organizational resource management orm 8. information systems (is)
TRANSCRIPT
Organizational Resource Management
ORM 8
Information Systems (IS)
What is IS?
IS – a set of interrelated components working together to collect, retrieve, process, store, and distribute information for the purpose of facilitating planning, control, coordination, analysis, and decision making in business organizations
Input-process-output perspective People-organization-technology perspective
Information Systems
Why Do People Need Information?
Individuals - Entertainment and enlightenment
Businesses - Decision making, problem solving and control
Data, Information, and Systems Data vs. Information
Data A “given,” or fact; a number, a statement, or a picture Represents something in the real world The raw materials in the production of information
Information Data that have meaning within a context Data in relationships Data after manipulation
An Information System is an organized combination of people, hardware, software, communication networks and the data resources that collects, transforms and disseminates information in a organization.
Computer-based Information System
Data, Information,and Systems
Generating Information Computer-based ISs take data as raw material, process
it, and produce information as output.
Figure 1.1 Input-process-output
Data, Information, and Systems
What Is a System? System: A set of components that work together to
achieve a common goal
Subsystem: One part of a system where the products of more than one system are combined to reach an ultimate goal
Closed system: Stand-alone system that has no contact with other systems
Open system: System that interfaces with other systems
Data, Information,and Systems
Figure 1.3 Several subsystems make up this corporate accounting system.
Data, Information, and Systems
The Four Stages of Data Processing
Input: Data is collected and entered into computer.
Data processing: Data is manipulated into information using mathematical, statistical, and other tools.
Output: Information is displayed or presented.
Storage: Data and information are maintained for later use.
Ethical and Societal IssuesThe Not-So-Bright Side
Consumer Privacy Organizations collect (and sometimes sell) huge
amounts of data on individuals.
Employee Privacy IT supports remote monitoring of employees,
violating privacy and creating stress.
Ethical and Societal IssuesThe Not-So-Bright Side Freedom of Speech
IT abridge free speech.
IT Professionalism No mandatory or enforced code of ethics for IT professionals--
unlike other professions.
Social Inequality Less than 20% of the world’s population have ever used a PC;
less than 3% have Internet access.
Activity 1
Share your experience of Information Systems incorporated in your company?
Role of IS
Expanding Roles of IS
1. Data Processing: 1950s-1960s
2. Management Reporting: 1960s-1970s
3. Decision support: 1970s-1980s
4. Strategic and End User Support: 1980s-1990s
5. Global Internetworking: 1990s-2000s
Classification of IS
Information Systems
Operations Support System Management
Support System
Transaction processing systems
Process control systems
Office automation systems
Management information systems
Decision support systems
Executive information systems
Other categories
a) Expert systems
b) End user computing systems
c) Business information systems
d) Strategic information systems
a) Expert Systems are knowledge-based systems that provides expert advice and act as expert consultants to the users
b) End user computing systems support the direct, hands on use of computers by end users for operational and managerial applications
c) Business information systems support the operational and managerial applications of the basic business functions of a firm
d) Strategic information systems provide a firm which strategic products, services, and capabilities for competitive advantage
Enterprise Resource Planning (ERP)
Integrated programs that can manage a company’s entire set of business operations
Often coordinate planning, inventory control, production and ordering
INFORMATION SYSTEMS @ X
INFO420: Managing Information Technology
Information Systems PlanningInformation Systems Planning
Definition / Levels of IS Planning
What is IS planning?What is IS planning? The process of developing a view of the future that guides
decision making today Stating the direction we want to go and how we intend to get
there
The Changing World of Planning
Evolution of strategic IS planning along with rapid change of Internet-driven technologies.
Traditional style of planning no longer viable Command and control IS as a support function “Lifecycle” (static environment)
Still need long-range vision but with flexibility and creativity
INFORMATION INFORMATION
SYSTEMS IN THESYSTEMS IN THE
ENTERPRISEENTERPRISE
MANAGEMENT CHALLENGES
KEY SYSTEM APPLICATIONS FUNCTIONAL PERSPECTIVE OF SYSTEMS INTEGRATING FUNCTIONS & PROCESSES
*
TYPES OF INFORMATION SYSTEMSTYPES OF INFORMATION SYSTEMS
DATA WORKERSDATA WORKERS
KIND OF SYSTEM GROUPS SERVEDKIND OF SYSTEM GROUPS SERVED
STRATEGIC LEVEL SENIOR STRATEGIC LEVEL SENIOR MANAGERSMANAGERS
MANAGEMENT LEVEL MIDDLE MANAGEMENT LEVEL MIDDLE MANAGERSMANAGERS
OPERATIONAL OPERATIONAL
OPERATIONAL LEVEL OPERATIONAL LEVEL MANAGERS MANAGERS
KNOWLEDGE LEVEL KNOWLEDGE &KNOWLEDGE LEVEL KNOWLEDGE &
SALES & MANUFACTURING FINANCE ACCOUNTING HUMANSALES & MANUFACTURING FINANCE ACCOUNTING HUMAN RESOURCESRESOURCESMARKETINGMARKETING
MAJOR TYPES OF SYSTEMS
EXECUTIVE SUPPORT SYSTEMS (ESS) DECISION SUPPORT SYSTEMS (DSS) MANAGEMENT INFORMATION SYSTEMS (MIS) KNOWLEDGE WORK SYSTEMS (KWS) OFFICE AUTOMATION SYSTEMS (OAS) TRANSACTION PROCESSING SYSTEMS (TPS)
*
MANAGEMENT LEVEL INPUTS: LOW VOLUME DATA PROCESSING: INTERACTIVE OUTPUTS: DECISION ANALYSIS USERS: PROFESSIONALS, STAFF
EXAMPLE: CONTRACT COST ANALYSIS
DECISION SUPPORT SYSTEMS (DSS)(DSS)
FLEXIBLE, ADAPTABLE, QUICK USER CONTROLS INPUTS/OUTPUTS NO PROFESSIONAL PROGRAMMING SUPPORTS DECISION PROCESS
*
DECISION SUPPORT SYSTEMS (DSS)(DSS)
STRATEGIC LEVEL INPUTS: AGGREGATE DATA PROCESSING: INTERACTIVE OUTPUTS: PROJECTIONS USERS: SENIOR MANAGERS
EXAMPLE: 5 YEAR OPERATING PLAN
EXECUTIVE SUPPORT SYSTEMS (ESS)(ESS)
TOP LEVEL MANAGEMENT DESIGNED TO THE INDIVIDUAL TIES CEO TO ALL LEVELS VERY EXPENSIVE TO KEEP UP EXTENSIVE SUPPORT STAFF
*
EXECUTIVE SUPPORT SYSTEMS (ESS)(ESS)
SALES & MARKETING INFORMATION SYSTEM
SYSTEM DESCRIPTION ORGANIZATIONAL LEVEL
ORDER PROCESSING ENTER, PROCESS, TRACK ORDERS OPERATIONAL
MARKET ANALYSIS IDENTIFY CUSTOMERS & MARKETS KNOWLEDGE
PRICING ANALYSIS DETERMINE PRICES MANAGEMENT
SALES TRENDS PREPARE 5-YEAR FORECASTS STRATEGIC
MANUFACTURING INFORMATION SYSTEM
SYSTEM DESCRIPTION ORGANIZATIONAL LEVEL
MACHINE CONTROL CONTROL ACTIONS OF EQUIPMENT OPERATIONAL
COMPUTER-AIDED-DESIGN DESIGN NEW PRODUCTS KNOWLEDGE
PRODUCTION PLANNING DECIDE NUMBER, SCHEDULE OF PRODUCTS MANAGEMENT
FACILITIES LOCATION DECIDE WHERE TO LOCATE FACILITIES STRATEGIC
FINANCE & ACCOUNTING INFORMATION SYSTEM
SYSTEM DESCRIPTION ORGANIZATIONAL LEVEL
ACCOUNTS RECEIVABLE TRACK MONEY OWED TO FIRM OPERATIONAL
PORTFOLIO ANALYSIS DESIGN FIRM'S INVESTMENTS KNOWLEDGE
BUDGETING PREPARE SHORT TERM BUDGETS MANAGEMENT
PROFIT PLANNING PLAN LONG-TERM PROFITS STRATEGIC
HUMAN RESOURCES INFORMATION SYSTEM
SYSTEM DESCRIPTION ORGANIZATIONAL LEVEL
TRAINING & DEVELOPMENT TRACK TRAINING, SKILLS, APPRAISALS OPERATIONAL
CAREER PATHING DESIGN EMPLOYEE CAREER PATHS KNOWLEDGE
COMPENSATION ANALYSIS MONITOR WAGES, SALARIES, BENEFITS MANAGEMENT
HUMAN RESOURCES PLANNING PLAN LONG-TERM LABOR FORCE NEEDS STRATEGIC
Developing an Information Technology Risk Management
Program
Information Security
the protection of data against unauthorized access or modification
What is “Risk”?
Risk is intentionally exploit a particular information system vulnerability, and the resulting impact on the organization if this should occur (National Institute of Standards & Technology-NIST)
Risk is the probability of a vulnerability being exploited in the current environment, leading to a degree of loss of confidentiality, integrity, or availability, of an asset. (Microsoft)
What is Risk Management?
The goal of a risk management program is to protect the organization and its ability to perform its mission from IT-related risk
Risk Management is the Keystone of
Information Security
Risk Management has Three Parts
Risk Assessment - Determining where risks lie, and how big they are
Risk Mitigation - Prioritizing, evaluating, and implementing appropriate risk-reducing controls
Evaluation and Assessment – Since Risk Management is continuous and evolving, the past year’s Risk Management efforts should be assessed and evaluated prior to beginning the cycle again
Risk Management Process
Risk Assessment
Risk Mitigation
RM Evaluation
Assessing Risk Phase has Three Steps
1) Planning – Align your annual process with your budget; Specify your scope; Identify and pre-sell stakeholders; embrace subjectivity
2) Facilitated Data Gathering – Identify tangible and intangible assets, threats, vulnerabilities, existing controls, probable impact
3) Risk Prioritization – Determine probabilities, and combine impact with probability to produce a risk statement
Risk Mitigation Options
Assume the Risk – Accept the risk and continue operating (how big is your appetite?)
Avoid the Risk – Stop running the program or sharing the data
Transfer the Risk – Use options to compensate for the loss, such as insurance
Lessen the Risk – Implement controls that lessen the impact or lower the likelihood
Activity 3
Can Risk Assessment be done in terms of calculation of financial figures?