EMERGING ISSUES IN MANAGEMENT INFORMATION

SYSTEMS

Introduction

Information technology is a field that changes day-in-day out. Invention of complex technology

is facilitated by sophisticated systems required by different firms. This is also enhanced by

competition of organisations for clients� satisfaction.

 Key Terms

Electronic Data Interchange (EDI) - is an electronic means for transmitting business transactions

between organisations.

Outsourcing is a contractual agreement whereby an organization hands over control of part or all of

the functions of the information systems department to an external party.

Software house is a company that creates custom software for specific clients

Hacking - Gaining unauthorised access to computer programmes and data.

Electronic commerce

Electronic commerce (e-commerce) is the buying and selling of goods and services over the Internet.

Businesses on the Internet that offer goods and services are referred to as web storefronts. Electronic

payment to a web storefront can include check, credit card or electronic cash.

Web storefronts

These are also known as virtual stores. This is where shoppers can go to inspect merchandise and

make purchases on the Internet. Web storefront creation package is a new type of programme to help

businesses create virtual stores. Web storefront creation packages (also known as commerce servers)

do the following:

� Allow visitors to register, browse, place products into virtual shopping carts and purchase

goods and services.

� Calculate taxes and shipping costs and handle payment options.

� Update and replenish inventory.

� Ensure reliable and safe communications.

� Collects data on visitors.

� Generates reports to evaluate the site�s profitability.

Web auctions

Web auctions are a recent trend in e-commerce. They are similar to traditional auctions but

buyers and sellers do not meet face-to-face. Sellers post descriptions of products at a web site

and buyers submit bids electronically. There are two basic types of web auction sites:

� Auction house sites

� Person-to-person sites

Auction house sites

Auction house owners present merchandise typically from companies� surplus stocks. Auction

house sites operate in a similar way to a traditional auction. Bargain prices are not uncommon on

this type of site and are generally considered safe places to shop.

Person-to-person sites

The owner of site provides a forum for buyers and sellers to gather. The owner of the site typically

facilitates rather than being involved in transactions. Buyers and sellers on this type of site must be

cautious.

Electronic payment

The greatest challenge for e-commerce is how to pay for the purchases. Payment methods must be

fast, secure and reliable. Three basic payment methods now in use are:

(i) Cheques

� After an item is purchased on the Internet, a cheque for payment is sent in the mail.

� It requires the longest time to complete a purchase.

� It is the most traditional and safest method of payment.

(ii) Credit card

� Credit card number can be sent over the Internet at the time of purchase.

� It is a faster and a more convenient method of paying for Internet purchases.

� However, credit card fraud is a major concern for buyers and sellers.

� Criminals known as carders specialise in stealing, trading and using stolen credit. cards stolen

from the Internet.

(iii) Electronic cash

� Electronic cash is also known as e-cash, cyber cash or digital cash.

� It is the Internet�s equivalent of traditional cash.

� Buyers purchase e-cash from a third party such as a bank that specialises in electronic

currency.

� Sellers convert e-cash to traditional currency through a third party.

� It is more secure than using a credit card for purchases.

2. Electronic Data Interchange (EDI)

EDI is an electronic means for transmitting business transactions between organisations. The

transmissions use standard formats such as specific record types and field definitions. EDI has

been in use for 20 years, but has received significant attention within recent years as organisations

seek ways to reduce costs and be more responsive.

The EDI process is a hybrid process of systems software and application systems. EDI system

software can provide utility services used by all application systems. These services include

transmission, translation and storage of transactions initialised by or destined for application

processing. EDI is an application system in that the functions it performs are based on business

needs and activities. The applications, transactions and trading partners supported will change

over time and the co-mingling of transactions, purchase orders, shipping notices, invoices and

payments in the EDI process makes it necessary to include application processing procedures

and controls in the EDI process.

EDI promotes a more efficient paperless environment. EDI transmissions may replace the use

of standard documents including invoices or purchase orders. Since EDI replaces the traditional

paper document exchange such as purchase orders, invoices or material release schedules, the

proper controls and edits need to be built within each company�s application system to allow this

communication to take place.

Outsourcing practices

Outsourcing is a contractual agreement whereby an organisation hands over control of part or

all of the functions of the information systems department to an external party. The organization

pays a fee and the contractor delivers a level of service that is defined in a contractually binding

service level agreement. The contractor provides the resources and expertise required to perform the

agreed service. Outsourcing is becoming increasingly important in many organisations.

The specific objective for IT outsourcing vary from organisation to organisation. Typically, though,

the goal is to achieve lasting, meaningful improvement in information system through corporate

restructuring to take advantage of a vendor�s competencies.

Reasons for embarking on outsourcing include:

� A desire to focus on a business� core activities.

� Pressure on profit margins.

� Increasing competition that demands cost savings.

� Flexibility with respect to both organisation and structure.

The services provided by a third party can include:

� Data entry (mainly airlines follow this route).

� Design and development of new systems when the in-house staff do not have the requisite

skills or is otherwise occupied in higher priority tasks.

� Maintenance of existing applications to free in-house staff to develop new applications.

� Conversion of legacy applications to new platforms. For example, a specialist company

� may enable an old application.

� Operating the help desk or the call centre.

Possible disadvantages of outsourcing include:

� Costs exceeding customer expectations.

� Loss of internal information system experience.

� Loss of control over information system.

� Vendor failure.

� Limited product access.

� Difficulty in reversing or changing outsourced arrangements.

Business risks associated with outsourcing are hidden costs, contract terms not being met,

service costs not being competitive over the period of the entire contract, obsolescence of vendor IT

systems and the balance of power residing with the vendor. Some of the ways that these risks can be

reduced are:

� By establishing measurable partnership enacted shared goals and rewards.

� Utilisation of multiple suppliers or withhold a piece of business as an incentive.

� Formalisation of a cross-functional contract management team.

� Contract performance metrics.

� Periodic competitive reviews and benchmarking/bench-trending.

� Implementation of short-term contracts.

Outsourcing is the term used to encompass three quite different levels of external provision of

information systems services. These levels relate to the extent to which the management of IS,

rather than the technology component of it, have been transferred to an external body. These are

time-share vendors, service bureaus and facilities management.

Time-share vendors

These provide online access to an external processing capability that is usually charged for on a

time-used basis. Such arrangements may merely provide for the host processing capability onto

which the purchaser must load software. Alternatively the client may be purchasing access to the

application. The storage space required may be shared or private. This style of provision of the�pure�

technology gives a degree of flexibility allowing ad hoc, but processor intensive jobs to be

economically feasible.

Service bureaus

These provide an entirely external service that is charged by time or by the application task.

Rather than merely accessing some processing capability, as with time-share arrangements, a

complete task is contracted out. What is contracted for is usually only a discrete, finite and often

small, element of overall IS.

The specialist and focused nature of this type of service allows the bureaux to be cost-effective

at the tasks it does since the mass coverage allows up-to-date efficiency-oriented facilities ideal

for routine processing work. The specific nature of tasks done by service bureaus tend to make

them slow to respond to change and so this style of contracting out is a poor choice where fast

changing data is involved.

Facilities Management (FM)

This may be the semi-external management of IS provision. In the physical sense all the IS

elements may remain (or be created from scratch) within the client�s premises but their

management and operation become the responsibility of the contracted body. FM contracts

provide for management expertise as well as technical skills. FM deals are legally binding

equivalent of an internal service level agreement. Both specify what service will be received but

significantly differ in that, unlike when internal IS fails to deliver, with an FM contract legal redress

is possible. For most organisations it is this certainty of delivery that makes FM attractive. FM deals

are increasingly appropriate for stable IS activities in those areas that have long been automated so

that accurate internal versus external cost comparisons can be made. FM can also be appealing for

those areas of high technology uncertainty since it offers a form of risk transfer. The service

provider must accommodate unforeseen changes or difficulties in maintaining service levels.

Software houses

A software house is a company that creates custom software for specific clients. They concentrate

on the provision of software services. These services include feasibility studies, systems analysis and

design, development of operating systems software, provision of application programming packages,

�tailor-made� application programming, specialist system advice, etc. A software house may offer a

wide range of services or may specialise in a particular area.

Information resource centres

Information Resource Centres co-ordinate all information activities within their areas of interest

and expertise. Information within that area is analysed, abstracted and indexed for effective

storage, retrieval and dissemination.

Data warehousing

A data warehouse is a subject-oriented, integrated, time-variant, non-volatile collection of data in

support of management�s decision-making process.

Data warehouses organise around subjects, as opposed to traditional application systems

which organise around processes. Subjects in a warehouse include items such as customers,

employees, financial management and products. The data within the warehouse is integrated

in that the final product is a fusion of various other systems� information into a cohesive set of

information. Data in the warehouse is accurate to some date and time (time-variant). An indication

of time is generally included in each row of the database to give the warehouse time variant

characteristics. The warehouse data is non-volatile in that the data, which enters the database is

rarely, if ever, changed. Change is restricted to situations where accuracy problems are identified.

Information is simply appended to or removed from the database, but never updated. A query

made by a decision support analyst last week renders exact results one week from now.

The business value of data warehousing includes:

� More cost effective decision-making � the reallocation of staff and computing resources

required to support ad hoc inquiry and reporting.

� Better enterprise intelligence � increased quality and flexibility of analysis based on multi-

tiered data structures ranging from detailed transactions to high level summary information.

� Enhanced customer service � information can be correlated via the warehouse, thus resulting

in a view of the complete customer profile.

� Enhanced asset/liability management � purchasing agents and financial managers often

discover cost savings in redundant inventory, as well as previously unknown volume discount

opportunities.

� Business processing reengineering � provides enterprise users access to information yielding

insights into business processes. This information can provide an impetus for fact-based

reengineering opportunities.

� Alignment with enterprise right-sizing objectives � as the enterprise becomes flatter, greater

emphasis and reliance on distributed decision support will increase.

Data Mining

Fast Forward: As more data is gathered, with the amount of data doubling every three years,

data mining is becoming an increasingly important tool to transform this data into information

This is the process of discovering meaningful new correlations, patterns, and trends by digging

into (mining) large amounts of data stored in warehouses, using artificial intelligence and statistical

and mathematical techniques.

Industries that are already taking advantage of data mining include retail, financial, medical,

manufacturing, environmental, utilities, security, transportation, chemical, insurance and

aerospace industries. Most organisations engage in data mining to:

� Discover knowledge � the goal of knowledge discovery is to determine explicit hidden

relationships, patterns, or correlations from data stored in an enterprise�s database.

Specifically, data mining can be used to perform:

- Segmentation � e.g. group customer records for custom-tailored marketing

- Classification � assignment of input data to a predefined class, discovery and

- understanding of trends, text-document classification.

- Association � discovery of cross-sales opportunities

- Preferencing � determining preference of customer�s majority

- Visualise data � make sense out of huge data volumes e.g. use of graphics

- Correct data � identify and correct errors in huge amounts of data

Applications of data mining include:

� Mass personalisation � personalised services to large numbers of customers

� Fraud detection � using predictive models, an organisation can detect existing fraudulent

behaviour and identify customers who are likely to commit fraud in the future.

� Automated buying decisions � data mining systems can uncover consumer buyingpatterns

and make stocking decisions for inventory control.

� Credit portfolio risk evaluation � a data mining system can help perform credit risk analysis

by building predictive models of various portfolios, identifying factors and formulating rules

affecting bad risk decisions.

� Financial planning and forecasting � data mining provides a variety of promising techniques

to build predictive models forecasting financial outcome on a macroeconomic style.

� Discovery sales � for companies that excel in data mining, an innovative source of revenue is

the sale of some of their data mining discoveries.

Information technology and the law

This is an area that has received little attention in developing countries. However, in developed

countries substantial efforts have been made to ensure that computers are not used to perpetrate

criminal activities. A number of legislation have been passed in this direction in these countries. In

Kenya, the law is yet to reflect clearly how computer crime is to be dealt with.

The Internet does not create new crimes but causes problems of enforcement and jurisdiction.

The following discussion shows how countries like England deal with computer crime through

legislation and may offer a point of reference for other countries.

Computers and crime

Computers are associated with crime in two ways:

1. Facilitate the commission of traditional crimes. This does not usually raise new legal issues.

2. They make possible new forms of �criminal� behaviour, which have raised new legal issues.

Computer crime is usually in the form of software piracy, electronic break-ins and computer

sabotage be it industrial, personal, political, etc.

Fraud and theft

Computer fraud is any fraudulent behaviour connected with computerization by which someone

intends to gain financial advantage. Types of computer fraud includes:

a. Input fraud � entry of unauthorised instructions, alteration of data prior to entry or entry of

false data. Requires few technical skills.

b. Data fraud � alteration of data already entered on computer, requires few technical skills.

c. Output fraud � fraudulent use of or suppression of output data. Less common than input or

data fraud but evidence is difficult to obtain.

d. Programme fraud � creating or altering a programme for fraudulent purposes. This is the real

computer fraud and requires technical expertise and is apparently rare.

The legal response prior to 1990 was as follows:

� Direct benefit � use of a computer to directly transfer money or property. This is traditional

theft. This criminal behaviour is tried under traditional criminal law e.g. governed by Theft

Act 1968 in England, common law in Scotland.

� Indirect benefit � obtaining by deception. E.g. Theft Act of 1968 and 1978 deals with

dishonestly obtaining property or services by deception.

� Forgery � the Forgery and Counterfeiting Act 1981 defines it as making a false instrument

intending to pass it off as genuine.

� Theft of information � unauthorised taking of �pure� information is not legally theft in

England and Scotland because information is not regarded as property and offence of theft

requires that someone is deprived of his property.

Damage to software and data

It is possible to corrupt/erase data without apparently causing any physical damage. In England,

the Criminal Damage Act of 1971 states that a person who without lawful excuse destroys or

damages any property belonging to another intending to destroy or damage such property, shall be

guilty of an offence.

Hacking

Gaining unauthorised access to computer programs and data. This was not criminal in England

prior to the Computer Misuse Act of 1990.

Computer Misuse Act 1990

It is not a comprehensive statute for computer crime and does not generally replace the existing

criminal law. It, however, creates three new offences.

� The Unauthorised Access Offence

A person is guilty of an offence if he causes a computer to perform any function with intent to

secure access to any programme or data held in any computer and the access he intends to secure is

unauthorised, and he knows at the time when he causes the computer to perform the function that

this is the case. Maximum penalty is six months imprisonment and/or maximum �5,000 fine.

� The Ulterior Intent Offence

A person is guilty of this offence if he commits the Unauthorised Access Offence with intent to

commit an offence or to facilitate the commission of such an offence (whether by himself or another

person). Maximum penalty for Ulterior Intent Offence is five years imprisonment and/or unlimited

fine.

� The Unauthorised Modification Offence

A person is guilty of this offence if he does any act which causes an unauthorized modification of

the contents of any computer and at the time he does the act he has the requisite intent (intent to

impair operation or hinder access) and the requisite knowledge (knowledge that actions are

unauthorised).

Computers and pornography

Pornography is perceived as one of the major problems of computer and Internet use. Use of

computers and the Internet have facilitated distribution of and access to illegal pornography,

but have not created many new legal issues. Specific problems and how they are addressed

include:

- Pseudo-photographs � these are combined and edited images to make a single image. The

Criminal Justice Act 1988 and Protection of Children Act 1978 (if the image appears to be an

indecent image of a child) was amended to extend certain indecency offences to pseudo-

photographs.

- Multimedia pornography � Video Recordings Act 1984: supply of video recordings without

classification certificate is an offence.

Cyber stalking

Using a public telecommunication system to harass another person may be an offence under the

Telecommunications Act 1984. Pursuing a course of harassing conduct is an offence under the

Protection from Harassment Act 1997.

Intellectual property rights

These are legal rights associated with creative effort or commercial reputation or goodwill.

Categories of Intellectual Property Rights

Rights differ according to subject matter being protected, scope of protection and manner of

creation. Broadly include:

� Patents � a patent is the monopoly to exploit an invention for up to 20 years (in UK).

Computer programme as such are excluded from patenting � but may be patented if applied in

some technical or practical manner. The process of making semiconductorchips falls into the

patent regime.

� Copyrights � a copyright is the right to make copies of a work. Subject matter protected by

copyrights include:

- Original literary, dramatic, musical and artistic works.

- Sound recordings, films, broadcasts and cable programme.

- Typographical arrangement of published editions.

Computer programmes are protected as literary works. Literal copying is the copying of

programme code while non-literal copying is judged on objective similarity and �look and feel�.

Copyright protects most material on the Internet e.g. linking (problem caused by deep links),

framing (displaying a website within another site), caching and service provider liability.

� Registered designs

� Trademarks � A trademark is a sign that distinguishes goods and services from each other.

Registration gives partial monopoly over right to use a certain mark. Most legal issues of trademarks

and information technology have arisen from the Internet such as:

- Meta tags � use of a trademarked name in a meta tag by someone not entitled to use it may be

infringement.

- Search engines � sale of �keywords� that are also trademarked names to advertisers may

constitute infringement.

- Domain names � involves hijacking and �cyber-squatting� of trademarked domain names.

1) Design rights

2) Passing off

3) Law of confidence

4) Rights in performances

Conflicts of Intellectual Property

Plagiarism

Increased plagiarism because of the Internet violates academic dishonesty because copying

does not increase writing and synthesis of skills. Ideally, one must give credit to the original

author.

Piracy

In 1994 a student of U.S.A�s Massachusetts Institute of Technology (MIT) was indicted for placing

commercial software on website for copying purposes. The student was accused of wire fraud and

the interstate transportation of stolen property. The case was thrown out on technicality grounds

since the student did not benefit from the arrangement and did not download the software himself.

His offence also did not come under any existing law.

Software publishers estimate that more than 50% of the software in US is pirated and 90% in some

foreign countries. In US, software companies can copyright it and thus control its distribution. It is

illegal to make copies without authorisation.

Fast Forward: Copyright infringement (or copyright violation) is the unauthorised use of material

that is covered under copyright law.

Repackaging data and databases

A company produced a CD-ROM containing a large compilation of phone numbers. A university

student put this CD-ROM on his website. Company sued saying the student had violated the

shrink-wrap license agreement that came with the CD-ROM. Did the student infringe pro-CD�s

claimed copyright in the telephone listings? The court said no. Copying of the data was clearly

prohibited by the License Agreement but the court failed to invoke it. Instead, the court stated that

the terms of the select phone license agreement were not presented to the student or any other

purchaser at the time of sale. The appeal against this case was still pending in The U.S. court by the

time of publishing this document. Governments have been asking for more laws to copyright

databases.

Reverse Engineering

Interfaces are often incomplete, obscure and inaccurate, so developers must look at what the code

really does. Reverse engineering is often a necessity for reliable software design. Companies doing

reverse engineering must not create competing products. Courts have, however, allowed reverse

engineering under certain restrictions.

Copying in transmission

�Store and forward networks�, a network node gets data in transmission, stores it and forwards to

the next node until it reaches its destination. Everybody gets a copy, who archives them? Are the

intermediate copies a violation of copyright? If users email pictures or documents, which contain

trademarks or copyrighted materials, do email copies on servers put the server�s company in

jeopardy?

Liability for information technology

Liability may arise out of sale/supply of defective software or liability for online information.

Liability for defective software may arise out of contractual or non-contractual terms. A contract is a

voluntary legally binding agreement between two or more parties. Parties may agree as they may

wish subject to legislation such as the Sale of Goods Act. The legislation limits contractual freedom

and imposes terms and conditions in certain kind of contracts. The question that usually arises is

whether software is �goods� or �services�. However, mass produced software packages are generally

goods, but custom written or modified software is a service. Non-contractual liability is based on

negligence. The law of negligence is based on the principle that a person should be liable for his

careless actions where this causes loss or damage to another. To bring a successful action for

negligence, the pursuer needs to prove that the defender owed him a duty of care. Liability for online

information involves defective information and defamation. Where a person acts on information

given over the Internet and suffers a loss because information was inaccurate, will anyone be liable.

Two problems that arise are; one, a person who puts information on the Internet will only be liable if

he owes a duty of care to the person who suffers the loss. Two, damage caused in this way will

normally be pure economic loss, which cannot usually be claimed for in delict (tort). However, there

is a limited exception to this general principle in respect of negligent misstatement. This is where

according to Hedley Byrne & Co v Heller & Partners (1964):

� The person giving the advice/information represented himself as an expert.

� The person giving the advice/information knew (or should have known) that the recipient was

likely to act on it, and

� The person giving the advice/information knew (or should have known) that the recipient of

information was likely to suffer a loss if the information was given without sufficient care.

Can an Internet Service Provider be liable for defective information placed by someone else? ISP

may be regarded as a publisher. Traditional print publishers have been held not to be liable for

inaccurate information contained in the books they publish. But ISP may be liable if it is shown that

they had been warned that the information was inaccurate and did nothing to remove it.

Defamatory statements may be published on the WWW, in newsgroups and by email. Author

of the statements will be liable for defamation, but may be difficult to trace or not worth suing.

But employers and Internet service providers may be liable. Defamation is a delict (tort) and

employers are vicariously liable for delicts committed by their employees in the course of their

employment. Many employers try to avoid the possibility of actionable statements being published

by their staff by monitoring email and other messages. Print publishers are liable for defamatory

statements published by them, whether they were aware of them or not. ISPs could be liable in

the same way.

Terminology

Data Mart

A data mart is a repository of data gathered from operational data and other sources that is

designed to serve a particular community of knowledge workers. In scope, the data may derive

from an enterprise-wide database or data warehouse or be more specialised. The emphasis of a

data mart is on meeting the specific demands of a particular group of knowledge users in terms

of analysis, content, presentation, and ease-of-use. Users of a data mart can expect to have data

presented in terms that are familiar.

In practice, the terms data mart and data warehouse each tend to imply the presence of the other in

some form. However, most writers using the term seem to agree that the design of a data mart tends

to start from an analysis of user needs and that a data warehouse tends to start from an analysis of

what data already exists and how it can be collected in such a way that the data can later be used.

A data warehouse is a central aggregation of data (which can be distributed physically); a data

mart is a data repository that may derive from a data warehouse or not and that emphasises ease of

access and usability for a particular designed purpose. In general, a data warehouse tends to be a

strategic but somewhat unfinished concept; a data mart tends to be tactical and aimed at meeting an

immediate need. In practice, many products and companies offering data warehouse services also

tend to offer data mart capabilities or services.

Summary

Reasons for embarking on outsourcing include:

� A desire to focus on a business� core activities

� Pressure on profit margins

� Increasing competition that demands cost savings

� Flexibility with respect to both organisation and structure

Some of the ways that outsourcing risks can be reduced are:

� By establishing measurable partnership enacted shared goals and rewards

� Utilisation of multiple suppliers or withhold a piece of business as an incentive

� Formalisation of a cross-functional contract management team

� Contract performance metrics

� Periodic competitive reviews and benchmarking/benchtrending

� Implementation of short-term contracts

Applications of data mining include:

� Mass personalisation � personalised services to large numbers of customers

� Fraud detection

� Automated buying decisions

� Credit portfolio risk evaluation

� Financial planning and forecasting

� Discovery sales � for companies that excel in data mining, an innovative source of revenue is

the sale of some of their data mining discoveries.

Kinds of computer fraud include:

(i) Input fraud � entry of unauthorised instructions, alteration of data prior to entry or entry of

false data. Requires few technical skills.

(ii) Data fraud � alteration of data already entered on computer, requires few technical skills.

(iii) Output fraud � fraudulent use of or suppression of output data. Less common than input or

data fraud but evidence is difficult to obtain.

(iv) Programme fraud � creating or altering a programme for fraudulent purposes. This is the

real computer fraud and requires technical expertise and is apparently rare.

Categories of Intellectual property rights

� Patents � a patent is the monopoly to exploit an invention for up to 20 years (in UK).

Computer programmes as such are excluded from patenting � but may be patented if applied

in some technical or practical manner.

� Copyrights � a copyright is the right to make copies of a work. mic certain problemsolving

abilities of humans, usually related to structured or semi-structured problem situations.

Batch processing � aggregating similar types of data requiring similar processing into groups or

batches and processing these together rather than individually, thus deriving economies of scale in

the processing of the data.

Baud � measure of the speed at which data is communicated along a channel, the number of

signal pulses per second.

Buffer � either an insert to separate one block of data from another, or an area of storage which is

used to store transitory data, e.g. the CPU can supply data to a printer device faster than the printer

can physically operate, hence the CPU transmits blocks of data for printing to the printer�s buffer

store and the printer reads the data as required from its buffer store.

CAD/CAM (Computer Aided Design and Computer Aided Manufacture) a generic term applied

to the development and design of systems to support design work and to control manufacturing

operations.

Central Processing Unit (CPU) � main unit of the computer which holds the software instructions

and data, performs the execution of these instructions and controls all the associated peripheral

devices.

Closed system � a system which has no interaction with its environment.

COBOL (Common Business-Oriented Language) � a high-level programming language primarily

designed for the development of commercial or business data processing applications and, despite its

antiquity, still used extensively.

Computer schema � the overall structure of a database expressed in logical terms and used in

database design and development.

Console � the interface unit between the user and the computer, typically in the form of a

typewriter keyboard but also employing other ergonomically efficient devices, e.g. mouse.

Database � a collection of data in the form of records, usually appropriate to more than one user

application, which are held centrally and accessed and updated by different users.

Database Management System (DBMS) � software used to build, maintain and control user

access to the database files.

Decision Support System (DSS) � collection of data, software, tools and techniques designed

to aid decision-makers to analyse problems, and to evaluate and select appropriate solutions.

Encryption � a way of encoding data by using hardware and/or software processes that is

designed to enhance the security of data during transmission and storage; it usually requires the

reversal of the coding process at the receiving end, decryption.

External schema � the user�s view of the structure and contents of the data elements in a

database, applied in database construction and development.

FORTRAN (FORmula TRANslator) � high-level programming language used primarily for

mathematical computations.

Heuristics � rules of thumb or intuitive approaches to problem-solving.

Information centre � a location within the organization at which the users may gain access to

information to support their operational needs.

Internal schema � definition of the internal physical structure or organization of the database to be

constructed.

Network � system of communication channels interconnecting users at different locations.

Normalisation � a term applied in relational database design referring to the process of simplifying

the logical relationships within the database structure.

Protocol � a set of rules or standards governing the format and methods employed in the

transmission of data, necessary to ensure the effective exchange of data between devices within a

computer system or users within a network.

Prototype � the initial model of the system to be developed incorporating sample input and

output screen layouts, information content and operating guidelines etc; it is used to facilitate

user trials and record observations.

Query Language � programming language designed to construct the user�s interrogation

enquiries in a database system.

Relational database � database system structured on the basis of the relationships between the data

elements and records within the system.

Spooling � the use of secondary devices (e.g. disk or tape) to act as an interim buffer store

between input and output peripheral devices (e.g. keyboards or printers) to reduce delays in

processing due to slow operating speeds of these peripherals relative to the central processing

unit, i.e. it creates a queue.

Systems Development Life Cycle (SDLC) � the stages involved in the initiation, analysis,

development and implementation of an information system.

Timesharing � a common variety of operating system within a computer which slices up the

central processor time available and allocates access in rotation to each user for the slice of

time.

WIMP (Windows, Icons, Mouse and Pull-down menus) relates to a combination of these features in

developing the human interface between the user and the computer system.

Workbenches � collection of software and hardware tools and facilities designed to support

the work systems analysts, designers and programmers; usually integrated within a single

workstation.

Workstation � standalone computer or terminal which provides a combination of hardware and

software facilities to support the specialist activities of particular types of users

References

ACCA: Paper 2.1 Information Systems Foulks Lynch, 1999

Eardley, A; Marshall, D V & Ritchie, R L: Management Information Systems, ACCA

French, C. S.: Data Processing and information technology 10th Ed DP Publications, 2004

Laudon, K.C. and Laudon J.P.: Management Information Systems: Managing the Digital Firm,

7th ed., New Jersey: Prentice-Hall, 2002

Lucey, T.: Management Information Systems. 8th ed. London, DP Publications, 1998.