with its own

Access rights and privileges
private key and the sender’s public key. These eliminate the need

Intrusion detection systems
for safe transmission of private key between the sending and

Data classification and segregation
receiving parties. The 2 keys are related.

Terminal usage constraints
Fire walls
Personnel issue on security
Firewall is generally placed between internal LANs and WANs and
Most computer crimes and security breaches are done by
external networks such as the Internet. The firewall controls access
employees of the organization or with people who have access to
to the organization's internal networks by acting like a gatekeeper
computer system like vendors, outsourced employees, maintenance
that examines each user's credentials before they can access the
personnel, clients, cleaners and security personnel.
network. The firewall identifies names, Internet Protocol (IP)
The organization should come up with security policies and
addresses, applications, and other characteristics of incoming
practices to ensure that these personnel are closely monitored for
traffic. It checks this information against the access rules that have
any acts of security breaches.
been programmed into the system by the network administrator.
These policies can include:-
The firewall prevents unauthorized communication into and out of

Segregation of responsibility
the network, allowing the organization to enforce a security policy

Training employee on security issue
on traffic flowing between its network and the Internet.

Periodic employee performance evaluation
Digital signatures

Job rotation
Digital signatures and digital certificates help with authentication. A

Secure termination policy
digital signature is a digital code attached to an electronically

Good hiring practices
transmitted message that is used to verify the origins and content

Enforcement of security measures
of a message. It provides a way to associate a message with the
Encryption
sender, performing a similar to a written signature. For an electronic
This is the process of scrambling data. It involves using
signature to be legally binding in the court someone must be able to
mathematical algorithm (Key) to change plaintext into cipher text.
verify that the signature actually belongs to whoever sent the data
Decryption involves changing back cipher text into plaintext.
and that the data were not altered after being "signed." Digital
Encryption protects against data corruption, password cracking,
certificates are data files used to establish the identity of people and
and Eavesdropping e.t.c
electronic assets for protection of online transactions. A digital
Encryption is based on mathematical algorithm usually called keys.
certificate system uses a trusted third party known as a certificate
The keys are used to decrypt and encrypt the data. There are 2
authority (CA) to validate a user's identity. The digital certificate
common ways of encryption.
system would enable, for example, a credit card user and merchant
by Oteino B
Page 27 of 33
to validate their digital certificates were issued by an authorized and
Security awareness – all employees, including management need be
trusted third party before exchange of data
aware on a regular basis of the importance of security.
Intrusion detection systems
Contingency planning
They represent fulltime monitoring tools that are placed at the most
A contingency is an unscheduled interruption of computing services
vulnerable point of an organization network to continually detect
that requires measures outside the day to day routine operating
and deter intruders. They look for known problems such as bad
procedures. A contingency plan must provide for standby
passwords or check to see if important files have been removed and
procedures to continue operations, recovery procedures to correct
modified and send warnings to the systems administrator.
the breakdown arid personnel management policies for the
Some intrusion detection systems shut down sensitive parts of a
procedures.
network if it receives unauthorized trap.
Contents of a contingency plan include:
Vulnerability
•
Definition of responsibilities.
Vulnerability is a weakness within the system that can potentially
•
Setting priorities.
lead to loss or harm. The threat of natural disasters has instances
•
Back-up and standby arrangements.
that can make the system vulnerable. If a system has programs that
•
Communication with staff.
have threats (erroneous programs) then the system is vulnerable.
•
Public relations.
Security policy
•
Risk assessment.
Security failures can be costly to business. Losses may be suffered
as a result of the failure itself or costs can be incurred when
DISASTER RECOVERY PLANNING
recovering from the incident, followed by more costs to secure
Disaster recovery planning devises plans for the restoration of
systems and prevent further failure. A well-defined set of security
computing and communications services after they have been
policies and procedures can prevent losses and save money. The
disrupted by an event such as an earthquake, flood, or terrorist
information systems security policy is the responsibility of top
attack. Business managers and information technology specialists
management of an organization who delegate its implementation
need to work together to determine what kind of plan is necessary
to the appropriate level of management with permanent control.
and which systems and business functions are most critical to the
The policy contributes to the protection of information assets. Its
company
objective is to protect the information capital against all types of
risks, accidental or intentional. An existing and enforced security
Importance of disaster management
policy should ensure systems conformity with laws and regulations,

To keep the business running uninterrupted after disaster
integrity of data, confidentiality and availability.

To protect assets and information against possible abuse and
Key components of such a policy include the following:
security threats
Management support and commitment - management should

To develop a plan that will reduce risks and uncertainty
approve and support formal security awareness and training.
Access philosophy - access to computerized information should be
Developing a disaster recovery plan
based on a documented 'need-to-know, need-to-do' basis.

Compliance with relevant legislation and regulations
Assess the risk of particular disaster such as floods, power
outages or terrorist attacks, occurring at your specific company
Access authorization – the data owner or manager responsible for

the accurate use and reporting of the information should provide
written authorization for users to gain access to computerized
Identify the most mission critical applications, the files they use
and where these files and applications are located

Develop an action plan for handling mission critical applications
information
such as using manual processes or running these applications
Reviews of access authorization – like any other control, access
at a safe location
controls should be evaluated regularly to ensure they are still
effective
by Oteino B
Page 28 of 33

Outline responsibilities of individuals staff members and
This is a traditional system development methodology is no longer
procedures to follow during a disaster. including how to locate
popular as it was in the late 70’s and early 80’s. SDLC consists of
and communicate with the employees
taking a large system development process and breaking the

Test the disaster recovery plan at least once a year
process into sequential stages done progressively one after the

Make sure you have the backing and support of a senior
other until the final system is developed. It main stages include
management to ensure compliance
Preliminary study
INFORMATION SYSTEMS DEVELOPMENT
Feasibility study
A systems analysis methodology provides a way to tackle the
development of each information system in a structured and
System investigation
detailed way. Typically, it dictates what the main stages of the
development are but also what steps should be done at each stage
System design
and what must be completed before moving on to the next stage. It
may also define what is produced at each stage, how the user
System construction
should be involved in the development and in short, provides a
complete plan for the project. A methodology usually consists of a
System implementation
collection of most of the following:

An underlying life-cycle model.
System review and maintenance

Project stages and the steps that make up each stage.
SDLC is suitable for large system projects that take long to develop.

Deliverables for each step/stage, the form of each
It is also suitable for projects which have clearly defined
model/deliverable, and the techniques to be used to produce
requirements.
each deliverable.
Advantages of SDLC
A set of principles / decision guidelines, that allow a project


planner to construct a detailed method for each particular
project — choices to determine which steps and deliverables
easy to manage, solve and control.

are appropriate, and the level of detail/abstraction to take for
In the stage, proper documentation is produced resulting in
well documented systems.

each model.
The system development is broken down into activities that are
Characteristics of a good development methodology
It possible to track development from one point to another
since each stage provides input to the other stage

Easy to understand and manage
Disadvantages of SDLC

Flexible and adaptable

It’s inflexible and cannot incorporate new requirements easily.

It should be an open methodology i.e. no restrictions on its use

The methodology focuses more on the process rather than the

It should reflect modern practices

It should focus more on producing the product than the
product.

process
It’s not suitable for web-based systems that incorporate
internet technology.

Approaches to systems development
Most system development using SDLC are always over budget

Prototyping

Packaged based development

Waterfall model

System Development life Cycle
PACKAGED BASED SOFTWARE DEVELOPMENT

End user Computing
Sometimes developing a system means finding the right software
and beyond time

A working system is availed later in the development cycle deny
user involvement
package that can readily be implemented from software vendors.
SYSTEMS DEVELOPMENT LIFE CYCLE SDLC
This methodology simply involves purchasing the right equipment
i.e. hardware & telecommunication and installing readymade
by Oteino B
Page 29 of 33
software that best suits the organisations new systems needs.
single computer system that can serve all those departments’
Advantages of this model
particular needs. ERP allows a company to automate and integrate
1.
Low development costs.
the majority of its business processes, including product planning,
2.
Shorten system implementation system cycle.
purchasing, production control, inventory control, interaction with
3.
Proven reliability and performance benchmark
suppliers and customer, delivery of customer service and keeping
4.
Requires less technical development staff
track of orders, to share common data and practices across the entire
5.
Future software updates provided by the software vendors.
enterprise, and to produce and access information in a real-time
Disadvantages
environment. ERP enables decision-makers to have an enterprise-
1.
The software package may not be a perfect fit for organisation
wide view of the information they need in a timely, reliable and
requirement.
consistent fashion. ERP applications market grew to $25.4 billion in
The best package may not be compatible / functional with
2005, and will reach $29 billion in 2006. Over the next five years, the
existing systems.
market will grow at an average of 10%.
2.
3.
4.
The organisation is in the hands of the package supplier in
terms of getting changes and enhancement made.
Advantages of ERP
It doesn't provide competitive advantage since even
With ERP to automate processes, the benefits are as follows:

Increase inventory turns

Increase inventory accuracy rate
END USER COMPUTING

Reduce inventory costs
End-user computing happens when computer-literate users

Improve customer service
develop their own systems. E.g. a faculty in a university develops its

Reduce setup times
own system.

Reduce paper work.
Advantages include:

Provide a unified customer database usable by all
competitors can acquire the software.

Reduce development backlog

Reduce time lag in development

Provide greater and effective control on account.

Creativity and expertise of end users is put to use;

Faster response and follow ups to customers

Users’ needs are met in exactly the way they want;

Improves supply demand linkage with remote locations

Increases user awareness of IS

Relieves work load of IT professional
applications
and branches in different locations
Disadvantages include:

Higher quality, less re-work

Timely revenue collection, improved cash flow

Duplication and waste of resources

Increased costs
Risks of ERP

Questionable quality
There is 70% percent of all ERP projects fail to be fully implemented,

Data integrity concerns
even after three years. Few companies are making full use of their

Resources are not used effectively.
ERP systems, despite the high cost of the software and the length of

Hardware and software might be incompatible between
time an implementation can take. Once installed, more than 50% of
departments.
companies said it was hard to make changes to ERP software in order
Systems can become badly designed and even worse
to meet any changes in business processes or requirements. More
documented.
than 50% of the companies did not measure their return on
Threats to data, as controls to who may access it or modify it
investment from business applications. The failure rates for ERP


projects are relatively high and could lead to the bankruptcy of the
ENTERPRISE RESOURCE PLANNING -ERP
corporation.
Enterprise Resource Planning (ERP) is software that attempts to
integrate all departments and functions across a company onto a
by Oteino B
Page 30 of 33
Challenges of ERP Implementation
institutions considered essential to the quality of life in an

Customization Related Challenges
information society.

Redesigning Business Processes
Five Moral Dimensions of the Information Age

Cost of upgrades/updates
The major ethical, social, and political issues raised by information

Training

Little flexibility in adapting to business processes

High integration costs

High maintenance costs

Lengthy or incomplete integrations
systems include the following moral dimensions:
Information rights and obligations. What information rights do
individuals and organizations possess with respect to information
about themselves? What can they protect? What obligations do
individuals and organizations have concerning this information?
Property rights and obligations. How will traditional intellectual
property rights be protected in a digital society in which tracing and
Critical Success Factors of Implementing ERP
accounting for ownership are difficult and ignoring such property
Critical factors to ERP implementation success:

ERP teamwork and composition;

Change management program and culture;

Top management support;

Business plan and vision; '

Business process re-engineering and minimum
rights is so easy?
Accountability and control. Who can and will be held accountable
and liable for the harm done to individual and collective information
and property rights?
System quality. What standards of data and system quality should
we demand to protect individual rights and the safety of society?
customization;
Quality of life. What values should be preserved in an information-

Effective communication;

Project management;

Software development, testing, and troubleshooting;

Monitoring and evaluation of performance;

Project champion; and

Appropriate business and information
and knowledge-based society? Which institutions should we protect
from violation? Which cultural values and practices are supported by
the new information technology?
Key Technology Trends That Raise Ethical Issues
technology legacy systems.
ETHICS
Ethics refers to the principles of right and wrong that individuals,
acting as free moral agents, use to make choices to guide their
behaviors. Information systems raise new ethical questions for both
The doubling of computing power every 18 months has made it
individuals and societies because they create opportunities for
possible for most organizations to use information systems for their
intense social change, and thus threaten existing distributions of
core production processes. As a result, our dependence on systems
power, money, rights, and obligations.
and our vulnerability to system errors and poor data quality have
Ethical issues in information systems have been given new urgency
increased.
by the rise of the Internet and electronic commerce. Internet and
Advances in data storage techniques and rapidly declining storage
digital firm technologies make it easier than ever to assemble,
costs have been responsible for the multiplying databases on
integrate, and distribute information, unleashing new concerns
individuals—employees, customers, and potential customers—
about the appropriate use of customer information, the protection
maintained by private and public organizations. These advances in
of personal privacy, and the protection of intellectual property.
data storage have made the routine violation of individual privacy
Other pressing ethical issues raised by information systems include
both cheap and effective. Already massive data storage systems are
establishing accountability for the consequences of information
cheap enough for regional and even local retailing firms to use in
systems, setting standards to safeguard system quality that protect
identifying customers.
the safety of the individual and society, and preserving values and
by Oteino B
Page 31 of 33
Advances in data analysis techniques for large pools of data are a
Due process is a related feature of law-governed societies and is a
third technological trend that heightens ethical concerns because
process in which laws are known and understood and there is an
companies and government agencies are able to find out much
ability to appeal to higher authorities to ensure that the laws are
detailed personal information about individuals. With contemporary
applied correctly.
data management tools companies can assemble and combine the
Information Rights: Privacy and Freedom in the Internet Age
myriad pieces of information about you stored on computers much
Privacy is the claim of individuals to be left alone, free from
more easily than in the past.
surveillance or interference from other individuals or organizations,
Think of all the ways you generate computer information about
including the state. Claims to privacy are also involved at the
yourself—credit card purchases, telephone calls, magazine
workplace: Millions of employees are subject to electronic and other
subscriptions, video rentals, mail-order purchases, banking records,
forms of high-tech surveillance (Ball, 2001). Information technology
and local, state, and federal government
records (including court and police
records). Put together and mined
properly, this information could reveal
not only your credit information but also
your driving habits, your tastes, your
associations, and your political interests.
Companies with products to sell purchase relevant information from
and systems threaten individual claims to privacy by making the
invasion of privacy cheap, profitable, and effective.
these sources to help them more finely target their marketing
campaigns. The use of computers to combine data from multiple
sources and create electronic dossiers of detailed information on
Federal Trade Commission Fair Information Practices Principles
individuals is called profiling.
ETHICS IN AN INFORMATION SOCIETY
Ethics is a concern of humans who have freedom of choice. Ethics is
about individual choice: When faced with alternative courses of
action, what is the correct moral choice? What are the main features
Property Rights: Intellectual Property
Contemporary information systems have severely challenged
existing law and social practices that protect private intellectual
property. Intellectual property is considered to be intangible
of ethical choice?
property created by individuals or corporations. Information
Basic Concepts: Responsibility, Accountability, and Liability
technology has made it difficult to protect intellectual property
Ethical choices are decisions made by individuals who are
responsible for the consequences of their actions. Responsibility is a
because computerized information can be so easily copied or
distributed on networks. Intellectual property is subject to a variety
key element of ethical action.
Responsibility means that you accept the potential costs, duties,
of protections under three different legal traditions: trade secret,
copyright, and patent law.
and obligations for the decisions you make. Accountability is a
feature of systems and social institutions: It means that mechanisms
TRADE SECRETS
Any intellectual work product—a formula, device, pattern, or
are in place to determine who took responsible action, who is
responsible. Systems and institutions in which it is impossible to find
compilation of data used for a business purpose can be classified as
a trade secret, provided it is not based on information in the public
out who took what action are inherently incapable of ethical
domain. Protections for trade secrets vary from state to state. In
analysis or ethical action.
Liability extends the concept of responsibility further to the area of
laws. Liability is a feature of political systems in which a body of laws
is in place that permits individuals to recover the damages done to
general, trade secret laws grant a monopoly on the ideas behind a
work product, but it can be a very tenuous monopoly. Software that
contains novel or unique elements, procedures, or compilations can
be included as a trade secret. Trade secret law protects the actual
them by other actors, systems, or organizations.
ideas in a work product, not only their manifestation. To make this
claim, the creator or owner must take care to bind employees and
by Oteino B
Page 32 of 33
customers with nondisclosure agreements and to prevent the
music; compactness—making theft easy; and difficulties in
secret from falling into the public domain.
establishing uniqueness.
The limitation of trade secret protection is that although virtually all
The proliferation of electronic networks, including the Internet, has
software programs of any complexity contain unique elements of
made it even more difficult to protect intellectual property. Before
some sort, it is difficult to prevent the ideas in the work from falling
widespread use of networks, copies of software, books, magazine
into the public domain when the software is widely distributed.
articles, or films had to be stored on physical media, such as paper,
COPYRIGHT
computer disks, or videotape, creating some hurdles to distribution.
Copyright is a statutory grant that protects creators of intellectual
Using networks, information can be more widely reproduced and
property from having their work copied by others for any purpose
distributed.
during the life of the author plus an additional 70 years after the
As more and more homes adopt high-speed Internet access, illegal
author’s death. For corporate-owned works, copyright protection
file sharing of videos will pose similar threats to the motion picture
lasts for 95 years after their initial creation. Congress has extended
industry. The manner in which information is obtained and
copyright protection to books, periodicals, lectures, dramas, musical
presented on the Web further challenges intellectual property
compositions, maps, drawings, artwork of any kind, and motion
protections.
pictures. The intent behind copyright laws has been to encourage
Web pages can be constructed from bits of text, graphics, sound, or
creativity and authorship by ensuring that creative people receive
video that may come from many different sources. Each item may
the financial and other benefits of their work. Most industrial
belong to a different entity, creating complicated issues of
nations have their own copyright laws, and there are several
ownership and compensation.
international conventions and bilateral agreements through which
nations coordinate and enforce their laws.
Reading list
Copyright protects against copying of entire programs or their
Global Information system and Business Value chain model…
parts. Damages and relief are readily obtained for infringement. The
drawback to copyright protection is that the underlying ideas
behind a work are not protected, only their manifestation in a work.
A competitor can use your software, understand how it works, and
build new software that follows the same concepts without
infringing on a copyright.
PATENTS
A patent grants the owner an exclusive monopoly on the ideas
behind an invention for 20 years. The congressional intent behind
patent law was to ensure that inventors of new machines, devices,
or methods receive the full financial and other rewards of their labor
and yet still make widespread use of the invention possible by
providing detailed diagrams for those wishing to use the idea under
license from the patent’s owner.
CHALLENGES TO INTELLECTUAL PROPERTY RIGHTS
Contemporary information technologies, especially software, pose
severe challenges to existing intellectual property regimes and,
therefore, create significant ethical, social, and political issues.
Digital media differ from books, periodicals, and other media in
terms of ease of replication; ease of transmission; ease of alteration;
difficulty classifying a software work as a program, book, or even
by Oteino B
Page 33 of 33