MIS provides information about the performance of an organization
Think of entire company (the firm) as a system.
An MIS provides management with feedback
MIS: The Schematic The Firm Processing Input: Raw Materials, Supplies, Data, etc. Output: Products, Services, Information etc. MIS Managers, VPs, CEO
MIS - Questions
Q: How are we doing?
A: Look at the report from the MIS
Generic reports: Sales, Orders, Schedules, etc.
Periodic: Daily, Weekly, Quarterly, etc.
Obviously, such reports are useful for making good decisions.
How is a DSS different?
Pre-specified, generic reports
Special reports that may only be generated once
May not know what kind of report to generate until the problem surfaces; specialized reports.
MIS vs. DSS: Some Differences
In a DSS, a manager generates the report through an interactive interface
More flexible & adaptable reports
DSS Reporting is produced through analytical modeling, not just computing an average, or plotting a graph.
Business Models are programmed into a DSS
Decision Support System
Broad based approach
Human in control
Decision making for solving structured/unstructured problems
Appropriate mathematical models
Types of Decisions Payroll Structured Mergers Site Location Employee Performance Evaluation Capital Budgeting Production Scheduling Semi-structured New e-business initiatives Company re-organization Re-engineering a process Cash Management Un-structured Strategic Tactical Operational
Project Management software
Some IT systems simply process transactions
Some help managers make decisions
Some support the interorganizational flow of information
Some support team work
When Considering Information,
The concept of shared information through decentralized computing
The directional flow of information
What information specifically describes
The information-processing tasks your organization undertakes
Upward Flow of Information - describes the current state of the organization based on its daily transactions.
Downward Flow of Information - consists of the strategies, goals, and directives that originate at one level and are passed to lower levels.
Horizontal Flow of Information - between functional business units and work teams.
1. I nformation Sourcing - at its point of origin.
2. I nformation - in its most useful
3. Creating information - to obtain new
4. Storing information - for use at a later time.
5. Communication of information - to other
people or another location.
Centralised data environment
Decentralised data environment
Lack of central control
Corporate level reporting
Loss of synergy
IT Applications and Banking
Banking Systems and software
Bulk transaction entry
Banking IT knowledge
Electronic clearing and settlement systems
Debit Clearing system
Credit Clearing system
Electronic Bill presentment and payment
Decrease billing costs
Provide better service
New channels- new revenue
Local Area Networking
Remote Access Services
Information System Security and Audit
Intrusion prevention- locking, guarding, lighting
Intrusion detection mechanisms – Disturbance sensors, buried line sensors, Surveillance
Software access controls
Multiple type of access control
Internal access control – based on date, time etc
Impersonation - forging identity
Eavesdropping – Unauthorised read
Data alteration – Unauthorised edits
Denial of Service attacks - Overloading
Intrusion Detection Systems
NIDS – Network Intrusion Detection – monitors packets on network
SIV – System Integrity Verifier – files sum check
Log file Monitor – Log entry patterns
Signature recognition – Pattern recognition
Anomaly detection – Statistical anomalies
First line or last line of defence?
Eye retina pattern
Art and science of keeping files and messages secure.
Key – to encode
DES and Triple DES, IDEA
Safe key length
Prerequisites – Public private key pair, CA
PKI- Public Key Infrastructure
A framework for secure and trustworthy distribution of public keys and information about certificate owners called clients
High quality secret keys
CA- Certification Authority
Web of Trust
Data off site
Data off line
Data out of reach
Business Continuity Planning
Fire detection and prevention
Media handling and storage
DRP – Disaster Recovery Planning
BIA – Business Impact Assessment
Detailed definition – RTO and RPO
IS Audit Procedures
Who, how and reporting structures
Audit Software – execution
System Audit - Security
Control of last resort (DRP, Insurance)
IT Act 2000
Legal recognition of electronic records
Acknowledgement of receipt of electronic records
Legal recognition of digital signatures
Submission of forms in electronic means
Receipt or payment by fee or charge
Retention of electronic records
Publication of rules, regulation in electronic form