Your SlideShare is downloading. ×
0
Systems Analysis and Design in a Changing World, Fourth Edition
Learning Objectives <ul><li>Discuss examples of system interfaces found in information systems </li></ul><ul><li>Define sy...
Learning Objectives ( continued ) <ul><li>Explain the importance of integrity controls </li></ul><ul><li>Identify required...
Overview <ul><li>This chapter focuses on system interfaces, system outputs, and system controls that do not require much h...
Identifying System Interfaces <ul><li>System interfaces are broadly defined as inputs or outputs with minimal or no human ...
Full Range of Inputs and Outputs Systems Analysis and Design in a Changing World, 4th Edition
eXtensible Markup Language (XML) <ul><li>Extension of HTML that embeds self-defined data structures in textual messages </...
System-to-System Interface Based on XML Systems Analysis and Design in a Changing World, 4th Edition
Design of System Inputs <ul><li>Identify devices and mechanisms used to enter input </li></ul><ul><ul><li>High-level revie...
Input Devices and Mechanisms <ul><li>Capture data as close to original source as possible </li></ul><ul><li>Use electronic...
Prevalent Input Devices  to Avoid Human Data Entry <ul><li>Magnetic card strip readers </li></ul><ul><li>Bar code readers ...
Defining the Details of System Inputs <ul><li>Ensure all data inputs are identified and specified correctly </li></ul><ul>...
Automation Boundary on a  System-Level DFD Systems Analysis and Design in a Changing World, 4th Edition
Create New Order  DFD with  an Automation Boundary Systems Analysis and Design in a Changing World, 4th Edition
List of Inputs for Customer Support System Systems Analysis and Design in a Changing World, 4th Edition
Structure Chart for  Create New Order (Figure 14-6) Systems Analysis and Design in a Changing World, 4th Edition
Data Flows, Data Couples, and Data Elements Making Up Inputs  (Figure 14-7) Systems Analysis and Design in a Changing Worl...
Using Object-Oriented Models <ul><li>Identifying user and system inputs with OO approach has same tasks as traditional app...
Partial System Sequence Diagram for  Payroll System Use Cases  (Figure 14-8) Systems Analysis and Design in a Changing Wor...
System Sequence Diagram for  Create New Order Systems Analysis and Design in a Changing World, 4th Edition
Input Messages and Data Parameters  from RMO System Sequence Diagram  (Figure 14-10) Systems Analysis and Design in a Chan...
Designing System Outputs <ul><li>Determine each type of output </li></ul><ul><li>Make list of specific system outputs requ...
Defining the Details of System Outputs <ul><li>Type of reports </li></ul><ul><ul><li>Printed reports </li></ul></ul><ul><u...
Table of System Outputs Based on Traditional Structured Approach  (Figure 14-11) Systems Analysis and Design in a Changing...
Using Object-Oriented Models <ul><li>Outputs indicated by messages in sequence diagrams  </li></ul><ul><ul><li>Originate f...
Table of System Outputs Based  on OO Messages  (Figure 14-12) Systems Analysis and Design in a Changing World, 4th Edition
Designing Reports, Statements, and Turnaround Documents <ul><li>Printed versus electronic </li></ul><ul><li>Types of outpu...
RMO Summary Report with  Drill Down to the Detailed Report Systems Analysis and Design in a Changing World, 4th Edition
Sample Bar Chart and Pie Chart Reports Systems Analysis and Design in a Changing World, 4th Edition
Formatting Reports <ul><li>What is objective of report? </li></ul><ul><li>Who is the intended audience? </li></ul><ul><li>...
Designing Integrity Controls <ul><li>Mechanisms and procedures built into a system to safeguard it and information contain...
Objectives of Integrity Controls <ul><li>Ensure that only appropriate and correct business transactions occur </li></ul><u...
Points of Security and Integrity Controls Systems Analysis and Design in a Changing World, 4th Edition
Input Integrity Controls <ul><li>Used with all input mechanisms </li></ul><ul><li>Additional level of  verification  to he...
Database Integrity Controls <ul><li>Access controls = management user </li></ul><ul><li>Data encryption  </li></ul><ul><li...
Output Integrity Controls <ul><li>Ensure output arrives at proper destination and is correct, accurate, complete, and curr...
Integrity Controls to Prevent Fraud <ul><li>Three conditions are present in fraud cases </li></ul><ul><ul><li>Personal pre...
Fraud Risks and Prevention Techniques Systems Analysis and Design in a Changing World, 4th Edition
Designing Security Controls <ul><li>Security controls  protect assets of organization from all threats </li></ul><ul><ul><...
Security for Access to Systems <ul><li>Used to control access to any resource managed by operating system or network </li>...
Users and Access Roles to  Computer Systems Systems Analysis and Design in a Changing World, 4th Edition
Managing User Access <ul><li>Most common technique is user ID / password </li></ul><ul><li>Authorization – Is user permitt...
Data Security <ul><li>Data and files themselves must be secure </li></ul><ul><li>Encryption  – primary security method </l...
Symmetric Key Encryption  Systems Analysis and Design in a Changing World, 4th Edition
Asymmetric Key Encryption  Systems Analysis and Design in a Changing World, 4th Edition
Digital Signatures and Certificates  <ul><li>Encryption of messages enables secure exchange of information between two ent...
Using a Digital Certificate Systems Analysis and Design in a Changing World, 4th Edition
Secure Transactions <ul><li>Standard set of methods and protocols for authentication, authorization, privacy, integrity </...
Summary <ul><li>System interfaces include all inputs and outputs except those that are part of GUI </li></ul><ul><li>Desig...
Summary ( continued ) <ul><li>OO approach to design inputs and outputs </li></ul><ul><ul><li>Sequence diagrams, class diag...
Upcoming SlideShare
Loading in...5
×

14 si(systems analysis and design )

1,079

Published on

Kumpulan Materi Kuliah TI

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,079
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
134
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "14 si(systems analysis and design )"

  1. 1. Systems Analysis and Design in a Changing World, Fourth Edition
  2. 2. Learning Objectives <ul><li>Discuss examples of system interfaces found in information systems </li></ul><ul><li>Define system inputs and outputs based on the requirements of the application program </li></ul><ul><li>Design printed and on-screen reports appropriate for recipients </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  3. 3. Learning Objectives ( continued ) <ul><li>Explain the importance of integrity controls </li></ul><ul><li>Identify required integrity controls for inputs, outputs, data, and processing </li></ul><ul><li>Discuss issues related to security that affect the design and operation of information systems </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  4. 4. Overview <ul><li>This chapter focuses on system interfaces, system outputs, and system controls that do not require much human interaction </li></ul><ul><li>Many system interfaces are electronic transmissions or paper outputs to external agents </li></ul><ul><li>System developers need to design and implement integrity and security controls to protect system and its data </li></ul><ul><li>Outside threats from Internet and e-commerce are growing concern </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  5. 5. Identifying System Interfaces <ul><li>System interfaces are broadly defined as inputs or outputs with minimal or no human intervention </li></ul><ul><ul><li>Inputs from other systems (messages, EDI) </li></ul></ul><ul><ul><li>Highly automated input devices such as scanners </li></ul></ul><ul><ul><li>Inputs that are from data in external databases </li></ul></ul><ul><ul><li>Outputs to external databases </li></ul></ul><ul><ul><li>Outputs with minimal HCI </li></ul></ul><ul><ul><li>Outputs to other systems </li></ul></ul><ul><ul><li>Real-time connections (both input and output) </li></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  6. 6. Full Range of Inputs and Outputs Systems Analysis and Design in a Changing World, 4th Edition
  7. 7. eXtensible Markup Language (XML) <ul><li>Extension of HTML that embeds self-defined data structures in textual messages </li></ul><ul><li>Transaction that contains data fields can be sent with XML codes to define meaning of data fields </li></ul><ul><li>XML provides common system-to-system interface </li></ul><ul><li>XML is simple and readable by people </li></ul><ul><li>Web services is based on XML to send business transactions over Internet </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  8. 8. System-to-System Interface Based on XML Systems Analysis and Design in a Changing World, 4th Edition
  9. 9. Design of System Inputs <ul><li>Identify devices and mechanisms used to enter input </li></ul><ul><ul><li>High-level review of most up-to-date methods to enter data </li></ul></ul><ul><li>Identify all system inputs and develop list of data content for each </li></ul><ul><ul><li>Provide link between design of application software and design of user and system interfaces </li></ul></ul><ul><li>Determine controls and security necessary for each system input </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  10. 10. Input Devices and Mechanisms <ul><li>Capture data as close to original source as possible </li></ul><ul><li>Use electronic devices and automatic entry whenever possible </li></ul><ul><li>Avoid human involvement as much as possible </li></ul><ul><li>Seek information in electronic form to avoid data re-entry </li></ul><ul><li>Validate and correct information at entry point </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  11. 11. Prevalent Input Devices to Avoid Human Data Entry <ul><li>Magnetic card strip readers </li></ul><ul><li>Bar code readers </li></ul><ul><li>Optical character recognition readers and scanners </li></ul><ul><li>Radio-frequency identification tags </li></ul><ul><li>Touch screens and devices </li></ul><ul><li>Electronic pens and writing surfaces </li></ul><ul><li>Digitizers, such as digital cameras and digital audio devices </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  12. 12. Defining the Details of System Inputs <ul><li>Ensure all data inputs are identified and specified correctly </li></ul><ul><li>Can use traditional structured models </li></ul><ul><ul><li>Identify automation boundary </li></ul></ul><ul><ul><ul><li>Use DFD fragments </li></ul></ul></ul><ul><ul><ul><li>Segment by program boundaries </li></ul></ul></ul><ul><ul><li>Examine structure charts </li></ul></ul><ul><ul><ul><li>Analyze each module and data couple </li></ul></ul></ul><ul><ul><ul><li>List individual data fields </li></ul></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  13. 13. Automation Boundary on a System-Level DFD Systems Analysis and Design in a Changing World, 4th Edition
  14. 14. Create New Order DFD with an Automation Boundary Systems Analysis and Design in a Changing World, 4th Edition
  15. 15. List of Inputs for Customer Support System Systems Analysis and Design in a Changing World, 4th Edition
  16. 16. Structure Chart for Create New Order (Figure 14-6) Systems Analysis and Design in a Changing World, 4th Edition
  17. 17. Data Flows, Data Couples, and Data Elements Making Up Inputs (Figure 14-7) Systems Analysis and Design in a Changing World, 4th Edition
  18. 18. Using Object-Oriented Models <ul><li>Identifying user and system inputs with OO approach has same tasks as traditional approach </li></ul><ul><li>OO diagrams are used instead of DFDs and structure charts </li></ul><ul><li>System sequence diagrams identify each incoming message </li></ul><ul><li>Design class diagrams and sequence diagrams identify and describe input parameters and verify characteristics of inputs </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  19. 19. Partial System Sequence Diagram for Payroll System Use Cases (Figure 14-8) Systems Analysis and Design in a Changing World, 4th Edition
  20. 20. System Sequence Diagram for Create New Order Systems Analysis and Design in a Changing World, 4th Edition
  21. 21. Input Messages and Data Parameters from RMO System Sequence Diagram (Figure 14-10) Systems Analysis and Design in a Changing World, 4th Edition
  22. 22. Designing System Outputs <ul><li>Determine each type of output </li></ul><ul><li>Make list of specific system outputs required based on application design </li></ul><ul><li>Specify any necessary controls to protect information provided in output </li></ul><ul><li>Design and prototype output layout </li></ul><ul><li>Ad hoc reports – designed as needed by user </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  23. 23. Defining the Details of System Outputs <ul><li>Type of reports </li></ul><ul><ul><li>Printed reports </li></ul></ul><ul><ul><li>Electronic displays </li></ul></ul><ul><ul><li>Turnaround documents </li></ul></ul><ul><li>Can use traditional structured models to identify outputs </li></ul><ul><ul><li>Data flows crossing automation boundary </li></ul></ul><ul><ul><li>Data couples and report data requirements on structure chart </li></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  24. 24. Table of System Outputs Based on Traditional Structured Approach (Figure 14-11) Systems Analysis and Design in a Changing World, 4th Edition
  25. 25. Using Object-Oriented Models <ul><li>Outputs indicated by messages in sequence diagrams </li></ul><ul><ul><li>Originate from internal system objects </li></ul></ul><ul><ul><li>Sent to external actors or another external system </li></ul></ul><ul><li>Output messages based on an individual object are usually part of methods of that class object </li></ul><ul><li>To report on all objects within a class, class-level method is used that works on entire class </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  26. 26. Table of System Outputs Based on OO Messages (Figure 14-12) Systems Analysis and Design in a Changing World, 4th Edition
  27. 27. Designing Reports, Statements, and Turnaround Documents <ul><li>Printed versus electronic </li></ul><ul><li>Types of output reports </li></ul><ul><ul><li>Detailed </li></ul></ul><ul><ul><li>Summary </li></ul></ul><ul><ul><li>Exception </li></ul></ul><ul><ul><li>Executive </li></ul></ul><ul><li>Internal versus external </li></ul><ul><li>Graphical and multimedia presentation </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  28. 28. RMO Summary Report with Drill Down to the Detailed Report Systems Analysis and Design in a Changing World, 4th Edition
  29. 29. Sample Bar Chart and Pie Chart Reports Systems Analysis and Design in a Changing World, 4th Edition
  30. 30. Formatting Reports <ul><li>What is objective of report? </li></ul><ul><li>Who is the intended audience? </li></ul><ul><li>What is media for presentation? </li></ul><ul><li>Avoid information overload </li></ul><ul><li>Format considerations include meaningful headings, date of information, date report produced, page numbers </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  31. 31. Designing Integrity Controls <ul><li>Mechanisms and procedures built into a system to safeguard it and information contained within </li></ul><ul><li>Integrity controls </li></ul><ul><ul><li>Built into application and database system to safeguard information </li></ul></ul><ul><li>Security controls </li></ul><ul><ul><li>Built into operating system and network </li></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  32. 32. Objectives of Integrity Controls <ul><li>Ensure that only appropriate and correct business transactions occur </li></ul><ul><li>Ensure that transactions are recorded and processed correctly </li></ul><ul><li>Protect and safeguard assets of the organization </li></ul><ul><ul><li>Software </li></ul></ul><ul><ul><li>Hardware </li></ul></ul><ul><ul><li>Information </li></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  33. 33. Points of Security and Integrity Controls Systems Analysis and Design in a Changing World, 4th Edition
  34. 34. Input Integrity Controls <ul><li>Used with all input mechanisms </li></ul><ul><li>Additional level of verification to help reduce input errors </li></ul><ul><li>Common control techniques </li></ul><ul><ul><li>Field combination controls </li></ul></ul><ul><ul><li>Value limit controls </li></ul></ul><ul><ul><li>Completeness controls </li></ul></ul><ul><ul><li>Data validation controls </li></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  35. 35. Database Integrity Controls <ul><li>Access controls = management user </li></ul><ul><li>Data encryption </li></ul><ul><li>Transaction controls = transaction log </li></ul><ul><li>Update controls </li></ul><ul><li>Backup and recovery protection </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  36. 36. Output Integrity Controls <ul><li>Ensure output arrives at proper destination and is correct, accurate, complete, and current </li></ul><ul><li>Destination controls - output is channeled to correct people </li></ul><ul><li>Completeness , accuracy , and correctness controls </li></ul><ul><li>Appropriate information present in output </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  37. 37. Integrity Controls to Prevent Fraud <ul><li>Three conditions are present in fraud cases </li></ul><ul><ul><li>Personal pressure, such as desire to maintain extravagant lifestyle </li></ul></ul><ul><ul><li>Rationalizations, including “I will repay this money” or “I have this coming” </li></ul></ul><ul><ul><li>Opportunity, such as unverified cash receipts </li></ul></ul><ul><li>Control of fraud requires both manual procedures and computer integrity controls </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  38. 38. Fraud Risks and Prevention Techniques Systems Analysis and Design in a Changing World, 4th Edition
  39. 39. Designing Security Controls <ul><li>Security controls protect assets of organization from all threats </li></ul><ul><ul><li>External threats such as hackers, viruses, worms, and message overload attacks </li></ul></ul><ul><li>Security control objectives </li></ul><ul><ul><li>Maintain stable, functioning operating environment for users and application systems (24 x 7) </li></ul></ul><ul><ul><li>Protect information and transactions during transmission outside organization (public carriers) </li></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  40. 40. Security for Access to Systems <ul><li>Used to control access to any resource managed by operating system or network </li></ul><ul><li>User categories </li></ul><ul><ul><li>Unauthorized user – no authorization to access </li></ul></ul><ul><ul><li>Registered user – authorized to access system </li></ul></ul><ul><ul><li>Privileged user – authorized to administrate system </li></ul></ul><ul><li>Organized so that all resources can be accessed with same unique ID/password combination </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  41. 41. Users and Access Roles to Computer Systems Systems Analysis and Design in a Changing World, 4th Edition
  42. 42. Managing User Access <ul><li>Most common technique is user ID / password </li></ul><ul><li>Authorization – Is user permitted to access? </li></ul><ul><li>Access control list – users with rights to access </li></ul><ul><li>Authentication – Is user who they claim to be? </li></ul><ul><li>Smart card – computer-readable plastic card with embedded security information </li></ul><ul><li>Biometric devices – keystroke patterns, fingerprinting, retinal scans, voice characteristics </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  43. 43. Data Security <ul><li>Data and files themselves must be secure </li></ul><ul><li>Encryption – primary security method </li></ul><ul><ul><li>Altering data so unauthorized users cannot view </li></ul></ul><ul><li>Decryption </li></ul><ul><ul><li>Altering encrypted data back to its original state </li></ul></ul><ul><li>Symmetric key – same key encrypts and decrypts </li></ul><ul><li>Asymmetric key – different key decrypts </li></ul><ul><li>Public key – public encrypts; private decrypts </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  44. 44. Symmetric Key Encryption Systems Analysis and Design in a Changing World, 4th Edition
  45. 45. Asymmetric Key Encryption Systems Analysis and Design in a Changing World, 4th Edition
  46. 46. Digital Signatures and Certificates <ul><li>Encryption of messages enables secure exchange of information between two entities with appropriate keys </li></ul><ul><li>Digital signature encrypts document with private key to verify document author </li></ul><ul><li>Digital certificate is institution’s name and public key that is encrypted and certified by third party </li></ul><ul><li>Certifying authority </li></ul><ul><ul><li>VeriSign or Equifax </li></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  47. 47. Using a Digital Certificate Systems Analysis and Design in a Changing World, 4th Edition
  48. 48. Secure Transactions <ul><li>Standard set of methods and protocols for authentication, authorization, privacy, integrity </li></ul><ul><li>Secure Sockets Layer (SSL) renamed as Transport Layer Security (TLS) – protocol for secure channel to send messages over Internet </li></ul><ul><li>IP Security (IPSec) – newer standard for transmitting Internet messages securely </li></ul><ul><li>Secure Hypertext Transport Protocol (HTTPS or HTTP-S) – standard for transmitting Web pages securely (encryption, digital signing, certificates) </li></ul>Systems Analysis and Design in a Changing World, 4th Edition
  49. 49. Summary <ul><li>System interfaces include all inputs and outputs except those that are part of GUI </li></ul><ul><li>Designing inputs to system is three-step process </li></ul><ul><ul><li>Identify devices/mechanisms used to enter input </li></ul></ul><ul><ul><li>Identify system inputs; develop list of data content </li></ul></ul><ul><ul><li>Determine controls and security necessary for each system input </li></ul></ul><ul><li>Traditional approach to design inputs and outputs </li></ul><ul><ul><li>DFDs, data flow definitions, structure charts </li></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  50. 50. Summary ( continued ) <ul><li>OO approach to design inputs and outputs </li></ul><ul><ul><li>Sequence diagrams, class diagrams </li></ul></ul><ul><li>Integrity controls and security designed into system </li></ul><ul><ul><li>Ensure only appropriate and correct business transactions occur </li></ul></ul><ul><ul><li>Ensure transactions are recorded and processed correctly </li></ul></ul><ul><ul><li>Protect and safeguard assets of the organization </li></ul></ul><ul><ul><li>Control access to resources </li></ul></ul>Systems Analysis and Design in a Changing World, 4th Edition
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×