MBA-401: Management Information System

MBA-401: MANAGEMENT INFORMATION SYSTEM

Questions from Unit I

Q.1. What is 'Information'? Discuss about the concept of Information Systems in detail.

Information is organized or classified data which has some meaningful values for the receiver. Information is the processed data on which decisions and actions are based.

When using information for business purposes and storing information in an information system it is of vital importance that the information is good and helps you make the correct business decision.

Information system has been defined in terms of two perspectives: one relating to its function; the other relating to its structure. From a functional perspective; an information system is a technologically implemented medium for the purpose of recording, storing, and disseminating linguistic expressions as well as for the supporting of inference making. From a structural perspective; an information system consists of a collection of people, processes, data, models, technology and partly formalized language, forming a cohesive structure which serves some organizational purpose or function.

The functional definition has its merits in focusing on what actual users -from a conceptual point of view- do with the information system while using it. They communicate with experts to solve a particular problem. The structural definition makes clear that IS are socio-technical systems, i.e., systems consisting of humans, behavior rules, and conceptual and technical artefacts.

An information system can be defined technically as a set of interrelated components that collect (or retrieve), process, store, and distribute information to support decision making and control in an organization. In addition to supporting decision making, coordination, and control, information systems may also help managers and workers analyze problems, visualize complex subjects, and create new products.

Three activities in an information system produce the information that organizations need to make decisions, control operations, analyze problems, and create new products or services. These activities are:

1. Input: It captures or collects raw data from within the organization or from its external environment.

2. Processing: It converts this raw input into a more meaningful form.

3. Output: It transfers the processed information to the people who will use it or to the activities for which it will be used.

Information systems also require feedback, which is output that is returned to appropriate members of the organization to help them evaluate or correct the input stage.

Components of Information Systems

While information systems may differ in how they are used within an organization, they typically contain the following components:

▬ Hardware: Computer-based information systems use computer hardware, such as processors, monitors, keyboard and printers.

▬ Software: These are the programs used to organize, process and analyze data.

▬ Databases: Information systems work with data, organized into tables and files.

▬ Network: different elements need to be connected to each other, especially if many different people in an organization use the same information system.

▬ Procedures: These describe how specific data are processed and analyzed in order to get the answers for which the information system is designed.

Technology: These three elements – hardware, software, and telecommunication systems – comprise the IT component of an information system. For example, the technology components of the automated payroll system mentioned in the first example include:

 Hardware – computers and printers

 Software – the accounting software application designed to keep track of the salaries and the staff scheduling system designed to keep track of hours worked and how much each employees should be paid

 Telecommunication systems – local and inter-organizational channels of communication and routing equipment designed to connect the company to the bank for automatic money transfers.

Process: A process is the set of steps employed to carry out a specific business or organizational activity. In other words, a process maps the set of actions that an individual, a group or an organization must enact in order to complete an activity.

People: The people component of an information system encompasses all those individuals who are directly involved with the system. These people include the managers who define the goals of the system, and the users.

Structure: The structure (or organizational structure) component of information systems refers to the relationship among the individuals in the people component. Thus, it encompasses hierarchical and reporting structures, and reward systems. The structure component plays a critical role in an information system, simply because systems often fail when they are resisted by their intended users.

Importance of Information Systems in an Organization

Information systems gain their importance by processing the data from company inputs to generate information that is useful for managing your operations. To increase the information system's effectiveness, you can either add more data to make the information more accurate or use the information in new ways.

Communication: Part of management is gathering and distributing information, and information systems can make this process more efficient by allowing managers to communicate rapidly. Email is quick and effective, but managers can use information systems even more efficiently by storing documents in folders that they share with the employees who need the information. This type of communication lets employees collaborate in a systematic way. Each employee can communicate additional information by making changes that the system tracks. The manager collects the inputs and sends the newly revised document to his target audience.

Operations: Managing a company's operations depend on the information available with the company. Information systems can offer more complete and more recent information, allowing you to operate your company more efficiently. You can use information systems to gain a cost advantage over competitors or to differentiate yourself by offering better customer service. Sales data give you insights about what customers are buying and let you stock or produce items that are selling well. With guidance from the information system, you can streamline your operations.

Decisions: The company information system can help you make better decisions by delivering all the information you need and by modeling the results of your decisions. A decision involves choosing a course of action from several alternatives and carrying out the corresponding tasks. When you have accurate, up-to-date information, you can make the choice with confidence. If more than one choice looks appealing, you can use the information system to run different scenarios. For each possibility, the system can calculate key indicators such as sales, costs and profits to help you determine which alternative gives the most beneficial result.

Records: Your Company needs records of its activities for financial and regulatory purposes as well as for finding the causes of problems and taking corrective action. The information system stores documents and revision histories, communication records and operational data. The trick to exploiting this recording capability is organizing the data and using the system to process and present it as useful historical information. You can use such information to prepare cost estimates and forecasts and to analyze how your actions affected the key company indicators.

Q.2. Discuss about the implementation of Information Systems in Global Business.

Managers and business firms invest in information technology and information systems because they provide real economic value to the business. Every business has an information value chain. The value of an information system to a business, as well as the decision to invest in any new information system is in large part, determined by the extent to which the system will lead to better management decisions, more efficient business processes, and higher firm profitability. Although there are other reasons why systems are built, their primary purpose is to contribute to corporate value.

From a business perspective, an information system provides a solution to a problem or challenge facing a firm and represents a combination of management, organization, and technology elements. The management dimension of information systems involves issues such as leadership, strategy, and management behaviour. The technology dimension consists of computer hardware, software, data management technology, and networking/telecommunications technology (including the Internet). The organization dimension of information systems involves issues such as the organization’s hierarchy, functional specialties, business processes, culture, and political interest groups.

E-mail, online conferencing, and cell phones have become essential tools for conducting business. Information systems are the foundation of fast-paced supply chains. The Internet allows many businesses to buy, sell, advertise, and solicit customer feedback online. Organizations are trying to become more competitive and efficient by digitally enabling their core business processes and evolving into digital firms. The Internet has stimulated globalization by dramatically reducing the costs of producing, buying, and selling goods on a global scale. New information system trends include the emerging mobile digital platform, online software as a service, and cloud computing.

The emergence of the Internet into a full-blown international communications system has drastically reduced the costs of operating and transacting on a global scale. Communication between a factory floor in Shanghai and a distribution center in Rapid Falls, South Dakota, is now instant and virtually free. Customers now can shop in a worldwide marketplace, obtaining price and quality information reliably 24 hours a day. Firms producing goods and services on a global scale achieve extraordinary cost reductions by finding low-cost suppliers and managing production facilities in other countries. Internet service firms, such as Google and eBay, are able to replicate their business models and services in multiple countries without having to redesign their expensive fixed-cost information systems infrastructure. Briefly, information systems enable globalization.

Strategic Business Objectives of Information Systems

Specifically, business firms invest heavily in information systems to achieve six strategic business objectives: operational excellence; new products, services and business models; customer and supplier intimacy; improved decision making; competitive advantage; and survival.

Operational Excellence: Businesses continuously seek to improve the efficiency of their operations in order to achieve higher profitability. Information systems and technologies are some of the most important tools available to managers for achieving higher levels of efficiency and productivity in business operations, especially when coupled with changes in business practices and management behaviour.

New Products, Services, and Business Models: Information systems and technologies are a major enabling tool for firms to create new products and services, as well as entirely new business models. A business model describes how a company produces, delivers, and sells a product or service to create wealth.

Customer and Supplier Intimacy: When a business really knows its customers, and serves them well, the customers generally respond by returning and purchasing more. This arises revenues and profits. Likewise with suppliers: the more a business engages its suppliers, the better the suppliers can provide vital inputs and this lowers costs.

Improved Decision Making: Information systems and technologies have made it possible for managers to use real-time data from the marketplace when making decisions.

Competitive Advantage: When firms achieve one or more of these business objectives operational excellence; new products, services, and business models; Customer/ supplier intimacy; & improved decision making chances are they have already achieved a competitive advantage. Doing things better than your competitors charging less for superior products, and responding to customers and suppliers in real time all add up to higher sales and higher profits that your competitors cannot match.

Survival: Business firms also invest in information systems and technologies because they are necessities of doing business. Sometimes these "necessities" are driven by industry level changes.

Q.3. How do you classify Information Systems? Discuss about it in detail.

Classification of Information Systems

Operations Support System (OSS): Operations support system (OSS) is a software component that enables a service provider to monitor, control, analyze, and manage the services on its network. These types of software applications, along with a business support system (BSS), support most customer-facing activities, including ordering, billing, and support.

The development and implementation of OSS systems often involves information technology (IT) expertise as well as the help of integrators that can ensure the software works with network infrastructure to pass on important information about the fulfillment and delivery of services.

An operational support system (OSS) is a group of computer programs or an IT system used by communications service providers for monitoring, controlling, analyzing and managing a computer or telephone network system. OSS software is specifically dedicated to telecommunications service providers and mainly used for supporting network processes to maintain network inventory, configure network components, provision services and manage faults.

Management Support System (MSS): An MSS is an information system that integrates the functional capabilities of a decision support system, executive information system, and knowledge-based or expert system. The term MSS is used here to refer to any computer based system that aims to support a manager or professional in a decision making environment. It is an extension of the older concept of a DSS to include a wider range of computer based support systems. MSS has a wider meaning than just the quantitative models that have traditionally been referred to as DSS. Any decision support system must contribute something tangible to the decision making process. It must either enable the manager to make the decision more efficiently, or enable the manager to make a more effective decision. Hence the increasing use of the term MSS to include any computer based system that supports a decision making process.

Transaction Processing System (TPS): Transaction processing systems are used to record day to day business transactions of the organization. They are used by users at the operational management level. The main objective of a transaction processing system is to answer routine questions such as;

 How printers were sold today?

 How much inventory do we have at hand?

 What is the outstanding due for John Doe?

By recording the day to day business transactions, TPS system provides answers to the above questions in a timely manner. The decisions made by operational managers are routine and highly structured. The information produced from the transaction processing system is very detailed.

For example, banks that give out loans require that the company that a person works for should have a Memorandum of Understanding (MoU) with the bank. If a person whose employer has a MoU with the bank applies for a loan, all that the operational staff has to do is verify the submitted documents. If they meet the requirements, then the loan application documents are processed. If they do not meet the requirements, then the client is advised to see tactical management staff to see the possibility of signing a MoU.

Examples of transaction processing systems include;

▬ Point of Sale Systems – records daily sales

▬ Payroll systems – processing employees’ salary, loans management, etc.

▬ Stock Control systems – keeping track of inventory levels

▬ Airline booking systems – flights booking management

Process Control Systems (PCS): A process control system monitors the manufacturing environment and electronically controls the process or manufacturing flow based on the various set-points given by the user. In a manufacturing setup, there will be different parameters for critical processes that have to be monitored. The real time values of these parameters will be fed to a central control system. These values are compared with the preset set-points through feedback systems and the necessary alerts are output on the display system, so that corrective action can be taken.

Process control systems are used to monitor and control industrial or physical processes. A process control system comprises the whole range of equipment, computer programs and operating procedures. For example: petroleum refining as a petroleum refinery uses electronic sensors linked to computers to monitor chemical processes continually and make instant (real-time) adjustments that control the refinery process. Other examples are power generation and steel production systems.

Enterprise Collaboration Systems (ECS): An Enterprise Collaboration System (ECS) is an information system used to facilitate efficient sharing of documents and knowledge between teams and individuals in an enterprise. ECS is a combination of groupware, tools, Internet, extranets and other networks needed to support enterprise-wide communications, such as the sharing of documents and knowledge to specific teams and individuals within the enterprise. Some examples of enterprise communication tools include e-mail, videoconferencing, collaborative document sharing, project management tools and others. The objective of an ECS is to provide each user with the tools for managing communications, documents and other information that individuals need to manage their own tasks efficiently in their departments.

Enterprise collaboration systems (office automation systems) enhance team and workgroup communications and productivity. Office automation systems are not specific to any one level in the organization but provide important support for a broad range of users. Office information systems are designed to support office tasks with information technology. Voice mail, multimedia system, electronic mail, video conferencing, file transfer, and even group decisions can be achieved by office information systems.

Management Information System (MIS): Management Information Systems (MIS) are used by tactical managers to monitor the organization's current performance status. The output from a transaction processing system is used as input to a management information system. The MIS system analyzes the input with routine algorithms i.e. aggregate, compare and summarizes the results to produced reports that tactical managers use to monitor, control and predict future performance.

For example, input from a point of sale system can be used to analyze trends of products that are performing well and those that are not performing well. This information can be used to make future inventory orders i.e. increasing orders for well-performing products and reduce the orders of products that are not performing well.

Examples of management information systems include;

▬ Sales management systems – they get input from the point of sale system

▬ Budgeting systems – gives an overview of how much money is spent within the organization for the short and long terms.

▬ Human resource management system – overall welfare of the employees, staff turnover, etc.

Tactical managers are responsible for the semi-structured decision. MIS systems provide the information needed to make the structured decision and based on the experience of the tactical managers, they make judgment calls i.e. predict how much of goods or inventory should be ordered for the second quarter based on the sales of the first quarter.

Decision Support System (DSS): Decision support systems are used by senior management to make non-routine decisions. Decision support systems use input from internal systems (transaction processing systems and management information systems) and external systems.

The main objective of decision support systems is to provide solutions to problems that are unique and change frequently. Decision support systems answer questions such as;

 What would be the impact of employees' performance if we double the production lot at the factory?

 What would happen to our sales if a new competitor entered the market?

Decision support systems use sophisticated mathematical models, and statistical techniques (probability, predictive modeling, etc.) to provide solutions, and they are very interactive.

Examples of decision support systems include;

▬ Financial planning systems – it enables managers to evaluate alternative ways of achieving goals. The objective is to find the optimal way of achieving the goal. For example, the net profit for a business is calculated using the formula Total Sales less (Cost of Goods + Expenses). A financial planning system will enable senior executives to ask what if questions and adjust the values for total sales, the cost of goods, etc. to see the effect of the decision and on the net profit and find the most optimal way.

▬ Bank loan management systems – it is used to verify the credit of the loan applicant and predict the likelihood of the loan being recovered.

Executive Information Systems (EIS): The top executives need fast access to up-to-date, concise information and exception reports with facilities to personalized information and analysis. The information systems designed to cater to such needs of top executives are called Executive Information Systems (EIS) or Executive Support Systems.

These systems act as electronic briefing systems and offer tremendous flexibility in use. EIS uses internal as well as external information and offers an interactive and a user friendly operating environment.

Executive Information Systems have been developed, which provide rapid access to both internal and external information, often presented in graphical format, but with the ability to present more detailed underlying data if it is required. Executive information systems provide critical information from a wide variety of internal and external sources (from MIS, DSS, and other sources tailored to the information needs of executives) in easy-to-use displays to executives and managers. According to Patterson, an EIS provides senior managers with a system to assist in taking strategic and tactical decisions. According to Shim, an executive information system is designed to generate information that is abstract enough to present the whole company operation in a simplified version to satisfy senior management.

Q.4. What is Enterprise Resource Planning (ERP)? Discuss about its benefits for Business.

ERP is an industry acronym for Enterprise Resource Planning. Broadly speaking, ERP refers to automation and integration of a company's core business to help them focus on effectiveness & simplified success.

ERP can be defined as a system that helps organizations manage their financials, supply chain, manufacturing, operations, reporting, and human resources. Most ERP systems can be deployed on-premises or in the cloud, to improve and automate the core parts of your business.

With the right enterprise resource planning software, all your business processes come together for easy collaboration and rapid decision-making to enhance your team’s overall productivity. Leverage integrated systems for:

▫ Financial management: Gain control over your assets, cash flow, and accounting.

▫ Supply chain and operations management: Streamline your purchasing, manufacturing, inventory, and sales order processing.

▫ Customer relationship management: Improve customer service, and increase cross-sell and up-sell opportunities.

▫ Project management: Get what you need to deliver work on time and on budget with better billing and project monitoring.

▫ Human resources management: Get help attracting and retaining good employees with tools to help hire, manage, and pay your team.

▫ Business intelligence: Make smart decisions with easy-to-use reporting, analysis, and business intelligence tools.

An ERP System automates and integrates core business processes such as taking customer orders, scheduling operations, and keeping inventory records and financial data. ERP systems can drive huge improvements in the effectiveness of any organisation by:

▬ assisting you in defining your business processes and ensuring they are complied with throughout the supply chain;

▬ protecting your critical business data through well-defined roles and security access

▬ enabling you to plan your work load based on existing orders and forecasts

▬ providing you with the tools to give a high level of service to your customers

▬ translating your data into decision making information

Benefits of ERP for Business

▫ Integration across all business processes - To realize the full benefits of an ERP system it should be fully integrated into all aspects of your business from the customer facing front end, through planning and scheduling, to the production and distribution of the products you make.

▫ Automation enhances productivity - By automating aspects of business processes, ERP makes them more efficient, less prone to error, and faster. It also frees up people from mundane tasks such as balancing data.

▫ Increase overall performance - By integrating disparate business processes, ERP ensures coherence and avoids duplication, discontinuity, and people working at cross purposes, in different parts of the organisation. The cumulative positive effect when business processes integrate well is overall superior performance by the organisation.

▫ Quality Reports and Performance Analysis - Analysis on ERP will enable you to produce financial and boardroom quality reports, as well as to conduct analysis on the performance of your organisation.

▫ Integrates across the entire supply chain - A best of breed ERP system should extend beyond your organisation and integrate with both your supplier and customer systems to ensure full visibility and efficiency across your supply chain.

Q.5. Discuss about Customer Relationship Management and its importance in current scenario.

The emergence of electronic business has changed many aspects of current business and has created new firms with new business models. Organizations, now, start to re-evaluate their fundamental relations: Relation between firms and their suppliers, customers, government and also their competitors.

In the digital world, many firms are facing challenges with growing and complex demands of customers that need immediate and high-level services through multiple channels. To face these challenges, many firms, choose electronic customer relationship management. This emerging concept, gives organizations the ability to gain, integrate and disseminate data and information through their corporate websites

A Conceptual Framework for E-CRM

Today, although CRM is on top of firms priorities, there are many unclear points about its definition and role. In order to fully understand these ambiguities, we should view CRM from a strategic and systematic approach, and recognize the components of customer value. A conceptual framework with a strategic approach for e-CRM covers definitions and functions of every part and also includes adaptation of the model to different firms which helps to use e-CRM as a managerial strategic approach.

In this framework, similar to porter value chain, we have two types of activities: Primary and Supportive ones with the difference of being customer centric and CRM related. As the company runs its primary activities of Customer Acquisition, Retention and Expansion, it needs some supportive activities such as channel integration and information management. Information management activities deal with customer database including 3 types of information: information of the customer, information for the customer and information by the customer. An important point in the framework is the initial phase which is Strategy Formation that should be considered before any CRM implementation.

Components of this framework are shown below:

1. Strategy formation

Before speaking about CRM technological issues, managers should consider CRM in the context of their overall business strategies.

This task needs a two dimensional emphasis:

1) On business strategy

2) On customer strategy of the firm.

The more these two dimensions are interrelated with each other, the more successful CRM strategy would be. Through developing and reviewing business strategies, organizations identify their key capabilities and the way they could transfer them as value to their customers.

2. Multiple channel integration activity

One of key and strategic components for moving toward e-CRM, is to develop a consolidated and relationship-based strategy for existing channels (old ones) and web-based technologies (new and modern ones), that is designed to enhance the relationships with customers (not only reducing costs). So, it can be mentioned that e-CRM is multiple channels which are get consolidated. If the goal of channels strategy is only cost reduction, undesirable effects will appear.

3. Information management activity

This process includes customer data collection from all touch points and omission of redundancies and using them to create an up-to-date and complete profile of customers in order to enhance quality of interaction between firms and customers.

4. Customer Acquisition

From a strategic point of view, all the primary activities for attracting customers like advertising strategies and marketing efforts are for new customer acquisition and creating an image of firm brand name. Now, if these activities are run through web, firms should do different sort of tasks to recognize customer interests. Site visitor tracking and click stream data bases are some of activities which help to recognize customer interests and then to offer better products or services to them.

5. Customer Retention

Even by ignoring the fact that the cost of a new customer acquisition is 5 times of retention of an old one, yet retention and expansion is more important due to lack of sufficient information about new customers. The goal of customer retention is to leverage customer acquisition investments. Because customer acquisition is normally more expensive than retention, it makes sense to find ways and mechanisms to extend the duration of the relationship between firm and customer.

6. Customer Expansion

In CRM, businesses invest their money on those customers which will bring the most value for the firm. Customer expansion with focus on retention of the most value adding customers needs precise strategies to do.

7. Performance measurement and evaluation activity

In order to evaluate the performance, some criteria would be determined through e-CRM system design stage. These criteria depend on different goals of serving customers and should be aligned with overall operational business criteria. Here the focus is on two elements of performance: customer satisfaction and operational performance. In traditional models, customers’ satisfaction is examined through survey and complaint system. Today, web technologies enable e-CRM to get feedback from customers, immediately after interaction and in minimum time; even feedback could be a part of interaction process. It is hoped that, customer satisfaction lead to customer loyalty which is another criterion for measurement of performance.

Importance of Customer Relationship Management (CRM)

1. A CRM system consists of a historical view and analysis of all the acquired or to be acquired customers. This helps in reduced searching and correlating customers and to foresee customer needs effectively and increase business.

2. CRM contains each and every bit of details of a customer, hence it is very easy for track a customer accordingly and can be used to determine which customer can be profitable and which not.

3. In CRM system, customers are grouped according to different aspects according to the type of business they do or according to physical location and are allocated to different customer managers often called as account managers. This helps in focusing and concentrating on each and every customer separately.

4. A CRM system is not only used to deal with the existing customers but is also useful in acquiring new customers. The process first starts with identifying a customer and maintaining all the corresponding details into the CRM system which is also called an ‘Opportunity of Business’. The Sales and Field representatives then try getting business out of these customers by sophistically following up with them and converting them into a winning deal. All this is very easily and efficiently done by an integrated CRM system.

5. The strongest aspect of Customer Relationship Management is that it is very cost-effective. The advantage of decently implemented CRM system is that there is very less need of paper and manual work which requires lesser staff to manage and lesser resources to deal with. The technologies used in implementing a CRM system are also very cheap and smooth as compared to the traditional way of business.

6. All the details in CRM system is kept centralized which is available anytime on fingertips. This reduces the process time and increases productivity.

7. Efficiently dealing with all the customers and providing them what they actually need increases the customer satisfaction. This increases the chance of getting more business which ultimately enhances turnover and profit.

8. If the customer is satisfied they will always be loyal to you and will remain in business forever resulting in increasing customer base and ultimately enhancing net growth of business.

Questions from Unit II

Q.1. Discuss about Information as a strategic resource and its impact on a company’s strategy.

The word “strategy” originates from the Greek word strategos, meaning “general.” In war, a strategy is a plan to gain an advantage over the enemy. Other disciplines, especially business, have borrowed the term. As you know from media coverage, corporate executives often discuss actions in ways that make business competition sound like war. Businesspeople must devise decisive courses of action to win—just as generals do. In business, a strategy is a plan designed to help an organization outperform its competitors. Unlike battle plans, however, business strategy often takes the form of creating new opportunities rather than beating rivals.

Although many information systems are built to solve problems, many others are built to seize opportunities. And, as anyone in business can tell you, identifying a problem is easier than creating an opportunity. Because a problem already exists; it is an obstacle to a desired mode of operation and, as such, calls attention to itself. An opportunity, on the other hand, is less tangible. It takes a certain amount of imagination, creativity, and vision to identify an opportunity, or to create one and seize it. Information systems that help seize opportunities are often called strategic information systems (SISs). They can be developed from scratch, or they can evolve from an organization’s existing ISs.

Some ISs have become strategic tools as a result of strategic planning; others have evolved into strategic tools. To compete in the market, executives need to define strategic goals and determine whether new or improved ISs can support these goals. Rather than waiting complacently until a problem occurs, businesses actively look for opportunities to improve their position with information systems. An IS that helps gain strategic advantage is called a strategic information system (SIS). To assure optimal utilization of IT for competitive advantage, executives must participate in generating ideas and champion new, innovative uses of information systems. In recent years, many of these ideas involved using the Internet. A company achieves strategic advantage by using strategy to maximize its strengths, resulting in a competitive advantage.

In a free-market economy, it is difficult for a business to do well without some strategic planning. Although strategies vary, they tend to fall into some basic categories, such as developing a new product, identifying an unmet consumer need, changing a service to entice more customers or retain existing clients, or taking any other action that increases the organization’s value through improved performance.

Many strategies do not, and cannot, involve information systems. But increasingly, corporations are able to implement certain strategies—such as maximizing sales and lowering costs - thanks to the innovative use of information systems. In other words, better information gives corporations a competitive advantage in the marketplace. A company achieves strategic advantage by using strategy to maximize its strengths, resulting in a competitive advantage. When a business uses a strategy with the intent to create a market for new products or services, it does not aim to compete with other organizations, because that market does not yet exist. Therefore, a strategic move is not always a competitive move. However, in a free-enterprise society, a market rarely remains the domain of one organization for long; thus, competition ensues almost immediately. So, we often use the terms “competitive advantage” and “strategic advantage” interchangeably.

Consider competitive advantage in terms of a for-profit company, whose major goal is to maximize profits by lowering costs and increasing revenue. A for-profit company achieves competitive advantage when its profits increase significantly, most commonly through increased market share. The figure given below lists eight basic initiatives that can be used to gain competitive advantage, including offering a product or service that competitors cannot provide or providing the same product or service more attractively to customers. It is important to understand that the eight listed are the most common, but not the only, types of business strategy an organization can pursue. It is also important to understand that strategic moves often consist of a combination of two or more of these initiatives and other steps. The essence of strategy is innovation, so competitive advantage is often gained when an organization tries a strategy that no one has tried before.

For example, Dell was the first PC manufacturer to use the Web to take customer orders. Competitors have long imitated the practice, but Dell, first to gain a Web audience, gained more experience than other PC makers on this e-commerce vehicle and still sells more computers via the Web than its competitors. Figure 2.2 indicates that a company can use many strategies together to gain competitive advantage.

Strategic advantage is often achieved by one or a combination of the following initiatives:

Cost reduction enables a business to sell more units of its products or services while maintaining or increasing its profit margin. Raising barriers to potential entrants to the industry lets an organization maintain a sizable market share by developing systems that are prohibitively expensive for competitors to emulate. By establishing high switching costs, a business can make buying from competitors unattractive to clients. Developing totally new products and services can create an entirely new market for an organization, which can also enjoy the advantage of being a first mover for that product and market. And if the organization cannot create new products or services, it can still enjoy competitive advantage by differentiating its products so that customers view them as better than a competitor’s products. Organizations also attain advantage by enhancing existing products or services. Many new services are the fruits of alliances between companies: each contributes its own expertise to package services that entice customers with an overall value greater than that offered by the separate services individually. Locking in clients or suppliers, i.e., creating conditions that make dealing with competitors infeasible is a powerful strategy to gain advantage. To maintain a strategic advantage, organizations must develop new features to keep the system on the leading edge. But they must be mindful of the bleeding edge, the undesirable results (such as huge ongoing costs and loss of customers) of being the first to use new technology with the hope of establishing a competitive advantage.

Early adopters find themselves on the bleeding edge when the new technology is not yet fully reliable or when customers are uncomfortable with it.

Reduce Costs

Customers like to pay as little as possible while still receiving the quality of service or product they need. One way to increase market share is to lower prices, and the best way to lower prices is to reduce costs. For instance, if carried out successfully, massive automation of any business process gives an organization competitive advantage. The reason is simple: automation makes an organization more productive, and any cost savings can be transferred to customers through lower prices. We saw this happen in the auto industry. In the 1970s, Japanese automakers brought robots to their production and assembly lines and reduced costs—and subsequently prices—quickly and dramatically. The robots weld, paint, and assemble parts at a far lower cost than manual labor. Until their competitors began to employ robots, the Japanese had a clear competitive advantage because they were able to sell high-quality cars for less than their competitors.

Raise Barriers to Market Entrants

The smaller the number of companies competing within an industry, the better off each company is. Therefore, an organization might gain competitive advantage by making it difficult, or impossible, for other organizations to produce the product or service it provides. Using expertise or technology that is unavailable to competitors or prohibitively expensive is one way to bar new entrants.

Establish High Switching Costs

Switching costs are expenses incurred when a customer stops buying a product or service from one business and starts buying it from another. Switching costs can be explicit (such as charges the seller levies on a customer for switching) or implicit (such as the indirect costs in time and money spent adjusting to a new product that does the same job as the old).

Create New Products or Services

Clearly, creating a new and unique product or service that many organizations and individuals need gives an organization a great competitive advantage. Unfortunately, the advantage lasts only until other organizations in the industry start offering an identical or similar product or service for a comparable or lower price.

Differentiate Products or Services

A company can achieve a competitive advantage by persuading consumers that its product or service is better than its competitors’, even if it is not. Called product differentiation, this advantage is usually achieved through advertising. Brand-name success is a perfect example of product differentiation. Think of Levi’s Jeans, Chanel and Lucky perfumes, and Gap clothes. The customer buys the brand-name product, perceiving it to be superior to similar products. In fact, some products are the same, but units sold under a prestigious brand name sell for higher prices.

Enhance Products or Services

Instead of differentiating a product or service, an organization might actually add to the product or service to increase its value to the consumer; this is called enhancing existing products or services. For example, car manufacturers might entice customers by offering a longer warranty period for their cars, and real-estate agents might attract more business by providing useful financing information to potential buyers.

Establish Alliances

Companies can gain competitive advantage by combining services to make them more attractive (and usually less expensive) than purchasing services separately. These alliances provide two draws for customers: combined service is cheaper, and one-stop shopping is more convenient. The travel industry is very aggressive in this area. For example, airlines collaborate with hotel chains and car-rental firms to offer travel and lodging packages and with credit-card companies that offer discount ticket purchases from particular airlines or the products of particular manufacturers. Credit-card companies commonly offer frequent flier miles for every dollar spent. In all these cases, alliances create competitive advantages.

Q.2. Define Business Process Re-engineering (BPR). What are its objectives and characteristics?

The globalization of the economy and the liberalization of the trade markets have formulated new conditions in the market place which are characterized by instability and intensive competition in the business environment. Competition is continuously increasing with respect to price, quality and selection, service and promptness of delivery.

Removal of barriers, international cooperation, technological innovations cause competition to intensify. All these changes impose the need for organizational transformation, where the entire processes, organization climate and organization structure are changed. Hammer and Champy provide the following definitions:

 Re-engineering is the fundamental rethinking and radical redesign of business processes to achieve dramatic improvements in critical contemporary measures of performance such as cost, quality, service and speed.

 Process is a structured, measured set of activities designed to produce a specified output for a particular customer or market. It implies a strong emphasis on how work is done within an organization."

An example of a business process: Credit card approval in a bank.

An applicant submits an application. The application is reviewed first to make sure that the form has been completed properly. If not, it is returned for completion. The complete form goes through a verification of information. This is done by ordering a report from a credit company and calling references. Once the information is verified, an evaluation is done. Then, a decision (yes or no) is made. If the decision is negative, an appropriate rejection letter is composed. If the decision is positive, an account is opened, and a card is issued and mailed to the customer. The process, which may take a few weeks due to workload and waiting time for the verifications, is usually done by several individuals.

Objectives of BPR

When applying the BPR management technique to a business organization the implementation team effort is focused on the following objectives:

Customer focus: Customer service oriented processes aiming to eliminate customer complaints.

Speed: Dramatic compression of the time it takes to complete a task for key business processes. For instance, if process before BPR had an average cycle time 5 hours, after BPR the average cycle time should be cut down to half an hour.

Compression: Cutting major tasks of cost and capital, throughout the value chain. Organizing the processes a company develops transparency throughout the operational level reducing cost. For instance the decision to buy a large amount of raw material at 50% discount is connected to eleven cross checking in the organizational structure from cash flow, inventory, to production planning and marketing. These checking become easily implemented within the cross-functional teams, optimizing the decision making and cutting operational cost.

Flexibility: Adaptive processes and structures to changing conditions and competition. Being closer to the customer the company can develop the awareness mechanisms to rapidly spot the weak points and adapt to new requirements of the market.

Quality: Obsession with the superior service and value to the customers. The level of quality is always the same controlled and monitored by the processes, and does not depend mainly on the person, who servicing the customer.

Innovation: Leadership through imaginative change providing to organization competitive advantage.

Productivity: Improve drastically effectiveness and efficiency. In order to achieve the above mentioned adjectives the following BPR project methodology is proposed.

Characteristics of BPR

Business processes are characterized by three elements: the inputs, (data such customer inquiries or materials), the processing of the data or materials (which usually go through several stages and may necessary stops that turn out to be time and money consuming), and the outcome (the delivery of the expected result). The problematic part of the process is processing. Business process re-engineering mainly intervenes in the processing part, which is re-engineered in order to become less time and money consuming.

Q.3. How can Business Process Re-engineering be applied to an organization?

“BPR is the fundamental rethinking and radical redesign of business processes to achieve dramatic improvements in critical contemporary measures of performance, such as cost, quality, service, and speed.” Instead of starting with an activity flowchart, corporations are advised to start with a clean slate. They are then told to look into why they perform the tasks the way they do. A Process Engineer will look at the activities to be performed and how they can be engineered to invest minimum resources and get maximum returns.

Information Availability: To fundamentally redesign a process, one must know the details involved. Details from internal and external sources must be captured and provided to the relevant people in the required time duration. This helps them to identify the bottlenecks and work around better ways of reaching the desired end.

Information Sharing: A BPR project is usually facilitated by a cross functional team. Most of the times, teams are spread across different geographic locations. Information needs to be successfully shared among various people to ensure the re-engineering goes as planned and without hiccups.

Technology as the Solution: The new processes that are developed as a result of BPR initiatives deploy the latest technology to achieve the desired end results. Usually it is e-Commerce, automation or another technology driven solution that is implemented.

Empowering people: Empowerment means giving people the ability to do their work: the right information, the right tools, the right training, the right environment, and the authority they need. Information systems help empower people by providing information, tools and training.

Providing Information: Primary purpose of most information systems is providing information to help people perform their work, although they provide information in many different ways. Some systems provide information that is essential in informing a business process, such as the prices used to create a customer’s bill at a restaurant. Other systems provide information that is potentially useful but can be used in a discretionary manner, such as medical history information that different doctors might use in different ways.

Providing Tools: Empowering people means giving them the right tools in addition to providing the right information, Consider the way planning analysts produce consolidated corporate plans based on plans of individual divisions and departments. If the plans are submitted on paper, it is a major task to add up the numbers to determine the projected corporate bottom line. When the plan is changed during a negotiation process, the planning analyst has to recalculate the projected results. With the right tools, the numerical parts of the plans arrive in a consistent, electronic format permitting consolidation by a computer. This leaves the analyst free to do the more productive work of analyzing the quality of the plan.

Providing Training: Information systems are often used for training and learning since they are designed to provide the information needed to support desired work practices. As shown by an expert system and a decision simulator, they sometimes provide new and unique training methods. IBM developed an expert system for fixing computer disk drives. The expert system was an organized collection of the best knowledge about fixing these disk drives, and it

fostered rapid and efficient training. Before the system was developed, technicians typically took between 1 and 16 months to become certified, but with the expert system, training time dropped 3 to 5 months.

Eliminating Unproductive Uses of Time: Information systems can reduce the amount of time people waste doing unproductive work. A study of how professionals and managers at 15 leading U.S. corporations spent their time concluded that many professionals spent less than half of their work time on activities directly related to their functions. Better use of information systems could save much of their unproductive time performing chores such as collecting product or pricing information, determining order status for a customer, resolving invoice discrepancies, and reporting of time and expenses.

Eliminating Unnecessary Paper: One common way to improve data processing is to eliminate unnecessary paper. Although paper is familiar and convenient for many purposes, it has major disadvantages. It is bulky, difficult to move from place to place, and extremely difficult to use for analyzing large amounts of data. Storing data in computerized form takes much less physical space and destroys fewer forests, but that is only the beginning. It makes data easier to analyze, easier to copy or transmit, and easier to display in a flexible format. Compare paper telephone bills with computerized bills for a large company. The paper bills identify calls but are virtually impossible to analyze for patterns of inefficient or excessive usage.

Eliminating Unnecessary Variations in the Procedures and Systems: In many companies, separate departments use different systems and procedures to perform similar repetitive processes, such as paying employees, purchasing supplies, and keeping track of inventories. Although these procedures may seem adequate from a totally local viewpoint, doing the same work in different ways is often inefficient in a global sense. Whenever the systems must change with new technology, new regulations, or new business issues, each separate system must be analyzed separately, often by someone starting from scratch.

Minimizing the Burden of Record Keeping, Data Handling, and General Office Work: Information system applications is an obvious place to look for improving the way people process data, since processing data is included in most jobs. Focus on basic data processing tasks: Reducing the burden of record keeping means being more efficient and effective with the six components of data processing. Those components are capturing, transmitting, storing, retrieving, manipulating, and displaying data. Capture data automatically when generated: Capturing data automatically at the time of data generation is especially important in minimizing the burden of record keeping.

In depth, BPR assumes that the current processes in a business are inapplicable and suggest completely new processes to be implemented by starting over. Such a perspective enables the designers of business processes to disassociate themselves from today's process, and focus on a new process.

Q.4. Describe the TQM philosophy and identify its major characteristics.

Total Quality management is defined as a continuous effort by the management as well as employees of a particular organization to ensure long term customer loyalty and customer satisfaction.

Total Quality Management is a management approach that originated in the 1950s and has steadily become more popular since the early 1980s. Total Quality is a description of the culture, attitude and organization of a company that strives to provide customers with products and services that satisfy their needs. The culture requires quality in all aspects of the company’s operations, with processes being done right the first time and defects and waste eradicated from operations.

Total Quality Management, TQM, is a method by which management and employees can become involved in the continuous improvement of the production of goods and services. It is a combination of quality and management tools aimed at increasing business and reducing losses due to wasteful practices.

Total quality management is an organization-wide philosophy with its core values centered on continually improving the quality of its product and services, and the quality of its processes, to meet and exceed customer expectations.

This means that everyone in the organization - from top management to the employees - plays a role in providing quality products and services to customers. Even suppliers and the customers themselves are part of the TQM.

TQM is a management philosophy that seeks to integrate all organizational functions (marketing, finance, design, engineering, and production, customer service, etc.) to focus on meeting customer needs and organizational objectives.

TQM views an organization as a collection of processes. It maintains that organizations must strive to continuously improve these processes by incorporating the knowledge and experiences of workers. The simple objective of TQM is “Do the right things, right the first time, every time.” TQM is infinitely variable and adaptable. Although originally

applied to manufacturing operations, and for a number of years only used in that area, TQM is now becoming recognized as a generic management tool, just as applicable in service and public sector organizations.

TQM is mainly concerned with continuous improvement in all work, from high level strategic planning and decision-making, to detailed execution of work elements on the shop floor. It stems from the belief that mistakes can be avoided and defects can be prevented. It leads to continuously improving results, in all aspects of work, as a result of continuously improving capabilities, people, processes, and technology and machine capabilities.

Continuous improvement must deal not only with improving results, but more importantly with improving capabilities to produce better results in the future. The five major areas of focus for capability improvement are demand generation, supply generation, technology, operations and people capability.

The following are some of the features of TQM:

1. Customer Focus: TQM places emphasis in meeting the requirement of both the internal as well as the external customer. In order to meet the requirements for the external customer, it is necessary to meet the needs of the internal customer. The initial focus should be on meeting needs of internal customer before an attempt is made to meet the requirements of the external customers. Consumers are the ultimate judge to determine whether products or services are of superior quality or not. No matter how many resources are pooled in training employees, upgrading machines and computers, incorporating quality design process and standards, bringing new technology, etc.; at the end of the day, it is the customers who have the final say in judging your company. Companies must remember to implement TQM across all fronts keeping in mind the customers.

2. Continuous Process: TQM is a continuous process. Constant and continuous efforts are made to improve the quality, and to reduce internal costs. Quality improvement helps the organisation to face the challenges of the competitors and to meet the requirements of the customers. TQM is a process which goes on forever, because at no time the quality can be 100% right. There is always a possibility for new and better way of doing things. A major component of TQM is continual improvement. Continual improvement will lead to improved and higher quality processes. Continual improvement will ensure companies will find new ways and techniques in producing better quality products, production, be more competitive, as well as exceed customer expectations.

3. Defect-free Approach: TQM place emphasis on the defect-free work most of the time. The defect free approach is phrased in various ways as right first time, working smarter or zero defects.

4. Employees Involvement: In TQM everyone is involved in the process from the management director to the junior clerk or worker in the organisation. It is not just manufacturing people, but also the accounting, finance, marketing, and even the canteen people are involved in the TQM process. Ensuring total employee involvement in achieving goals and business objectives will lead to employee empowerment and active participation from the employees in decision making and addressing quality related problems. Employee empowerment and involvement can be increased by making the workspace more open and devoid of fear.

5. Recognition and Rewards: Recognition and rewards is an integral part of company’s TQM Programme. Positive reinforcement through recognition and reward is essential to maintain achievement and continuous improvement in quality.

6. Synergy in Team Work: The Japanese are great believers in synergy (to work together). Engineers, technicians, and workers look upon themselves as equals and communicate easily as they work side by side. They create what professor Okuda has called a ‘synergetic Partnership’.

7. Techniques: TQM can take place by following various techniques such as quality circle, value engineering, statistical process control, etc. Through such techniques it is possible to improve systems and procedures.

8. System Approach: TQM is a system approach to managing the business and improving the performance. Without the total commitment on the part of chief executive officer and his senior executives, TQM cannot take off to a good start.

9. Strategic Approach to Improvement: Businesses must adopt a strategic approach towards quality improvement to achieve their goals, vision, and mission. A strategic plan is very necessary to ensure quality becomes the core aspect of all business processes.

10. Integrated System: Businesses comprise of various departments with different functionality purposes. These functionalities are interconnected with various horizontal processes TQM focuses on. Everyone in the company should have a thorough understanding of the quality policies, standards, objectives, and important processes. It is very important to promote a quality work culture as it helps to achieve excellence and surpass customer

expectations. An integrated system ensures continual improvement and helps companies achieve a competitive edge.

11. Decision Making: Data from the performance measurement of processes indicates the current health of the company. For efficient TQM, companies must collect and analyze data to improve quality, decision making accuracy, and forecasts. The decision making must be statistically and situational based in order to avoid any room for emotional based decisions.

12. Communications: Communication plays a crucial role in TQM as it helps to motivate employees and improve their morale during routine daily operations. Employees need to be involved as much as possible in the day to day operations and decision making process to really give them a sense of empowerment. This creates the environment of success and unity and helps drive the results the TQM process can achieve.

It requires immense efforts, time, courage, and patience to successfully implement TQM. Businesses successfully implementing TQM can witness improved quality across all major processes and departments, higher customer retention, higher revenue due to improved sales, and global brand recognition.

Q.5. What is Artificial Intelligence? Discuss about the applications of Artificial Intelligence.

According to the father of Artificial Intelligence John McCarthy, it is “The science and engineering of making intelligent machines, especially intelligent computer programs”.

Artificial Intelligence is a way of making a computer, a computer-controlled robot, or a software think intelligently, in the similar manner the intelligent humans think.

AI is accomplished by studying how human brain thinks and how humans learn, decide, and work while trying to solve a problem, and then using the outcomes of this study as a basis of developing intelligent software and systems.

Artificial Intelligence (AI) is a branch of Science which deals with helping machines finds solutions to complex problems in a more human-like fashion. This generally involves borrowing characteristics from human intelligence, and applying them as algorithms in a computer friendly way. A more or less flexible or efficient approach can be taken depending on the requirements established, which influences how artificial the intelligent behavior appears.

Philosophy of AI

While exploiting the power of the computer systems, the curiosity of human, lead him to wonder, “Can a machine think and behave like humans do?”

Thus, the development of AI started with the intention of creating similar intelligence in machines that we find and regard high in humans.

Goals of AI

▫ To Create Expert Systems: The systems which exhibit intelligent behaviour, learn, demonstrate, explain, and advice its users.

▫ To Implement Human Intelligence in Machines: Creating systems that understand, think, learn, and behave like humans.

Applications of AI

AI has been dominant in various fields such as:

▫ Gaming

AI plays crucial role in strategic games such as chess, poker, tic-tac-toe, etc., where machine can think of large number of possible positions based on heuristic knowledge.

You can buy machines that can play master level chess for a few hundred dollars. There is some AI in them, but they play well against people mainly through brute force computation--looking at hundreds of thousands of positions. To beat a world champion by brute force and known reliable heuristics requires being able to look at 200 million positions per second.

▫ Natural Language Processing

It is possible to interact with the computer that understands natural language spoken by humans.

Just getting a sequence of words into a computer is not enough. Parsing sentences is not enough either. The computer has to be provided with an understanding of the domain the text is about, and this is presently possible only for very limited domains.

▫ Expert Systems

There are some applications which integrate machine, software, and special information to impart reasoning and advising. They provide explanation and advice to the users.

▫ Heuristic Classification

One of the most feasible kinds of expert system given the present knowledge of AI is to put some information in one of a fixed set of categories using several sources of information. An example is advising whether to accept a proposed credit card purchase. Information is available about the owner of the credit card, his record of payment and also about the item he is buying and about the establishment from which he is buying it (e.g., about whether there have been previous credit card frauds at this establishment).

▫ Vision Systems

These systems understand, interpret, and comprehend visual input on the computer.

For example,

▬ A spying aero plane takes photographs which are used to figure out spatial information or map of the areas.

▬ Doctors use clinical expert system to diagnose the patient.

▬ Police use computer software that can recognize the face of criminal with the stored portrait made by forensic artist.

▫ Speech Recognition

Some intelligent systems are capable of hearing and comprehending the language in terms of sentences and their meanings while a human talks to it. It can handle different accents, slang words, noise in the background, change in human’s noise due to cold, etc.

▫ Handwriting Recognition

The handwriting recognition software reads the text written on paper by a pen or on screen by a stylus. It can recognize the shapes of the letters and convert it into editable text.

▫ Intelligent Robots

Robots are able to perform the tasks given by a human. They have sensors to detect physical data from the real world such as light, heat, temperature, movement, sound, bump, and pressure. They have efficient processors, multiple sensors and huge memory, to exhibit intelligence. In addition, they are capable of learning from their mistakes and they can adapt to the new environment.

Difference between Human and Machine Intelligence

▫ Humans perceive by patterns whereas the machines perceive by set of rules and data.

▫ Humans store and recall information by patterns; machines do it by searching algorithms. For example, the number 40404040 is easy to remember, store and recall as its pattern is simple.

▫ Humans can figure out the complete object even if some part of it is missing or distorted; whereas the machines cannot correctly.

Questions from Unit III

Q.1. What is Information Technology? What is its role in today’s society?

The term “information” has a diversity of meanings, from everyday usage to technical interpretations. Generally speaking, the concept of information is associated with knowledge derived from study, experience, or instruction. Technology, on the other hand, refers to the application of knowledge to the practical aims of human life, or to changing and manipulating the human environment. Technology includes the use of materials, tools, techniques and sources of power to make life easier or more pleasant and work more productive. Technology began to influence human endeavor as soon as people began using tools. Technology also started being used for managing information when the amount and variety of information grew to such vast proportions that the human brain could neither store nor process it efficiently.

Definition

The term Information Technology (IT) was coined by Jim Domsic of Michigan in November 1981. Domsic created the term to modernize the outdated phrase "data processing". Information Technology is a general term that describes any technology that helps to produce, manipulate, store, communicate and/or disseminate information. Presumably, when speaking of Information Technology as a whole, it is noted that the use of computers and information are associated. “Information Technology” as defined by the Information Technology Association of America (ITAA), is "the study, design, development, implementation, support or management of computer-based information systems, particularly software applications and computer hardware." IT deals with the use of computers and computer software to convert, store, protect, process, transmit and securely retrieve information.

Encompassing the computer and information systems industries, Information Technology is the capability to electronically input, process, store, output, transmit, and receive data and information, including text, graphics, sound, and video, as well as the ability to control machines of all kinds electronically. Information Technology is comprised of computers, networks, satellite communications, robotics, video, text, cable television, electronic mail ("e-mail"), electronic games, and automated office equipment. The information industry consists of all computer, communications, and electronics-related organizations, including hardware, software, and services. Completing tasks, using Information Technology, result in rapid processing and information mobility, as well as improved reliability and integrity of processed information.

Another related term, Information and Communications Technology (ICT) is sometimes used in preference to Information Technology, particularly in the fields of education and governance. In common usage, it is often assumed that ICT is synonymous with IT; ICT in fact encompasses any medium to record information, technology for broadcasting information; and technology for communicating through voice and/or images. It includes the wide variety of computing hardware (PCs, servers, mainframes, networked storage), the rapidly developing personal hardware market (mobile phones, personal devices, MP3 players), application software (from the smallest home-developed spreadsheet to online software services); and the hardware and software needed to operate networks for transmission of information. Thus, ICT makes more explicit that technologies such as broadcasting and wireless mobile telecommunications are included.

Applications of Information Technology

Science and Engineering: Scientific progress in fields like biotechnology is almost entirely dependent on the use of computers and other microprocessor-controlled devices. Using supercomputers, meteorologists predict future weather by using a combination of observations of weather conditions from many sources, a mathematical representation of the behavior of the atmosphere, and geographic data. Computer-aided design (CAD) and computer-aided manufacturing (CAM) programs have led to improved products in many fields, especially where designs tend to be very detailed. Computer programs make it possible for engineers to analyze designs of complex structures such as power plants and space stations.

Business & Commerce: One of the first and largest applications of computers is keeping and managing business and financial records. Most large companies keep the employment records of all their workers in large databases that are managed by computer programs. Similar programs and databases are used in business functions like billing customers; tracking payments received and payments to be made; and tracking supplies needed and items produced, stored, shipped, and sold. In fact, practically all the information companies need to do business involves the use of computers and Information Technology. Almost all the financial transactions in the world are done electronically. Newer technologies like m-commerce have enabled almost everybody to carry out routine financial transactions, on the move.

On a smaller scale, many businesses have replaced cash registers with point-of-sale (POS) terminals. These POS terminals not only print a sales receipt for the customer but also send information to a computer database when each item is sold to maintain an inventory of items on hand and items to be ordered. Computers have also become very important in modern factories. Computer-controlled robots now do tasks that are hot, heavy, or hazardous. Robots are also used to do routine, repetitive tasks in which boredom or fatigue can lead to poor quality work.

With today's sophisticated hardware, software, and communications technologies, it is often difficult to classify a system as belonging uniquely to one specific application program. Organizations increasingly are

consolidating their information needs into a single, integrated information system. Management Information System (MIS), with the Chief Information Officer (CIO) at its head, is a whole, new branch of enterprise management.

Education: The advent of Information Technology has changed the meaning of the term “literate”, with computer literacy being almost as important as basic literacy in many cases. Computer education is an essential course at the primary level in most schools across the world. With more information getting digitized every day, and the internet making it accessible to anyone across the world, students are increasingly relying on electronic sources of information rather than physical libraries for their needs. Instructional methodology has also undergone a sea change with use of images, animations, videos, presentations and e-learning to complement traditional techniques.

Governance: The concept of e-governance is one of the most novel applications of Information Technology whereby it is changing the lives of millions across the globe. Computerization of Government activities makes it easier to supervise and audit, and makes the administration more responsive to the needs of society. It also bridges the divide between the Government and the people. Technologies like touch-screen kiosks help disseminate information on land records, photo identity cards, pending bills etc. and enable even illiterate people to take more informed decisions. India is leading the world in the effective use of IT for elections.

Medicine: Information Technology plays an important role in medicine. For example, a scanner takes a series of pictures of the body by means of computerized axial tomography (CAT) or magnetic resonance imaging (MRI). A computer then combines the pictures to produce detailed three-dimensional images of the body's organs. In addition, the MRI produces images that show changes in body chemistry and blood flow. Most critical life support equipment are programmed to respond to changes in the patient’s status in split-seconds, thereby reducing the response time and risk of human error. Newer concepts like robotic surgery enable specialists to perform surgeries from remote locations. Genomic studies greatly depend on supercomputing power to develop technologies for the future.

Entertainment: IT has changed the lifestyle of most people. The convergence of various technologies has created various options for entertainment like games, streaming music and video, digital television broadcasts, satellite radio, animated movies etc. which can be accessed with the help of mobile phones, PDAs, notebook computers or on television either with a cable connection or wirelessly using newer-generation Wi-Fi, CDMA or GPRS technologies.

Q.2. Discuss about IT infrastructure and emerging technologies in detail.

IT infrastructure consists of a set of physical devices and software applications that are required to operate the entire enterprise. But an IT infrastructure is also a set of firm wide services budgeted by management and comprising both human and technical capabilities. These services include the following:

▫ Computing platforms used to provide computing services that connect employees, customers, and suppliers into a coherent digital environment, including large mainframes, midrange computers, desktop and laptop computers, and mobile handheld and remote cloud computing services.

▫ Telecommunications services that provide data, voice, and video connectivity to employees, customers, and suppliers

▫ Data management services that store and manage corporate data and provide capabilities for analyzing the data

▫ Application software services, including online software services, that provide enterprise-wide capabilities such as enterprise resource planning, customer relationship management, supply chain management, and knowledge management systems that are shared by all business units

▫ Physical facilities management services that develop and manage the physical installations required for computing, telecommunications, and data management services

▫ IT management services that plan and develop the infrastructure, coordinate with the business units for IT services, manage accounting for the IT expenditure, and provide project management services

▫ IT standards services that provide the firm and its business units with policies that determine which information technology will be used, when, and how

▫ IT education services that provide training in system use to employees and offer managers training in how to plan for and manage IT investments

▫ IT research and development services that provide the firm with research on potential future IT projects and investments that could help the firm differentiate itself in the marketplace

This “service platform” perspective makes it easier to understand the business value provided by infrastructure investments. For instance, the real business value of a fully loaded personal computer operating at 3 gigahertz that costs about $1,000 and a high-speed Internet connection is hard to understand without knowing who will use it and how it will be used. When we look at the services provided by these tools, however, their value becomes more apparent: The new PC makes it possible for a high-cost employee making $100,000 a year to connect to all the company’s major systems and the public Internet. The high-speed Internet service saves this employee about one hour per day in reduced wait time for Internet information. Without this PC and Internet connection, the value of this one employee to the firm might be cut in half.

Infrastructure Components

IT infrastructure today is composed of seven major components. These components constitute investments that must be coordinated with one another to provide the firm with a coherent infrastructure.

In the past, technology vendors supplying these components were often in competition with one another, offering purchasing firms a mixture of incompatible, proprietary, partial solutions. But increasingly the vendor firms have been forced by large customers to cooperate in strategic partnerships with one another. For instance, a hardware and services provider such as IBM cooperates with all the major enterprise software providers, has strategic relationships with system integrators, and promises to work with whichever database products its client firms wish to use (even though it sells its own database management software called DB2). The components are:

1. Computer Hardware Platforms

2. Operating System Platforms

3. Enterprise Software Applications

4. Data Management and Storage

5. Networking/Telecommunications Platforms

6. Internet Platforms

7. Consulting and System Integration Services

Recent Hardware Platform Trends

The exploding power of computer hardware and networking technology has dramatically changed how businesses organize their computing power, putting more of this power on networks and mobile handheld devices.

1. The Mobile Digital Platform

Smartphones such as the iPhone, Android, and BlackBerry Smartphones have taken on many functions of PCs, including transmission of data, surfing the Web, transmitting e-mail and instant messages, displaying digital content, and exchanging data with internal corporate systems. The new mobile platform also includes small, lightweight net books optimized for wireless communication and Internet access, tablet computers such as the iPad, and digital e-book readers such as Amazon’s Kindle with Web access capabilities.

2. Grid Computing

Grid computing involves connecting geographically remote computers into a single network to create a virtual supercomputer by combining the computational power of all computers on the grid. Grid computing takes advantage of the fact that most computers in the United States use their central processing units on average only 25 percent of the time for the work they have been assigned, leaving these idle resources available for other processing tasks. Grid computing was impossible until high-speed Internet connections enabled firms to connect remote machines economically and move enormous quantities of data. Grid computing requires software programs to control and allocate resources on the grid.

3. Virtualization

Virtualization is the process of presenting a set of computing resources (such as computing power or data storage) so that they can all be accessed in ways that are not restricted by physical configuration or geographic location. Virtualization enables a single physical resource (such as a server or a storage device) to appear, to the

user as multiple logical resources. For example, a server or mainframe can be configured to run many instances of an operating system so that it acts like many different machines. Virtualization makes it possible for a company to handle its computer processing and storage using computing resources housed in remote locations. VMware is the leading virtualization software vendor for Windows and Linux servers.

4. Cloud Computing

Cloud computing is a model of computing in which computer processing, storage, software, and other services are provided as a pool of virtualized resources over a network, primarily the Internet. These “clouds” of computing resources can be accessed on an as-needed basis from any connected device and location. A cloud can be private or public. A public cloud is owned and maintained by a cloud service provider, such as Amazon Web Services, and made available to the general public or industry group. A private cloud is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise. Like public clouds, private clouds are able to allocate storage, computing power, or other resources seamlessly to provide computing resources on an as-needed basis.

5. Green Computing

By curbing hardware proliferation and power consumption, virtualization has become one of the principal technologies for promoting green computing. Green computing or green IT, refers to practices and technologies for designing, manufacturing, using, and disposing of computers, servers, and associated devices such as monitors, printers, storage devices, and networking and communications systems to minimize the impact on the environment.

Recent Software Platform Trends

1. Linux and Open Source Software

Open source software is software produced by a community of several hundred thousand programmers around the world. According to the leading open source professional association, OpenSource.org, open source software is free and can be modified by users. Works derived from the original code must also be free, and the software can be redistributed by the user without additional licensing. Open source software is by definition not restricted to any specific operating system or hardware technology, although most open source software is currently based on a Linux or UNIX operating system.

Perhaps the most well-known open source software is Linux, an operating system related to UNIX. Linux was created by the Finnish programmer Linus Torvalds and first posted on the Internet in August 1991. Linux applications are embedded in cell phones, Smartphones, net books, and consumer electronics. Linux is available in free versions downloadable from the Internet or in low-cost commercial versions that include tools and support from vendors such as Red Hat.

2. Software for the Web: Java, HTML, and HTML5

Java is an operating system-independent, processor-independent, object-oriented programming language that has become the leading interactive environment for the Web. Java was created by James Gosling and the Green Team at Sun Microsystems in 1992. In November 13, 2006, Sun released much of Java as open source software, under the terms of the GNU General Public License (GPL), completing the process on May 8, 2007. The Java platform has migrated into cell phones, Smartphones, automobiles, music players, game machines, and finally, into set-top cable television systems serving interactive content and pay-per-view services.

HTML (Hypertext Markup Language) is a page description language for specifying how text, graphics, video, and sound are placed on a Web page and for creating dynamic links to other Web pages and objects. Using these links, a user need only point at a highlighted keyword or graphic, click on it, and immediately be transported to another document.

HTML was originally designed to create and link static documents composed largely of text. Today, however, the Web is much more social and interactive, and many Web pages have multimedia elements—images, audio, and video. Third-party plug-in applications like Flash, Silverlight, and Java have been required to integrate these rich media with Web pages. However, these add-ons require additional programming and put strains on computer processing. This is one reason Apple dropped support for Flash on its mobile devices. The next evolution of HTML, called HTML5, solves this problem by making it possible to embed images, audio, video, and other elements directly into a document without processor-intensive add-ons. HTML5 will also make it easier for Web pages to function across different display devices, including mobile devices as well as desktops, and it will support the storage of data offline for apps that run over the Web.

3. Web Services and Service-Oriented Architecture

Web services refer to a set of loosely coupled software components that exchange information with each other using universal Web communication standards and languages. They can exchange information between two different systems regardless of the operating systems or programming languages on which the systems are based. The collection of Web services that are used to build a firm’s software systems constitutes what is known as a service-oriented architecture. Service Oriented Architecture (SOA) is a set of self-contained services that communicate with each other to create a working software application. Business tasks are accomplished by executing a series of these services.

4. Software Outsourcing and Cloud Services

Today, many business firms continue to operate legacy systems that continue to meet a business need and would be extremely costly to replace. But they will purchase or rent most of their new software applications from external sources. There are three external sources for software: software packages from a commercial software vendor, outsourcing custom application development to an external vendor, (which may or may not be offshore), and cloud-based software services and tools.

Q.3. Discuss about Information system? Why is an efficient information system needed?

Information system has been defined in terms of two perspectives: one relating to its function; the other relating to its structure. From a functional perspective; an information system is a technologically implemented medium for the purpose of recording, storing, and disseminating linguistic expressions as well as for the supporting of inference making. From a structural perspective; an information system consists of a collection of people, processes, data, models, technology and partly formalized language, forming a cohesive structure which serves some organizational purpose or function.

The functional definition has its merits in focusing on what actual users -from a conceptual point of view- do with the information system while using it. They communicate with experts to solve a particular problem. The structural definition makes clear that IS are socio-technical systems, i.e., systems consisting of humans, behavior rules, and conceptual and technical artifacts.

An information system can be defined technically as a set of interrelated components that collect (or retrieve), process, store, and distribute information to support decision making and control in an organization. In addition to supporting decision making, coordination, and control, information systems may also help managers and workers analyze problems, visualize complex subjects, and create new products.

Three activities in an information system produce the information that organizations need to make decisions, control operations, analyze problems, and create new products or services. These activities are:

1. Input: It captures or collects raw data from within the organization or from its external environment.

2. Processing: It converts this raw input into a more meaningful form.

3. Output: It transfers the processed information to the people who will use it or to the activities for which it will be used.

Information systems also require feedback, which is output that is returned to appropriate members of the organization to help them evaluate or correct the input stage.

Components of Information Systems

While information systems may differ in how they are used within an organization, they typically contain the following components:

▬ Hardware: Computer-based information systems use computer hardware, such as processors, monitors, keyboard and printers.

▬ Software: These are the programs used to organize process and analyze data.

▬ Databases: Information systems work with data, organized into tables and files.

▬ Network: different elements need to be connected to each other, especially if many different people in an organization use the same information system.

▬ Procedures: These describe how specific data are processed and analyzed in order to get the answers for which the information system is designed.

Technology

These three elements – hardware, software, and telecommunication systems – comprise the IT component of an information system. For example, the technology components of the automated payroll system mentioned in the first example include:

 Hardware – computers and printers

 Software – the accounting software application designed to keep track of the salaries and the staff scheduling system designed to keep track of hours worked and how much each employees should be paid

 Telecommunication systems – local and inter-organizational channels of communication and routing equipment designed to connect the company to the bank for automatic money transfers.

 Process

 A process is the set of steps employed to carry out a specific business or organizational activity. In other words, a process maps the set of actions that an individual, a group or an organization must enact in order to complete an activity.

 People

 The people component of an information system encompasses all those individuals who are directly involved with the system. These people include the managers who define the goals of the system, and the users.

Structure

The structure (or organizational structure) component of information systems refers to the relationship among the individuals in the people component. Thus, it encompasses hierarchical and reporting structures,

and reward systems. The structure component plays a critical role in an information system, simply because systems often fail when they are resisted by their intended users.

Importance of Information Systems in an Organization

Information systems gain their importance by processing the data from company inputs to generate information that is useful for managing your operations. To increase the information system's effectiveness, you can either add more data to make the information more accurate or use the information in new ways.

Communication: Part of management is gathering and distributing information, and information systems can make this process more efficient by allowing managers to communicate rapidly. Email is quick and effective, but managers can use information systems even more efficiently by storing documents in folders that they share with the employees who need the information. This type of communication lets employees collaborate in a systematic way. Each employee can communicate additional information by making changes that the system tracks. The manager collects the inputs and sends the newly revised document to his target audience.

Operations: Managing a company's operations depend on the information available with the company. Information systems can offer more complete and more recent information, allowing you to operate your company more efficiently. You can use information systems to gain a cost advantage over competitors or to differentiate yourself by offering better customer service. Sales data give you insights about what customers are buying and let you stock or produce items that are selling well. With guidance from the information system, you can streamline your operations.

Decisions: The company information system can help you make better decisions by delivering all the information you need and by modeling the results of your decisions. A decision involves choosing a course of action from several alternatives and carrying out the corresponding tasks. When you have accurate, up-to-date information, you can make the choice with confidence. If more than one choice looks appealing, you can use the information system to run different scenarios. For each possibility, the system can calculate key indicators such as sales, costs and profits to help you determine which alternative gives the most beneficial result.

Records: Your Company needs records of its activities for financial and regulatory purposes as well as for finding the causes of problems and taking corrective action. The information system stores documents and revision histories, communication records and operational data. The trick to exploiting this recording capability is organizing the data and using the system to process and present it as useful historical information. You can use such information to prepare cost estimates and forecasts and to analyze how your actions affected the key company indicators.

Q.4. What are the four phases of information system projects? What are the issues in each phase?

Organisation that plan their information systems tend to achieve better results that organizations that do not. The business environment is characterized by ever changing environment. Organizations have to develop and update their information systems in a systematic manner. This requires an overall plan for the IS in the organisation The IS plan is a comprehensive one derived from the organizations’ strategic plan.

The four stage model of IS planning Organizations select these techniques based on the persuasive power of IS developers rather than on sound logic. It is an enhancement of the three stage model developed by Bowman et al 1993 the model describes the four generic planning activities, namely strategic planning, requirement analysis, resource allocation and project planning.

A wide variety of techniques are being applied for IS panning. However, organizations select these techniques based on the persuasive power of IS developers rather than on a sound logic.

The main reason of selecting wrong techniques is attributed to the non-identification of the stage the information system of the organization is in. This model describes the four generic planning activities, namely, strategic planning, requirement analysis, resource allocation and project planning.

Strategic Planning:

Strategic planning matches the overall organizational plan with the IS plan. Objectives, goals and strategies of IS are aligned with the objectives and strategies of the organisation. Techniques used; Derivation from the organizational plan. Strategic IS grid. Strategic set transformation.

Strategic planning is a continual process for improving organizational performance by developing strategies to produce results. It involves looking at where the agency wants to go, assessing the agency’s current situation, and developing and implementing approaches for moving forward.

In this planning stage, objectives, goals and strategies are compared with the objectives, goals and strategies of the organisation. The following techniques are used:

a. Derivation from the organizational plan

b. The strategic information system grid

c. Strategic fit with organizational culture

d. Strategy set transformation

Information Requirements Analysis:

The objective of the requirements analysis phase is to identify and secure approval for a project requirements specification. A complete requirements analysis is needed to ensure rapid project delivery and optimal return on information management investment.

This stage deals with the current and future needs for IS to support decision-making and operations of the organisation. To undertake information requirement analysis, the following steps are followed

a. Define underlying organizational requirements

b. Develop sub-system matrix

c. Define and evaluate information requirements for organizational sub-systems

The requirements specification provides a means of specifying all requirements and the criteria that will be used to accept that the requirements have been met. It helps ensure that the technical team does not design and build something that is not specified. Requirements management will ensure that project management scope for design and construction does not deviate from requirements thus minimizing time delays and cost over-run due to re-work.

Resource Allocation:

After identification of the need for information system applications for entire organisation, the next phase is allocation of resources. It is the process of assigning and managing assets in a manner that supports an organization's strategic goals. Resource allocation includes managing tangible assets such as hardware to make the best use of softer assets such as human capital. Resource allocation involves balancing competing needs and priorities and determining the most effective course of action in order to maximize the effective use of limited resources and gain the best return on investment.

Resource allocation is a process and strategy involving a company deciding where scarce resources should be used in the production of goods or services. A resource can be considered any factor of production, which is something used to produce goods or services. Resources include such things as labor, real estate, machinery, tools and equipment, technology, and natural resources, as well as financial resources, such as money.

Project Planning:

The last stage of four-stage model of MIS planning is project planning which provides an overall framework for system development planning, scheduling and controlling. A wide variety of tools of project management are available, which include milestones, critical path method (CPM) and Gantt Charts.

Project planning is a discipline for stating how to complete a project within a certain timeframe, usually with defined stages, and with designated resources. The key to a successful project is in the planning. Creating a project plan is the first thing you should do when undertaking any project. Often project planning is ignored in favor of getting on with the work. However, many people fail to realize the value of a project plan for saving time, money and many problems.

Project planning is at the heart of the project life cycle, and tells everyone involved where you’re going and how you’re going to get there. The planning phase is when the project plans are documented, the project deliverables and requirements are defined, and the project schedule is created. It involves creating a set of plans to help guide your team through the implementation and closure phases of the project. The plans created during this phase will help you manage time, cost, quality, changes, risk, and related issues. They will also help you control staff and external suppliers to ensure that you deliver the project on time, within budget, and within schedule.

The project planning phase is often the most challenging phase for a project manager, as you need to make an educated guess about the staff, resources, and equipment needed to complete your project. You may also need to plan your communications and procurement activities, as well as contract any third-party suppliers.

Q.5. What is System Development Life Cycle? Discuss about its phases in detail.

The Systems Development Life Cycle (SDLC) is a process used in the development, creation, and maintenance of an information system. This process is often used in the creation or updating of a database system, and can serve as a useful tool for anyone trying to undertake a large database project. The systems development life cycle (SDLC), also referred to as the application development life-cycle, is a term used in systems engineering, information systems and software engineering to describe a process for planning, creating, testing, and deploying an information system. The systems development life-cycle concept applies to a range of hardware and software configurations, as a system can be composed of hardware only, software only, or a combination of both.

Investigation Phase

One of the most tedious tasks is to recognize the real problem of the pre-installed system. The analysis has to spend hours and days for understanding the fault in the system. This fault could have however overcome if the Preliminary Investigation before installing the system was properly done. This is the first stage of the development of the system. In this stage the analyst makes a survey by gathering all the available information needed for the system elements and allocation of the requirements to the software.

This is a brief investigation of the system under consideration and gives a clear picture of what is actually the physical system. In practice, the initial system study involves the preparation of a System proposal which lists the Problem Definition, Objectives of the Study, Terms of reference for Study, Constraints, Expected benefits of the new system, etc. in the light of the user requirements. The system proposal is prepared by the System Analyst (who studies the system) and places it before the user management. The management may accept the proposal and the cycle proceeds to the next stage. The management may also reject the proposal or request some modifications in the proposal.

Prototyping

It refers to building software application prototypes which displays the functionality of the product under development, but may not actually hold the exact logic of the original software.

Software prototyping is becoming very popular as a software development model, as it enables to understand customer requirements at an early stage of development. It helps get valuable feedback from the customer and helps software designers and developers understand about what exactly is expected from the product under development. Prototype is a working model of software with some limited functionality. The prototype does not always hold the exact logic used in the actual software application and is an extra effort to be considered under effort estimation.

Prototyping is used to allow the users evaluate developer proposals and try them out before implementation. It also helps understand the requirements which are user specific and may not have been considered by the developer during product design.

Feasibility Analysis

In case the system proposal is acceptable to the management, the next phase is to examine the feasibility of the system. The feasibility study is basically the test of the proposed system in the light of its workability, meeting user’s requirements, effective use of resources and of course, the cost effectiveness. These are categorized as technical, operational, economic, schedule and social feasibility. The main goal of feasibility study is not to solve the problem but to achieve the scope. In the process of feasibility study, the cost and benefits are estimated with greater accuracy to find the Return on Investment (ROI). This also defines the resources needed to complete the detailed investigation. The result is a feasibility report submitted to the management. This may be accepted or accepted with modifications or rejected. In short, following decision are taken in different feasibility study:

▬ Economic feasibility - The likely benefits outweigh the cost of solving the problem which is generally demonstrated by a cost/ benefit analysis.

▬ Operational feasibility - Whether the problem can be solved in the user’s environment with existing and proposed system workings?

▬ Organizational feasibility - Whether the proposed system is consistent with the organization’s strategic objectives?

▬ Technical feasibility - Whether the problem be solved using existing technology and resources available?

▬ Social feasibility - Whether the problem be solved without causing any social issues? Whether the system will be acceptable to the society?

System Analysis

Systems analysis is a process of collecting factual data, understand the processes involved, identifying problems and recommending feasible suggestions for improving the system functioning. This involves studying the business processes, gathering operational data, understand the information flow, finding out bottlenecks and evolving solutions

for overcoming the weaknesses of the system so as to achieve the organizational goals. System Analysis also includes subdividing of complex process involving the entire system, identification of data store and manual processes.

The major objectives of systems analysis are to find answers for each business process:

▬ What is being done?

▬ How is it being done?

▬ Who is doing it?

▬ When is he doing it? Why is it being done?

▬ How can it be improved?

It is more of a thinking process and involves the creative skills of the System Analyst. It attempts to give birth to a new efficient system that satisfies the current needs of the user and has scope for future growth within the organizational constraints. The result of this process is a logical system design. System analysis is an iterative process that continues until a preferred and acceptable solution emerges.

System Design

Based on the user requirements and the detailed analysis of a new system, the new system must be designed. This is the phase of system designing. It is the most crucial phase in the development of a system. The logical system design arrived at as a result of system analysis and is converted into physical system design. In the design phase the SDLC process continues to move from the ‘what’ questions of the analysis phase to the ‘how’. The logical design produced during the analysis is turned into a physical design - a detailed description of what is needed to solve original problem. Input, output, databases, forms, codification schemes and processing specifications are drawn up in detail. In the design stage, the programming language and the hardware and software platform in which the new system will run are also decided. Data structure, control process, equipment source, workload and limitation of the system, Interface, documentation, training, procedures of using the system, taking backups and staffing requirement are decided at this stage.

There are several tools and techniques used for describing the system design of the system. These tools and techniques are: Flowchart, Data flow diagram (DFD), Data dictionary, Structured English, Decision table and Decision tree.

Implementing Business Systems

The system design needs to be implemented to make it a workable system. This demands the coding of design into computer language, i.e., programming language. This is also called the programming phase in which the programmer converts the program specifications into computer instructions, which we refer to as programs. It is an important stage where the defined procedures are transformed into control specifications by the help of a computer language. The programs coordinate the data movements and control the entire process in a system. A well written code reduces the testing and maintenance effort. It is generally felt that the programs must be modular in nature. This helps in fast development, maintenance and future changes, if required. Programming tools like compilers, interpreters and language like C, C++, and Java etc., are used for coding .with respect to the type of application. The right programming language should be chosen.

Testing

Before actually implementing the new system into operations, a test run of the system is done removing all the bugs, if any. It is an important phase of a successful system. After codifying the whole programs of the system, a test plan should be developed and run on a given set of test data. The output of the test run should match the expected results. Sometimes, system testing is considered as a part of implementation process.

Using the test data following test run are carried out:

▬ Program Test: When the programs have been coded and compiled and brought to working conditions, they must be individually tested with the prepared test data. All verification and validation be checked and any undesirable happening must be noted and debugged (error corrected).

▬ System Test: After carrying out the program test for each of the programs of the system and errors removed, then system test is done. At this stage the test is done on actual data. The complete system is executed on the actual data. At each stage of the execution, the results or output of the system is analyzed. During the result analysis, it may be found that the outputs are not matching the expected output of the system. In such case, the errors in the particular programs are identified and are fixed and further tested for the expected output. All independent modules be brought together and all the interfaces to be tested between multiple modules, the whole set of software is tested to establish that all modules work together correctly as an application or system or package.

When it is ensured that the system is running error-free, the users are called with their own actual data so that the system could be shown running as per their requirements.

Documentation

The documentation of the system is also one of the most important activities in the system development life cycle. This ensures the continuity of the system. Generally following two types of documentations are prepared for any system.

▬ User or Operator Documentation: The user documentation is a complete description of the system from the user’s point of view detailing how to use or operate the system. It also includes the major error messages likely to be encountered by the user.

▬ System Documentation: The system documentation contains the details of system design, programs, their coding, system flow, data dictionary, process description, etc. This helps to understand the system and permit changes to be made in the existing system to satisfy new user needs.

Training

Training usually covers operational training for those people who will be responsible for supporting the system as well as training for those end users who will be using the system after its delivery to a production operating environment. After training has been successfully completed, systems engineers and developers transition the system to its final production environment, where it is intended to be used by its end users and supported by its support and operations staff.

Conversion and Maintenance

The system becomes operational during this phase. The emphasis during this phase is to ensure that sponsor needs continue to be met and that the system continues to perform according to specifications. Routine hardware and software maintenance and upgrades are performed to ensure effective system operations.

Maintenance is necessary to eliminate errors in the system during its working life and to tune the system to any variations in its working environments. It must meet the scope of any future enhancement, future functionality and any other added functional features to cope up with the latest future needs. It has been seen that there are always some errors found in the systems that must be noted and corrected. It also means the review of the system from time to time. Systems Development Life Cycle (SDLC) puts emphasis on decision making processes that affect system cost and usefulness. These decisions must be based on full consideration of business processes, functional requirements, and economic and technical feasibility. The primary objectives of any SDLC is to deliver quality system which meets or exceed customer expectations and within cost estimates, work effectively and efficiently within the current and planned infrastructure, and is an inexpensive to maintain. SDLC establishes a logical order of events for conducting system development that is controlled, measured, documented, and ultimately improved. Any software is not all complete and there are enough rooms to add new features to existing software.

Questions from Unit IV

Q.1. What is Information security? Discuss about the importance of securing information.

Information security (InfoSec) is the practice of protecting information while still providing access to those who need it. Information security (InfoSec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Infosec responsibilities include establishing a set of business processes that will protect information assets regardless of how the information is formatted or whether it is in transit, is being processed or is at rest in storage.

Infosec programs are built around the core objectives of the CIA triad: maintaining the confidentiality, integrity and availability of IT systems and business data. These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality), prevent unauthorized modification of data (integrity) and guarantee the data can be accessed by authorized parties when requested (availability).

The CIA Triad

Modern information security professionals often refer to a concept known as the CIA triad. This has nothing to do with the spy agency. The letters CIA in this context refer to the following:

 Confidentiality

 Integrity

 Availability

Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization. The model is also sometimes referred to as the AIC triad (availability, integrity and confidentiality) to avoid confusion with the Central Intelligence Agency. The elements of the triad are considered the three most crucial components of security.

In this context, confidentiality is a set of rules that limits access to information, integrity is the assurance that the information is trustworthy and accurate, and availability is a guarantee of reliable access to the information by authorized people.

Confidentiality: Confidentiality is roughly equivalent to privacy. Measures undertaken to ensure confidentiality are designed to prevent sensitive information from reaching the wrong people, while making sure that the right people can in fact get it: Access must be restricted to those authorized to view the data in question. It is common, as well, for data to be categorized according to the amount and type of damage that could be done should it fall into unintended hands. More or less stringent measures can then be implemented according to those categories.

Sometimes safeguarding data confidentiality may involve special training for those privies to such documents. Such training would typically include security risks that could threaten this information. Training can help familiarize authorized people with risk factors and how to guard against them. Further aspects of training can include strong passwords and password-related best practices and information about social engineering methods, to prevent them from bending data-handling rules with good intentions and potentially disastrous results.

A good example of methods used to ensure confidentiality is an account number or routing number when banking online. Data encryption is a common method of ensuring confidentiality. User IDs and passwords constitute a standard procedure; two-factor authentication is becoming the norm. Other options include biometric verification and security tokens, key fobs or soft tokens. In addition, users can take precautions to minimize the number of places where the information appears and the number of times it is actually transmitted to complete a required transaction. Extra measures might be taken in the case of extremely sensitive documents, precautions such as storing only on air gapped computers, disconnected storage devices or, for highly sensitive information, in hard copy form only.

Integrity: Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle. Data must not be changed in transit, and steps must be taken to ensure that data cannot be altered by unauthorized people (for example, in a breach of confidentiality). These measures include file permissions and user access controls. Version control maybe used to prevent erroneous changes or accidental deletion by authorized users becoming a problem. In addition, some means must be in place to detect any changes in data that might occur as a result of non-human-caused events such as an electromagnetic pulse (EMP) or server crash. Some data might include checksums, even cryptographic checksums, for verification of integrity. Backups or redundancies must be available to restore the affected data to its correct state.

Availability: Availability is best ensured by rigorously maintaining all hardware, performing hardware repairs immediately when needed and maintaining a correctly functioning operating system environment that is free of software conflicts. It’s also important to keep current with all necessary system upgrades. Providing adequate communication bandwidth and preventing the occurrence of bottlenecks are equally important. Redundancy, failover, RAID even high-availability clusters can mitigate serious consequences when hardware issues do occur. Fast and adaptive disaster recovery is essential for the worst case scenarios; that capacity is reliant on the existence of a comprehensive disaster recovery plan (DRP). Safeguards against data loss or interruptions in connections must include unpredictable events such as natural disasters and fire. To prevent data loss from such occurrences, a backup copy may be stored in a geographically-isolated location, perhaps even in a fireproof, waterproof safe. Extra security equipment or software such as firewalls and proxy servers can guard against downtime and unreachable data due to malicious actions such as denial-of-service (DoS) attacks and network intrusions.

Importance of Securing Information

In the age of the Internet, protecting our information has become just as important as protecting our property. Information security (InfoSec) is the practice of protecting both physical and digital information from destruction or unauthorized access.

Every day we take steps to protect the things that are important to us. We set the alarm systems on our homes, put our valuables in safes, and lock our cars. The reasons we do these things are simple -- we don't want people we don't know or trust to get a hold of our valuables, and we don't want those valuables to come to any harm. Only some members of the family, you included, have the code to the alarm, the combination to the safe, and the keys to the car.

There are many things that could be considered information that we need to protect. We might have personal medical or financial records that we want to keep private. We usually don't want everyone in the world reading emails or social media posts that we send to our friends or family. We also want to keep certain things like our Internet passwords, credit card numbers, and banking information from getting into the wrong hands.

Information security is not just about keeping secrets. Sometimes we just have records, such as family photographs and videos or other documents, which we want to, have access to at any time and that we don't want to be destroyed or erased.

The importance of the security in the physical world can never be exaggerated. Without it, your residence becomes open to burglars and unwanted visitors. In this modern, technological world, however, there’s a new form of theft or break-in that’s virtual in nature: illegal data access. We’ve heard of thousands of stories of computers and networks being hacked, which led to huge amounts of cash getting lost or confidential data dropping in the wrong hands. The paraphernalia of such illicit acts can cause businesses to terminate operation, relationships to break down, and even nations to go to war.

The good news is that sensitive and exclusive data can now be safeguarded from theft and misuse via IT security. Here are some of the most prominent reasons for providing Information Security for businesses.

Protection from internal dangers

Definitely, getting your information and data secured is not only about protecting it from external access. We should contemplate the possibility of our very own people having access to certain information they’re not supposed to view or get their hands on. You’ve possibly heard of a former CIA technical assistant who leaked documents from one of the world’s most famous spy organizations. When setting up your information systems, extra security has to be installed for information that’s thought to be only for the eyes of handpicked persons.

Security from external risks

Those who pretense a threat to a network’s security can be classified into two: amateurs and professionals. The previous doesn’t pose much of a threat as they may not be prepared with the knowledge on how to get through erudite protection safeguards. The professional type, however, recognizes all the tricks and techniques in hacking even the most profoundly secured virtual systems in the world.

Peace of mind

As your business’s critical processes, data and intellectual property migrate to the internet, it also enhances its exposure to theft and hacking activities. This involves the setting up of additional and stronger security. Moreover, it’s also your business’s accountability to your customers or clients that your online system be secure from unauthorized access, particularly if they have confidential info in your databases. Sleeping at night becomes easier when you know that you have a firm security system installed to protect not only sensitive data but your very investments.

Securing your information system/s is not only about protecting info and data from theft and misuse; it’s also about performing risk management and running your operations more responsibly.

Risks to confidentiality, integrity, and availability of organizational information assets are constant, yet progress on a daily basis. Individuals need to be informed and prepared for the risks directed towards them, their computers, and eventually their way of life. These threats take on many forms, but they all fit indefinite established and identifiable categories. An individual’s aptitude to differentiate between benign incidents and an authentic threat or risk rests on the breadth and depth of security awareness training they have acknowledged.

Proposing that an Information Security Awareness Program be developed for the workforce of your organization to inform them of the risks they face while utilizing organizational information assets, and by extension, their individual information is an astute move for IT executives to make. The awareness program can be developed in conjunction with the execution of an overall IT Governance methodology such as COBIT or as an impartial program depending on the IT maturity level of your firm.

Firewalls, intrusion detection, and intrusion prevention systems, although a prerequisite for today’s network, cannot entirely defend an organization from prevailing security threats. Companies need to ensure that their employees, vendors, partners, and subcontractors will not dispense the organization susceptible to various risks such as operational disruptions, loss of valued informational assets, public embarrassment, or legal liability due to a privation of security awareness.

Information Security has become a crucial concern among information technology professionals and that concern when shared by management, will benefit firms as a whole. Top-down management support is critical for the survival of the program and its goal of creating a culture of security awareness within the organization. The program would

also be a valuable component of showing that executive management is enacting due diligence in securing organizational information assets.

Q.2. Discuss about the ethical and social issues in information system in detail.

Ethics refers to the principles of right and wrong that individuals, acting as free moral agents, use to make choices to guide their behaviors. Information systems raise new ethical questions for both individuals and societies because they create opportunities for intense social change, and thus threaten existing distributions of power, money, rights, and obligations. Like other technologies, such as steam engines, electricity, the telephone, and the radio, information technology can be used to achieve social progress, but it can also be used to commit crimes and threaten cherished social values. The development of information technology will produce benefits for many and costs for others.

Ethical choices are decisions made by individuals who are responsible for the consequences of their actions. Responsibility is a key element of ethical action. Responsibility means that you accept the potential costs, duties, and obligations for the decisions you make. Accountability is a feature of systems and social institutions: It means that mechanisms are in place to determine who took responsible action, and who is responsible. Systems and institutions in which it is impossible to find out who took what action are inherently incapable of ethical analysis or ethical action. Liability extends the concept of responsibility further to the area of laws. Liability is a feature of political systems in which a body of laws is in place that permits individuals to recover the damages done to them by other actors, systems, or organizations. Due process is a related feature of law-governed societies and is a process in which laws are known and understood, and there is an ability to appeal to higher authorities to ensure that the laws are applied correctly.

These basic concepts form the underpinning of an ethical analysis of information systems and those who manage them. First, information technologies are filtered through social institutions, organizations, and individuals. Systems do not have impacts by themselves. Whatever information system impacts exist are products of institutional, organizational, and individual actions and behaviors.

Second, responsibility for the consequences of technology falls clearly on the institutions, organizations, and individual managers who choose to use the technology. Using information technology in a socially responsible manner means that you can and will be held accountable for the consequences of your actions. Third, in an ethical, political society, individuals and others can recover damages done to them through a set of laws characterized by due process.

Privacy is the claim of individuals to be left alone, free from surveillance or interference from other individuals or organizations, including the state. Claims to privacy are also involved at the workplace: Millions of employees are subject to electronic and other forms of high-tech surveillance. Information technology and systems threaten individual claims to privacy by making the invasion of privacy cheap, profitable, and effective. Internet technology has posed new challenges for the protection of individual privacy. Information sent over this vast network of networks may pass through many different computer systems before it reaches its final destination. Each of these systems is capable of monitoring, capturing, and storing communications that pass through it.

Cookies are small text files deposited on a computer hard drive when a user visits Web sites. Cookies identify the visitor’s Web browser software and track visits to the Web site. When the visitor returns to a site that has stored a cookie, the Web site software will search the visitor’s computer, find the cookie, and know what that person has done in the past. It may also update the cookie, depending on the activity during the visit. In this way, the site can customize its contents for each visitor’s interests. For example, if you purchase a book on Amazon.com and return later from the same browser, the site will welcome you by name and recommend other books of interest based on your past purchases. “DoubleClick” uses cookies to build its dossiers with details of online purchases and to examine the behaviour of Web site visitors.

Intellectual property

Intellectual property is considered to be intangible property created by individuals or corporations. Information technology has made it difficult to protect intellectual property because computerized information can be so easily copied or distributed on networks. Intellectual property is subject to a variety of protections under three different legal traditions: trade secrets, copyright, and patent law.

Trade Secret

Any intellectual work product—a formula, device, pattern, or compilation of data—used for a business purpose can be classified as a trade secret, provided it is not based on information in the public domain. The limitation of trade secret protection is that, although virtually all software programs of any complexity contain unique elements of some sort, it is difficult to prevent the ideas in the work from falling into the public domain when the software is widely distributed.

Copyright

Copyright is a statutory grant that protects creators of intellectual property from having their work copied by others for any purpose during the life of the author plus an additional 70 years after the author’s death. For corporate-owned works, copyright protection lasts for 95 years after their initial creation. The intent behind copyright laws has been to encourage creativity and authorship by ensuring that creative people receive the financial and other benefits of their work. The drawback to copyright protection is that the underlying ideas behind a work are not protected, only their manifestation in a work. A competitor can use your software, understand how it works, and build new software that follows the same concepts without infringing on a copyright.

Patent Laws

A patent grants the owner an exclusive monopoly on the ideas behind an invention for 20 years. The congressional intent behind patent law was to ensure that inventors of new machines, devices, or methods receive the full financial and other rewards of their labour and yet make widespread use of the invention possible by providing detailed diagrams for those wishing to use the idea under license from the patent’s owner. The strength of patent protection is that it grants a monopoly on the underlying concepts and ideas of software. The difficulty is passing stringent criteria of non-obviousness (e.g., the work must reflect some special understanding and contribution), originality, and novelty, as well as years of waiting to receive protection.

Contemporary information technologies, especially software, pose severe challenges to existing intellectual property regimes and, therefore, create significant ethical, social, and political issues. Digital media differ from books, periodicals, and other media in terms of ease of replication; ease of transmission; ease of alteration; difficulty in classifying a software work as a program, book, or even music; compactness—making theft easy; and difficulties in establishing uniqueness. The proliferation of electronic networks, including the Internet, has made it even more difficult to protect intellectual property. Before widespread use of networks, copies of software, books, magazine articles, or films had to be stored on physical media, such as paper, computer disks, or videotape, creating some hurdles to distribution. Using networks, information can be more widely reproduced and distributed.

The Internet was designed to transmit information freely around the world, including copyrighted information. With the World Wide Web in particular, you can easily copy and distribute virtually anything to thousands and even millions of people around the world, even if they are using different types of computer systems. Information can be illicitly copied from one place and distributed through other systems and networks even though these parties do not willingly participate in the infringement. Individuals have been illegally copying and distributing digitized MP3 music files on the Internet for a number of years. As more and more homes adopt high-speed Internet access, illegal file sharing of videos will pose similar threats to the motion picture industry.

Rapidity of Change: Reduced Response Time to Competition

Information systems have helped to create much more efficient national and international markets. The now-more-efficient global marketplace has reduced the normal social buffers that permitted businesses many years to adjust to competition. Time-based competition has an ugly side: The business you work for may not have enough time to respond to global competitors and may be wiped out in a year, along with your job. We stand the risk of developing a “just-in-time society” with “just-in-time jobs” and “just-in-time” workplaces, families, and vacations.

Dependence and Vulnerability

Today, our businesses, governments, schools, and private associations are incredibly dependent on information systems and are, therefore, highly vulnerable if these systems fail.

Computer Crime and Abuse

New technologies, including computers, create new opportunities for committing crime by creating new valuable items to steal, new ways to steal them, and new ways to harm others. Computer crime is the commission of illegal acts through the use of a computer or against a computer system. Computers or computer systems can be the object of the crime (destroying a company’s computer center or a company’s computer files), as well as the instrument of a crime (stealing computer lists by illegally gaining access to a computer system using a home computer). Simply accessing a computer system without authorization or with intent to do harm, even by accident, is now a federal crime.

Computer abuse is the commission of acts involving a computer that may not be illegal but that are considered unethical. The popularity of the Internet and e-mail has turned one form of computer abuse – spamming - into a serious problem for both individuals and businesses. Spam is junk e-mail sent by an organization or individual to a mass audience of Internet users who have expressed no interest in the product or service being marketed. Spammers tend to market fraudulent deals and services, outright scams, and other products not widely approved in most civilized societies.

Health Risks: RSI, CVS, and Techno-stress

The most common occupational disease today is repetitive stress injury (RSI). RSI occurs when muscle groups are forced through repetitive actions often with high-impact loads (such as tennis) or tens of thousands of repetitions under low-impact loads (such as working at a computer keyboard). The single largest source of RSI is computer keyboards. The most common kind of computer-related RSI is carpal tunnel syndrome (CTS), in which pressure on the median nerve through the wrist’s bony structure, called a carpal tunnel, produces pain. The pressure is caused by constant repetition of keystrokes: in a single shift, a word processor may perform 23,000 keystrokes. Symptoms of carpal tunnel syndrome include numbness, shooting pain, inability to grasp objects, and tingling. RSI is not the only occupational illness computers cause. Back and neck pain, leg stress, and foot pain also result from poor ergonomic designs of workstations. Computer vision syndrome (CVS) refers to any eyestrain condition related to display screen use in desktop computers, laptops, e-readers, Smartphones, and hand-held video games. CVS affects about 90 percent of people who spend three hours or more per day at a computer. Its symptoms, which are usually temporary, include headaches, blurred vision, and dry and irritated eyes. The newest computer-related malady is technostress, which is stress induced by computer use. Its symptoms include aggravation, hostility toward humans, impatience, and fatigue.

Q.3. What is Ethical responsibility? Discuss about it in context of an organisation.

Ethical Responsibility

Ethical responsibility is the duty to follow a morally correct path. In your personal life, you might feel the greatest sense of ethical responsibility to your family and close friends. But small business owners also have ethical responsibilities to the many people who count on them to do the right thing.

Businesses have ethical responsibilities to their employees, customers and society as a whole. For example, a small business owner has a responsibility to be honest with his employees so they can make informed decisions about their careers; a responsibility to respect his customers, who expect to receive exactly what they are paying for; a responsibility to invest in the community upon which his company’s well-being depends.

Factors: When things are good, it’s easy to be ethical. If customers are plentiful, employees are happy and income is soaring, there is little temptation to cut ethical corners to secure a bit more profit. But when times are hard, the temptation to neglect your ethical responsibilities increases. For example, you might toy with the idea of using company funds to cover personal debts.

Effects: Ethical missteps - whether by a company or just a single person within a company - can destroy even the biggest organizations, according to the book “Ethics and Corporate Social Responsibility: Why Giants Fall,” by Ronald R. Sims. Common ethical problems include shady accounting practices that hide fraud and theft from

employees and investors. Such violations can lead to criminal charges, loss of consumer confidence, employee outrage and a host of other negative outcomes.

Moral Standards: Maintain an ethically responsible company by setting clear moral standards from the outset. For example, create and enforce a code of conduct that ensures employees treat customers fairly. To avoid even the appearance of unethical behavior, be as transparent as possible in all your dealings with customers, suppliers, employees and the surrounding community.

Considerations: Increasingly, consumers expect businesses to be good citizens. For example, environmentally conscious consumers often avoid supporting businesses that rely on unsustainable practices or that pollute heavily. So, in addition to whatever internal ethical responsibility you might feel you have, you also should consider how your company’s morality could affect its profitability.

Ethical Responsibilities in an Organization

The cynical might say that good ethics and good business rarely go hand-in-hand, with profitability being the sole concern of most companies. While money is the lifeblood of business, that doesn't mean that small enterprises should ignore ethics for the sake of the bottom line. Many customers and investors expect companies to be socially responsible while also keeping an eye on profits.

In the 1970s, free market supporter and economist Milton Friedman wrote that the only social responsibility of business was to generate profits. Friedman argued that a corporation wasn't a person and couldn't have ethical responsibilities. Supporting social causes was up to individuals, and employees could choose to bring ethics into their professional lives by selecting the companies they worked for. Businesses had a duty to serve shareholders and to maximize profits. If people valued social causes, they could contribute their share of the pie to charitable initiatives, but it wasn't the duty of businesses to fund these activities.

Shareholders Demand More

The reality is that today's shareholders expect more than strong sales figures. According to an article by Aman Singh for "Forbes," the majority of American public companies are disclosing their social responsibility initiatives on their annual reports, even though the law doesn't require it. The extra information gets included because shareholders are demanding it. For example, the highly publicized BP oil disaster made shareholders more curious about environmental sustainability plans. Both investors and customers feel better about associating with companies they feel good about and that fact doesn't apply to large businesses alone. According to "Forbes" writer Martin Zwilling, ethical small businesses have higher success rates than those that don't make an effort.

Individual Decisions

Small business ethics should move beyond big strategic decisions. Employees and managers need to focus on their day-to-day behavior. Communicate and commit to your ideals from the beginning and promote work-life balance at your organization. When it comes to making tough choices, like deciding whether to ship your product or miss a deadline for extra testing, consult your teammates. Although none of these steps are legal requirements, taking them builds the trust necessary to ensure effective teamwork.

Strategy

Being ethical doesn't have to mean shelling out large amounts of cash to fund social causes. Pitch in at your local soup kitchen for a weekend afternoon, or train for a charity race with your workmates. Broadcast your participation on social media channels, and report it on a section of your website dedicated to your company's mission and values. Even if you only gave time or money because it felt right, communicating your efforts is smart in an atmosphere where investors value transparency.

Ethical Responsibilities of an Organization towards different Stakeholder

An organization does not operate in a vacuum. To be successful, any business needs to appeal to a variety of different stakeholders. Stakeholders are generally defined as groups of people who have a relationship with the business. Examples of a small business's stakeholders include its employees, vendors, customers, owners and the residents of the community in which it operates. The basis of each relationship varies and can range from statutes and contracts to informal understandings. Each group requires the business to meet a certain set of ethical standards. Failure to meet these ethical standards can lead to anything from decline in sales to legal penalties.

Stakeholder

The term "stakeholder" encompasses a vast array of groups that have an interest in the organization. An interest does not have to be a formal relationship where the other party receives financial compensation or a product, but an informal relationship with someone who could be affected by the business. For example, an ordinary citizen who does

not buy a company’s product or its shares can still be a stakeholder because the business’s actions affect his community. By employing people and paying taxes, the business’s presence could indirectly benefit the citizen. If the business pollutes the community’s water supply, the citizen could be harmed. So despite a lack of a formal relationship, it is still possible for an individual to be a stakeholder in an organization.

Good Faith and Fair Dealing

Much of what a business does is defined by the contracts it has with vendors, employees and its own customers. Beyond the explicit rights and obligations defined by the contract, the organization also has an implied covenant of good faith and fair dealing. This covenant is an ethical obligation that courts attempt to enforce. This standard obliges all contracting parties to not do anything that would make fulfilling the terms of the contract impossible. Examples of acting in good faith include granting the other party access to physical resources under the organization’s control or providing timely information to complete a contracted task. To assess what constitutes good faith, a court will rely on the doctrine of equity, which requires the court to resolve a case based on principles of fairness and justness as defined by the circumstances of the situation. Therefore, "good faith" is merely the legal establishment of ethics into contractual good faith.

Employment Law

The employee is an important stakeholder: While it is the employees who provide the necessary labor, they are in a subservient position to the organization. As a result, state and federal laws have been implemented to ensure that employees are treated with respect and are fairly compensated. There are eight rights employment law provides employees: the ability to organize; minimum pay; equal compensation regardless of sex; safe work environments; unemployment benefits; nondiscriminatory hiring; family and medical leave; and the ability to voice concerns without employer retaliation. Employment law cases are also decided using equity principles. While the employment law code provides the framework necessary to analyze employment law situations, it is the principles of equity and ethics that allow the court to interpret the elements of the case to arrive at its decision.

Social Responsibility

An organization owes a duty not only to the people it operates directly with, but to anyone who may be affected by the business’s activities. An organization has a responsibility to support the public interest when it can, or at the very least minimize any negative impact it has on its surrounding community. An organization can meet these goals in a variety of ways, such as by promoting charitable acts by its employees and minimizing pollution during the production of its products. By being socially responsible, the entity cannot only meet its ethical obligations, but promote its public image and possibly avoid violating laws.

Q.4. Discuss about the concept of Cyber crime and Privacy issues.

Cyber crime

The computer crime or an e-crime can be simply defined as a crime where a computer is the target of a crime or it is the means adopted to commit a crime. While some of the crimes may be new, the others are simply different ways to commit conventional crimes such as frauds, theft, blackmailing, forgery, and embezzlement using the online medium often involving the use of internet. What accelerate the growth of such crimes are typical characteristics of cyber space inter alia (Latin for "among other things") anonymity, speed, access, dependency, borderless space.

Two Categories of Cyber Crimes

1. The Computer as a Target: Using a computer to attack other computers, e. g. Hacking, Virus/Worm attacks, DOS attack etc.

2. Using the computer as a weapon: Using a computer to commit real world crimes, e.g. Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, etc.

Modes of Cyber Crimes

▫ Unauthorized access & Hacking: Access means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network. Unauthorized access means any kind of access without the permission of either the rightful owner or the person in charge of a computer, computer system or computer network. Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get

the kick out of such destruction. Some hackers hack for personal monetary gains, such as to steal the credit card information, transfer money from various bank accounts to their own account etc.

Web hijacking is also a crime which means taking control of others website.

▫ Virus and Worm attack: A program that has capability to infect other programs and replicate itself and spread into other programs is called virus. Programs that multiply like viruses but spread from computer to computer are called as worms.

▫ E-mail & IRC related crimes:

▬ Email spoofing: An email shown to have sent from once source in fact has been sent frm a deferent source is called spoofing.

▬ Email Spamming: Sending email to thousands and thousands of users - similar to a chain letter is called email spamming.

▬ Sending malicious codes through email: E-mails are used to send viruses, Trojans etc through emails as an attachment or by sending a link of website which on visiting downloads malicious code.

▬ Email bombing: When abusive identical messages are sent repeatedly to a particular address then it is termed as E-mail "bombing".

▬ Sending threatening emails

▬ Defamatory emails

▬ Email frauds

▫ Trojan Attack: Trojan attack means by representing as a useful link or a helper it causes harm to your programme. Trojans come in two parts, a Client part and a Server part. When the victim (unknowingly) runs the server on its machine, the attacker will then use the Client to connect to the Server and start using the trojan.

▫ Denial of Service attacks: Flooding a computer resource with more requests than it can handle. This causes the resource to crash thereby denying access of service to authorized users. Attempts to "flood" a network, thereby preventing legitimate network traffic, attempts to disrupt connections between two machines, thereby preventing access to a service, attempts to prevent a particular individual from accessing a service and attempts to disrupt service to a specific system or person are examples of Denial Service Attacks.

Privacy

Privacy is the claim of individuals to be left alone, free from surveillance or interference from other individuals or organizations, including the state. Claims to privacy are also involved at the workplace: Millions of employees are subject to electronic and other forms of high-tech surveillance. Information technology and systems threaten individual claims to privacy by making the invasion of privacy cheap, profitable, and effective.

The claim to privacy is protected in the U.S., Canadian, and German constitutions in a variety of different ways and in other countries through various statutes. In the United States, the claim to privacy is protected primarily by the First Amendment guarantees of freedom of speech and association, the Fourth Amendment protections against unreasonable search and seizure of one’s personal documents or home, and the guarantee of due process.

In general, privacy issues can be thought of in two ways: Social privacy and Data privacy.

Social privacy

Youth once understood social networking sites and the Internet as a private space wherein they could communicate with their friends. While they are now fully aware that their actions are watched by parents, teachers, and others, there is still a sense among youth that simply because you can access something doesn’t mean you should. As a result, many youth feel as though their privacy is invaded when parents, teachers, or uninvited observers read or comment on the material they have posted, even though it is posted in a public space.

Social privacy issues also involve privacy ethics. Not only is it important to have our privacy respected and protected, it is important to respect and protect the privacy of others.

Data privacy

While many people take concrete steps to manage their social privacy, such as being selective about the information they make public or “whitewashing” their profiles by deleting or removing posts, data privacy is more difficult to manage.

One way in which social privacy and data privacy combine to create issues is through the information we make public on social networking sites. While posting our full birth date, hometown, phone numbers, email (and physical) addresses, and other information, it becomes easier for both social privacy and data privacy to be invaded.

Q.5. What do you understand by Cyber Law? What is the need for cyber law?

Cyber Law is the law governing cyber space. Cyber space is a very wide term and includes computers, networks, software, data storage devices (such as hard disks, USB disks etc), the Internet, websites, emails and even electronic devices such as cell phones, ATM machines etc.

We are in computer Era. The use of computers, software's and digital information is inevitable in today's day to day life. Present generation is accustomed to computers. The transactions and businesses nowadays started to deal through cyber arena. It has wide scope and its space increases drastically day by day. At the same time needless to say that it has also brought in some negative effects and disadvantages too.

The computer crime or an e-crime can be simply defined as a crime where a computer is the target of a crime or it is the means adopted to commit a crime. While some of the crimes may be new, the others are simply different ways to commit conventional crimes such as frauds, theft, blackmailing, forgery, and embezzlement using the online medium often involving the use of internet. What accelerate the growth of such crimes are typical characteristics of cyber space inter alia (Latin for "among other things") anonymity, speed, access, dependency, borderless space.

Important cyber crimes are virus attacks, salami attacks, e-mail bombing, DOS attacks, internet hacking or information offences increase day by day.

Law encompasses the rules of conduct:

1. that have been approved by the government, and

2. which are in force over a certain territory, and

3. which must be obeyed by all persons on that territory

Violation of these rules could lead to government action such as imprisonment or fine or an order to pay compensation.

Cyber law encompasses laws relating to:

1. Cyber Crimes

2. Electronic and Digital Signatures

3. Intellectual Property

4. Data Protection and Privacy

Cyber crimes are unlawful acts where the computer is used either as a tool or a target or both. The enormous growth in electronic commerce (e-commerce) and online share trading has led to a phenomenal spurt in incidents of cyber crime.

Intellectual property is refers to creations of the human mind e.g. a story, a song, a painting, a design etc. The facets of intellectual property that relate to cyber space are covered by cyber law. These include:

▫ copyright law in relation to computer software, computer source code, websites, cell phone content etc,

▫ software and source code licenses

▫ Trademark law with relation to domain names, meta tags, mirroring, framing, linking etc.

▫ semiconductor law which relates to the protection of semiconductor integrated circuits design and layouts,

▫ Patent law in relation to computer hardware and software.

Need for Cyber law

In today's highly digitalized world, almost everyone is affected by cyber law. For example:

▫ Almost all transactions in shares are in demat form.

▫ Almost all companies extensively depend upon their computer networks and keep their valuable data in electronic form.

▫ Government forms including income tax returns, company law forms etc. are now filled in electronic form.

▫ Consumers are increasingly using credit cards for shopping.

▫ Most people are using email, cell phones and SMS messages for communication.

▫ Even in "non-cyber crime" cases, important evidence is found in computers / cell phones e.g. in cases of divorce, murder, kidnapping, tax evasion, organized crime, terrorist operations, counterfeit currency etc.

▫ Cyber crime cases such as online banking frauds, online share trading fraud, source code theft, credit card fraud, tax evasion, virus attacks, cyber sabotage, phishing attacks, email hijacking, denial of service, hacking, pornography etc are becoming common.

▫ Digital signatures and e-contracts are fast replacing conventional methods of transacting business.

Legal Problems:

The Nature and Dimensions of the Information technology leads to peculiar legal problems. The problem deserve special treatment, because of the environment in which they creep up and the nature of the machinery used in the environment and the means employed for recording the information in question is typical. In all the other cases the documents are stored and transmitted through the use of visible and tangible letters, figures and marks however here the information which is stored and transmitted electronically has no visible shape or tangible form, this peculiarity of the technology gives rise to a deferent kind of legal problems. Therefore to overcome this legal problem the Information Technology Act, 2000 came into force in India on 17th of October 2000. The Act applies to all over India. Sometimes it applies to outside India also by any person irrespective of his nationality, if such act involves a computer, computer system or network located in India.

Major Offences

Section 43 of the Act, which covers unauthorized access, downloading, introduction of virus, denial of access and internet time theft committed by any person. It prescribes punishment by way of damages not exceeding Rs. 1 crore to the affected party.

Chapter XI of the IT Act discusses the cyber crimes and offences inter alia (Latin for "among other things"), tampering with computer source documents (Sec. 65), Hacking (Sec.66), Publishing of obscene information (Sec.67), Unauthorized access to protected system (Sec.70), Breach of confidentiality (Sec.72), Publishing false digital signature certificate (Sec.73).

The Meaning of Computer: As per Information Technology Act "computer" means any electronic, magnetic, optical or other high-speed data processing device or system which performs logical, arithmetic and memory functions by manipulations of electronic, magnetic or optical impulses, and includes all input, output, processing, storage, computer software, or communication facilities which are connected or related to the computer in a computer system or computer network.