Professional Documents
Culture Documents
MIS CH 1 - 6
MIS CH 1 - 6
Information System
(BIS)
By :
Dr. Essayas Taye
(Bsc, MA, EMBA, PhD)
essayas8@gmail.com or
essayas8@yahoo.com
+251-912- 17 85 90
Management Information System
CHAPTER ONE
Fundamentals of Management
Information System
3
Introduction
Data:- it is a raw fact and can take the form of a number, figures,
pictures or statement such as a date or a measurement.
Data relates to transactions, events and facts.
On its own - it is not very useful. Think of the data that is created
when you buy a product from a retailer.
This includes:
Time and date of Transaction(e.g. 10:05 Tuesday 16 September 2019)
Transaction Value(e.g. 55.00 Birr)
Facts about what was bout(e.g. hairdryer, cosmetics pack, saving foam)
and how much was bought(quantities)
How payment was made(e.g. credit card, credit card number and code)
Which employee recorded the sale
Whether any promotion discount applied
5
Con’t
6
Con’t
Information
8
Attributes of Information
Simple Accessible
Flexible Secure
Economical
Quality
Accurate
Verifiable
Complete
Reliable
9
Data Processing Functions
10
Cont.
Accuracy: error free
Reliable: trusted
11
What is the difference between Data and
Information?
12
Information/knowledge Hierarchy
13
Con’t
Decision-making:
Information used for decision-making is often categorized
into three types:
i. Strategic information: used to help plan the objectives
of the business as a whole and to measure how well those
objectives are being achieved. Examples of strategic
information include:
Profitability of each part of the business
Size, growth and competitive structure of the
markets in which a business operates
Investments made by the business and the returns
(e.g. profits, cash inflows) from those investments
17
Con’t
Objective/purpose – the main reason for the existence of a system: set of defined
objectives
Boundary – Conceptual line drawn around the system that separates the system
from the environment
What is inside and outside of the system
scope of operation/functional boundary: what the system can and cannot do
Therefore,
System = C + I + O + B + E + I + I/O + C + F 21
System Approach/system Theory
The Systems Approach or Systems Theory is set of ideas with which
we can view systems. This set of ideas can be summarized as follows:
All systems are composed of inter-related parts or sub-systems
Sub-systems need to work towards the goals of the system (not to their
own goals independently)
Holism or synergy: The systems approach takes the view that the whole is
greater than the sum of the parts
• Mutual interaction adds something more OR
• A system as whole has properties that non of the
parts/components/subsystems have OR It can do something that individual
components/ subsystems can not.
24
Cont.
Goal oriented
28
Cont.
35
Business Information System
37
Information Systems in Business Functions
40
History of the role of Information
1950-1960 1960-
Systems1980-
1970- 1990- 2000 +
1970 1980 1990 2000
Data Management Decision Strategic & Electronic Electronic
Processing Reporting Support End User Commerce Commerce
Electroni
c Manage
Data ment
Processin Decision
Informat
g Support
ion End User
- TPS Systems
Systems Computing
- Ad hoc
Reports Exec Info Electronic
Sys Business & Claude
Expert Commerce computing
Systems - , Artificial
SIS Internetwo intelligence
rked , IOTs, Big
E-Business data
& analytics
Commerce
Dimensions of Information Systems
Information System consists of three dimensions, organization, management
and Technology.
Using information systems effectively requires an understanding of the
organization, management, and information technology shaping the systems.
An information system creates value for the firm as an organizational and
management solution to challenges posed by the environment.
49
Organizations
50
Management
53
Information Technology
56
Exercise
57
Thank you !!!!
58
CHAPTER TWO
1
Outline
Organization: Definition
Levels of Management, Decision Types and Information
Requirements
Categories of Information Systems
Office Automation System
Transaction Processing System (TPS)
Management Information System (MIS)
Decision Support System (DSS)
Executive Support System (ESS)
Integrated Systems (ERP, CRM, SCM)
Artificial Intelligent Technologies
Organizational Impact of Information System
2
Organization, Management & Decision Making
Process
Definition of Organization:
Collection of people working together in a coordinated and structured fashion
to achieve one or more goals.
A process:
Relationships – established
3
Features of Organization
Internal Features
Management/Employees
Routines:
Sequence of actions regularly followed (rules, procedures, practices)
Processes:
Collection of routines (Firm = collection of business processes)
Information System routines and business processes
Organizational Culture:
Shared assumptions, values & beliefs: what is appropriate and not
(behavior); about what, how, where and for whom to produce
• Unifying force
• Interaction – each other, clients, stakeholders
• Restraint to technological change if it threatens the basic
assumptions 4
Cont.
Politics
View points – how resources, rewards, punishments
distributed competition & conflict;
finding ways to gain advantage (access to resources, preferential
treatment, power, etc.)
Structure:
• lines of authority/reporting; workflow
5
Cont.
External - Environment
Economic
DD/SS, inflation, unemployment
Technological
Methods /tools
Socio-cultural
Customs, values, demographic characteristics
Political-legal
Gov’t – business relationship, regulations
International
Trade, FDI(foreign direct inverstment) impact
6
Chapter II – Organization &
IS
Levels of Management and Information
Functions, Information Requirement
Decision Structure
& Information System
Policies, long term plans, objectives, budget framework
7
Chapter II – Organization &
IS
Decision Environments
8
Chapter II – Organization &
Categories of Information
IS Systems
Two categories of Information System:
Operation Support System: business operation
Office Automation System
TPS
ERP, SCM, CRM
PROCESS: Updating
purchase orders, pay checks, sales receipts, invoices, bank statements, etc.
12
13
14
Cont.
Advantages of TPS
Reduce manual data entry (reduce errors)
Speed up transaction process; lesser cost
Eliminate redundant data entry: a single sells transaction:
Customer database: Updating
Inventory Database: Decrease
Credit Card Database: Decrease
Sales Database: Increase
Informs managers:
status of internal operations
firm’s relations with the external environment
Immediate response to customers
15
Management Information System (MIS)
Management Information System is:
Computer programs summary and routine reports as output
16
Cont.
Types of Reports
Scheduled report: periodically
(e.g. daily sales)
17
Chapter II – Organization &
IS
Cont.
Exception report: Unusual situation
(automatic) or requires management action
E.g. Inventory reorder; daily sales
exception report order over Br.
200,000
Drill-down report: detailed data about a
given situation
Example:
1st level DDR earnings by quarter
2nd level DDR sales and expenses
3rd level DDR sales by division
4th level DDR sales by product
category
18
Decision Support System (DSS)
Components of DSS:
Model Management (Model Base):
Computational and analytical models – mathematical expressions of relationship
among variables
Data Management: information
User Interface: to communicate with the DSS
21
Cont.
TYPE: Middle level & Top level
INPUT: TPS & external data
PROCESS: simulations and analysis
OUTPUT: possible alternatives & predicted outcomes of decision
determine best/optimal decision
22
Chapter II – Organization &
IS
Factors DSS MIS
Problem type unstructured problems structured problems
System Real time (providing immediate results) Not immediate scheduled reports
23
Executive Support System (ESS)
Components of ESS
INPUTS: aggregate data; internal and external
26
Chapter II
Comparison of EIS & DSS
27
28
Enterprise resource planning (ERP)
Enterprise resource planning is the integrated management of
main business processes, often in real time and mediated by
software and technology.
informed decision.
Free flow of information across different functional areas (Production sales data)
Quick look-ups at key performance indicators across the organization financial data,
inventory status, customers’ purchasing activities
Promote Collaboration:
Data integration & interlinked processes collaboration among teams
(geographically dispersed)
Accurate forecast
Centralized database (data integrity) + business intelligence tools using machine
learning and predictive algorithms hidden pattern extraction
34
Supply Chain Management (SCM)
Supply chain management (SCM) is the optimization of a
product's creation and flow from raw material sourcing to
production, logistics and delivery to the final customer.
Manage the entire value chain integrating:
Production, sourcing, transportation, inventory & warehousing, shipping
Modeling the existing supply chain, demand forecasts, manufacturing plans, level of inventory (raw
material, intermediate & finished products), transportation modes
Features of SCM
Inventory Management: tracking and managing the available materials, quantity of stocked goods &
spare parts
Order Management: purchase order process (generating and tracking; scheduling delivery, etc.)
Logistics and Shipping status: coordinate transportation channels, warehouse management (storage
optimization, labelling, labor management, etc.)
Forecasting: anticipating customer demand & planning procurement and production processes (unnecessary raw material,
excess finished goods)
Return Management: inspection and handling of damaged or faulty goods and processing of refunds or insurance claims
36
Business Value of SCM system
Match supply to demand: accurate plan and forecast of demand
Reduce inventory levels: supplier and customer collaboration and
communication
Improve delivery service – coordinating activities across supply chain
Reduced supply chain costs:
Speed of analyzing data and collaboration on a real-time basis
Identifying excess materials or processes cost saving in logistics, warehousing, and
manufacturing
up to 75% of the operating budget increased profitability
37
Supply-chain-management software
38
Customer Relation Management (CRM) System
Customer relationship management (CRM) is a technology for managing all your
company's relationships and interactions with customers and potential
customers. The goal is simple: Improve business relationships to grow your
business.
Captures, integrates and analyze customer data from all over the organization &
distribute results to various systems and customer touch points across the enterprise
39
Cont.
Email Tracking: gives visibility when your email campaigns are clicked and opened.
Integrated with popular e-mail services (Gmail, Outlook, etc.)
Social media management: insight on how your clients interacts with your social
media accounts information from comments, likes, dislikes, to improve
marketing strategies and customer experience.
Report and Dashboards: accelerates how you generate reports in real-time with
accuracy insight on market, trends, patterns, behaviors.
40
Cont.
Benefits of CRM
Improved informational organization:
positive experience
Enhanced communication
having access to the same customer data by whoever assisting the client &
41
Cont.
Enhanced customer Service
Automation of Routines
generating and sending reports, addressing legal issues, etc. can be taken
42
Cont.
Increased Efficiency for multiple teams
Automatically stored communication ability for multiple teams to access the same
Sales, marketing, customer service teams share valuable information about the client,
new product, excellent customer service teams can work together to improve the
service
Storing information in one place and improved analysis of the data as a whole and
generate automatic reports effective decision customer loyalty and long run
profitability
maintenance
Software Integration: with existing systems (considerable investment, time & training)
43
Artificial Intelligence (AI) Technologies
Artificial intelligent systems:
Artificial intelligence is the simulation of human intelligence processes by
machines, especially computer systems. Specific applications of AI include
expert systems, natural language processing, speech recognition and machine
vision.
make machines imitate human thinking and behavior replace human decision
making
computers that can simulate the ability to think as well as see, hear, walk, talk, and
feel
44
Neural Network
A neural network is a network or circuit of biological neurons, or, in a
modern sense, an artificial neural network, composed of artificial neurons
or nodes.
A neural network is a series of algorithms that endeavors to recognize
underlying relationships in a set of data through a process that mimics the
way the human brain operates. In this sense, neural networks refer to systems
of neurons, either organic or artificial in nature.
Computing systems modeled after the brain’s networks of interconnected processing
elements (neurons)
Interconnected processors operate in parallel and interact with each other
48
Fuzzy Logic
Fuzzy logic is a form of many-valued logic in which the truth value of variables may be any
real number between 0 and 1.
It is employed to handle the concept of partial truth, where the truth value may range
between completely true and completely false
49
Genetic Algorithm
mimics the evolutionary, survival-of-the-fittest process to
generate increasingly better solutions to a problem
Take thousands or even millions of possible solutions and
combine and recombine them until it finds the optimal
solution
50
Organizational Impact of IS
Operational efficiency
Competitive advantage
Survival
52
Cont.
Cost Leadership Strategy
Becoming low cost producers using IT lower prices
Example:
Garment – Automated pattern drawers, fabric cutters & delivering of cloth to sewing
machine – cut 50% of labor cost
Retail stores – Replenishing inventory with no cost (Wal-Mart)
Differentiation Strategy
Distinguishing products through developing New design features
Stimulating Demand
Ex. Dell Computer - IT enabled build-to-order business model that other firms have not been
able to imitate – customers select the design & color option they want and order
bundling more information with the physical product package (characteristics and how it
should be used and supported)
Huge IT investment
• Interaction and collaboration
IT enabled product/service • Rich customer information
differentiation; electronic market Potential Threats of New Outcome Barrier to Entry
Outcome cost effectiveness; Entrants
increased market access
Industry Competitors
Bargaining Power of Bargaining Power of
Suppliers Buyers
E-procurement system
Online Customer Services
Integrate backward linkages
Outcome increasing
Outcome Reduce operating
switching cost, buyer selection
costs of suppliers
Threats of Substitute
Products
63
CHAPTER THREE
Information Technology
Infrastructure
1
Outline
IT Infrastructure Components
Hardware
Software
Emerging Technology
Mobile computing
Pervasive computing
Cloud computing
2
Definition of IT Infrastructure
IT infrastructure:
Set of physical devices and software required to support all
Processing data
storage
networking
3
IT Infrastructure Components
1. Computer hardware
2. Computer Software
Enterprise applications
4. Internet Platforms
5. Technology Services
4
3.2.1. Computer Hardware
price
Handheld/Mobile computers
Workstation
6
Cont.
Mainframe
large, high-speed expensive, powerful
computer
bulk data processing (census, consumer
statistics, ERP, TPS, airlines for thousands of
reservations per second)
7
Cont.
Supercomputer
fastest, most powerful computer
8
Cont.
Input Devices: Gather data and convert them
into electronic form.
Keyboard
Computer Mouse
Digital Scanner
Touch Screen
Barcode reader
9
Chapter III
Comp. HW
Output Devices: Display the processed
data.
Monitor
Printer
Audio Output/speaker
Processing Components
Central Processing Unit (CPU) – “brain”
10
Computer Software
Software:
Programs /sequence of instructions/ used to operate computers
and related devices what to do
11
Cont.
1) System SW:
a) Operating System (OS) -
(Windows, Linux, Unix, Macintosh, iOS, Android)
process/task, disk
Input, retrieve, store, display
12
Cont.
b) Language Translator
convert high level programming
language into machine language
(bits/object code – 0’s & 1’s)
Compiler, assembler, translator
c) Utility programs
support routine and repetitive tasks
(copying, moving or renaming a file,,
etc)
keep the computer in good running
condition - Security and anti-virus
programs
13
Cont.
2) Application SW
Specific needs/functions/ real-
world problems End users
finance, payroll, procurement,
ERP, CRM,
word processing,
spreadsheets, databases,
graphics, games
Web-browsers
E-mail
Presentation SWs, etc.
14
Cont.
Compatibility
computer’s hardware, operating system, and
application programs work together properly
Compatible
15
Data Storage & Management
Data Storage – a place where data is placed
Primary Storage:
RAM, Cache Memory
(motherboard)
16
Cont.
Secondary Storage: (external –
not on motherboard – inside or
outside the computer)
Hard disk,
magnetic tapes,
magnetic disks;
optical discs (CDs,
DVDs) ,
flash memory
more data than primary
storage
Slower, but cheaper
17
Cont.
19
Cont.
20
Cont.
21
Cont.
Telecommunications provide platforms for
•Transmission of data: voice, video, text, image
A sender transmits a message
To a receiver
Over a channel consisting medium
Noise: interference
Encoding Decoding
22
Cont.
Wired Telecommunication Media
Microwave Satellite
receive signals from one
Information is earth station and
converted to a rebroadcast them to another
microwave signal,
sent through the air They use microwave signals
to a receiver, and
recovered
24
Cont.
Cellular Infrared
Geographic regions are divided short-range wireless signals -
light waves infrared radiation
into sections, called cells. (via air)
different devices communicate
dedicated frequency for
via short distances (a few
conversation hundred yards, Personal Area
Network)
Signals from cells transmitted
to a receiver
25
Computer Networks
Connect two or more computers (millions – Internet)
To share information, messages, and software
Categories of Network
Local Area networks (LAN)
26
Cont.
Type of Networks
27
Cont.
Network Devices
Router – connects two or more networks and serves
28
Cont.
Network Interface Card (NIC) –connecting
29
30
Network Topologies
Network Topologies
Topology is the physical arrangement of interconnected computers in the
network.
Categories of Topologies
1. Linear bus network
2. A ring network
3. Star Network
4. Mesh Topology
5. Tree Topology
31
Cont.
Linear/Bus Ring
Message delay 32
Mesh
Star • Each computer connects to every
• All computers connected to a central
other.
device called hub or switch.
• Provides redundant paths between
• Easily expanded without disruption devices – limited vulnerability to link
• Cable failure affects only a single User or node failure
• Easy troubleshooting • Can be expanded without disruption
• More cable • Requires more cable than other
33
Tree
34
Internet Platform
Internet global network of networks used for sharing external and internal
information.
Internet Service Provider (ISP): a company
• providing Internet services around a specific area.
• E.g. Ethio Telecom
Major Services From The Internet
(Communication, Collaboration, Information retrieval, Business Operation)
a) Communication
• individuals, groups, companies and computers share ideas,
information, knowledge, documents globally;
• text, video, voice, graphics, pictures, and animation
• e.g. e-mail, chat rooms, Usenet newsgroups, VoIP/ Internet telephony,
video conferencing
35
Cont.
b) Collaboration
Supporting mutual efforts of teams:
– E.g. designing products in collaboration with customers, suppliers, etc.
Workflow systems:
Automation of workflows and movement of information from start to
finish
36
Cont.
Other tools
Social Networking Tools (FB, Twitter, YouTube, LinkedIn, etc.)
Wikis (add/edit content by any user)
37
cont.
Internet based collaboration environment:
Google Apps/Google sites (Google calendar, Google
hangout, Gmail …..)… Online collaboration
38
Cont.
C) Facilitating Business Operations
E-business, E-commerce
E-commerce use of IT by organizations to interact with market
places (B2C, B2B, C2C, B2G)
Features:
Electronic Data Interchange (EDI): information on business transaction
(purchase order, invoices, etc.)
Electronic Fund Transfer (EFT): Bus. Org., banks, customers
39
Cont.
Extranet
allow outside users to access the database of the organization
40
Emerging Technologies
41
Hardware Platform Trends
1. Mobile and Pervasive Computing
Mobile computing
Mobile Phones
Laptops
PDA’s
Notebook PC
Etc. Easy to carry
Easy to operate
Touch screen
Wireless
Any where access facility
Etc.
42
Mobile computing - Organizational Impact
business computing:
At any time
In any place,
Financial performance,
43
Pervasive Computing
44
Pervasive computing: Any Device, Any
Network, Any Data
Cloud Computing
Network of remote servers hosted on the Internet providing:
46
Management Issues of IT Infrastructure
47
Issues in Managing Hardware & Software Technology Assets
49
Cont.
Identifying technology trends impacting the organization’s
IT infrastructure
managers need to:
constantly monitor technology trends and
computing platforms
50
Thank you !!!!
51
CHAPTER FOUR
Information System
Development
Outline
IS Development Life Cycle(SDLC)
Problem Definition
Feasibility Study
System Analysis
System Design
System Development
System implementation
2
Definition of Information System Lifecycle
Deliverables
Problem
Feasibility System “As Is”
Definition
Study Analysis
“To Be”
System System
System
Development Implementation
Design
space, personnel, HW, Install
Design new/alternative system – Develop Programs, test & test new system, train &
components, I/O relationships programs, documentation migrate to new system
data, program, interfaces,
Logical System
Physical System
The logical design/model is changed into programs, data
files, documentation (to be tested & implemented)
5
Participants in System Development
System Stakeholders (Beneficiaries – directly or
indirectly)
Project leader
Systems analyst
System Designer
System Administrators
6
Problem Definition
7
Cont.
Define project boundaries
Part of a system to be changed, parts outside its control
Develop terms of reference (TOR) & define resource to
be availed
Final output:
Terms of Reference (goals, bounds & resource requirements)
8
Feasibility Study
The practical utility & acceptability of the proposed
system
Can it be done?
9
Feasibility
10
Feasibility
Technical – HW & SW (procuring/installing)
technological requirements – storage, processing,
communication, output
Availability
Within budget
Sophistication
11
Feasibility
Operational
Required speed, volume, usability and reliability
Final Output:
•Feasibility report - GO / NOT GO decision must be made
12
System Analysis
Study of the existing system: Deals with “the way
things are”/ “as is”
procedures
Observation
Conducting interview – with top mgt and users
Questionnaire
14
Cont.
Results of System Analysis Detailed documentation of:
How the existing system works
requirements
15
Chapter IV
System Design
Design processes
Form design
Report layouts
Processing
17
System Development
Programs:
Coordinate the data movements and
18
Cont.
Steps
Checking system specifications
Breaking system modules into smaller
programs
20
Cont.
System/Technical Documentation
Source code
Testing
User Documentation
21
System Implementation
Major activities
Planning for implementation
Procurement of HW
Installation of SW
22
Cont.
Motivation and training of selected personnel and users
Training – how to use the system, how to enter data, how to
process and generate reports
23
Cont.
Final switch – approaches
Direct/plunge/crash approach
entire new system completely replaces entire old system, in one step
Parallel approach
both systems are operated side by side until the new system proves itself
Pilot approach
new system launched for only one group within the business -- once new
Phased/incremental approach
individual parts of new system are gradually implemented over time,
using either crash or parallel for each piece.
24
Post-implementation maintenance & review
Types of Changes:
Physical repair of the system
Correction of new bugs/errors found (corrective)
System adjustments to environmental changes (adaptive)
Adjustments for users’ changing needs (adaptive)
Changes to user better techniques when they become available (perfective)
Revision of formats – report/data input
ongoing throughout the useful life of the system
Evaluation Methods
System
Design Specifications
Design
Coded and
System Tested System
Development
Begin building
new system System System conversion
Implementation
Users trained
System
Maintenance Operational System
Documentation completed
26
Cont.Chapter IV
27
Thank you !!!!
28
Chapter Five
1
Outline
What is knowledge
Types of knowledge
Important Dimensions of knowledge
Knowledge Management
Knowledge management value chain
Types of knowledge management system
Knowledge management solutions
Knowledge Management Mechanisms
Knowledge Management Technologies
Knowledge Management Infrastructure
2
What is Knowledge
Knowledge refers to interconnected information on what
something is, why something happens, and how to do
something .
What: definitions of concepts and relationships,
taxonomies
Why: understanding cause-effect relationships
How-to, know-how: analysis/synthesis; methods,
procedures for generating new knowledge
Knowledge acquisition is incremental (what in layers,
why with imperfect accuracy, starting from know-how
and learning what/why in the process)
Knowledge is never complete, or 100% correct, can be
incoherent and controversial… is messy.
3
Knowledge Types
Source view:
Theoretical (science, theories) vs. Experiential knowledge (personal,
learned by doing)
Communication view:
Explicit
can be communicated to others
definitions, taxonomies, theories, procedures, cases
Tacit
difficult to communicate
experiential, analytical & synthesizing skills
Sharing and capturing tacit knowledge is one of main goals
before knowledge management and knowledge support
systems.
4
Knowledge Types – Capital View
Human Capital
Knowledge in employees’ mind
Structural Capital :
Knowledge embedded in organizational artifacts
Knowledge representations in documents (patents, problem solving
descriptions – different documents than reports; Accenture case)
5
Important dimensions of knowledge
6
Cont.
Knowledge is situational.
Conditional: Knowing when to apply procedure
Contextual: Knowing circumstances to use certain tool
7
Knowledge Management
8
Knowledge management value chain
Knowledge Storage
Knowledge Dissemination
Knowledge Application
9
Knowledge acquisition
Creating knowledge
10
Knowledge storage
Databases
Role of management:
Support development of planned knowledge storage systems.
Encourage development of corporate-wide schemas for indexing
documents.
11
Knowledge dissemination
Portals, wikis
Search engines
Collaboration tools
A deluge of information?
Training programs, informal networks, and shared management
experience help managers focus attention on important information.
12
Knowledge application
13
Cont.
14
Three major types of knowledge management systems
Intelligent techniques
Diverse group of techniques such as data mining used for various
goals: discovering knowledge, distilling knowledge, discovering
optimal solutions
15
Cont.
The three types of KMS can be broken down further into more specialized
types of knowledge management systems.
16
Knowledge Management Solutions
Knowledge management solutions refer to the variety of ways
in which KM can be facilitated
KM processes
KM systems
KM mechanisms and technologies
KM infrastructure
17
Knowledge Management Processes
Discovery
• Combination
• Socialization
Sharing Application
• Socialization • Direction
• Exchange • Routines
Capture
• Externalization
• Internalization
18
Knowledge Discovery
19
Knowledge Capture
20
Knowledge Sharing
Knowledge sharing systems support the process through which explicit
or implicit knowledge is communicated to other individuals
21
KM Application
Mechanisms and technologies support knowledge application
systems by facilitating routines and direction.
Direction refers to the process through which individuals
possessing the knowledge direct the action of another individual
without transferring to that person the knowledge underlying the
direction
22
Knowledge Management Systems
23
Knowledge Management Mechanisms
26
Knowledge Management Infrastructure
Organizational Culture
Organizational Structure
Communities of Practice
Common Knowledge
27
Organizational Culture
28
Organizational Structure
29
Information Technology Infrastructure
30
Common Knowledge
31
Physical Environment
32
Knowledge Management Infrastructure
33
Overview of Knowledge Management Solutions
KM Processes
34
Thank you !!!!
35
CHAPTER FIVE
2
Chapter IV
Introduction
Goals
Definition of IS Inadvertent act Strategy
Security Deliberate SW attack Policy
Dimensions of IS Virus, Hacking, Authentication
Security identity theft, Access control
Definition of IS cyber-harassment, Encryption
Security Threats war, crime Backup
Natural Disaster Firewall
Technical Failure IDS
Management failure Physical security
3
Chapter IV
4
Definition of Information System Security
Security is defined as “the quality/state of being secured – to
be secured from danger”
Information security – practice of defending digital
information from unauthorized:
Access
Use
Recording
Disruption
Modification
Destruction
5
Dimensions of Information Security
Information is:
stored on computer hardware
manipulated by software
transmitted by communication network
used by people, etc.
7
Chapter IV
8
Cont.
INADVERTENT ACTS
Communication error
9
Cont.
DELEBERATE SOFTWARE ATTACKS
Deliberate action aimed to violate/ compromise a system’s security
through the use of software:
Use of malware
Password cracking
Spoofing
Sniffing
Man-in-the-Middle
Phishing
Pharming
10
Cont.
NATURAL DISASTER
avoid
11
Cont.
TECHNICAL FAILURE
Two Types:
Technical Hardware Failure
Equipment distributed with flaws that may be
known or unknown to the manufacturer
Technical Software Failure
Cause the system to perform in an undesirable
or unexpected way may be unrecoverable
12
Cont.
MANAGEMENT FAILURE
Managers:
update themselves about recent developments and technology.
develop proper plan for good protection of the information.
Committed to upgrade the existing system to the latest
technology (assisted by IT professionals)
13
Computer Crime
What is computer crime?
Using a computer to commit an illegal act
Targeting a computer while committing an
offense
Unauthorized access of a server to destroy data
14
Cont.
Who commits a crime?
Current or former employees; insider threat
People with technical knowledge who commit business or
information sabotage for personal gain
15
Types of Computer Crimes
Identity
Hacking & Cracking
Theft
Computer
Viruses
Cyber harassment,
Cyberstalking, Piracy
Cyberbullying
16
Hackers & Crackers
Hackers
Anyone who can gain unauthorized access to computers
Crackers
Individuals who break into computer systems with the
intent to commit crime or do damage
Also called black hat hackers
Hacktivists:
Crackers who are motivated by political or ideological
goals and who use cracking to promote their interests
17
Computer Viruses
perverse software which cause malicious
activity (spread destructive program routines)
hindering execution of other programs
18
Computer Viruses
Type Description Way of Propagation/ Effect
spreading
Worms stand-alone replicates itself and neither delete nor
program and spread from one computer change data/files
propagates to another make multiple copies of
itself It doesn't need to be part itself and send the copies
automatically of another program to be on the network and
propagated congest disk drives
useful for installation of
a network – to check its
presence at each node
Revenge on company/person
act of maniac
21
Cont.
Commonly transmitted through:
The Internet and online services:
Hacker creates a virus and attaches it to a real program or file
on a Website
User downloaded file (thinking it is a legitimate file or
program).
Once downloaded, it infects other files and programs on the
machine
Email and file attachments and files shared
Disks from contaminated computers
Infects files with extension (.COM, .EXE, .OVR, .OVL, .SYS, .BIN)
22
Cont.
23
Spyware, Spam, and Cookies
25
Spoofing
Insertion of forged (but trusted) IP addresses into IP packets in
order to gain access to networks/components
26
Sniffing
use of a program or device that can monitor data
traveling over a network
27
Phishing
It is an attempt to gain sensitive personal information
by posing as a legitimate entity
E.g. an e-mail is sent to the victim informing them of a
problem and asking them to provide their username,
password, etc.
28
Identity Theft
Stealing Social Security, credit card, bank account
numbers and information
thieves even withdraw money directly from victims’
bank accounts
organizations keep information about individuals in
accessible databases
30
Software Piracy
Unauthorized copying of computer programs, which is intellectual
property protected by copy right law.
using software that isn’t properly licensed and paid for, such as by
purchasing one copy of a product and then using it on multiple
computers.
32
Cyberwar and Cyber-terrorism
Cyber-war
Modern military systems rely on their own sophisticated
networks to help the military execute its mission
Cyber-war involves protecting a military’s own infrastructure
and/or disrupting an enemy’s infrastructure.
Cyber-war Vulnerabilities
Command-and-control systems
34
Cont.
Cyber-terrorism
Attacks by individuals and organized groups (not by
the government)
Goal Political, religious, or ideological
35
Cont.
36
Chapter IV
37
Goals of Information Security
Availability:
Ensuring that legitimate users can access the system
Integrity
Preventing unauthorized manipulations of data and systems
Confidentiality
Protecting data from unauthorized access
Accountability
Ensuring that actions can be traced
38
Developing IS Security Strategy
Options for addressing information security risks
Risk Reduction
Risk Acceptance
Risk Transference
Risk Avoidance
39
Cont.
A strategy is developed detailing the information security controls
Types of Controls
Preventive:
Detective
Corrective
40
Cont.
IS Security Mechanisms:
Developing Information System Security Policy
Access control
Back-ups
Firewalls
Physical Security
41
IS Security Policy & Procedure
42
Authentication Mechanism
44
Chapter V
Physical Security
Locked doors
Environmental monitoring
monitoring temperature, humidity, airflow for servers
45
Chapter V
Antivirus
used to prevent, detect and remove malware
46
Thank you !!!!
47