Q1. What do you understand by Information processes data? Information is a complex concept that has a variety of meanings depending on its context and the perspective in which it is studied. It could be described in three ways 1) as processed data, 2) as the opposite of uncertainty, and 3) as a meaningful signal-to illustrate the richness of the concept of information. Data are generally considered to be raw facts that have undefined uses and application; information is considered to be processed data that influences choices, that is, data that have somehow been formatted, filtered, and summarized; and knowledge is considered to be an understanding derived from information distinctions among data, information, and knowledge may be derived from scientific terminology. The researcher collects data to test hypotheses; thus, data refer to unprocessed and unanalysed numbers. When the data are analysed, scientists talk about the information contained in the data and the knowledge acquired from their analyses. The confusion often extends to the information systems context, and the three terms maybe used interchangeably.

Q.2 Discuss the Components of an Organizational Information System. The environment in which organizations operate from the informational perspective in terms proposed by George Huber of the University of Texas, who has studied the organizational design required by an information society. His conclusions provide a framework for determining what is required of an organizational information system. These, according to Huber, are the hallmarks of an information society: 1) Dramatic Increase of Available Knowledge Whether measured in terms of the number of scholarly journals, patents and copyrights, or in terms of the volumes of corporate communications, both the production and the distribution of knowledge have undergone a manifold increase. 2) Growth of Complexity Huber characterizes complexity in terms of numerosity, diversity, and interdependence. A growing world population and the industrial revolution combined to produce numerosity, or a growing number of human organizations. To succeed, people and organizations learned to specialize: they do things differently and organize themselves differently to accomplish specialized tasks. These differences lead to diversity. Two principal factors have led to increased interdependence. The first as been the revolution in the infrastructure of transportation and communication. The second factor is specialization in firms that make narrowly defined products, as opposed to the self-sufficiency of companies producing a complex product down to its minute elements. A company's product is typically a part of a larger system, produced with contributions from a number of interdependent firms (consider a car or a computer). Moreover, interdependence has increased on a global scale. Even the most isolated of countries participates in some way in the international division of labor. Organizations operating in the public sector, while rarely in a competitive situation, are still governed by the demands of society. Pressures on the public sector in democratic societies, along with the pressures conveyed from the private sector, also make the environment in which public organizations operate more complex. 3) Increased Turbulence The pace of events in an information society is set by technologies. The speeds of today's computer and communication technologies have resulted in a dramatic increase in the number of events occurring within a given time. Consider the volumes and speed of trades in the securities and currency markets. Widespread use of telefacsimile, as another example, has removed the "float"-the lag between sending and receiving-in written communications. Equally important, because of the infrastructure discussed earlier, the number of events that actually influence an organization's activities (effective events) has also grown rapidly. The great amount of change and turbulence pressuring organizations today thus calls for rapid innovation in both product and organizational structure. To thrive, an organization must have information systems able to cope with large volumes of information in a selective fashion. Huber concludes that these factors an increase of available knowledge, growth of complexity, and increased turbulence-are not simply ancillary to a transition to the new societal form. Rather, they will be a permanent characteristic of the information society in the future. Moreover, we should expect that these factors

would continue to expand at an accelerating rate (a positive feedback exists). Barring some catastrophic event, we expect that the rapidly changing environment will be not only "more so" but also "much more so." To succeed in an information society, organizations must be compatible with this environment.

Q3. The features contributing to success and failures of MIS models: Desirable features of an MIS Be flexible - allowing for different ways of analysing data and evaluating information. Provide interpersonal communication with other people in the organisation. Not require extensive periods of concentration as managers switch between different tasks. Make it easy to interrupt the work and return to it at a later time Protect a manager, from information overload. There are a number of ways that computer projects can be managed. We will look at Systems life cycle The waterfall model Prototyping. The Systems life cycle was the traditional way in which projects were carried out. Each stage was completed before the next was started.

In the Waterfall model, it is possible to rework earlier stages in the light of experience gained at a later stage. Each stage is signed off and the next stage is proceeded with. However the end user is rarely involved in the development stage, even though they may well be involved in signing off. It is therefore critical that the analysts and the programmers understand the end-users

The waterfall model has disadvantages, which can be overcome using prototyping, in which a model of the system is developed in partnership with the end-user. The features are worked out with the end user using a prototype, and the end user can have a considerable input into the development of a project. The approach is shown below:

Benefits are: Misunderstandings are detected at early stages the user will notice any missing functions, incomplete or inconsistent requirements. can be built quickly to demonstrate systems it can be used for training before the system is finished Drawbacks are: Project management can be discoordinated or even sloppy.

Meetings with end users can become time consuming. The final result could be completely different to what was requested in the first place. There are several different ways of prototyping: Piloting Test the feasibility of the design proposal Modelling building to develop an understanding of the users requirements Throw-away prototyping Pilot and modelling are throw away types Evolutionary prototyping each prototype built is a step closer to solution. Why an MIS Might Fail MIS systems are complex and expensive pieces of software, and many people are involved with the design both within the organisation and from outside. Often they are built by software houses to the precise requirements of the organisation. So the client organisation needs to be very clear as to what it wants, and the software house analysts need also to be very clear about the requirements. MIS failures can be expensive and bring bad publicity to all parties. They can arise due to: Inadequate analysis - problems, needs and constraints arent understood in the early stages. Lack of management involved in the design wrong expectations of a new system / no-one understands the system. Emphasis on the computer system Need procedures for handling input and output / select the right hardware and software Concentration on low-level data processing Information must be easily accessible and understood Lack of management knowledge of ICT systems and capabilities managers know what they want from the system but dont understand the technology Lack of teamwork An ICT manager must co-ordinate the accounts, marketing, sales etc. departments and help everyone understand the benefits of the system Lack of professional standards All systems need clear documentation that all users can understand (not just the ICT literate) Organisations can judge how successful the implementation of an MIS system has been by applying the following evaluations: a. High level of use - Is it actually used? Some systems dont become operational for reasons such as it taking too long to enter data. b. High level of user satisfaction - Do users like the systems? c. Accomplishment of original objectives - Have the objectives specified in the analysis stage been achieved? d. Appropriate nature of use - Is the software being correctly used? e. Has proper training been given? Institutionalisation of the system - Has it been taken on board enthusiastically?

Q.4 List down the Potential External Opportunities, potential internal Weaknesses. Potential External Opportunities Serve additional customer groups Enter new markets or segments Expand product line to meet broader range of customer needs Diversify into related products Vertical integration Falling trade barriers in attractive foreign markets Complacency among rival firms Faster market growth Potential Internal Weaknesses No clear strategic direction Obsolete facilities Lack of managerial depth and talent Missing key skills or competence Poor track record in implementing strategy Plagued with internal operating problems Falling behind in R&D Too narrow a product line Weak market image Weaker distribution network Below-average marketing skills Unable to finance needed changes in strategy Higher overall unit costs relative to key competitors

Q.5 What do you understand by Multinational corporation, Global corporation, International corporation, Transnational corporation. Multinational Corporation A multinational corporation has built or acquired a portfolio of national companies that it operates and manages with sensitivity to its subsidiaries' local environments. The subsidiaries operate autonomously, often in different business areas. A company that follows a multinational strategy has little need to share data among its subsidiaries or between the parent and subsidiaries except to consolidate financial positions at year's end. Global Corporation A global corporation has rationalized its international operations to achieve greater efficiencies through central control. Although its strategy and marketing are based on the concept of a global market, a headquarters organization makes all major decisions. A company pursuing a global strategy needs to transfer the operational and financial data of its foreign subsidiaries to headquarters in real time or on a frequent basis. A high level of information flows from subsidiary to parent, while limited data move from parent to subsidiary. International Corporation An international corporation exports the expertise and knowledge of the parent company to subsidiaries. Here subsidiaries operate more autonomously than in global corporations. Ideally, information flows from the parent to its subsidiaries. In practice, subsidiaries often rely on the parent to exercise its knowledge for the subsidiaries' benefit rather than simply to export it to the subsidiaries. For example, a subsidiary without a great deal of human resources expertise may "pay" its parent to operate its human resources function. Although the information theoretically should stay within the subsidiary, in this case it may flow back and forth between the parent's location and the subsidiary's location. Transnational Corporation A transnational corporation incorporates and integrates multinational, global, and international strategies. By linking local operations to one another and to headquarters, a transnational company attempts to retain the flexibility to respond to local needs and opportunities while achieving global integration. Because transnational operate on the premise of teamwork, they demand the ability to share both information and information services.

Q.6 The limitations of ERP systems and How ERP packages help in overcoming theses limitations: Many problems organizations have with ERP systems are due to inadequate investment in ongoing training for involved personnel, including those implementing and testing changes, as well as a lack of corporate policy protecting the integrity of the data in the ERP systems and how it is used. Limitations of ERP include: Success depends on the skill and experience of the workforce, including training about how to make the system work correctly. Many companies cut costs by cutting training budgets. Privately owned small enterprises are often undercapitalized, meaning their ERP system is often operated by personnel with inadequate education in ERP in general, such as APICS foundations, and in the particular ERP vendor package being used. o Personnel turnover; companies can employ new managers lacking education in the company's ERP system, proposing changes in business practices that are out of synchronization with the best utilization of the company's selected ERP. o Customization of the ERP software is limited. Some customization may involve changing of the ERP software structure which is usually not allowed. o Re-engineering of business processes to fit the "industry standard" prescribed by the ERP system may lead to a loss of competitive advantage. o ERP systems can be very expensive to install often ranging from 30,000 to 500,000,000 for multinational companies. o ERP vendors can charge sums of money for annual license renewal that is unrelated to the size of the company using the ERP or its profitability. o Technical support personnel often give replies to callers that are inappropriate for the caller's corporate structure. Computer security concerns arise, for example when telling a non-programmer how to change a database on the fly, at a company that requires an audit trail of changes so as to meet some regulatory standards. o ERPs are often seen as too rigid and too difficult to adapt to the specific workflow and business process of some companiesthis is cited as one of the main causes of their failure. o Systems can be difficult to use. o Systems are too restrictive and do not allow much flexibility in implementation and usage. o The system can suffer from the "weakest link" probleman inefficiency in one department or at one of the partners may affect other participants. o Many of the integrated links need high accuracy in other applications to work effectively. A company can achieve minimum standards, then over time "dirty data" will reduce the reliability of some applications. o Once a system is established, switching costs are very high for any one of the partners (reducing flexibility and strategic control at the corporate level). o The blurring of company boundaries can cause problems in accountability, lines of responsibility, and employee morale. o Resistance in sharing sensitive internal information between departments can reduce the effectiveness of the software. o There are frequent compatibility problems with the various legacy systems of the partners.

The system may be over-engineered relative to the actual needs of the customer. Most ERP security audits today are performed using a manual approach. There is little automation beyond the use of native tools that come standard with ERP packages. Most ERP native security reporting tools are designed with the purpose of assisting security administrators in validating the accuracy of security configurations. Although they are not meant for security audit per se, IT auditors with appropriate skills and knowledge can exploit these tools in extracting information about who has access to critical transactions. For each transaction to be tested, the IT auditor must set up different queries in the reporting tool and extract the output separately. The output is usually stored electronically and will later be processed using a computer-aided auditing tool such as ACL or a spreadsheet. Once the output is parsed and formatted to allow easier analysis, the auditor has a report that lists the users or roles that have the ability to perform a particular transaction, which will be validated by corroboration with management or company policies and procedures. This process needs to be repeated for every transaction included in the audit plan. The approach is based on the premise that IT auditors can use technology to partially automate ERP security audit processes showing how does these ERP packages help in overcoming theses limitations. Steps in the approach are as follows: 1. Understand the security concepts and mechanisms of the specific ERP system being audited. To understand how to audit, it is necessary to understand how a particular user or role gains access to perform an action in the ERP system. In the context of SAP R/3, a user is assigned a specific set of authorization objects to gain access to perform an action or create a transaction. To audit those who have access to perform a particular transaction, it is necessary to research which authorization objects are required to access the transaction. 2. Study the back-end components of the ERP system, such as tables and programs, that facilitate operation of the ERP security mechanism. Since SAP R/3 stores information in a relational database, security configuration data can be found on a number of tables. In particular, it is important to identify tables storing information about users, roles, authorization objects and the tables that map relationships among these entities (e.g., which user has which role and which authorization objects are assigned to which roles). 3. Design an ad hoc tool that emulates the back-end components of the ERP system and produces reports depicting the current security configuration. As understanding of the tables that contain the security configurations is gained, these tables can be extracted from the ERP system and placed into an external, ad hoc database. 4. Create queries and reports that identify users who have potential SOD conflicts. Using the criteria identified in the previous step, an extension is developed within the ad hoc tool to automate and simultaneously run queries required for identifying SOD conflicts.o

Q.1 Explain with relevant examples the concept of business process. Also mention their elements. For initiating business re-engineering, one is required to make some very basic and fund a- mental changes in one's conventional thinking. The business is reengineered through process reengineering and the business has a number of processes which together produce the business results. We concentrate on the 'process' and not on the task when it comes to re-engineering. The business process is defined as 'a set of activities performed across the organisation creating an output of value to the customer'. Every process has a customer who may be internal or external to the organisation. The scope of the process runs across the departments and functions and ends up in substantial value addition which can be measured against the value expectation of a customer. For example, the order processing scope in the traditional sense is within the marketing department. But when it comes to re-engineering, the scope expands to manufacturing, storing, delivering and recovering the money. Likewise, the scope of the bill payment is not limited to the accounts and finance departments but it covers ordering the vendors, receipt and acceptance or goods and paying the bill amount. In a classical organisational set-up, the different processes are handled in parts within the four walls of the department and the functions are limited to the responsibility assigned to them. When the bill payment process is to be reengineered, it will be re-engineered right from the purchase ordering to cheque payment to the vendor. The reason for covering the purchase ordering as a part of the bill payment process, is that the purchase order information decides the number of aspects of bill payment. The basic element of the processes is motivation to perform certain activities. In the process execution, the data is gathered, processed and stored. The data is used in the process to generate the information which would be checked, validated and used for decision making. The decision is then communicated. The process is executed through the basic steps such as receiving the input, measuring the input, analysing the document, performing, processing, recording, accessing data, producing the results and communicating them. Basic elements of business process are: Motivation to perform Data gathering, processing and storing

Information processing Checking, validating and control Decision making Communication

Q2. The control issues in management information systems. Control procedures must be set up to ensure that information is correct and relevant an institution's MIS should be designed to achieve the following goals: Enhance communication among employees. Deliver complex material throughout the institution. Provide an objective system for recording and aggregating information. Management Information Systems 2 Comptroller's Handbook Reduce expenses related to labor-intensive manual activities. Support the organization's strategic goals and direction. MIS is a critical component of the institution's overall risk management strategy. MIS supports management's ability to perform such reviews. MIS should be used to recognize, monitor, measure, limit, and manage risks. Risk management involves four main elements: Policies or practices. Operational processes. Staff and management. Feedback devices. Frequently, operational processes and feedback devices are intertwined and cannot easily be viewed separately. The most efficient and useable MIS should be both operational and informational. As such, management can use MIS to measure performance, manage resources, and help an institution comply with regulatory requirements. One example of this would be the managing and reporting of loans to insiders. MIS can also be used by management to provide feedback on the effectiveness of risk controls. Controls are developed to support the proper management of risk through the institution's policies or practices, operational processes, and the assignment of duties and responsibilities to staff and managers. Comptroller's Handbook 3 Management Information Systems Technology advances have increased both the availability and volume of information management and the directors have available for both planning and decision making. Correspondingly, technology also increases the potential for inaccurate reporting and flawed decision making. Because data can be extracted from many financial and transaction systems, appropriate control procedures must be set up to ensure that information is correct and relevant. In addition, since MIS often originates from multiple equipment platforms including mainframes, minicomputers, and microcomputers, controls must ensure that systems on smaller computers have processing controls that are as well defined and as effective as those commonly found on the traditionally larger mainframe systems. All institutions must set up a framework of sound fundamental principles that identify risk, establish controls, and provide for effective MIS review and monitoring systems throughout the organization. Commonly, an organization may choose to establish and express these sound principles in writing. The OCC fully endorses and supports placing these principles in writing to enhance effective communications throughout the institution. If however, management follows sound fundamental principles and governs the risk in the MIS Review area, a written policy is not required by the OCC. If sound principles are not effectively practiced, the OCC may require management to establish written MIS policies to formally communicate risk parameters and controls in this area. Sound fundamental principles for MIS review include proper internal controls, operating procedures and safeguards, and audit coverage.

Q.3 Discuss the function for manager.

Q4.(a) Describe business plan Vs MIS plan: Many corporations that installed the most advanced computer technology have found that the new capabilities have also forced them to make further changes-at a pace faster than desired. A fast, sophisticated tool can let people recognize, understand and fix problems, but it can also create other problems. Corporations, some observers say, must implement an enterprise model capable of managing change and forecasting the impact of anticipated problems on a business. MIS goals and objectives: It is necessary to develop the goals and objectives for the MIS which will support the business goals. The MIS goals and objectives will consider management philosophy, policy constraints, business risks, internal and external environment of the organization and the business. The goals and the objectives of the MIS would be so stated that they can be measured. The typical statements of the goals are as under: Provide on-line information on the stocks, markets and the accounts balances. The query processing should not exceed more than three seconds. The focus of the system will be on the end user computing and access facilities. Information support will be the first in the strategic areas of management. Table differentiating between Business Plan versus MIS Plan as below: Business Plan Business goals and objectives. Business plan and strategy Strategy planning and decisions. Management Plan for execution and control. Operation plan for the execution. MIS Plan Management information system, objectives, consistent to the business goals and objectives. Information strategy for the business plan implementation playing a supportive role. Architecture of the Management Information system to support decisions. System development schedule, matching the plan execution Hardware and software plan for the procurement and the implementation.

Such statements of the goals and objectives enable the designer to set the direction and design implementation strategies for the MIS. Strategy for the plan achievement: The designer has to take a number of strategic decisions for the achievement of the MIS goals and objectives. They are: a. Development strategy: An online, a batch, a real time. b. System Development Strategy: An approach to the system development Operational versus Functional; Accounting versus Analysis; Database versus Conventional Approach; Distributed versus Decentralized processing; one Database versus Multiple database SSAD vs. OOT. c. Resource for System Development: In-house versus external, customized development versus the use of packages.

Q4.(b) The different classes of information: In order to obtain useful information for your assignment you need to identify what kind of information you need. Different kinds of information can be found in different types of resources. The kind of information you need will then determine which resource is the most appropriate.

Types of Information Different sorts of questions require different types of information to answer. In order to gather evidence to support an argument, you first need an idea of what types of information are suitable. You can gain a sense of which types of information are appropriate for your project by answering the questions in this section. Contents What is my assignment and what are my opportunities for research? In order to research effectively you need a solid understanding of what sort of evidence your assignment requires and what is available. Which academic disciplines does my research touch upon? Research papers are usually written with the goal of contributing to the dialogue of a particular discipline. To do so, a paper must follow the standards of research and evidence for that discipline. Description for different types of Information as follows: Primary, Secondary and Tertiary Information: Most information is generally divided into three main categories: Primary ,Secondary and Tertiary. Primary Information: Original material that has not been interpreted or analysied. Examples: Statistics, Research articles, Blogs, Websites Secondary Material: Created from primary material, interpretating original material. Examples: Texbooks, Review articles Tertiary Material: Acts as a tool in understanding and locating information. Examples: Databases, Subject Gateways, Dictionaries, Bibliographies Different types of Information Systems: Information systems are constantly changing and evolving as technology continues to grow. Very importantly the information systems described below are not mutually exclusive and some (especially Expert Systems, Management Information Systems and Executive Information Systems are can be seen as a subset of Decision Support Systems). However these examples are not the only overlaps and the divions of these information systems will change over time. At present there are five main types: Transaction Processing Systems (TPS) Decision Support Systems (DSS) Expert Information Systems (EIS) Management Information Systems (MIS) Office Automation Systems (OAS)

Q.5 Explain the various cognitive style as identified by James McKinney and Peter Keen. James McKinney and Peter Keen have classified the information related modes of thought along two dimensions: information gathering and information evaluation. The information-gathering dimension focuses on perception, on the way a person organizes the verbal and visual stimuli he or she encounters. Preceptive individuals bring to bear concepts ("precepts") to filter incoming stimuli; from the framework of these concepts, they look for specific conformities with or deviations from the concepts they have already formed. Receptive decision makers focus on details rather than on a pattern and attempt to form a general picture of the situation from these details (a characteristic of inductive thinking). Information evaluation relates to the way an individual brings information to bear in the process of decision making. A systematic (or analytic) decision maker approaches a problem by structuring it and applying a well-defined method expected to lead to a solution. An intuitive individual applies heuristics (rules of thumb) and shortcuts and uses trial and error to find a solution; these people are more willing to go with their "gut feeling" about the problem. McKinney and Keen stress that all of these modes of thought are appropriate in certain situations, and some combinations of them are particularly fit in certain occupations.

Q6. Bring out the table that indicate the various classes of information There are three types of information systems projects: manual, manual to automated, and reautomation. The last, reautomation, has four subtypes: system rewrite, system redesign and redevelopment, system enhancement, and system maintenance. Each of these involves different, and yet similar, work. The work is similar in that the development activities which are involved in each follow the same general phases and approach. They are different in that the environment that the analyst must examine has substantially different characteristics. This chapter examines each of the various types of analysis projects, along with a brief discussion of the Gibson-Nolan electronic data processing (EDP) stages of growth theory and its impact on the analysis process. In addition there is a brief discussion of the Anthony model of organizational structure. A definition Personal Computer (PC) - also known as microcomputers or workstations, by the model name of the specific vendor (i.e. Apple [1], Macintosh [2], or PS/2 [3]) or by the brand name, model and speed of the processor (i.e. Pentium, Intel or 486/33 [4]) Any combination of processor, input device and output device designed for use by a single individual. Personal computers may also be called workstations.Personal computers may have a character orientation, a graphical orientation, may be connected to other personal computers, or may operate in a stand alone mode, and may or may not have connectivity to a mainframe. Personal computer software is normally characterized by an operating system which provides basic file access, management and display services and well as application scheduling and management. Reasons For Initiating Information Systems Analysis Projects As part of a program of System Modernization. A change in the basic aspects of the user's functional role A change in company strategic objectives A need for increased performance, greater or different functionality, different operating characteristics, or increased user friendliness from the automated systems A need for more direct and immediate access to the firm's automated files. A need to upgrade the system to take advantage of more current technology. A need to clean up the system The Three Types of Information Systems Analysis Projects The scope and magnitude of the functional and procedural changes may be fairly narrow or wide ranging. In some cases, aside from re-coding the system, there may be no changes in functionality at all. Given the variety of reasons for a project being undertaken, the starting point may also be quite different from project to project. These starting points reflect the differences in current user processing environments and the current level of user automation. Because of these differences in current user processing environments and user automation, information systems projects can be categorized into three types. 1. Manual 2. Manual to automated 3. Reautomation 4. The last, reautomation, has four subtypes. a) System rewrite b) System redesign and redevelopment

c) System enhancement d) System maintenance From an analysis perspective, each of these types of projects involves different, and yet similar, work. The work is similar in that the development activity.