Professional Documents
Culture Documents
Is Strategy Planning Management and Acquisition Module
Is Strategy Planning Management and Acquisition Module
Is Strategy Planning Management and Acquisition Module
Introduction:
What is Information Management?
Information, as we know it today, includes both electronic and physical information. The
organizational structure must be capable of managing this information throughout the information lifecycle
regardless of source or format (data, paper documents, electronic documents, audio, video, etc.) for
delivery through multiple channels that may include cell phones and web interfaces.
According to Wikipedia, Information management (IM) is the collection and management of
information from one or more sources and the distribution of that information to one or more audiences.
This sometimes involves those who have a stake in or a right to that information. Management means the
organization of and control over the structure, processing, and delivery of information.
Information management is the key to success for any organization. It can help organizations
achieve their goals by efficiently managing information. It also helps them avoid security breaches and data
loss which could lead to financial loss or other consequences.
Information management is the process of acquiring, organizing, storing, and using information.
The goal is to ensure that information is delivered to the right audience at the right time, to the right place,
and in the right format in an efficient and effective manner.
We live in a highly competitive business environment where the efficient use of knowledge
management and information may be one of the most important aspects of an organization’s success. In a
nutshell, information is the “organizational currency” for decision-making.
Managing information is a key component of any organization’s success. This includes ensuring
that the right people have access to the right data at the right time. It also includes making sure that data is
not lost, exposed to unauthorized users, or information silos are managed properly. IM can be difficult for
organizations with high volumes of data and for those that are constantly changing their business models or
operations.
What is information management and why is it important?
By definition, Information management is the process of managing the complete lifecycle of
information, from its identification and collection to its disposal through archiving or deletion. it
encompasses all physical and electronic data collected by a business from its customers, employees, and
vendors.
The major functions of IM include records management, document imaging, knowledge
management, and data mining.
The role of information management is to assist employees with organizational roles or functions to
make quicker and better-informed decisions to deliver information to the right people at the right time and
place.
You can find plenty of definitions for the management of information but we believe what we
provided at the beginning of the article is the most appropriate definition.
Intelligent Info management deals with the business value, quality, ownership, use and security of
information in the context of organizational performance
(T.D. Wilson PhD)
The role of information professionals is to ensure that accurate and up-to-date information is
available to those who need it. They may work in a variety of settings, such as libraries, colleges and
universities, businesses, and government agencies to control the full information lifecycle.
Data and information management requires a wide range of activities such as document
management, records management, enterprise content management, data management, enterprise
search, business process management, digital asset management, and collaboration.
Management of information is the process of acquiring, organizing, and using information. Data
management is the process of acquiring, storing, and using data.
Data, records, infrastructure, information systems, business processes, and most significantly
PEOPLE are all part of the business information lifecycle.
Since the management of information is a company’s duty, it should be viewed not only by the
highest levels of strategic management but also by employees at all levels.
Information is not just the lifeblood of companies and the glue that holds human relationships and
business processes together; Information assets are also a commodity in today’s and tomorrow’s
economies.
What Are The 5 Key Areas of Information Management?
The five key areas of information management are information collection, storage, distribution,
archiving, and destruction. Each of these key areas plays a vital role in the effective management of
information throughout its lifecycle.
1- Collection
At this stage, we must examine how the business collects information, whether it is created
internally or externally, electronically or as paper documents, verbally, written, audio, or video.
At this point, it is crucial to collect just the necessary information in order to save storage costs,
prevent analyzing data that is unnecessary to business governance, and guarantee that the information
obtained is of good quality.
2- Storage
We must determine where the information collected in the previous phase will be stored. Paper
documents should be stored and arranged in physical cabinets with fire-resistance measures in place.
Electronic information, on the other hand, might be kept in databases, document management systems,
information systems, and so on.
We must also identify and configure user access, version and change control, backups, and audit trails.
3- Distribution
This step entails deciding how different types of information should be distributed, in what format,
to whom, how frequently, and through what media, among other things.
Information is only valuable when it is presented to the appropriate person in order for the proper
action to be taken. This is a critical phase since it helps the overall success of your program.
4- Archiving
Archiving is the process of securely storing inactive information in any format (both digital and
paper) that you no longer use regularly for long-term retention. Such information is still important to
organizations and must be retained for future reference or regulatory compliance.
You need to clearly state where the information is going to be archived and for how long.
5- Destruction
According to various rules and regulations, such as GDPR, HIPPA, and others, information should
not be maintained or preserved for longer than necessary, necessitating the necessity of a destruction
process for information that has outlived its usefulness.
This step is critical because it eliminates fines and penalties for noncompliance with various laws
and regulations while also lowering storage costs.
Why Is It Important?
Today’s business world is rife with fearless competitors. One of the most significant differences
between a successful and a failed business is that the latter is better at comprehending and taking
advantage of information.
Information management ensures that businesses can overcome challenges, improve business
operations, fulfill employee and client needs, improve business productivity and efficiency, improve
decision-making, and enhance employee collaboration.
Information management can be a complex process with many stakeholders involved from different
departments. It’s important to ensure that there is an accurate understanding of what information needs to
be managed and how it will be used by all stakeholders involved in order to avoid confusion and conflict
among them.
We all need easy access to the right information at the right time. Achieving this transformation has
an enormous impact on both the culture and the outcomes of the organization.
By linking individuals, processes, and technology, effective companies will unlock the full value of
their information. When information is handled effectively and only high-quality information is kept,
organizations may turn it into knowledge to get additional insights into their business and redirect their
operations to more profitable activities.
The Future of IM
The future of managing information is promising, but it is not without challenges.
New data sources are being developed as technology advances. Data can be obtained from
almost any piece of hardware that is connected to the internet using the Internet of Things (IoT).
Artificial intelligence also is playing a very important role in capturing information and classifying
them without any human intervention.
Information assets are extremely valuable for companies, and they must learn how to efficiently
handle them.
“Chief information officers (CIOs) have the difficult job of running a function that rues a lot of resources
but offers little measurable evidence of its value. Line managers are increasingly assuming responsibility
for planning, building, and running information systems that affect their operations. To respond to business
and technological changes, CIOs now must build relationships with line managers and assume new and
more strategic roles. The strategic role of the CIO is becoming ever more complex, requiring an expansion
of the organizational and structural possibilities for filling that role.” (P. Gottschalk, 2000)
Chapter 1
Strategy and Strategic Management
What is Strategy?
Strategy is an action that managers take to attain one or more of the organization’s goals. Strategy
can also be defined as “A general direction set for the company and its various components to achieve a
desired state in the future. Strategy results from the detailed strategic planning process”.
A strategy is all about integrating organizational
activities and utilizing and allocating the scarce
resources within the organizational environment so as
to meet the present objectives. While planning a
strategy it is essential to consider that decisions are
not taken in a vacuum and that any act taken by a firm
is likely to be met by a reaction from those affected,
competitors, customers, employees or suppliers.
Features of Strategy
Strategy is Significant because it is not possible to foresee the future. Without a perfect foresight,
the firms must be ready to deal with the uncertain events which constitute the business
environment.
Strategy deals with long term developments rather than routine operations, i.e. it deals with
probability of innovations or new products, new methods of productions, or new markets to be
developed in future.
Strategy is created to take into account the probable behaviour of customers and competitors.
Strategies dealing with employees will predict the employee behaviour.
Thinking Strategically:
The 3 big strategic questions
1. Where are we now?
2. Where do we want to go?
a. Where to be in and positions
b. Client need and groups to serve
c. Outcomes to achieve
3. How will we get there?
Strategic Management
Strategic management is the planned use of a business' resources to reach company goals and
objectives. Strategic management requires ongoing evaluation of the processes and procedures within an
organization and external factors that may impact how the company functions. The process of strategic
management should guide top-level programs and decisions. Companies of all sizes and in all industries
can benefit from the practice of strategic management.
How does strategic management work?
Strategic management requires setting objectives for the company, analyzing the actions of competitors,
reviewing the organization's internal structure, evaluating current strategies and confirming that strategies
are implemented company-wide.
Strategic management can be either prescriptive or descriptive.
Prescriptive strategic management means developing strategies in advance of an organizational issue.
Descriptive strategic management means putting strategies into practice when needed. Both methods of
strategic management employ management theory and practices.
While upper management is responsible for implementing strategies, ideas, goals or organizational
challenges can come from any member of the company. Many companies employ strategists whose job it
is to think and plan strategically to improve company function.
Chapter 2
The SWOT Analysis
SWOT stands for strengths, weaknesses, opportunities and threats. This analysis allows you to
investigate internal and external factors. Internal factors include positive (strengths) or negative
(weaknesses) factors that exist within your organization and are able to be changed or affected in some
way, while external factors include positive (opportunities) or negative (threats) factors that exist outside of
the subject you are evaluating and cannot necessarily be changed or affected by you or your organization
in any way.
A SWOT Analysis is one of the most commonly used tools to assess the internal and external
environments of a company and is part of a company’s strategic planning process. In addition, a SWOT
analysis can be done for a product, place, industry, or person. A SWOT analysis helps with both strategic
planning and decision-making, as it introduces opportunities to the company as a forward-looking bridge to
generating strategic alternatives.
It s important to point out that strengths and weaknesses are current or backward-looking, and
opportunities and threats are forward-looking. By performing a SWOT analysis, we will be able to build a
bridge between what the company has accomplished to date and the strategic alternatives that are going to
be generated.
Internal:
Internal factors are the strengths and weaknesses of the company. Strengths are the
characteristics that give the business its competitive advantage, while weaknesses are characteristics that
a company needs to overcome in order to improve its performance.
Examples of internal factors include:
Company culture, Company image, Operational efficiency, Operational capacity, Brand awareness,
Market share, Financial resources, Key staff, Organizational structure
External:
External factors are the opportunities and threats to the company. Opportunities are elements that
the company sees in the external environment that it could pursue in the future to generate value. Threats
are elements in the external environment that could prevent the company from achieving its goal or its
mission or creating value.
Changes in the external environment may be due to:
Societal changes, Customers, Competitors, Economic environment, Government regulations,
Suppliers
Partners, Market trends
Conducting SWOT Analysis:
Strengths:
Consider strengths from an internal and consumer perspective.
What advantages does your company have?
What unique resources you have that others do not?
What is your company’s Unique Selling Proposition?
What positive consumer perception does your company have?
What low-cost resources do you have access to that others do not?
Weaknesses:
Consider weaknesses from an internal and consumer perspective.
What does your company not do well?
What weaknesses do consumers see in your company?
What factors contribute to a weaker brand image?
Opportunities:
Consider opportunities from an external perspective.
What good opportunities are available in the marketplace?
What are some trends that your company can capitalize on?
Are there any changes in technology or markets that your company can take advantage of?
Are there any changes in lifestyle, social patterns, etc., that your company can take advantage of?
Threats:
Consider threats from an external perspective.
What obstacles does your company face?
What are your competitors doing better than you?
Is a change in technology threatening the position of your company?
What threats do your weaknesses put you at risk of?
The SWOT analysis does not cover the entire business, just the factors that may influence their
ability to introduce a new product.
To get the most out of the SWOT, they have made specific statements in each category. For
example, rather than simply list 'competitors' as a threat, they have included specific details about how their
competitors are a threat.
The following is an example of a SWOT (strengths, weaknesses, opportunities and threats)
analysis conducted by a business trying to decide if they should introduce a new product to their range.
Internal Environment
Strengths (S) Weaknesses (W)
Chapter 3
Strategic Planning
Assignment: In flowchart format, create your own strategic planning showing your own career direction.
Chapter 4
Procurement and Acquisition
Procurement is the act of buying goods and services. Acquisition is
defined as a corporate transaction where one company purchases a
portion or all of another company’s shares or assets. Acquisitions
are typically made in order to take control of, and build on, the target
company’s strengths and capture synergies. There are several
types of business combinations: acquisitions (both companies
survive), mergers (one company survives), and amalgamations
(neither company survives).Acquisition Management is the process
of obtaining resources needed for a company to produce the
products sold to consumers. Other terms for this process include
procurement or contract management. Large organizations and publicly held companies are common users
of acquisition management because they have the most need for it and can allocate personnel to this task.
Acquisition vs. Merger
Mergers and Acquisitions (M&A) are similar transactions, however, they are significantly different
legal constructs.
In an acquisition, both companies continue to exist as separate legal entities. One of the
companies becomes the parent company of the other.
In a merger, both entities combine and only one continues to survive while the other company
ceases to exist.
Another type of transaction is an amalgamation, where neither legal entity continues to survive.
Instead, an entirely new company is created.
Benefits of Acquisitions
Acquisitions offer the following advantages for the acquiring party:
1. Reduced entry barriers
With M&A, a company is able to enter into new markets and product lines instantaneously with a
brand that is already recognized, with a good reputation and an existing client base. An acquisition can help
to overcome market entry barriers that were previously challenging.
Market entry can be a costly scheme for small businesses due to expenses in market research,
development of a new product, and the time needed to build a substantial client base.
2. Market power
An acquisition can help to increase the market share of your company quickly. Even though
competition can be challenging, growth through acquisition can be helpful in gaining a competitive edge in
the marketplace. The process helps achieves market synergies.
3. New competencies and resources
A company can choose to take over other businesses to gain competencies and resources it does
not hold currently. Doing so can provide many benefits, such as rapid growth in revenues or an
improvement in the long-term financial position of the company, which makes raising capital for growth
strategies easier. Expansion and diversity can also help a company to withstand an economic slump.
4. Access to experts
When small businesses join with larger businesses, they are able to access specialists such as
financial, legal or human resource specialists.
5. Access to capital
After an acquisition, access to capital as a larger company is improved. Small business owners are
usually forced to invest their own money in business growth, due to their inability to access large loan
funds. However, with an acquisition, there is an availability of a greater level of capital, enabling business
owners to acquire funds needed without the need to dip into their own pockets.
6. Fresh ideas and perspective
M&A often helps put together a new team of experts with fresh perspectives and ideas and who
are passionate about helping the business reach its goals.
Challenges with Acquisitions
M&A can be a good way to grow your business by increasing your revenues when you acquire a
complimentary company that is able to contribute to your income. Nevertheless, M&A deals can also create
some hitches and disadvantage your business. You must take these potential pitfalls into consideration
before pursuing an acquisition.
1. Culture clashes
A company usually has its own distinct culture that has been developing since its inception.
Acquiring a company that has a culture that conflicts with yours can be problematic. Employees and
managers from both companies, as well as their activities, may not integrate as well as anticipated.
Employees may also dislike the move, which may breed antagonism and anxiety.
2. Duplication
Acquisitions may lead to employees duplicating each other’s duties. When two similar businesses
combine, there may be cases where two departments or people do the same activity. This can cause
excessive costs on wages. M&A transactions, therefore, often lead to reorganization and job cuts to
maximize efficiencies. However, job cuts can reduce employee morale and lead to low productivity.
3. Conflicting objectives
The two companies involved in the acquisition may have distinct objectives since they have been
operating individually before. For instance, the original company may want to expand into new markets, but
the acquired company may be looking to cut costs. This can bring resistance within the acquisition that can
undermine efforts being made.
4. Poorly matched businesses
A business that doesn’t look for expert advice when trying to identify the most suitable company to
acquire may end up targeting a company that brings more challenges to the equation than benefits. This
can deny an otherwise productive company the chance to grow.
5. Pressure on suppliers
Following an acquisition, the capacity of the suppliers of the company may not be enough to
provide the additional services, supplies, or materials that will be needed. This may create production
problems.
6. Brand damage
M&A may hurt the image of the new company or damage the existing brand. An evaluation of
whether the two different brands should be kept separate must be done before the deal is made.
Key Takeaways
When a company is looking to expand, one way many business owners consider doing so is
through the acquisition of another similar business. An acquisition is a great way for a company to achieve
rapid growth over a short period of time. Companies choose to grow through M&A to improve market share,
achieve synergies in their various operations, and to gain control of assets. It is less expensive, less risky,
and faster, as compared to traditional growth methods such as sales and marketing efforts.
While an acquisition can create substantial and rapid growth for a company, it can also cause
some problematic issues along the way. Several things can go wrong even when there is a well-laid plan.
There may be a clash between the different corporate cultures, synergies may not match, some key
employees may be forced to leave, assets may have a lower value than perceived, or company objectives
may conflict.
Before putting the acquisition of another business into consideration, it is essential to analyze the
advantages and disadvantages that will be presented by the business deal. A well-executed strategic
acquisition that takes advantage of potential synergies can be one of the best ways for a company to
achieve growth.
Companies today often prefer to have employees with a certain degree of technical skills. Most
individuals first learn these skills by obtaining a four-year college degree or a graduate degree in acquisition
management. Coursework for the undergraduate degree includes general management, accounting,
corporate finance and organizational management. Core courses include contract law, government pricing
and contracts, negotiation and general contract management. Other concentrated courses can include
pricing and financial management, cost analysis, project management, managerial economics and
performance-based contract service.
During the acquisition management process, companies must find and select business partners
who are adequate enough to fill long-term business needs. For major purchases or continuous future
relationships, companies will use contracts to ensure they receive specific benefits from the vendor or
supplier. The acquisitions manager often takes the lead, as this position is responsible for doing the
legwork on the process and reporting the information to upper management. Executive management will
then make a decision based on this information.
In a technologically advanced business environment, acquisition management will need a
background in business information systems or other computer software used by the company. For
example, many companies operate using electronic data interchange. Through this tool, most orders from a
company and its suppliers or vendors occur through computer-transferred orders. The acquisitions
manager will need to monitor these systems, however, and ensure they operate according to preset
designs. The management team may also need to integrate these systems as they change between
different suppliers and vendors, making it important that the acquisitions manager has a background in this
area.
Another focus of acquisition management is performance evaluation. This is necessary to ensure
the company receives the maximum benefits from materials purchased through suppliers and vendors.
Owners and managers will often work with the acquisitions manager to ensure the procurement department
has policies in place to maximize benefits. Cost analysis and performance reviews also find new areas for
the company to find ways for saving money, a improving the return on capital spent for business
operations.
Acquisition covers a much broader range of topics than procurement. Acquisition spans the whole
life cycle of acquired systems. The procurement of appropriate systems engineering (SE) acquisition
activities and levels of SE support is critical for an organization to meet the challenge of developing and
maintaining complex systems.
Assignment: Using the internet, search one Acquisition Process Model and give some insights about the
model.
Chapter 5
Policy, Process, and Procedure
What is a Policy?
At the top of the pyramid are the policies.
A policy sets out the strategic direction of the organization as
decided by senior management. A policy will lay out a
destination, but won’t give any direction on how this is to be
executed. For example, a policy would contain a statement such as: ‘Time and attendance with be tracked
for all staff and contractors in a clear and consistent way', but wouldn't give any indication as to how that
should be done.
What is a Process?
Under policies are the processes.
The ISO definition of a process is:
‘A process is a set of inter-related
activities that turn inputs into outputs’
A process sets out what you
do, but not how you do it. A business
process for tracking time and
attendance for all staff and contractors,
may contain an activity such as
‘Complete time and attendance
spreadsheet’ but give no detail on how
that is performed. There is an
assumption that the responsible
person would know how to perform the
task and where to find the appropriate
materials to do so. Any further guidance or detail should be set out in a procedure or work instruction.
What is a Procedure or Work Instruction?
A procedure or work instruction should detail the exact steps
an individual would need to go through to complete any
activity detailed in a process.
The Practical Application
A common reason for being interested in the difference
between a policy, a process and a procedure is that having
clarity and consistency around different types of information
is absolutely key in encouraging your employees to follow
the agreed process. However, this is still the most difficult thing to achieve in any process improvement
project - because it relies on people to individually check and follow the correct documentation.
The 8 benefits of having good procedures.
1. Know what you have to do
This is the first use of a procedure: describe a job that needs to be done. To be the most efficient,
keep it short, simple and visual.
2. Access information to quickly solve problems and reduce downtime
Procedures are useful when a quick response is needed for an uncommon situation. Downtimes on
a production line can cost thousands of dollars each minute. It’s important to find the relevant
information as fast as possible. Your DMS (Document Management System) has a key role. Cloud
solutions are efficient and let you easily find document in seconds thanks to a search bar or tags.
3. Easily onboard new employees
Good procedures can be used as training content. Again, a short, simple and visual document will
help a new employee to understand the work that has to be done.
4. Be in compliance with norms/certifications
Procedures are often mandatory. The ISO 9001 certification - the most common - is a good
example. However, it becomes a hassle when your quality engineer has to work full-time updating
documentation during the 2 months before the audit. Having quality procedures in a good
management system takes away this pain.
5. Improve quality
Process standardization is the key to managing quality. Having clear procedures helps in this
standardization. It also helps to track defects and to find the cause of a problem. While your
process improves, the procedure must be updated as well and this is where a system like JITbase,
which allows employees to suggest improvements, becomes powerful.
6. Make sure everyone is on the same page
Having a “snapshot” of the current situation helps everyone know where the company is on a
certain process. It becomes easier for the company to set goals and makes every employee move
in the same direction.
7. Reduce risk & improve security
Procedures are a great way to signal dangers. They are the perfect place to mention what’s
mandatory or forbidden while doing the job. It leads to less downtime, and even more importantly, it
leads to fewer accidents and injuries. Again, it must be visual, using icons and photos.
8. Improve
A procedure allows for evaluating the current way a task is done. A task written down and shared
among team members is easier to analyze and improve upon. A procedure should be a dynamic
document, where employees collaborate and continuously propose improvements.
Assignment: Create a process that you usually encountered during face-to-face enrolment based on your
own experience
Chapter 6
The Information System Strategy Triangle
IS Strategy Triangle is a correlation between Business Triangle, Organizational Strategy and Information
Strategy. Those strategies are coordinated in a set of actions to fulfill their respective objectives, purpose
and goals. A business strategy is a plan articulating where a business seeks to go and how it expects to get
there.
Information Strategy
The Information Systems Strategy is a simple framework for understanding the impact of the
Information System inside the organizations. This business strategy drives both Organizational and
Information strategy.
Organization’s information resources should therefore be managed using a strategy based on:
Its strategic objectives, information system should support both Business Strategy and
Organizational Strategy.
A clear idea of the needs of Information and how staff should use that information.
Benefits of having an information strategy. The following is an adaptation:
decision making on investment in systems and IT is based on organizational strategy and user
needs (rather than technology push or the latest trends)
a strategy avoids wasting time on unnecessary activities, particularly users having to interpret
information received in unsuitable formats
a strategy also ensures an organization meets its legal requirements, so avoiding unnecessary
costs and risk to reputation
properly managed information supports innovation, productivity and competitiveness
information activities are unified, so fully contributing to organizational objectives
a strategy encourages co-operation and openness between managers of information resources.
This results in more effective use of the organization’s information and in more innovation.
4 Keys of IS Strategy :
These key components are sufficient to allow the general manager to assess critical IS issues.
Business Strategy
A coordinated strategy with some set of actions to fulfill objectives, purposes and goals. Business Strategy
always starts with a mission. Those mission will be stated in mission statements.
Business Frameworks
These are the Business frameworks that often be used in the company :
Porter’s Competitive Advantages.
Differentiation Strategy Variants.
Hypercompetition
Organizational Strategies
Organizational strategy includes the organization’s design as well as the choices it makes in its work
processes. There are 2 frameworks in the Organizational Strategies :
1. Business Diamond
Simple framework for identifying crucial components of an
organization’s plan
2. Managerial Levers
– Another framework for organizational design, states that successful execution of the firm’s
organizational strategy is the best combination of organizational, control, and cultural variables.
Analyzing the Role of Information Systems in Supporting Business and Organizational Strategies
Information technology plays a key role in the business world. In fact, it could be said that business
cannot flourish unless there is a good information technology framework. In this regard, an information
system is like a network of various integrated information technology initiatives geared towards supporting
the business process. According to Pollack (2010), the information systems (IS) strategy is a plan carried
out by a business organization to provide services related to information domains.
The role of information systems in any organization cannot be underscored. With regard to the
business strategy, the IS strategy plays a complimentary role. This is because while the business strategy
would involve envisioning the strategic direction that a company would pursue, the IS strategy seeks to
help in the execution of wider strategy envisions. In any case, aspirations of the business exist in terms of
information. The IS strategy supports business communication of the intended achievements. With the
evolution of strategic management into what it is today, business strategies have integrated all the related
components of a business venture. Therefore, a closer scrutiny of the IS strategy reveals that the
relationship between the business strategy and the IS strategy is purely strategic. Consequently, changing
the business strategy leads to a change in the IS strategy. If these changes are not consistent and in
tandem with each other, there is an imbalance in the Information Systems Strategy Triangle (ISST).
While the business strategy involves how a business will tackle competition, for instance through
positioning or segmentation, the IS strategy includes capabilities of an organization to achieve the set
goals. It could be said that the IS strategy empowers a company to move ahead and face competition in the
industry.
There is a need to demystify the exact ways through which the IS strategy supports business
strategy implementation. Pollack (2010) identifies four components of the IS strategy. These include
hardware, software, networking, and data .
The hardware includes physical components of the IS system such as servers and desktop units.
The IS strategy also determines who would be responsible for electronic machines and where they
would be located.
The second component, which is software, includes the intangible components of the IS. These are
applications or programs that are used to enhance business communications, inter-system
linkages, and smooth business operations. The IS includes people who will develop necessary
programs and what applications would be compatible with the hardware at the disposal of the
company.
Thirdly, the IS stipulates how hardware will be networked. In other words, it specifies ways in which
information will be shared between different computers or servers. A part of this strategy is a
diagrammatic representation of how hardware and software will be aligned, where nodes will be
located, and how wires will be connected.
Lastly, the IS strategy includes policies regarding data or information of the company. This is
perhaps the most important aspect of the IS strategy, as in case information about the company is
not secure, confidential information about clients could be revealed to wrong people. In addition,
secret company information could be accessed by competitors, which would be lethal to the
company. The IS strategy specifies a formula that would establish which software contains what
data in which servers.
Assignment: In your own words, give your own understanding about the four components of IS
strategy
Chapter 7
Information System and Digital Transformation
Think about how significant data management and analysis capacity is moving to the edge in a
datasphere where real-time demands increase while cloud computing grows in the core, the
decentralization of information management, the shifts in security towards the endpoints and much more.
Still, it does not mean that strategic decisions move to the edges or that digital transformation is
only possibly in organizations with “new” organizational models. Enterprise-wide digital transformation
requires leadership, regardless of how it is organized and as long as the holistic approach towards the
goals with the edges in mind prevails over internal silos and de facto gaps between reality and perception.
In practice we see that pilot projects on the way to a more holistic and enterprise-wide approach often
happen bottom-up, ad hoc or in specific departments. This is normal, typical in early stages but, if not
followed through on a broader level, a potential risk for long-term success. From the same holistic
imperative, it’s also essential to note that security requires a holistic view and even a cyber resilience
strategy as data sits everywhere, attacks increase and technological environments become more complex
with ever-growing external attack surface challenges and increasing software supply chain attacks.
“Digital transformation as a strategy is rarely an end in itself, but rather, a way to meet other strategic
objectives – business growth and innovation; a more agile operating model; a great customer experience;
and connected and collaborative employees” (Bas Burger)
Assignment: Is it important to a company or organization to align their business processes digitally? Why or
why not?
Chapter 8
Business of Information System
The data-driven world has
changed the way businesses
interact with customers,
employees, and competition.
Greater access to information increases internal knowledge and allows stakeholders to make
critical business choices with confidence.
Unfortunately, a small business isn't always sure how to use its business analytics to generate
insights that can help increase profits and attract new customers. Data collection is meaningless
without a powerful system in place to make sense of the information and present findings
understandably.
Organizations that use optimized business information systems can effectively manage
their data and use it to increase knowledge and pinpoint growth opportunities. Companies without
quality information systems must understand how to use software to their advantage if they want to
be successful.
While most larger businesses utilize some type of information system to help manage big
data, other small to mid-sized companies have not employed the best software solutions to derive
any benefits.
By utilizing an IS, organizations can collect accurate data, learn from it, make it accessible
to everyone, and use those insights to optimize decision-making and systemize the supply chain.
The top benefits derived from using an IS include-
1. Relevant Data
A business information system is a cloud-based database that stores all of the information
related to a variety of business units, functions, clients, transactions, worker performance, and
client activity. Decision-makers can use this real-time data to know which actions to take and when.
For example, a sales manager may analyze real-time sales employee performance data to
see how is meeting their goals and who needs further monitoring. Team leaders no longer have to
use guesswork to make choices, ensuring decisions are based entirely on statistical evidence.
2. Optimizes Communication
A business administration system ensures all relevant computer information is accessible
to everyone, which they can view in a customized format. Workers can easily share data and
inputs are immediately updated into the database, so everyone has access to the most accurate
and relevant information.
An optimized information system minimizes the need for emails or phone calls while
making it easier for everyone to communicate with different business units. It can also be used
externally to correspond with customers or provide answers to important questions.
Because an IS improves internal and external communication, team members can work
quickly to complete tasks, improve the quality of outcome, and streamline activities so the
organization maintains a competitive edge.
As a result of using different types of information systems that minimize human error,
organizations will save money, resources, optimize communication, and improve the quality of
deliverables.
4. Information Security
Spreadsheets, file cabinets, and other outdated systems management methods used to
store valuable information can easily be tampered with.
By having all data stored in one or more secure business intelligence databases, it's much
easier to prevent theft or misplaced information. Audit trails maintain historical records for long
periods and are easily accessible to regulators or other authorized individuals.
This is especially relevant for enterprise information systems or other databases that hold
valuable financial/sales data. An IS with sensitive information can be programmed to only allow
access to authorized individuals, which helps to protect the company and save money.
For example, a collaborative web-based mind mapping tool allows employees to structure ideas while other
members can make updates to the map simultaneously. Because there is not a constant back and forth
between members through email or phone calls, it's much simpler to complete the project at hand.
An organization can use collaboration tools to maximize efficiency in the workplace and decrease the need
for in-person meetings and communication through traditional methods. It also is helpful for remote workers
or off-site managers, who can contribute to the project without being physically present at the organization.
In conclusion, here are the key takeaways to remember how information systems help collaboration in the
workplace-
Collaboration systems include a network of tools and technologies utilized to maximize knowledge-
sharing and helping everyone work together to meet a specific goal.
Because completing business activities require collaboration between various departments,
utilizing an information system is an essential tool to ensure company goals are met.
The five components of an information system include data, hardware, software, people, and
procedures. Various software and hardware solutions provide the tools needed to streamline collaboration
in the workplace. Data inputs must be accurate, hardware must be well-maintained, software tools need to
be programmed properly, and people need to have the skills and tools available to work together.
Assignment: What do you think will happen if one of the component of Information System is not included?
Chapter 9
Information Systems Security
Online consumer activity is at an all-time high. From online banking to e-commerce, customers
across the country have left manual processes behind.
Though moving consumer data online has boosted efficiency and connected thousands of
customers to sellers across the world, there are also risks involved. Hackers and cybersecurity threats to
information systems are increasing by the day, resulting in stolen consumer and company sensitive
information.
Many companies lose their reputation and are driven to bankruptcy from one of these attacks.
Because the stakes are so high, organizations across the country seek to ensure proper cyber security
measures and security controls are in place to protect computer information from being stolen, lost, or
misused.
Both small and large companies must make sure to invest in an optimized security policy to protect
themselves and their customers.
Read ahead for an overview of the importance of ensuring information assurance and maintaining
system security measures in the digital age.
Information security requires specialized skills. For many organizations, outsourcing makes more
sense than having employees handle it all. You gain access to expertise without having to hire full-time
specialists. It leaves you free to focus on your business with confidence that your IT systems are well
protected. The type of cybersecurity service you need depends on the type of business and the required
level of security. There are several business models to choose from.
Because organizations are collecting and storing large quantities of data in databases and other
intelligence networks, they must ensure proper security policies and best practices are in place.
If a customer or financial data is stolen or tampered with, it can result in financial harm, a damaged
reputation, and litigation. As the need for information system security grows, there is an increase in security
analyst professionals ready to assist these organizations.
Malware - Hackers attack portions of software by using malicious code to cause damage to data.
Vulnerabilities - Criminals look for information systems security vulnerabilities such as negligence
or a lack of investment in security measures. Older equipment and unprotected networks are
especially vulnerable to an attack by hackers.
Phishing - Attackers seek to gain access to personal data by pretending to be someone related to
an employee at the organization. For example, a hacker may write an email with a stolen work
address to gain the trust of another worker.
Offline System - Hackers attack the stability of offline computer systems by generating crashes that
hurt the company's reputation.
Misuse of Data - When unauthorized individuals inside or outside the organization attempt to gain
access to inside information, they are typically hackers.
Here are the top reasons why businesses benefit from ensuring proper information system security to
protect their data is in place-
1. Ensure Compliance
Bankers, the healthcare industry, and online companies collect vast amounts of confidential
customer information every day. Unfortunately, consumers in the United States account for 47% of all fraud
even though they only constitute 27% of all credit card transactions worldwide.
Hackers have become increasingly sophisticated in their methods, forcing organizations to invest in
further security to prevent a breach. Regulations have been put in place to protect consumers and ensure
that companies comply with certain security measures.
Because these regulations can be complex and difficult to navigate, hiring an information system
security professional can help ensure compliance is met.
2. Prevent Bankruptcy in Smaller Companies
Many small to mid-sized companies believe they are immune from a breach and only put minimum
protections in place as a result. This is an unfortunate mistake, as their lack of protection results in many
successful attacks by hackers.
Though larger organizations tend to receive a larger percentage of attacks and threats, their increased
resources make them less likely to suffer as much financial harm as a small business. In summary, having
valuable information leaked or stolen leads to enormous financial problems that can destroy a small
company with minimal resources.
3. Protect Internal Data
The media typically focuses on stolen consumer data incidents, but protecting valuable company
information is also essential. Financial documents, legal paperwork, and tax information can be misused by
disgruntled employees or another type of attacker.
Because organizations hold years' worth of valuable internal data, they must do everything possible to
protect themselves. If company data is stolen or misplaced it can result in a ruined reputation, litigation, or
bankruptcy.
Fighting Cyber Attacks:
Human intelligence and comprehension is the best mechanism to fight cyber attacks
6 trillion will be spent by organizations to implement cyber security measures by 2021
95% of cyber security breaches are due to human error
Types Of Cybersecurity Providers
You can outsource digital information security completely or in part. There are three major types of
information security providers, each offering different benefits and trade-offs.
A managed service provider (MSP) for IT. Security is part of the package of information technology
services you get from an MSP. This approach gives you one-stop shopping; you know whom to
talk to about all IT security issues. It tends to be less expensive than hiring a specialized security
service, but you generally won't get as high a level of dedicated expertise. Getting security through
an MSP can work well for small businesses and other organizations with moderate security needs.
A managed security service provider (MSSP). This type of service specializes in information
systems security. You get a systems protection package from cybersecurity professionals who
know the subject well and constantly update their knowledge. Packages are generally available at
multiple levels to suit your needs. If you have fairly high-security requirements, a good MSSP
should be able to satisfy them and protect your sensitive information.
A security consulting firm providing custom services. Consulting firms work closely with you to
assess your needs and provide a unique set of services to meet them. Cybersecurity professionals
will be available to answer questions and address issues quickly. Hiring a firm of this kind will cost
more, but it's worth it if you have very high information security needs.
Key Takeaways
In conclusion, here are the key takeaways to remember about information system security-
Information system security involves the protection of valuable consumer and company data from
internal and external attacks. This requires a security program in place to monitor and protect data
during storage, transport, and processing.
Because organizations hold large quantities of information, they must protect their customers and
maintain confidentiality integrity.
Key information security struggles include malware, vulnerabilities, phishing, offline systems, and
misuse of data by employees or others.
An information security policy and security management is important to organizations to ensure
compliance with federal regulations to protect consumers, prevent bankruptcy in small to mid-sized
organizations, and protect valuable internal information from a disgruntled employee or outside
attacker.
Assignment: Summarize the key takeaways of Information System
Chapter 10
Ethical Considerations in Information Systems
Information system Ethics
Ethics refers to rules of right and wrong that people use to make choices to guide their behaviours.
Ethics in MIS seek to protect and safeguard individuals and society by using information systems
responsibly. Most professions usually have defined a code of ethics or code of conduct guidelines that all
professionals affiliated with the profession must adhere to.
In a nutshell, a code of ethics makes individuals acting on their free will responsible and
accountable for their actions. An example of a Code of Ethics for MIS professionals can be found on the
British Computer Society (BCS) website.
The term ethics is defined as “a set of moral principles” or “the principles of conduct governing an
individual or a group.” Since the dawn of civilization, the study of ethics and their impact has fascinated
mankind. But what do ethics have to do with information systems?
The introduction of new technology can have a profound effect on human behavior. New
technologies give us capabilities that we did not have before, which in turn create environments and
situations that have not been specifically addressed in ethical terms. Those who master new technologies
gain new power; those who cannot or do not master them may lose power. In 1913, Henry Ford
implemented the first moving assembly line to create his Model T cars. While this was a great step forward
technologically (and economically), the assembly line reduced the value of human beings in the production
process. The development of the atomic bomb concentrated unimaginable power in the hands of one
government, who then had to wrestle with the decision to use it. Today’s digital technologies have created
new categories of ethical dilemmas.
For example, the ability to anonymously make perfect copies of digital music has tempted many
music fans to download copyrighted music for their own use without making payment to the music’s owner.
Many of those who would never have walked into a music store and stolen a CD find themselves with
dozens of illegally downloaded albums.
Digital technologies have given us the ability to aggregate information from multiple sources to
create profiles of people. What would have taken weeks of work in the past can now be done in seconds,
allowing private organizations and governments to know more about individuals than at any time in history.
This information has value, but also chips away at the privacy of consumers and citizens.
Acceptable Use Policies
Many organizations that provide technology services to a group of constituents or the public require
agreement to an acceptable use policy (AUP) before those services can be accessed. Similar to a code of
ethics, this policy outlines what is allowed and what is not allowed while someone is using the
organization’s services. An everyday example of this is the terms of service that must be agreed to before
using the public Wi-Fi at Starbucks, McDonald’s, or even a university. Here is an example of an acceptable
use policy from Virginia Tech.
Just as with a code of ethics, these acceptable use policies specify what is allowed and what is not
allowed. Again, while some of the items listed are obvious to most, others are not so obvious:
“Borrowing” someone else’s login ID and password is prohibited.
Using the provided access for commercial purposes, such as hosting your own business website,
is not allowed.
Sending out unsolicited email to a large group of people is prohibited.
Also as with codes of ethics, violations of these policies have various consequences. In most
cases, such as with Wi-Fi, violating the acceptable use policy will mean that you will lose your access to the
resource. While losing access to Wi-Fi at Starbucks may not have a lasting impact, a university student
getting banned from the university’s Wi-Fi (or possibly all network resources) could have a large impact.
Intellectual Property
One of the domains that have been deeply impacted by digital technologies is the domain of
intellectual property. Digital technologies have driven a rise in new intellectual property claims and made it
much more difficult to defend intellectual property.
Intellectual property is defined as “property (as an idea, invention, or process) that derives from the
work of the mind or intellect.” This could include creations such as song lyrics, a computer program, a new
type of toaster, or even a sculpture.
Practically speaking, it is very difficult to protect an idea. Instead, intellectual property laws are
written to protect the tangible results of an idea. In other words, just coming up with a song in your head is
not protected, but if you write it down it can be protected.
Protection of intellectual property is important because it gives people an incentive to be creative.
Innovators with great ideas will be more likely to pursue those ideas if they have a clear understanding of
how they will benefit. In the US Constitution, Article 8, Section 8, the authors saw fit to recognize the
importance of protecting creative works:
Congress shall have the power . . . To promote the Progress of Science and useful Arts, by
securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and
Discoveries.
An important point to note here is the “limited time” qualification. While protecting intellectual
property is important because of the incentives it provides, it is also necessary to limit the amount of benefit
that can be received and allow the results of ideas to become part of the public domain.
Outside of the US, intellectual property protections vary. You can find out more about a specific
country’s intellectual property laws by visiting the World Intellectual Property Organization.
In the following sections we will review three of the best-known intellectual property protections:
copyright, patent, and trademark.
Copyright
Copyright is the protection given to songs, computer programs, books, and other creative works;
any work that has an “author” can be copyrighted. Under the terms of copyright, the author of a work
controls what can be done with the work, including:
Who can make copies of the work.
Who can make derivative works from the original work.
Who can perform the work publicly.
Who can display the work publicly.
Who can distribute the work.
Many times, a work is not owned by an individual but is instead owned by a publisher with whom the
original author has an agreement. In return for the rights to the work, the publisher will market and distribute
the work and then pay the original author a portion of the proceeds.
Copyright protection lasts for the life of the original author plus seventy years. In the case of a
copyrighted work owned by a publisher or another third party, the protection lasts for ninety-five years from
the original creation date. For works created before 1978, the protections vary slightly. You can see the full
details on copyright protections by reviewing the Copyright Basics document available at the US Copyright
Office’s website.
Assignment: You are in-charge of your company’s IS process development and somebody asked your help
to improve their system. What will you do?
References:
1. https://ieeexplore.ieee.org/
2. Proceedings of the 33rd Annual Hawaii International Conference on System Sciences
3. https://www.indeed.com/career-advice/career-development/what-is-strategic-management
4. https://corporatefinanceinstitute.com/resources/knowledge/strategy/swot-analysis/
5. https://www.managementstudyguide.com/planning_function.htm
6. https://www.wipfli.com/
7. https://www.practicaladultinsights.com/what-is-acquisition-management.htm
8. https://blog.triaster.co.uk/blog/policy-vs-process-vs-procedure
9. https://end2endbusinesssolutions.com.au/advantages-of-having-workplace-policies-in-place/
10. https://sis.binus.ac.id/2018/02/13/is-strategy-triangle/
11. https://www.i-scoop.eu/digital-transformation/
12. https://altametrics.com/en/information-systems/business-information-system.html
13. https://www.guru99.com/mis-ethical-social-issue.html