42609

Faculty of Science and Technology
CBMS4303
Management
Information System
Copyright © Open University Malaysia (OUM)

CBMS4303
MANAGEMENT
INFORMATION
SYSTEM
Maryati Mohd Yusoff
Mohd Zakree Ahmad
Hafiz Mohd Sarim
Norhayati Mohd Ali
Nurhizam Safie Mohd Satar
Rames Mariapan
Salina Ismail
Muhammad Shakirin Shaari
Mohamed Ali Saip
Nassiriah Shaari

Project Directors: Prof Dato’ Dr Mansor Fadzil
Assoc Prof Dr Norlia T. Goolamally
Open University Malaysia
Module Writers: Maryati Mohd Yusoff

Mohd Zakree Ahmad
Hafiz Mohd Sarim
Norhayati Mohd Ali
Universiti Kebangsaan Malaysia
Salina Ismail
Muhammad Shakirin Shaari
Mohamed Ali Saip
Nassiriah Shaari
Universiti Utara Malaysia
Nurhizam Safie Mohd Satar
Rames Mariapan
Moderator: Assoc Prof Hassan Selamat

Universiti Putra Malaysia
Developed by: Centre for Instructional Design and Technology

First Edition, August 2011

Second Edition, December 2011
Third Edition, December 2013 (rs)
Copyright © Open University Malaysia (OUM), December 2013, CBMS4303
All rights reserved. No part of this work may be reproduced in any form or by any means without
the written permission of the President, Open University Malaysia (OUM).

Table of Contents
Course Guide xi–xvi
Topic 1 Computer-based Information Systems 1

1.1 Information System in Brief 2
1.1.1 Data, Information and Knowledge 2
1.1.2 Information Technology 4
1.1.3 Information System 5
1.2 Information Management 8
1.3 Information System User 11
1.3.1 Managerial Positions 12
1.3.2 Functions of Managers 16
1.3.3 Roles of Manager 17
1.3.4 Managerial Skills 18
1.3.5 Manager's Knowledge 19
1.4 Types of Computer-based Information System 20
1.5 Information System Department 22
1.5.1 Information Expert 23
1.6 Trends in Business Information Systems Applications 24
1.7 End User Computing (EUC) Trend 25
Summary 26
Key Terms 27
Topic 2 Managers and System Concept 28

2.1 Managers and System 28
2.2 Model 33
2.3 General Model System 35
2.3.1 Physical System 35
2.3.2 Conceptual System 36
2.3.3 Environment 40
2.3.4 Problem Solving 41
2.4 System Approach 46
2.5 Preparation Phase 47
2.6 Definition Phase 48
2.7 Solution Phase 51
Summary 53
Key Terms 53

iv  TABLE OF CONTENTS
Topic 3 Information Technology Support and Strategy in the Organisation 54

3.1 Capital Structure of a Company 55
3.2 Understanding Organisational Structure 57
3.2.1 Types of Organisational Structure 58
3.3 Implementation Of Information Technology in 61
Organisational Structure
3.4 Information Technology Management 62
3.4.1 Goals of Information Technology Management 62
3.4.2 Managing Information Technology Organisations 63
3.4.3 Functions of an Information Technology Organisation 63
3.4.4 Forms of Information Technology 64
Organisation Implementation
3.5 Usage of Information Technology in 65
Organisational Strategies
3.5.1 What is Strategic Management? 66
3.5.2 Strategy at the Business Level and the Value 66
Chain Model
3.5.3 Use of Technology in the Value Chain 67
3.5.4 Information System Products and Services 68
3.5.5 Supply Chain Management and Effective Customer 69
Response System
3.5.6 Industrial Level Strategy and Information System: 71
Competitive Forces and Network Economy
3.5.7 Information Partnership 71
3.5.8 Internet Usage in Business 73
Summary 75
Key Terms 76
Topic 4 Information Systems Integration in the Organisation 77

4.1 Redesigning the Organisation with Information Systems 78
4.1.1 Information Systems and Organisational Planning 78
4.1.2 Standardisation in Planning 82
4.2 Organisational Change 83
4.2.1 Organisational Change Due to Information System 83
4.3 Information System Support in the Organisation 85
4.3.1 Information System Support for Various Levels of 85
Management in the Organisation
4.4 Management Information System (MIS) 87
4.4.1 Input and Output MIS 88
4.4.2 Characteristics of MIS 89
4.5 Transaction Processing System (TPS) 89
4.5.1 TPS Objectives 90
4.5.2 TPS Methods or Processes 90

TABLE OF CONTENTS  v
4.5.3 TPS Activities 91

4.5.4 Traditional TPS Applications 94
Summary 97
Key Terms 98
Topic 5 Decision Support System 99

5.1 Decision-Making 100
5.1.1 Types of Decision 100
5.1.2 Decision-making Phases 103
5.1.3 Information Technology Support in Decision Making 104
5.2 Decision Support System 104
5.2.1 Definition of DSS 105
5.2.2 DSS Objective 106
5.2.3 DSS Characteristics 107
5.2.4 Analytical Modelling for DSS 108
5.2.5 Types of DSS 109
5.2.6 DSS Model 111
5.3 Group Decision Support System 113
5.3.1 GDSS Environment 114
5.3.2 Group Software 115
Summary 117
Key Terms 118
Topic 6 Executive Information System 119

6.1 The Roles and Characteristics of an Executive 120
6.1.1 Fayol Management Function 121
6.1.2 Mintzberg Management Roles 121
6.1.3 Networking and Kotter Agenda 123
6.1.4 How an Executive Thinks 124
6.2 Executive Information Needs 125
6.2.1 Mintzberg Research 125
6.2.2 Jones and McLeod research 126
6.3 Computer-based Executive Information System 127
6.3.1 Definition 128
6.3.2 EIS Model 128
6.3.3 EIS Input and Output 130
6.3.4 Characteristics of the EIS 130
6.3.5 EIS Capabilities 131
Summary 132
Key Terms 132

vi  TABLE OF CONTENTS
Topic 7 Expert System 133

7.1 What is an Expert System? 134
7.1.1 Why is an Expert System Needed? 135
7.1.2 Application of Expert System 136
7.2 Knowledge and Expert 138
7.3 Expert System Architecture 140
7.3.1 Knowledge Acquisition 141
7.3.2 Knowledge Base 141
7.3.3 Inference Engine 143
7.3.4 Explanation Facility 144
7.3.5 The User Interface 145
7.3.6 Working Memory 146
7.4 The Expert System Characteristics 146
7.5 Expert System Development 149
7.5.1 The Software and Tools in Expert 150
System Development
7.6 The Advantages and Disadvantages of an Expert System 152
7.6.1 The Expert System Advantages 152
7.6.2 Disadvantages and Weaknesses of Expert System 153
Summary 155
Key Terms 156
Topic 8 Functional Information Systems 157

8.1 Functional Information Systems in Brief 158
8.2 Marketing Information System 159
8.2.1 Marketing Principles 161
8.2.2 Marketing Information System Model 162
8.3 Manufacturing Information System 163
8.3.1 Material Requirement Planning 164
8.3.2 The Just-in-Time System (JIT) 167
8.4 Human Resource Management System 168
8.4.1 Human Resources Main Management Activity 168
8.4.2 Human Resource Information System Model 169
8.4.3 The Human Resource Research Subsystem 171
8.4.4 Human Resource Intelligence Subsystem 171
8.4.5 Workforce Planning Subsystem 172
8.4.6 Workforce Recruitment Subsystem 173
8.4.7 Workforce Management Subsystem 173
8.4.8 Compensation Subsystem 173
8.4.9 Benefit Subsystem 174
8.4.10 Environment Report Subsystem 174
Summary 175
Key Terms 175

TABLE OF CONTENTS  vii
Topic 9 Security and Social Issues Related to Information System 176

9.1 The Importance of Security 177
9.2 Security and the Internet 178
9.2.1 Security and E-commerce 180
9.3 System Security Threats 181
9.3.1 Viruses, Spyware and Adware 182
9.3.2 Insider Abuse of Internet Access 184
9.3.3 Laptop or Mobile Theft 184
9.3.4 Denial of Service (DoS) 185
9.3.5 Unauthorised Access to Information 185
9.3.6 Abuse of Wireless Networks 186
9.3.7 System Penetration 186
9.3.8 Telecom Fraud 187
9.3.9 Theft of Proprietary Information 188
9.3.10 Financial Fraud 188
9.3.11 Misuse of Public Web Applications 189
9.3.12 Website Defacement 189
9.3.13 Sabotage 190
9.4 Social Issues in Information Technology Usage 190
9.4.1 Threats to Jobs 190
9.4.2 Human Relations 191
9.4.3 Health Issues 191
9.4.4 Threats to Personal Rights (Privacy) 191
9.5 Ethical Issues 192
9.5.1 Ethical Issues in Information Technology 192
9.5.2 Basic Framework of Information 192
Technology Ethics
Summary 193
Key Terms 194
Topic 10 Development and Quality Issues Related to Information System 195

10.1 Information Systems Development 196
10.1.1 Investigation 197
10.1.2 Analysis 197
10.1.3 Design 198
10.1.4 Programming 198
10.1.5 Testing 199
10.1.6 Implementation 199
10.1.7 Maintenance 200
10.2 Concept of Quality in Information Systems 200
10.2.1 Capability Maturity Model 200
10.2.2 The Five Levels in the CMM Model 201

viii  TABLE OF CONTENTS
10.3 Information System Failures 202

10.3.1 Problematic Areas in Information Systems 202
10.3.2 Evaluating System Success 203
10.4 Reasons for Success or Failure of Information Systems 205
10.4.1 Reasons for Success and Failure 205
10.4.2 Development Process – 208
What Can Possibly Go Wrong?
10.5 Managing the Implementation of Information Systems 210
10.5.1 Controlling Risk Factors 210
10.5.2 Strategies for Overcoming the Mistakes in 211
Development Process
Summary 212
Key Terms 213

COURSE GUIDE

COURSE GUIDE  xi
COURSE GUIDE DESCRIPTION

You must read this Course Guide carefully from the beginning to the end. It tells
you briefly what the course is about and how you can work your way through
the course material. It also suggests the amount of time you are likely to spend in
order to complete the course successfully. Please keep on referring to the Course
Guide as you go through the course material as it will help you to clarify
important study components or points that you might miss or overlook.
INTRODUCTION
CBMS4303 Management Information System is one of the courses offered by the
Faculty of Science and Technology at Open University Malaysia. This course is
worth 3 credit hours and should be covered over 8 to 14 weeks.
COURSE AUDIENCE
This course is offered to all learners taking the Bachelor of Information
Technology, Bachelor of Business and selected Science and Technology
programmes. The course provides learners with a firm foundation in analysing a
wide range of management information systems. This course guides learners
systematically in acquiring the analytical and design skills required in grasping
fundamental concepts of management information systems.
As an open and distance learner, you should be able to learn independently and
optimise the learning modes and environment available to you. Before you begin
this course, please ensure that you have the right course materials and
understand the course requirements as well as how the course is conducted.
STUDY SCHEDULE
It is a standard OUM practice that learners accumulate 40 study hours for every
credit hour. As such, for a three-credit hour course, you are expected to spend
120 study hours. Table 1 gives an estimation of how the 120 study hours can be
accumulated.

xii  COURSE GUIDE
Table 1: Estimation of Time Accumulation of Study Hours
Study
Study Activities
Hours
Briefly go through the course content and participate in initial
3
discussions
Study the module 60
Attend 3 to 5 tutorial sessions 10
Online participation 12
Revision 15
Assignment(s), test(s) and examination(s) 20
TOTAL STUDY HOURS 120
COURSE OUTCOMES
By the end of this course, you should be able to:
1. Identify the functions and roles and types of system users;

2. Explain the types of the management levels and their functions;
3. Describe the types of management information systems;
4. Explain the concept of management through Exceptional and Critical
Success Factors;
5. Describe the definition of strategic management and the Porter value
model;
6. Explain the competitive force strategy and network economy;
7. Explain the concepts of Decision Support System (DSS), Executive
Information System (EIS) and Expert System (ES);
8. Explain the concepts of Marketing Information System, Manufacturing
Information System and Human Resource Information System;
9. Explain the importance of information system security; and
10. Describe the phases involved in information system development, concepts
of quality in software development and general causes of failures in
information systems.

COURSE GUIDE  xiii
COURSE SYNOPSIS
This course is divided into 10 topics. The synopsis for each topic is presented
below:
Topic 1 gives an overview of management information systems and computer-

based information systems. It begins with an explanation of the importance of
information management to an organisation in a globally-challenging scenario. It
then elaborates on the types of users, types of systems, differences between data
and information, types of management levels and types of management
information systems.
Topic 2 introduces types of models and system elements, such as the system
standard. Generally, the system standard is the performance level achieved by
the system output. Managers will ensure the system standard is fulfilled by
comparing the output system and the system standard. You will also be
introduced to two management strategies known as management through
exception and critical success factors (CSF). The system approach will also be
introduced at the end of the topic.
Topic 3 discusses the relationship between business and information technology,

and how IT can contribute to business competitiveness. This topic also discusses
information technology management, which comprises the components and
functions of the computer as well as input and output devices. In addition, the
topic introduces strategic management, the Porter value chain model, supply
chain management, industrial level strategies and information systems which
cover competitive and network economies.
Topic 4 introduces information systems planning and the effects of information

systems on the organisational structure. This topic also discusses information
systems support for various levels of management and how Management
Information System (MIS) and Transaction Processing System (TPS) support the
management of the organisations.
Topic 5 introduces you to the Decision Support System (DSS). In this topic, we
will discuss the decision-making process and how DSS helps managers make
effective decisions. You will recognise DSS as a system that provides
communication facilities which include information in helping consumers solve
problems. You will also learn the format or structured information that results
from DSS such as special reports and periodic report formats.
Topic 6 introduces you to the Executive Information System (EIS). EIS is a

system that provides the updated information, history and perhaps some

xiv  COURSE GUIDE
anticipation about the status and environment of the company in supporting the
administrative tasks and decision-making process of executives. You will learn
how an EIS helps managers in their work and the decision-making process.
Topic 7 addresses one of the branches of artificial intelligence, the expert system.
The expert system is also known as the knowledge-based system. An expert
system can be used to solve many problems that occur in an organisation such as
complex decision making. The expert system comprises many types of expert
systems based on rules, frames or bases on fuzzy sets. In this topic, you will be
exposed to the most popular expert system which is based on rules.
Topic 8 examines various types of functional information systems such as

marketing information system, manufacturing information system and human
resource information system.
Topic 9 introduces computer system security, which plays a critical role in

business, government and daily life. In particular, it discusses the issues of
system security, which is to ensure positive effects in the use of information
technology as well as suitable security control to avoid exposure to security
threats. The topic will also look into the social as well as ethical issues involved
in information systems.
Topic 10 describes the phases involved in information system development. It

also explains the standard related to quality of software development. It also
discusses the factors which can cause failure of the system in achieving
organisational objectives.
TEXT ARRANGEMENT GUIDE

Before you go through this module, it is important that you note the text
arrangement. Understanding the text arrangement will help you to organise your
study of this course in a more objective and effective way. Generally, the text
arrangement for each topic is as follows:
Learning Outcomes: This section refers to what you should achieve after you
have completely covered a topic. As you go through each topic, you should
frequently refer to these learning outcomes. By doing this, you can continuously
gauge your understanding of the topic.
Self-Check: This component of the module is inserted at strategic locations

throughout the module. It may be inserted after one sub-section or a few sub-
sections. It usually comes in the form of a question. When you come across this

COURSE GUIDE  xv
component, try to reflect on what you have already learnt thus far. By attempting
to answer the question, you should be able to gauge how well you have
understood the sub-section(s). Most of the time, the answers to the questions can
be found directly from the module itself.
Activity: Like Self-Check, the Activity component is also placed at various

locations or junctures throughout the module. This component may require you
to solve questions, explore short case studies, or conduct an observation or
research. It may even require you to evaluate a given scenario. When you come
across an Activity, you should try to reflect on what you have gathered from the
module and apply it to real situations. You should, at the same time, engage
yourself in higher order thinking where you might be required to analyse,
synthesise and evaluate instead of only having to recall and define.
Summary: You will find this component at the end of each topic. This component
helps you to recap the whole topic. By going through the summary, you should
be able to gauge your knowledge retention level. Should you find points in the
summary that you do not fully understand, it would be a good idea for you to
revisit the details in the module.
Key Terms: This component can be found at the end of each topic. You should go
through this component to remind yourself of important terms or jargon used
throughout the module. Should you find terms here that you are not able to
explain, you should look for the terms in the module.
References: The References section is where a list of relevant and useful

textbooks, journals, articles, electronic contents or sources can be found. The list
can appear in a few locations such as in the Course Guide (at the References
section), at the end of every topic or at the back of the module. You are
encouraged to read or refer to the suggested sources to obtain the additional
information needed and to enhance your overall understanding of the course.
PRIOR KNOWLEDGE
No prior knowledge is needed for this course.
ASSESSMENT METHOD
Please refer to myINSPIRE.

xvi  COURSE GUIDE
REFERENCES
Boddy, D., Boonstra, A., & Kennedy, G. (2005). Managing information systems:
An organisational perspective (2nd ed.). Harlow: Pearson.
Isenberg, D. J. (1984). How senior managers think. Harvard Business Review

Article.
Kotter, J. (1982). What effective general managers really do. Harvard Business
Review, 60 (2), 157-169.
Laudon, K. C., & Laudon, J. P. (2013). Management information systems:

Managing the digital firm (13th ed.). New Jersey: Pearson.
McLeod, R., & Schell, G. (2007). Management information systems (10th ed.).
New Jersey: Prentice Hall.
Turban, E., Sharda, R., & Delen, D. (2010). Decision support systems and business
intelligence systems (9th ed.). New Jersey: Prentice Hall.
TAN SRI DR ABDULLAH SANUSI (TSDAS)

DIGITAL LIBRARY
The TSDAS Digital Library has a wide range of print and online resources for the
use of its learners. This comprehensive digital library, which is accessible
through the OUM portal, provides access to more than 30 online databases
comprising e-journals, e-theses, e-books and more. Examples of databases
available are EBSCOhost, ProQuest, SpringerLink, Books247, InfoSci Books,
Emerald Management Plus and Ebrary Electronic Books. As an OUM learner,
you are encouraged to make full use of the resources available through this
library.

Topic  Computer-based
1 Information
Systems
LEARNING OUTCOMES
By the end of this topic, you should be able to:
1. Define information technology and information system;
2. Explain the significance of information management;
3. Identify the three types of management levels and their respective
functions;
4. Differentiate six types of information systems; and
5. Describe the role of the information system department.
 INTRODUCTION
Before we start, let us look at the following situation:
Imagine that you are working as a finance clerk in Company A. Company A is

an organisation that owns 30 shops in Kuala Lumpur. These shops sell various
types of sports equipment to customers. Each month, the manager of each shop
keys in the monthly sales figures in a Microsoft Excel sheet and submit to you.
You have to collect all 30 Excel files and consolidate the total monthly sales in
all 30 shops. If a manager from one of the shops calls you and states that there is
a mistake in the Excel file, you need to return the original file to the manager,
wait for the correct sales figures and then re-process the Excel file. Imagine how
tedious and tiring it will be if you have to do this manually each month, which
means 12 times for 12 months in a year.
Can you think of a way to make your work easier? How can you compile all the
information provided by these shops? This is where information system comes

2  TOPIC 1 COMPUTER-BASED INFORMATION SYSTEMS
into the picture. Since you have all the information you need (such as sales
figures in an Excel sheet), all you need is a system to process these information
instead of you processing it manually. This system is what we call information
system.
Organisations have many resources that must be smartly managed. Information

is one of the resources which play a vital role in ensuring that organisations
remain competent despite environmental changes and technological
advancement. Computers obviously can assist managers by providing
information within a short period.
Information generated by computers is used by both managers and non-

managers ă individuals who are in the organisational environment. Managers are
positioned at all management levels and organisational units. They play a crucial
role and execute the tasks with effective communication and problem-solving
skills. Therefore, in order to reap the benefits of technological advancement,
managers must know how to use computers and information.
In this topic, we will discuss the the differences between data and information
and knowledge, and the meaning of information technology and information
system. This topic will also elaborate on the importance of information
management, the types of users and their respective management and the
emerging trends in information system. Let us get started!
1.1 INFORMATION SYSTEM IN BRIEF

In the information age, organisations (such as Company A mentioned earlier)
and businesses are using information to gain a competitive advantage.
Information technology and information system are revolutionising the
operation of organisations, industries and markets. As such, let us now look at
the definition of information technology and information system.
1.1.1 Data, Information and Knowledge

Before we look at the definition of information technology, we need to clarify the
terms „data‰, „information‰ and „knowledge‰.
Data and information are used together in any field. However, both have
different meanings.

TOPIC 1 COMPUTER-BASED INFORMATION SYSTEMS  3
Data is the basic fact or raw fact which consists of texts, diagrams, graphics,
images, and audio and video clips which are meaningless.
One example of data is the students' list which consists of name, matrix number,
sex, course and address. Can you name a few examples of data?
How about information? Let us look at the definition.
Information is an organised and meaningful interpretation which is useful

about the data.
In simpler words, information is simply the data which has been processed in
order to be meaningful to the users. Process here means the operation to change
the type and content of the data. Data in the studentsÊ list can be processed to be
generated as a report or graph that shows the percentage of female students as
compared to male students who are registered in the university; or the
percentage of students according to the courses offered by the university.
Other data processing operations are arithmetic operations, data summary, time
scheduling and so on. The information processor can be the computer
components, non-computer components or a combination of both, which can
convert data into information.
Nevertheless, the definitions of data and information are different according to

the user who wants to use them. Data can be seen as information and vice versa
according to different individual opinions. For instance, a telephone bill is a
group of data that is meaningless to the president of a telecommunications
company yet useful to the customers who want to pay the telephone bill.
Now that you are clear about data and information, let us shift our discussion to
knowledge. What is knowledge? Look at the definition given in the following:
Knowledge consists of information that has been arranged and processed to

convey understanding, experience as well as expertise which is to be used in
solving current business problems.
According to Boisot (as cited by Boddy, Boonstra and Kennedy, 2005),

knowledge builds on information that is extracted from data. Knowledge is
derived from information in the same way information is derived from data; it is

a personÊs range of information. Knowledge embodies prior understanding,

experience and learning, whereby it is validated or amended as people receive
information. With knowledge, a person would be able to identify significant
patterns or trends and get a different understanding of the information.
Let us look at Figure 1.1, which shows the relationship between data, information
and knowledge.
Figure 1.1: The relationship between data, information and knowledge
SELF-CHECK 1.1
1. In your own words, define data, information and knowledge.
2. Explain the relationship between data, information and knowledge
based on Figure 1.1.
1.1.2 Information Technology

Now that we have learnt about data, information and knowledge, how should
we define information technology? Information technology (IT) is a technology
that contains three components, as shown in Figure 1.2.

Figure 1.2: Components of information technology
A combination of the three components creates opportunities for people and

organisations to become more productive, effective and generally successful
without being separated. Computers and computer networks are useless without
the knowledge of how to use them. Knowing when to use computers is as
important as knowing how to use them. Besides the ability to use computers for
communication, connecting people through IT is also important.
IT is a broad-based technology needed to support information systems. IT

supports activities involving the creation, storage, manipulation and
communication of information, together with their related methods,
management and applications. IT consists of all the hardware and software that
an organisation needs to use in order to achieve it business objectives.
1.1.3 Information System

Thus far, we have been exposed to the meaning of information. Let us now look
at the meaning of system and information system, respectively. What is a
system?
A system is simply a group of activities and elements which have been

arranged to achieve a certain objective.

We have seen the meaning of system. What about information system? Well, here
it is:
An information system is a combination of hardware, software and

telecommunication systems, which can support business operations to
increase productivity and help managers make decisions.
Besides that, information system may also support managers and staff to analyse
problems, visualise complex subjects and new products and services.
An information system contains five main components, as shown in Figure 1.3.
Figure 1.3: Components of an information system
In this age, the success of a business depends on the information system. Many
organisations today use information systems to offer services with greater
satisfaction to customers, to access a wider range of information, to handle
business changes at a greater speed and to increase the productivity of workers.
Based on a number of research, an effective information system should be able to
exceed customer expectations and fulfil business needs.
Therefore, we can conclude that information system is a crucial part of a business

organisation. Now, let us shift our attention to the activities that take place in the
system. As discussed earlier, information system is a combination of software,
hardware and telecommunication system. Have you wondered how they are

interconnected? Look at Figure 1.4, which illustrates the main activities that take
part in an information system. Can you name the three main activities?
Figure 1.4: Activities in an information system
The three main activities in an information system are:
(a) Input
Input gathers or captures raw and unprocessed data from within the
organisation or from its external sources.
(b) Processing
Processing converts this raw input into a meaningful form.
(c) Output
Output transfers the processed information to the organisationÊs managers
and staff who will use it or to the functions for which it is used.
Information system also requires feedback, which is a form of evaluation of the

output which is returned to the organisation in terms of complaints which
should be rectified immediately via corrective measures or suggestions of
improvement that can be used to advance the system and the business process of
the organisation in total.
However, you must remember that an information system does not only contain
data and information. There are also other elements inside the system, which are
related and in support of one another. The presence of these related elements
makes information more useful whereby it can be made available, processed,
distributed, manipulated, saved and so on. This combination gives rise to a
system, which is orderly and thus called an "Information System".

A Management Information System (MIS) is the original information system that

has long been developed with the aim of supplying information to assist the
manager in carrying out various daily activities. This is done to ensure that the
process of planning, control and monitoring can be implemented more efficiently
and effectively. MIS is a system that has information processing capabilities that
include collecting, processing, storing and disseminating data in the form of
information through analytical processing and conveying information to
whoever needs it.
ACTIVITY 1.1
Search the Internet, in order to find out how management information
system is related to an organisationÊs business. You may use the
keywords such as „MIS‰ AND „business‰ or „information system‰ AND
„business operations‰. Discuss your findings with your coursemates.
SELF-CHECK 1.2
1. Give the definition of information system.
2. What are the components of an information system?
3. How does information system help businesses? Give two
examples.
1.2 INFORMATION MANAGEMENT

Managers are positioned at all management levels and organisational units. They
play a crucial role and execute the tasks with effective communication and
problem-solving skills. Therefore, in order to reap the benefits of technological
advancement, managers must know how to use computers and information.
Manager must organise resources such as personnel, material, machines

(including facilities and energy), money and information (including data), so that
they can be implemented efficiently. An organisation's resources can be divided
into two categories, namely, physical and conceptual. The resources mentioned
earlier are physical resources, except information, which is a conceptual resource.
Both categories of resources are equally important to the organisation.
Conceptual resources are used to manage physical resources.

Resources are owned and prepared, so they can be used when needed. Normally,
the preparation processes involve the transformation of raw materials into usable
materials, for example, assembling a computer and training the workers. After
this process, managers will try to optimise the usage of the resources. They can
reduce the rest time of the resources to a minimum level as well as ensure the
resources are utilised at the most efficient level. Subsequently, the managers will
change the resources at a suitable time before they become obsolete or inefficient.
The concept of information management is similar to managing physical

resources. However, you must know that the contexts are different. How? Well,
managers will ensure that the data required can be obtained and processed into
usable information. They need to verify that the information reaches the right
person, in the right form and on the right time so that the information can be
applied. Then, unused information will be deleted and replaced with the
updated and accurate information. With this explanation, do you think you can
define what information management is? The following is how we can generally
define information management:
Information management as a group of activities which involves the process

of obtaining information, used effectively and deleted at an appropriate time.
Managers give priority to information systems due to two main factors:
(a) Changes in the Business Environment

The changes in the business environment can be elaborated through two
situations:
(i) Emergence of the Global Economy
Growth in the industrial economies of developed countries such as
the United States, Europe and Asia is due to imports and exports.
Today, the ability to run a business globally will determine the
success and the future of the organisation. Globalisation in the world
industrial economy has opened up new opportunities to businesses
and has increased the importance of information to the organisation.
Trade and global business management are connected by information

systems through networks and communication infrastructures.
Advanced information systems prepare the facilities to run business
activities globally, for instance, operating twenty-four hours a day in
the international environment, communicating and disseminating
information to customers and suppliers around the world and
providing online services and information. Thus, organisations need

excellent information systems and communication to enable them to

compete in the world market.
(ii) Transformation of Industrial Economies
The main industrial giants such as the United States, Germany and
Japan are undergoing the transition from an industrial-based economy
to a service-based economy, which is mainly based on knowledge and
information. This is because knowledge and information play a key
role in gaining profits in the new economic era. Meanwhile, the
manufacturing economy is shifting to developing countries.
The number of workers in service sectors such as sales, education,

health, banking and legal firms is higher than that in the agricultural
and manufacturing sectors. These workers provide services that
involve the application of technology and information systems to
create and spread information and knowledge. Information-based
services such as Web portals (Yahoo, America Online), databases
(IEEE, Lexis) and E-commerce (Amazon.com) are growing and these
firms have millions of workers.
The use of knowledge in producing traditional products is also

increasing. The manufacturing industry is utilising information
technology to enhance productivity. For example, the automobile
industry uses graphic design, while manufacturing plants use robots
and virtual reality.
(b) Improvement in Computer Skills

The size and speed of computers today are more advanced than before.
During the early days when computers were first introduced, most users did
not know how to operate a computer and some were even scared to touch
and learn how to use it. Today, the situation is different, where the majority
of workers know how to operate a personal computer (PC). Some of them
even own one at home. Computers have become part of the basic necessities
in life and in the working environment, similar to other basic needs. Basic
computer skills today cover operations such as performing basic operations,
using word-processors and spreadsheets, creating PowerPoint or graphic
files, printing a document, using the peripherals and utilising the Internet.
SELF-CHECK 1.3
How is information management important in a personÊs daily life?

Explain.

1.3 INFORMATION SYSTEM USER

In your opinion, who is the user of an information system? When you update
your profile during online banking, does that make you an information system
user? Let us look at the definition.
An information system user is any individual who uses the information

system for a specific purpose, such as to access information, update data,
process information, conduct transactions and generate a report.
Users come from many categories and designations. They can either be from
inside or outside a firm. When the information system was first introduced, the
users were mainly clerks in accounts departments whereby a computer was used
only for accounting applications such as payroll, inventory and billing.
Information generated by the accounting applications was then used by the
firm's manager.
The evolution of computer systems from the Accounting Information System

(AIS) to the Management Information System (MIS) has changed the perspective
of using information, from only recording the firm's transaction to assisting
managers in solving organisational problems. The Management Information
System (MIS) is able to support the information requirement of the management.
Nevertheless, the application of information in MIS is not limited to managers

only. MIS information can be applied by other users including non-managerial
workers who access company reports, customers who receive monthly
statements, stockholders who receive dividend cheques and government
departments which receive taxation reports. In general, the information system
users comprise managers, non-managers, individuals and organisations in the
information environment.
SELF-CHECK 1.4
Define information system users. Give two examples of information

system users.

1.3.1 Managerial Positions

As discussed earlier, there are many levels of users of information system. It is
not only limited to the managers. However, managers use information system
extensively in order to make business decisions. That too depends on which level
they are positioned in the organisation. Managers are placed at every level of
management and in all units or departments in an organisation. Now, we will
discuss the management levels and the roles of the managers in each level.
(a) Levels of Management

In general, every firm has three levels of management. The three levels are:
(i) Top level management
Also known as strategic management.
(ii) Middle level management
Also known as control or tactical management.
(iii) Bottom level management
Also known as operational management.
Each level of management runs different management tasks in terms of

scope and period. Table 1.1 shows an example of the job scopes for every
level of management and the individual responsible in executing the tasks.
Table 1.1: Example of Job Scope for Various Management Levels of a Firm
Management
Job Scope Designation
Level
Top To prepare long-term plans (5-10-20 years). CEO,
President,
Vice President
Middle To prepare mid-term plans (1 month ă 1 year). Branch
To plan actions for the long term and to Manager,
ensure the firmÊs objectives are achieved. Director,
Division
Leader
Bottom To ensure the planning done by top and Head of
middle management levels are implemented. Department,
Supervisor,
Coordinator,
Project Leader

Managers prepare the planning by using several types of plans according to

management stages, namely:
(i) Strategic Planning (Top Level Management)

Strategic planning is a long-term plan which defines the overall
mission and objectives of the organisation. Strategic planning ensures
that the long-term objectives are met by analysing the strengths and
weaknesses of the organisation, forecasting future trends and
predicting new products or service development. Strategic planning
focuses on the issues which will impact the expansion and the
position of the firm in the future. Top managers focus on the overall
activities of the business and use the information system to identify
the direction the firm is taking.
Managers at the top level are also known as executives. The

executives are the President and Vice President, who establish the
Executive Committee which solves the firm's issues.
(ii) Tactical Plan (Middle Level Management)

Tactical planning is short-term planning, normally from one month to
one year. This is an action framework based on the strategic planning.
The middle manager will delegate power and responsibility to the
bottom level manager and give instructions, resources and feedback
on the work. Although the tasks are delegated, the middle manager
will definitely be involved in monitoring, controlling, decision-
making and administrative activities.
(iii) Daily Plan (Bottom Level Management)

Daily planning is executed by the lower level manager who leads the
operation staff. They will coordinate the operational tasks, solve
problems and guarantee the availability of important resources.
Every level of the management requires different types of information

systems which are based on their respective information needs. Every
level of management has different resources and information
providers, supported by the information system.
Figure 1.5 shows that environmental or external resources

information is used more by top management rather than lower level
management. Meanwhile, the lower level managers prefer internal
information. This indicates that the top level manager prefers general
information compared to the lower level manager who prefers more
detailed information.

Figure 1.5: Influence of management levels on information source and display

Source: Mc Leod (2001)
SELF-CHECK 1.5
In your opinion, is there any management environment whereby the

manager needs to do all three types of planning?

ACTIVITY 1.2
Visit the following website: http://www.mampu.gov.my/pdf/flipbook

/ISPplan2011/
Briefly list the idea on ICT strategic planning carried out by MAMPU for
the Malaysian Public Sector. Discuss your findings with your
coursemates.
(b) Department of a Firm

A manager is also in a department in the firm, which is known as unit or
functional area. In other words, every department in a firm is managed by
managers at the three levels of management.
Figure 1.6 shows the position of managers in the various stages of

management and departments in the firm. A firm has different
combinations of departments but in general, the departments include
accounts, marketing, manufacturing, human resource and information
service (also known as information system, management information
system and information technology).
Figure 1.6: The managerÊs position in the management stage

SELF-CHECK 1.6
Look at Figure 1.5 again. Briefly explain what you understand about
the needs of information in every level of management in decision
making?
1.3.2 Functions of Managers

From our previous discussion, I am sure you have noticed that managers have
similar functions and roles although they are positioned at different levels of
management and departments. Let us now discuss this further to learn more
about the functions of managers.
In 1914, Henri Fayol, a French theoretical management expert identified five

main functions of a manager:
(a) Planning;
(b) Organising;
(c) Staffing;
(d) Directing; and
(e) Controlling the resources effectively.
Every manager at each level of management and department implements these

functions with a different focus, depending on the level of management.
Look at Figure 1.7, which shows the influence of the respective level of
management towards the focus on implementing management functions;
management functions can provide guidance in developing an information
system.

Figure 1.7: The influence of the management levels towards the focus on implementing
management functions
1.3.3 Roles of Manager

In general, management means the use of resources to achieve goals effectively
and efficiently. In an organisation, management is normally performed by a
manager. What do you think is the role of the manager? It can be divided into
three main categories (refer to Table 1.2).
Table 1.2: Role of the Manager
Managerial Role Description
Interpersonal  The manager is seen as the leader and mediator of the workers.
Role  The manager is the role model for the workers.
 The manager monitors the activities and work done by the
workers and organisation, distributes the tasks and resources, as
well as is the spokesperson for the workers with external
Informational parties.
Role
 For example, the manager will provide feedback from the upper
management or customers regarding the customer friendly
service that is provided by the workers.
 The manager puts in a lot of effort, handles problems,
Decision-
distributes resources, as well as holds negotiations for the
making Role
workers and external parties.

1.3.4 Managerial Skills

Managers must possess many skills in order to effectively solve their tasks.
Generally, every manager should possess two basic skills, namely,
communication skills and problem-solving skills. These skills are important
because they are used in daily routine jobs. Let us look closely at these two basic
skills.
(a) Communication Skills

Managers communicate with individuals such as lower level staff, top level
staff, staff in other departments and individuals outside the firm like
customers, suppliers and financial institutions.
Managers communicate by sending or receiving information, either written

or verbal. Examples of written communication include letters, reports,
memos, meeting minutes and e-mails. Verbal communication occurs during
meetings, telephone conversations, voice mail, business trips, business
appointments and social activities such as parties and entertainment. Both
types of communication are implemented externally and internally.
Every manager has a preference for a particular mode of communication.

Some prefer verbal interaction by telephone or appointment rather than
writing an e-mail or a letter. Some managers prefer e-mail because it is
cheaper and short. Nevertheless, different types of communication can be
combined according to suitability and managerial style.
(b) Problem-solving Skills

Managers solve problems faced by the firm, whether major or minor, to
ensure operations run smoothly.
Problems are always visualised as negative elements or as giving the firm

or individual a bad image. Actually, problems in the context of
management can give both an advantage and disadvantage to the firm. We
will study the definition of problems in detail in Topic 2. Nonetheless,
problems must be faced, and the actions taken to solve the problem are
known as solutions.
Managers who intend to solve a problem must first go through the relevant
processes. These processes involve decision making. Decision making refers
to the selection of solution alternatives, which would have been identified
earlier. A decision is taken after the alternatives have been evaluated.
Usually, the solution alternatives for every problem are identified in order
to get a better solution.

ACTIVITY 1.3
Do you know why managers need management skills? Discuss.
ACTIVITY 1.4
In your opinion, what is the action taken by a manager if a problem

cannot be solved? Discuss.
1.3.5 Manager's Knowledge

Besides the basic skills discussed earlier, managers need to be information and
computer literate, which are important when utilising computers.
(a) Computer Literacy
Computer literacy refers to the basic knowledge that must be possessed

by computer users so that they can operate the computer efficiently.
The basic knowledge is the brief understanding of computer technology

such as the functions of a mouse, monitor and CPU, knowing the
advantages and disadvantages of computers and the ability to use a
computer (not necessarily being able to write computer programs). On top
of that, the users should also be up to date with the latest technology.
(b) Information Literacy

Apart from computer literacy, managers need to possess information
literacy.
Information literacy refers to the understanding of the use of

information at every level of the problem-solving process, and knowing
how to search for information resources and how this information can be
shared for mutual benefit.
Computer and information literacy do not depend on each other even though
they are related and complement each other. Some managers are information
literate yet lack computer literacy. However, it would be ideal if managers
acquire both skills.

1.4 TYPES OF COMPUTER-BASED

INFORMATION SYSTEMS
An information system in an organisation is known as the Computer-based
Information System (CBIS). CBIS is developed based on the functional activities
at the organisational functional level.
Examples of CBIS are the Accounting Information System (AIS), Transaction

Processing System (TPS), Management Information System (MIS), Office
Automation System (OAS), Decision Support System (DSS), Executive
Information System (EIS) and Expert System. Table 1.3 shows the features of the
mentioned CBIS.
Table 1.3: Types of Computer-based Information Systems
System Input Processor Output User

TPS/AIS Transaction; events Picking; listing; Detail report; Operation
merging; list; summary staff;
updating supervisor
MIS Summary data Routine report; Simple report Middle
transaction; high simple model; manager
volume data; simple low level
report analysis
OAS Document; schedule Document Document; Clerical staff
management; schedule mail
schedule;
communication
DSS Low volume data or Interactive; Special report; Professional;
very big database that simulation, result analysis; manager
is optimised for data analysis responds to
analysis; model and the inquiry
data equipment
analysis
EIS Overall data: Internal, Graphic Forecast Senior
external simulation responds to management
interactive inquiry
Expert Knowledge, facts and Simulate how a Reasoning and Senior
System techniques of decision human expert analysis of managers
making thinks decisions to
solve problems
Let us now discuss the types of CBIS further.

(a) Accounting Information System (AIS)

Accounting Information System (AIS) or Transaction Information System
(TPS) is used in the operational level of a firm. AIS is a computerised
system which executes and records the routines or daily transactions of the
firm. Examples for TPS are the payroll system, registration system,
customer request system and examination result system.
Let us take the registration sytem in a university. Do you know what

happens in the student registration system in a university? The registration
system will execute and record the student registration activities for every
semester. The main file which is the registration file consists of information
on students and courses such as name, matriculation number, address,
faculty, phone number, course name and course code, known as the data
elements. These data will be keyed in to the system and new data (such as
course registration and fee payment) will update the data elements. The
data elements in the main file will be combined to make a report needed by
the management and user.
(b) Management Information System

A Management Information System (MIS) provides management
information in the supporting, planning, controlling and decision-making
functions by generating special and periodic reports. MIS will report the
firmÊs basic operations through AIS data. Figure 1.8 shows an example of
such a report. Usually, the reports are produced on a weekly, monthly or
annual basis.
Bookstall Manaf
Sales according to products and districts of Johor in the year 2012
PRODUCT CODE PRODUCT NAME DISTRICT SALES
1110 Textbook Muar 7,224,600
Batu Pahat 6,340,000
Pontian 4,326,300
Johor Bharu 8,454,000
TOTAL 20,638,900
2110 Magazine Muar 8,900,400
Batu Pahat 6,500,000
Pontian 3,200,500
Johor Bharu 9,422,000
TOTAL 22,172,900
Figure 1.8: An example of the report produced by MIS

(c) Office Automation System (OAS)

Office Automation System (OAS) is a computer system that consists of
electronic devices used for communication and productivity for managers
and workers. Among the OAS applications are the word processor, e-mail,
electronic calendar, facsimile machine, audio conference, video conference,
computer conference and desktop publishing (DTP).
(d) Decision Support System (DSS)

Decision Support System (DSS) is an information system which assists
managers to solve problems and make decisions on very specific issues.
DSS answers questions such as „Where is the suitable location for the firm
to open a new branch?‰ and „What is the effective way to introduce a new
idea in the firmÊs product?‰
(e) Executive Information System (EIS)

Executive Information System (EIS) is a system specifically used by the
executive management in making strategic decisions. It is a tool that
provides online access directly to the relevant information, in the format
that is useful and can be browsed. Relevant information is timely, precise
and useful in the business aspects, according to the interest of certain
managers. Its format is useful, and can be browsed easily, which means that
the system has been specially built for the use of individuals who have little
time to spare, are less skilful in using the keyboard and less experienced
with computers. It focuses on fulfilling the strategic information needs of
the top management.
(f) Expert System (ES)

Expert System (ES) is a computer system which can replicate the human
methods in problem solving such as thinking, learning or giving
explanations for a solution by using artificial intelligence and knowledge
stored in the database. The database contains domain knowledge such as
medical, finance or insurance. Artificial intelligence has many applications
or systems represented by ES. These include applications such as neural
network and genetic algorithm.
1.5 INFORMATION SYSTEM DEPARTMENT

The Information System (IS) department develops and maintains the firmÊs
information system. The department is also known as the Information Service
Department, Information Technology (IT) Department or Management
Information System (MIS) Department. The structure and department name
might be different depending on the firm. In a small firm, a multi-tasking

individual can handle all tasks related to the information system while in a huge
firm, there might be many units in the IS department and many employees to
execute specific work for every unit. Figure 1.9 shows the general organisational
chart for an IS department.
Figure 1.9: General organisational chart for an IS department
SELF-CHECK 1.7
What is the importance of an information system department to an

organisation?
1.5.1 Information Expert

Information experts are members of the staff who are responsible for the
development and organisation of the firm's information system.
Basically, there are five categories of information experts, namely, the system
analyst, database administrator, network administrator, programmer and
operator.
(a) System analysts (SA) develop a new system or upgrade the current system.
System analysts will define a problem, document the analysis, create the
system design and develop the recommended system. Interaction and
cooperation from the user and the management is needed in developing a
system which fulfils the user's needs.

(b) Database administrators develop and maintain the database, which consists
of the required data for producing information for users.
(c) Network administrators develop and maintain data communication which
connects and allows the sharing of computer resources. Internet
development has created new experts in this field, known as Web masters
or Web designers.
(d) Programmers write the programming codes in the programming language
based on the design documentation, earlier written by the system analysts.
The programmers also test the written program to ensure it is bug-free from
any syntaxes and logical errors.
(e) Computer operators operate large-scale computers such as the main
framework and mini computer. They operate the routine jobs, operate the
printers' data storage and help users troubleshoot.
ACTIVITY 1.5
Are there any organisations that do not have any of the information
experts mentioned in Subtopic 1.5.1? List the effects or disadvantages of
such a situation.
1.6 TRENDS IN BUSINESS INFORMATION

SYSTEMS APPLICATIONS
The trend of business information system applications is moving towards
application integration and the use of artificial intelligence. Some of the uses of
these types of applications are as follows:
(a) Facilitate the transaction process

For example, with the integration of the accounting information and human
resource information systems, the calculation of wages and compensation
can be carried out quickly and easily.
(b) Used with network and Internet technology, especially in the process of
obtaining external sources or information
For example, in strategic planning, the organisation can obtain information
about its competitors that is on the Internet. The organisation can also look
at the reports and government mission.

(c) Allow the use of multimedia elements like text, graphics, audio, video and
animation. Furthermore, the addition of artificial intelligence elements can
expedite and facilitate mankindÊs tasks
For example, in the car design and production industry, the information
system is combined with multimedia technology and artificial intelligence
(d) Increase the understanding process and report presentation
1.7 END USER COMPUTING (EUC) TREND

Development in information technology has created computer literacy in many
people either at a minimum level or at higher levels. This development helps the
computer user to operate or develop the computer system without the help of
information experts. The system user who uses computer-based information is
known as the end user. Full or partial development of the information system by
the user is known as end user computing (EUC).
EUC grew because of the following factors:

(a) Development in computer literacy.
(b) Increase in the backlog tasks of the information system department. The
high demand for development and maintenance of the information system
caused many tasks in the information system department not to be
completed within the deadline.
(c) The cost price of computer hardware is lower these days. Therefore, users
can purchase computer hardware and learn on their own.
(d) A variety of choices in off-the-shelves software packages are now available
in the market. These software packages provide a general function of an
application system yet can be customised according to the specific purpose
of the firm. Moreover, the software packages can be easily used by expert
or novice users to execute the computer-based information system.
ACTIVITY 1.6
Visit http://en.wikipedia.org/wiki/End-user_computing. List the

main points about end user computing (EUC). Compare your answer
with your coursemates.

SELF-CHECK 1.8
1. Define the following:

(a) Information expert
(b) End-user computing
2. What are the trends in business information system applications?
3. With the programmerÊs assistance, a manager in an accounts

department uses Microsoft Excel to generate a ledger and
monthly bookkeeping. Is this an example of EUC? Give your
reasons.
 Data is a raw fact which is meaningless while information is the data that has
been processed into meaningful form. Knowledge is derived from
information in the same way information is derived from data.
 Information technology and information system are major enabling tools for
organisations to develop new products and services, as well as creating new
business models.
 An information system is a combination of hardware, software and

telecommunication systems, which can support business operations to
increase productivity and help managers make decisions.
 MIS is a system that has information processing capabilities that include

collecting, processing, storing and disseminating data in the form of
information through analytical processing and conveying information to
whoever needs it.
 Information is one of the important organisational resources and needs to be

managed properly. The growth of businesses and improvements in computer
expertise are the catalysing factors of information management.
 Every manager at each level of management (strategic, tactical and

operational) and department has to have the necessary skills to implement
his or her functions with a different focus, depending on the level of
management.

 The main types of computer-based information systems are the Accounting

Information System, Management Information System, Office Automation
System, Decision Support System, Executive Information System and Expert
System.
 The unit in a firm responsible for developing and maintaining the system is
known as the information system department. The department has
information experts, namely, the system analyst, database administrator,
network administrator, programmer and computer operator.
 The information expertÊs tasks can be minimised through user involvement

in the system development. This phenomenon is known as end user
computing development.
Data Information management

End user computing Information system
Information Knowledge
Information experts

Topic  Managers
2 and System
Concept
LEARNING OUTCOMES
1. Explain various elements of system;
2. Describe the four types of models and their usage in business;
3. Discuss the general model system (physical and conceptual system)
in organisations;
4. Explain the concept of problem solving; and
5. Apply the system approach in problem solving.
 INTRODUCTION
In this topic, you will be introduced to system concept, which is important for
modelling and problem solving. This topic will introduce models which can
assist managers in solving problems, namely, physical, narrative, graphic and
mathematical models. You will see more details of the general system model
elements which include the physical system and conceptual system. You will also
be introduced to another system element called standard. Generally, standard is
the performance level achieved by the system output. Managers ensure the
system standard is fulfilled by comparing the output system and standard.
Actions can be taken if the output is more or less than the standard.
2.1 MANAGERS AND SYSTEM

In order to solve a problem efficiently, managers have to view the firm as a
system. Every system has a concept and element which can be seen either from a
general or specific aspect. This will make it easier for managers to view the

TOPIC 2 MANAGERS AND SYSTEM CONCEPT  29
overall system or part of the system in detail, and its relationship with other parts
of the system. New systems are developed to solve problems which exist in the
current system. Let us look at the system concept in the context of the
management information systems.
(a) What is a System?

A system is defined as a group of elements that work together to achieve an
objective. An organisation such as a firm, institution or department is an
example of a system. A firm is established from several elements such as
humans, hardware, software, and devices which work together to achieve
the firmÊs objective.
(b) What are System Elements?

Every system has a different combination of elements. In general, a system
has basic elements such as objectives, control mechanisms, input,
transformation and output, as shown in Figure 2.1. For a system, input
resources are transformed to output resources. The control mechanism
monitors the transformation process to ensure the system achieves the
process objectives.
Figure 2.1: Elements of a system
To understand this better, let us look at a few examples. The human body has
several systems which possess control mechanisms. Note how our respiratory
systems make us sweat in the hot weather so that our skin becomes cooler, while
our hair rises to trap more heat in the cold weather. Have you ever experienced
food poisoning before? If yes, you will remember how frequently you had to go
to the toilet, or how you vomitted all day as your digestive system flushed out
the toxins in the body. The reaction occurs because the control mechanism in our
body system changes the normal transformation process.

30  TOPIC 2 MANAGERS AND SYSTEM CONCEPT
In automobile manufacturing for example, if there were a deficiency in the car

inventory, the management would inform the input system to take action to
resolve the identified problem.
Now, look back at Figure 2.1. In a system, the control mechanism is connected by
a feedback loop (in the arrow flow). The control mechanism monitors the
system's performance by comparing the feedback signal with the systemÊs
objective. If the system output achieves the objective, then the system will be in a
stable condition. In the unlikely event that the system output does not meet the
system's objective, a signal is sent to the system input so that necessary action can
be taken to change the system operations.
Now that you understand what a system is and also the elements that make up
the system, let us look at the two types of system.
(a) Open-loop and Closed-loop Systems

Not all systems have the control mechanism, feedback loop and objective to
control their operations. Systems with no control mechanism are known as
open systems, as illustrated in Figure 2.2. An example is an information
system that automatically generates report on a regular basis without
monitoring the input, performance or activities.
Figure 2.2: Open-loop system
The closed-loop system has three control components, namely, the control
mechanism, feedback loop and objective, as illustrated in Figure 2.1. An
example of this system is the budgetary control system in an organisation
in which during the budget presentation, the issues are communicated
through the feedback system and each expenditure is compared with the
objectives through the control mechanism.
(b) Open and Closed Systems
An open system is a system that is connected to its environment through

the flow of resources.
Most of the systems that exist are open systems. An example is the election
voting system which counts voting input from voters around the country
and declares the results back to them.
On the contrary, a closed system is not connected to its environment. You

might have conducted a science experiment in the laboratory during your
school days. Was the experiment connected to any environmental elements
outside the laboratory? If the answer is no, then the system conducted in
the closed and remote laboratory is a good example of a closed system.
(c) Subsystem
Subsystem is a system which is connected to the environment through

the flow of resources.
A system has many stages. For instance, the human body has many systems
such as the respiratory system and the digestive system, which, in turn,
have many subsystems that can be further divided up to a single cell. For
example, a system in a clinic has many subsystems, which can be divided
into the simplest form. A system in a clinic may have the registration,
appointment and medical treatment subsystems. Figure 2.3 shows a system
that has many subsystems.
Figure 2.3: System and subsystems

(d) Super System

A super system is a bigger system which consists of many subsystems. For
example, a department subsystem is part of the university super system. A
faculty system also makes up part of the university super system.
(e) Physical System and Conceptual System
A physical system is a system that originates from tangible physical

elements. An example of a physical system is the business firm which
consists of humans, building materials, hardware and office equipment.
A conceptual system is a system that uses conceptual resources which

cannot be seen physically to represent physical system.
Conceptual resources are data and information. The conceptual system

exists as an idea in the manager's mind, graphs, papers or data statements
captured on the screen.
Let us take manufacturing for instance. Manufacturing is a physical system.

It consists of humans, raw materials and machines which work together to
create a product. However, data and information which are stored in the
system are the conceptual system which reflects the physical system.
Through the manufacturing conceptual system, managers can identify the
quantity of raw material used, transformation process sequences, workers
who handle the manufacturing operation, quantity and destination of
finished products on a daily, weekly or monthly basis.
More explanation about physical and conceptual system will be deliberated

in Subtopic 2.3.
The Importance of System View

System view is the way on how we look at an issue, problem or event in the
context of a system. The view looks at business operations as a system that
is part of a bigger environment. A system view benefits managers by:
(a) Elaborating on the structural and functional complexity of
organisations with the concept of super system and subsystem;
(b) Identifying the objectives and the directions of the organisation;
(c) Determining how the components of the system need to cooperate
with each other in order to achieve the organisational objectives;

(d) Identifying the relationship between organisation and its

environment; and
(e) Prioritising the value of feedback information which is achievable
from the closed-loop system.
SELF-CHECK 2.1
In your opinion, what is the relationship between management and
the management information system?
2.2 MODEL
A model is a representation of things; like an object, a concept or real activity known
as entity. The model is used to represent problems, which need to be solved in a
form that is easily understood. Types of models and their usages are as follows:
(a) Types of Model

Models can be classified into four types ă physical, narrative, graphic and
mathematical.
(i) Physical Model
A physical model is a representation of three-dimensional entities, which
can be seen by the naked eye. Usually, the entity is re-modelled to a scale
smaller than the actual one. Examples of physical models are normally
applied in the business environment such as a house or car model.
(ii) Narrative Model
A narrative model is used by managers to explain an entity through oral
and written communication. Through the explanation, the audience can
understand the details of the entity. This model is the most popular
model because it covers every single aspect of business communication.
(iii) Graphical Model
Have you ever heard the English expression "a picture paints a thousand
words"? The graphical model is used to visualise the entity via graphs,
charts, forms, symbols and lines. Apart from businesses, the graphical
model is also applied in the design of information systems. You would
surely recall the graphical models used in system analysis and design.
Among the examples of graphical models are the Data Flow Diagram
(DFD), Entity Relationship Diagram (ERD), flowchart and structure
chart.

(iv) Mathematical Model

This mathematical model is a formula or mathematical equation which
consists of a few variables and constants. How do you calculate sales
profits? You can calculate the profits through a simple formula by
adding the values in the following equation:
Profit = Sale ă Cost
Managers need to continuously monitor the situation after the
solution has been executed to ensure it can solve the problem as
expected. If an error occurs, remedial action must be taken to correct
the situation.
ACTIVITY 2.1
Visit the website http://en.wikipedia.org/wiki/Entity-relationship_model
and http://en.wikipedia.org/wiki/Data_flow_diagram. Based on the
website, discuss the details on how the Data Flow Diagram (DFD) and
Entity Relationship Diagram (ERD) are developed for an information
system.
ACTIVITY 2.2
Based on the four types of models, develop a diagram which links all
the models. Compare the diagram with your coursemates.
(b) Uses of Models

The four models that we discussed earlier make understanding and
communication easier. This is because the entity is presented in a simple form.
The models can be used separately or combined together to suit the
circumstances. For example, the mathematical model has an advantage
because it can forecast the future.
SELF-CHECK 2.2
If you are a manager, what is the use of a model to you?

2.3 GENERAL MODEL SYSTEM

The general model system was introduced to enable the easy use of the
information system concept by various organisations. The element of a general
model is the foundation for information systems in every organisation. If you can
understand the fundamental concept of the general model system, you can easily
understand the entire concept of the general model system and organisational
structure. You only need to add or modify the general model system with the
current types of information systems and the organisational structure when
analysing and designing the information system.
2.3.1 Physical System

A firmÊs physical system transforms the input resources to the output resources, as
shown in Figure 2.4. Input resources are extracted from the environment, processed
to form the output resources and then returned to the same environment. Since
interaction exists between the firm and its environment through physical resources,
the firmÊs physical system can be classified as an open system. If we look at the
example of the process of producing cooking oil, we can imagine how input
resources such as palm oil are processed to be cooking oil. The palm oil is extracted
from the firmÊs environment while the cooking oil is marketed to the customers
living within the environment.
Figure 2.4: A firmÊs physical system
On top of this material flow, there are other types of flow such as personnel flow,
machinery flow and financial flow.
(a) Material Flow

Material input such as raw materials and components are provided by the
suppliers. The materials are stored in warehouses or stores before being
processed. After undergoing the transformation process, the materials will
be turned into products and stored in the warehouse before being delivered
or marketed to customers.

(b) Personnel Flow

Personnel flow refers to flow of manpower. Personnel are employed
through recruitment agencies or through announcements in printed and
electronic media. The job application is a process conducted by the human
resource department. The new personnel are then posted to various
departments within the firm where they are trained and exposed to the job
scope so they can function well in their work.
There are personnel who work until retirement while others may resign
earlier. In both cases, the personnel will then return to their environment.
(c) Machinery Flow

Machinery flow explains how machines are supplied and used in the firm.
They are then returned to the environment when they can no longer
function and replaced with new ones. Computers, printers, duplication and
facsimile machines are among the the machines used in a firm.
(d) Monetary Flow

Monetary flow starts with stakeholders such as banks or individuals who
finance the firmÊs operations. Cash is also obtained from customers,
generating revenue for the firm. Cash is then returned to the environment
to repay loans, for investment purposes or given out as donations.
ACTIVITY 2.3
How can a control mechanism be linked to the flow of resources to
enable progress monitoring and system development? Discuss.
2.3.2 Conceptual System

You were introduced to control mechanism system components earlier in this
topic. The existence of these components enables the system to control its output
in order to fulfil the system's objectives. This type of system is known as the
closed-loop system. On the other hand, a system that does not have a control
mechanism is known as an open-loop system. In firms, the management is the
control mechanism which controls the systemÊs performance. The management
needs information, usually written reports and other related documents to
control the firm. Management reports consist of input, transformation and
output information that assist the managers to evaluate the firmÊs performance.
Figures 2.5, 2.6 and 2.7 show examples of input, transformation and output
reports.

Figure 2.5: Supplier report gives input information
Figure 2.6: Job status report gives transformation information
Figure 2.7: Sales report gives output information

(a) Information Dimensions

The manager evaluates output produced by the information processor
based on four information dimensions:
(i) Relevant
Information is relevant if the contents fulfil the requirement of the
problem faced. The manager can obtain the related information
without any support from other unrelated information.
(ii) Accurate
Information must be accurate and without errors. It is especially
important when it involves issues pertaining to salary, loans and
bills. The future forecast and performance report must also be
produced accurately by using accurate information.
(iii) On Time
Information must always be available when it is needed. Past and
latest information can help the manager decide better.
(iv) Complete
Information must be comprehensive and complete but not excessive
to the point of being irrelevant to the problem being solved.
(b) Standards
Standards are the measurement of a firm's performance and are

stated in specific terms and can be measured quantitatively in the
form of money, numbers, percentage and such.
Managers need information that can explain what is achieved by a

department or unit and the performance standards that need to be
observed. You already know that every system must have objectives, which
are the overall goals that need to be achieved.
Every system has at least one objective. Objectives are stated in general and
something more specific must be determined to measure whether the
system's objectives can be achieved.
For example, the company's objective is to deliver excellent services to

customers; the performance standard is that there should be less than 10
complaints a month. A university's objective is to produce high calibre
graduates; the performance standard is to ensure that 10 per cent of the
graduates obtain first class degrees and 20 per cent of the graduates obtain
an A in their final project.

The manager compares the firm's standard and performance in order to

control the physical system. The difference between them will confirm
whether action must be taken. Figure 2.8 shows standard as the additional
element of the physical system. Therefore, the conceptual system controls
the physical system by using three important components, which are
management, information processor and standard.
Figure 2.8: Performance standard is delivered to management

and information processor
SELF-CHECK 2.3
Link all four information dimensions with the effectiveness of standards

implementation in a firm. Present your answer during your tutorial.
(c) Management Techniques

There are two management techniques that help managers to execute their
tasks efficiently and effectively. They are management by exception and
critical success factors (CSF).
(i) Management by Exception

This technique is applied when a manager takes action only if an
activity occurs out of the fixed performance and norms. Therefore, as
long as the firmÊs activity is within the performance parameter, the
firm is considered as stable. This technique is implemented by
comparing the actual standard and performance of the system

produced by the information processor. For example, the total

number of fans produced is fixed between 500 and 800 units per day;
the manager will do a follow-up if the production does not achieve
this target. The management by exception technique can be executed
by the computer-based information system (CBIS). Therefore, the
manager can effectively focus on other tasks.
(ii) Critical Success Factors (CSF)

The management technique that uses the same concept as the
management by exception is known as the critical success factor
(CSF). CSF is the technique used by managers to identify several main
factors which bring success to a particular function. Usually, the
organisation determines several CSFs that need to be completely
fulfilled. CBIS supports CSF by producing the information for the
manager.
CSF and management by exception are similar in terms of the

emphasis on certain parts of the system as compared to the entire
system. The difference is that CSF remains constant in the long term
while management by exception can change according to time.
2.3.3 Environment
In the general system model, resource flows into the firm from the environment
and will return to the environment after the transformation process. The
environment completes the general system model, as shown in Figure 2.9.
Physical resources enter the physical process and conceptual resources
(information and data) enter the information processor to be stored or used by
the manager. It can also flow to or from the environment.

Figure 2.9: The general model system of a firm
2.3.4 Problem Solving

The manager will make several decisions when solving a problem. Decision
making is an action taken following a decision or strategy that is considered to be
a better solution to the problem.
System development is closely related to the activities of problem solving in

business or the opportunity to use information system to increase organisational
efficiency. The information system can greatly help the organisation to perform
its daily activities as well as expedite and facilitate the decision making of the
management.
First, we need to understand the concept of problem solving before learning

about the method for system development. Refer to Table 2.1 for important terms
related to problem solving.

Table 2.1: Important Terms in Problem Solving
Term Explanation
An undesirable or complex situation which will lead to negative
Problem
consequences.
Problem A process or an activity that is performed to overcome a problem or to
Solving grab an opportunity so that the negative consequences can be avoided.
An outcome that has been agreed upon to plan the next step and
Decision
action.
Trouble or Sign The source of problems.
SELF-CHECK 2.4
In your opinion, why should the solution to a problem be planned

carefully and what are its components?
(a) Problem-solving Element

For better problem solving, the manager should deal with several elements.
The problem-solving elements that must be identified are shown in
Figure 2.10.
Figure 2.10: The problem-solving elements

Standards show a desired situation, which is the performance that needs to

be achieved by a firm, while information shows the current situation, that
is, the actual achievement of the firm. The manager must achieve both to
know if a problem exists. Problems occur when there is a difference
between standards and information.
A problem will occur when the actual performance is either higher or lower
than the standard. Therefore, a problem can give an advantage or
disadvantage to the firm. It may be better to give a higher standard so as to
maintain good performance. On the other hand, if the firmÊs performance
cannot achieve the standard, we need to investigate the reasons why the
problem occurs.
When the problem is identified, the manager needs to determine several

alternative solutions by using the information from other staff or his or her
own experience.
The information system can be used to evaluate each alternative solution.

The evaluation has to consider any constraints within and outside the firm.
Internal constraint is limited resources in a firm.

External constraint refers to constraints from the firmÊs environment
which limit the flow of the resources to and from the firm.
Problems that are often faced by an organisation occur because of two

reasons, which are:
(i) Internal influence: This may originate from staff or human resources,
raw material supply management, and others.
(ii) External influence: For example, the political situation of a country or
the world, economic stability, government policies, competitors,
suppliers and customers.
(b) Problems and Symptoms

The difference between problems and symptoms must be understood.
Symptoms are situations resulting from a problem. The manager can
always observe the symptom as compared to the problem. To understand
the cause of the problem, the symptoms need to be studied carefully.

For example, a doctor will study the symptoms to know the cause of a
disease. In the same vein, managers must study the symptom of any
circumstance such as reduction in sales; the actual problem is why sales
have decreased.
(c) Problem Structure

Problems have a structure that influences the way they are solved.
A structured problem is a problem that has certain elements and the

relationship between the elements can be clearly understood and seen.
For example, the equation „profit = sale-cost‰ can explain why the firm's
profits increase or decrease.
Some problems are not understood by the manager and they are known as
non-structured problems. The problem of human behaviour is an example
of this type of problem.
A non-structured problem is a problem that does not have elements or

relationships that are understood by the problem solver.
Most problems often faced by the manager are combinations of structured

and non-structured problems.
Semi-structured problems have parts of elements or relationships that

are understood and parts that are not understood.
One example is the choice to produce new products. However, several

elements like cost and quantity of raw materials, suppliers and promotional
costs can be explained clearly. But some elements like customer reception
and percentage of profits are difficult to estimate.
The three types of problems are summarised in Figure 2.11.

Figure 2.11: Three types of problems
Problem solving is not the task of a manager alone. It is the responsibility of all
parties, especially individuals who are experts in the field related to a problem.
SELF-CHECK 2.5
How can a problem be identified in a firm? Discuss.

2.4 SYSTEM APPROACH

A system approach is a step-by-step guide to solving a problem by ensuring that
the problem can be understood, an alternative solution is identified and the
solution chosen is effective. Look at Figure 2.12 to see the phase involved in
problem solving.
Figure 2.12: System approach in problem solving
ACTIVITY 2.4
How does the system approach help to solve a problem? Discuss.

2.5 PREPARATION PHASE

The steps in this phase do not have to be executed sequentially.
(a) Step 1 ă View the Firm as a System

You must imagine the firm as a system by using the general system
concept. You must map your firm using the general system model.
(b) Step 2 ă Identify the Environment System

You must identity the firmÊs environment which consists of customers,
suppliers, competitors, owners or stockholders, unions, financial
community, government and global community.
(c) Step 3 ă Identify Every Subsystem in the Firm

Subsystems in the firm can be viewed from many aspects. Departments or
units within the firm can be viewed as subsystems, as shown in Figure 2.13.
Figure 2.13: A firmÊs departments as subsystems
Subsystems in the firm can also be viewed as management levels. These

subsystems have a „superior and subordinate‰ relationship and are connected by
the flow of decision information and decisions. Decisions and orders made by top
level management are channelled to the entire organisation. Hence, the manager
can see the importance of information clearer through this management hierarchy.

When the manager views his firm as a system that comprises several subsystems,
he or she has understood the systemÊs concept and achieved the objectives of the
phase. At this stage, the manager is ready to use the system approach in solving
problems.
2.6 DEFINITION PHASE

When a problem is identified, the manager can seek the assistance of the analyst
to explain and help him understand the problem. The analyst has the expertise to
derive the problem, which is not clearly defined, to specifications in the form of
model, documentation and diagram for a new or upgraded system. Several
information-gathering methods like interviews and observations can be used by
the manager to understand the problem.
This phase consists of two main steps, which include continuing from the system
level to subsystem and analysis of parts of the system according to certain
sequences.
(a) Step 4 - Continue from System Level to Subsystem

When a manager wants to understand a problem, he will initiate the
analysis of the system under his responsibility. The system consists of the
firm or one of the firmÊs units. The analysis will continue according to the
systemÊs hierarchy, from one level to another level. You should bear in
mind that systems can exist at every level of the firm and analysis can be
initiated at any subsystem in the firm.
Firstly, the manager studies the status of the firm in the perspective of its
relationship with the environment. Among the questions studied are:
(i) Whether the firm has a balanced relationship with its environment;
(ii) Whether the flow to and from the firmÊs environment occurs as it
should; and
(iii) Whether the system achieves its objective in producing products and
services for its environment.
Then, the manager analyses the system from the aspect of the subsystem.
Every subsystem will be studied to see whether it functions together with
other subsystems to achieve the systemÊs objective.
Briefly, this step aims to identify subsystems that are problematic so that
the problem can be addressed.

(b) Step 5 - Analysis of Part of the System According to Certain Sequences

The elements of the system are analysed according to certain sequences when
the manager studies every level of the system. Sequences arranged according
to this priority (for example, 1 is analysed first, followed by 2, 3 and so on) are
shown in Figure 2.14. From this, problem in the fifth element cannot be solved
if there is a problem in the fourth element.
Figure 2.14: Analysed system element sequences
(i) First element

Evaluate the standard. The standard for system performance is
determined in certain quantitative forms such as amount, percentage and
finance. The standard elements are analysed to ensure the following
criteria are fully met:
 Have a valid value. The standard is supposed to be in line with the
systemÊs objectives and is able to measure the systemÊs
performance well. For example, if the systemÊs objective is to
reduce cost, the use of sophisticated IT components is an
inappropriate standard.
 Realistic. If we fix profits at 50%, we may be unable to achieve it if
the business is just starting or if we have been achieving 10% profit
all the while.
 Easily understood by individuals responsible for implementing it.
 Can be measured in clear units. For instance „minimum cost„ is not
as clear as „reduction costs by 15% in manpower usage and 20% in
paper usage‰.

(ii) Second element

Compare system output with the standard. Once it was determined
that the standard has been fulfilled, the manager would evaluate the
system output by comparing it with the standard.
As mentioned above, a problem exists when there are differences

between output and standard. If the output is lower than the
standard, the root cause of the problem will be studied. If the output
outscores the standard, the latter might have to be increased to ensure
continuous good achievement.
(iii) Third element

Evaluating management. Management and organisational structure
are critically assessed from many aspects. Among the management
aspects analysed are quality and quantity of cooperation between
teams, whether the number of managers are sufficient as well as the
skills and capabilities of the manager. The organisational structure is
also evaluated to see if it contributes to the problem. If need be, the
organisational structure can be changed by adding new units or
changing the administration structure.
(iv) Fourth element

Through the information processor. Unreachable or insufficient
information may exist even though the existing management is
sufficiently good. If problems exist, the information system has to be
re-evaluated to provide the required information.
(v) Fifth element

Evaluate input and input resources. If there is no problem with the
first four elements, the conceptual system is confirmed to be problem-
free. The problem occurs in the physical system. A survey is
conducted based on the physical resources in the input element and
resources which flow into the input element from the environment.
For example, is the warehouse storing sufficient raw materials and is
the supplier providing good quality raw materials?
(vi) Sixth element

Evaluate the transformation process. Incomplete procedures and
processes may affect the input transformation into output. The
efficiency of the transformation process can be increased with the help
of technologies such as robots, machines and computers.

(vii) Seventh element

Evaluate output resources. This refers to the final output or products
produced. Focus is given to the physical resources in the output elements
like warehouses which store finished goods, manpower and machines
which come under the delivery and transportation department.
2.7 SOLUTION PHASE

The solution phase revolves around the determiner of the solution alternative,
the selection of the best solution and its execution.
(a) Step 6: Identify Alternative Solutions

Several different alternatives are identified to solve the same problem in
order to get the best solution. Managers usually use past experiences or
intuition in this step.
Managers always solve problems as a group. This group uses a

brainstorming method to find ideas to solve a problem. Do you still recall
the Joint Application Design (JAD) in the SSADM module? This is a formal
method that can be applied with the assistance of a facilitator.
What happens if your business is facing financial problems? What is the

alternative solution? You can: (1) obtain a loan; (2) increase sales by offering
discounts and promotions; or (3) reduce manpower.
(b) Step 7 - Evaluation of Alternative Solutions

Every alternative must be evaluated using the same evaluation criteria, that
is, the stage where the alternative can be used to solve problems in the best
possible way and the extent to which the alternative fulfils the system's
objectives. Evaluation can be considered as a way of finding the advantages
and disadvantages of each alternative.
(c) Step 8 - Choose the Best Solution

The next step after the evaluation of the alternative is choosing the best
solution. Mintzberg identified three methods which can be used by the
manager for this purpose.
(i) Alternative analysis is evaluated systematically by considering the
effects of the alternative towards the organisationÊs aims.

(ii) Consideration - the thought process of a manager. For example, a

department head uses experience and intuition to decide whether an
appeal from a student who is about to be expelled should be accepted
or rejected.
(iii) Bargaining - Discussions between a group of managers.
(d) Step 9 - Executing the Solution

A solution is achieved once a certain action has been executed. For
example, after a decision to obtain a loan is made, the procedure to apply
for the loan should be initiated.
(e) Step 10 ă Follow up to Ensure the Solution is Effective
The manager must continuously monitor the situation after the solution is
executed to determine if the problem has been satisfactorily resolved. If
anything undesirable occurs, action must be taken to correct the situation.
SELF-CHECK 2.6
The solution phase is the last phase in the approach of a system. In
your opinion, what action can be taken if the solution is not found?
SELF-CHECK 2.7
1. Define the following:

(a) Standard
(b) Problem
2. What is the advantage of models? What is the advantage of the

mathematic model compared to other models?
3. Which general model system elements provide the required

information? Describe a current situation.
4. What or who should be solving structured problems;

unstructured problems; and semi-structured problems?
5. Clarify the methods used to split the firm into subsystems.

 A model is a representation of an object, concept or real activity, known as

entity.
 There are four types of models, namely, physical, narrative, graphic and
mathematical.
 The general model system can be used to analyse various types of

organisations.
 The model has a standard which determines the systemÊs performance that
needs to be achieved and information processor which produces information
for the actual performance of the firm.
 The information produced should have four important dimensions, namely,

relevance, accuracy, punctuality and completeness.
 This information can be used by the manager to execute two techniques of

management ă Management by Exception and Critical Success Factor.
 Problems exist when there are differences between information from the
standard and information processor. The manager solves the problem, which
affects the firm either in a positive or negative manner.
 The problem is classified as structured, semi-structured or non-structured.
 The system approach can be used by the manager when solving problems.
The system approach consists of three phases, namely, the preparation,
definition and solution phases. Every phase has certain steps that can be used
as guidance.
Model Structured problem

Non-structured problem Subsystem
Problem-solving System
Semi-structured problem

Topic  Information
3 Technology
Support and
Strategy in the
Organisation
LEARNING OUTCOMES
1. Explain the architecture and infrastructure of information
technology;
2. Describe three types of organisational structures for business
organisation;
3. Analyse the relationship between an organisation and information
technology;
4. Assess the steps that should be taken in information technology
management;
5. Discuss the usage of information technology in organisational
strategies; and
6. Discuss the strategies at business level and the support of
information system.
 INTRODUCTION
The development of information technology facilities is closely related to the
business objectives of an organisation. This is evident from research on the
requirements of information for enhancing organisational results. Therefore,

TOPIC 3 INFORMATION TECHNOLOGY SUPPORT AND  55
STRATEGY IN THE ORGANISATION
information technology facilities are actually very closely related to the

organisational structure and are based on the main functions of the organisation.
This is further extended to the support that information technology provides in
fulfilling as well as enhancing the organisational strategies.
In this topic, you will also be exposed to the business strategy concepts such as
strategic management, the Porter value chain model, supply chain management,
industrial level strategy and how these concepts are related to information
system.
3.1 CAPITAL STRUCTURE OF A COMPANY

Today, information is a crucial factor in the success or failure of an organisation.
In this regard, an organisationÊs business objectives should include the proficient
use and management of information so that it may function efficiently with
optimum production.
Organisational information needs are manifested based on the analysis of the

information requirements. From one perspective, the technology emerging is in
the form of IT applications such as software that needs a suitable environment
for it to function. In order to achieve this, an appropriate information design is
needed.
Information architecture is the mapping of the information needs of an

organisation, its direction, management and implementation, both now and for
the future.
The realisation and implementation of this information technology requires

certain support infrastructure involving equipment and software. We can see this
relationship illustrated in Figure 3.1.

56  TOPIC 3 INFORMATION TECHNOLOGY SUPPORT AND
Figure 3.1: Relationship between organisational needs and information technology

architecture and information infrastructure

Look at Figure 3.1 carefully. Can you see, in general, the effects from this
relationship on the approach for constructing information architecture and the
usage of information technology in the organisation? Information technology
planning and information technology usage begin from the top. The use of
technology must begin with an analysis of the organisational needs in the context
of the business the organisation is in. It must also support the organisationÊs
business planning and objectives. Therefore, the process of designing
information technology involves current and future users, as well as the
management and planning personnel in the organisation. It is not the work of
technologists alone.
Only at the end of the process of designing information architecture would the
technology be chosen to support operational processes.
ACTIVITY 3.1
1. Visit the website for General Electric (www.ge.com) and compare it

with the website for Kodak (www.kodak.com). Differentiate the
organisational objectives of these two websites.
2. Plan an approach for developing an information architecture from
the bottom, which is by looking at the current available technology.
Then, suggest the information technology development that can
operate it. Following this, compare it with the approach discussed
previously.
3.2 UNDERSTANDING ORGANISATIONAL

STRUCTURE
Understanding organisational structure is important for knowing the role of
information technology in an organisation. An organisation is usually structured
based on the division of smaller units in order to facilitate the administrative and
management functions. This division can be based on location, function and
other characteristics. Important factors that influence organisational structure are
the size and location. Both these factors rely on the type of business the
organisation is involved in, whether in the form of a service offered or the
production of goods, and the companyÊs characteristics of being either local or
global.
An organisation usually has a single head office that is the location for policy
making, strategic planning and company performance analysis. Going down

another level, this company may be divided into divisions that may be located in
different sites.
These divisions will then be divided further into units. In an organisation that
does not have many branches in many different places, the division may be
based on function, that is, a division or unit represents a certain function.
The smallest unit that performs the main functions of the organisation is called a
department. Normally, an organisation is divided into the following departments
(there could possibly be more departments):
(a) Accounts;
(b) Finance;
(c) Sales and marketing;
(d) Production and operation management;
(e) Human resource management; and
(f) Information systems.
3.2.1 Types of Organisational Structure

There are many types of organisational structure. In general, we can divide these
different structures into three forms:
(a) Traditional or hierarchical;
(b) Project based; and
(c) Matrix or multidimensional.
Let us look at these structures in detail.
(a) Traditional or Hierarchical Structure

A hierarchical structure is a basic structure that is most widely used in
organisations today. In this structure, the strategic and planning roles are
placed at the highest levels, while production and implementation are
placed at the lower levels. You can see this structure illustrated in
Figure 3.2.

Figure 3.2: Example of a hierarchical organisational structure
In this hierarchical structure, the organisation is viewed as a structure with

the highest level having more power and authority than the level below.
The number of levels differs among organisations in accordance with the
goals of the organisation. The trend adopted today is to reduce the number
to the minimum. This means that more power and authority are passed
down to the next level in certain situations. The effect is that more
information must be made available to the lower levels so that decisions
can be made more effectively.
(b) Project-based Structure

In the hierarchical structure, the division of segments is generally based on
the area or zone (division). If this division is made based on the type of
main product or service (if the company offers a service), then it is known
as a project-based organisational structure. Look at Figure 3.3 to get a
general idea of this type of structure.

Figure 3.3: Example of a Project-based organisational structure
A team that is based on a project can sometimes be characteristically

permanent and has ad hoc or temporary features based on the duration of
that project. In this structure, the main basic organisational functions such
as finance, accounts, marketing and production are normally placed at the
bottom of a group or division based on the project.
(c) Matrix or Multidimensional Structure

In general, a matrix structure is based on a project but with a significant
difference, that is, the group members can be from different projects; on the
other hand, the project-based structure limits the members of a project to a
single grouping. Figure 3.4 shows an example of the matrix structure. In the
example, each group is placed under two superiors (division leader and
manager).
Figure 3.4: Matrix structure ă this arrangement forms a matrix figure

The group in this matrix is a permanent group that is directed to manage a

series of special projects. A problem that arises in this type of structure is
the existence of two command flows from two different superiors. This is
because its basic characteristics are from the crossings between different
groups.
SELF-CHECK 3.1
List the types of organisational structures and compare them from the
perspective of the most appropriate structure at a given time.
3.3 IMPLEMENTATION OF INFORMATION

TECHNOLOGY IN ORGANISATIONAL
STRUCTURE
Looking at the forms of organisational structure that we have discussed earlier,
we can determine the implementation of information technology based on the
levels of organisational units. Table 3.1 shows the examples of information
technology support that can be given by information systems in each level of the
organisation.
Table 3.1: Levels of Information Systems
Level Characteristic
Departmental Level Collaboration of small programs developed by each
department to support other departmental functions. This
covers the human resource management information system
and accounts information system.
Plant Level Collaboration among departmental information systems. This
generally enables a connection among departments to be
performed to enable employees to work together using a
computer system.
Divisional Level Collaboration of plant information systems.
Enterprise Level Collaboration of divisional information systems.
Organisational Level An information system that is larger and more complex that
can provide a connection of information systems among
organisations. This system enables the same information to be
used among different organisations.

3.4 INFORMATION TECHNOLOGY

MANAGEMENT
Today, the importance of information technology to many organisations can no
longer be denied. However, not all implementation or use of information
technology in organisations or business companies has borne fruit as hoped.
There have been many cases where reliance on information technology without
any comprehensive form of information technology management has resulted in
negative effects, such as decrease in profits and operational turbulence in
performing the daily activities. For example, the failure of information
technology caused the operations at the new Hong Kong airport to be halted for
several days. A similar occurrence was experienced by the company Hershey
Foods in the United States in 1999 when the failure of newly installed
information technology caused losses and a fall in profit that amounted to more
than USD20 million during the third quarter of that year. This scenario made the
issue of information technology management very critical.
In general, the aim of information technology management is to stabilise the

technology so that it can be accessible and at the same time enable the technology
to be adaptable to changes and needs that go beyond boundaries.
Let us now continue our discussion on the important aspects of information

technology management.
3.4.1 Goals of Information Technology Management

Briefly, the goals of information technology management can be divided into two
parts:
(a) Ensuring continuous technology in a stable condition
Stability is measured by consistency and reliability. Consistency enables the
technology to be used with an interface that is uniform wherever it is
accessed from. Reliability refers to the capability of the technology to
guarantee that its performance at any given time is as it should be at any
other time.
(b) Ensuring that technology can be adapted according to changes that occur
Change is inevitable for advancement. Hardware technology and computer
software change relatively quickly. This change will create problems for the
user if proper management and planning are not performed. The question
that arises here is how can a person manage the information technology
requirements according to the changes? The answer is that all changes in
technology need to be anticipated and planned for even earlier.
3.4.2 Managing Information Technology

Organisations
The trend for managing a companyÊs information technology organisation today
is by adopting a combination of a centralised and a non-centralised control
infrastructure. This development follows the change in the computing trend. The
change to this form of distributed technology has caused the organisational
structure in managing information technology to become distributed as well.
The use of a distributed system has caused the resources of computers to be

distributed to different computer systems in the computing platform. For
example, a database is no longer placed in a centralised mainframe computer;
rather, it could be in a server computer located in a different department from
the client computer that is accessing the database. This causes IT support staff to
be placed at different departments, which changes the structure of past
information technology management.
3.4.3 Functions of an Information Technology

Organisation
What are the tasks or functions of an information technology organisation? They
are summarised in Figure 3.5.
Figure 3.5: Functions of an information technology organisation

3.4.4 Forms of Information Technology Organisation

Implementation
Look at Figure 3.6, which illustrates the forms of information technology
organisation implementation.
Figure 3.6: Information technology support structure
In todayÊs business environment, many forms of implementing an information

technology support structure are being used (refer to Figure 3.6). These include:
(a) Internal Department

Establishment of an information technology department on its own,
equipped with a special function to support the implementation of
information technology in the company.
(b) Subsidiary Company

Establishment of an information technology subsidiary company as a
separate business entity that has two functions ă supporting the
implementation needs of internal information technology and at the same
time, providing services in the form of business to external companies.
(c) Privatisation
Privatisation of information technology support services wholly to external
companies known as system integrators. These companies offer services in
several forms such as:
(i) Application service provider (ASP), which usually focuses on the

service needs of a company with regard to software including
databases, company resource planning and customer relations.
(ii) Business service provider (BSP), which develops Internet software
that can be bought through Web technology.

(iii) Internet service provider (ISP), that is, a company that provides a
service to connect the customers to the Internet and related services.
(iv) Wholesale service provider (WSP), which provides grouped
application packages that are distributed through the Internet.
In the next subtopic, we will discuss the aspects of how information technology
can be used to support the organisationÊs business strategy.
SELF-CHECK 3.2
1. What are two main objectives of information technology
management?
2. Discuss three important aspects in information technology
management.
3. Explain four functions of information technology organisation.
4. Differentiate between the following private information
technology support services:
(a) ASP (c) ISP
(b) BSP (d) WSP
3.5 USAGE OF INFORMATION TECHNOLOGY

IN ORGANISATIONAL STRATEGIES
Strategic planning is the nerve of an organisation, particularly a business entity
which competes in the knowledge-based economy. How far the organisation can
withstand the competition is based on effective and efficient strategic planning.
Information systems can assist managers when executing good strategic
management.
We will now continue our discussion on the strategic management concept, the
Porter value chain model, supply chain management, industrial level strategy
and information system which cover the competitive and network economy. You
must know that each information system discussed in this module is integrated
within one another. The information systems can solve organisational problems.
Effective strategic planning can integrate information systems in an organisation.

3.5.1 What is Strategic Management?
Strategic management is management which can change the objectives,

operations, products, services and environmental relationships of an
organisation in efforts to assist the organisation to achieve competitive
advantages. Generally, strategic information systems can do the same.
An effective management can assist the information system of the organisation.

Strategic information systems can be used at every level of the organisation and
it is more comprehensive and detailed compared to other systems.
Strategic information system changes the way a firm handles a business and
transaction in depth and in detail. Generally, there is no complete strategic
system. What is available is a few systems operating at different strategic levels
whether at the business, firm or industry levels, and these systems combine to
become what is known as strategic information systems.
SELF-CHECK 3.3
Imagine that you are working in a recruitment agency. In your

opinion, do you think support staff need to know the strategic
direction of the organisation? Why?
3.5.2 Strategy at the Business Level and the Value

Chain Model
At the business level, the main question is "How can an organisation compete in
the market?" The market may be automobiles, microchip boards or cables.
Generic strategies at this level are as follows:
(a) Become a low-cost producer;
(b) Differentiate between product and services;
(c) Change the scope of competition by enhancing the market to enter the
global market; and
(d) Decrease the market by focusing on smaller niche markets.

ACTIVITY 3.2
In your opinion, how can support staff contribute ideas and expertise to
make the organisation competitive in the market?
3.5.3 Use of Technology in the Value Chain

The commonly-used model at the business level is the Porter value chain model.
The model proposes specific activities in the business in which these activities are
the competitive strategies which can be used as best as possible
The value chain model can assist in increasing competitive forces by identifying
the focus point of the critical and specific influence where information
technology can be used effectively to reinforce the position in the competition.
This model views the organisation as a network to fundamental activities which

can increase the value to the products and services of the firm. Now, refer to
Figure 3.7, which shows the relationship between activities in the Porter value
chain model.
Figure 3.7: Use of technology in the Porter value chain model

Now, can you get the main idea of the Porter value chain? By looking at
Figure 3.7, you may find that the activities can actually be categorised as:
(a) Primary Activities

Primary activities are activities related to the production and distribution of
products and services which create value for the customers. These activities
include logistics, operations, sales and marketing.
(i) Logistics activities refer to the acceptance and storage of goods for the
distribution process right up to the production activities.
(ii) Operation activities refer to the change of input up to a finished
product.
(iii) Sales and marketing activities include efforts to promote and sell
products and services of the organisations.
(b) Support Activities

Support activities are needed to ensure that primary activities can be
implemented and they include the organisation's infrastructure
(administration and management), human resources (recruitment, waging
and training), technology (enhancing the product and production
processes) and procurement (to get the input).
Organisations gain a competitive advantage in business if they can prepare

more valuable products or services; or if they can provide products and
services of the same value but at a much lower price to customers. A
strategic information system can give a strategic impact by helping firms
produce products and services at a lower cost compared to other
competitors; or it can help produce products or services at the same cost
but with higher value.
3.5.4 Information System Products and Services

Organisations can create brand excellence by creating new products and services
which can be easily differentiated from products and services offered by other
competitors. The new products and services cannot be imitated by existing
competitors or potential competitors. Producers have started to develop
information systems to develop products and services which can be modified to
meet the requirements of customers.
Businesses can develop new scopes for their markets by differentiating the focus,
that is, by identifying specific targets for each product and service so that both
can deliver the best service. A firm can offer better products and services to a

specific target compared to currently available products and services offered by

the competitors. Information systems can give a competitive advantage to firms
by producing data to enhance sales and marketing techniques.
Such an information system considers information as a source that can be used

by the organisation to increase the profit margin and to control the market. It also
enables the organisation to analyse purchasing patterns, tastes and priorities of
their customers so that the organisation can direct advertising and marketing
towards a focused market. Data mining tools software finds data patterns from a
large group of data while using guidelines for decision making.
Data can be gathered from a huge group of information resources such as credit
card transactions, purchasing data from points of sale, and demographic data
from websites. Companies can collect data internally or purchase the data from
other organisations. Through pattern assessment of customer purchasing,
companies can define a detailed image on purchasing interest, develop a
relationship with customers and prepare specific products and services.
3.5.5 Supply Chain Management and Effective

Customer Response System
Inventory management can burden organisations. When goods are in the
warehouse or workers are not fully utilised, firms have to bear the cost without
any income. To overcome this problem, many organisations use information
technology to delete or reduce inventories.
An information system for strategic management is good for suppliers. Suppliers

can monitor product specifications, factory scheduling and customersÊ
commitment in order to ensure the inventory is sufficient. When the inventory
system is operated smoothly, this efficiency and facility will prevent their vendor
customers from buying from their competitors. Figure 3.8 shows the relationship
between strategies at various levels of business.

Figure 3.8: Business level strategies

3.5.6 Industrial Level Strategy and Information

System: Competitive Forces and Network
Economy
Firms comprise industries such as the automotive, telecommunications,
television broadcasting and forestry industries. The strategic question at this
point of analysis is "How and when to cooperate with other firms in the same
industry?" The majority of strategic analysts stress on competition but data can
be gained by cooperating with other firms in the same industry or related firms
in the industry. For example, firms can cooperate to develop industrial standards
in specific industries; they can collaborate to develop customer sensitivity and
work in groups with vendors to reduce the cost.
3.5.7 Information Partnership

Recently, many companies have been using information systems to achieve a
strategic advantage by joining partnerships with other firms where, through
these partnerships, all firms cooperate by sharing information or services. These
partnerships are normally information-sharing partners in which two or more
firms share data to get mutual advantages.
This partnership enables firms to get new customers, open new opportunities for
cross-selling and product targets, as depicted in Figure 3.9.
Figure 3.9: Information partnership

They will share to purchase hardware and software. Sometimes, traditional

competitors can gain benefits from this partnership. At the industrial level, two
types of analytical models are used:
(a) Competitive force model; and
(b) Network economy.
Let us now discuss these analytical models in detail.
(a) Competitive Force Model

In the competitive force model, a firm might face various challenges and
opportunities, challenges from new competitors entering the market and
other companiesÊ products and services taking over the position of the firm.
In addition, there is the pricing power by customers, suppliers and
traditional industrial competitors to deal with.
Competitive advantages can be achieved by increasing the firmÊs capability

to handle customers, suppliers, replacement products and services, new
entrance of competitors into the market, where this will probably bring
changes to the balance of power between the firm and its competitors in the
industry.
(b) Network Economy

The second strategy which is useful at the industrial level is the network
economy. In a network economy, when there is a new customer, the
marginal cost will not increase, while the marginal profit will increase. The
value of the phone or Internet system will increase with more users. The
cost involved in managing a television station which has 1,000 users and 10
million users is similar.
From the perspective of the network economy, information technology can

be used strategically. Firms can use websites to develop a community of
users such as users who want to share their experiences. This will establish
loyal users and a good relationship with them.
ACTIVITY 3.3
Do you think countries need partnership blocks such as the European
Union or East Asia Economic Cooperation? Discuss.

3.5.8 Internet Usage in Business

Through the various services offered by the Internet, an organisation enjoys the
following benefits as well as opportunities:
(a) Global relations for companies or enterprises to expand and manage the
international branches and business units;
(b) Reduction in communication costs and business costs;
(c) Facilitation of communication and coordination;
(d) Expeditious information dissemination;
(e) Promotion of electronic commerce and business;
(f) Interactive marketing. The Internet enables an organisation to interact
directly with clients through online discussion groups, bulletin board
systems, electronic questionnaires, mailing lists, electronic newsletters and
electronic mail; and
(g) Facilitation of the implementation of strategic collaborations between
organisations and customers, suppliers, consultants, contractors or
competitors.
An enterprise may fully benefit from the Internet in its organisational

connections by using all the facilities offered by the Internet to connect all its Web
pages at the global level, while the intranet can be used to contact its subsidiary
companies at other locations. The extranet can be fully realised to form relations
with its other partners.
The use of the Internet in business has helped form millions of new businesses
that operate at a minimal capital cost but encompass the whole world. It also
helps the organisation to save cost on internal and external communication. How
can this happen? It is done through several forms of creative and productive
Internet use. Figure 3.10 shows briefly the use of the Internet in businesses.

Figure 3.10: Internet usage in business
(a) Collaborative Enterprise Communication

These are applications that support communication, coordination and
corporation among members in a work group or business team like
workers and external consultants in a project that make use of the Internet,
intranet and extranet to support electronic mail, video conferencing, and
the like.
(b) Electronic Commerce (e-commerce)

The Internet, Web pages as well as Internet-based technologies like the
intranet and extranet provide a global connection between companies,
clients and suppliers. They encourage electronic trading activities like
marketing, purchasing, selling, and support for products and services
performed through this work web.
(c) Internal Business System

Internet-worked e-business application supports the process and operation
of internal business of a company. For example, a worker may use the
intranet enterprise information portal to access information about the
remaining number of leave that has been taken or apply for leave. The
company could also join the intranet with the Internet and this would make
it easier for workers or the management to obtain information about their
company wherever they may be.
(d) Web-based Discussion Forums

Now, discussions among workers can be conducted through the Internet.
The message that needs to be sent to all parties can be done quickly and
effectively through USENET, for example. Replies can also be received
instantly.
(e) Mining Data with Intranet Search Tools

The Internet has an efficient data searching mechanism through the use of
the browser. This technology enables the user to find information by using
a user friendly interface.
 The need for information technology architecture has become the supporting
structure or platform for the implementation of an information system.
 The goals of managing information technology are to ensure that information

technology functions efficiently and is adaptable to changes, thereby
achieving organisational objectives.
 To use such technologies to reap strategic benefits, organisations need

efficient planning and management.
 The use of a strategic management system may require the organisation to

change its business objectives; its relationships with its customers and
suppliers; its internal operations; and its information architecture.
 The three types of organisational structure are: traditional or hierarchical;

project-based; and matrix or multidimensional.
 When an organisation makes the information system part of their corporate

strategy, the internal structure of the organisation also needs to change to
reflect current developments.
 Managers need to restructure all organisational processes so that they can

take advantage of sophisticated information technology. Such changes will
bring changes to the organisational borders (internal and external).

 Suppliers and customers need to closely communicate and perhaps share the
responsibility to fulfil demands.
 Managers need to find a mechanism to coordinate their firmsÊ activities with

customers, suppliers and other organisations.
Information architecture Project-based structure

Matrix structure Support infrastructure
Organisational structure Traditional structure

Topic  Information
4 Systems
Integration in
the
Organisation
LEARNING OUTCOMES
1. Explain the processes involved in information system planning;
2. Explain the aspects involved in redesigning the organisation with
information system;
3. Examine information system support for various levels of
management;
4. Explain Management Information System (MIS); and
5. Explain Transaction Processing System (TPS).
 INTRODUCTION
In order to achieve success, an organisation needs a detailed and effective
planning process. The management plays a very important role in this process.
Failure to formulate an effective strategic plan will cause the organisation to lag
behind its competitors in the market.

78  TOPIC 4 INFORMATION SYSTEMS INTEGRATION IN THE ORGANISATION
In this topic, we will look at the contribution of information systems in helping

the management to conduct better and more effective planning. Information
system serves as the main tool for competing in the world of business.
Redesigning an organisation with an information system is a wise step by the
management if it intends to compete in a world without boundaries.
Many successful organisations owe their achievements to the skills of their

management in using information systems in their daily business activities.
Many organisations had to close down because they could not compete in the
wave of information technology.
You will also learn about two important and popular information systems used
in organisations, namely, Management Information System (MIS) and
Transaction Processing System (TPS).
4.1 REDESIGNING THE ORGANISATION WITH

INFORMATION SYSTEMS
Redesigning an organisation with an information system is not easy. There has to
be detailed planning so that the information system fully supports the main
activities of the organisation.
4.1.1 Information Systems and Organisational

Planning
Information system planning has to be performed after all parties have agreed to
redesign the organisation using an information system.
Information system planning is a process using goals, strategies, objectives

and organisational information to identify and select a system that will be
developed and a suitable time to develop it.
Before the planning of an information system can be done, several matters need
to be given attention, especially by the upper management. Some of them are:
(a) The upper management must accept information technology as an
important resource for overall organisational activities.
(b) The use of an information system in the organisation must be planned like
how other complex resources are planned. An information system
comprises not only computers, but also hardware, software,
telecommunications, people, procedures and data.
TOPIC 4 INFORMATION SYSTEMS INTEGRATION IN THE ORGANISATION  79
(c) Information technology is a resource that is owned by all organisational

staff, not only the Information System Department.
(d) The upper management must recognise the information system as a
resource to achieve strategic goals, not merely as a support for problem
solving.
Once the management understands these points and agrees to the use of an
information system for the overall activities of the organisation, the planning of
the system development can commence.
Appropriate planning and consideration ought to be given attention to ensure

that the information system developed is not merely completed within the
prescribed time and budget, but its implementation can be accepted by all parties
involved.
There are several steps to ensure the success of the information system planning
process. Figure 4.1 shows the steps necessary in the planning of an information
system.

Figure 4.1: Steps for information system (IS) planning
A brief explanation for each step is as follows:
(a) Corporate Mission

Strategic planning starts with the corporate mission that details the overall
goals and aims of the organisation. Determining the corporate mission is
important because each organisational function will be focused on that
mission.

(b) Information System Mission

The management of the information system plans the mission of the
information system based on the goals of the organisation. The mission
encompasses the goals to be achieved with the use of an information
system that is consistent with the goals of the organisation.
(c) Information System Vision

The manager of the information system outlines the vision of the
information system in relation to the hardware, software and
telecommunications that can contribute to the achievement of
organisational goals. For example, the customer is allowed to access the
organisationÊs website.
(d) Strategic Planning

Strategic planning of an information system explains in greater detail the
action that has to be taken in relation to information technology and
information system facilities in order to achieve the organisational
objectives. Strategic planning is normally for three to five years.
Strategic planning of an information system must fulfil the following three

criteria:
(i) In line with the organisational strategic planning.
(ii) Prepares the information technology architecture to enable the user,
application and database to be networked and integrated.
(iii) All resources for developing the system must be readily available for
use to guarantee that all the projects will be completed on time,
within the stipulated budget and that it functions properly.
(e) Tactical Planning

Tactical planning explains how and when the strategic goals can be
achieved. Tactical planning is usually made for short periods as compared
to strategic planning. Tactical plans are more detailed and have a more
direct bearing on near-term activities than strategic plans. This plan focuses
on prioritising and scheduling IS development efforts, establishing action
plans for development and performance measures to be used during
operational planning.
(f) Operational Planning

Operational planning is related to the implementation of daily activities by
considering the resources and tasks that have to be performed. Operational
planning must ensure that the information system functions always fulfil

their objectives. This includes addressing the barriers to those functions,

like technology, finance and human resources.
(g) Budget
Organisational activity planning that suits the financial resource.
SELF-CHECK 4.1
Differentiate between strategic, tactical and operational planning.
4.1.2 Standardisation in Planning

It is important to have standardisation in planning. Management should
standardise its information technology when it decides to adopt a certain
information technology resource for all its units.
Standardisation results in several benefits:
(a) Cost savings

When the decision is made to purchase the same hardware or software for
all units in an organisation, it has better bargaining power and can obtain
lower prices from vendors. This applies to purchasing computers of all
classes, as well as licensing software.
(b) Efficient training

It would be easier to train employees how to use a small range of software
than to train them how to use a large range. Less trainer time would be
required; employees would spend less time on training and more time on
their normal tasks. This would save cost by having fewer labour hours
spent on training.
(c) Efficient support

Standardising on a small number of computer models and software
applications enables the IT staff to specialise in the hardware and software
they have to support. The more focused skills make it easier for the
organisation to recruit support personnel, and the users would be more
satisfied with the support service.

4.2 ORGANISATIONAL CHANGE

Designing an information system for an organisation does not simply mean
developing and using an information system in the organisation. The main goal
is to help solve the organisationÊs problems as well as increase work quality,
thereby producing high-quality products or services.
If this goal is not achieved, and the use of the information system adds to the
organisational burden, the management should perhaps think it over.
SELF-CHECK 4.2
In your opinion, what are the changes that may occur in an

organisation with the implementation of an information system.
4.2.1 Organisational Change Due to Information

System
The restructuring of the organisation with an information system will directly or
indirectly affect the daily activities of the organisation. The changes brought by
information technology have to be realised so that the function and task for each
party will proceed smoothly with the use of information system. This change is
normally divided into four parts, as shown in Figure 4.2.

Figure 4.2: Changes brought about by information system

ACTIVITY 4.1
Refer to the book:
Laudon, K. C., & Laudon, J. P. (2013). Management information systems ă
managing the digital firm (13th ed.). Prentice Hall.
Read Chapter 3 (Information Systems, Organizations, and Strategy), and
identify the changes that information systems can bring to an organisation.
4.3 INFORMATION SYSTEM SUPPORT IN THE

ORGANISATION
As we have discussed in Topic 1, various levels of management have different
needs and based on this, they require customised support of their information
system based on these needs.
4.3.1 Information System Support for Various Levels

of Management in the Organisation
Based on the role played by each manager as well as the type of information he
needs, several types of information systems to help decision making have been
developed and adapted for each level. Table 4.1 shows the types of management
and the forms of information system appropriate for their functions.
Table 4.1: Information System Categories for Different Levels of Management
Level of
Category Example
Management
Strategic  SIS ă Strategic Information System
Strategic
Management
Management  EIS ă Executive Information (Support) System
System
Tactical  MIS ă Management Information System
Mid-level Management
 DSS ă Decision Support System
Management Support
System  OAS ă Office Automation System
Operations  TPS ă Transaction Processing System

Operations
Support  PCS ă Process Control System
Management
System  ECS ă Enterprise Collaboration System
 ES ă Expert System
All three levels
Other types  KMS ă Knowledge Management System
of management
 FIS ă Functional Business System

ACTIVITY 4.2
Visit the Amazon online bookstore (www.amazon.com). Observe the

services provided. What is your opinion of this website? What system
category would it be placed under? Share your views with your
coursemates.
(a) Information System for Supporting Operations Management

This information system processes the data produced or used in business
operations. It processes various data for internal and external use by the
organisation. However, it does not provide specific information that is
normally required by the tactical management or upper management. The
process should be performed subsequently by the MIS on the output
produced. The roles of the support system level on operations include:
(i) Processing business operations effectively;
(ii) Controlling industrial processes;
(iii) Aiding communication and collaboration; and
(iv) Updating the corporate database.
Examples of the information systems that are involved are the Transaction
Processing System and Process Control System.
(b) Information System for Supporting Tactical Management

Information system for tactical management assists in the decision-making
functions normally used by middle management. This system plays the role
of accessing, arranging, producing summaries and displaying the
information to assist in the decision-making process. It collects data on
daily or weekly sales, company profit and others, and then it processes the
data to produce a report and report summary for use by mid-level
managers to plan the companyÊs subsequent steps.
It gives focus to the preparation of information and the support for managers
to make effective decisions. It assists in decision making at the highest level
of management, middle (tactical) and also at the operations levels.
(c) Information System for Supporting Strategic Management

Information system for strategic management prepares the latest
information quickly for upper level management, especially information
related to the critical success factors (CSFs) that need to be identified in
order to achieve the set objectives. The system is capable of producing

information and is reported to gain a competitive edge when faced with the
organisationÊs rivals in the global market arena.
4.4 MANAGEMENT INFORMATION SYSTEM

(MIS)
As mentioned in Topic 1, a Management Information System (MIS) is a system
that has information processing capabilities that include collecting, processing,
storing and disseminating data in the form of information through analytical
processing and conveying information to whoever needs it.
The aim of MIS is to develop a viable system to maximise the effective use of
latest data approaches to management practices. It is also aimed at assisting
higher management and managers of organisations, to construct timely and
accurate information not only to decide current and future operations, but also to
identify potential problems that need to be rectified.
With MIS, organisations save valuable time for their workforce and ultimately
save operational costs. Where in the past, business information had to be
manually processed for filing and analysis, it can now be entered immediately
and easily into a computer by a data processor, enabling faster decision making
and quicker reflexes for the organisation as a whole. This had pretty much
helped decisions made in organisations, as effective decision making demands
accurate, timely and relevant information. MIS cannot create business strategies
by themselves but they can assist management in understanding the effects of
their strategies and help enable effective decision making. MIS systems can be
used to convert data into information useful for decision making.
MIS and the information it generates are considered necessary components of

practical and reasonable business decisions in organisations. MIS and business
systems are particularly helpful in the collation of business data and the
production of reports which are used as tools for decision making. Thus, the
success of decision making, which is the centre of administrative process, is
highly dependent partly on available information and partly on the functions
that are the components of the process.
As you should be aware by now, information is absolutely essential to the

survival of an organisation especially in making good and accurate decision. If
the pertinent information required for planning is not available at the
appropriate time, it will trigger situations such as poor planning, poor priority of
needs, inappropriate decision making and flawed programming or scheduling of
activities. Hence, the organisation's system will not be efficient and effective in its

operation. Poor management of information system will definitely create a

bottleneck in the successful management of an organisation.
ACTIVITY 4.3
Can you think of a system that you are using in your learning
institution (registration system, learner management system, etc)?
Can the system that you have identified be categorised as an MIS?
Discuss with your coursemates.
4.4.1 Input and Output MIS

In general, MIS consists of several collections of subsystems that focus on certain
functions or tasks, like Accounting MIS, Marketing MIS and Manufacturing MIS.
For example, Finance MIS consists of several subsystems relating to financial
reports, profit and loss analysis, cost and usage analysis, and fund management.
The input for MIS is information produced from internal data, which is obtained
from the results of the Transaction Processing System (TPS) and external data.
The output is a collection of reports that are distributed to the managers. These
reports are divided into three main categories, which are:
(a) Periodical Report

(i) Produced after a certain amount of time or according to a schedule,
such as daily, weekly and monthly.
(ii) Example: Monthly departmental report
(b) Requested Reports

(i) Produced when requested by the superiors or customers.
(ii) Example: Reports that are requested by the departmental manager
about the number of working hours of a certain employee during that
week.
(c) Unexpected Reports

Produced automatically when an unexpected event occurs that rarely or
has never happened which requires the action of the management.

4.4.2 Characteristics of MIS

The following are the characteristics of MIS:
(a) Prepares reports using a permanent and uniform format. For example, a
periodical financial report will have the same fields and types of data at the
same locations for every report.
(b) Prepares reports in soft copy or hard copy forms. The report can be printed
on paper (hard copy) or it can be read directly from the computer screen.
Whatever the format, the report remains the same.
(c) Uses internal and external data. Most MIS applications use internal data
from the organisational database, though external data is also used.
(d) Usually, the input for MIS is the result of the TPS.
(e) Enables the end user to produce report that he requires. It may need the
production of certain programmes with the help of a programmer.
(f) Able to prepare information for the use of strategic and tactical managers.
4.5 TRANSACTION PROCESSING SYSTEM (TPS)

Every organisation performs business transactions daily. Basically, a business
transaction occurs each time the organisation produces a product or service for
its customers. It also includes the daily management and main management
activities performed by the organisation.
Some of the examples are:

(a) A business transaction for a university or a college is teaching and
evaluating students.
(b) Managing the booking and sale of tickets to customers in an airline system.
(c) Managing the ticket sale and the light rail transit (LRT) ticketing system.
In order to perform these transactions more effectively and efficiently, the

transaction processing system (TPS) is introduced. Its main function is to collect
all information relating to the business transactions and to process it as well as
produce a relevant output.

4.5.1 TPS Objectives

The main objective of the TPS is to prepare the required information so that the
organisational operations can be implemented effectively and accurately. Its
other objectives include:
(a) Enabling the organisation to operate efficiently and effectively.
(b) Preparing reports and documents right on time.
(c) Increasing the competitive advantage of the organisation.
(d) Preparing accurate data for the strategic and tactical systems, for example
data for the management information system (MIS) and decision support
system (DSS).
(e) Ensuring the accuracy and reliability of the data and information.
(f) Controlling the security of the data and information.
(g) Helping to maintain loyalty of the user or customer.
4.5.2 TPS Methods or Processes

There are three general methods for TPS, which are:
(a) Batch Processing

All transactions are collected into a batch for a certain period before
processing. This allows time for updating the records in a transaction.
The system gathers all the departmental transactions into several batches,
prepares them for processing and then processes them at the end of each
operation day.
For example, a wage system collects all the information related to

attendance and the number of working hours each day within a working
month. While waiting for the end of the month to process the data, the
information may still be updated if required. When the set time arrives
(such as end of the month), the system calculates the total working hours
and the wage that each worker should receive.
(b) Online Transaction Processing (OLTP)

The OLTP is also known as real-time processing. The transaction is
processed as soon as it occurs.

For example, the cash withdrawal system in banks ă when a customer

withdraws money from his account, the system immediately updates the
account. When you book a plane ticket, the system updates the database
which contains information on the seating arrangements, payment total,
and others. You instantly get your booking status. This online transaction
processing gives the latest status of each transaction.
(c) Hybrid System (Online Entry with Delayed Processing)

This process or method is a combination of both the earlier methods. The
information or data from the transaction is taken and entered into the
computer, but it will not be processed automatically.
For instance, when you make a booking through a tax free channel, your
booking will be taken and entered into a computer. Even though the
booking has been entered into the computer, it may only be processed after
office hours or the following day.
ACTIVITY 4.4
State other examples of the three processing methods mentioned
earlier.
4.5.3 TPS Activities

Now, let us look at the six main tasks in the transaction processing activity cycle.
This is illustrated in Figure 4.3.

Figure 4.3: General data processing activities in TPS.

Source: Adapted from Stair, R., & Reynolds, G. (2005).
Principles of information systems (7th ed.). Thompson
Let us discuss each data processing activity stated in Figure 4.3.
(a) Data Collection

(i) The process of obtaining and collecting the data required for a
complete transaction.
(ii) Exists in two forms, which are:
 Manual, like collecting product orders in writing.
 Automatic, like obtaining data from a terminal scanner or input
peripheral.

(iii) The method of entering data can be implemented in various ways,

such as:
 Using the keyboard.
 Source data automation ă it is faster and its accuracy is guaranteed
because the data collected will be scanned straight into the system
from its source. Example: scanning using a bar code reader in a
supermarket.
(b) Data Editing

(i) The process of checking data to ensure data integrity and the
completeness of data.
(ii) Example: A workerÊs name must be in the form of letters and his staff
number in numerical form, otherwise the data is invalid and
incorrect.
(c) Data Validation/Correction

(i) The process of editing the data found the re-entered data to be
incorrectly typed.
(ii) The TPS should produce a reminder message if there are any errors to
the data being entered.
(iii) Example: An error message is produced if you accidentally entered a
number when keying in the workerÊs name.
(d) Data Manipulation

(i) The process of carrying out calculation and data transformation
which are related to the business transaction.
(ii) This includes the classifying of data into certain categories,
performing calculation and storing data in a database for the next
process.
(iii) Examples:
Ć The calculation of a studentÊs average marks in a semester will
take into account the total marks attained by the student, which
are divided by the total credit hours taken.
Ć A wage system that multiplies the number of working hours with
the wage per hour of each worker.

(e) Data Storage

(i) The process of updating one or more databases with a new
transaction.
(ii) After the database is updated, other systems can obtain and use the
data for other processes.
(iii) Exists in two forms, which are:
Ć Manual, like collecting product orders in writing.
Ć Automatic, like obtaining data from a technical scanner.
(f) Production of Reports and Documents

(i) The process of producing output records and reports whether in soft
copy or hard copy form.
(ii) Example: Obtaining your examination results document in hard copy,
which is the examination result transcript that is printed, or in soft
copy that is displayed on the computer screen.
ACTIVITY 4.5
After learning about the characteristics and activities of the TPS in
general, can you think of examples of the TPS that are usually
performed?
4.5.4 Traditional TPS Applications

There are three main applications for a traditional transaction processing system,
which are:
(a) Order Processing System
Some of the processes in this system are:
(i) Entry of Orders
 Obtaining the basic data required for customer order processing.
(ii) Sales Configuration
 Ensuring that the products and services ordered fulfil customersÊ
specifications and that everything runs smoothly.

 For instance, with the sales configuration, the printer salesperson

will know that the computer printer needs a certain cable together
with a LAN (local area network) card in order to enable it to be
connected to the LAN.
(iii) Logistical Planning
 Planning what has to be sent where in accordance with the orders.
(iv) Logistical Implementation
 Coordinating the product outflow from the organisation with the
objective of delivering quality products on time to the customers.
(v) Inventory Control
 Updating using a computerised inventory record system related
to displaying the correct quantity for each share held.
(vi) Customer Interaction
 Monitoring and tracking each customer transaction with the
company.
(vii) Scheduling
 Determining the best time and method of delivering the products
and services so that they arrive on time and in good condition.
 For example, for sending fresh vegetables from the farms to the city
centre, a system determines whether transport by train or lorry will
ensure that the vegetables arrive fresh at their destination.
(b) Purchasing System

A purchase transaction processing system has four processes:
(i) Inventory
 Operating like the inventory system discussed previously.
(ii) Purchase Order Processing
 Helping the purchasing department to complete the purchase
transaction more efficiently and effectively.
(iii) Receiving
 Making a record of the receipt of the goods delivered.
 Ensuring the goods delivered are checked by the buyer to
determine their quality and if they are in bad condition, they will
be returned to the supplier.

(iv) Receivable Account

 Increasing organisational control over purchasing, improving cash
flow, increasing profit and providing more efficient management
in the face of current liabilities.
(c) Accounting System

Some of the processes in an accounting system are:
(i) Budget Transaction Processing
 Automating many tasks necessary for collecting budget related
data, distributing it to the user, and consolidating the budget.
(ii) Non-receivable Account
 Managing the organisational cash flow by tracking amounts owed
by the buyers or service users.
 Identifying debtors as well as ensuring that each debt is settled.
(iii) Salary
 Relating to the salary payment transaction beginning with the
calculation until the production of a report in the form of a payslip.
(iv) Asset Management
 Controlling the investment in capital tools and managing the
depreciation to maximise the tax benefits.
(v) General Ledger
 Automating financial reporting and data entry.
A summary of the main applications for traditional transaction processing

system are shown in Table 4.2.

Table 4.2: Some Subsystems that Support the Order Processing System, Purchasing
System and Accounting System
Order Processing System Purchasing System Accounting System

 Order Entry System  Inventory System  Budget Transaction
 Sales Configuration  Purchase Order Processing System
System Processing System  Non-receivable
 Logistical Planning  Receiving System Accounts System
System  Receivable Accounts  Salary System
 Logistical System  Asset Management
Implementation System
System  General Ledger
 Inventory Control System
System
 Customer Interaction
System
 Scheduling System
SELF-CHECK 4.3
What are the objectives of the Transaction Processing System?
Ć Information system planning must be done in tandem with redesigning the

organisation to use information system.
Ć The seven steps of information system planning considers the organisational

aspect, ensuring that the implementation of IS would be aligned with the
business needs.
Ć Standardisation is much needed to efficiently plan for the IT implementation.

Standardisation helps in cost saving and the provision of effective training. It
also results in efficient support.
Ć The organisational changes may occur with the use of information systems
and this change is normally divided into four parts, which are automation,
rationale procedure, business process restructuring and paradigm shift.

Ć Different levels of management need different and customised support from

their information system.
Ć Management Information System (MIS) is basically concerned with the

process of collecting, processing, storing and transmitting relevant
information to support the management operations in any organisations.
Ć Transaction Processing System (TPS) is used in the operational level and it

executes and records the routines or daily transactions of the organisation.
Examples for TPS are the payroll system, registration system, customer
request system and examination result system.
Business Process Restructuring Management Information System

Information system planning Transaction Processing System

T op i c  Decision
5 Support
System
LEARNING OUTCOMES
1. Explain the elements of decision making for different levels of
management;
2. Explain what Decision Support System (DSS) is;
3. Analyse the types and model of DSS; and
4. Describe the concept of the Group Decision Support System (GDSS).
 INTRODUCTION
You have just learned several information system concepts such as the use of IT
in strategic planning and system concepts. The system is developed according to
information obtained from the end user. However, do you know that the
information obtained is insufficient to make decisions in solving certain specific
problems, especially problems encountered by strategic management? In this
topic, we are going to discuss the decision-making process and how the Decision
Support System (DSS) helps managers make effective decisions.
You will recognise DSS as a system that provides communication facilities which
include information in helping consumers solve problems. We will also learn
about the format or structured information that results from DSS such as special
reports and periodic report formats. These reports are generated from
managerial science and mathematical models.

100  TOPIC 5 DECISION SUPPORT SYSTEM
5.1 DECISION-MAKING
ACTIVITY 5.1
Everyone has to make decisions. Compare making decisions to
solving problems. What makes them different?
Before discussing the decision support system, let us learn about the decision-
making process. Decisions are made to prevent problems. As a learner, decision
making is vital. You need to decide on, for example, the courses that you need to
take this semester. From the moment you try to solve any problem, you will
encounter multiple decisions. How do you define decisions and decision making?
Decisions are forms of actions taken to avoid or to reduce the negative effect,
or to take advantage of the situation.
Decision making is the process of making a decision that is accurate and clear
in solving a problem or doing something new.
In brief, decision making begins from the analysis of a problem or opportunity

and then deciding what should be done to solve the problem or grab the
opportunity. It also includes the strategic planning of the organisation in
achieving its vision and objectives.
5.1.1 Types of Decision

According to the management scientist, Herbert A. Simon (1977) from the
University of Carnegie Mellon, the decision process comes from programmable
(structured) categories of decisions to un-programmable (unstructured)
decisions. The programmable process here means that the problems encountered
are a routine, repeatable structure and that a standard procedure is developed to
solve similar problems if they occur again. The closest example is the problem of
calculating the students' CGPA that can be solved using available models.
On the other hand, an un-programmable decision is more complex, is semi or

unstructured, vague and cannot be solved using available models or standard
procedures because of no or rarely occurring situations. Perhaps, the problems

TOPIC 5 DECISION SUPPORT SYSTEM  101
need additional thinking processes that are unique and different in order to reach
a decision.
Figure 5.1 shows the pyramid structure for decision making for each of the three
levels of management:
Figure 5.1: Decision-making structure
The following is the explanation for the elements in Figure 5.1:
(a) Unstructured Decisions

(i) Unstructured decisions are made at the strategic management level.
(ii) This level makes strategic decisions like the direction of the
organisation, performance, investment choices and strategic
development. The information required to assist strategic
management in the process of making these decisions comes in many
forms such as brief information reports, ad-hoc reports, non-
periodical reports, forecasts as well as external information that can
help in their planning.
(iii) Examples of information that are needed include profit or loss reports
for the whole organisation, profit or loss report of every department,
market predictions, available capital, and total cash needed.

(b) Semi-structured Decisions

(i) Made at the tactical management level like those made by the head of
department or divisional manager.
(ii) Has a guide for reference in order to obtain a more detailed decision
consistent with its authority that is less than the strategic management
level.
(iii) The managers are responsible for making short-term and mid-term
plans for the organisation. Some of the tasks of the managers are:
 Scheduling or distribution of tasks.
 Formulation of the budget.
 Giving explanation of the policies, procedures and objectives of
the organisation to the sub-units under their control.
 Distributing the resources and controlling the execution of tasks
by each sub-unit in the organisation.
(iv) The types of problems that need to be addressed by the managers are
simpler than those to be addressed by strategic management but
much more complex than the ones to be addressed by the operations
division.
(v) Information from the upper management and operations
management is necessary. This is because the tactical manager has to
ensure that all plans by the strategic management can be
implemented by the operations management.
(vi) Examples of information included in mid-level management are
productivity measurement, budget control, gap analysis, cash flow
prediction, profit decision, short-term purchase and worker transfer.
(c) Structured Decisions

(i) A detailed and clear guideline has been set to form the procedures
that can be followed to obtain accurate answers.
(ii) This is carried out at the operations management level which is
directly involved in performing and controlling the daily operations
of the organisation, like supervising and managing operations.
(iii) All distributed and scheduled tasks must be successfully performed.
(iv) The common problems encountered are structured problems that can
be solved based on specific procedures, like resolving the problem of
workers who always come late to the office.

(v) Examples of information used by managers at the operations level are

the information related to the processing of wages, detailed
information about daily transactions and information on the process
of producing a product.
SELF-CHECK 5.1
Compare and contrast structured, semi-structured and unstructured

decisions. Give examples for each.
5.1.2 Decision-making Phases

Every time you make decisions, you are unaware that you are actually following
the phases of decision-making as described by Simon. You have to understand
the phases of decision-making to further understand how humans make
decisions. According to Simon, there are four phases of decision making. These
phases are shown in Figure 5.2.
Figure 5.2: Four phases of decision making
SimonÊs decision-making phases are an interpretation of a systematic approach.

Managers and information system experts use this pattern to make decisions or
when developing a system.

ACTIVITY 5.2
How can a manager prepare a report from all forms of reports, analyse
them and make a decision? Discuss.
5.1.3 Information Technology Support in Decision

Making
Why do managers need information technology support? Even though it is not
impossible to make decisions without information technology, its use facilitates
the process because:
(a) Information technology provides many alternatives in obtaining
information from new communication technology like the Internet and
electronic commerce.
(b) Information technology reduces the pressure of deadlines because it
expedites processing.
(c) It reduces the complexity of decision making because information
technology facilitates and expedites the process of analysis of information.
(d) Information technology can help fulfil the need to access information and
expertise from a long distance. For example, through the use of the Internet,
you can access information from a university in Australia or even contact a
specialist doctor in China through video conferencing.
5.2 DECISION SUPPORT SYSTEM

The DSS concept came about when Gorry and Scott Morton (1971) from the
Massachusetts Institute of Technology (MIT) created a working outline to classify
computer applications into several categories. SimonÊs decision concept and
AnthonyÊs management level concept were used. It is popularly known as the
„Gorry and Scott Morton Grid‰ as shown in Figure 5.3. Now, Figure 5.3 should
not be confused with Figure 5.1. Figure 5.1 shows structures of decisions across
the levels of management whereas Figure 5.3 shows structures of problems
across the levels.

Figure 5.3: Gorry and Scott Morton grid
5.2.1 Definition of DSS

Two definitions of Decision Support System (DSS) that need to be understood are
the general definition and specific definition.
General definition: DSS is a system that provides facilities to problem solving

and communication in semi-structured problem solving.
Specific definition: DSS is a system that supports managers or a small group

of managers who relatively work as a problem-solving team that find the
solution to semi-structured problems and provide information or give
suggestions related to the specific decision.
Management in an organisation uses a Management Support System (MSS)

which comprises Neural Network, Intelligence Agent, Expert System and others
to improve the effectiveness in decision making, especially in complex tasks. The

DSS that you have learnt about is one of the components in the Management
Support System.
DSS is a system based on computer interactivity. DSS helps decision makers use
data and models to solve structured, semi-structured and unstructured
problems. Why do we need to know DSS? We need to do so because in decision
making, the person responsible for making the decision needs correct, precise
and the most recent information in order to make a quality and effective decision.
Apart from that, DSS can be defined as a system that enables managers to solve
semi-structured and unstructured problems.
DSS interactivity helps decision makers use data and models to solve semi-
structured and unstructured problems.
DSS can help management analyse information from the level of lower
management onwards, including outside the organisation. It is used to manage
unstructured decisions such as "What will happen if⁄?". It can also use a
Database Management System (DBMS), question language, monetary model,
electronic spread sheets, statistical analysis, report generator or graphic software
to provide information.
5.2.2 DSS Objective

Every system has its own aims and objectives. However, there are information
systems that are interrelated, and which support other systems or need support
from other systems. For example, Management Information System needs input
from the Financial Information System to prepare a companyÊs financial report.
Keen and Scott Morton (1978) at MIT provide three main objectives that DSS
must achieve. The following are the decision support system objectives:
(a) Help and prepare support for the manager in the decision-making process
to solve semi and unstructured problems.
(b) Support the manager in the decision-making process but does not replace
the manager in making decisions.
(c) Concentrate on improving the effective (as compared to efficiency) process
of decision making by the manager.
The three objectives above are related to the three basic concepts of DSS: problem
structure, support decision and the effectiveness of decision. Actually, it is
difficult to find completely structured or unstructured problems because most
problems are semi-structured.

The second objective of the DSS clearly shows that a computerised system cannot
in many ways replace humans in decision making. From this objective, we
understand that the DSS only helps decision makers handle part of the structured
problems but some parts of unstructured problems still require human intuition
and consideration for solutions.
The third objective states that efficiency and the speed of data and information
processing are not the main objectives of a DSS. The main advantage of using a
DSS is to utilise its ability to help users make good quality and effective
decisions. According to McLeod (2001), managers must not find the solutions to
their problems using output from a DSS only because finding the solution or the
decision making can be done using mathematical models. On the other hand,
managers have their intuition and judgement to fall back on in selecting the
solutions for their problems.
SELF-CHECK 5.2
If, for instance, you are given a choice of going to Phuket Island or
Tioman Island for a holiday, what are the criteria that would help you
make your decision? In your opinion, does DSS help you if all the
data needed is entered into the system?
5.2.3 DSS Characteristics

Since there is no universal understanding of the DSS definition, there is no
understanding of the characteristics and abilities of DSS. However, Efraim
Turban and Aronson (2001) have listed 17 characteristics and abilities of DSS,
from the fundamentals to the ideal. The following are the characteristics of DSS:
(a) DSS provides support to the decision maker in solving semi and
unstructured problems. Usually, these problems cannot be solved using
computerised information system and any other tools or quantitative
methodology.
(b) All management level support, from operations to the executive level, is
provided.
(c) Individual and group support is also available.
(d) Support to interrelated decisions or a series of decisions. Decisions may be
made once, several times or just repeated.

(e) All four phases of decision making are supported by DSS: intelligence,
design, decision and justification.
(f) All types of processes and styles of development of decisions are supported
by DSS.
(g) DSS is very adaptive, so it will always be relevant to current demand.
(h) DSS has an interesting graphical user interface.
(i) The effectiveness of the user in decision making (quality, accuracy, etc)
compared to efficiency (decision-making cost).
(j) The decision maker has full control over DSS. The DSS objective is to
support users, not to replace them.
(k) The end user can modify DSS easily.
(l) DSS will usually use models to analyse a problem. This ability to apply
models to problems helps the user to test a few different strategies in
different situations.
(m) DSS allows the user to obtain data from a database.
(n) DSS is web-based.
ACTIVITY 5.3
Observe point (g) of the DSS characteristics. Explain briefly this
characteristic by providing suitable examples. Compare your answer
with that of your friendsÊ.
5.2.4 Analytical Modelling for DSS

Apart from the characteristics stated in Subtopic 5.2.3, DSS needs to have the
ability to analyse. There are four basic analytical modelling activities of DSS
which are:
(a) What-if analysis: The decision maker can make changes to the variables, or
the relationship between the variables, to observe changes in another
variable.
(b) Awareness analysis: Often a variable is changed several times and the
resulting variable changes are observed. It is usually used when the
decision maker is not sure of how to approximate the value of the key

variables. For example, inventory must be reduced by 10% several times.

Then, we would be able to see the relation between sales and marketing
department.
(c) Objective analysis: Changing the analysis direction from what-if analysis to
sensitivity analysis. Apart from observing how the changes in the variable
can affect other variables, it also sets one target value for the variable. Then,
it will change the other variables repeatedly until the targeted value is
achieved. For instance, increasing the percentage of stock inventory until
sales and marketing reach a profit of RM1 million and a net profit of
RM850,000.
(d) Optimisation analysis: A process that is very complex, from information
analysis that not only sets one target but also finds the optimum value for
one or more targeted variables. Then, one or several variables are changed
based on constraints given until the best value of the targeted variable is
achieved. For example, what is the best exposure for an advertisement, its
budget and the type of media available?
SELF-CHECK 5.3
What is the What-if analysis? What is the importance of this to a

managerÊs analysis?
5.2.5 Types of DSS

Based on Gorry and Scott MortonÊs (1971) work, Alter (1976) identified six types
of DSS. As seen in Figure 5.3, the six types of DSS have been classified based on
the degree of their problem-solution support ability.
Now, look at Figure 5.4. Based on Figure 5.4, the lowest support level in DSS type
1 is to enable managers to obtain specific information elements. One example is
getting the total sales of one department in Perak only. If the system helps to
analyse all the files, it is DSS type 2. A manager who wants to create a special
report using data from the entire inventory file is one example. The example only
involves one type of file which is the inventory file

Figure 5.4: Types of DSS
Often, you have to obtain data and information from multiple sources, and all
kinds of files and from multiple departments. In these cases, the degree of
complexity and support in problem solution is higher. Preparing reports from
multiple types of files is an example of DSS type 3. You should already be clear
about the need for taxonomy in understanding the DSS concept at this level.
The three types of DSS discussed earlier provide support in forming special
reports resulting from the query or questioning of a database. The other three
DSS types involve the use of a mathematical model or scientific management
model in supporting a manager in making decisions.
An example given by Alter (1976) for DSS type 4 is the DSS model used to
estimate the effect of a solution. For example, a manager wants to know the effect
of increasing or decreasing the price of products on the monthly and yearly
profits of the company. The manager will input DSS, for example, RM25 per unit.
DSS will show the manager if the product is priced at RM25 per unit; this will
lead the organisation to obtain a profit of RM5,000 monthly.
However, you must understand that the model is not capable of explaining
whether the price of RM25 is the best option for the manager to choose. The
system can only explain what will happen to the profit if that decision is taken. In
order to provide additional support, you can add some DSS models that can
analyse risks, which can be used by the manager through estimation of analytical
probabilities.

The DSS type 5 suggests decisions. It gives more support to the decision maker
but the degree of complexity of the DSS increases, such as the DSS that uses the
linear algorithm model. A manager can input data about the structure of a
factory and its equipment into this DSS model. This will enable the manager to
produce the most effective decision.
The DSS type 6, offers the most support to its user although it is difficult and
complex to develop the solution to his problem. An example of use of DSS type 6
is when an insurance company sets insurance premiums. Many company
managers let this DSS make decisions for them because they are very confident
with its capability to make good decisions.
There are two reasons for altering experiments:

(a) Firstly, it supports the concept of developing a DSS system to solve a
certain type of decision; and
(b) Secondly, a DSS should not limit itself only to mathematical and scientific
management, but should also produce a periodic report other than a special
report.
SELF-CHECK 5.4
Think of the objective of DSS with regard to its important

characteristics. How far can DSS be used to provide the best
evaluation for a certain decision?
5.2.6 DSS Model

Look at Figure 5.5. It is a DSS model that shows how components of DSS interact
to support decision makers. The DSS model has the same structure as the
Management Information System and Financial Information System models.

Figure 5.5: DSS model
Although they have the same structure but the characteristics, concepts and
objectives of the three information systems are different form one another. As
indicated by Figure 5.5, data and information from the environment are input
into the database. A DSS database might also receive similar data and
information from the Financial Information System and other systems and
subsystems. The content of the database will then be utilised by four subsystem
software consisting of:
(i) Report writing software;
(ii) Mathematical model;
(iii) Scientific management model; and
(iv) Groupware.

5.3 GROUP DECISION SUPPORT SYSTEM

The government and private organisations spend millions of ringgit to cover the
travelling costs of their staff who attend meetings locally or internationally. Now,
organisations can save if they use information and communication technology
(ICT) which enables them to conduct virtual meetings with colleagues or clients
who are thousands of miles away. This can be done using digital video
technology, chat technology and other technological network such as those of the
Internet and Intranet.
Innovations in ICT have developed a new DSS concept, that is, the Group
Decision Support System (GDSS). A team who cooperates to achieve a common
objective can use GDSS to improve communication between group members.
GDSS provides an environment conducive to and which supports the decision-
making process using a type of software called groupware.
Group Decision Support System (GDSS) is a computer-based system that

supports a group of individuals that cooperate to achieve one aim by
providing an interface which use the surroundings that are shared together.
There are other definitions used to describe the application of information

systems by a group, such as the Group Support System, Computerised
Cooperative Work and Electronic Meeting System. Whatever the definitions
used, they all can be applied to all kinds of groups and environments.
You will agree that information and communication technology (ICT) has made
the world smaller because it helps us to communicate better, even though our
friends are thousands of miles away. For example, specialist surgeons in Europe
need not be in Malaysia to perform surgery as it can be done without moving
them here. Thus, the basic theory of the development of GDSS is to communicate
well to produce better decisions.
You have to understand that good communication in the context of making

decisions does not necessarily mean good technology but refers to discussions
that concentrate on problems without wasting time discussing irrelevant matters.
The additional time obtained can be used to search for other alternatives to the
solution chosen.

5.3.1 GDSS Environment

GDSS supports the problem-solving process by providing an environment
conducive to communication. Figure 5.6 shows four types of environment, based
on the group size and location of the group members.
Figure 5.6: Group size and location that characterise the GDSS environment
For each type of GDSS environment, group members can meet at the same time
or at different times. If group members meet and discuss at the same time, as in a
meeting, this is called synchronous exchange. On the other hand, meetings can
also be held at different times, such as in communicating through the e-mail. This
is called asynchronous exchange.
When you look at Figure 5.6, you must be wondering what is meant by decision
room, local decision network and so on. Now, let us see what are they.
(a) Decision Room

A decision room is provided for a small group of humans who gather and
meet for a discussion. However, the decision room has characteristics that
are very different from those meeting rooms you are used to, even though
the purpose is the same, which is to come to a decision. The decision room
is different from a meeting room because the decision room helps the
members communicate through the aspects of its infrastructure. A decision
group is equipped with a workstation that is equipped with microphone,
video camera, big screen display and so on. At the centre of the room is a
computer for the facilitator.
`The facilitator must make sure that the discussion stays on track. Have you
chatted on the Internet using Skype or Yahoo Messenger? If your answer is

yes, this communication takes place in a decision room, which is almost the
same except that the text that is typed is displayed on the big screen. Other
than that, any reference material for discussion can be displayed using
video, colour slides and transparencies.
There are two unique characteristics of GDSS in the decision room which
are parallel communication and anonymity.
(i) Parallel communication occurs when all participants making
statements use the computer at the same time.
(ii) Anonymity means that no participant knows who is making each
statement. Anonymity helps participants voice ideas and statements
without fear of being criticised by other participants. Thus, all ideas
and suggestions are evaluated based on meritocracy and not on who
suggests it.
(b) Local Decision Network

Local Decision Network is a small group that uses the local area network
(LAN) to interact or discuss using various applications.
This method is used when it is impossible to gather all members in one

room at the same time.
(c) Law Amendment/Legislative Session

A legislative session is created when the decision room is too small to be
occupied by all members. This session is limited to communication through
a few methods. Among the methods are by giving opportunities to only a
few members to communicate, or by allocating limited time to every
member to communicate, or by having the facilitator select materials and
ideas that need to be displayed on the screen for the group to see.
(d) Computerised Conference

A computerised conference is more commonly known as teleconferencing.
Teleconferencing is a computer application that helps a group of humans to
communicate even though they are geographically separated.
Teleconferencing involves computer conferencing, audio conferencing and
video conferencing.
5.3.2 Group Software

The purpose of group software or groupware is software that provides support
to a cooperating group through collaboration. Group software provides the
mechanism to all members of the group to share ideas, data, information,
knowledge and other resources. Examples of groupware are Domino Server,

Microsoft Net meeting, Netscape, Collabra Server, Group System, Novell
GroupWise and many more.
However, you must realise that not all group software packages are suitable to be
used in a working group. Refer to the outline of time or place in Figure 5.7 and
you will see the technological differences in supporting a working group
according to time and place.
Figure 5.7: Communication of time or place and several computerised collaborative

technical support outline
Other than that, every group software package will use different technology,
based on one package that supports the purpose of the working group, such as
the type of group assignments.
Working software must have at least one of the abilities or components listed:
electronic advisor, conference or an electronic meeting room, group timetable,
calendar, planning, conflict resolution, model development, video conference,
document sharing (such as screen, whiteboard and live board), voting, etc.
Actually, there are thousands of group software packages that contain elements
of Web conferencing software and you can look for information on the Web
using a search engine.

ACTIVITY 5.4
Explain what a group software or groupware is? In your opinion, who
would need this kind of software and why? Discuss.
SELF-CHECK 5.5
1. Give four phases in making decisions as stated by Simon.
2. Give the definition of Decision Support System.
3. What is the objective of DSS?
4. Give four analysis models needed by a DSS.
5. Give the definition of GDSS.
6. What is a legislative session?
 The impetus for a Decision Support System (DSS) is to support the manager
in making decisions effectively. DSS provides the facilities to communicate
which include information that helps them to solve problems.
 DSS supports managers who relatively work in a problem solving team, in

searching for a semi-structured and unstructured problem solution by
providing information or making suggestions related to a specific decision.
 In developing a DSS, the decision-making process needs to be researched

first. The decision-making process can be categorised as programmable
decisions and un-programmable decisions.
 There are three main objectives in developing a DSS. The first objective is to
help and provide support to the manager in the decision-making process to
solve semi-structured or unstructured problems. The second objective is to
support the manager in the process of making decisions and the last objective
is to improve the effectiveness of the decision-making process.
 The decision-making process consists of four activities: intelligence, design,

selection and evaluation.

 There are 14 characteristics and abilities of an ideal DSS needed by a support

system.
 There are four types of basic analytical modelling activities usually needed in
a DSS. These activities are the what-if analysis, awareness analysis,
information searching analysis and optimisation analysis.
 Organisations can reduce the travelling costs of employees by using

information and communication technology (ICT) that enables virtual
meetings such as the Group Decision Support System (GDSS).
 GDSS supports a group of individuals that work together to achieve one aim
by providing an interface to reach and use the shared environment.
 The fundamental theory of GDSS development is to communicate so as to

arrive at a better decision. GDSS helps a group of humans who conduct
meetings to find a solution by helping them concentrate on the problem
without wasting time discussing irrelevant matters.
 Decision rooms provide characteristics that are very different from normal
meeting rooms because they help the members communicate via technology,
and room design including its equipment. Decision rooms provide
anonymity; participants do not know who is making each statement.
 DSS and GDSS are a part of the Management Support System technology that
helps the manager make good quality decisions, but does not replace them in
making any decisions. This is because in the decision-making phase, humans
still rely on intuition or experience to come up with good ones.
 DSS and GDSS are very useful and are helpful to companies in making right
decisions. Techno-savvy lifestyles like using laptops or handheld computers
make DSS and GDSS important as computer mobility enables humans to use
computers anywhere to help them make decisions.
Analytical Modelling for DSS Group Decision Support System

Decision making Groupware
Decision support system (DSS)

Topic  Executive
6 Information
System
LEARNING OUTCOMES
1. Describe the role of an executive;
2. Explain how executives think by understanding three studies on
management science;
3. Describe the tasks of executives and how they think; and
4. Explain computer-based EIS.
 INTRODUCTION
In your opinion, what differentiates a manager of a department from a chief
executive officer (CEO) of an organisation? You might think about the aspects of
their income, personality or maybe social status. However, Martineau's (1968)
experiment discovered otherwise. He found that the biggest differences between
the two were from the working perspective and how work was executed. Even
the type of information system a departmental manager used is different from
that used by a CEO.
A Senior Executive Officer usually uses the Executive Information System (EIS).
EIS is a system that provides the latest information, history and some
anticipation about the status and environment of the company to support
administration tasks and the process of decision making of executives. An EIS
usually uses qualitative graphic techniques, communication technology and the
latest processing, all types of input and output mechanisms, which include
storage media, to provide the facilities. EIS is also known as the Executive
Support System (ESS).
120  TOPIC 6 EXECUTIVE INFORMATION SYSTEM
In this topic, you will learn how an EIS helps in the managerÊs work and in
making decisions.
6.1 THE ROLES AND CHARACTERISTICS OF AN

EXECUTIVE
Before we discuss EIS in detail, it is important that we know what an executive is.
Who is actually fit to be called an executive? What are the roles and tasks of an
executive? Why must we know what an executive is and what is his or her
relationship with EIS?
Now by saying executives, we are not focusing on lower level executives such as
sales executives or IT support executives who execute tasks given by the
supervisors, although their contributions are very much important to an
organisation. Our focus here is higher level executives who are involved in
decision making such as chief executive officer, chief financial officer and chief
information officer.
The use of the word „executive‰ is to identify higher-level managers in the

hierarchy of an organisation. An executive has the power and authority to set the
organisationÊs direction through his involvement in outlining strategic plans and
an organisationÊs policies.
Other than that, executives are different from lower-level managers in terms of
attitude. Executives are organisation-oriented, while managers are unit- or
department-oriented. Let us take for example the Vice Chancellor of a university and
the dean of a faculty. The Vice Chancellor administrates and leads a university that
may contain 10 faculties, four centres, and six support units whilst a dean focuses
more on their tasks of leading and planning the strategy for the faculty. We will
learn about the roles of an executive after learning about the three studies done by
experts in management science ă Henri Fayol, Henry Mintzberg and John Kotter.
The studies done by The Centre for Information System Research (CISR) at MIT
found that the main users of EIS are the Chief Executive Officer (CEO), Chief
Financial Officer (CFO) and Chief Operating Officer (COO).
SELF-CHECK 6.1
Who would you call an executive? Name one famous executive in

Malaysia.

TOPIC 6 EXECUTIVE INFORMATION SYSTEM  121
SELF-CHECK 6.2
Differentiate the tasks of an executive (such as the CEO or a company's

president) and the supporting employee or the departmental manager.
6.1.1 Fayol Management Function

McLeod and Schell (2001) stated that Henri Fayol (1914) believed that all
executives were doing the same management functions: planning, arranging,
administering, and hiring employees, including directing and controlling. Henri
Fayol was one of the management researchers.
6.1.2 Mintzberg Management Roles

Mintzberg (1973) believes that managers play all roles according to levels except
the orientation manager. For example, one of the roles of an executive is to make
decisions in a negotiation. Higher level managers (executives) negotiate a
company merger while lower level managers negotiate with the supplier on the
delivery date of a product.
Both levels of managers conduct negotiations of different orientations. Mintzberg

found differences in time taken between the two levels when either one was
playing the management role. For example, higher level managers may take a
longer time when compared to lower level managers because they deal with
more critical and strategic situations that involve the survival of the organisation.

Figure 6.1: Organisation without Executive Information System (EIS)
If EIS is not in place, then the CBIS (Computer-based Information System) will
look as shown in Figure 6.1. Figure 6.1 shows that executives receive all
information from the subsystem functions like the Financial Information System
and Monetary Information System which needs to be processed. Executives still
need to analyse and change the data into more meaningful information. EIS, as
shown in Figure 6.2, helps executives analyse and change the data into
meaningful information. EIS will accept all data and information from the
subsystem function and its environment, then process and present it with a good
interface to the executives.

Figure 6.2: Organisation using Executive Information System
6.1.3 Networking and Kotter Agenda

Kotter (1982), a professor at Harvard, believes that executives deal with their
tasks using the three strategies stated in the following:
(a) Agendas
These are the objectives of the company that need to be achieved. There are
two types of agendas: long-term and short-term. For example, the long-
term agenda is the type, quantity and design of Proton cars that need to be
produced within five, ten or twenty years. The short-term agenda deals
with the size of passenger car market in Malaysia that needs to be
conquered by the new product, Proton Preve 1.6 CFE.
(b) Networking
Executives must build a network. This is not the same as computer
networking. Kotter thinks that executives need to build networks or
relationships between individuals inside and outside the organisation
which can or will help in achieving the objectives above.

(c) Surroundings
Executives need to design a good surrounding or environment. The
surrounding is actually the emphasis on good moral values that can help
networking members cooperate with each other to achieve the agendas.
6.1.4 How an Executive Thinks

You have to know how executives think to better understand how an EIS needs
to function, the characteristics that it needs and the unique type of information
provided compared to other information systems. An EIS is developed with care
because it will be used by executives to obtain information to make decisions or
to outline a strategic plan or company policy. You would not want to develop a
system that gives false or inaccurate information to your employer would you?
Researchers like Professor Daniel J. Isenberg (1984) from Harvard stated that
executives generally think about two classes of problems:
(a) First class: how to solve work problems.
(b) Second class: how to manage big issues or general aims of an organisation.
With regard to the first class, executives concentrate more on issues concerning
the organisation and subordinate individuals to solve problems rather than think
about ways to solve them.
IsenbergÊs observation shows that executives do not always follow the correct
steps in making decisions. For example, in handling a problem, executives
usually head straight for the execution of the solution and then backtrack to the
evaluation of alternatives, which is the step prior to execution. Executives make
rational decisions but the decisions made do not mean that decisions coming
through are correct.
Isenberg believes that executives use their intuition in every aspect of the
decision-making process. Intuition plays a very important part in helping
executives make decisions. This is due to the nature of humans, where problems
endured by executives are unstructured, and this includes the executivesÊ
experience. This strongly affects the process of decision making by executives.
ACTIVITY 6.1
Search for articles related to high-level executivesÊ roles in leading a
company. In your opinion, why do we need to learn and understand
how executives work?

6.2 EXECUTIVE INFORMATION NEEDS

After learning about the thought process of executives, you will then understand
that their style of thinking is unique, the same as their tasks and aims. What are
the types of information they need? This is also unique because they need
information others cannot think of in order to make decisions in their strategic
planning. We will now learn about studies done by Mintzberg, Jones and
McLeod.
6.2.1 Mintzberg Research

Mintzberg was the first researcher to study information needed by executives by
identifying how executives spent their time. His research found that executives
spent their time in five fundamental activities: 22% doing desk work (such as
typing, reading or replying to e-mails, reading reports and others), 6% in
answering and returning calls, 10% attending unscheduled meetings, 59%
attending scheduled meetings and 3% making visitations.
What you must observe here is that MintzbergÊs research has become the basis of
modern design information systems based on computers in the context of EIS.
This role is important in mixing virtual office applications for an executive. In
simpler terms, when you want to develop EIS, you have to create the Mintzberg
research to finalise the types of related applications to be integrated in EIS. This
is because it will be used by executives with the information who need
characteristics that are unique compared to other end users.
SELF-CHECK 6.3
If this research was not available, could you identify the information
needs of executives based on your observation?

6.2.2 Jones and McLeod Research

Professor Jack W. Jones and Raymond McLeod (1987) saw the importance in
researching deeper on the sources of information and the medium used by
executives as reported by Mintzberg. Their research was designed to answer the
five questions stated in the following:
(a) How Much Information do Executives Receive?

Executives receive an average of 29 transactions per day. The transactions
are usually carried out via mediums of communication like computer
reports, memos, answering the phone, mail, meetings and others.
(b) What is the Value of the Information Received?

According to their research, almost 26% of the transactions received do not
have any value. Only 6% of the received information has high value. Others
are just moderate.
(c) What is the ExecutiveÊs Source of Information?

Jones and McLeod also researched the executivesÊ source of information. They
found that the organisationÊs environment such as the government,
universities, mass media and others, is the main source of information but is of
low value. On the other hand, a small portion of information such as
information given by members of the organisation is of a very high value to
executives.
(d) What are the Types of Media Used by Executives to Exchange Information
and to Communicate?
(i) Written medium: computer reports, memos, mails, journals and
others constitute 61% of the transactions received.
(ii) 2% of the received information is during a function.
(iii) 21% is from using the telephone.
(iv) 5% is from scheduled meetings.
(v) 6% is from unscheduled meetings.
(e) How is the Received Information Used by Executives?

(i) 32% is used for trade and entrepreneurship.
(ii) 42% is for handling problems or disturbances.
(iii) 17% is used as a distribution source.

(iv) 3% is used for consultancy and business.

(v) The usage of the last 6% is unknown.
So, what does the information above mean? How is EIS related to all this? What
is the importance of the researches? There are three main findings that we need
to know:
(a) Most of the information received comes from the organisation's
environment but a companyÊs internal information has higher value.
(b) Most of the information received by executives is in written form but those
with the highest value are received orally.
(c) Executives receive little information from the computer.
In conclusion, there are no executive information systems that are totally

dependent on computers. What really happens is that the computer is used as a
support for the non-computerised workflow. Jones and McLeod's research
provides a good lesson to us on the characteristics and forms of information flow
that executives need in order to get information that can be used to solve their
problems.
SELF-CHECK 6.4
You have been introduced to the research done by Jones and McLeod.
What was the conclusion of their research? Discuss.
6.3 COMPUTER-BASED EXECUTIVE

INFORMATION SYSTEM
Executive Information System (EIS) is a system that provides information to
executives about the company's performance as a whole. The information can be
obtained with ease and detailed information can be harvested based on the
executive's needs. EIS is a tool that provides online access to relevant information
in a useful format and can be searched for.
Relevant information is information that is current, accurate and can be used

for business according to the executiveÊs interest.

6.3.1 Definition
According to McLeod and Schell (2001), EIS is a system that provides
information to executives concerning the organisation's progress as a whole. In
general, EIS is defined as:
"A computer-based method for both inexperienced and knowledgeable

executives with computers to obtain, create, send information including
exploring and searching in detail certain information from the field
needed by them to make decisions."
EIS addresses non-routine decisions requiring judgement, evaluation and insight

as there is no agreed-upon procedure in arriving at a solution.
ACTIVITY 6.2
An interesting definition about the Executive Information System can be

obtained from Chapter 2 of this book:
Laudon, K. C., & Laudon, J. P. (2013). Management information systems
ă Managing the digital firm (13th ed.). Prentice Hall.
Read the definition given in the book and compare with the definition
given in this module.
6.3.2 EIS Model

Look at Figure 6.3. It shows the infrastructure of EIS that involves a Personal
Computer (PC).

Figure 6.3: EIS model
Large companies usually network their PCs with a supercomputer or mainframe.

The executive PCs will act as the executive workstation. The executive
workstation is equipped with a large hard disk to store data and information
processed by the central computer (such as the supercomputer or mainframe).
Executives just select from the menu and display certain screens to process a
task.
The system is also equipped with an e-mail application which includes preparing
facilities for the executive to download data or information from the
supercomputer or certain servers. There are also EIS variations that provide
explanations on current information, competitors, or social and economic
information, both internally and externally.
There are many EIS software and applications available in the market, provided
by commercial software vendors. Usually this software comprises office
automation, e-mail, information management, information connection, and
information analysis.

6.3.3 EIS Input and Output

In order to enable EIS to function, it has to be supplied with general as well as
specific data. Referring to Figure 6.2, the input into EIS comes from another
information system such as the Transaction Processing System, Management
Report System, and Management Information System.
The EIS data needed for input depends on the executive's needs as an end user.
Whatever information needed to make decisions, as well as information deemed
necessary by the executive, should be included in EIS. However, sorting the data
and the types of information that need to be processed by an EIS is difficult. This
is due to the development of EIS which starts with several features that the
executives are interested in. Then, it is expanded according to the information
needed by the managers using it. Subsequently, the format and type of
information in EIS will become outdated and divert from strategic planning.
The output of an EIS is as follows:

(a) Provides standardised reports;
(b) Graphics and online facilities; and
(c) On-demand information.
SELF-CHECK 6.5
Give examples of other systems that produce output yet become the
input of EIS.
6.3.4 Characteristics of the EIS

Some of the important characteristics of the EIS are:
(a) Usually it is specifically for executives ă the goal of the EIS is to give
accurate information to individuals at the correct time and in the correct
format.
(b) Easy to use because most users are decision makers who are usually not
proficient in technical matters.
(c) Supports the need for external data because most of the information needed
at the upper level is from outside sources.
(d) Assists in highly unpredictable situations by giving useful information and
suggestions for making critical decisions.
(e) Has a future-time orientation because the decision made is for the long
term and can be used in the next few years.
(f) It is connected to the process of value added business which is then
connected to the DSS to increase the effectiveness and capabilities of the
system to make better decisions.
6.3.5 EIS Capabilities

Some of the capabilities of the EIS are to:
(a) Support strategic management because the EIS enables decision making for
the long term.
(b) Support the formation of an overall organisational vision with the strategic
planning that is made.
(c) Support strategic management and staff recruitment.
(d) Support strategic control in monitoring and managing organisational
operations.
(e) Support crisis management, especially planning, in the event of an accident,
fire and the like, which can halt organisational operations. The EIS can help
executives to plan for these disasters.
SELF-CHECK 6.6
1. Define the Executive Information System.

2. What is the output of EIS?
3. Sketch the EIS model, including its important components and the
data flow.
4. State the differences between an executive and a departmental
manager.

 Higher level executives have their characteristics on their own in terms of

management and decision, which are different from lower ranking
executives.
 Research shows that the information needs for executives are more
organisation-oriented.
 Higher level managers play an important role in forming the organisationÊs

success, and the performance of their employees is also critical in achieving
the mission and vision of the organisation. Thus, a system such as EIS is very
important because it supports the long-term planning of an organisation.
 EIS is capable of creating a new information source that can help the
company improve its performance and at the same time provide excellent
services to its employees and customers.
Computer-based Information System Executive Information System

EIS Model Management roles

Topic  Expert
7 System
LEARNING OUTCOMES
1. Describe what an Expert System is and its applications;
2. Explain the steps involved in producing rules and information
gathering;
3. Explain Expert System architecture and development;
4. List the main characteristics of an Expert System; and
5. Explain the advantages and disadvantages of Expert System.
 INTRODUCTION
In this topic, you will learn about one of the branches of artificial intelligence,
which is the Expert System. The Expert System is also known as the knowledge-
based system. The Expert System comprises many types of systems based on
rules, frames and fuzzy sets. In this topic, you will also be exposed to the most
popular Expert System, the system based on rules. Ready? Let us get going.

134  TOPIC 7 EXPERT SYSTEM
7.1 WHAT IS AN EXPERT SYSTEM?

Before we go on further, can you explain the root word in „Expert System‰,
which is „expert‰?
An expert is a person that has the expertise and knowledge of his specialised
field.
Examples of experts are a heart specialist and a mathematics expert. Through

experience, an expert expands his skills to enable him to solve problems
heuristically, efficiently and effectively.
According to Efraim Turban (2001), the Expert System comes from the
Knowledge-based Expert System terminology. A good ES is a system that can
copy the process of reasoning in a human.
Prof Edward Feigenbaum (1983) from Stanford University, a famous researcher

on ES defines ES as:
"⁄an intelligent computer program that uses knowledge and reasoning

procedures to solve difficult problems that need certain expertise to solve
the problems."
Based on the definition given earlier, we can define Expert System:
Expert System (ES) is an information system that is capable of mimicking

human thinking and making considerations during the process of decision
making.
ES uses human knowledge stored inside a computer to solve problems that

requires human expertise to solve. ES is an information system that has been
used to solve a problem that usually requires an expert to solve. ES is developed
to model the ability of an expertise in solving problems. In the process of
modelling the method which an expert uses to solve a problem, ES must be able
to provide users with the services and facilities that an expert can usually
provide.

TOPIC 7 EXPERT SYSTEM  135
SELF-CHECK 7.1
Currently, the Expert System is a popular topic in Management

Information System. In your own words, explain what an Expert
System is.
7.1.1 Why is an Expert System Needed?

You must be thinking of the rationale behind the process of transferring the
knowledge of an expert to a computer. Table 7.1 will answer your query by
comparing the Expert System to that of humans.
Table 7.1: Comparisons between an Expert System and a Human Expert
Factor Human Expert Expert System

Time (can be obtained) Working days only Anytime
Geography Local Anywhere
Safety Cannot be replaced Can be replaced
Damages Yes No
Speed and Efficiency Changes Consistent
Cost High Intermediate
An Expert System is built because of two factors, either to replace or to help an

expert.
Some of the reasons for the need of an Expert System to replace an expert are:
(a) To enable the use of expertise after working hours or at different locations;
(b) To automate a routine task that requires human expertise all the time
unattended, thus reducing operational costs;
(c) To replace a retiring or a leaving employee who is an expert; and
(d) To hire an expert is costly.

The Expert System is used to:

(a) Help experts in their routine to improve productivity;
(b) Help experts in some of their more complex and difficult tasks so that the
problem can be managed effectively; and
(c) Help an expert to obtain information needed by other experts who have
forgotten about it or who are too busy to search for it.
ACTIVITY 7.1
Has your car ever broken down? Think about how an Expert System
can help a car owner. Discuss this with your coursemates.
7.1.2 Application of Expert System

Expert System is widely used in all types of fields and sectors like medicine,
engineering, education, marketing, tax planning and more. We will study several
other applications in the financial, production and military sectors. Examples of
applications in financial and production are discussed as following.
(a) Application of ES in the Banking and Financial Sector

System used:
(i) An Expert System that helps bank managers in making decisions on
granting loans.
(ii) An Expert System that advises bank managers in giving housing
loans.
(iii) An Expert System that advises insurance companies on the risks
involved in insuring a customer or a company.
(iv) An Expert System that helps banks to decide on whether a customer is
entitled for a credit card or not.
(v) An Expert System that identifies computer fraud and controls it.
(b) Application of ES in Production Industries

System used:
(i) An Expert System capable of diagnosing some technical malfunctions
in aeroplanes, gas turbines and helicopters.

(ii) An Expert System that helps identify threats that may put security at
risk.
(iii) An Expert System that helps to form and produce small mechanical
items.
As mentioned earlier, an Expert System is widely used in many application

areas. This is due to its capability to solve various patterns or paradigms of
problems. Table 7.2 lists ten paradigms in problem-solving that an Expert System
is capable of solving.
Table 7.2: Problem-solving Paradigm
Problem-
solving Example of Expert System Application
Paradigm
Control Controlling the behaviour of the system according to specification.
Design Aligning objects following limits.
Diagnosis Providing reasons for system malfunction based on observation.
Instruction Diagnosing and improving behaviour of students.
Translation Providing reasons for situations based on data given.
Assessment Comparing observation data with expectations.
Planning Designing a plan of action.
Prediction Providing reasons on the cause and effect of a certain decision based
on situation.
Selection Identifying the best selection from all alternatives and probabilities.
Prescription Suggesting solution to improve a malfunction system.

SELF-CHECK 7.2
Differentiate between human expertise and the Expert System. You may
use the following table:
Factor Human Expertise Expert System

Time (which can be
obtained)
Geography
Security
Malfunctions
Performance and speed
Cost
7.2 KNOWLEDGE AND EXPERT

Around the 1970s, computer scientists accepted the fact that in order to enable a
machine to solve intellectual problems, a machine must know how to first solve
it. In other words, it has to have the how-to knowledge to solve problems in a
specific domain.
(a) What is Knowledge?
Knowledge is a theoretical or practical understanding of a subject or

domain.
Knowledge is a combination and mix of information that is already known,

and knowledge is power. Anyone who has a certain amount of knowledge
may be considered an expert. Experts are people who have power in the
organisation. In any successful company, there are a certain number of first
class experts and the companies will not succeed without them. As an
example, Sun Microsystem has James Gosling, the founder of Java
programming.
(b) Who is Fit to be Called an Expert?

Anyone can be called an expert as long as that person has a vast knowledge
of the particular field and has practical experience in a certain domain.
However, the person is restricted to his or her own domain. For example,
being an IT expert does not mean that the person is an expert in all IT
domains but she may be an expert in intelligence systems or an expert in
only the development of an intelligence agent.
(c) How Does an Expert Think?

The human mental process is too complex and complicated to be drafted as
an algorithm. Many experts can only create rules in solving certain
problems. We will learn more about the steps in referencing the knowledge
acquired from an expert with the rules when we learn about the basic
architecture of an Expert System. On the other hand, Figure 7.1 and Figure
7.2 show the different thinking of an expert and a machine.
Figure 7.1: Human problem-solving architectural structure
Figure 7.2: An Expert System problem-solving architectural structure

SELF-CHECK 7.3
Knowledge helps humans to solve problems. How is knowledge used

in a system? Discuss.
SELF-CHECK 7.4
Write down the differences between the human problem-solving

architecture and those of the Expert System.
7.3 EXPERT SYSTEM ARCHITECTURE

An ES merges knowledge, facts and reasoning techniques in producing a
decision. In order to produce a decision, an ES fundamental architecture is
required, as shown in Figure 7.3.
Figure 7.3: Basic components of an Expert System
From Figure 7.3, you may see the basic components of an Expert System, which are:
(a) Knowledge acquisition facility;
(b) Knowledge base;
(c) Inference engine; and
(d) Explanation facility.

Let us now discuss the components in detail.
7.3.1 Knowledge Acquisition
Knowledge acquisition is a process of gathering and transferring problem-

solving expertise from all sources of knowledge in a computer program.
The expert information that has been acquired will be used to develop and
expand the base knowledge. The source of knowledge stated here includes
experts, journals, the Internet, online databases or research reports and
experiments.
7.3.2 Knowledge Base

A knowledge database stores two important things: facts, and rules or heuristic
rules.
(a) Stored facts are information or data in a designated field.
(b) Rules or heuristic rules explain procedures of reasoning used to solve a
certain problem.
Knowledge representation has been earlier discussed. It is a procedure used to

manage knowledge. A knowledge database is quite different from the
conventional database. A knowledge database does not store information like
numbers, texts, logical values and others, as found in a normal database. On the
other hand, it stores concepts and dedicated procedures that need to be done in
order to solve a problem. There are several different methods of storing
knowledge in a database. Some of the methods are predicate calculus, semantic
network, script and mainframe.
Rules Creation
Rules are divided into two operators:
(a) IF, called before (a premise or condition); and
(b) THEN, it is called effect (conclusions or actions).
In general, rules can have a few conditions by relating each condition to the
keywords AND, OR or a combination (AND and OR). On the contrary, it is
better to avoid combining both in one rule.

See the following example that shows how a few conditions are related to AND.
IF<condition 1>
AND<condition 2>


AND<condition n>
THEN<action>
The next example shows how a few conditions are related to AND and OR.
IF<condition 1>
AND<condition 2>
OR<condition 3>
THEN <action>
According to Durkin, rules can represent a relationship, suggestion,

instruction, strategy and heuristics. Look at Table 7.3 to see the example.
Table 7.3: Representation of Rules
Representation Rules
Relationship IF ÂtankÊ is empty
THEN car cannot start
Suggestions IF monsoon season
AND cloudy sky
AND weather station predicted rain
THEN you are advised to bring an umbrella
Instructions IF car cannot start
AND ÂtankÊ is empty
THEN put petrol in the tank
Strategy IF car cannot start
AND ÂtankÊ is empty
THEN put petrol in the tank
Step 1 is done
IF Step 1 is done
AND tank is full
THEN check the car battery
Step 2 is done
Heuristics IF fluid spills
AND pH of the spill < 6
AND smells acidic or sour
THEN the spills is an acetic acid

7.3.3 Inference Engine

The inference engine is the most important component and is considered the
brain of an ES. The inference engine is the knowledge process that is modelled on
the methods of human expert reasoning. It is a process in the Expert System that
pairs the facts stored in the working memory with the knowledge domain that is
stored in the knowledge database, to get the method from the problem. It is also
known as the control structure or the rule interpreter for an ES base rule.
Inference engine is a computer program that drives to the conclusion or

solution and at the same time provides the reasoning methodology for
information stored in the knowledge database.
Inference engine also provides a guideline on using the knowledge in the ES by

developing an agenda that manages and controls the steps needed for solving a
problem during the consultation process executed by the user.
There are two strategies used by the inference engine when making decisions or
conclusions. These strategies are forward and backward chaining.
(a) Forward Chaining Strategy

The inference engine starts reasoning from the facts provided and moves on
until it achieves its decision or conclusion. This strategy is guided by the
provided facts in the memory space and the premises which it can obtain
them from. The inference engine will try to match the required premise (IF)
for all rules in the knowledge database with the facts given, which are in its
memory. If there are several rules that match, the solving procedures will
be used. The inference engine will repeatedly match the rules of the basic
knowledge to the data stored in its memory.
(b) Backward Chaining Strategy

This strategy is the opposite of the forward chaining strategy. It starts from
the decision and moves backward to obtain supporting facts for the
decision made. If there are no matching facts that support the chosen
decision, the decision will be rejected and another decision will be selected.
The process continues until a suitable decision and the facts that support it
are obtained.
The strategy of forward chaining can obtain a decision and produce more
information with fewer questions compared to backward chaining. Thus, it is
always used for large scale and complex ES. However, the weakness in this
approach is the long duration taken for processing. Certain ES developed
employs a combination of both the strategies of chaining, which is called the

mixed chaining.
ACTIVITY 7.2
Search for a few resources (either printed or online) for explanation
regarding the use of strategic forward and backward chaining. In your
opinion, which strategy is more frequently used? You may post your
answer in the online discussion forum.
SELF-CHECK 7.5
Is the inference engine reasoning process the same as your reasoning
process? Which will you use to solve a problem? Can both processes
be used? Discuss.
7.3.4 Explanation Facility

This component acts to help the user understand how an ES reaches a certain
decision or conclusion of the problem that needs to be solved. The user can
obtain the logic or rationale for a certain decision that it makes. This component
is capable of answering questions like:
(a) Why is this question being addressed by the system?
(b) How is a decision made?
(c) On what basis is the decision made?
(d) Why are certain alternatives rejected from being a decision or solution?
For example,
ES : Is the car going to start?

User : Why?
ES : If I know my car will not start, I may assume
that the problem is due to the failure of the
electronic system of the car.
An expert will act based on what he or she can conclude from the answers,
whereas ES responds to the question of WHY by displaying the rules it is
executing.

(a) Explanation of WHY

Apart from providing the final decision, an ES can explain how it comes to
a decision.
Developing a conventional system is done based on the defined problems

but it is not the same for an Expert System. Thus, ES needs a justification
facility to explain to the user all the decisions it makes.
As an example:
ES : The battery of your car has failed.
User of ES : HOW?
ES : It is because your car cannot be started, thus, the system

assumes that the electronic system in your car has failed.
When the system finds that the voltage level is below 10V,
thus it is proven that your car battery has failed.
The ES responds by stepping back to the rules that the system uses to
achieve the decision. Stepping back to the rules is how the Expert System
does the reasoning.
7.3.5 The User Interface

The user communicates with the ES through the user interface. It enables the user
to query the system, input information and receive advice. The ES aims to
provide communication between the system and the user, as if the user were
interacting with the expert. However, the ES is still unable to understand normal
language and general knowledge.
Occasionally, the ES processes language which enables interaction and

communication between the user and ES in a user-friendly manner. When the ES
was first introduced, the ES interface was only text based. However, a language
that was more similar to the human language made communication more
natural. Now, certain ES provides Graphical User Interface like menus and
graphics in the Windows environment.

SELF-CHECK 7.6
In your opinion, what are the differences between a user interface in

an Expert System and in other information systems like MIS?
7.3.6 Working Memory

Another important component in an ES is the working memory. It contains facts
of problems that are happening during the consultation process with the Expert
System. The system will match the information found with the knowledge stored
in the knowledge database to consider the new facts. The conclusion obtained
will be stored in the working memory. Thus, the working memory contains the
information that is supplied by the user, or the reasoning done by the Expert
System itself.
SELF-CHECK 7.7
Compare and contrast the strategic forward chaining and strategic

backward chaining.
7.4 THE EXPERT SYSTEM CHARACTERISTICS

An ES is usually designed to have these characteristics:
(a) The Highest Level of Expertise

This characteristic is most useful. This expertise in an ES comes from the
knowledge and problem-solving steps provided by the best experts in their
own domains. This will lead to efficiency, accuracy and imaginative
problem solving.
(b) Right on Time Reaction

An Expert System must function and interact in a very reasonable period of
time with the user. The total time must be less than the time taken by an
expert to solve the same problem.
(c) Accepting Incorrect Reasoning

This type of application is used when the information used for the solution is
unclear, vague or cannot be obtained and not in a domain that is very clear.

(d) Good Reliability

The Expert System must be reliable and it must be improbable for the
system to make a mistake.
(e) Easily Understood

The Expert System must be able to explain the reasoning steps during the
execution or the inference process for the user to better understand what is
happening. An ES must be able to explain why such actions are taken the
same way an expert would explain the decision he made.
(f) Flexible
Due to the large amount of knowledge possessed by an ES, it is important
for the ES to have an efficient mechanism to administer the compilation of
the existing knowledge in it.
(g) Symbolic Reasoning

The Expert System represents knowledge in symbolic terms by using one
set of symbols that represents all the concepts of the problem in the specific
domain. All the symbols, when combined or paired, will demonstrate a
relationship between the problems. When this relationship is represented in
a programme, they are called structured symbols.
For example,
Statement : Ahmad has a fever.

Rule : IF a person has a fever, THEN take Panadol.
Conclusion : Ahmad takes Panadol.
(h) Heuristic Reasoning

An expert does efficient problem solving by relating to experience as the
basis of reasoning. If the problem encountered is new, then the expert
combines the knowledge and experience to solve the problem.
An example of heuristic reasoning used by an expert:

(i) I will usually check the electronic system first.
(ii) Humans will not usually be infected with flu during summer.
(iii) If I suspect cancer in a patient, I will check the patientÊs family
background first.

(i) Making Mistakes

Since most of the knowledge in the ES database was input by humans, it is
subject to human error. This might happen due to the rules, facts or steps
not being considered or being wrongly input during the process of
knowledge acquiring.
(j) Expanding with Tolerable Difficulties

The problems that an ES needs to solve must be complex and difficult but
at a tolerable level. However, the problem must not be too easy.
(k) Focus Expertise

Most experts are skilful and knowledgeable in their own field only. The ES
must be made to focus on a specific domain and not mix up the knowledge
of two experts from different domains.
Table 7.4 shows the difference between the conventional system and ES.
Table 7.4: The Differences between the Conventional System and the Expert System
Conventional System Expert System

Knowledge and processing are Knowledge database and the processing
combined in one program. mechanism (inference) are two different
components.
Program does not make errors (only The ES program may make a mistake.
programming error).
Usually it will not explain why the data Explanation is part of an ES component.
needs to be input or how the decision is
achieved.
System is operational only when fully An ES can operate with a small number of
developed. rules.
Step-by-step execution according to Execution done logically and heuristically.
fixed algorithms is necessary.
Needs complete and full information. Can operate with sufficient or insufficient
information.
Manipulates a large and effective Manipulates a big and effective database.
database.
Referencing and use of data. Referencing and use of knowledge.
Main objective is efficiency. Main objective is effectiveness.
Easily operated with quantitative data. Easily operated with qualitative data.

SELF-CHECK 7.8
List and describe the three main characteristics of an Expert System.
7.5 EXPERT SYSTEM DEVELOPMENT

An Expert System team must consist of:
(a) A domain expert;
(b) Knowledge engineer; and
(c) User.
Let us look at the team of experts in detail.
(a) Domain Expert

A domain expert is a person who has the knowledge, experience and skills
in a certain field or a particular subject. He should also be able to guide and
possess unique problem-solving methods and is better than the rest in the
field.
Even though an Expert System usually models the expertise of either one or
more experts, an ES also models expertise based on other alternative
sources such as printed material (books, manuals, journals and others). The
prerequisites to be a domain expert are that he must:
(i) Be knowledgeable in a particular field;
(ii) Have skills in solving problems;
(iii) Be competent in presenting knowledge;
(iv) Have time management skills; and
(v) Be cooperative.

(b) Knowledge Engineer

A knowledge engineer is a person who is responsible for creating,
developing and testing the Expert System. The prerequisites to become a
knowledge engineer are that he must:
(i) Have engineering knowledge (the art and science to develop an
Expert System);
(ii) Have good communication skills;
(iii) Be able to match problems with software; and
(iv) Have technical knowledge (programming) in developing an Expert
System.
(c) User
The user is one who uses the Expert System when it has been fully
developed. He or she will help during the knowledge acquiring process by
explaining the problems to the knowledge engineer.
7.5.1 The Software and Tools in Expert System

Development
An Expert System developer can choose three different approaches in developing
an ES, which are:
(a) Using programming language;
(b) Using an Expert System shell; and
(c) Using the tools in an artificial environment.
We shall now discuss these approaches in detail.
(a) The Programming Language

An ES can be developed using a symbolic language such as LISP or
PROLOG, or a conventional higher-level language such as FORTRAN, C
and PASCAL.
(i) LISP
All ES developed in the early days used LISP, or tools written using
the LISP language.

(ii) PROLOG
The ongoing research of artificial intelligence has given birth to the
programming language PROLOG. PROLOG is the acronym for
„Programming in Logic‰. A program using PROLOG can be assumed
to be a knowledge database that stores facts and rules.
(b) Expert System Shell

An Expert System shell is a program used to develop an Expert System. The
Expert System shell executes three main functions:
(i) Helps the programmer build a knowledge database by permitting the
developer to input knowledge in the knowledge representation
structure.
(ii) Provides the procedures for inference or reasoning deductions based
on the information stored in the information database and new facts
input by the user.
(iii) Provides the interface to let the user prepare reasoning tasks and
questions to be queried to the system on strategic reasoning.
(c) The Tools in an Artificial Environment

Compared to the programming language and shell, this tool is extremely
expensive and powerful. The advantage of using this tool is that it provides
a variety in knowledge representation techniques such as rules and frames.
SELF-CHECK 7.9
In your opinion, can the methodology used in developing a

conventional system be applied in developing an Expert System?

7.6 THE ADVANTAGES AND DISADVANTAGES

OF AN EXPERT SYSTEM
There are advantages and disadvantages of an Expert System. They are listed
next.
7.6.1 The Expert System Advantages

ES usage provides many advantages. Some of the advantages are:
(a) Consistency
One of the advantages of an ES is that the results given are consistent. This
might be due to the fact that there are no elements such as exhaustion and
emotions as experienced by humans.
(b) Hazardous Working Environment

Through an ES, we can avoid exposing ourselves to a toxic or radioactive
environment. An ES can take over the place of an expert to handle
problems in a high-risk area such as a nuclear power plant.
(c) Ability to Solve Complex and Difficult Problems

A very difficult problem encountered by an organisation, if not taken
seriously, can cause an adverse impact such as losses or cancellation of a
business deal. Sometimes, the problems need to be attended to quickly. The
problems can become more complicated when individuals or experts
involved in solving them are absent or cannot be contacted. Thus, an ES
serves as an alternative to experts.
(d) Combination of Knowledge and Expertise from Various Sources

As discussed earlier, one of the important components in an ES is the
knowledge base. This component contains the accumulated knowledge and
acquired or transferred expertise from many experts. Thus, an ES is
sometimes more superior than an expert because its knowledge and
expertise have come from many sources.
(e) Training Tool for Trainees

An ES can be used by trainees to learn about the knowledge-based system.
Trainee who uses an ES would be able to observe how an expert solves a
problem.

7.6.2 Disadvantages and Weaknesses of Expert

System
Listed in the following are several weaknesses concerning the use of ES.
(a) Not Widely Used

ES is not widely used in business firms or organisations. Due to limited
usage, firms are still in doubt about the capability and, most definitely, the
high cost involved in investing in an ES.
(b) Difficult to Use

Using an ES is very difficult and learning and mastering it requires a long
time. This discourages managers from using ES. In one aspect, developing
an ES that is user-friendly is the biggest challenge for ES developer.
(c) Limited Scope

This is the most obvious weakness in an ES; its scope is very limited to its
field only. In the development aspect, the ES built is best developed
because of its high accuracy. However, usage-wise, decision makers face
constantly changing problems which involve different fields that are inter-
related.
(d) Probable Decision Error

The main source of the knowledge is experts. Humans make mistakes. If
the experts input wrong information into the Expert System, this will have
a negative impact on the results produced.
(e) Difficult to Maintain

The information in an ES must be constantly updated to solve new
problems. Every new problem that occurs needs new knowledge and
expertise. This means that there must be an ongoing relationship between
the domain experts and the ES developer. This situation requires the
domain experts to update the source of knowledge and expertise to suit the
current situation.
(f) Costly Development

The cost to consult a group of experts is not cheap, what if ES was built
traditionally without involving the use of an Expert System shell? On the
other hand, programming cost is high because the artificial intelligence
technique is difficult to master and needs a very skilful programmer.

(g) Legal and Ethical Dilemma

We must be responsible for our actions and decisions. An expert has to take
responsibility for the information he or she provides. The difficult question
here is who should shoulder the responsibility if a decision suggested by ES
results in a negative outcome.
SELF-CHECK 7.10
The Expert System also has weaknesses and flaws. In your opinion, do
these weaknesses influence the quality of an Expert System?
SELF-CHECK 7.11
1. There are 10 paradigms involved in solving problems using an

Expert System. List five paradigms.
2. State five main factors that distinguish humans from an Expert
System.
3. Define knowledge.
4. State the structural differences between human problem
solving and the Expert System.
5. State the types of rules below. Do the rules below represent
relation, suggestion, instruction, strategy or heuristic?
IF car cannot start

AND‘car voltage’ < 10
AND‘horn’ not functioning
THUS the battery is weak
IF the battery is weak

THENthe solution is to install a new battery

 An Expert System (ES) is a system that mimics the human capability to think
and reason for decision making.
 An ES combines the use of knowledge, facts and reasoning techniques for

decision making.
 An Expert System is built for two main reasons ă to replace an expert or to

help an expert.
 The Expert System is used in various applications in multiple fields and

sectors like medicine, engineering, education, manufacturing, marketing, tax
planning, and many more.
 Knowledge is understanding a subject or domain through theory or practice.
 Knowledge is also the combination and mix of information that is already

known, and knowledge is power. From the expertÊs knowledge, the rules are
formed.
 Rules as knowledge representation consist of two parts - the IF part, called

before (condition or premise), and the THEN part, called effect (conclusion or
action).
 The architecture of an ES is from the knowledge base, inference engine,

explanation facility and knowledge acquisition facility.
 The existence of ES provides positive and negative effects that need to be

considered in the development of an Expert System.

Artificial environment Inference engine

Expert System Knowledge acquisition facility
Expert System shell Knowledge base
Explanation facility Reasoning techniques
Facts Rules
Heuristic

Topic  Functional
Information
8 Systems
LEARNING OUTCOMES
1. Explain the general categories for a Functional Information System;
2. Integrate the correct functional information system for daily use by
the organisation;
3. Explain what is meant by Marketing Information System;
4. Explain what is meant by Manufacturing Information System; and
5. Explain what is meant by Human Resource Information System.
 INTRODUCTION
In the beginning, Functional Information Systems were developed specially for
carrying out specific functions such as a system for the accounts, marketing and
finance departments. These systems were not related to one another. Thus,
information management was not effective in some cases that required a solution
from several system functions.
Consequently, an integration of these systems was developed. For example, this

new system combined the functions for accounts, marketing and finance together
into one system. This was aimed at increasing an organisationÊs productivity,
quality and customer services.
In this topic, we will provide a comprehensive list of the types of information

systems and will focus on several system functions individually, specifically on
marketing, manufacturing and human resources.

158  TOPIC 8 FUNCTIONAL INFORMATION SYSTEMS
8.1 FUNCTIONAL INFORMATION SYSTEMS IN

BRIEF
Other than understanding about the different types of information systems, we
need to learn about the information systems based on their general characteristics
(for all types of information systems).
Information systems that perform specific functions are called functional

information systems (integrated information systems that carry out many
functions in a single system). Now, let us study the different types of information
systems shown in Table 8.1.
Table 8.1: Characteristics of Functional Information Systems
Characteristics of Functional
Examples
Information System
It consists of several subsystems of An attendance system can store and trace
an information system that support attendance records and working hours of
specific functions or activities. workers.
Even though this system focuses on
An accounting information system can be
certain activities, it can be integrated
integrated with the marketing information
with other functional information
system to facilitate transactions and the tasks
systems to form a single system that
between those two departments.
is useful for the organisation.
Functional information systems can
Attendance records, overtime claim records and
interface with others to form a
salary records from different subsystems can be
complete information system for the
integrated to calculate the amount to be paid to
organisation. This is the result of the
employees for the previous month.
integration of the subsystems.
The marketing information system can obtain
This information system can also feedback from the user or the client through
interface with the surroundings. online feedback facilities (like feedback forms in
websites).
A clear picture about the examples of functional information systems can be seen
in Figure 8.1.

TOPIC 8 FUNCTIONAL INFORMATION SYSTEMS  159
Figure 8.1: Functional Information Systems
As can be seen from Figure 8.1, there are five core functions, namely, finance,
accounting, marketing, manufacturing (production) and human resource in an
organisation. Some of the finance and accounting functions have already been
discussed in Transaction Processing System (TPS) earlier; as such, this topic will
focus on marketing, manufacturing and human resource related information
system.
8.2 MARKETING INFORMATION SYSTEM

Marketing was the first functional field that showed great interest in using the
Management Information System, as soon as it was introduced. The marketing
unit restructured the Management Information System to make it compatible
with the marketing field, until it was known as the Marketing Information
System.
Marketing Information System gathers data that explains marketing transactions

in the organisation. These data can be acquired using information technology.
For example, a salesperson at the customerÊs office can store details of the orders
of the customer using a computer or laptop.

In fact, the Internet is capable of automating most information processing

activities for the support and management of sales activities. Interactive
marketing, which involves the use of Internet, Intranet and Extranet, is widely
used and aims to establish two-way interaction between an organisation and its
clients.
Thus, with the rapid development of information technology, gathering

marketing transaction data can be done fast. The gathered data is used to prepare
marketing information in the form of periodic and special reports.
(a) Periodic report: Prepared according to the period. For example, monthly
reports for sales analysis according to product.
(b) Special report: Prepared when something unexpected occurs. The
marketing information prepared by the Accounting Information System in
the form of a sales analysis.
Sales analysis is the study of sales activities in the organisation.
Sales managers must plan, monitor and help increase the performance of sales
staff who market the organisation's products. That is why most organisations
have computer-based Accounting Information System to generate sales analysis
reports that analyse sales by products, customers, types of customers, sales
person, sales area and others. These reports help the marketing manager monitor
the sales performance of products and sales staff. At the same time, it helps
marketing managers prepare programs that would improve sales for the
organisation.
If an organisation does not have a good Accounting Information System, it

cannot give good information to help managers solve marketing problems.
SELF-CHECK 8.1
Based on your understanding, what is meant by Marketing

Information System?

8.2.1 Marketing Principles

Marketing is the functional field responsible for:
(a) Identifying the identity of products (items or services) offered to
consumers;
(b) Identifying effective steps to pricing, planning, advertising, selling and
product distribution;
(c) Creating products and new market for the consumers; and
(d) Anticipating product demands and expected income of the organisation.
The marketing manager in an organisation has multiple resources to conduct

marketing activities. However, his or her main objective is to produce good
marketing strategies using the available resources to market products, ideas and
services offered by the organisation. The marketing strategy, better known as
mixed marketing, consists of a combination of a few important elements like
product, venue and idea.
(a) Product Element: Something bought by the user to fulfil his needs or wants.
The product can be a physical product, service or an idea.
(b) Promotional Element: Involves methods that encourage product sales,
including advertisement and direct sales.
(c) Venue Element: Involves methods to distribute the product to consumers
using the distributing channel.
(d) Pricing Element: Involves the price the customer pays for a product.
In 1966, Professor Philip Kotler (Mcleod, 1998) identified three types of marketing
information related to the collection and processing of marketing information. The
three types of marketing information are displayed in Figure 8.2.

Figure 8.2: Marketing information flow
Kotler states that difficult decisions in marketing activities such as lowering

prices, increasing advertisement expenditure or identifying sales area can be
done through initial evaluation and subsequent evaluation by scientifically
analysing the data obtained.
8.2.2 Marketing Information System Model
Marketing Information System can be defined as a computer-based system

that cooperates with other functional information systems to help the
management of the organisation in solving product marketing.
The Marketing Information System model given by Mcleod [1998] consists of a

combination of input and output subsystems linked by a database. The input
subsystem gathers data and marketing information, and stores them in a
database. The input subsystem consists of the Accounting Information System,
marketing spying subsystem and marketing research subsystem.
The output subsystem will use the stored data to produce information related to
product marketing, promotion, venue and product pricing. The output
subsystem consists of the product subsystem, venue subsystem, promotional
subsystem, pricing subsystem and mixed-integration subsystem. All these
subsystems will be discussed in the following sections. Data stored in the
database can be shared by other functional fields and is not limited to the

marketing unit only. The Marketing Information System model is shown in

Figure 8.3.
Figure 8.3: Marketing Information System
ACTIVITY 8.1
Using all four marketing elements (product, promotion, venue and
price), sketch a graph showing the relationship between each element.
8.3 MANUFACTURING INFORMATION

SYSTEM
Manufacturing Information System supports production functions or operations
that include planning activities and control of the production process of a
product or service. The information system used to manage the operation and
transaction process can help organisations that need to perform planning,
checking and controlling inventory, sales and product and service flow activities.
The Manufacturing Information System's objective is to produce a product that
will satisfy the customer's needs, starting from the raw material by the supplier
to the finished service or product provided to the customer at a minimum cost.
The Manufacturing Information System explains the subsystems which produce

information related to output operation. The approach that has long been used in
managing the manufacturing process is shown in Figure 8.4.

Figure 8.4: Approach in managing process
8.3.1 Material Requirement Planning

In the early 1960s, Joseph Orlicky from the J. I. Case Company introduced an
approach called the Material Requirement Planning (MRP). This approach
anticipated the future by identifying the materials needed, the quantity of
materials needed and the period when the materials are needed. The material
need planning system components is shown in Figure 8.5.

Figure 8.5: The material requirement planning system (McLeod, 1998)
(a) The Production Scheduling System needs four files to prepare the Master
Production Schedule ă the CustomerÊs Order File, Sales Forecast File,
Finished Product Inventory File, and Production Capacity File. The main
production schedule plans the future production by considering the lead-
time factor and the production time.
(b) Material Requirement Planning System decides the quality of materials

needed to manufacture the number of units desired. The input data consists
of the Material Schedule File, the Main Production File and the Raw

Material Inventory File. The things that need to be done are obtaining the
gross requirements and the net requirements of the materials.
Gross requirement is the material requirement needed for

manufacturing scheduled products.
Net requirements are the items that need to be purchased to achieve the
main production schedule. The following are the formulas:
Gross Requirement = Material quantity x The number of units to be

produced
Net Requirement = Gross requirements ă Existing materials
(c) Capacity Requirement Planning System interacts with the Material

Requirement Planning System to ensure the production schedule is suitable
with the factoryÊs capacity. This system produces several output such as:
(i) The planned order schedule (main output);
(ii) Changes towards the planned order;
(iii) Exception report;
(iv) Performance report; and
(v) Planning report.
(d) Order Production System uses the order schedule that has been planned as
input and prints the order production report of which a copy is given to the
procurement department and the shop floor manager.
ACTIVITY 8.2
Do you think that Material Requirement Planning is a proactive
strategy? Discuss.

8.3.2 The Just-in-Time System (JIT)

The JIT is known also as the pull system. It schedules the material flow so that it
arrives at each workstation at precisely the time it is to be used (refer to Figure 8.6).
Figure 8.6: JIT system diagram
The components or items are pulled back to the next production process as soon
as it is ready. The raw material inventory arrives just-in-time to be used by the
factory, whereas the process inventory is completed by a process as soon as it
needs to be used by the next process.
This approach has less or no stored stocks. The JIT system minimises the
inventory cost by producing items in small quantities. The suitable lot size for a
JIT system is 1. This lot size is the number of items to be produced at one time. It
needs good time planning and cooperation from the suppliers.
In forwarding one item to the next production process, when a worker is ready to
receive the next item, he will signal the worker before him to send the item.
Kanban (in Japanese) is like a card or light. The JIT approach does not stress on
the use of computers.

SELF-CHECK 8.2
You have already been exposed to the Reordering Point, Material

Requirement Planning and Manufacturing Material Resource
Planning. In your opinion, what is the importance of Just-in-Time?
8.4 HUMAN RESOURCE MANAGEMENT

SYSTEM
Now, let us shift our discussion to Human Resource Management System.
8.4.1 Human Resources Main Management Activity

The function of human resource management involves processing of information
related to the organisationÊs staff. The aim of the human resource department is
to manage the use of human resources in the organisation better and more
efficiently. Thus, the Human Resources Information System was designed to aid
planning in meeting the staff needs, staff development and control towards staff
policy and programmes.
Most organisations are using computer-based information systems to produce

payslips and staff payment reports, store staff records and analyse the use of staff
in business operations of the organisation. There are four main activities carried
out by the human resource management:
(a) Staff intake and hiring;
(b) Staff education and training;
(c) Staff data management; and
(d) Staff compensation and benefits.
The main activity of the human resource management is shown in Figure 8.7,
which describes staff resource flow in an organisation.

Figure 8.7: Staff resource flow in an organisation
SELF-CHECK 8.3
Why do we need to train the staff of an organisation?
8.4.2 Human Resource Information System Model

The Human Resources Information System model also uses the model suggested
by McLeod (McLeod, 1998). This model consists of three input subsystems, a
database and six output subsystems. The input subsystem consists of the
Accounting Information System, Human Resource Research Subsystem and the
Human Resource Investigation Subsystem. The output subsystem consists of the
workforce planning subsystem, workforce recruitment subsystem, workforce
management subsystem, compensation subsystem, benefit subsystem and the
environment report subsystem. These subsystems will be explained in the
following section.
The database for the Human Resource Information System consists of staff data
and non-staff data. Staff data refers to the storing of data on the organisation's
staff. Non-staff data is the storage of data obtained from the organisation's
environment such as the government, labour union, recruitment agencies and
others.

ACTIVITY 8.3
If you are an employee in an organisation, have you ever wondered why
all your personal information is needed by the organisation? Is the
information stored based on a model that you have learnt about or the
organisation is using a model of its own? Discuss.
Figure 8.8: Human resource information system model (McLeod, 1998)
SELF-CHECK 8.4
How can you relate the Management Information System to the

Human Resource Management? Discuss.

8.4.3 The Human Resource Research Subsystem

This subsystem collects data by handling special research projects as shown in
Table 8.2.
Table 8.2: The Human Resource Special Research Project List
Special Research Project Description

Inheritance Study  Done with the aim to identify eligible staff candidates to
fill a position in the organisation.
 Example: The Chief Financial Officer (CFO) is retiring.
Who is qualified to replace him?
Task Analysis and  To study each task in a field to identify its task scope.
Evaluation
 Identify the knowledge and expertise needed by certain
tasks offered in the organisation.
Complaint Study  Collect all complaints voiced by the organisation's staff.
SELF-CHECK 8.5
What is the function and importance of the research done by the

Human Resource Investigation Subsystem?
8.4.4 Human Resource Intelligence Subsystem

This subsystem gathers data related to human resource which is obtained from
the organisationÊs environment. These elements of the environment provide the
data as shown in Table 8.3.

Table 8.3: The Human Resource Intelligence Subsystem List
 The government gives information that helps the

GovernmentÊs
organisation so that the staff abide by the laws of the
Intelligence
country.
 Example: Insurance companies, recruitment agencies,
SupplierÊs institutions of higher education and others.
Intelligence  Gives information that helps the organisation recruit and
hire workers.
Labour Union's  Gives data and information on managing labour contracts
Intelligence between the organisation and the union.
 Gives information that explains local resources such as
Global Community's housing, education and others.
Intelligence  Used during staff recruitment based on the area
measurement, national and international.
Financial
Community's  Gives economic information used in staff planning.
Intelligence
 Gathers information about the trained and skilled staff in
Competitor's competing companies.
Intelligence  Gathers information on certain employees who have the
potential to be recruited by the organisation.
SELF-CHECK 8.6
What is the difference between human resource research and human

resource intelligence?
8.4.5 Workforce Planning Subsystem

This involves activities that enable the management to identify future staff needs.
Some of the popular applications in workforce planning is the organisation
mapping, salary forecasting, analysis and evaluation of tasks, planning and
modelling the workforce.

ACTIVITY 8.4
Read articles related to workforce planning. List the consequences of
not managing workforce planning properly.
8.4.6 Workforce Recruitment Subsystem

New staff are recruited in the organisation through the staff recruitment
subsystem. This function must be supported by an information system that
records and traces the human resources in the organisation so that staff usage is
maximised. Two applications widely used are the application trace and internal
search.
Internet technology allows an organisation to use recruitment services and

commercial databases to obtain new staff.
8.4.7 Workforce Management Subsystem

The Workforce Management Subsystem is a subsystem that has many
applications but the percentage of usage is low. This subsystem can help the
human resource manager plan and monitor training and development
programmes for staff by analysing the success of the staff programmes
conducted in the future. The manager will also analyse the status of career
development for all staff to determine whether the procedures for staff
development like performance training and evaluation can be carried out. Some
of the applications under this subsystem are performance evaluation, training,
position or title control, relocation, expertise, inheritance and discipline.
8.4.8 Compensation Subsystem

The information system can help analyse the distribution of compensation given
to the organisation's staff and make comparisons with the compensation given by
other organisations that have the same business operations. This information is
useful when planning for staff compensation, especially if it involves legislation
concerning labour union. This subsystem can also help so that compensation
given by the organisation is competitive and just, and at the same time the
compensation cost is under control. Some of the more popular applications are
merit increment, salary payment, executive compensation, bonus incentives and
attendance.

ACTIVITY 8.5
If you are an employee in an organisation, you might have heard
about employees being given compensation due to certain matters.
Have you ever wondered how such compensation is evaluated and
what is the justification for giving that compensation? Discuss.
8.4.9 Benefit Subsystem

This refers to giving package benefits to existing and retiring staff. If the human
resource manager prepares a plan and sets the contribution and benefits that
should be obtained by staff, this will help staff to know about their collected
retiring fund. There are organisations that provide an incentive outline that is
flexible and allows the staff to select the incentives that they want. Among the
applications in this subsystem are permanent contribution, fixed incentive,
incentive statement, flexible incentive, buying of shares and claim processing.
8.4.10 Environment Report Subsystem

Currently, preparing reports to be submitted to government agencies is one of
the main responsibilities of the human resource management. Thus, many
organisations use computer-based information systems to trace the statistics and
produce reports needed by the government. The organisations need to obey the
rules and regulations set by the government. Reports on policies and practices of
the organisation's staff must be submitted to the government. For example,
generation of statistics on staff health, hazards at the workplace, security
procedures and others must be reported to the government. Among the
applications for this subsystem are records of equal opportunities, analysis of
equal opportunities, additional of unions, health records, toxic materials and
complaints.
SELF-CHECK 8.7
Reports have become one main necessity in searching for solutions

to a decision. What is meant by Environment Report?

 Functional information systems cover areas related to finance, accounting,

marketing, manufacturing (production) and human resources.
 Information systems involved in these areas are transaction processing

system, marketing information systems, manufacturing information systems
and human resource information systems. These systems are based on
specific functions, but interlink with each other depending on the
organisational needs.
 Marketing Information System gathers data that is related to marketing field

and explains marketing transactions in the organisation.
 The Manufacturing Information System's objective is to support production

of product or service that will satisfy the customer's needs, starting from the
raw material by the supplier to the finished product or service provided to
the customer.
 The Human Resource Information System involves processing of information

related to the recruitment, placing, evaluation, compensation payment, and
staff development of an organisation.
Functional information systems Just-in-time system

Human Resource Information System Manufacturing Information System
Human Resource Intelligence Marketing Information System
Subsystem
Material Requirement Planning System
Human Resource Research Subsystem

Topic  Security and
9 Social Issues
Related to
Information
System
LEARNING OUTCOMES
1. Explain the importance of information system security;
2. Identify the types of system security threats;
3. Discuss the types of security or control that need to be implemented
in order to face the threats to information technology;
4. Identify social issues faced in information technology usage; and
5. Discuss ethical issues involved in information technology usage.
 INTRODUCTION
Computer systems play a critical role in businesses, government functions and
daily life. Information system can be used for business progress but like other
technologies, it can also be abused to do harm or commit crimes upon
individuals and organisations. Therefore, organisations need to consider special
steps to protect their information systems.
This topic will explain how far information systems can be controlled and
protected so that they can perform tasks accordingly. We will also look at the
social impact and ethical issues that result from the implementation of
information system.

TOPIC 9 SECURITY AND SOCIAL ISSUES RELATED TO INFORMATION SYSTEM  177
9.1 THE IMPORTANCE OF SECURITY

Before the existence of office automation brought by computers, data on
individuals and organisations were stored as paper records which were
distributed to different business units or organisations. Information systems
brought together computer files which could be accessed easily by many people
and groups outside the organisations. Consequently, automated data is more
exposed to deletion, falsification, errors and misuse.
Organisations that depend heavily on computers will suffer great financial losses
or business malfunctions when their computer systems crash or fail to perform
required tasks. The longer the systems are inoperable, the worse the damage.
There are also some businesses which would fail if the computer system cannot
be used for a few days.
What are the resources that need to be controlled or managed from the
perspective of their safety? The resources that need to be protected include:
(a) Raw data;
(b) Information;
(c) Computer hardware;
(d) Peripheral devices that are connected with computer technology;
(e) The information technology used; and
(f) Support software that is used in the information technology unit, like
operating technology.
Let us look at how we can manage information technology safety, firstly, from
the basic concepts and then from the steps that need to be performed practically
today that form the safety control of information technology.
Objectives of System Safety Management
In general, system safety management can be said to be the effort to control access to
technology to ensure the four important objectives are met, which are:
(a) Confidentiality
This is for ensuring that data or information is not exposed to others who are
not supposed to see it. Executive Information System, Company Accounting
System and Human Resource Management are among the systems that are
critical and need to be protected in this regard.

178  TOPIC 9 SECURITY AND SOCIAL ISSUES RELATED TO INFORMATION SYSTEM
(b) Integrity
This is for ensuring that the information stored can be trusted and that the
data as well as the program that manages it is always accurate or functions
like it is supposed to. In other words, it represents the actual technology
capability for each time when access is made.
(c) Availability
This is for ensuring that technology, data and service in this system can be
accessed at all times that they are required by anyone who is allowed
access.
(d) Adherence to the Rules

This is for ensuring that all aspects of operations related to this information
technology follow all the laws, rules, policies, agreements, contracts and
ethical principles used in an organisation.
SELF-CHECK 9.1
Imagine that you are an employee in an organisation. Why would your

personal information be needed by the organisation? Is the information
kept according to the model you are studying? If not, do you think the
organisation uses its own model? Discuss.
9.2 SECURITY AND THE INTERNET

Connecting an organisation's information system to the Internet or channelling
information through the Internet or extranet of an organisation requires an
information system with special security features. A large public network,
including the Internet, is more vulnerable to security threats because it is open to
anybody to hack and when hacked, the impact is adverse. When the Internet
becomes part of the corporate network, the organisation's information system is
exposed to actions by external parties at any time.
A firewall is generally located between the internal LAN and WAN, and external
networks like the Internet. A firewall protects the organisation's internal network
access by acting as a gatekeeper which studies every user's qualification before
they can access the network. A firewall will identify the name, IP address,
application and other traffic features. It checks this information based on the
access regulations which have been programmed into the system by the network
administrator. As you can see in Figure 8.1, a firewall blocks illegal
communication into or out of the network, allowing the organisation to enforce
security policies on the traffic flow between the network and the Internet
(Opptiger, 1997).
Figure 9.1: Firewall
There are two types of firewall technology which are needed:
(a) Proxy
Proxy stops data which starts from outside the organisation at the firewall,
checks the data and discontinues the proxy to other parts of the firewall. If
the external user wants to communicate with an internal user, the external
user will first „talk‰ to the application proxy and the application proxy will
communicate with the internal computers. The internal user will also talk
through proxy to the external computer. As the real order does not go
through the firewall, the proxy is considered to be safer than real checks.
However, they need to do a lot of work and can use a lot of system
resources which makes for unsatisfactory network access.
(b) Real Check

In the real check, the firewall filters all incoming data packets, checks the
sources, destination address or services. Access regulation defined by the
user must identify every type of packet not wanted by the organisation.
Although the real check uses lesser network resources compared to the
proxy, theoretically, it is not safe because some data does manage to pass
through the firewall.
The Cisco system firewall product is an example of a firewall which can stop, but
cannot overall prevent network entrance from the outside, and should be seen as
one element in the overall security plan.

To handle Internet security issues, an organisational procedures and policy scope

must be broad, responsible to users, and aware of the need for security training
(Segev, Pomra and Roldan, 1999).
ACTIVITY 9.1
Find out other details on the functions and usage of a firewall. Discuss
your findings during tutorial.
9.2.1 Security and E-commerce

E-commerce security is a main control issue for companies using this mode of
business. It is vital that the data of the seller and buyer related to commerce be
kept confidential when channelled electronically. Sent data must be protected
from individuals other than the sender, who has decided to make the business
transaction.
Many organisations depend on encryption to protect sensitive information being

channelled through a network. Encryption is coding and mixing the order so as
to protect sent data from being understood by hackers. Orders can be encrypted
by using confidentially numbered codes known as encryption keys so that they
are sent as a pair of numbers which have been mixed up. (The key contains large
groups of letters, numbers and symbols).
To be readable, the order must be decrypted with a suitable key. There are
several encryption standards in existence, including Data Encryption Standard
(DES) which is used by the US government, RSA (Data Security RSA), SSL
(Secured Socket Layer) and S-HTTP (Secured- hypertext transportation protocol).
SSL and S-HTTP are used for traffic-based Web.
There are many alternatives for encryption; however, public key encryption is
popular. Public key encryption uses two different keys, one for public and
another one for private. The keys are related mathematically, so that data
encrypted with one key only can be decrypted with the other key. To send and
receive orders, the communicating parties must first prepare a pair of public and
private keys that are different.
The public key is kept in the directory and the private key is kept secretly. The
sender will encrypt the order with the public key of the receiver. When the order
is received, the recipient will use the private key to decrypt it.

Encryption is useful for protecting orders on the Internet and other public
networks which are less secure than private networks. Encryption helps to
protect sent payment data such as credit card details, enquiries which require
address verification and order integrity. Verification refers to the ability of one
party to know the other party present. In the non-electronic world, we use
signatures.
Banking through mail has prevented the use of signatures on cheques given to
customers through a protected private network, where the source requesting for
payment is recorded and can be proven. Order integrity is the capability to
ensure orders sent arrive without being copied or amended.
Computer security experts are still finding ways involving encryption to

establish digital signatures which are agreed upon and verified. A digital
signature is a digital code which is attached to an order sent electronically and
used to verify the orderÊs content. It provides a method of associating the order
with the sender, performing a similar function as a written signature.
Verification can be enforced by attaching a digital certificate to the electronic

order. The digital certification system uses a trusted third party known as
Certifying Authority to verify a userÊs identity. The Certified Authority system
can be operated as a function in the organisation or by external organisations
such as Verisign Inc. and MIMOS Berhad.
ACTIVITY 9.2
There are many online banking sites that use encryption or digital
certification. Discuss the difference between encryption and digital
certification.
9.3 SYSTEM SECURITY THREATS

System security threats refer to the act or incident that can and will affect
the integrity of an information system, which in turn, affects the reliability
and privacy of business data.

Most organisations are dependent on computer systems to function, and thus

must deal with system security threats. Small enterprises, however, are often
understaffed for basic information technology (IT) functions as well as system
security skills.
Nonetheless, to protect their information system and ensure business continuity,

all organisations must designate an individual or a group with the
responsibilities for system security. Outsourcing system security functions may
be a less expensive alternative for small organisations.
Examples of security threats are as follows:

(a) Viruses, spyware and adware;
(b) Insider Abuse of Internet Access;
(c) Laptop or Mobile Theft;
(d) Denial of Service (DOS);
(e) Unauthorised Access to Information;
(f) Abuse of Wireless Networks;
(g) System Penetration;
(h) Telecom Fraud;
(i) Theft of Proprietary Information;
(j) Financial Fraud;
(k) Misuse of Public Web Applications;
(l) Website Defacement; and
(m) Sabotage.
In the following subtopics, we will look at the security threats faced by

organisations in detail.
9.3.1 Viruses, Spyware and Adware

Here are the details about threats caused by viruses, spyware and adware.
(a) Viruses
A computer virus is a software code that can multiply and propagate itself.
A virus can spread into another computer via e-mail, through the
downloading of files from the Internet, or the opening of a contaminated

file. It is almost impossible to completely protect a network computer from

virus attacks.
Viruses are just one of several programmed threats or malicious codes

(malware) in todayÊs interconnected system environment. Programmed
threats are computer programs that can create a nuisance, alter or damage
data, steal information, or cripple system functions. Programmed threats
include computer viruses, Trojan horses, logic bombs, worms, spam,
spyware, and adware.
According to a study by the University of Maryland, more than 75% of

participants received e-mail spam every day. There are two problems with
spam: employeesÊ waste time reading and deleting spam and it increases
the system overhead to deliver and store junk data. The daily average spam
is 18.5 messages, and the average time spent deleting them all is 2.8
minutes.
(b) Spyware
Spyware is a computer program that secretly gathers the userÊs personal
information and relays it to third parties, such as advertisers. Common
functionalities of spyware include monitoring keystrokes, scanning files,
snooping on other applications such as chat programs or word processors,
installing other spyware programs, reading cookies, changing the default
homepage on the Web browser, and consistently relaying information to the
spyware home base. Unknowing users often install spyware as the result of
visiting a website, clicking on a disguised pop-up window, or downloading a
file from the Internet.
(c) Adware
Adware is a program that can display advertisements such as pop-up
windows or advertising banners on Web pages. A growing number of
software developers offer free trials for their software until users pay to
register. Free-trial users view sponsored advertisements while the software
is being used. Some adware does more than just present advertisements,
however; it can report the usersÊ habits, preferences, or even personal
information to advertisers or other third parties, similar to spyware.
Effective Control of Virus, Adware and Spyware
To protect computer systems against viruses and other programmed threats,

organisations must have effective access controls and install and regularly
update quarantine software. With effective protection against unauthorised
access and by encouraging staff to become defensive computer users, virus

threats can be reduced. Some viruses can infect a computer through operating
system vulnerabilities. It is critical to install system security patches as soon as
they are available.
Fighting against programmed threats is an ongoing and ever-changing battle.

Firewalls and routers should also be installed at the network level to eliminate
threats before they reach the desktop. Anti-adware and anti-spyware software
are signature-based, and organisations are advised to install more than one type
to ensure effective protection. Installing anti-spam software on the server is
important because increased spam results in productivity loss and a waste of
computing resources.
Important considerations for selecting anti-spam software include a systemÊs

effectiveness, impact on mail delivery, ease of use, maintenance, and cost. Many
Internet service providers conveniently reduce spam on their servers before it
reaches subscribers. Additionally, organisations must maintain in-house and off-
site backup copies of corporate data and software so that data and software can
be quickly restored in case of a system failure.
9.3.2 Insider Abuse of Internet Access

The Internet in an organisation is used to increase the organisationÊs
productivity. Unfortunately, it can be abused. For example, e-mail and Internet
connections are available in almost all offices to improve productivity, but
employees may use them for personal reasons, such as online shopping, playing
games, and sending instant messages to friends during work hours.
As preventive control, every organisation should have a written policy regarding

the use of corporate computing facilities. In addition, organisations should
update their monitoring policies periodically, because IT evolves rapidly.
9.3.3 Laptop or Mobile Theft

Because they are relatively expensive, laptops and PDAs have become the targets
of thieves. Besides being expensive, they often contain proprietary corporate
data, access codes to company networks, and sensitive information.
The following suggestions can help minimise the chance of theft when outside
the office:
(a) Never leave a notebook or PDA unattended, including in a car or hotel
room.

(b) Install a physical protection device such as a lock and cable or an alarm.
(c) Put the notebook in a nondescript bag or case.
(d) Install stealth-tracking software.
(e) If a notebook is stolen, automatic logins make it easy for a thief to access
sensitive information. Password protection does not deter a theft, but it
does make it more difficult for thieves to use the stored information.
Biometric security, such as the fingerprint readers, is even better.
(f) Back up data regularly, or install a desktop, notebook or PDA sync
program.
9.3.4 Denial of Service (DoS)

A denial of service (DoS) attack is specifically designed to interrupt normal
system functions and affect legitimate usersÊ access to the system. Hostile users
send a flood of fake requests to a server, overwhelming it and making a
connection between the server and legitimate clients difficult or impossible to
establish. The distributed denial of service (DDoS) allows the hacker to launch a
massive, coordinated attack from thousands of hijacked (zombie) computers
remotely controlled by the hacker.
A massive DDoS attack can paralyse a network system and bring down giant
websites. Unfortunately, any computer system can be a hackerÊs target as long as
it is connected to the Internet. DoS attacks can result in significant server
downtime and financial loss for many organisations, but the controls to mitigate
the risk are very technical. Organisations should evaluate their potential
exposure to DoS attacks and determine the extent of control or protection they
can afford.
9.3.5 Unauthorised Access to Information

To control unauthorised access to information, access controls, including
passwords and a controlled environment, are necessary. Computers installed in a
public area, such as a conference room or reception area, can create serious
threats and should be avoided if possible. Any computer in a public area must be
equipped with a physical protection device to control access when there is no
business need. The LAN should be in a controlled environment accessed by
authorised employees only. Employees should be allowed to access only the data
necessary for them to perform their jobs.

SELF-CHECK 9.2
What is the difference between insider abuse of Internet access and

unauthorised access to information?
9.3.6 Abuse of Wireless Networks

Wireless networks offer the advantage of convenience and flexibility, but system
security can be a big issue. Attackers do not need to have physical access to the
network. Attackers can take their time cracking the passwords and reading the
network data without leaving a trace. One option to prevent an attack is to use
one of several encryption standards that can be built into wireless network
devices. One example, wired equivalent privacy (WEP) encryption can be
effective at stopping amateur snoopers, but it is not sophisticated enough to foil
determined hackers. Consequently, any sensitive information transmitted over
wireless networks should be encrypted at the data level as if it were being sent
over a public network.
9.3.7 System Penetration

Hackers penetrate systems illegally to steal information, modify data, or harm
the system. The following factors are related to system penetration:
(a) System holes: the design deficiency of operating systems or application
systems that allow hijacking, security bypass, data manipulation, privilege
escalation, and system access.
(b) Port scanning: a hacking technique used to check TCP/IP ports to reveal
the services that are available and to identify the weaknesses of a computer
or network system in order to exploit them.
(c) Network sniffing: a hardware and software program to collect network
(traffic) data in order to decipher passwords with password-cracking
software, which may result in unauthorised access to a network system.
(d) IP spoofing: a technique used to gain unauthorised access to computers,
whereby hackers send messages to a computer with a deceived IP address
as if it were coming from a trusted host.
(e) Back door/trap door: a hole in the security of a computer system
deliberately left in place by designers or maintainers.
(f) Tunnelling: a method for circumventing a firewall by hiding a message that
would be rejected by the firewall inside another acceptable message.
Organisations can use software tools or system-penetration testing to scan the

system and assess the systemsÊ susceptibility and the effectiveness of any
countermeasures in place. The testing techniques must be updated regularly to
detect ever-changing threats and vulnerabilities. Other controls to counter
system penetration are as follows:
(a) Install anti-sniffer software to scan the networks; use encryption to counter
data-sniffing threats;
(b) Install all the server patches released by vendors. Servers have incorporated
numerous security measures to prevent IP spoofing attacks;
(c) Install a network firewall so that internal addresses are not revealed
externally;
(d) Establish a good system-development policy to guard against a back
door/trap door; remove the back door as soon as the new system
development is completed; and
(e) Design security and audit capabilities to cover all user levels.
9.3.8 Telecom Fraud

In the past, telecom fraud involved the fraudulent use of telecommunication
(telephone) facilities. Intruders often hacked into a companyÊs private branch
exchange (PBX) and administration or maintenance port for personal gains,
including free long-distance calls, stealing (changing) information in voicemail
boxes, diverting calls illegally, wiretapping, and eavesdropping.
As analogue and digital data communications have converged, some

organisations have utilised the Voice over Internet Protocol (VOIP) to lower
phone bills. The originating and receiving phone numbers are converted to IP
addresses and the PBX is linked to a companyÊs networked computers, and
hackers can get into systems through the PBX or computerised branch exchange
(CBX). In addition, every PBX/CBX system is equipped with a software program
that makes it vulnerable to remote-access fraud, and intruders use sophisticated
software to find an easy target. Once a PBX is hacked, hackers have the same
access to a companyÊs phone system and computer network as do the employees.
Organisations should install software to monitor service usage at various points

on the network, including the VOIP gatekeeper, VOIP media controller, and
broadcast server. The software can monitor the system packet performance and
the router applications on the converged network. The software can also
automatically alert the responsible person if any abnormal activities have been
detected.

9.3.9 Theft of Proprietary Information

Information is a commodity in the e-commerce era, and there are always buyers
for sensitive information, including customer data, credit card information, and
trade secrets. Data theft by an insider is common when access controls are not
implemented. Outside hackers can also use „Trojan‰ viruses to steal information
from unprotected systems. Beyond installing firewall and anti-virus software to
secure systems, a company should encrypt all its important data.
Access privilege and data encryption are good preventive controls against data theft
by unauthorised employees who steal for personal gain. The access controls include
the traditional passwords, smart-card security, and more-sophisticated biometric
security devices. Organisations can implement some appropriate controls, including
limiting access to proprietary information to authorised employees, controlling
access where proprietary information is available, and conducting background
checks on employees who will have access to proprietary information. There will,
however, always be some risk that authorised employees will misuse data they have
access to in the course of their work. Organisations can also work with an
experienced intellectual property attorney, and require employees to sign non-
compete and nondisclosure agreements.
9.3.10 Financial Fraud

The nature of financial fraud has changed over the years with information
technology. System-based financial fraud includes scam e-mail, identity theft and
fraudulent transactions. With spam, con artists can send scam e-mail to
thousands of people in hours. Victims of the so-called 419 scam are often
promised a lottery winning or a large sum of unclaimed money sitting in an
offshore bank account, but they must pay a „fee‰ first to get their shares.
Phishing is a form of identity theft. Spam is sent claiming to be from an

individualÊs bank or credit union or a reputable e-commerce organisation. The e-
mail urges the recipient to click on a link to update their personal data. The link
takes the victim to a fake website designed to elicit personal or financial
information and transmit it to the criminals.
A user should never give out credit card numbers, PINs, or any personal
information in response to unsolicited e-mail. Instead of clicking a link in a
suspicious e-mail, call the office or use a URL that is legitimate to verify an e-mail
that claims to be from a bank or financial institution. When submitting sensitive
financial and personal information over the Internet, make sure the server uses

the Secure Sockets Layer protocol (the URL should be https:// instead of the
typical http://).
9.3.11 Misuse of Public Web Applications

The nature of e-commerce·convenience and flexibility·makes Web
applications vulnerable and easily abused. Hackers can circumvent traditional
network firewalls and intrusion-prevention systems and attack web applications
directly. They can inject commands into databases via the web application user
interfaces and secretly steal data, such as customer and credit card information.
User authentication is the foundation of Web application security, and inadequate

authentication may make applications vulnerable. Organisations must install a Web
application firewall to ensure that all security policies are closely followed. The
following additional controls can mitigate Web application abuses:
(a) Installing security patches promptly;
(b) Using a Web application scanner to discover any vulnerability;
(c) Monitoring the server and applications to identify any potential problems
and terminate malicious requests; and
(d) Hiding information that end users do not need to know, including the
server machine type and the operating system.
9.3.12 Website Defacement

Website defacement is the sabotage of web pages by hackers inserting or altering
information. The altered web pages may mislead unknowing users and represent
negative publicity that could affect a companyÊs image and credibility. Web
defacement is in essence a system attack, and the attackers often take advantage
of undisclosed system vulnerabilities or unpatched systems.
Network firewalls cannot guard against all web vulnerabilities. Organisations

should install additional Web application security to counter the defacement risk.
All known vulnerabilities must be patched to prevent unauthorised remote
command execution and privilege escalation. It is also important that only a few
authorised users are allowed route access to a websiteÊs contents. Access to
different Web server resources, such as executables, processes, data files, and
configuration files, should be monitored. Commercial website monitoring
services are also available.

9.3.13 Sabotage
System security crimes are committed by insiders as much as by outsiders. Some
of the controls discussed above can provide protection against the sabotages
committed by outsiders, but no organisation is immune from an employee
abusing its trust. When it comes to security, organisations often pay attention
only to the parameter of the organisation, and not the inside. Sabotage by
insiders is often orchestrated when employees know their termination is coming.
In some cases, disgruntled employees are still able to gain access after being
terminated. Another potential threat of unauthorised use is when employees quit
or are terminated but there is no coordination between the personnel department
and the computer centre. In some cases, employees still have system access and
an e-mail account after they have left an organisation. It is also not unusual that
employees know the user IDs and passwords of their colleagues
9.4 SOCIAL ISSUES IN INFORMATION

TECHNOLOGY USAGE
The introduction of information systems and information technology in various
aspects of daily life of society has impacted society in so many ways. In the
following sections, we will look at several social issues that have emerged
following the use of information technology.
9.4.1 Threats to Jobs

Many types of jobs which were previously performed by humans are now done
by computer systems or machines. Computers have replaced clerks and other
workers. For example, with the use of an Executive Information System (EIS),
management can produce executive reports straight from the system for analysis.
Previously, this task had to be performed by several clerks or workers. This
situation has led to rising unemployment.
Even though computer usage has reduced the number of jobs, it has also
contributed new positions related to the use of computer systems, such as chief
information officer and other related positions. In brief, it can be said that the
introduction of computers has removed the positions which entailed repetitious
tasks and added job titles that require more skills and intellect. These new
positions are filled by people known as knowledge workers.

9.4.2 Human Relations

There are complaints that the introduction of the computer system has caused
relationships between individuals to deteriorate. This is because some operations
which previously required human contact are now performed autonomously by
computers. A computer system does not consider human feelings or logic in
performing the tasks that have been programmed into it, unlike humans. Tasks
like bill payments, for example, may make companies appear to be profit driven
and impersonal, since the system allows no flexibility.
9.4.3 Health Issues

Computer use to perform work in the office can also give rise to new problems, such
as work stress, strain to neck muscles, the back or spine, and the shoulders. Constant
exposure to radiation from the computer screen can also cause damage to the eyes.
In addition to this, monitoring computer use by workers can also be said to create
excess stress to the worker which may lead to many health related problems.
9.4.4 Threats to Personal Rights (Privacy)

The capability of the computer system to store, process and distribute data is one
of the advantages that can facilitate and increase the efficiency of many tasks.
However, this capability can also infringe on personal rights as confidential
information can be compromised.
Owing to todayÊs advanced technology, a user surfing the Internet and entering a
website may have his personal information captured without his consent. Private
user information that is stored in institutional computer systems like credit
information and family details face the threat of the information being exposed or
wrongly used. From another perspective, there are certain institutions that monitor
the use of computers by their workers without the workers being aware of it.
ACTIVITY 9.3
Information technology has caused a decrease in the number of jobs with

the introduction of automation. Think of an opposite argument, that is,
how does the introduction of the Internet reduce unemployment?

9.5 ETHICAL ISSUES

From the language perspective, ethics can be defined as the right or wrong
principles held by an individual and they act as a moral agent that is a guide for
determining the behaviour code of mankind.
Ethics is a branch of philosophy related to ascertaining right or wrong. The use of

information technology and information systems today has given rise to new
ethical issues which were non-existent prior to the introduction of computers.
What is right and what is wrong in the use of information systems and information
technology? This is the basic question that we will address in this section. The
value system that decides the right and wrong of using information technology
forms that which we know as the ethical code of information technology.
9.5.1 Ethical Issues in Information Technology

What are the forms of new ethical issues that have emerged through the use of
information technology? Today, information technology has realised many
things that were not considered previously. Computer network technology can
transfer information quickly all over the world in a matter of minutes at minimal
cost. In this situation, the question of the type of information, which should be
distributed and that which should not be distributed becomes an issue. For
example, a type of information considered immoral in one culture may not be
considered as such in another culture. In another scenario, the use of certain
types of software that can monitor the use of information technology by users
who are connected to the Internet may compromise their private information.
Should the right to monitor be given to the authorities and to what extent should
they be allowed to do so? This polemic has opened up debate on the societyÊs
value systems, resulting in the need for organisations to have a code of ethics in
the use of information technology.
9.5.2 Basic Framework of Information Technology

Ethics
Many organisations or institutions that use information technology have outlined
their own code of ethics as a guideline for their members or employees in the use
of information technology. This code of ethics will be used in deciding whether or
not a certain type of behaviour is right or wrong from the perspective of
information technology use within the organisation or institution. You may need
to form the code of ethics for information technology use in your organisation
some time in the future. Let us decide what should be stated in that code of ethics.
You as a user of information technology should be a responsible end user. The

Association of Information Technology Professionals (AITP) has drawn up
several guidelines for a code of ethics for information technology officers, which
are as follows:
(a) Act with integrity ă be trustworthy, reliable;
(b) Increase professionalism in your field;
(c) Place high standards for your achievements;
(d) Be responsible for your job; and
(e) Be concerned about health, privacy as well as general service to the public.
ACTIVITY 9.4
The trend in the development of information technology has given rise

to several questions regarding ethical issues. Relate how this
information technology trend can give rise to those issues.
 Business operations can be disrupted by many information system threat

factors, including breach of system security.
 System downtime, system penetrations, theft of computing resources, and

lost productivity have rapidly become critical system security issues.
 The financial loss from these security breaches can be significant. In addition,
system security breaches often taint a companyÊs image and may compromise
a companyÊs compliance with applicable laws and regulations.
 The key to protecting an organisationÊs information system against security

breaches is to be well prepared for all possible major threats. A combination
of preventive and detective controls can prevent security threats.
 The use of information technology has social effects. Therefore, it is necessary

to plan the use of information technology in an organisation or the society in
order to gain maximum positive results and avoid its negative effects.
 The use of information technology also leads to the basic issue of the code of
information technology ethics that must be adhered to.

Ethical issues in IT System Safety Management

Firewall System security threats
Information system security Unauthorised Access
Social issues in IT Virus

Topic  Development
10 and Quality
Issues Related to
Information
System
LEARNING OUTCOMES
1. Identify the phases in information system development;
2. Discuss Capability Maturity Model (CMM), which is used as a
standard for software development;
3. Assess whether a system is a success or otherwise;
4. Analyse the four main factors that cause the failure of a system; and
5. Propose a suitable strategy to manage the information system
implementation process.
 INTRODUCTION
Information technology is widely used in organisations, but does the use of
information technology guarantee higher returns? The answer depends on
whether the use of information technology has clear goals. This is because
comprehensive planning will guarantee positive results.

196  TOPIC 10 DEVELOPMENT AND QUALITY ISSUES
RELATED TO INFORMATION SYSTEM
In this topic, we will look at the development of an information system using the
System Development Life Cycle (SDLC), which is very popular. We will also
discuss one of the main standards used in information system, which is the
Capability Maturity Model (CMM). The aim of using these standards is to ensure
the quality of the system developed, particularly so that the software complies
with software development requirements. In this topic, we will also look at the
important aspects in implementing information technology, starting with the
introduction to the problems that may arise, the sources of these problems, and
how to measure the success of the implementation. Then, we will discuss the
steps of the implementation of a planned information technology project to
ensure that maximum returns are achieved.
10.1 INFORMATION SYSTEMS DEVELOPMENT

An information system built for a certain organisation normally includes various
functionalities which need a detailed and systematic development plan. Every
single system in the information system has a life cycle which consists of initial
and end phases. This cycle is known as the System Development Life Cycle
(SDLC), which is for planning and managing a system development process.
SDLC is a complete process for developing information systems, which begins

with the initial investigation phase and ends with the operations and support
phase. SDLC begins with a request for a new system, or an upgrade of an
existing system to fulfil the needs of the business.
SDLC comprises the following phases: planning (investigation), analysis, design,

implementation (includes development such as programming and testing) and
maintenance. The SDLC is illustrated in Figure 10.1.

TOPIC 10 DEVELOPMENT AND QUALITY ISSUES  197
Figure 10.1: System Development Life Cycle
Let us now discuss each stage in the System Development Life Cycle.
10.1.1 Investigation
An important task in this phase is early studies to identify whether the system
that will be developed is actually suitable and can fulfil user requirements. They
will identify the resource needs, cost, benefits that will be obtained, and success
factors of the system to be developed.
10.1.2 Analysis
The analysis phase will only be performed after an agreement to develop a new
system is achieved in the investigation phase. In this phase, a study is conducted
to understand the business problems that the organisation plans to solve using
an information system.
SELF-CHECK 10.1
Identify the difference between the investigation and analysis phase.

10.1.3 Design
Designing is the next step after the problem analysis. The main function of this
phase is to clarify how the system can carry out the task of solving the problem.
System design is divided into two parts, namely, the logical system design and
physical system design.
(a) Logical System Design Specification

(i) Explains the tasks that the system will perform.
(ii) Abstract type specification.
(iii) Includes the designs for input, output, process, database,
telecommunications, control, security and tasks of the information system.
(b) Physical System Design Specification

(i) Explains the function that the system will perform.
(ii) Actual physical specification.
(iii) Includes the design of hardware, software, database,
telecommunications and procedure.
After the design specifications are agreed upon by all parties involved and an
agreement is signed, no further changes are permitted.
10.1.4 Programming
Once a suitable design has been identified, programming will be carried out to
translate the system design specification prepared by the system analyst into a
programming code. The selection of a suitable programming language is made
according to the requirements of the system.
The task of writing the programming code is performed by the programmer. It

may be carried out by more than one person depending on the complexity of the
system that is being developed. The system will be divided into several modules
before they are combined in the final phase of programming.
SELF-CHECK 10.2
1. What are the two parts of designing a system?

2. What is the end result of the programming phase?

10.1.5 Testing
The testing phase is performed to identify if there are any mistakes (errors) in the
programming that has been developed. There are two types of errors, which are:
(a) Syntax error:

Normally easy to detect, like missing commas and wrong spelling.
(b) Logical error:

(i) This is an error in the processing that will cause an error in the result
produced.
(ii) Quite difficult to detect.
The process of testing will be performed in stages. Normally in programming,

the system will be divided into several modules. Tests will be performed on each
module. After completion, testing on the whole system is carried out to ensure
that the following features run smoothly:
(a) Integration of interfaces for every module;
(b) The system functions on the required platform;
(c) The system can support the capacity of data that is required; and
(d) The system fulfils user needs.
10.1.6 Implementation
If the testing phase occurs without problems, this means that the system is ready
to be used. The next step is to make the required preparation to deploy this new
system. In other words, this is the process of changing the old system to the new
system. Four strategies can be used for the changes:
(a) The old and new systems are used simultaneously, in parallel;
(b) The old system is completely replaced with the new system;
(c) The new system will only be used at several departments first for a period
(before expanding to other departments);
(d) The new system will be implemented in stages (for example, all
departments will have to use the new system for a specific function first, i.e.
budget, then expand to other functions like staff leave application, tasks
scheduling, etc).

10.1.7 Maintenance
This new system that is in operation will be studied again after a certain period.
This is to ensure that the user objectives are still being met. The process of
maintenance needs to be performed to ensure that there are no major problems
during the lifetime of that system. Maintenance is carried out by re-testing the
program and modifying the system so that it is in line with the changes that
occur in the organisation or business. This process is made without adding to the
functions of the system.
There are also maintenance procedures that have to be added to the system
functions. This process is performed by adding new features without disturbing
the operation of the system.
10.2 CONCEPT OF QUALITY IN INFORMATION

SYSTEMS
Quality can be defined as an overall feature and characteristic of products and
services which fulfil the requirements of the consumer. Many standards have
been developed by organisations to benchmark and evaluate their products and
services. Similarly, standards have also been set for the software engineering
industry which includes information systems. One of the standards is known as
the Capability Maturity Model (CMM).
10.2.1 Capability Maturity Model

The Capability Maturity Model (CMM) is a model to evaluate the maturity of the
software development process in organisations. The model helps organisations
identify the main practices needed to enhance the maturity of the processes.
The CMM was developed by the Software Engineering Institute (SEI) University
of Carnegie Mellon in Pittsburgh. The model gave schematic pictorial
classification of software development based on the capability of the
organisations. The model comprises five maturity levels which differ from one
software development organisation to another.
The CMM has been the de facto standard in evaluating and rectifying software
development processes. The model helps in establishing a modelling method and
evaluating the maturity of software development processes in organisations.

The CMM is designed to help both development organisations and customers

(government organisations or companies which acquire software). Software
organisations need to understand the quality of their software process and how
to improve it. Organisations contracting for software need ways to evaluate a
potential contractorÊs capability to carry out the work.
The CMM has four intended functions to help organisations improve their
software process capabilities:
(a) Identify improvements;
(b) Identify risks in selecting contractors;
(c) Implement a process improvement program; and
(d) Guide the definition and development of the software process.
10.2.2 The Five Levels in the CMM Model

Every level has its own important process which will be implemented for
product and software quality assurance. There are five maturity levels for the
CMM as can be seen in Figure 10.2:
Figure 10.2: CMM levels

Source: http://www.sei.cmu.edu

The model describes the principles and practices contained within and which
serves to help organisations strengthen the maturity of software development
processes from start until completion.
Each maturity level provides a layer in the foundation for continuous process
improvement. Each key process area comprises a set of goals that, when satisfied,
stabilise an important component of the software process. Achieving each level
of the maturity model institutionalises a different component in the software
process, resulting in an overall increase in the process capability of the
organisation.
ACTIVITY 10.1
Search for online resources related to the CMM and find more details
regarding each level of CMM. Compile your answer and compare it
with your coursemates.
10.3 INFORMATION SYSTEM FAILURES

An information system that has been developed may still be viewed as a failure.
This failure may be due to the weakness in implementation during the
information system development process or shortcomings in the management of
information technology after the system has been developed.
There are situations where already developed systems are not used as planned.
How do these happen? They occur because the system produced is not user-
friendly or the data obtained is not reliable.
10.3.1 Problematic Areas in Information Systems

A system is said to be a failure when the design fails to fulfil the needs of the
organisation or fails to enhance the achievements of the organisation. Even
though the system is able to produce the required output, the output or
information may not be produced within the given time frame, or it is not in the
form required. Furthermore, a system may have all the features as expected, but
only lacks user-friendly interface. This would mean that the system is difficult to
use, annoying, slow and the validity of the data entry is difficult to confirm.

A system also fails when problems are related to the data received by the system
as input crop up. If the data is inaccurate or inconsistent, wrong, ambiguous, or
cannot be accessed, then we can conclude that the system has failed. In some
situations, the profit gained from using the system does not justify the high cost
that has been invested in it. Besides that, system failure can surface as a result of
operational problems, such as the system always breaks down and does not run
smoothly, causes delays in producing an output, and generates slow feedback.
ACTIVITY 10.2
Which of the system failure problems mentioned earlier is the most
serious? Justify your answer.
10.3.2 Evaluating System Success

How can the success of the implementation of an information system in an
organisation be measured? Evaluating whether the system is a success or a
failure is very subjective because people have different opinions, beliefs, values
and views about everything in this world. One individual may view a system a
success while another may see it as failure. To make matters worse, the end user
and the organisation may also have different evaluations. What is liked by the
user in an information system may not be favoured by the organisation as the
system may not be able to increase its performance.
Nevertheless, someone should invent a mechanism for measuring the success of

a system implemented. Perhaps this machine can help identify which aspects of
the system need to be improved. Figure 10.3 shows that we can measure the
success of a system using the following five criteria:

Figure 10.3: Measurement criteria for the success of a system

SELF-CHECK 10.3
Discuss the five criteria for measuring the success of a system.
10.4 REASONS FOR SUCCESS OR FAILURE OF

INFORMATION SYSTEMS
How is an information system first used in an organisation? In the previous unit,
we listed the reasons that can initiate system development. We can conclude that
the initiation of system development can be influenced by external pressure
(pressure from the environment) or internal pressure (pressure from within the
organisation) or a combination of both factors.
Not all information systems built are successful in achieving their goals. Research
has shown that many developed information systems do not fulfil the needs of
an organisation. The point to learn from this is that the development and
management of the system must be made with a clear understanding and based
on the consideration of the experience of previous implementations.
10.4.1 Reasons for Success and Failure

From earlier discussions, it can be said that it is quite difficult to create a specific
formula to guarantee the success of a system. However, there are some factors
that have great impact on the success of the information system implemented in
an organisation, as summarised in Figure 10.4.

Figure 10.4: Factors that affect the success of information system implementation
The following is the explanation of the factors illustrated in Figure 10.4:
(a) Role of User in Implementation Process

The lack of user involvement in the development of a system usually has a
negative impact on the output produced. The end user is the most
knowledgeable person in the field, task or job that involves him. He knows
better the aspects that have to be given priority or those that will give rise
to most of the problems.
Nevertheless, the views of the end user still have to be clarified with regard
to the scope because the end user has only limited knowledge about the
whole organisation. He may know about the processes that are closely
related to his work, but is less familiar with the overall problems faced by
the organisation. Another advantage of involving the end user is his
readiness in accepting change. If he is involved from the early stages, at
least he will be aware of the changes that will take place and will be able to
take steps to prepare for these changes.
In addition, a problem that usually arises is the large communication gap

between the system developers and their clients. They speak different
languages as they are influenced by their backgrounds which creates
misunderstanding between them (one party will interpret what is said by
the other party according to the first partyÊs understanding, which clearly is
not what is meant by the second party). In solving a problem, the system
developers may tend to use machines, techniques or certain formulas, while

the customers or users are more oriented towards solving business

problems which would facilitate their work in the organisation. This
communication gap can cause the specifications requested by the users to
be omitted from the system that is to be built.
Sometimes the project being implemented is very big and takes a long time to
complete. The continuous involvement of users would affect their daily work.
ACTIVITY 10.3
What may happen if the user is not involved at the early stage in the
system development process? In your view, is this a serious problem?
(b) Support and Commitment from the Management

A lesson to be learnt from the success of certain organisations in benefiting
from the use of information technology is the huge amount of support from
the management (from the highest to middle levels of management) and
the end users in the information system implementation and technology
management in the organisations. Failure often results when the system
that is being developed is abandoned because management has not given it
their support ă because they are not ready to invest in it. Without this
commitment, the management will not be able to benefit from the
information system that can enhance the organisationÊs business processes.
In other words, the involvement of all the parties concerned in the
establishment of a certain technological structure is of utmost importance in
the planning and management of information technology in organisational
activities.
(c) Level of Complexity and Project Risks

The process of developing a system is not only complex but risky. Mega
projects involving substantial organisational changes like business process
reengineering (BPR) and enterprise resource planning (ERP) have a large
potential of experiencing failure as they sometimes cannot be completed in
the prescribed amount of time.
What are the factors that can determine the level of risk and complexity of
an information system development project? According to researchers in
this field there are three main dimensions that influence the level of risk of
an information system development project. They are:
(a) Project size;

(b) Project structure; and

(c) Level of technical experience of system developers.
Mistakes often occur in estimating the level and size of projects because of
the lack of experience or incomplete studies done on the matter.
(d) Quality of Management in Implementation Process

Inefficient management of the implementation process will result in the
actual cost rising above the estimated cost, failure to meet the deadline,
technical errors that result in a lower level of achievement from that
expected failure to achieve estimated profit and other negative outcomes.
ACTIVITY 10.4
Have you come across any information system development projects

in your country that have been abandoned? If yes, could you identify
what was the cause.
10.4.2 Development Process – What Can Possibly Go

Wrong?
Now, let us do a step-by-step review of the five out of seven processes of
information system development (analysis, design, programming, testing and
implementation phases) and take note of the mistakes that may occur in each of
these steps.
(a) Analysis Phase

During this phase, mistakes may occur in several forms, such as:
(i) Not enough attention is given to understanding the problem
correctly;
(ii) The new system specification is produced without careful
deliberation of the whole system that is in use; and
(iii) The user does not give full cooperation to the project team. The team
fails to collect the actual information about the problems that need to
be solved because information is lacking.

(b) Design Phase

Mistakes that may occur include the following:
(i) The end user is not involved in giving input during the design phase.
Therefore, the design that is produced reflects the view of the
technical worker;
(ii) The design does not suit the structure, culture as well as the activities
of the organisation and it may not follow the priorities of the
management;
(iii) Another situation that may occur is a weak design which means that
the design produced is not prepared for future use, and it may be
developed simply to fulfil current needs; and
(iv) Failure to prepare the complete design documentation of the
functions that have been built.
(c) Programming Phase

The mistakes that may occur are:
(i) Lack of time estimated and the cost that is needed to develop the
system;
(ii) The programmers are at times not given the full specifications;
(iii) The written program may be difficult to modify or maintain because
it does not fully utilise the benefits provided in the structured
programming technique or the object oriented programming
technique; and
(iv) The program documentation prepared is not comprehensive.
(d) Testing Phase

The mistakes that may occur include the following:
(i) The project team does not formulate an organised testing plan;
(ii) The estimation of cost and time that is allocated to testing is not
sufficient; and
(iii) The user is not sufficiently involved.
(e) Implementation Phase

The mistakes that may occur include:
(i) The system documentation and user documentation are incomplete;
(ii) The maintenance of the system is inadequate;

(iii) Evaluation of the achievement of the system is not performed; and

(iv) Owing to the pressures of the allocated cost and time, the system that
is produced is used straight away even though it may not be
completed fully.
SELF-CHECK 10.4
Discuss in detail the four factors that influence the success of an

information system implementation.
10.5 MANAGING THE IMPLEMENTATION OF

INFORMATION SYSTEMS
Let us now move on to the aspect of information system management.
10.5.1 Controlling Risk Factors

All implemented projects cannot avoid from facing risks. In the case of
information system implementation, we can use appropriate strategies to
minimise the level of risk faced.
Some of the strategies include the use of the correct project management
techniques adapted according to the project to be implemented. In general, we
can categorise these project management techniques into three types as indicated
in Figure 10.5.

Figure 10.5: Project management techniques
One important strategy is to ensure that there is a high level of user acceptance of
the system. Many studies have been conducted on the attitudes of people in
general towards accepting any changes. The management should not be tight
fisted in paying the estimated cost to address this issue. Activities like training
for the user, user education, improving the quality of the user interface, and
encouraging the involvement of the user can all be undertaken to ÂtameÊ the user.
10.5.2 Strategies for Overcoming the Mistakes in

Development Process
It is important for the system designer to give full attention to the overall needs
of the organisation in the production of the design. Some examples include the
involvement and cooperation of workers, work design, monitoring of standards
and performance, ergonomic perspective (interaction between man and machine
in the work environment, including work design, health issues and user
interface), procedures to overcome user resistance, health and safety, and
conformity with government requirements.

It will be more beneficial if the designers can produce an information system that
can integrate the technical expertise while considering the needs of the
organisation and those of the workers.
 The System Development Life Cycle (SDLC) is divided into seven main
phases, namely, investigation, analysis, design, programming, testing,
implementation and maintenance.
 At the end of each phase, the result that is obtained will help in the following
phase. The SDLC will continue to turn in line with the lifetime of a system.
 Quality plays an important role in guaranteeing that products and services

fulfil the criteria fixed by the organisation; for example a software
development project should be completed on time and the product
developed should function perfectly.
 The Capability Maturity Model (CMM), which consists of five levels ă Initial,
Repeatable, Defined, Managed and Optimising ă is used to evaluate the
maturity of the software development process in organisations.
 In developing information systems, problems may emerge in either the

development stage or system management.
 It is important to begin the system development with a clear understanding

of the requirements of the system and the allowance of sufficient time to meet
those requirements.
 Once the system is implemented or deployed, the evaluation of the success or

failure of the system must be performed to identify any improvements that
need to be made.
 The system is successful when there is high level of usage; the users are
satisfied with the system; there is positive attitude towards the functions of
the system; the achievement of the system objectives; and the financial
returns that are obtained as a result of using the system.
 The success and failure of information systems depend on the role of the user
in the implementation process, the support and commitment from the
management, the level of complexity and project risks, and the quality of
management in implementation process.

 The highest possibility of failure to occur is during the phases of the

information system development process.
 Each phase in the process of developing the information system has its own
list of mistakes. Thus, there is a need to reduce or eliminate these mistakes,
by using the project management techniques.
Capability Maturity Model Success factors of information system

implementation
Measurement criteria for the success of
a system System development life cycle
Project risks
Quality of information system

MODULE FEEDBACK
MAKLUM BALAS MODUL
If you have any comment or feedback, you are welcome to:
1. E-mail your comment or feedback to modulefeedback@oum.edu.my
OR
2. Fill in the Print Module online evaluation form available on myINSPIRE.
Thank you.
Centre for Instructional Design and Technology

(Pusat Reka Bentuk Pengajaran dan Teknologi )
Tel No.: 03-27732578
Fax No.: 03-26978702


42609

Cargado por

Información del documento

Derechos de autor

Formatos disponibles

Compartir este documento

Compartir o incrustar documentos

Opciones para compartir

¿Le pareció útil este documento?

¿Este contenido es inapropiado?

Copyright:

Formatos disponibles

42609

Cargado por

Copyright:

Formatos disponibles

Faculty of Science and Technology

Copyright © Open University Malaysia (OUM)

Copyright © Open University Malaysia (OUM)

Module Writers: Maryati Mohd Yusoff

Moderator: Assoc Prof Hassan Selamat

Developed by: Centre for Instructional Design and Technology

First Edition, August 2011

Copyright © Open University Malaysia (OUM)

Topic 1 Computer-based Information Systems 1

Topic 2 Managers and System Concept 28

Copyright © Open University Malaysia (OUM)

Topic 3 Information Technology Support and Strategy in the Organisation 54

Topic 4 Information Systems Integration in the Organisation 77

Copyright © Open University Malaysia (OUM)

4.5.3 TPS Activities 91

Topic 5 Decision Support System 99

Topic 6 Executive Information System 119

Copyright © Open University Malaysia (OUM)

Topic 7 Expert System 133

Topic 8 Functional Information Systems 157

Copyright © Open University Malaysia (OUM)

Topic 9 Security and Social Issues Related to Information System 176

Topic 10 Development and Quality Issues Related to Information System 195

Copyright © Open University Malaysia (OUM)

10.3 Information System Failures 202

Copyright © Open University Malaysia (OUM)

Copyright © Open University Malaysia (OUM)

COURSE GUIDE DESCRIPTION

Copyright © Open University Malaysia (OUM)

Table 1: Estimation of Time Accumulation of Study Hours

1. Identify the functions and roles and types of system users;

Copyright © Open University Malaysia (OUM)

Topic 1 gives an overview of management information systems and computer-

Topic 3 discusses the relationship between business and information technology,

Topic 4 introduces information systems planning and the effects of information

Topic 6 introduces you to the Executive Information System (EIS). EIS is a

Copyright © Open University Malaysia (OUM)

Topic 8 examines various types of functional information systems such as

Topic 9 introduces computer system security, which plays a critical role in

Topic 10 describes the phases involved in information system development. It

TEXT ARRANGEMENT GUIDE

Self-Check: This component of the module is inserted at strategic locations

Copyright © Open University Malaysia (OUM)

Activity: Like Self-Check, the Activity component is also placed at various

References: The References section is where a list of relevant and useful

Copyright © Open University Malaysia (OUM)

Isenberg, D. J. (1984). How senior managers think. Harvard Business Review

Laudon, K. C., & Laudon, J. P. (2013). Management information systems:

TAN SRI DR ABDULLAH SANUSI (TSDAS)

Copyright © Open University Malaysia (OUM)

Imagine that you are working as a finance clerk in Company A. Company A is

Copyright © Open University Malaysia (OUM)

Organisations have many resources that must be smartly managed. Information

Information generated by computers is used by both managers and non-

1.1 INFORMATION SYSTEM IN BRIEF

1.1.1 Data, Information and Knowledge

Copyright © Open University Malaysia (OUM)

How about information? Let us look at the definition.

Information is an organised and meaningful interpretation which is useful

Nevertheless, the definitions of data and information are different according to

Knowledge consists of information that has been arranged and processed to

According to Boisot (as cited by Boddy, Boonstra and Kennedy, 2005),

Copyright © Open University Malaysia (OUM)

a personÊs range of information. Knowledge embodies prior understanding,