table of contents 2. chapter 1: introduction to ... · by gitau g.k. , 1 table of contents 2....

By Gitau G.K., 1

TABLE OF CONTENTS

2. CHAPTER 1: INTRODUCTION TO INFORMATION SYSTEM (IS) ............................................... 3

2.1. Definitions of key terminologies ............................................................................................................. 3

2.2. Framework of Information Systems Needed by Managerial End Users .................................. 5

2.3. Levels of management: ............................................................................................................................... 5

3. CHAPTER 2: INFORMATION SYSTEMS FOR OPERATIONS, MANAGEMENT AND

STRATEGIC ADVANTAGE .......................................................................................................................... 8

3.1. Importance of Information Systems ...................................................................................................... 8

3.2. Disadvantages of MIS ................................................................................................................................... 9

3.3. Function of MIS .............................................................................................................................................. 9

3.4. MIS Characteristics in General ............................................................................................................... 10

4. CHAPTER 3: SYSTEMS APPROACH TO PROBLEM SOLVING AND ITS APPLICATION IN

MANAGEMENT .......................................................................................................................................... 10

4.1. What is systems approach? ..................................................................................................................... 10

4.2. Understanding a Problem or Opportunity ........................................................................................ 11

4.3. Developing a Solution ................................................................................................................................ 12

4.4. Implementing a Solution .......................................................................................................................... 13

4.5. Applying the Systems Approach to Information Systems. .......................................................... 13

5. CHAPTER 4: INFORMATION SYSTEMS DEVELOPMENT .......................................................... 13

5.1. Systems investigations or planning ..................................................................................................... 14

5.2. Systems analysis .......................................................................................................................................... 14

5.3. Systems design ............................................................................................................................................. 14

5.4. Systems implementation .......................................................................................................................... 15

5.5. Post Implementation Review and Support ....................................................................................... 16

6. CHAPTER 5: COMPUTER HARDWARE .......................................................................................... 17

6.1. Definition ........................................................................................................................................................ 17

6.2. Input Devices ................................................................................................................................................ 17

6.3. Processor Unit .............................................................................................................................................. 17

6.4. Output devices .............................................................................................................................................. 17

6.5. Storage Devices ............................................................................................................................................ 18

6.6. Networking equipment ............................................................................................................................. 18

6.7. Types of Computers ................................................................................................................................... 18

7. CHAPTER 6: COMPUTER SOFTWARE ............................................................................................ 20

7.1. Types of software ........................................................................................................................................ 20

7.2. System Software .......................................................................................................................................... 20

7.3. Firmware ........................................................................................................................................................ 20

7.4. Operating systems ...................................................................................................................................... 20

7.5. Utility programs........................................................................................................................................... 21

7.6. Application software .................................................................................................................................. 21

7.7. Application Packages Used to Support End-User Computing .................................................... 21

8. CHAPTER 7: DATA RESOURCE MANAGEMENT .......................................................................... 22

8.1. Transaction Processing Systems ........................................................................................................... 22

8.2. Transactions Processing Methods ........................................................................................................ 22

By Gitau G.K., 2

8.3. Objectives of Transaction Processing Systems ................................................................................ 23

13.1. Transaction Processing Activities ...................................................................................................... 24

13.2. Transaction Processing Cycle .............................................................................................................. 24

13.3. Traditional Transaction Processing Systems ................................................................................ 26

20. CHAPTER 8: DATABASE MANAGEMENT SYSTEMS ................................................................ 26

20.1. Introduction of Database Management Systems.......................................................................... 26

20.2. Types of Databases .................................................................................................................................. 27

20.3. Flat-file Database Model or Relational Database: ........................................................................ 28

20.4. Hierarchical Database Model: .............................................................................................................. 28

20.5. Network Database Model ...................................................................................................................... 29

21. CHAPTER 8: TELECOMMUNICATIONS AND NETWORKS ..................................................... 30

21.1. Types of networks - according to area coverage.......................................................................... 30

21.2. Local Area Networks (LAN) versus Wide Area Networks (WAN) ........................................ 30

21.3. Types of Network Environment in an Organization ................................................................... 31

21.4. Internet ......................................................................................................................................................... 31

21.5. Internet Resources (or Services) ........................................................................................................ 31

21.6. Internet Protocol (IP) Addressing ..................................................................................................... 33

21.7. Data Communication Channels ........................................................................................................... 33

21.8. Intranets versus Extranets.................................................................................................................... 34

21.9. SOCIAL MEDIA IN BUSINESS ............................................................................................................... 35

23. CHAPTER 9: E-COMMERCE ............................................................................................................. 38

23.1. Understanding E-commerce ................................................................................................................ 38

23.2. Types of E-commerce ............................................................................................................................. 39

23.3. Advantages of E-commerce .................................................................................................................. 40

23.4. Disadvantages of E-commerce ............................................................................................................ 41

23.5. Benefits of E-commerce ......................................................................................................................... 43

24. CHAPTER 10: CONTROLLING INFORMATION SYSTEMS ...................................................... 44

25.1. Threats to data........................................................................................................................................... 44

25.2. Administrative controls versus system controls ......................................................................... 44

25.3. Physical versus logical controls .......................................................................................................... 45

26.1. Examples of Data Security Controls .................................................................................................. 45

By Gitau G.K., 3

1. CHAPTER 1: INTRODUCTION TO INFORMATION SYSTEM (IS)

1.1. Definitions of key terminologies

System is a collection of related components and has the interaction between them to

accomplish a common objective. System will have the following basic interacting components;

System Components/characteristics

1. Purpose / Goal : Mission or objective to accomplish

2. Components : Elements which is known as subsystem

3. Input : Raw materials that enter to the system

4. Output : Results or products/by products of the system

5. Processes : Manipulative functions that convert inputs to outputs

6. Feedback and control: This is an inbuilt mechanism for continuous measurement and

review of the status to ensure the system remains on track according to set standards of

performance

7. Border / Boundary/Interface : Boundary is the line in between internal and external

environment of the system. Interface is the link of interaction between internal and external

environment of the system

8. External environment: What is outside the boundary of the system

Virtually all systems are part of a larger system, called a supra-system and likewise, virtually

all systems can be decomposed into smaller systems, called subsystems. A system may also

be closed or open. A closed system is isolated from its external environment and it neither

influences nor is influenced by that external environment; e.g. a vacuum, a controlled

experiment, etc. However, business systems are usually open systems. They influence and

influenced by their external environments. A system may also be formal or informal. A formal

system is official and documented with clear standards and documents such as receipts, order

notes, etc. Informal systems on the other hand are not documented they are verbal and

include telephone conversations, observations and mental clues. Such information is easily

lost unless it is captured in a permanent record. Other systems include deterministic versus

probabilistic (stochastic), self organizing (adaptive) versus non adaptive, etc.

Properties of Information and Decision Making

Data versus Information

Data: Consists of facts, text, graphics and figure that have not been processed and

inadequate for user’s application.

Information: A processed data that is sorted, useful and valuable for particular user

The Characteristics of Valuable Information

1. Accurate

Information must be free from errors.

2. Complete

Information has to contain all the important facts as needed to perform the required

processing and what you want to know.

3. Relevant (Communicated to the right user)

By Gitau G.K., 4

Information must be related to the desired performance or useful to what you’re trying to

do.

4. Timely

Information has to be delivered at the right time.

5. Up-to-date or current

Information is useful if it reflects the current state of affairs

6. Cost effective

Cost of producing information in a firm should not exceed the benefit/profit that is

obtained from it.

7. Simple or well presented to user (Understandable to user)

Information that has been presented should be easy to understand –format, language,

detail level, vocabulary, etc.

8. Security

Only authorized person is allowed to access the information.

9. Confidence of the source e.g. forex mean exchange rates from Central Bank, Billing Rates

from previous month data capture logs, etc.

10. Communicated through the right channel

Different users make audience to varied channels e.g. mass media, social media, circulars,

mobile SMS alerts, telephone calls, emails, websites, face to face, written print outs, etc.

Information System

Definition: A collection of related components and has the interaction between them to

capture data, process it and produce the useful output information to accomplish

an objective.

Functions of information system

1. Input : Facts or data from outside the system

2. Processing : Transform the data to information

3. Output : Information that need to be used outside the system

4. Storage : A place to store data for future reference

5. Communication: Transmitting and dissemination of data and information through carrier

media

Computer Based Information System (CBIS)

Information system can be categorized into TWO; manual and Computer Based

Information System (CBIS). Manual or non-computerized system involves a lot of paper

work and user memorization of transactions. Non-computerized is not efficient because it

consumes a lot of time to find, process and modify the information. It also involves

duplication, more data insecurity and expensive. The CBIS eliminates all these weaknesses.

Roles and function of Computer Based Information System (CBIS)

Same as functions of an information systems, but additional CBIS are adopted for their

strategic advantages as covered in the importance of information systems or MIS.

By Gitau G.K., 5

Components of CBIS :

1. Hardware : Hardware can be a single PC, a single main frame or networks of computers. It

also includes physical device to control the process of input and output like

keyboard, mouse and modem.

2. Software : Application program such as MS Office, Macromedia Dreamweaver and

etc.

3. People : Those who are involved with the system or using the system.

4. Data : Consists of facts, text, graphic, figure that can be recorded and that have

specific meaning.

5. Procedures : Instructions and rules to design and use information system

1.2. Framework of Information Systems Needed by Managerial End Users

End-users are the various users of Information Systems in the User departments. They can be

divided into three managerial end-user levels; operational management (first line managers),

tactical management (middle management) and the strategic management (top management).

Each of these managerial end users have differing informational needs dependent on the

nature of decisions and the level of planning attended to. A top manager is an upper-level

executive who guides and controls the overall activities of the organization. They are

responsible for the organization’s planning and developing its mission. They also determine

the firm’s strategy and its major policies. They are president, vice president, chief executive

officer, and members of the Board. Middle managers develop tactical plans, policies, and they

coordinate and supervise the activities of first-line managers. Titles at this level are division

manager, department head, plant manager, and operating manager. A first-line manager is a

manager who coordinates and supervises the activities of operating employees. They solve

day-to-day problems. Common titles for first-line manager include office manager, supervisor,

foreman, shift leaders, etc. Operating employees are not managers. They represent the work

force of organization.

1.3. Levels of management:

This refers to a pyramid model of the hierarchy of command in an organization. It is a three

tier view that conceptualizes management into strategic management, tactical management

and operational management.

The middle level management or tactical management comprises of horizontally into areas of

management. The most common areas are Administration and Finance, Marketing, Human

Resources, Information Technology, Research and Development, etc.

By Gitau G.K., 6

In view of this organization structure ISs can be categorized according to that

management pyramid;

1. Operational Management (First Line Managers) requires Information Systems capable

of capturing transactional data from day to day operations. This called a Transaction

Processing System (TPS). The system should be capable of processing volume of data

captured in organizations transactions such as sales system, inventory system, students’

registration system. The data collected by these systems may be deposited into the

organizations Database Management System (DBMS) to be used as raw materials for the

Middle Level (tactical managers) Management Information System (MIS). A TPS may be real

time or batch based. Real time means data collected is processed immediately for immediate

output to aid in a current transaction, e.g. Bank Cashier Terminal Processing System. A batch

processing system means data collected is collated together so that it is processed at one go

later in the day or another specified time. These systems are easy to automate for they

support structured decisions, for example a Bank Cashier Terminal Processing System can be

replaced by an ATM. With the power of Internet TPS systems can also be based on Internet

infrastructure. An organization can operate a private Internet based TPS where employees

can access the organization’s private Internet accessible database to conduct transactions

from different branches of the organization such as bank branches network. This called an

intranet. These systems can also be extended further to allow customers and suppliers to for

example process their orders or track their supplies. Such as a system is called extranet.

By Gitau G.K., 7

Various organizations are also embracing IS systems to provide unique services such as e-

commerce, e-ticketing, e-banking, etc.

2. Tactical management: The data collected in the organization DBMS becomes the raw

material for producing information for middle level managers. These databases are

interrogated by an interface called Management Information System (MIS). Generally

speaking an MIS is a system for providing information for managers. It is therefore a general

term for an IS. However, specifically MIS refers to an IS for providing information for the

middle level of management. It is therefore based on a DBMS that collects data from

organization TPS to provide special information depending on the functional management

targeted. At this level these MIS may also be called Decision Support Systems (DSS) because

the information provided to these tactical managers is meant to aid them in decision making.

A DSS is a system that provides information to aid tactical managers in the decision making

roles. The decisions supported are semi-structured. They use partial rules automated in the

computer system and partly on the manager’s wisdom and experience. Information used in a

DSS is taken from TPS and MIS, in addition to this external information may also be

incorporated. With all the information gathered, managers can use models contained within a

DSS to look at what might happen if they do certain things. This is a bit like an IF statement

that can be changed, scenarios or goal seeking. If a change is made to the figures then the

output is increased or decreased.

3. Strategic Management: This is the top most level of management. Their use of

information system may not be frequent. However, they need information on exceptional

issues of the organization on demand or on the need to know. At some low frequency they

may also need regular reports. Such reports are highly summarized and very graphical to

allow quick view of the organization at any one point. Executive information systems are used

for this purpose. They have very user friendly features such as a dashboard with graphics

represent various parameters of interest and allow the CEO to drill down for information and

interrogate the report for any finer details they may need. The nature of decisions made by

this management is unstructured. They have no clear rules but largely depend on the wisdom

and experience of the decision maker. For example a decision on whether to forge a business

alliance, how to raise capital, etc. Strategic management may also use Expert Systems to be

able to make decisions in areas where they have no adequate expertise. An Expert System is a

knowledge-based computer program or artificial intelligence containing expert domain

knowledge about objects, events, situations and courses of action, which emulates the process

of human experts in the particular domain. In other words, expert system is a computer

application that performs a task that would otherwise be performed by a human expert.

Expert systems are extensively used in the medical field. For example, there are expert

systems that can diagnose human illness, and MYCIN is one of the popular expert systems in

medical field. However, Expert Systems can also be used at other levels of management.

By Gitau G.K., 8

2. CHAPTER 2: INFORMATION SYSTEMS FOR OPERATIONS, MANAGEMENT AND

STRATEGIC ADVANTAGE

2.1. Importance of Information Systems

Information systems in an organization are important to all levels of management to

enable managers perform their functions of planning, directing (commanding and

leadership), organizing, controlling and coordinating. They are important at operational in

execution of specific tasks or transaction/application in the day to day operations of a

business, such as accounting, sales, front office automation, etc. However, an organization

may identify unique application area that would make the firm stand out among its peers

or possibly to offer a service far from ordinary as compared to competitors who are doing

business as usual. Such a unique application of IS by a firm is called strategic application.

This is an application that gives the firm an edge above the competitors. It is either using

IS to provide a unique service or using IS to provide better services so as to achieve a

competitive advantage or edge. For example providing online ticketing, an extranet to

allow customers to book a hotel room online, a Just In Time (JIT) system to order a

customized luxury car, etc. Ways to gain strategic advantage using IS includes;

1. Cost reduction: A firm can gain profit margin by using IS to reduce number of staff and

reduce production time for its products

2. Raise barriers to new entrants: Where an organization provides advanced system

more than competitors, new entrants may find it difficult to penetrate, e.g. Safaricom 3G

internet while competitors are on GPRS or EDGE technology

3. Establish high switching cost: Where a client has so expensive equipments from the

current supplier and the technology cannot migrate to another supplier the customers would

remain to avoid migration or switching cost; e.g. switching from one accounting package to

another provider may require flesh data entry and expensive data conversion.

4. Creating new products or services: A company can gain strategic positioning by using

IS to provide a unique service e.g. Mobile Banking, 24-hour loan processing, etc.

5. Differentiate products or services: An organization may attract customers by

convincing them that their product is different from their customers through unique

interaction and product features by use of IS.

6. Enhance products or services: Even with current products the company can enhance

them such as longer business hours for customers by reducing after office batch processing of

daily transactions by use of real time transaction processing system.

7. Establish business alliances: The business can enhance customer experience and

product provision by packaging products with other companies, e.g. a holiday package that

includes air ticket, hotel, tours and travel, etc by use of IS system inter-linked with other

service providers or service advantage smart cards.

8. Locking customers and locking out competitors: Making it impractical for customers or

suppliers to deal with competitors for example MPESA agency requirements that your

partners do not brand with competitors products

By Gitau G.K., 9

In general, beside these strategic uses of IS, MIS systems are specifically important at

various of levels of management to aid in transaction processing and to support

management decisions at various levels.

2.2. Advantages and Disadvantages of MIS

An MIS provides the following advantages.

1. It Facilitates planning: MIS improves the quality of plants by providing relevant

information for sound decision - making. Due to increase in the size and complexity of

organizations, managers have lost personal contact with the scene of operations.

2. In Minimizes information overload: MIS change the larger amount of data in to

summarized form and there by avoids the confusion which may arise when managers are

flooded with detailed facts.

3. MIS Encourages Decentralization: Decentralization of authority is possibly when there is

a system for monitoring operations at lower levels. MIS is successfully used for measuring

performance and making necessary change in the organizational plans and procedures.

4. It brings Co ordination: MIS facilities integration of specialized activities by keeping

each department aware of the problem and requirements of other departments. It

connects all decision centres in the organization.

5. It makes control easier: MIS serves as a link between managerial planning and control. It

improves the ability of management to evaluate and improve performance. The used

computers has increased the data processing and storage capabilities and reduced the

cost.

6. MIS assembles, process, stores, Retrieves, evaluates and disseminates the information.

7. Creates strategic advantage for an organization such as cost reduction, product

differentiation, etc with end result being higher profitability

The following are some of the disadvantages of MIS:

MIS is highly sensitive: MIS is very helpful in maintaining logging information of an

authorized user. This needs to monitor constantly.

Quality of outputs is governed by quality of inputs.

MIS budgeting: There is difficulty in maintaining indirect cost and overheads.

Capturing the actual cost needs to have an accrual system having true costs of outputs

which is extremely difficult. It has been difficult to establish definite findings.

MIS is not flexible to update itself for the changes.

The changes in the decision of top level management decrease its effectiveness.

Information accountability is based on the qualitative factors and the factors like

morality, confidence or attitude will not have any base.

2.3. Function of MIS

The main functions of MIS are:

Data Processing: Gathering, storage, transmission, processing and getting output of the

data. Making the data into information is a major task.

Prediction: Prediction is based on the historical data by applying the prior knowledge

methodology by using modern mathematics, statistics or simulation. Prior knowledge

varies on the application and with different departments.

By Gitau G.K., 10

Planning: Planning reports are produced based on the enterprise restriction on the

companies and helps in planning each functional department to work reasonably.

Control: MIS helps in monitoring the operations and inspects the plans. It consists of

differences between operation and plan with respect to data belonging to different

functional department. It controls the timely action of the plans and analyzes the

reasons for the differences between the operations and plan. Thereby helps managers

to accomplish their decision making task successfully.

Assistance: It stores the related problems and frequently used information to apply

them for relative economic benefits. Through this it can derive instant answers of the

related problem.

2.4. MIS Characteristics in General

It supports transaction handling and record keeping (Transaction Processing Systems

and office automation systems).

It can be integrated with organization wide Database Management System (DBMS)

which supports centrally all major functional areas of an organization. This will receive

data collected from various operation’s Transaction Processing Systems (TPS)

From the DBMS various managers can interrogate the MIS to obtain information for

operational, tactical, and strategic level managers with east access to timely

It supports decision –making function especially acting as a data source for the middle

level Decision Support Systems (DSS) for aiding them in their semi-structured

decisions.

It is flexible which is needed to adapt to the changing needs of the organization.

It promotes security system by providing only access to authorized users.

MIS not only provides statistical and data analysis but also works on the basis on MBO

(management by objectives). MIS is successfully used for measuring performance and

making necessary change in the organizational plans and procedures. It helps to build

relevant and measurable objectives, monitor results, and send alerts.

3. CHAPTER 3: SYSTEMS APPROACH TO PROBLEM SOLVING AND ITS APPLICATION IN

MANAGEMENT

3.1. What is systems approach?

The systems approach is a problem solving technique that stresses a systematic process of

problem solving. Problems and opportunities are viewed in a systems context. Studying a

problem and formulating a solution becomes an organized system of interrelated

activities;

1. Define a problem or opportunity in a systems context.

2. Gather data describing the problem or opportunity

3. Identify alternative solutions.

4. Evaluate each alternative solution.

5. Select the best solution.

6. Implement the selected solution.

7. Evaluate the success of the implemented solution.

By Gitau G.K., 11

These activities and steps of the systems approach can be grouped into a smaller number

of stages of problem solving:

a. Understanding a problem or opportunity (steps 1 and 2).

b. Developing a solution (steps 3 through 5).

c. Implementing a solution (steps 6 and 7).

3.2. Understanding a Problem or Opportunity

To solve a problem or pursue an opportunity requires a thorough understanding of the

situation at hand. This implies viewing the problem/opportunity in a systematic fashion

within a systems context.

1. Defining Problems and Opportunities. Problems and opportunities must be identified

when using the systems approach. Symptoms must be separated from problems.

Symptoms are merely signals of underlying problems.

a. A problem is a basic condition that causes undesirable results.

b. An opportunity is a condition that presents the potential for desirable results.

2. Gathering Data and Information. Data and information need to be captured to gain

sufficient background into the problem or opportunity situation. In the context of a

business systems problem, information gathering may encompass the following:

a. Interviews with employees, customers, and managers.

b. Questionnaires to appropriate end users in the organization.

c. Personal observation or involvement in business operations.

d. Examination of documents, reports, procedures manuals, and other

documentation.

e. Inspecting accounting and management reports to collect operating statistics,

cost data, and performance results.

f. Development, manipulation, and observation of a model of the business

operations or systems affected by the problem or opportunity.

Identifying Current Organizational Systems. In the systems approach, a problem or

opportunity must be viewed in a systems context. To understand a problem or

opportunity, you must understand both the organizational systems and environmental

systems in which a problem or opportunity arises. You must have a systemic view of

the situation.

a. A Business as a System. A business faced with a problem or opportunity needs

to be viewed as an organizational system operating within a business

environment. This concept helps us isolate and better understand how a

problem or opportunity may be related to the basic system components of a

business.

b. Environmental Systems. A business is a subsystem of society and is surrounded

by other systems in the business environment. Proper interrelationships with

the economic, political, and social stakeholders within the environment should

be maintained. These stakeholders that interact with a business need to be

identified, to determine their effect on a problem or solution.

By Gitau G.K., 12

c. Organizational Subsystems. Typically a business is subdivided into subdivisions

that compose the organizational subsystem.

i. These typically represent functional areas such as marketing,

manufacturing, and finance, but can also represent geographic areas,

product lines, distribution facilities, work groups, etc.

ii. Decomposition is the process of identifying the boundaries of

subsystems within a business and determining the relationships

between the subsystems. Those subsystems most affected by the

problem or opportunity under consideration need to be identified.

d. Relationships Between Systems. A black box approach aids systems

professionals in analyzing the relationships and interconnections between

subsystems within the firm. In other words, the processing component remains

a black box while inputs and outputs of subsystems are studied.

i. Coupling - the process of determining how tight the function of

subsystems are connected. e.g., JIT - requires a close association between

inventory control and manufacturing.

ii. Decoupling - the process of loosening the connections between systems.

e.g., E-Mail may loosen communications connections within the

organization. People can be more efficient by having differing avenues of

communication available to them.

e. Evaluating Selected Systems. To understand a problem and solve it, you should

try to determine if basic system functions are being properly performed. This

should be done within a systems context by looking at inputs, processing,

outputs, feedback, and control structures.

f. Determining Objectives, Standards, and Constraints - a systems approach must

determine firm objectives, identify standards, and recognize constraints.

3.3. Developing a Solution

Once you understand a problem or opportunity, you can develop an appropriate solution.

3. Designing Alternative Solutions. Jumping immediately from problem definition to a

single solution limits your options and robs you of the chance to consider the

advantages and disadvantages of several alternatives. Of course, having too many

alternatives can obscure the best solution. Alternative solutions may come from past

experience, advice of others, simulation of business operations models, and your own

intuition and ingenuity. The "doing nothing" option is also a valid alternative.

4. Evaluating Alternative Solutions. To identify the best solution, the proposed

alternatives need to be evaluated. The goal of evaluation is to determine how well each

alternative solution helps the firm and its selected subsystems meet their objectives.

a. Evaluation criteria - should reflect the firm's objectives and constraints.

b. Cost Benefit Analysis - Every legitimate solution will have some advantages or

benefits, and some disadvantages or costs. This process identifies the benefits

and costs associated with each alternative solution.

By Gitau G.K., 13

i. Tangible costs - quantified costs such as Hardware, Software and Staff

Salaries.

ii. Intangible Costs - difficult to quantify such as Customer goodwill,

Employee morale caused by system errors and Installation/conversion

problems.

iii. Tangible Benefits - favorable results that the firm has attained such as

Decrease in payroll and Decrease in inventory carry.

iv. Intangible Benefits - hard to estimate and include better customer

service, and better delivery of customer request(s).

5. Selecting the Best Solution. Once all alternative solutions have been evaluated, they

can be compared to each other, and the "best" (most desirable) solution can be

selected. Since the solutions are compared based on multiple criteria (some of which

may be intangible), this selection is not always a simple process.

3.4. Implementing a Solution

6. Implement the selected solution. Once a solution has been selected, it must be

implemented. An implementation plan may have to be developed. A project

management effort may be required to supervise the implementation of large projects.

Typically, an implementation plan specifies the activities, resources, and timing needed

for proper implementation. This may include:

a. Types and sources of hardware and software.

b. Construction of physical facilities.

c. Hiring and training of personnel.

d. Start-up and operating procedures.

e. Conversion procedures and timetables.

7. Post implementation Review (Evaluate the success of the implemented solution). The

focus of the post implementation review is to determine if the implemented solution

has indeed helped the firm and selected subsystems meet their system objectives. If

not, the systems approach assumes you will cycle back to a previous step and make

another attempt to find a workable solution.

3.5. Applying the Systems Approach to Information Systems.

A variety of information systems development methodologies tailor the systems

approach to the process of developing information systems solutions to business

problems. A firm may experience difficulties in applying the systems process to IS due

to: Lack of User Acceptance due to Departmental/unit and/or emotional conflicts, and

the Rapidly changing environmental conditions.

4. CHAPTER 4: INFORMATION SYSTEMS DEVELOPMENT

Systems Development Life Cycle (SDLC) or sometimes just Systems Life Cycle (SLC) an

Information Systems Development process, used by a systems analyst to develop information

systems of high quality that meet or exceeds customer expectations, within time and cost

By Gitau G.K., 14

estimates, works effectively and efficiently in the current and planned information technology

infrastructure, and is cheap to maintain and cost-effective to enhance. SDLC is a systematic

approach to problem solving and is composed of several phases, each comprised of multiple

steps: systems investigation (systems planning), systems analysis, systems design, systems

implementation and post implementation support and maintenance. Due to this sequencing of

phases it is also referred to as the waterfall model.

4.1. Systems investigations or planning

Systems investigations or planning are triggered by a user request. It may be initiated by

user in the user department or an external environment entity such as government, supplier

or customer or a new technology change that demands overhaul of systems, etc. When this

occurs a feasibility study should be conducted to determine the extent of the problem –

whether the problem really exists, its extent and what happen if the problem is not tackled.

The feasibility study aims to establish whether the problem should actually be solved. One

conclusion might be that the problem is too expensive to solve or it is not worthy, or there is

no adequate technical capacity to solve it. A decision may be made to buy, lease or outsource

or not to buy all together. Areas of feasibility include;

1. Financial feasibility: This aims to establish what are the financial costs for solving the

problem and what are the benefits (cost benefit analysis) of solving it.

2. Technical feasibility: Does the necessary technical capacity exist to solve the problem,

can it be hired or procured?

3. Operational feasibility: Can the system work in the organization given existing

systems?

4. Other feasibility may include social, environmental, political, etc.

4.2. Systems analysis

Systems analysis involves establishing the requirements for solving the problem; such as

what technology will be required, what are the financial costs or budget, when to implement

or deliver the solution, etc. The completion of this exercise is marked by a SYSTEMS

REQUIREMENTS document. This document will act as the invitation for bidders or Request

for Quotations (RFQ) to suppliers. The systems analysis may be done by a systems analyst

from the IT department or by an external consultant.

4.3. Systems design

Once the suppliers bid for supply of the system detailed in the SYSTEMS REQUIREMENTS in

the Invitation to Bid, the suppliers will detail their proposed solutions in line with the systems

requirements. This document is called SYSTEMS SPECIFICATIONS. The systems specification

document details what systems the supplier proposes to deliver to meet the systems

requirements. The specifications should meet or exceed the systems specifications and should

be within the budget of approved by the procurement committee. As an aid to communication

the supplier may provide a prototype either a demo version of the system or schematic

drawing of the workings of the system. Once the procurement team is satisfied with the

By Gitau G.K., 15

bidder’s proposal they will draw the purchase order which will act as the contract document

for the supplier. It will outline the Terms of Reference for the contractor and will be used to

evaluate the final system that will be delivered. The system specifications act as the

BLUEPRINT for the systems design. Further design includes both the logical and the physical

design. The logical design is the development of specifications while physical design is the

building and testing of the system upon approval by the client.

4.4. Systems implementation

Systems implementation refers to the delivery of the ordered system when the system goes

live. This is completed by a project team comprising of members from the contractor and the

client department. In order to enhance success and acceptance of the final system, this stage

beside the other stages must include representatives for the affected user departments as well

as the IT department who will be charged with maintaining the system. For continuity the

system could be implemented on phased implementation, pilot change over direct changeover

or parallel changeover. Phased implementation may involve piecemeal implementation over a

duration of time, pilot change over may involve scaled down number of departments to

ensure it works before it is implemented full scale. Direct changeover is when the system is

implemented over the entire organization at one go. It is very risky in case the system fails but

is quick and cheap. Such changeover should be done during low season of the system usage.

Parallel changeover is when both the old and the new systems are run simultaneously until

the team is confident the users have learnt and the system is satisfactory for live running. A

team of data conversion may be required to convert data from the old system to the new

system. The new system is signed off upon confirmation that it has met the systems

requirements and that the contractor has met the specifications. System implementation also

involves user training. The system delivered should include systems documentations which

become an aid to training and future support. They include systems technical manuals, user

manuals and operational/procedure manuals. During this stage if the contractor encounters

change in specifications they must apply for change request authorization from the

procurement team of the organization.

By Gitau G.K.,

4.5. Post Implementation Review and Support

Post Implementation Review and Support

after the system has gone live and the contractor has signed off. Whether the contractor is

legally bound to continue providing support services after delivery depends on the

specifications of the Warranty document and any Service Level Agreements (SLA) established.

For continuity the organization should sign for Scheduled Preventive Maintenance (SPM).

Further to strengthen the internal capacity for support the organization should establish a

help desk or an information centre. A help desk is a team of ICT support who have been

trained on the new system whereas an information centre is a centre that provides

information to a user’s community on frequently asked questions. It may be an office or even

a web based FAQ. The supplier may also complement support by online chats, email support

and telephone support and to some extent site visits.

Post Implementation Review and Support

Post Implementation Review and Support refers to the services that the users may request


continue providing support services after delivery depends on the



strengthen the internal capacity for support the organization should establish a



mation to a user’s community on frequently asked questions. It may be an office or even


and telephone support and to some extent site visits.

16

refers to the services that the users may request


continue providing support services after delivery depends on the



strengthen the internal capacity for support the organization should establish a



mation to a user’s community on frequently asked questions. It may be an office or even


By Gitau G.K., 17

5. CHAPTER 5: COMPUTER HARDWARE

5.1. Definition

Hardware refers to the computer’s physical equipment. They include input devices, the

processor, output devices, and storage devices. Hardware can also include data

communication equipment, also called networking equipment.

5.2. Input Devices

Input Devices are used to enter raw data into the system. They include devices for manual

human input (keyboard, mouse, trackball, touch screens) and dde - source data automation

(interactive touch screens, magnetic card readers, optical recognition, and voice recognition).

Data may be stored for batch processing or processed immediately. Data may be in a form

acceptable for another machine or usable by people

5.3. Processor Unit

Processor Unit includes primary storage and the CPU (control unit and arithmetic/logic unit).

The control unit includes instruction registers and control circuits. The control unit

(along with the main memory) makes possible the stored program concept of

computer operations. The control unit interprets program instructions; control circuits

are activated to complete operations and results are stored. The arithmetic/logic unit

(ALU) performs all mathematical computations and logical comparisons. Data are

transferred as needed from main memory to the arithmetic/logic unit for manipulation

and then returned to main memory for additional processing or output.

The CPU physically is a microprocessor that includes the control unit and

arithmetic/logic unit mounted on a silicon chip. A multiprocessing operation mode is

possible when a computer contains more than one microprocessor.

5.4. Output devices

Output devices produce results of processed data and relay it to the user. The output format

can be a hard copy or softcopy. Softcopy output that can be viewed on a monitor or heard over

speakers while a hardcopy is a physical or tangible output printed or plotted on paper.

Softcopy output devices include; visual display units and audio output devices. There are

several varieties of display units (also called monitors or computer screen). These include

CRT monitors and TFT monitors. CRT monitors are huge and bulky. They consume a lot of

office space and electricity and the technology has been phased out. TFT monitors are smaller

and flat. They consume less office space and are available in different sizes and technologies.

Hardcopy devices include printers and plotters. Plotters produce their output by drawing.

They are mainly used in architectural drawings and with scientific equipments. However,

printers have wide application in business for printing out office documents. Printers can be

impact or non-impact printers. Impact printers use a hammer mechanism and are therefore

noisy but suitable for producing duplicate or multiple documents. Impact printers are

represented by dot matrix printers. They are called dot matrix printers because they produce

their output in form of matrix of dots by the hammering mechanism and print ribbon. Such

By Gitau G.K., 18

printers are commonly used by banks and other businesses to produce customer statements

and other transaction documents such as deposit or withdrawal slips in a bank (as POS

printers, also called E-POS (Electronic Point of Sale) printers). Non-impact printers on the

other hand are noiseless and use a variety of technologies to produce their print output. Non-

impact printers include inkjet printers, laserjet printers, thermal printers and bubblejet

printers. Inkjet printers produce their output by use of liquid ink released in small jets from a

cartridge. They are the cheapest options for small offices and home use especially for color

printing or multi-functions such as copying, printing and scanning. However, ink cartridges

print yield is low - some modifications to use continuous ink supply system (CISS) are

available that provide an external ink reservoirs for refilling is available, to create high yield

and economical output in a commercial setup. Laserjet printers user laser beams, light

sensitive magnetic drum and powdered ink called toner cartridge, with heat roller mechanism

to produce glossy and high quality printout. They are expensive but best choice for quality

office documents both in monochrome printing and color printing. They may also be available

in multi-function including copy, print and scan functions. Thermal printers produce their

print by use of heat sensitive paper and thermal transfer unit. They are commonly used as

POS (or E-POS) printers in retail outlets, and ETR printers. However, their print copy fades

with time as exposed to light. Bubblejet printers on the other hand are supplied in small

portable printers for off-the road print out. They produce their copy by use of inkjet bubbles.

Usually the do not need external power for they can be powered by the USB port of the

computer or laptop. They are not suitable for commercial application.

5.5. Storage Devices

Storage Devices are divided into primary and secondary storages also called auxiliary storage.

Primary storage includes Read Only Memory (ROM) and Random Access Memory (RAM).

ROM contains the manufacturer’s firm ware but the RAM provides the computer’s working

memory. The secondary storage is used for data that are saved for future processing.

Processed data are saved using unique file names to identify the information or program.

Common devices include magnetic disk, optical disc, DVD, USB flash drive, and magnetic tape.

5.6. Networking equipment

Data Communication and Networking equipment: These are devices used for interconnecting

of computers and data communication. They include modems, network switches, network

cards, routers, bridges, LANs and WANs, Wi-Fi, etc.

5.7. Types of Computers

A computer is a programmable electronic device that receives data to process it using some

set of instructions to produce information. There are two basic categories of computers

namely, analog and digital computers, but a third category can also be available by combing

the two types to create a hybrid computer. Analog computers are computing or tabulating

devices that provide continuous measurement of a quantity or physical matter such as an

analog clock, analog microwave, analog weigh scale, etc. These equipment have limited

application in business and are actually not included in the day to day conversation about

computers. The digital computer is represent data and signal in a two state electrical circuit;

By Gitau G.K., 19

OFF or ON which is translated into two digits 0 or 1 which are referred to as Binary Digits

(abbreviated as BITS). This is the modern meaning of a computer device.

Therefore, today’s computer systems fall into one of the following categories:

1. Supercomputers

2. Mainframe Computers

3. Minicomputers or Midrange Computers

4. Microcomputers

Supercomputers:

• Most powerful computer made

• Physically they are the largest

• Process huge amounts of data

• Can house thousands of processors

• Relatively rare because of size and cost.

• Used by large corporations, universities and government agencies.

Mainframe Computers

• Used in large organizations like insurance companies, and banks where many people

need frequent access to the same data, which is usually organized into one or more

databases.

• Airlines, Government Agencies (Federal Aviation Administration and Census Bureau)

track information about large populations, individual tax records, payroll, and more.

• Are being used more and more as specialized servers on the World Wide Web,

enabling companies to offer secure transactions with customers over the Internet.

• Many enterprises are connecting personal computers and personal computer

networks to their mainframe system. This allows access to the mainframe data and

services and also enables them to take advantage of local storage and processing, as

well as other features of the PC or network.

• Houses an enormous volume of data (literally billions of records)

• Mainframe can occupy entire rooms or even an entire floor of a high-rise building.

Special air conditioning systems are used to keep them cool and on raised floors to

accommodate all the wiring needed to connect the system.

Minicomputers

• Abbreviated version of mainframe computers.

• The capabilities are somewhere between mainframes and PC.

• Minicomputers can handle much more input and output than personal computers can.

• Designed for a single user, most are designed to handle multiple terminals.

• Can be used as a server for PC’s

Microcomputers

• The microcomputer is “the computer for the masses” and personal computing

By Gitau G.K., 20

• Microcomputers include the following types: Desktop models, including workstations,

notebook computers (laptops), Network Computers (netbooks), Mini laptops and

Handheld personal computers, PDAs

6. CHAPTER 6: COMPUTER SOFTWARE

6.1. Types of software

Computer software refers to the set of instructions that are used by the computer for its data

processing. Software can be categorized into systems software and application software.

6.2. System Software

System software: refers to a collection of software required by the computer to perform its

own internal process. This software includes firmware, operating systems and utility

programs.

6.3. Firmware

These are native programs that are loaded to the computer at the point of manufacture and

are embedded as a part of the computer basic configuration in Read Only Memory (ROM) chip

or its variance equivalent. These programs perform Basic Input Output Systems (BIOS)

functions such as performing Power-On Self Test (POST) or Pre-Operational Self Test when

the computer is powered on. In absence of an operating system the firmware will load and

await further instructions of the system administrator on the location of the operating system.

They may also include various system drivers and hardware equipment drivers supplied by

equipment manufacturer.

6.4. Operating systems

Operating systems: refers to programs that support the basic functions or operations of a

computer system. Examples of operating systems include Ms Windows, UNX, Mac Os, Novell

Netware, etc. These functions including;

i. Booting a computer (i.e. preparing a computer for use by initializing its hardware and

software resources)

ii. Providing user interface: or the human computer interface that enables interaction of a

computer user with the computer system e.g. Windows Graphical User Interface (GUI) using

Windows Icon Menu and Pointer (WIMP) interactions

iii. Managing memory of the computer: It allocates how the computer memory is utilized

during processing

iv. Hardware and software interface: The operating system provides a platform to load

hardware drivers and help various hardware added to the computer system to interact with

the software

v. System resources management (Interrupt request handling): these include all the

resources of the computer apart from the memory management. Each resource in the

computer is assigned a unique identity code called IRQ that identifies the priority given to that

resource when it calls for attention from the processor

vi. Error handling: during processing the operating system responds to errors that may

arise such as output device missing, memory overflow, etc.

By Gitau G.K., 21

vii. Security management: The operating system includes access controls and

authentication mechanism to ensure the system maintains its integrity and data reliability

and is secure from unauthorized access

6.5. Utility programs

These are programs that expand the capacity of the computer by providing other additional

services. They include software developers’ tools such as programming languages –

compilers, debuggers, linkers, translators, and assemblers; systems tools and accessories

such as antivirus, backup and restore, media players, CD burning software, Adobe Reader,

Games, etc.

6.6. Application software

These are user programs that have been developed to deliver a specific functionality for what

a user does in his or her day to day operations. This means the application software required

by the computer depends on who the user is. Accountants need accounting software,

statisticians need statistical packages, school needs a school management system, etc. Further

application software is categorized according to nature of its distribution. If the package is

available as off-the-shelf then it is referred to as application package, examples include Ms

Office packages, QuickBooks, SPSS, etc. If it is tailor-made by in-house development of hired or

internal team of software developers it is called be-spoke software. Application packages are

cheap for they are mass produced but may not be adequate for unique functionalities of an

organization. However, be-spoke software is expensive and many times the developers may

choose to package is to sell to other similar organizations.

Depending on the terms of sale, software may also be commercial or open-source.

Commercial software is available for sale and cannot be duplicated or altered without the

authority of the owner. Such acts of illegal reproduction are referred to as piracy. However,

open-source software is free to use and to modify. However, owners of the software may

change for some special rights on services such as installation and support. Over the Internet

a number of software can also be downloaded as freeware, shareware, demo versions or

commercial software. Freeware are absolutely free to use. Shareware are copyrighted and

shared free of charge but a donation may be expected or some limitations may exist if you use

it regularly, demo versions are commercial softwares given as trial version to use for a period

of time or with limited functionality or with a penalty of carrying developers banner ads.

However, one is expected to purchase the commercial version after working with the demo

version.

6.7. Application Packages Used to Support End-User Computing

These refer to a number of application packages used for office automation and by knowledge

workers. They can be classified into;

i. Word processors

ii. Spreadsheets

iii. Databases

By Gitau G.K., 22

iv. Presentation graphics

v. Desktop Publishing packages

vi. Photo and Video editors

vii. Statistical packages

viii. Accounting packages, etc.

7. CHAPTER 7: DATA RESOURCE MANAGEMENT

7.1. Transaction Processing Systems

A transaction processing system performs routine, day-to-day operation of a business that

helps a company add value to its products and services.

� It requires a large amount of input data and produces a large amount of output without

requiring sophisticated or complex processing.

� Examples are, order entry, inventory control, payroll, accounts payable, accounts

receivable, and general ledger.

� An automated TPS consists of all the components of a CBIS such as hardware, software,

databases, telecommunication, people, and procedures.

� A transaction processing system serves the foundation of other systems, such as MIS, DSS,

and AI/ES. These systems handle less input and output, but more sophisticated and complex

processing.

7.2. Transactions Processing Methods

Transactions are commonly performed in batch or on-line.

Batch Processing

� With batch processing, business transactions are accumulated over a period of time and

prepared for processing as a single unit or batch.

� There is some delay between the occurrence of an event and the processing of the event.

� Examples are, payroll processing, billing, accounts payable, and accounts receivable.

On-Line/Real-Time Processing (OLTP)

� With this form of data processing, each transaction is processed immediately, without the

delay of accumulating transactions into a batch.

� As soon as the input data is available, a program performs the necessary processing and

updates the records affected by the transaction.

� Data in an OLTP always reflect the current status.

On-Line Entry with Delayed Processing

� This type of transaction is a compromise between the batch and on-line processing.

� With this type of transaction, orders or transactions are entered into the computer system

when they occur, but they are not processed immediately.

� Example: A typical mail order system in which orders are accumulated and then it is

forwarded to a warehouse for shipment.

By Gitau G.K., 23

Integrated Transaction Processing System

� A firm may integrate all its business activities into a single transaction processing system.

It involves inventory control, order entry, shipping, invoice processing, accounts receivable,

purchase orders, accounts payable, payroll processing, general ledger, and budget.

7.3. Objectives of Transaction Processing Systems

Because of the importance of the transaction processing system, organizations expect their

TPSs to accomplish a number of specific objectives.

Process data generated by and about transactions

� The primary objective of any TPS is to capture, process, and store transactions and to

produce a variety of documents related to routine business activities.

� Processing orders, purchasing materials, controlling inventory, billing customers, and

paying suppliers, result in transactions that are processed by a TPS.

Ensure data and information integrity and accuracy

� One objective of any TPS is error-free data input and processing.

� Rules must be in placed and implemented in the programming to ensure data accuracy

before it is stored.

� Another of a TPS is to ensure that all data and information stored in the file or database

are accurate, current, and appropriate.

Produce timely documents and reports

� Transaction processing systems produce routine documents such as order slip,

shipping order, invoice, purchase order, inventory status report, inventory on-hand report,

customer list, paycheck, and so on.

� These documents need to be produced in timely manner to perform routine business

transactions.

Increase labor efficiency

� Transaction processing system can substantially reduce routine clerical and other

labor requirements.

� An automated scanning device in a retail store can substantially reduce the item

processing time. This not only increases checkout efficiency but also a reduction of the

manual workforce.

Help provide increased and enhanced service

� TPSs can provide services faster than humans, thus increasing the number and

varieties of services it can offer to customers.

� Examples are, automated university registration system, automated billing inquiries,

automated bank account transfers, and so on.

Help build and maintain customer loyalty

� TPS can be used to build customer loyalty.

By Gitau G.K., 24

� Examples are, ease of use of the system, easy access of customer account, timely

reporting of information, automated telephone answering and faxing, and web-based

information processing, can help satisfy customers.

Achieve competitive advantage

� A competitive advantage provides a significant and long-term benefit for the

organization.

� For example, UPS and FedEx systems keep track of a package at each stage of its

traversal. Customers can use a tracking number to find the latest status of the package.

� Some of the ways that companies can achieve competitive advantage are mentioned

below.

7.4. Transaction Processing Activities

All transaction processing systems performs a common set of basic data processing activities.

TPSs capture and process data that describe fundamental business transactions. This data is

used to update databases and to produce a variety of reports.

7.5. Transaction Processing Cycle

The business data goes through a transaction processing cycle that includes: Data Collection,

Data Editing, Data Correction, Data Manipulation, Data Storage and Document Production

Data Collection

� The process of capturing and gathering all data necessary to complete transactions is

called data collection.

� It can be manual such as completing a purchase order by hand. It can also be automated

via special input device such as scanners and terminals.

� Data collection begins with a transaction (such as customer order) and results in the

origination of data that is input to the transaction processing system.

� Data should be captured at its source and it should be recorded accurately, in a timely

fashion, with minimal manual effort, and in a manner that can be directly entered to the

computer rather than entering using keys.

� Automatic data collection is termed as source data automation. An example is the use of

scanning device at the grocery store to read UPC code and hence the price of an item. Another

example is an employee badge used as a time card when going in and out of an office building.

Data Editing

� An important step in processing data is to check for validity and completeness of data.

Controls must be placed in the data-entry form.

� For example, quantity and cost must be numeric and names must be alphabetic.

By Gitau G.K., 25

Data Correction

� A data that is not entered properly needs to be entered correctly.

� Data correction involves reentering miskeyed or misscanned data in the data entry point.

� For example, a UPC code not found in the retail store checkout, is given a special code to

complete the transaction for an item.

Data Manipulation

� The process of performing calculations and other data transformations is termed data

manipulation.

� Examples are, sorting data, summarizing data, finding price of five items, calculating

employee weekly pay, and so on.

Data Storage

� Involves updating one or more database tables or files with new transactions.

� For example, inserting new customer information, updating customer demographics,

updating inventory transactions, creating new student registration, and so on.

Document Production

� TPSs produce important business documents such as sales receipts, order entry list,

customer list, invoices, purchase orders, inventory on-hand report, paychecks, and so on.

� Documents can be hard copy paper report or displayed on computer screen.

By Gitau G.K., 26

7.6. Traditional Transaction Processing Systems

Traditional transaction processing systems include order processing, purchasing, and

accounting. Systems that support these processing are mentioned in the table. We describe

these systems in detail in the following.

Accounts Receivable

• A system that manages the cash flow of the company by keeping track of the money paid

by the customers and other companies for goods and services sold to them.

• The major output of the accounts receivable system is monthly bills or statement sent to

the customers. See below.

• Transactions created by accounts receivable system updates general ledger accounts.

• It is also used to generate reports for “aged” accounts, for which payments are overdue by

30, 60, or 90 days. Reminder notices are created for these accounts.

• An important function of the accounting system is to identify bad credit risks. Thus

companies routinely checks customer credit before accepting a new order.

Accounts Payable

• A system that manages the cash flow of the company by keeping track of the money paid

to the company on purchases and services received and produces reports such as Accounts

Receivable Aging Report.

Payroll

• Generates payroll checks and stubs, as well as W-2 statements at the end of the year

for tax purposes.

• This can be outsourced to an external company. In this case, the employee file (with

weekly hours and pay rate) is sent to the company and the company deliver the checks.

• In addition, payroll processing produces employee journal containing various earning

factors as shown in the figure.

General Ledger

• A system that produces a detailed list of business transactions designed to automate

financial reporting and data entry.

8. CHAPTER 8: DATABASE MANAGEMENT SYSTEMS

8.1. Introduction of Database Management Systems

The guiding principles of TPS systems are: to create data that is current, up-to-date, accurate,

and consistent. To achieve these goals, these systems employ Database Management System

(DBMS) software. A DBMS is a system for managing a collection of related records. It allows

the data to be stored and managed in a single file and thus facilitates the centralized retrieval

of the data. It collects, stores and manipulates data (data input screens; Edit/Deletion of data

screen) and disseminates information (executes queries and creates reports). The DBMS also

allows the user to query the database and retrieve the data specific to his/her needs. One of

the primary advantages of DBMS is its ability to limit and control redundant data in multiple

By Gitau G.K., 27

systems. Instead of the same data field being repeated in different files, the information

appears just once. Another advantage of DBMS is that it improves data integrity. Updates are

made only once, and all changes are made for that data element no matter where it appears.

8.2. Types of Databases

Manual System - Customer Ledger Cards; Check Book Green Ledger

File-Processing System – Majority of Transaction Processing Systems

Microcomputer DBMS - Single-User Database System

Client/Server DBMS - Multiple-Users on the same LAN

Internet DBMS - Multiple-Users from different locations using Web to share data

Distributed DBMS - Multiple-Servers sharing the data processing load (bank)

Object-Oriented DBMS - processing/data management of objects (new engineering)

What are some of the reasons for implementing a database system?

• Improve Data Integrity

• Elimination of duplication of data

• Data sharing

• Centralizing file maintenance

• Ease of creating information

• Improve data consistency

• Improve data accessibility and responsiveness

What are some of the PROBLEMS with moving from a manual to a computerized DBMS?

o Special personnel

o Cost (New Hardware/Software)

o Conversion Costs (training, duplication of systems)

o Problems with change

Manual System -

Why? Unknown business rules or data needs; very small effort

Problem? Data sharing; Accuracy of data dependent on user

File-Processing System -

Why? Linear data; used for a single purpose

Problem? Inability to create relationships with other data

Microcomputer DBMS - Single-User Database System

Why? Accounting data; relational data; improve data integrity

Problem? Time; level of effort; some business rules can't be modeled; changing

environment; New developments in third-party software

Client/Server DBMS -

Why? Multiple-Users need to share/input data

Problem? Concurrency control issues; data locking Yes/No

Internet DBMS -

By Gitau G.K., 28

Why? Users can share/input data from any terminal with Web access; no special

software needed; multi-site businesses allow customers and vendors to interface

directly

Problem? Harder to control; other people in your data; data corruptions; not all

business functions on Web; combining data for reporting

Distributed DBMS - sharing the data processing load

Why? Business cannot allow system downtime; banks, airlines

Problem? Cost in hardware, software (requires middleware) and staff

Object-Oriented DBMS -

Why? Intensive object processing (heat-loss photos)

Problem? Difficult to use; limited supply of experts; not cost effective to move from

existing system

The other way of classifying types of databases is by their data model. A data model is the

intangible form in which data is stored. It is kind of like the structure of a database, but data

models are only a theoretical idea; they are abstract concepts that you cannot touch. Data

models are used to describe how the data is stored and retrieved in a database. Now, we will

discuss a few of the types of data models.

8.3. Flat-file Database Model or Relational Database:

The flat-file data model is generally used by the old paper-based databases. In this system,

data was stored in numerous files. However, the files were not linked, so often, data might be

repeated in more than one file. This caused everything to be quite redundant. The original

"database," flat-file databases inspired scientists to find a way to link files so that they would

not be repetitive. Example is Ms Access.

8.4. Hierarchical Database Model:

The hierarchical database model took steps to get rid of the repetitiveness of the flat-file

database model, but although it was somewhat successful, it did not completely succeed.

There is still a level of redundant data in hierarchical databases.

A hierarchical database consists of a series of databases that are grouped together to

resemble a family tree:

By Gitau G.K., 29

Each of the boxes in the diagram represents one database. The top database in the

hierarchical model is called the "parent" database. The databases under it are called "child"

databases. One "parent" can have many "children," but a "child" can only have one "parent."

The child databases are all connected to the parent database via links called "pointers."

To get to a child database in the hierarchical database model, you must first go through the

parent database, and then through the levels above it. If you have Microsoft Windows, you

might realize that this is how Windows Explorer works. First, you open up a file- usually it's

"My Computer." Under "My Computer," you can then choose from a list of drives.

Notice in the diagram above how the child databases on the same level are not connected.

This presents a problem in the hierarchical database model and makes searching for data

extremely difficult. Another problem is that data cannot be entered into the child databases

until that field has been added to the parent database. This method was quite inefficient. Thus,

although the hierarchical database model reduced some repetitiveness of data, it also

presented many new problems. Hierarchical structures were widely used in the first

mainframe database management systems. However, owing to their restrictions, they often

cannot be used to relate structures that exist in the real world.

8.5. Network Database Model

The network database model was designed to help resolve some of the hierarchical database

model's problems. For one thing, it allowed for links between the child databases. This no only

reduces the chance of redundant data, but also makes searching for data much easier!

Another improvement of the network database model over the hierarchical model is that

while in the hierarchical model a child database can only have one parent, in the network

model, a child database can have more than one parent! However, the network database

model still had its share of problems. For one thing, it was difficult to execute and maintain.

Only database experts could successfully use these databases. It was difficult for the general

public to use network databases for real-life applications.

By Gitau G.K., 30

One type of network DBMS is a distributed database. A distributed database is a database that

is under the control of a central database management system (DBMS) in which storage

devices are not all attached to a common CPU. It may be stored in multiple computers located

in the same physical location, or may be dispersed over a network of interconnected

computers. Collections of data (e.g. in a database) can be distributed across multiple physical

locations. A distributed database is distributed into separate partitions/fragments. Each

partition/fragment of a distributed database may be duplicated.

The other type of network database is one which is held centrally but can be accessed

simultaneously by many users remotely using a WAN or locally as part of a LAN.

9. CHAPTER 9: TELECOMMUNICATIONS AND NETWORKS

9.1. Types of networks - according to area coverage

A network occurs when two or more computers are connected together, allowing them to

share data and peripherals. A computer which is not connected to any other computer (not

part of a network) is known as a stand-alone computer.

There are two types of networks, these are:

• Local Area Networks (LANs)

• Wide Area Networks (WANs)

9.2. Local Area Networks (LAN) versus Wide Area Networks (WAN)

A Local area network is when a number of computers are connected together which are in

close proximity to each other, such as in an office building, a school or a home.

A Wide area network is when a number of computers are connected together which span a

large geographic area, such as a country or continent. WANs often connect multiple smaller

networks together. Typically a WAN consists of two or more Local Area Networks.

Advantages of Local Area Networks

There are several advantages to interconnecting computers in a network. These include:

• Sharing data and programs such as portable storage media and load it up in each

computer that required it.

• Sharing resources. Instead such as printers attached to each computer, you can attach

the peripheral to the network and it is then linked to each station on the network.

• Management. As everything will be saved on the file server, rather than on the hard disks

of each workstation, it means that centralised back-ups of files are available. It is also possible

to manage stations remotely

• Security. A username and password are needed to access the network, and different

levels of access can be provided to different users.

• Flexible access. You can use any station on the network to access your user space, you

are not restricted to the use of one computer.

• Electronic communication. You can use e-mail and chat systems to communicate with

By Gitau G.K., 31

other network users (either individually or simultaneously). With e-mail you can send

electronic attachments.

• Workgroup computing. This is when many users are working on the same document

simultaneously.

Advantages of Wide Area Networks

Wide area networks have much of the same advantages of local area networks, however some

things like sharing peripherals are not practical (although possible) on a wide area network.

9.3. Types of Network Environment in an Organization

Each computer in the network is known as a workstation (or simply as a station), although

one station on the network will be designated as the file server. This computer will store all

the software that controls the network as well as any software and files that can be shared by

all the computers attached to the network. Generally the file server will be a more powerful

computer (faster processor, more RAM, greater backing storage capacity) than all the other

computers in the network. The stations which contact the server for access to files or shared

resources are known as clients. This network configuration is called a client/server

network.

9.4. Internet

The internet is a global public network of resources that is openly accessible to all. It can be

thought of as many smaller networks connected together.

9.5. Internet Resources (or Services)

The internet provides three main services:

• The World Wide Web, which gives access to remote databases through browsing or

searching

• Electronic mail, which provides one to one (or one to many) communication and

exchange of information

• File transfer, which makes it possible to send and receive large amounts of information.

It also provides several other services including:

• E-commerce

• On-line banking

• On-line shopping

• Chat and instant messaging

• Web logs

• Bulletin boards

• Discussion groups

• Streaming video

• Video conferencing

The World Wide Web (WWW) is a collection of information held in multimedia form on the

internet. This information is stored at locations known as web sites in the form of web

pages.

Browser

A browser is a program that allows a user to read and navigate web pages. The software also

allows pages to be saved or printed. It also stores a history of recently viewed pages, and can

By Gitau G.K., 32

remember web page addresses using bookmarks. Two of the best known browsers are

Internet Explorer and Mozilla Firefox.

Web pages

A web page is a document that usually contains information in the form of text, images and

other multimedia types

Web pages are created using a special language known as HTML (hypertext mark-up

language).

Each web page is stored on a web server and is identified by its unique location (address),

commonly known as its URL (uniform resource locator). Here is an example of a URL:

HTTP://www.computing.com/int2/car.html

Hyperlinks

Some web pages will contain hyperlinks. Typically hyperlinks are used to connect web pages

(in the same or different sites) together. When a hyperlink is clicked, the connected web page

will be retrieved from its server and loaded into your browser.

Search engines

The internet contains millions of web pages on every subject imaginable. The best way to find

information is to use a search engine such as Google.

When you enter a search, you are really searching the database for words that match your

entry. Advanced searches can include operators such as AND or OR to help narrow the

search. The results of the search are placed on a web page that is composed of links and brief

extracts for the original web page. To visit the actual page all you have to do is click on the

hyperlink.

E-mail

Electronic mail (e-mail) is the exchange of computer stored messages by telecommunication.

E-mail messages are usually encoded in ASCII text. However you can also send non-text files,

such as graphic images and sound files as attachments.

The protocol used to retrieve the webpage. Hypertext transfer protocol (HTTP) in this instance.

The domain name which specifies which server has the page. In this case: www.computing.com

The pathname which specifies where the actual page (car.html) is stored on the server.

By Gitau G.K., 33

Many e-mail systems are now web-based. This means that a user can access their e-mail from

any computer that has a connection to the internet. The software used to access the e-mail

may vary, but the same basic principle and functions apply. The user logs onto an e-mail

server with a username and password, before access is granted. To send an e-mail message to

someone you must first have their e-mail address. This is the location of the server on the

internet where the person’s mailbox can be found. An example is given below.

The part before the ’@’ symbol is the local part of the address, which is usually the username

of the person on that server. The part after the ‘@’ symbol (ntlworld.com) is the domain

name, which is often the name of the host e-mail service. Together they make up the e-mail

address of the person to whom the message is being sent.

9.6. Internet Protocol (IP) Addressing

An Internet address or IP address is a digital code that identifies a computer (host) location

on the Internet or LAN. The current standard is IP address version 4 (IPv4), which is a 32 bit

long number represented in the form of four octets (eight-bit or one-byte fields) separated by

dots. Each octet is displayed as a decimal number in the range of 0-255. Examples of valid IP

addresses: 192.168.0.1, 205.245.172.72, 10.1.0.22, etc. An IP address on the Internet or in a

local network must be unique so network packets destined for the host with that address can

find it.

9.7. Data Communication Channels

Data communication channels or the transmission media is how the computers on the

network are connected to one another. In a local area network, the transmission media is

owned by the organisation that owns the LAN. As the stations are relatively close to one

another the stations within a LAN can be connected together using cables or wireless

technologies.

Cables

Cabling is the most common medium through which data is transmitted between stations and

devices in a Local Area Network. Network cables include Ethernet and fibre cables.

Wireless LANs

Instead of connecting network devices with cabling, some networks are wireless. These

networks use high frequency radio waves or infrared beams to communicate between the

network devices. Each station on the network will have a wireless network interface card or

network adapter that allows them to send and receive data wirelessly.

Wireless networks are ideal for places where it is difficult or impossible to install cables. They

are also used with portable or remote workstations. Wireless networks also have some

disadvantages in that they can be susceptible to electrical interference, they are slower than

most cabled technologies and security can also be an issue.

Wireless technologies include Infrared, Bluetooth and WiFi (Wireless Fidelity)

By Gitau G.K., 34

Transmission

media

Twisted pair Coaxial cable Fibre optics wireless

Bandwidth 10 Mbit s-1 500 Mbit s-1 30 Gbit s-1 54 Mbit s-1

Geographical

spread

Small area – in a single building or a site linking buildings which are

in close proximity

Functions • Allows sharing of data files, applications and peripherals

• Can access work from any workstation on network

• Different levels of access can be granted

• Can communicate using e-mail, chat etc

Wide Area Networks

A Wide area network is when a number of computers are connected together which span a

large geographic area, such as a country or continent. WANs often connect multiple smaller

networks together. Typically a WAN consists of two or more Local Area Networks.

Advantages of Wide Area Networks

Wide area networks have much of the same advantages of local area networks, however some

things like sharing peripherals are not practical (although possible) on a wide area network.

Transmission media

Computers connected to a wide area network are often connected through existing public

networks, but they may also be connected through leased lines (permanent telephone

connection between two points). The transmission media used in wide area networks they

include microwave transmission, satellite links, radio and optical fibres.

Summary of WANs

Transmission

media

Fibre optics Microwave Satellite Radio

bandwidth 30 Gbit s-1 100 Mbit s-1 100 Mbit s-1 2 Mbit s-1

Geographical

spread

large area – spread throughout a country or the world

functions • Allows sharing of data files, applications and peripherals

• Can communicate using e-mail, chat and allows video conferencing

• E-commerce

• Entertainment

9.8. Intranets versus Extranets

INTRANETS

1. An intranet is a network inside an organization that uses Internet technologies (such as

By Gitau G.K., 35

web browsers and servers, TCP/IP network protocols, HTML hypermedia document

publishing and databases, and so on) to provide an Internet-like environment within the

enterprise for information sharing, communications, collaboration, and the support of

business processes.

2. An intranet is protected by security measures such as passwords, encryption, and fire

walls, and thus can be accessed by authorized users throughout the Internet.

Intranet applications support communications and collaboration, web publishing, business

operations and management, and intranet management. These applications can be integrated

with existing IS resources and applications, and extended to customers, suppliers, and

business partners to create extranets.

EXTRANETS

Extranets are network links that use Internet technologies to interconnect the intranet of a

business with the intranets of its customers, suppliers, or other business partners. Companies

can:

1. Establish direct private network links between themselves, or create private secure

Internet links between them called virtual private networks.

2. Use the unsecured Internet as the extranet link between its intranet and consumers and

others, but rely on encryption of sensitive data and its own fire wall systems to provide

adequate security.

The business value of extranets is derived from several factors:

∃ The web browser technology of extranets makes customer and supplier access of

intranet resources a lot easier and faster than previous business methods

∃ Extranets enable a company to offer new kinds of interactive Web-enabled services to

their business partners. Thus, extranets are another way that a business can build

and strengthen strategic relationships with its customers and suppliers.

∃ Extranets enable and improve collaboration by a business with its customers and other

business partners.

∃ Extranets facilitate an online, interactive product development, marketing, and

customer- focused process that can bring better designed products to market faster.

9.9. SOCIAL MEDIA IN BUSINESS

Social media refers to online tools and services that allow a user to create public content. It

also allows for the easy sharing of information, including existing content.

Examples of social media include skype, facebook, twitters, blogs, wikis, podcasts, social

networks and Really Simple Syndication (RSS) Feeds, etc.

By Gitau G.K., 36

Classification of Social Media Types

There are many different types of social media (Tredinnick 2006; Kaplan and Haenlein 2010).

These have been identified as blogs, collaborative projects, social networking sites, content

communities, virtual social networks, and virtual game worlds (Tredinnick 2006; Kaplan and

Haenlein 2010).

Blogs

Blogs are the oldest form of social media (Tredinnick 2006; Kaplan and Haenlein 2010). They

can be considered as a special type of website and when initially introduced they were seen as

a way for users to easily publish information to the web (Tredinnick 2006; Kaplan and

Haenlein 2010). They were used as public diaries by individuals, but have grown to other uses

such as providing general information about topics the author wishes to discuss (Tredinnick

2006; Kaplan and Haenlein 2010). Blogs have introduced tools that have allowed publishing

to the web to become easier and cheaper, as websites don't need to be created to start a blog

with tools such as Blogger and WordPress (Tredinnick 2006). A blog consists of the post

provided by the blogger, date-stamped in a chronological order, and a comments section

underneath for feedback and discussion on the post (Godwin-Jones 2003; Kaplan and

Haenlein 2010). Organisations can set up a blog to inform the public about its products and

services, or individuals within the organisation can blog. Microsoft's Larry Hryb, who is

Director of Programming for Xbox Live, uses the pseudo name Major Nelson for his blog and

he releases news about the Xbox and engages with the users that respond to his blog.

Micro-blogging

Micro-blogging is a new technology that has been derived from blogging (Java, Song et al.

2007; Holotescu and Grosseck 2008). Users are allowed to publish information online about

their activities, opinions and status, with a character limit on the message being between 140-

200 characters (Java, Song et al. 2007; Holotescu and Grosseck 2008). Users can post or view

comments through micro-blogging tools such as Twitter, Jaiku and Pownce (Java, Song et al.

2007). These tools can be accessed online, and through SMS messaging (Holotescu and

Grosseck 2008). This allows a user to create or read messages quickly and almost anywhere

they wish. This faster mode of communication is one of the main differences between micro-

blogging and blogging. A second difference is how frequently users can update such a short

message as less thought and time is required (Java, Song et al. 2007). Users are therefore

more likely to update their micro-blog more frequently than their general blog. Users also use

their micro-blog to draw people’s attention to posts they have made at their main blog,

providing a link to the post.

Collaborative Projects

Collaborative projects allow users to create content simultaneously (Kaplan and Haenlein

2010). There are different types of collaborative projects; wikis, like blogs, have been in

existence for a long time, and are intensely collaborative (Godwin-Jones 2003; Tredinnick

2006). The goal of wiki websites is to become a shared repository of knowledge, with the

knowledge base growing over time (Godwin-Jones 2003). Users can add, remove, and change

text-based content (Tredinnick 2006; Kaplan and Haenlein 2010). This puts the power of the

By Gitau G.K., 37

information created with the users, rather than the information coming from a centralised

source (Tredinnick 2006). Wikipedia is an example of a wiki, where users can edit

information on any page, with all the content generated by users. Social bookmarking tools

are another type of collaborative project, where there is a collection of website links and

media content that is generated by groups of users (Kaplan and Haenlein 2010). These links

can be shared and accessed by any users. Delicious bookmarking is an example of social

bookmarking. An extension to these collaborative projects is social news tools. These are a

collection of news stories, or sometimes other links, and users vote the most popular ones up

and the unpopular ones down. This gives the users the power of choosing what links should

be immediately visible. Reddit and Digg are examples of such tools. The main idea of

collaborative projects is the input of many users can lead to a better outcome than an

individual on their own, with more credible and stable content being created (Godwin-Jones

2003; Tredinnick 2006; Kaplan and Haenlein 2010).

Social Networking Sites

Social networking sites are tools that allow users to create a personal profile of themselves

containing information such as their age, location and interests (Boyd and Ellison 2007;

Kaplan and Haenlein 2010). These personal profiles can than be connected with friends and

colleagues, where information can be shared between each other (Boyd and Ellison 2007;

Kaplan and Haenlein 2010). These connections create a network of users, where anyone

connected to the network can view everyone else’s profile, and therefore interact with them

(Boyd and Ellison 2007). Social networks have started attracting organisations, where they

can set up a profile, and communicate with users who add them to their network. Popular

social networking sites are Facebook, MySpace, and Bebo, which have attracted hundreds of

millions of users, who use the sites on a daily basis (Boyd and Ellison 2007; Kaplan and

Haenlein 2010).

Livecasting

“Livecasting is sharing live content with the intent of interacting with a live audience”

(Grantham 2009). While this concept has been in use for many years in organisations with

technologies like Group Decision Support Systems, it is with the introduction of online tools

that enable this concept to reach a much wider audience. Skype is one such tool that allows

users to have live conversations over the internet (Baset and Schulzrinne 2006). These

conversations can have many users interacting, and can include video conferencing. Other

forms include live podcasting, live blogging and videocasting (Gay, Cain et al. 2009).

Journalists are currently using these tools to provide live content to users (Gay, Cain et al.

2009). General users are also using the tools, with live videocasting websites such as

Ustream.tv and Justin.tv.

Content Communities

Content communities consist of users sharing media content between one another (Kaplan

and Haenlein 2010). There is a wide range of different media types, including text, photos,

videos, and presentations (Kaplan and Haenlein 2010). The content is uploaded by users to a

By Gitau G.K., 38

specific website such as YouTube for videos, Flickr for photos and Slideshare for

presentations, and can be viewed and shared with other users. Some content websites have

had a negative impact on organisations as the content uploaded can be illegal, such as the

sharing of music (Kaplan and Haenlein 2010). But because of the size of the communities that

exist with these websites there is great opportunities for organisations to interact with users.

Virtual Worlds

Virtual worlds are 3D environments, where users appear as avatars that they design

themselves, and interact with other users like they would in real life (Kaplan and Haenlein

2010). Virtual worlds often have their own economies, where transactions occur between

users in the worlds own currency, and can be exchanged for real monetary value. Users

interact with each other as they would in real life, and communities are built from

relationships that are made e.g. Second Life.

10. CHAPTER 10: E-COMMERCE

10.1. Understanding E-commerce

E-Commerce is the ability of a company to have a dynamic presence on the Internet which

allowed the company to conduct its business electronically, in essence having an electronic

shop. Products can be advertised, sold and paid for all electronically without the need for it to

be processed by a human being.

Due to the vastness of the internet advertising and the website can be exposed to hundreds of

people around the world for almost nil cost and with information being able to be changed

almost instantly the site can always be kept up to date with all the latest products to match

with consumers demands.

The biggest advantage of E-Commerce is the ability to provide secure shopping transactions

via the internet and coupled with almost instant verification and validation of credit card

transactions. This has caused E-Commerce sites to explode as they cost much much less than a

store front in a town and has the ability to serve many more customers.

In the broad meaning electronic commerce (E-Commerce) is a means of conducting business

using one of many electronic methods, usually involving telephones, computers (or both).

E-Commerce is not about the technology itself, it is about doing business using the technology.

Electronic commerce, commonly known as e-commerce or eCommerce, consists of the buying

and selling of products or services over electronic systems such as the Internet and other

computer networks. The amount of trade conducted electronically has grown extraordinarily

with wide-spread Internet usage. A wide variety of commerce is conducted in this way,

spurring and drawing on innovations in electronic funds transfer, supply chain management,

Internet marketing, online transaction processing, electronic data interchange (EDI),

inventory management systems, and automated data collection systems. Modern electronic

commerce typically uses the World Wide Web at least at some point in the transaction's

lifecycle, although it can encompass a wider range of technologies such as e-mail as well.

By Gitau G.K., 39

A large percentage of electronic commerce is conducted entirely electronically for virtual

items such as access to premium content on a website, but most electronic commerce involves

the transportation of physical items in some way. Online retailers are sometimes known as e-

tailers and online retail is sometimes known as e-tail. Almost all big retailers have electronic

commerce presence on the World Wide Web.

10.2. Types of E-commerce

E-commerce is the use of Internet and the web to transact business but when we focus on

digitally enabled commercial transactions between and among organizations and individuals

involving information systems under the control of the firm it takes the form of e-business.

Nowadays, 'e' is gaining momentum and most of the things if not everything is getting digitally

enabled. Thus, it becomes very important to clearly draw the line between different types of

commerce or business integrated with the 'e' factor.

There are mainly five types of e-commerce models:

1. Business to Consumer (B2C) - As the name suggests, it is the model involving businesses

and consumers. This is the most common e-commerce segment. In this model, online

businesses sell to individual consumers. When B2C started, it had a small share in the market

but after 1995 its growth was exponential. The basic concept behind this type is that the

online retailers and marketers can sell their products to the online consumer by using crystal

clear data which is made available via various online marketing tools. E.g. An online pharmacy

giving free medical consultation and selling medicines to patients is following B2C model.

2. Business to Business (B2B) - It is the largest form of e-commerce involving business of

trillions of dollars. In this form, the buyers and sellers are both business entities and do not

involve an individual consumer. It is like the manufacturer supplying goods to the retailer or

wholesaler. E.g. Dell sells computers and other related accessories online but it is does not

manufacture all those products. So, in order to sell those products, it first purchases them

from different businesses i.e. the manufacturers of those products.

3. Consumer to Consumer (C2C) - It facilitates the online transaction of goods or services

between two people. Though there is no visible intermediary involved but the parties cannot

carry out the transactions without the platform which is provided by the online market maker

such as eBay.

4. Peer to Peer (P2P) - Though it is an e-commerce model but it is more than that. It is a

technology in itself which helps people to directly share computer files and computer

resources without having to go through a central web server. To use this, both sides need to

install the required software so that they can communicate on the common platform. This

type of e-commerce has quite low revenue generation as from the beginning it has been

inclined to the free usage due to which it sometimes got entangled in cyber laws.

5. M-Commerce - It refers to the use of mobile devices for conducting the transactions. The

mobile device holders can contact each other and can conduct the business. Even the web

design and development companies optimize the websites to be viewed correctly on mobile

devices.

There are other types of e-commerce business models too like Business to Employee (B2E),

Government to Business (G2B) and Government to Citizen (G2C) but in essence they are

By Gitau G.K., 40

similar to the above mentioned types. Moreover, it is not necessary that these models are

dedicatedly followed in all the online business types. It may be the case that a business is

using all the models or only one of them or some of them as per its needs.

10.3. Advantages of E-commerce

E commerce provides many new ways for businesses and consumers to communicate and

conduct business. There are a number of advantages and disadvantages of conducting

business in this manner.

Access to A Global Market: The internet allows companies to have access to a global market

rather than just the potential customers in the surrounding area of there physical location.

Cutting Out the Middleman: Businesses can sell direct to the consumer rather than having to

sell to a supplier and then them sell it on and make more profit.

A Level Playing Field: A small business can compete and show itself as a professional

company as much as large ones as budgets for setting up a professional site are relatively

cheap to the amount of return you can get on them.

Open 24 Hours: With fully automated payment and order processing systems your site need

never be closed even if your office/warehouse is. Orders can be dispatched during opening

hours while orders can be taken 24 hours a day.

Greater Customer Satisfaction: An E-Commerce website can be a powerful tool for building

customer loyalty if it is effective enough, a well designed website puts the customer in charge

of the relationship, they can buy, browse, ask for help or track the progress of order they have

placed where they want and when they want.

Reduced Marketing Costs: Internet advertisement being relatively cheap you can reach

many more people at a cheaper cost than using conventional advertising methods.

Better Customer Information: You can quickly and easy analyze your customers by location

and area as well as the products they buy as you will have to request a customers name and

address from them when processing a transaction.

Improved Security: Most E-Commerce suits offered by companies come with built in security

in the software and with the purchase of a dent SSL certificate and some good server

configurations you can safely know that all the details of your customers will be safe and

secure.

As a further thought, many businesses find it easier to buy and sell in U.S. dollars: it is

effectively the major currency of the Internet. In this context, global online customers can find

the concept of peculiar and unfamiliar currencies disconcerting. Some businesses find they

can achieve higher prices online and in US dollars than they would achieve selling locally or

nationally. Given that banks often charge fees for converting currencies, this is another reason

to investigate all of your (national and international) options for accepting and making online

payments.

In brief, it is useful to take a global view with regard the potential and organization of your e-

commerce activities, especially if you are targeting global customers.

By Gitau G.K., 41

• A new marketing channel. The Internet provides an important new channel to sell to

consumers. Peterson et al. (1999) suggest that, as a marketing channel, the Internet has the

following characteristics:

• the ability to inexpensively store vast amounts of information at different virtual

locations

• the availability of powerful and inexpensive means of searching, organizing, and

disseminating such information

• interactivity and the ability to provide information on demand

• the ability to provide perceptual experiences that are far superior to a printed

catalogue, although not as rich as personal inspection

• the capability to serve as a transaction medium

• the ability to serve as a physical distribution medium for certain goods (e.g., software)

• relatively low entry and establishment costs for sellers

• no other existing marketing channel possesses all of these characteristics.

10.4. Disadvantages of E-commerce

Some disadvantages and constraints of e-commerce include the following.

• Time for delivery of physical products. It is possible to visit a local music store and

walk out with a compact disc or a bookstore and leave with a book. E-commerce is often used

to buy goods that are not available locally from businesses all over the world, meaning that

physical goods need to be delivered, which takes time and costs money. In some cases there

are ways around this, for example, with electronic files of the music or books being accessed

across the Internet, but then these are not physical goods.

• Physical product, supplier & delivery uncertainty. When you walk out of a shop with an

item, it's yours. You have it; you know what it is, where it is and how it looks. In some respects

e-commerce purchases are made on trust. This is because, firstly, not having had physical

access to the product, a purchase is made on an expectation of what that product is and its

condition. Secondly, because supplying businesses can be conducted across the world, it can

be uncertain whether or not they are legitimate businesses and are not just going to take your

money. It's pretty hard to knock on their door to complain or seek legal recourse! Thirdly,

even if the item is sent, it is easy to start wondering whether or not it will ever arrive.

• Perishable goods. Forget about ordering a single gelato ice cream from a shop in Rome!

Though specialized or refrigerated transport can be used, goods bought and sold via the

Internet tend to be durable and non-perishable: they need to survive the trip from the

supplier to the purchasing business or consumer. This shifts the bias for perishable and/or

non-durable goods back towards traditional supply chain arrangements, or towards relatively

more local e-commerce-based purchases, sales and distribution. In contrast, durable goods

can be traded from almost anyone to almost anyone else, sparking competition for lower

prices. In some cases this leads to disintermediation in which intermediary people and

businesses are bypassed by consumers and by other businesses that are seeking to purchase

more directly from manufacturers.

• Limited and selected sensory information. The Internet is an effective conduit for

visual and auditory information: seeing pictures, hearing sounds and reading text. However it

By Gitau G.K., 42

does not allow full scope for our senses: we can see pictures of the flowers, but not smell their

fragrance; we can see pictures of a hammer, but not feel its weight or balance. Further, when

we pick up and inspect something, we choose what we look at and how we look at it. This is

not the case on the Internet. If we were looking at buying a car on the Internet, we would see

the pictures the seller had chosen for us to see but not the things we might look for if we were

able to see it in person. And, taking into account our other senses, we can't test the car to hear

the sound of the engine as it changes gears or sense the smell and feel of the leather seats.

There are many ways in which the Internet does not convey the richness of experiences of the

world. This lack of sensory information means that people are often much more comfortable

buying via the Internet generic goods - things that they have seen or experienced before and

about which there is little ambiguity, rather than unique or complex things.

• Returning goods. Returning goods online can be an area of difficulty. The uncertainties

surrounding the initial payment and delivery of goods can be exacerbated in this process. Will

the goods get back to their source? Who pays for the return postage? Will the refund be paid?

Will I be left with nothing? How long will it take? Contrast this with the offline experience of

returning goods to a shop.

• Privacy, security, payment, identity, contract. Many issues arise - privacy of

information, security of that information and payment details, whether or not payment details

(eg. credit card details) will be misused, identity theft, contract, and, whether we have one or

not, what laws and legal jurisdiction apply.

• Defined services & the unexpected. E-commerce is an effective means for managing the

transaction of known and established services, that is, things that are everyday. It is not

suitable for dealing with the new or unexpected. For example, a transport company used to

dealing with simple packages being asked if it can transport a hippopotamus, or a customer

asking for a book order to be wrapped in blue and white polka dot paper with a bow. Such

requests need human intervention to investigate and resolve.

• Personal service. Although some human interaction can be facilitated via the web, e-

commerce can not provide the richness of interaction provided by personal service. For most

businesses, e-commerce methods provide the equivalent of an information-rich counter

attendant rather than a salesperson. This also means that feedback about how people react to

product and service offerings also tends to be more granular or perhaps lost using e-

commerce approaches. If your only feedback is that people are (or are not) buying your

products or services online, this is inadequate for evaluating how to change or improve your

e-commerce strategies and/or product and service offerings. Successful business use of e-

commerce typically involves strategies for gaining and applying customer feedback. This

helps businesses to understand, anticipate and meet changing online customer needs and

preferences, which is critical because of the comparatively rapid rate of ongoing Internet-

based change.

• Size and number of transactions. E-commerce is most often conducted using credit

card facilities for payments, and as a result very small and very large transactions tend not to

be conducted online. The size of transactions is also impacted by the economics of

transporting physical goods. For example, any benefits or conveniences of buying a box of

pens online from a US-based business tend to be eclipsed by the cost of having to pay for them

By Gitau G.K., 43

to be delivered to you in Australia. The delivery costs also mean that buying individual items

from a range of different overseas businesses is significantly more expensive than buying all

of the goods from one overseas business because the goods can be packaged and shipped

together.

• Some business processes are difficult to be implemented through electronic commerce.

• Return-on-investment is difficult to apply to electronic commerce.

• Businesses face cultural and legal obstacles to conducting electronic commerce.

10.5. Benefits of E-commerce

E-Commerce is one of the most important facets of the Internet to have emerged in the recent

times. Ecommerce or electronic commerce involves carrying out business over the Internet

with the assistance of computers, which are linked to each other forming a network. To be

specific ecommerce would be buying and selling of goods and services and transfer of funds

through digital communications.

The benefits of Ecommerce:

• Ecommerce allows people to carry out businesses without the barriers of time or

distance. One can log on to the Internet at any point of time, be it day or night and purchase or

sell anything one desires at a single click of the mouse.

• The direct cost-of-sale for an order taken from a web site is lower than through

traditional means (retail, paper based), as there is no human interaction during the on-line

electronic purchase order process. Also, electronic selling virtually eliminates processing

errors, as well as being faster and more convenient for the visitor.

• Ecommerce is ideal for niche products. Customers for such products are usually few.

But in the vast market place i.e. the Internet, even niche products could generate viable

volumes.

• Another important benefit of Ecommerce is that it is the cheapest means of doing

business.

• The day-to-day pressures of the marketplace have played their part in reducing the

opportunities for companies to invest in improving their competitive position. A mature

market, increased competitions have all reduced the amount of money available to invest. If

the selling price cannot be increased and the manufactured cost cannot be decreased then the

difference can be in the way the business is carried out. Ecommerce has provided the solution

by decimating the costs, which are incurred.

• From the buyer’s perspective also ecommerce offers a lot of tangible advantages.

1. Reduction in buyer’s sorting out time.

2. Better buyer decisions

3. Less time is spent in resolving invoice and order discrepancies.

4. Increased opportunities for buying alternative products.

• The strategic benefit of making a business ‘ecommerce enabled’, is that it helps reduce

the delivery time, labor cost and the cost incurred in the following areas:

1. Document preparation

2. Error detection and correction

3. Reconciliation

By Gitau G.K., 44

4. Mail preparation

5. Telephone calling

6. Data entry

7. Overtime

8. Supervision expenses

• Operational benefits of e commerce include reducing both the time and personnel

required to complete business processes, and reducing strain on other resources. It’s because

of all these advantages that one can harness the power of ecommerce and convert a business

to e-business by using powerful turnkey ecommerce solutions made available by e-business

solution providers.

11. CHAPTER 11: CONTROLLING INFORMATION SYSTEMS

Data security and controls refers to various threats to data and the counter measures

taken to ensure that data is not lost, altered illegally or accessed by unauthorized persons.

Although data does not show on the balance sheet as an asset, many companies are totally

reliant on the information stored on their PC’s, Laptops and Networks. Electronic data

processing involves processing large volumes of data with little or no human intervention.

It also concentrated in small storage media that can be easily stolen or misplaced.

Computer Based Information Systems are also often connect on the Internet such that

unknown persons can remotely connect to an organization's computers without been

noted physically.

Here we look at some of the issues to consider when reviewing the security of your computer

systems, and some of the compliance issues surrounding data security and data protection.

11.1. Threats to data

As earlier identified due to the nature of electronic data it can face 3 types of threats;

- Loss of data (system unavailability): Possibly due to theft, corruption by virus or system

malfunction, power failure, Internet disconnection, etc.

- Unauthorized alteration or accidental alteration (loss of integrity): Such data although may

not be said to be lost, the contents are no longer reliable. So the data has lost its integrity.

-Unauthorized access (loss of confidentiality): When data is accessed by unauthorized users

such as eavesdroppers, hackers and industrial espionage, the company may lose the benefit of

its trade secrets. Many times employees are source of this threat and so persons should be

limited to the data that concern the alone and audit trails can be used to track what employees

do in their computer systems.

11.2. Administrative controls versus system controls

Administrative controls refers to data security controls that are implemented through the

organization administrative framework. It involves policies and procedures about processing

data; such as segregation of duties, insurance, fire and anti-burglary, authorization of

processing, work ethics, and any other practices that enhance safety and security of an

information system.

By Gitau G.K., 45

System controls on the other refers to data security control measures that are in-built into the

computer system to ensure correct input, correct processing, correct output and security of

data stored. Such controls become a part of the computer system design.

11.3. Physical versus logical controls

The controls needed for information systems performance and security, the legal and

ethical implications of the control of computer crime and other societal impacts of

information systems.

Although data does not show on the balance sheet as an asset, many companies are totally

reliant on the information stored on their PC’s, Laptops and Networks.

Here we look at some of the issues to consider when reviewing the security of your computer

systems, and some of the compliance issues surrounding data security and data protection.

11.4. Examples of Data Security Controls

Passwords

Passwords are one of the measures which can be used to implement access controls.

However, to be at all effective they should:

be relatively long (i.e. 8 characters or more)

contain a mixture of alpha, numeric and other characters (such as &^”)

not be the same for all applications

be changed regularly

be removed or changed when an employee leaves.

Data backup and restore

Data backup is an essential process for security and needs to be undertaken on a regular

basis. There are a number of points to consider.

Data file locations

In a network environment some data files might be stored on the server and other data files

stored on local drives. In which case separate backups may be required for both the server

and one or more PC’s.

Backup strategy

There is likely to be a need for two parallel backup procedures; one to cover a complete

systems backup and another to cover the backing up of individual applications’ data files.

Complete systems backup

On a network some form of server backup software should be used to take a complete copy of

the network drive(s). This can normally be set to run overnight. However, someone will need

to be given responsibility for these procedures -

Key areas to consider include: training in how to use the backup software, alter backup

schedules and change backup file criteria

The person responsible needs to be able to: adapt the backup criteria as new applications are

added interpret backup logs and react to any errors notified restore data from backup media

maintain a regular log of backups and where these are stored.

By Gitau G.K., 46

Finally, be aware that some backup utilities only take a mirror image of the hard disc. In this

case, the whole of the hard disc has to be restored even if there is a problem with just one file

or just one folder.

Applications backup

Many accounting and payroll packages have their own backup routines. It is a good idea to use

these (as well as full server backup) on a regular basis, and always just before period end, or

pay period end, update routines.

Local PCs

Remember that some users will have applications data files exclusively on their local drives

(such as payroll data for example) and these will all require their own regular backup regime.

Backup media

There are about half a dozen different types of backup media available – from the writable CD

capable of storing up to 1gb, through the DVD reader/writer (5gb) up to the mighty external

hard drives (1000gb). Most server backups will use either use tape cartridges or CD/DVD

reader/writers. For more temporary forms of backup, a USB memory stick/pen (1gb) might

be considered.

Backup frequency

A cycle of backups should be retained for a period of time (probably going back at least 12

months – but see Backup retention below). Overwriting the same backup disc/tape/cd/dvd

day after day is not advised.

Backup retention

Backups should be stored in a variety of locations. Obviously, the safest place is off-site.

Physical backup media can be stored in a separate location, whilst some firms may rent disc

space on a service provider’s server, to backup files to.

Issues such as how long certain type of records, accounting records for example, need to be

kept for, should be borne in mind.

Backup media degradation/decomposition

Backup media degrades and the data decomposes over a period of time.

DVD’s are particularly sensitive to light (i.e. they are photosensitive) for example, so ensure

that they are stored in a dark environment.

RW media is noted as being particularly prone to degradation, and should not be relied upon

for long-term storage.

Backups should be checked on a regular basis for signs of digital decomposition.

Restoring data

As with backup, there are a number of issues to consider.

Total systems restore. This can be a complex procedure in a network environment and may

require specialist network engineers to provide assistance.

Application restore. We recommended above (see Applications backup) a separate cycle of

backups to cover individual applications. If it is necessary to restore the whole application

from these backups, then the restore utility within the package concerned needs to be

used and the correct backup media loaded.

By Gitau G.K., 47

Individual data file(s) restore. These are generally less complex, but nevertheless care is

needed. If the required data files are on the server backup then the restore utility will need

to be used, the correct backup media loaded and the file or files to be restored identified.

Virus/Spam protection

The prevalence of e-mail viruses and unsolicited spam means that software is required to

filter these items out of the system. This software will require regular updating, along with all

relevant on-going software security patches that need to be applied to the operating and

applications software. Additional network security in the form of firewall software is also

required to protect the network from unauthorised access and potential network attacks.

Employees

All employees should know and understand the firms’ security procedures and the

consequences of abusing these. You might wish to refer to our factsheet which sets out a

model internet and e-mail access policy. Staff dealing with personal data also require training

in the principles of data protection and good information handling practices

Compliance issues

Most businesses process personal data to a greater or lesser degree. If this is the case, then

notification under the Data Protection Act is required. That will then mean on-going

compliance with the principles of information handling and information security. We can help

you with this process to ensure compliance.

Control and Management Issues

Transaction processing systems are the backbone of any organization’s information systems.

Business Resumption Planning

• It is the process of anticipating and providing for disasters. A disaster can be a flood,

fire, earthquake, intentional damage, labor unrest or erasure of an important file.

• Focus on maintaining the integrity of the corporation information and keeping the

information system running until normal operations can be resumed.

• Identify potential problems and prepare for the disaster.

Disaster Recovery

• The implementation of the business resumption plan.

• The primary tools are backups for hardware, software, databases, telecommunication,

and personnel.

• Keep a backup copy of software and database to a remote location in a safe, secure,

fireproof, and temperature and humidity controlled environment.

• Always train backup personnel in case employees leave the company.

Transaction Processing System Audit

• Auditing a TPS system, is an attempt to answer three basic questions:

• Does the system meet the business need for which it is developed?

• What procedures and controls have been established?

• Are the procedures and controls being properly used?

By Gitau G.K., 48

• An internal audit is conducted by employees of the organization and an external audit is

conducted by an outside firm.

• The auditors inspects all programs, documents, control techniques, the disaster plan,

insurance protection, fire protection, and other system management concerns such as

efficiency and effectiveness of the disk and tape library.

The audit trail allows the auditors to trace any out from the computer system back to its

source documents.