The design or acquisition, implementation, and maintenance of a system affect all an organization’s functioning. Users should understand the design, implementation, maintenance, and review stages of the SDLC covered in Chapter 13 so that they can participate in the development of good information systems in the organization. After studying this chapter, you should be able to address the objectives on the next 3 slides.
The design process can take different forms, however, it is always driven by the organization’s goals.
Whether a system is developed, leased, or purchased, successful implementation involves getting the right information to the right people in the right format at the right time.
Generally, the maintenance stage requires more resources than the rest of the SDLC. Careful analysis, design, and project management, however, can lessen the cost of maintenance.
After the requirements of a system have been described in systems analysis, systems design begins. The purpose of systems design is to describe how the information system will function to meet its requirements. The primary deliverable of systems design is a technical specification document that details system outputs, inputs, interfaces, hardware, software, databases, telecommunications, personnel, and procedures.
Logical design produces a description of what the system must do, called the functional requirements. The functional requirements describe the purpose of each component without considering the hardware and software platform. Logical output design describes the type, format, content and frequency of outputs. Tools discussed in the last chapter can be used to document output requirements. For example, output design involves documenting that invoices are printed twice a day and describing the individual items on an invoice. After the output has been designed, input design starts. Input is specified exactly like output. For example, a logical design specification would state that when a customer calls, the system will capture the incoming phone number consisting of area code & number, and look up the customer’s file using the phone number. Processing design involves the calculations or other manipulations done to the data to turn inputs into outputs. For example, an invoicing system would need to perform calculations for shipping charges. Assume the requirements stated that shipping charges are .01% of the total order. In the logical design, a calculation would be specified showing that “shipping charges = .01% * Order subtotal”. File and database design describes the capabilities of the files or databases as well as their overall architecture. For example, real-time updates of records is a logical design specification. Tools such as entity-relationship diagrams are used to specify the organization and relations of the data.
Physical design describes the technology or other components needed to complete the logical design. Physical hardware design involves specifying all computer equipment by performance characteristics. For example, the amount of secondary storage and processing speed should be specified. The physical design of software further refines the logical design. If, for instance, a customer service representative must be able to access data from a particular file or two files must be merged then sorted to produce a particular report, this would be detailed. The type of databases required must be specified in physical design. Additionally, the logical design must be refined and implemented in a physical design, by taking into account performance characteristics. File structure, indices, and access paths are described. In physical telecommunications design, networks and devices are laid out, and hardware and media are specified, based on the logical design and functional requirements. For example, an Ethernet network using twisted pair cable and 100 megabits per second network adapter cards might be specified. Internetworking and other devices would also be detailed. Experience required for the job descriptions written during logical design are drawn up. In procedures and control design, details of the procedures outlined in logical design are provided. For example, backup procedures, output distribution methods, actual biometric systems that will be used, and auditing procedures would all be described in detail. It’s important to identify how security, fraud or unauthorized access could occur and design controls and procedures to prevent it.
There are a number of specific considerations that must be detailed during the design stage.
There must be emergency alternate procedures for users to follow when an information system is not usable. These may be manual work procedures to use until the system is working again or may involve assessing a remote computer. Designing fault-tolerant networks, that is, networks with redundant nodes and paths, is a safeguard against network malfunctions. IS personnel must also have backup. Cross-training people in multiple job functions is often done. The company could also have an agreement with an outside company to provide specifically qualified IS personnel.
When designing an information system, a level of fault tolerance is defined commensurate with the system’s importance to the business’s operations and survival. For example, important transactions may be mirrored – that is, each transaction would be simultaneously recorded on different computers at different sites. If the main computer failed, the other could take over. Many companies involve outside disaster recovery companies in their plans. For example, a hot site provides a firm immediate access to duplicate, operational hardware in the event their system fails. Hot sites may also involve off-site facilities for users with PCs, complete with phone service and data networks. Cold sites, or shells, provides the facility – that is rooms, phone lines, electricity – but not the computer hardware. If the firm’s main computer failed, they would bring a backup system to the site and resume operations.
There should be at least 2 backup copies of all programs, files, and databases. One copy should be kept in the IS department, and the other should be stored off-site. Since distributed systems are common, data on users’ hard disks is becoming increasingly important, and must therefore be backed up onto tape or a network drive. However, users are not always diligent in backing up data. Some companies set up networked computers so that users’ documents must be stored on a network drive, which is a hard disk on a server. This allows the IS department to backup user data when they backup the server. Backing up an entire database can take hours if the database is large. Therefore, some companies perform selective backups, where only specific files are backed up. Another shortcut is to perform an incremental backup, where only files that have been changed during a specified time period, say the last week, are backed up. Incremental backups use an image log, which is created whenever an application is run, and records all changes made to all files. If there is a problem with the database, the last full backup of the database is updated with the image log to reconstruct the current database. Whenever selective or incremental backups are used for the routine backup, a full backup is still done periodically.
Controls help maintain data security and prevent computer misuse, as well as computer crime and fraud. Deterrence controls are designed to prevent problems by physically excluding unauthorized personnel from operating computers. This may involve having a closed shop, where only specifically authorized operators can enter and run the computers. Input controls maintain the security and integrity of input data. Some of these controls involve sign-on procedures covered above. Others try to reduce the number of errors in the data, such as checking input to a salary field to make sure it doesn’t exceed 6 figures. Processing controls address processing and storage. Fault tolerance and backup procedures are processing controls, as are mechanisms to ensure output is correct. Output controls ensure output is secure and properly handled. Some installations create a log of all output produced and its destination. Many database controls are done by database management systems. Passwords and user views are two that have already been discussed. Telecommunications controls involve hardware and software to insure the security and integrity of transmitted data. Use of encryption is an example of a telecommunications control. Personnel controls are intended to ensure that only authorized personnel have access to systems and data. Logins, passwords, ID badges, or smart cards are examples of controls used to keep unauthorized personnel from gaining access.
These four approaches are among the most commonly used procedures to select an alternative – whether it is is something as large as hardware for a system or as small as selecting the best screen design. In group consensus, a particular group is charged with the responsibility of making the final evaluation and selection. The team members discuss the options until they reach an agreement Benchmark tests compare different products operating under the same conditions.
Implementation occurs after systems design. Implementation includes all the activities necessary to convert the system specifications into an operational information system.
The “make-or-buy decision” involves deciding whether to buy or lease the software, develop it in-house, have someone else develop it, or a use combination of methods. An organization may choose to buy or lease externally developed software for a variety of reasons. For example, buying or leasing off-the-shelf software eliminates risk about system capabilities and the completion date.
After determining that the software will meet the organization’s needs, the software is acquired, and, typically modified. Usually, purchased software requires a software interface, consisting of code to allow the external software to work with the organization’s other programs.
Software can also be completely developed internally. This gives the organization’s IS department greater control over the software, increasing the chance that the software will meet user and organizational requirements. It is also more difficult for competitors to duplicate custom built software, thus providing an organization a strategic advantage. To be effective and efficient, software is typically developed in a systematic fashion. Chief programmer teams is a common method for developing software.
When software is developed in house, there are a number of tools and techniques that can be used. While some organizations may require the use of particular tools or techniques, most encourage teams to use tools and techniques that fit the project at hand. Cross-platform development allows programmers to write programs that can be run on different platforms – that is, on different hardware and operating system combinations. Integrated development environments, or IDEs, are integrated software that combine a programming language, as well as all the tools needed to program. IDEs typically have graphical user interfaces. Visual Basic, Visual C++, and JIG are examples of IDEs. Structured design is an established design technique that breaks larger problems into individual modules with well-defined interfaces. There are a number of rules that modules and interfaces must adhere to. A well-designed module can be reused in other projects. A structured design can be implemented using structured programming.
After systems have been acquired or developed, critical activities in design still remain. Because databases and networks are the backbone of an information system, implementing them correctly is important. During analysis and design the adequacy of existing database and network facilities were documented. If databases or networks must be modified or upgraded with new equipment, that should be done here following the procedures discussed earlier for hardware acquisition. User preparation involves readying all users & stakeholders for the new system, as well as training users. User preparation should be an ongoing process, starting early in the SDLC by involving users and stakeholders in the development process and informing them of development progress. Similarly, if new IS personnel are required, they are hired and trained at this stage. Site preparation involves getting the location ready for the new system. Physical adjustments may not be needed if no new equipment is involved. If needed, site preparation can range from very minimal, such as rearranging the furniture to accommodate the new equipment, to massive, such as installing a new floor for network cabling, and upgrading the electrical, security, and air conditioning systems. Data preparation involves converting existing data into the format required by the new system. Manual files must be automated – typically organizations hire temporary workers to input all necessary data, since this can be a time consuming task. If the previous system was automated, the data may be in a format incompatible with the new system. Generally programs exist or can be written to convert data into a different file format.
Installation is the process of physically placing the hardware and software onsite and making it operational. Testing is done to ensure an information system works as intended. Testing is best conducted at several levels. While they code, programmers test modules of a program individually and in groups to ensure they work.
Systems maintenance involves monitoring, changing, fixing and enhancing an operational information system.
Virtually all programs and information systems need ongoing maintenance. Some of the many reasons for maintenance are listed on this slide and the next. Most of these reasons can be classified as maintenance to fix a problem, enhance the system, or adapt it to changes in its environment.
Commercial software companies typically use 4 categories to indicate the amount of change a system requires. Many other organizations have adopted these categories. A slipstream upgrade is a minor upgrade that isn’t worth announcing. This usually involves fixing a minor problem or bug, then recompiling the code. Unfortunately, a risk of maintenance is that even the smallest change can cause problems in different parts of the program, so new bugs could pop up after this minor adjustment. A patch corrects a problem or enhances the program by an addition to the program. The name “patch” comes from the fact that the additional code is “patched into” the existing code. For example, earlier releases of Microsoft’s Windows 98 wouldn’t allow computers to reliably shut down each time. Microsoft released a “patch” to take care of the problem. A new release is a significant program change that also requires changes in the software documentation. Finally, a new version is a major program change, introducing new features and eliminating or changing existing features.
Systems review is the process of analyzing systems to determine whether or not they are operating as intended. Actual system performance and benefits are compared to the system requirements, and cost, control, and complexity factors are re-examined. When problems or shortcomings are found, maintenance to the system is requested. Systems review is an ongoing process, continuing throughout a system’s life.
Systems review should include many factors, including those listed here. For example, the system should continue to meet the needs and support the goals of the organization, particular departments, and the users. The hardware, software, database, and telecommunications system should be reviewed to ensure they are up-to-date and capable of supporting the system. There should be adequate personnel to support the system, rules, procedures, and controls should be adequate, and training for users and IS personnel should be provided. Systems review often means monitoring the system, called system performance measurement. For example, in order to determine the efficiency of the information system, or determine the amounts of CPU time or memory the system uses, hardware or software monitors need to be used to take actual system measurements. System performance products exist to monitor and measure all components of an information system, including the hardware, software, database, and telecommunications.
Systems Design, Implementation, Maintenance, and Review Chapter 13
Principles and Learning Objectives <ul><li>Designing new systems or modifying existing ones should always be aimed at helping an organization achieve its goals. </li></ul><ul><ul><li>State the purpose of systems design and discuss the differences between logical and physical systems design. </li></ul></ul><ul><ul><li>Outline key steps taken during the design phase. </li></ul></ul><ul><ul><li>Describe some considerations and diagrams used during object-oriented design. </li></ul></ul><ul><ul><li>Define the term RFP and discuss how this document is used to drive the acquisition of hardware and software. </li></ul></ul><ul><ul><li>Describe the techniques used to make systems selection evaluations. </li></ul></ul>
Principles and Learning Objectives <ul><li>The primary emphasis of systems implementation is to make sure that the right information is delivered to the right person in the right format at the right time. </li></ul><ul><ul><li>State the purpose of systems implementation and discuss the various activities associated with this phase of systems development. </li></ul></ul><ul><ul><li>List the advantages and disadvantages of purchasing versus developing software. </li></ul></ul><ul><ul><li>Discuss the software development process and some of the tools used in this process, including object-oriented program development tools. </li></ul></ul>
Principles and Learning Objectives <ul><li>Maintenance and review add to the useful life of a system but can consume large amounts of resources. These activities can benefit from the same rigorous methods and project management techniques applied to systems development. </li></ul><ul><ul><li>State the importance of systems and software maintenance and discuss the activities involved. </li></ul></ul><ul><ul><li>Describe the systems review process. </li></ul></ul>
Special System Design Considerations <ul><li>Procedures for signing on </li></ul><ul><li>Interactive processing </li></ul><ul><li>Interactive dialog </li></ul><ul><li>Preventing, detecting, and correcting errors </li></ul>
Acquiring Software: Make or Buy Software? <ul><li>Externally developed software </li></ul><ul><ul><li>Lower cost </li></ul></ul><ul><ul><li>Lower risk </li></ul></ul><ul><ul><li>Ease of installation </li></ul></ul>
Make or Buy Software <ul><ul><li>Steps </li></ul></ul><ul><ul><ul><li>Review needs, requirements, and costs </li></ul></ul></ul><ul><ul><ul><li>Acquire software </li></ul></ul></ul><ul><ul><ul><li>Modify or customize software </li></ul></ul></ul><ul><ul><ul><li>Acquire software interfaces </li></ul></ul></ul><ul><ul><ul><li>Test and accept the software </li></ul></ul></ul><ul><ul><ul><li>Maintain the software </li></ul></ul></ul>
In-House Developed Software <ul><li>Chief programmer teams </li></ul><ul><li>The programming life cycle </li></ul>
Additional Implementation Activities <ul><li>Acquiring database and telecommunication systems </li></ul><ul><li>User preparation </li></ul><ul><li>Hiring and training IS personnel </li></ul><ul><li>Site preparation </li></ul><ul><li>Data preparation </li></ul>
Reasons for Maintenance <ul><li>Changes in business processes </li></ul><ul><li>Requests from stakeholders, users, or managers </li></ul><ul><li>Errors in the program </li></ul><ul><li>Technical and hardware problems </li></ul><ul><li>Corporate mergers & acquisitions </li></ul><ul><li>Government regulations </li></ul><ul><li>Changes in the operating system or hardware </li></ul>
Types of Maintenance <ul><li>Slipstream upgrade </li></ul><ul><li>Patch </li></ul><ul><li>Release </li></ul><ul><li>Version </li></ul>
Factors to Consider During Systems Review <ul><li>Mission </li></ul><ul><li>Goals </li></ul><ul><li>Hardware/software </li></ul><ul><li>Database </li></ul><ul><li>Telecommunications </li></ul><ul><li>IS personnel </li></ul><ul><li>Control </li></ul><ul><li>Training </li></ul><ul><li>Costs </li></ul><ul><li>Complexity </li></ul><ul><li>Reliability </li></ul><ul><li>Efficiency </li></ul><ul><li>Response time </li></ul><ul><li>Documentation </li></ul>
Summary <ul><li>Systems design - preparing detailed design needs for a new system or modifying an existing system </li></ul><ul><li>Systems implementation – installing the system and making everything, including users, ready for its operation </li></ul><ul><li>Software - can be purchased from vendors or developed in-house - a decision termed the make-or-buy </li></ul><ul><li>Systems maintenance - involves checking, changing, and enhancing the system to make it more useful in obtaining user and organizational goals </li></ul><ul><li>Systems review - the process of analyzing systems to make sure that they are operating as intended </li></ul>