IHRD-VI,

Human Resources Information

System Assignment
[By Raj Singh, 20]
1

Q.1 Define MIS in brief. State its advantages &

disadvantages.

Management information system (MIS)

MIS stands for Management Information System. It is a computerized

system that provides managers with the tools to organize, evaluate, and
efficiently manage departments within an organization. MIS systems provide a
range of information necessary to manage an organization effectively, including
financial data, customer information, and production statistics.

Definition:-
A management information system (MIS) is a system for collecting,
organising, processing, and interpreting corporate data so that it may be
transformed into useful information. A company's MIS is likely to be more
sophisticated the more complicated its operations are. By gathering the data
gathered by various staff members and collecting it in a uniform and accessible
way, a MIS is utilised to considerably increase the efficiency of report
generation and data analysis.

The most recent MIS operations make use of cloud technology and are
able to track productivity changes over time, respond to data-related questions,
and highlight data that matches current requirements. Depending on the size of
the organisation, it might have a MIS department with a group of qualified IT
specialists to handle its complicated data management requirements. Many of
the company's other employees may be able to view and use the MIS data in
addition to the decision-makers.

Advantages of MIS:

1. 1.Improved Decision Making: MIS provides timely and accurate

information, which helps managers make informed decisions
quickly and effectively.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

2

2. Improved Efficiency: MIS reduces the time and effort required to

manage data and make decisions, leading to increased efficiency
and productivity.
3. Improved Communication: MIS allows for better communication
between different departments within an organization by providing
real-time data that is accessible to all.
4. Improved Customer Service: MIS provides up-to-date customer
information, which enables organizations to provide better
customer service and support.

Disadvantages of MIS:

1. High Cost: Implementing and maintaining a MIS system can be

expensive, requiring significant investments in hardware, software,
and personnel.
2. Complex: MIS systems can be complex and require specialized
knowledge and expertise to operate effectively, which can be a
challenge for some organizations.
3. Security Risks: MIS systems are vulnerable to security threats such as
hacking, viruses, and data breaches, which can compromise sensitive
information.
4. Resistance to Change: Some employees may resist using a new
system, which can lead to resistance to change and slow adoption.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

3

Q.2 Give detailed explanation for the SQL manipulation

command.

Relational databases are commonly managed and worked on using the

popular computer language SQL. A database's data can be processed using a
variety of SQL manipulation instructions. The most used SQL manipulation
commands are shown below, along with explanations for each:

1. SELECT: A database's SELECT statement is used to get

information from one or more tables. You can apply filters to the
data and define the columns you want to obtain. As an illustration,
the statement "SELECT column1, column2 FROM table name
WHERE condition" would collect information from the provided
columns in the table that satisfied the stated condition.

2. INSERT: To add new data to a table in a database, use the INSERT

statement. By defining the values you want to insert, you can add
data to one or more table columns. Data would be inserted into the
table's provided columns, for instance, "INSERT INTO table name
(column1, column2) VALUES (value1, value2)".

3. UPDATE: A table's existing data can be changed using the

Updating command. By defining the new values you wish to use
and using conditions to filter the data, you can update one or more
columns in a table. For all the rows that satisfy the criterion,
"UPDATE table name SET column1 = value1 WHERE condition"
would update the given column with the new value.

4. DELETE: In a database, the DELETE statement is used to delete

data from a table. By adding filters to a table of data, you can
remove one or more rows from it. For instance, "DELETE FROM
table name WHERE condition" would eliminate every record that
matched the criteria.

5. JOIN: Based on a shared column, the JOIN statement is used to

combine data from two or more tables in a database. There are

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

4

various join kinds, including FULL OUTER JOIN, INNER JOIN,

LEFT JOIN, and RIGHT JOIN. An example query would return all
columns from both tables where the provided columns matched by
returning "SELECT * FROM table1 INNER JOIN table2 ON
table1.column = table2.column".

6. GROUP BY: A table's columns can be utilised to group data using

the GROUP BY statement. To determine summary statistics for
each group, utilise aggregate functions like COUNT, SUM, AVG,
MIN, and MAX. For instance, the statement "SELECT column1,
COUNT(column2) FROM table name GROUP BY column1"
would group the data by column1 and count how many times each
value appeared in column2.

7. ORDER BY: A table's data can be sorted using the ORDER BY

statement depending on one or more columns. The data can be
sorted either ascendingly or descendingly. For instance, "SELECT
* FROM table name ORDER BY column1 ASC, column2 DESC"
would return every entry from the table with the columns 1 and 2
arranged in ascending and descending order, respectively.

These are some of the SQL manipulation commands that are most
frequently used. You may successfully manage and manipulate the data in a
database to suit your needs by utilising these commands.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

5

Q.4 Define HR Metrics & workforce analytics in detail.

Two key ideas in the subject of human resource management are HR Metrics
and Workforce Analytics.

The term "HR Metrics" refers to the quantitative measurements used to

monitor and evaluate an organization's human resource performance. HR
metrics can be employed to assess the efficacy of HR policies and initiatives
and to pinpoint areas for development. Employee turnover rates, the length of
time it takes to fill new positions, and absence rates are some typical HR
Metrics. HR metrics can also be used to assess how HR activities affect an
organization's financial performance.

On the other side, workforce analytics is the discipline of employing data

analysis and statistical techniques to learn more about the workforce of a
business. To forecast employee behavior, pinpoint skill gaps, and improve
workforce planning, use workforce analytics. Organizations can use workforce
analytics to pinpoint regions with high turnover or poor engagement and create
plans to deal with these problems.

Workforce analytics and HR metrics work together to give HR

professionals a potent toolkit for managing and optimizing their organization's
human resources. HR professionals may improve the performance of their firm
as a whole by leveraging data-driven insights to help them hire, develop, and
retain workers.

Contemporary HR metrics and workforce analytics,

The set of actions most frequently referred to as human resources (HR)

metrics and workforce analytics are part of strategic realignment. Most
medium-sized and large companies did engage in some HR assessment and
analytics throughout the past 30 years. Yet, these initiatives lacked organisation.
They were only undertaken on a sample of activities, and frequently for only a
small set of metrics, in part due to the expense involved. Organizations are now
reporting HR metrics more consistently and systematically as a result of the
growth of reliable computer-based communications infrastructures and
improved access to data thanks to the deployment of integrated human resource
information systems. these preparations.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

6

The collection of actions most frequently referred to as "hu"—the area of

HR metrics and workforce—are part of strategic realignment. As a result, these
metrics place a focus on costs or readily calculable counts (such as head count
or turnover), which frequently act as cost substitutes. Whether we acknowledge
them or not, cost and benefit implications follow every administrative choice.
As a result, if our information systems just supply managers with cost-related
information, they are not very useful. Managers will make an effort to use the
information that is made available to them; if we provide them mainly
information on costs and no information on benefits, costs are likely to start to
dominate managerial decisions.

Using HR metrics and workforce analytics,

• Reporting,
Reporting has received a lot of attention in the study and application of
metrics and analytics. Reporting includes judgements about (a) what metrics
will be reported; (b) how these metrics will be packaged; and (c) how, (d) when,
and (e) to whom they should be reported. Effort has focused on attempting to
identify what metrics an organization should use. Yet, attempting to choose
what metrics should be reported without taking into account the challenges and
opportunities faced by an organisation overlooks the points for which the
metrics were chosen. Metrics should be presented for decision makers in a way
that increases the likelihood that the "message" that matters to them will be
understood. How questions address the dilemma between giving decision
makers options to extract metrics as required versus sending metrics to them via
email. Posting the metrics on business websites enables the latter strategy.

• Dashboards,
Dashboards are a more sophisticated aspect of reporting. A greater ability to
aggregate corporate data is shown in dashboards, which also represent efforts to
coordinate real-time analysis of organisational and HR activities. Moreover,
business unit assessments are included in dashboards so that managers may dive
down and look at KPIs at various organisational levels. Users of the dashboard
are able to keep track of important HR metrics at all times.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

7

• Benchmarking,
The benchmarking efforts of the Saratoga Institute were the first to produce
data on common HR indicators for the utilisation and management of human
capital. Benchmarking data is beneficial since it shows what is achievable. The
utilisation of HR people and practises inside an organisation reflect the issues an
organisation is now facing, which presents a challenge when using HR metrics
as benchmark data. As a result, the majority of businesses have an HR
department, yet these departments' precise duties differ greatly between
businesses. As a result, making direct comparisons between HR benchmarking
data from one's own company and data from other companies may not offer
practical guidance for defining goals or predicting the possible efficacy of
corrective actions a business might take.

• Data Mining
Since the deployment of integrated HRIS and computerised HRM
procedures, interest in data mining of human capital data has increased. Data
mining is the process of looking for patterns in data that could reveal previously
unknown causal mechanisms and improve decision-making. Data mining
combines correlation and multiple regression techniques to find patterns of
relationships in very big datasets in order to identify these causal mechanisms.
Finding a link between employee job satisfaction and employee turnover might
serve as an example.

• Predictive Analysis,
Many metrics and analytics initiatives aim to perform predictive analysis. In
predictive analysis, efforts are made to create organisational system models that
can be utilised to forecast future results and comprehend the effects of fictitious
changes in companies, such as a change in current organisational systems.

• Operational Experiments,
The movement for evidence-based management contends that rather than
relying on personal ideologies, unproven personal models, or presumptions
about "how things work," managers should base their decisions on information
obtained from the organisation and evidence about how its systems actually

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

8

function. Operational experiments carried out within the organisation are one of
the most efficient ways to get the data on which to base decisions.

• Workforce Modelling,
Workforce modelling aims to comprehend how an organization's human
capital requirements will alter in response to some anticipated change in the
environment of the firm. The organization's product demand may have changed,
it may have entered a new market, it may have sold one of its businesses, or it
may be in the process of acquiring or merging with another company.

HR process efficiency,

These three specialties each represent a distinct domain where firms can
work using metrics and analytics. The third area of expertise—administrative
process efficiency—is currently the focus of most measures. These
measurements concentrate on how successfully the HR division completes the
crucial tasks required to enhance organisational effectiveness. The cost per
hiring, the time it takes to fill a position, the percentage of timely completed
performance reviews, and the cost of the HR department as a share of overall
costs or sales are possible metrics in this area. Process management is only
desired, though, when the organisational procedures best aid the operating
divisions of the business in achieving their objectives.

• Organizational Effectiveness
The improvement of organisational processes is the primary emphasis of
HR metrics and workforce analytics, which are generally directed outside the
HR department. Here, the goal is to make use of the technical expertise of HR
professionals in HRM in regards to their comprehension of the best ways to
hire, select, deploy, train, design jobs for, motivate, develop, and evaluate
employees in order to assist organisational units in more effectively achieving
their goals. The results are operational metrics for the business units, such as
cost per unit, operational downtime, lost time accidents, and the proportion of
on-time delivery. Analysis will be done to see whether adjustments to HRM
procedures will enhance the operational effectiveness of companies or particular
business units.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

9

• Strategic Realignment
The group of tasks most typically referred to as human resources
planning are included in strategic realignment. The focus of these planning
efforts is on both long-term plans to ensure the replacement of the labour force
required to run the organisation as well as planning for necessary strategic
changes in the organisation. For instance, while a big section of its engineering
team is about to retire, Boeing is making a number of initiatives to ensure that it
will have enough engineers available to staff operations in the future. Planning
for novel contexts and situations is another application of strategic realignment
for HRM analytics. When a corporation changes its strategic direction, whether
through a merger, acquisition, divestiture, or other means, new conditions and
circumstances arise. The ability of the HR department to estimate the future
demand and supply of needed human capital is largely driven by changes in
organizational strategy, and this ability to forecast these future needs is crucial
to the survival of the organization.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

10

Q.5 Explain security & privacy threats to the data &

Importance of Data Privacy

Data Security

Data security is the practice of protecting organizational data from risk. It is

common to organize data security according to three dimensions—
Confidentiality, Integrity, and Availability—in line with the CIA Triad
commonly used in information security.

• Data confidentiality involves preventing unauthorized parties, whether

internal or external, from accessing sensitive data. Organizations
implement a variety of security measures to protect confidentiality, from
perimeter network defences, to permission systems like role based access
control (RBAC), data encryption, and multi-factor authentication.
• Data integrity involves the prevention of unwanted modification or
deletion of data. This might be the result of an accident or disaster, or a
malicious act by an attacker seeking to sabotage company operations. An
important way to ensure data integrity is the use of digital signatures.
Encryption can also help protect data integrity.
• Data availability ensures that valuable data can always be accessed by
those who need it, both inside and outside the organization. IT operations
are primarily responsible for data availability, by making sure
infrastructure is working and recovering quickly from failure.

Data privacy
Data privacy refers to concerns about how data is processed, including
data sensitivity, regulatory requirements, consent, and notifications. An example
of data privacy is the use of a separate, secure database for personally
identifiable information (PII).

Security & Privacy threats to the data

Here are a few of the most common threats facing organizational data.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

11

• Social Engineering Attacks

Social engineering attacks are the primary medium used by attackers to gain
access to sensitive data. This includes manipulating or deceiving individuals to
provide personal information or access privileged accounts.

Phishing is a common form of social engineering. This includes messages that

appear to come from a trusted source, but are actually sent by an attacker. If an
employee is convinced to provide personal information, click a malicious link,
or open a malicious attachment, the attacker can compromise the user’s device
or account and gain access to the corporate network.

• Security Misconfiguration

If a computing system does not have security settings properly defined, or is

kept with the default username and password, a security misconfiguration
occurs. This typically means that a system’s configuration does not comply with
security standards, such as CIS benchmarks, the OWASP Top 10, or specific
compliance requirements.

If an administrator or developer does not properly configure security for an

application, website, server, or workstation, the system may be wide open to
attackers.

Misconfiguration is widely cited as one of the biggest security threats in a cloud

environment, and the risk is also present in an on-premises environment. It can
lead to large-scale data breaches and can have economic consequences such as
temporary loss of business, damage to reputation, revenue loss, exposure to
lawsuits, and regulatory fines.

• Shadow IT

Unauthorized use of third-party software, applications, or Internet services in

the workplace, known as shadow IT, is difficult for IT departments to track.
Shadow IT is very common because employees habitually use applications they
know from their personal lives, which are more efficient, lightweight, and easier
to use than company-approved alternatives.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

12

Shadow IT creates a blind spot in an organization’s data security strategy,

making it difficult to identify what data is stored on unauthorized services. Even
more dangerous is the weak security of these third-party services. This could
lead to data breaches, and also represents a major compliance risk—an
organization could face lawsuits or fines because sensitive data was stored by an
employee on unauthorized services.

The main cause of shadow IT is that a company cannot provide its employees
with the tools they need to get the job done. Organizations must have an open
dialogue with their employees and do their best to understand and satisfy their
technical needs. DLP tools can also be used to prevent employees from
uploading sensitive information to third party services, and monitor data
transfers to better understand the impact of shadow IT.

• Ransomware

Ransomware is a top priority, if not the highest priority, in any organization’s

cybersecurity program, and it directly affects data security. In a ransomware
attack, the victim’s computer is infected by malware that encrypts valuable
files, or entire devices, making it impossible for victims to use the equipment
and data. To regain access to the device or data, ransomware demands that the
victim pay a ransom.

Ransomware is becoming a huge global business for cybercriminals, and

techniques are evolving rapidly. Ransomware as a Service (RaaS) provides
large groups of hacker’s easy access to advanced Ransomware technology. In
addition, new types of ransomware use a double extortion technique—before
they encrypt files, they transmit them to the attacker, who threatens to make
them publicly available if the ransom is not paid.

Ransomware can spread through malicious email attachments, infected software

applications, infected external storage devices, infected websites, and
vulnerabilities in commonly deployed applications.

• Advanced Persistent Threat Attacks

An Advanced Persistent Threat (APT) is a targeted network attack that goes

undetected for a long period of time after attackers penetrate the network. The

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

13

purpose of APT attacks is not to compromise systems or networks, but rather to

monitor network activity and steal data over a prolonged period. Cybercriminals
often use APT attacks to target high-value targets, such as large corporations
and government institutes, to steal valuable or strategic data.

The Importance of Data Privacy

It is essential for safeguarding sensitive data and private information.

Information about finances, health, and other private consumer or user data can
put people in danger if it falls into the wrong hands. Individuals may be at risk
for fraud and identity theft due to a lack of access control over personal
information.

A government data hack may also jeopardise the security of entire

nations. And if it happens within your business, it might provide a rival access
to your confidential information.

Data protection rules become relevant in this situation. Cybersecurity is a

developing problem as a larger and larger amount of our lives and activities take
place online.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

14

Relational databases are commonly managed and worked on using the

popular computer language SQL. A database's data can be processed using a
variety of SQL manipulation instructions. The most used SQL manipulation
commands are shown below, along with explanations for each:

SELECT: A database's SELECT statement is used to get information from

one or more tables. You can apply filters to the data and define the columns you
want to obtain. As an illustration, the statement "SELECT column1, column2
FROM table name WHERE condition" would collect information from the
provided columns in the table that satisfied the stated condition.
INSERT: To add new data to a table in a database, use the INSERT
statement. By defining the values you want to insert, you can add data to one or
more table columns. Data would be inserted into the table's provided columns,
for instance, "INSERT INTO table name (column1, column2) VALUES (value1,
value2)".

UPDATE: A table's existing data can be changed using the Updating

command. By defining the new values you wish to use and using conditions to
filter the data, you can update one or more columns in a table. For all the rows
that satisfy the criterion, "UPDATE table name SET column1 = value1 WHERE
condition" would update the given column with the new value.
DELETE: In a database, the DELETE statement is used to delete data
from a table. By adding filters to a table of data, you can remove one or more
rows from it. For instance, "DELETE FROM table name WHERE condition"
would eliminate every record that matched the criteria.

JOIN: Based on a shared column, the JOIN statement is used to combine

data from two or more tables in a database. There are various join kinds,
including FULL OUTER JOIN, INNER JOIN, LEFT JOIN, and RIGHT JOIN.
An example query would return all columns from both tables where the
provided columns matched by returning "SELECT * FROM table1 INNER
JOIN table2 ON table1.column = table2.column".
GROUP BY: A table's columns can be utilised to group data using the
GROUP BY statement. To determine summary statistics for each group, utilise
aggregate functions like COUNT, SUM, AVG, MIN, and MAX. For instance,
the statement "SELECT column1, COUNT(column2) FROM table name

[HRIS ASSIGNMENT] | [By Raj Singh, 20]

15

GROUP BY column1" would group the data by column1 and count how many
times each value appeared in column2.

ORDER BY: A table's data can be sorted using the ORDER BY statement
depending on one or more columns. The data can be sorted either ascendingly
or descendingly. For instance, "SELECT * FROM table name ORDER BY
column1 ASC, column2 DESC" would return every entry from the table with
the columns 1 and 2 arranged in ascending and descending order, respectively.

These are some of the SQL manipulation commands that are most
frequently used. You may successfully manage and manipulate the data in a
database to suit your needs by utilising these commands.

[HRIS ASSIGNMENT] | [By Raj Singh, 20]