Introduction to Information Skills and Systems What is a System? A system is a collection of resources and processes that operate together to achieve some common purpose and hence fulfil some need. What is Information? Information is the meaning that we assign to data. Knowledge is acquired when information is received. Information Systems in Context An information system simply is a system whose primary purpose is to process data into information. It performs a set of information processes requiring participants, data/information and information technology. It performs the information processes of collecting, organising, analysing, storing/retrieving, processing, transmitting/receiving and displaying information. Information systems are created for a purpose and operate in a particular environment. The following diagram shows the relationships between each of these elements. Environment Purpose Who is it for? Needs they have? Information Systems Information Processes Participants Data/Information Information technology a) Purpose - The purpose for an information system is to fulfil some need or needs. To achieve this purpose is the aim or objective of the system. Information systems are often classified as either personal (individual) or group info systems. To determine the purpose of an info system the following steps should be followed: 1. Identify the people whose needs the info system should realise 2. Formulate a list of needs that the info system should realise 3. Translate these needs into objectives that form the system’s purpose b) Environment - The environment is everything that influences or is influenced by an information system and its purpose. It encompasses all the conditions and circumstances that surround the system. Eg An ATM is an information system that has to process data within an environment that cannot be fully controlled by the ATM system. Aspects of the environment that could potentially cause disruptions to the ATM info system achieving its purpose include: Power failure, Problems with the network connection, Incorrect output of cash, insufficient receipt paper, fraudulent use. c) Information Technology – the set of tools used by an information system and participants to perform work ie the hardware and software. The hardware is the physical equipment involved in processing information. Computers often form the basic hardware of an information system. They have the five basic functions of: • input – involves entering data into the computer. An input device is designed to assist the entry of data. • Processing – changes data into information. It is performed by the CPU • Storage – involves retaining data over a period of time. A storage device is designed to store data. • Control – coordinates the operations of input, processing, output and storage. It is performed by the CU • Output – involves the presentation or display of information to a person, or the transfer of data to another computer. An output device is designed to assist the display of information. The software is the detailed instructions (computer programs) used to direct hardware to perform a task. There are two types of software: • Application software – a computer program used for a specific task. They include WP, SS, DB. They can be subdivided further into stand-alone and integrated software. • System software – manages and controls the hardware so the application software can perform the required task. System software includes operation and utility software. d) Data and Information – Data is the raw material entered into an information system. It can be in the form of images, audio, video, text or numbers. Information is data that has been ordered and given some meaning. The form and content of the information must be suitable for a particular use. e) Participants – the people who carry out or initiate the information processes within the information system. They are often referred to as direct users as they are involved in the actual operation of the system and are integral to that operation. Indirect users are often a source of data for the system or they receive information from the system. The indirect users are in the system’s environment as they can influence or be influenced by the system but they do not directly carry out its information processes. Participants have different levels of skills from a data entry operator to system specialists (managers and operators). Managers oversee the information system and ensure that personnel and machines are working efficiently. Operators look after the information technology resources. Indirect users, such as customers, are not part of the system, but their needs form part of the purpose of the system. Although information systems affect participants, they are often designed with little regard for them. f) Information Processes – Collecting, analysing, storing/retrieving, processing, transmitting/receiving and displaying are egs of info processes. In general info processes are actions that are carried out using the resources or tools of the info system. These actions coordinate and direct the system’s resources to complete the required task and achieve the system’s purpose. Note – They are not necessarily performed by computer based technologies. Classification of Information Systems a) Personal Information Systems – is one where there is a single participant. Common examples of personal information systems use word processing and spreadsheet applications. Non computerised examples of personal information systems include: diaries, address books, income tax records and motor vehicle logs. b) Group Information Systems – is a systems that has more than one participant. They work together as a group. Social and Ethical Issues It is the responsibility of system designers to ensure that info systems they create take account of social and ethical issues. Likewise, participants must ensure they use systems in a socially and ethically acceptable manner. Some of the major issues include: a) Privacy of the Individual – this is about protecting an individual’s personal info. In Australia, privacy is legally protected via the Privacy Act 1988 and its subsequent amendments. It contains 10 National Privacy Principles that set standards that organisations are required to meet when dealing with personal info. Consequences of the Privacy Act 1988 mean that info systems that contain personal info must legally be able to: • explain why personal info is being collected and how it will be used • provide individuals with access to their records • correct inaccurate info • divulge details of other organisations that may be provided with info from the system • describe to individuals the purpose of holding the info • describe the info held and how it is managed b) Security of Data and Info – Some possible security issues that all info system designers need to include: • Virus attacks • Hackers • Theft – Unauthorised copying of data and info onto another system. Also physical theft of hardware must be prevented • Unauthorised access by past and present employees – may maliciously tamper with data or they may view and use data of a private nature inappropriately • Hardware faults – Failure o hardware can result in loss of data • Software faults – Errors in programs can cause data to become corrupted Some strategies commonly used to address the above issues include: • Passwords – used to confirm that a user is who they say they are. The user name and password can also be used to assign particular access rights to a user • Backup Copies – A copy of important files needs to be made on a regular basis and stored in a secure location • Physical Barriers – Machines storing important data and info are physically locked away • Anti-virus software • Firewalls – provides protection from outside penetration by hackers. Most are used to provide a barrier between a local area network and the Internet • Data Encryption – makes data unreadable by those who do not posses the decryption code • Audit Trails – The info system maintains records of the details of all transactions. c) Accuracy of Data and Info – Inaccurate data results in incorrect info being output from the info system. The term ‘data integrity’ is used to describe the correctness, accuracy and validation of data. All info systems should include mechanisms for maximising data integrity. Data Validation involves checking the data is in the correct format and is reasonable as it is entered into the system. Eg an HSC marl needs to be between 0 and 100 and software can perform such validation. Data verification checks ensure the data entered is actually correct. The accuracy of collected data is improved when the format of data collection forms ensure data is in the required format and required range. Check boxes, radio buttons or list boxes can be used to ensure input is of the type required. These items are said to be self validating. Computer and paper based forms can include masks that provide a template to indicate the format of the data required. d) Changing Nature of Work – Since the 60’s there has been a significant change in terms of the jobs available and also in the way work is undertaken. The number of semi or no skilled jobs has dramatically decreased and there has been an increase in the skilled workforce. e) Appropriate Information Use – Inappropriate use of information can occur intentionally or it can be quite innocent and unintentional. Some egs of inappropriate info use include: • Client’s email addresses, collected by a business, are sold to a direct mail company. The direct mail company then sends out mass advertising or spam mail • Credit checks are made on all applicants for a job based solely on their name. The employee incorrectly culls some applicants when in fact it is someone else, who has the same name. • A newspaper reporter uses the number of students who gained a band 6 in IPT to rank the effectiveness of schools The appropriate use of info systems is often detailed as a policy statement for the organisation. Typically such a policy statement would include the following activities as inappropriate usage: • Unauthorised access, alteration or destruction of another user’s data, programs, electronic mail or voice mail • Attempts to obtain unauthorised access to either local or remote computer systems or networks • Attempts to circumvent established security procedures or to obtain access privileges to which the user is not entitled • Attempts to modify computer systems or software in any unauthorised manner • Unauthorised use of computing resources for private purposes • Transmitting unsolicited material such as repetitive mass mailings, advertising or chain messages • Release of confidential info