Archive by Author

Information Systems Quality – Security

3 Feb

In my previous blog I discussed information system quality and its link to security. Although security is not an actual physical component of information systems, it is a huge factor when evaluating the quality of your information systems.” Information systems (IS) security has become a core business processes in organizations”[1]. Furthermore Popa et al (2008) notes that “a very important component of the information system… is the security controls” [2]. In an article by Ron Byrne (2003) Information security – the iceberg or just the tip?, he notes that’s information security is more than people just hacking into your account but rather about the protection of the ‘information assets’ that an organisation holds. Byrne includes information assets to be “

  • business records
  • client and contact databases
  • personnel information
  • financial records and transactions
  • information databases
  • e-commerce transaction details” [3].

If any of the above data was compromised in any way it could have a serious negative impact for an organisations reputation. When considering what type of information security is best to protect the quality of a firm’s information system, Byrne notes that Confidentiality, Integrity and Availability (CIA) should be the three key concerns.

When developing a framework to assess information system quality some of the areas to look at in terms of (CIA) would be:

Confidentiality: Managers should assure that information is only shared with authorised personal within the organisation. Otherwise “unauthorized access to confidential information may have devastating consequences”[4]. One way to overcome this is to encrypt the data.

Integrity: This involves ensuring that the data is accurate and has not been changed inappropriately to give misleading or false information.

Availability: This means that the information system responsible for delivering, processing and storing the information is available when needed. “An information system that is not available when you need it is almost as bad as none at all.  It may be much worse, depending on how reliant the organization has become on a functioning computer and communications infrastructure.” [5] This can refer to the downtime of a system, and its percentage of downtime per year is a good indicator on how available that system is.

 

[1]  Trcek, D., 2003, ‘An integral framework for information systems security management.’ Computers & Security. 22(4):337-360.

[2] Popa, M., 2008, ‘Information System Quality Evaluation Based on Audit Processes’ Proceedings of the World Congress on Engineering 2008 Vol I.WCE 2008, July 2 – 4, 2008, London, U.K. Available online @ http://www.iaeng.org/publication/WCE2008/WCE2008_pp494-496.pdf

[3] Byrne, R., 2003, ‘Information security – the iceberg or just the tip?.’  Available online @ http://www.hci.com.au/hcisite3/journal/Information%20security%20iceberg%20or%20tip.htm

[4] ‘Fundamental Security Concepts.’ Available online @ http://www.mhprofessional.com/downloads/products/0072254238/0072254238_ch01.pdf

[5] http://it.med.miami.edu/x904.xml

Advertisements

Information Systems Quality – Security

28 Jan

When developing a framework to assess information system quality, one must first look at the various aspects that can affect such quality. To build on agblogail idea of dividing information systems quality into components in order to develop a useful framework I will be looking at the area of Information Security. Information system/technology security can be defined “as  the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats” [1].

Information is an asset to all organisations so having some sort of security to protect it is vital to any organisation. All organisations irrespective of the type of business they do believe that data protection and security is vitally important to their organisation. For example in the article ‘Quality Risk Analysis’ they offer the example of developing a new online bank application. This newly designed application permits users to login over the internet and allows them to conduct such activities as transferring money. With this type of an application comes a number of risks for example people hacking into the account and making unauthorised transactions. “For such an application, security is clearly a major quality characteristic. In the area of security, risks to system quality include the possibility that criminal hackers gain unauthorized access to other customers’ accounts or that hackers intercept account information in transit between the data centre and customers’ PCs” [2].

The above example is why when developing an IS quality framework to help managers to determine the quality of there IS services and outputs managers need to look at what security measures they have to protect their data.

 

[1] https://oit.unlv.edu/network-and-security/definition-information-security

[2] Black, R. (2008) ‘Quality Risk Analysis.’ RBCS INC. Available online @ http://www.rbcs-us.com/images/documents/Quality-Risk-Analysis-Article-(updated).pdf

Introduction to Information Systems Quality Framwork

18 Jan

Before I begin writing my blog, I would just like to qualify the research done by Agblogail in his blog ‘Blueprint for Developing a Framework for Evaluating IS Quality’ I have also conducted by own research into what quality, information systems and framework is.
An information system is the collection of technical and human resources that provide the storage, computing, distribution, and communication for the information required by all or some part of an enterprise . [1]

Quality is achieved “by strict and consistent commitment to certain standards that achieve uniformity of a product in order to satisfy specific customer or user requirements.” [2]

Lastly, a framework “in general a framework is a real or conceptual structure intended to serve as a support or guide for the building of something that expands the structure into something useful.”

It is essential that managers develop the correct framework for assessing the quality of their information systems within their organisation. According to Hans van der Heijden (cited in ‘What is information systems quality’) “Information systems have low quality if their data is inaccurate, or is not precise enough, incomplete or outdated.”[4]. If an organisation fails to identify such problems with its information or data it can lead to serious problem not just for employees but also customers of an organisation.

While I also agree with Agblogail that it is important to recognise the various dimensions of Information Systems quality and we need to establish ways to evaluate Information System quality, I would just like to highlight what the causes leading to poor quality information systems. In an article by Strong et al 1997 ‘10 Potholes in the Road to Information Quality’ has come up with 10 causes the result in poor quality information systems.

They are:

1. Multiple sources of the same information produce different values.
2. Information is produced using subjective judgments, leading to bias.
3. Systemic errors in information production lead to lost information
4. Large volumes of stored information make it difficult to access in a reasonable time.
5. Distributed heterogeneous systems lead to inconsistent definitions, formats, and values.
6. Nonnumeric information is difficult to index
7. Automated content analysis across information collections is not yet available.
8. As information consumers’ tasks and the organizational environment change, the information that is relevant and useful changes.
9. Easy access to information may conflict with requirements for security, privacy, and confidentiality
10. Lack of sufficient computing resources limits access.
(http://mitiq.mit.edu/documents/publications/TDQMpub/10potholesIEEEComputerAug97.pdf)

 
[1] http:/whatis.techtarget.com/definition/IS-information-system-or-information-services
[2] http://www.businessdictionary.com/definition/quality.html
[3] http://whatis.techtarget.com/definition/framework
[4] Hans van der Heijden et al (2009) ‘Designing Management Information Systems’. Cited on http://www.ehow.com/facts_7152314_information-system-quality_.html
[5] Strong et al (1997) ‘10 Potholes in the Road to Information Quality’. Available online @ http://mitiq.mit.edu/documents/publications/TDQMpub/10potholesIEEEComputerAug97.pdf

A Counter Argument to ‘When an Information System can deliver (sustained) Competitive Advantage

21 Nov

I have previously stated in my last blog when an information system can deliver sustained competitive advantage I would like to offer a counter argument. In an article by Breznik (2012) called ‘Can Information Technology be a Source of Competitive Advantage’, which looks at literature by various authors on whether or not IT is a source of competitive advantage. One of the main points is that while IT is the ‘backbone of our society’ it cannot alone provide a sustainable competitive advantage. This further reiterates a point made by Agblogail’ in one of his earlier blogs (IT Failures), that IT is much more than software and hardware, it is about the people that use it and the resources.

 

In Carr’s 2005 article ‘The end of Corporate Computing’ he makes the argument that IT cannot be a foundation for achieving competitive advantage within organisations because IT is now ubiquitous. Furthermore Tippins and Schi (2003) make the point that IT is now a competitive necessity rather than a source of competitive advantage. In order for a firm to sustain and maintain a competitive advantage with regard to IT and information systems, organisations must constantly develop, change features and processes of its information systems to sustain their market leadership. If this is the case then what happens when the firm runs out of new ideas and ways to improve their information systems?

 

Oz 2004 (Management Information Systems (4th ed), makes the point that “information systems are often short lived because competitors quickly emulate the systems for their own benefits” (pg64). Breznik (2012) offers the example of Wal-Mart were able to gain competitive advantage over its competitors K-Mart by implementing a new information system. However K-Mart implemented a similar system in their shops. Nevertheless, Breznik (2012) notes that “indeed, K-Mart imitates Wal-Mart’s good practice successfully, but without possessing and exploiting “the right capabilities” K-Mart has still not been able to overcome Wal-Mart. Therefore Wal-Mart still hold their competitive advantage but the question then has to be asked is this down to their information systems or something else?

 

In an article by John Whondeer, he makes the statement in relation to information systems and technology that “there is no such thing as a sustainable competitive advantage” (http://ezinearticles.com/?Sustaining-Competitive-Advantage&id=2240669). He refers to the example of Sears. Sears was the leading retail company in the United Sates until Wal-Mart came and took over. This was a huge surprise to everyone including Sears itself as they were “heavily computerized with more expenditure going into information technology and networking than all other non-computer firms in the United states apart from Boeing.” (http://ezinearticles.com/?Sustaining-Competitive-Advantage&id=2240669). Sears tried everything to gain back its leadership in the retail sector by adopting lower price strategy and renovating their stores. However it didn’t seem to work. Sears began to look at its information systems and realised that these needed to be changed. One thing that Sears did was they linked their suppliers to a computerised ordering system. While this has boosted Sears it has not allowed them to gain back their original competitive advantage against Wal-Mart.

 

Therefore with everything that I have highlighted in this post I am going to have to conclude and agree with John Whondeer opinion that “it is really difficult if not impossible to sustain any competitive advantage for a very long time. This is so because of the rate of technological changes, changes in business strategies, and the fact that customers’ loyalty can wane and affect sales leading to a fall in market share and thus competitive advantage.” (http://ezinearticles.com/?Sustaining-Competitive-Advantage&id=2240669)

What are your thoughts?

 

When can an information system deliver (sustained) competitive advantage

13 Nov

It has been made evident by myself and fellow bloggers such as Xman27 that information systems are highly important to an organisation. Agblogail has pointed out the many advantages information systems being to an organisation but in his most recent blog he has also reminded us that information systems is not all about success. However one of the main advantages that an information system can bring to an organisation is competitive advantage.

Nevertheless the question now arises as to when exactly does information systems deliver sustained competitive advantage?

An information system that can help an organisation achieve sustained competitive strategy is a strategic information system. The term strategic information systems is coined to Charles Wiseman and can be defined as “a system that helps companies change or otherwise alter their business strategy and/or structure. It is typically utilized to streamline and quicken the reaction time to environmental changes and aid it in achieving a competitive advantage”.(http://it.toolbox.com/wiki/index.php/Strategic_Information_System). In their book Management Information Systems: New Approaches to organisation and technology,  Laudon and Laudon 1998  argue that “Strategic information systems change the goals, business processes, products, services or environmental relationships of organizations to help them gain an edge over competitors.” (pg49) In turn they outline three ways in which information systems create sustainable competitive advantage for an organisation.

1)      Increase customer switching costs: Switching costs refer to the costs that a customer would incur if they were to switch to a competitor’s product or service. Oz (Management Information systems 4th ed (2004) notes that switching costs can either be “explicit (such as charges the seller explicitly levies on a customer for switching) or implicit (such as the indirect costs in time and money of adjusting to a new product that does the same job as the old).p44. By increasing these costs they argue that you will lock-in your current customers.

2)      Raise entry barriers to new entrants: An organisation can raise the barriers to entry for new entrants in various ways. One is by obtaining legal protection for a product that they have come up with. For example Microsoft have gained huge competitive advantage against competitors by patenting and copyrighting software they have developed. Laudon and Laudon (1998) suggest that a firm could create an information system that is indispensable to an industry and thus charging a high initial cost. These two methods are examples of when an information systems delivers sustained competitive advantage to an organisation.

3)      Change the basis of competition: Lastly Laudon and Laudon (1998) recommend that organisations should “utilize IS to change the basis of competition from price to something else. Examples include, in-stock status, speed of order fulfillment, and added information with the product. This allows you to sell on a more profitable basis.” (http://www.kulzick.com/strinfo1.htm)

These are just some examples of when information systems can deliver sustained competitive advantage to an organisation. Does anyone have any others?

Not Just Competitive Advantage

9 Nov

Information systems are vital to the success of an organisation especially in the digital era that we now find ourselves in. As discussed by jamesdaly1990  competitive advantage is one of the reasons information systems is important to the success of organisations. While competitive advantage is probably the main reason most companies invest and use information systems I would like to highlight some other reasons:

Improved Decision Making

Information systems can act as a tool to allow for improved decision making by managers in a firm. However Srinivas Nowduri notes in his article that “in order for decision to be made adequately, it is vital for there to be a good information system since decisions are based on information available.” (www.aabri.com/manuscripts/10736.pdf) Traditionally and occasionally now managers have not got access to real time information to make an informed decision. They operated from saved data from a specific point in time. By operating like this meant that it put the organisation at a huge risk. As a result of information systems managers can use different elements of their information systems to gather real time data which will allow them to make informed decisions. Furthermore managers can use other functions of information systems such as the transaction processing component to analyse and come up with various scenarios to achieve their goal. For example Verizon Corporation uses a Web-based digital dashboard to provide managers with precise real -time information on customer complains, network performance.. Using this information managers can immediately allocate repair resources to affected areas, inform customers of repair efforts and restore service fast (http://www.wisaetb.blogspot.ie/2011/06/six-reasons-why-information-systems-are.html).

 

Operational Excellence

Operational excellence is another reason why information systems are important to the success of organisations. Operational excellence ” translates to increased production flexibility, improved customer responsiveness, and cost minimization.” (http://www.deloitte.com/view/en_BB/bb/services/consulting/strategyoperations/operationalexcellence/index.htm). Organisations use their information systems to best achieve operational excellence. For example” Wal-Mart uses a Retail Link system , which digitally links its suppliers to every one of Wal-Mart’s stores. as soon as a customer purchase an item , the supplier is monitoring the item , knows to ship a replacement to the shelf. “(http://www.wisaetb.blogspot.ie/2011/06/six-reasons-why-information-systems-are.html).

While I have just highlight two there are many other resons why information systems are important to the success of an organisation. Can anyone think of any others?

 

 

Why are information systems so important to the success of an organisation?

7 Nov

Information systems are important to the success of an organisation because they allow organisations to implement and augment their business strategy.  A business strategy is defined as “a method or plan chosen to bring about a desired future, such as achievement of a goal or solution to a problem.” (http://www.businessdictionary.com/definition/strategy.html). In an article by Michael Gleeson (2004) he notes that traditionally information systems were used for the “automation of existing manual and pre-computer mechanical processes”, however as time went on firms began to realise that information systems were “critical to the implementation of a corporation’s strategy” (http://www.comp.dit.ie/rfitzpatrick/MSc_Publications/2004_Michael_Gleeson.pdf).  He further notes that “strategy and Information Systems (IS) are inextricably linked” (Gleeson, 2004). One of the main objectives of a business strategy is to gain a competitive advantage  against a firm’s competitor. For example Dell gained a competitive advantage over its competitors by being the first PC manufacturers to  take customer orders over the internet   There are many ways a firm can achieve a competitive advantage through such things as  the creation of new products and services, establishing alliances, differentiating products and services but to name a few.

What is an information system?

29 Oct

While agblogail has gone into some detail about the types of information systems within an organisation, I would just like to note that in the beginning these systems not previously inter-linked. These systems were traditionally known as functional information systems and this  meant that they were developed independently of one another. For example; “sales developed order management systems, warehouses developed systems to track inventory of materials, accounting developed systems to track invoices and payments, and so on.” (Magal,S. & Word,J (2009) pg15). Customarily it was never high up on a firms list to share data between departments and if it ever was done it was done manually. This was a very time consuming process and it would slow down departments if they were waiting on the data in order to complete a task or a project.

(http://www.slideshare.net/RameshPonnala/types-of-is-7201398)

However as information systems evolved over the years organisations realised the importance of sharing information between department, thus they moved from the traditional functional information system to an integrated enterprise system. An enterprise systems is “a system that supports enterprise-wide or cross-functional requirements, rather than a single department or group within the organization.” (http://www.kirit.com/Enterprise%20systems%20for%20geniuses/What%20is%20an%20Enterprise%20System%20anyway%3F).

(http://www.koolgrapsite.com/tag/erp-systems)

From the diagram above you can see now how all information silos feed into 1 central system, instead of previously where all systems were stand-alone and worked independently. Now businesses can take data from various sources to produce analytic’s and forecasting across a wide range of functions, thus improving the running of an organisation.

What is an information system?

16 Oct

There are a wide range of definitions on offer with regard to what an Information System is. An Information System is (but not entirely) a computer based system that processes data into information relevant to the end-user. An information system can be defined as “an arrangement of people, data, processes, communications, and information technology that interact to support and improve day-to-day operations in a business as well as support the problem-solving and decision-making needs of management and users.” ( Whitten.J,& Bently,L. (2007). There are a number of types of information systems that can almost be put into a hierarchy system depending on the level of user. Some of the categories of information systems include: Transaction Processing Systems, Management Information Systems, Decision Support Systems and Expert Systems.

We can see from the success of the companies that provide Enterprise Wide Information Systems such as Oracle and SAP, that growth in this sector has been on the increase. The mid 1990’s saw an increase in companies are turning to Information Systems to be better informed about their own companies and their competitors. Decision Support Systems (DSS) is one of the classes of an information system. A Decision Support Systems can be defined as “Computer system designed to provide assistance in determining and evaluating alternative courses of action. A DSS (1) acquires data from the mass of routine transactions of a firm, (2) analyses it with advanced statistical techniques to extract meaningful information, and (3) narrows down the range of choices by applying rules based on decision theory. Its objective is facilitation of ‘what if’ analysis and not replacement of a manager’s judgement.” (http://www.businessdictionary.com/definition/decision-support-system-DSS.html). For example this can help companies predict how much extra staff they will need at certain times of the year through such things as a dashboard. This allows managers to forecast how many extra staff they will need based on previous information. For example Apple currently have 1000 staff members, last year for the Christmas period they hired an extra 50 employees. They expect an increase in sales of 20% from last year and predict they will need to increase their numbers to 1250.

However recently Information Systems, in particular, ERP systems are becoming ubiquitous, so many companies have to search even harder and find new ways to use IS to gain a competitive advantage.

What is your definition of Information systems?

%d bloggers like this: