Information Systems – Higher Using Information
SECTION 2 – Organisational Information Systems
Categories of information systems
An information system is a group of interrelated components that work to carry out
input, processing, storage, output and control actions in order to convert data into
information that can be used to support forecasting, planning, control,
coordination, decision making and operational activities in an organisation.
There are several categories of information system:
• Data Processing Systems (DPS)
• Management Information Systems (MIS)
• Decision Support Systems (DSS)
• Executive Information System (EIS).
This table shows how they fit into the categories of strategic, tactical, and
operational information systems:
Organisation level Type of information system
Strategic Executive information system
Tactical Decision support system
Management information system
Operational Data processing system
Data processing systems
Commercial computing systems were first developed in the 1950s and 60s, initially
by what can only be called enthusiasts consisting of businessmen with a vision.
These included Jo Lyon (of Lyon’s cakes fame) who operated a huge catering
empire in London in the 1940s and 50s. The story of how they became
computerised with the first commercial system is told at the site http://
www.kzwp. com/lyons/leo.htm.
These systems were data processing systems that either replaced the manual
clerical procedures currently in use (like bank records), or in new areas where
humans were unable to perform the calculations involved due to their complexity.
A Data Processing System is sometimes referred to as a Transaction Processing
System (TPS), because it deals with the day-to-day transactions of an organisation.
Examples include systems for accountancy, invoicing, stock control and data entry.
For example, a clerk processing a customer order needs to know whether the item
is in stock, what the price of the item is, as well as customer details including
name and address.
Another example is each item sold in a supermarket. For each item the bar code
would be scanned and used to find the name and the price of the product and then
Business Education, ICT & Enterprise Page 1
Information Systems – Higher Using Information
the price used to calculate the total bill for a customer. This type of event would
be stored in the supermarket’s transaction file for each day’s business.
Data processing systems are usually tools used at the operational level of an
organisation, since most organisations at an operational level produce large
amounts of data from the events that contribute to their running.
Another simpler example of a DPS, within a school context, is the gathering of
pupil attendance records. Usually some attendance data is gathered for pupils in a
school, in the morning and afternoon. This data is then input into the attendance
information system. It can be used to calculate pupil, class, and year-group
attendance percentages. Pupil support staff enquiring about pupil illness or poor
attendance can also use the information produced by this system.
A DPS usually involves a computer at the heart of the operation. Depending on the
size of the company, this could be a desktop computer, a network, a mini or
mainframe computer with ‘dumb’ terminals. The system also includes the software
necessary to run the computer and handle the data. The means of collecting and
outputting the data may well also be included. For example, the National Lottery
DPS includes terminals in shops around the country where data is collected.
Management information systems
An MIS is a system that converts data from internal and external sources into
information, communicated in an appropriate form to managers at different levels
of an organisation. The information can contribute to effective decision making or
planning to be carried out.
The source of data for an MIS usually comes from numerous databases. These
databases are usually the data storage for Data Processing Systems.
MIS summarise and report on the organisation’s basic operations. The basic data
from the DPS is condensed and is usually presented in long reports that are
produced on a regular basis.
MIS produce reports for managers interested in historic trends on a weekly,
monthly and yearly basis (not on the day-to-day activities of the DPS). The
information in these reports provides answers to routine pre-defined questions. An
example from a supermarket will provide reports that show the sales figures for
each department each day for a week, with weekly totals, monthly totals,
comparisons with last month and the corresponding month last year. Once the
information is in the system many reports can be extracted.
These systems are generally not very flexible and have little analytical capability.
Most MIS use simple routines such as summaries and comparisons as opposed to
sophisticated mathematical models or statistical techniques.
Business Education, ICT & Enterprise Page 2
Information Systems – Higher Using Information
Decision support systems
A DSS provides information and models in a form to help tactical and strategic
decision-making. DSS support management decision¬-making by integrating:
• company performance data
• business rules in a decision table
• analytical tools and models for forecasting and planning
• a simple user interface to query the system.
DSS are particularly useful when making ad-hoc, one-off decisions. These types of
decisions tend to be unstructured and irregular.
DSS enable a manager to explore a range of alternatives under a variety of
conditions. For example, a manager may wish to know the effects on profits if sales
increase and costs decrease.
The source of data for a DSS tends to be a combination of summary information
gathered from lower level DPS and MIS; it also includes significant information from
external data sources.
Executive information system
An EIS provides senior managers with a system to assist in taking strategic and
tactical decisions. Its purpose is to analyse, compare and identify trends to help
the strategic direction of the organisation.
EIS address unstructured decisions and create a generalised computing and
communications environment, rather than providing any fixed application or
specific capability. Such systems are not designed to solve specific problems, but
to tackle a changing array of problems.
EIS are designed to incorporate data about external events, such as new tax laws or
competitors, and also draw summarised information from internal MIS and DSS.
These systems filter, compress, and track critical data; emphasising the reduction
of time and effort required to obtain information useful to strategic management.
They employ advanced graphics software to provide highly visual and easy-to-use
representations of complex information and current trends, but they tend not to
provide analytical models.
EIS allow the user to look at specific data that has been summarised from lower
levels within the organisation and then drill down to increase the level of detail,
which is provided by the information systems in different areas. This is an example
of data warehouse analysis, which we will discuss later.
Interrelationships between information systems
Expert systems
Business Education, ICT & Enterprise Page 3
Information Systems – Higher Using Information
An expert system is a computer program that tries to emulate human reasoning. It
does this by combining the knowledge of human experts and then, following a set
of rules, it draws inferences.
An expert system is made up of three parts: a knowledge base; an inference
engine; a user interface.
The knowledge base stores all of the facts, rules and information needed to
represent the knowledge of the expert. The inference engine is the part of the
expert system that interprets the rules and facts using backward and forward
chaining to find solutions to user queries. The user interface allows the user to
enter new knowledge and query the system.
Reasons for expert systems in business:
• To store information in an active form as organisational memory, creating an
organisational knowledge base that many employees can examine and preserving
expertise that might be lost when an acknowledged expert leaves the organisation.
• To create a mechanism that is not subject to human feelings, such as fatigue
and worry. This may be especially useful when jobs may be environmentally,
physically or mentally dangerous to humans. These systems may also be useful
advisers in times of crisis.
• To enhance the organisation’s knowledge base by generating solutions to
specific problems that are too substantial and complex to be analysed by human
beings in a short period of time.
We will go on to look at some of the concepts in relation to organisational
information systems. Also we will look at their functions and at reasons for their
need, and at descriptions of management strategies and at networking.
Concepts in relation to an Organisational Management System
Speed
Computers at the heart of information systems are capable of processing data very
quickly. Although the computer is able to access data from backing storage at very
high speeds this is one of the slowest aspects of data processing. The processor is
able to carry out millions of calculations per second and some processors are
optimised for speed of calculations.
Accuracy
For most practical purposes computers store and process numbers to a high degree
of accuracy, but the accuracy also depends on the software written and, of course,
on human accuracy. Much financial software is accurate to 3 decimal places
rounded to 2. Once the accuracy of a calculation has been verified the software
and hardware combined will perform the calculation correctly every time.
Volume
Business Education, ICT & Enterprise Page 4
Information Systems – Higher Using Information
The number of transactions handled by an Information System in a period of time is
referred to as the volume or number of transactions. A commercial data system
often has to handle millions of transactions every week. For example, take a bank
with 5 million customers. If each customer makes an average of 2 transactions
(cash withdrawals or deposits, cheques written, direct debits or standing orders),
then the system has dealt with 10 million transactions. The average for a bank of
that size is probably far higher so as you can see the volume of data is huge. This
has big implications for the size of backing storage, processing power and output
capabilities of the system.
Efficiency
The efficiency of an Information System is really a combination of the speed,
accuracy and volume of the data processed. It could be measured as the number of
accurate transactions carried out per minute. In relation to human processing, it is
substantially more efficient to carry out processing on an information system.
Information systems are capable of running without interruption 24 hours a day and
7 days a week.
The functions of an Organisational Information System
There are four basic functions of an OIS (similar in nature to the Commercial Data
Processing Cycle) relating to gathering data and storing, processing and outputting
information. Remember that we start by gathering data, and from storing it
onwards it becomes information.
Gathering data
In the past there was a wide range of methods for capturing data before bar codes
became almost universal on goods for sale. Many large companies employed large
teams of data-processing staff often entering data from turnaround documents
(like utility bills filled in and returned with a cheque).
The original mail-order companies were another area of business that used data-
processing staff. Customers chose goods from a catalogue and sent the order forms
in. Operators typed in the order, and when the goods were despatched documents
including a bill were produced. The customer received the goods and in time paid
the bill, filling in a document to enclose with the cheque (or to pay in at the bank).
The company eventually received the documents and the payment could be
recorded against the customer account.
In shops there were several different ways of recording sales and stock control.
Some large shops used kimball tags, which were strips of cards with holes punched
in them. These cards were fed into a reader at the end of the day and the reader
interpreted the sequences of holes as stock numbers and stored the data on a type
of disk. The disk was sent to head office for processing and at the end of a week
sales figures and stock levels could be calculated. A similar system was employed
with metallic stripes on the cards, which were similarly read and used.
The main disadvantage of these methods is the time delay between the goods being
ordered, dispatched (remember ‘please allow 28 days for delivery’) and the
Business Education, ICT & Enterprise Page 5
Information Systems – Higher Using Information
company banking the money; also shops were forever either overstocking or
running out of stock.
The current methods that are employed to capture data for an information system
will be investigated.
Bar codes
Bar codes are small labels printed on food, books, newspapers and magazines and
nearly all product packages. They are made of lines, which represent numbers. A
bar code stores four pieces of information:
• country of origin
• manufacturer’s code
• item code
• check digit.
The bar code is scanned (the numbers can be entered manually as well if they
won’t scan). The bar code data is then used by the point-of-sale terminal to search
a database of products for the name and prices. It then prints an itemised bill and
uses the data to update stock levels and a sales file which can be used there and
then to calculate all sorts of statistics (daily sales by department, hourly sales,
etc.).
Ordering goods
What are the other methods of gathering data in common use? Mail order has all
but disappeared and has been replaced by telephone and Internet ordering.
Companies now rely on customers telephoning an order and paying over the phone
with a credit or debit card. The goods are ordered instantly, the stock position can
be given to the customer instantly, the money is transferred to the company’s
account almost instantly, and the goods are usually despatched within a few hours
and received usually within 48 hours by the customer.
When goods are ordered over the Internet a similar situation occurs except that
even more of the process is automated. The customer orders the goods from the
Internet site, pays by credit or debit card and the goods often arrive either at a
prearranged delivery time (supermarkets), or within a day or two.
The advantages of these methods to the company are that they are paid instantly
in advance for goods ordered and hopefully increase their business. To the
customer, goods are received very quickly and often at the customer’s convenience
and of course the customer does not need to leave their home (especially
advantageous when young children are around and / or the weather is very bad).
The customer also has protection from their credit-card company if something goes
wrong.
Magnetic strips and chip and PIN
Credit and debit cards contain either magnetic strips or microchips that contain the
holder’s account details. When the card is passed through the reader either the
strip or the chip is read and the account details transferred to the point-of-sale
terminal (POS).
Business Education, ICT & Enterprise Page 6
Information Systems – Higher Using Information
With a magnetic strip card a bill is printed out, signed and retained by the retailer
and a receipt is printed out for the customer.
With chip and pin the customer types a pin number into a device attached to the
till. The PIN number verifies the sale and the receipt is printed out for the
customer. It is generally quicker to use chip and PIN and much less open to fraud as
there is no piece of paper for a thief to copy the number from.
Magnetic ink character recognition (MICR)
There are numbers printed at the foot of every cheque and on the slips in a pay-in
book. These are printed not in ordinary ink, but magnetic ink and are the code
numbers for the bank, branch, account and cheque. When the cheque is paid into
the bank, a machine is used to read the details, firstly on the pay-in slip that gives
the numbers for the account the money is to go to, and then on the cheques that
give the numbers of the accounts the money is taken from. The bank clerk only
needs to type in the amount of each cheque and the reader sends all the details to
the branch computer that stores the data.
Optical character recognition (OCR)
This is when the printed text is scanned into a computer. Pages of text can be
scanned in very quickly and then searched for words or sentences. They can also be
reprinted or edited. It is very useful in an office that receives or uses a lot of
printed text, e.g. lawyers or accountants.
Mark sense reader
This is a device which brushes electrical contacts across the Mark Sense Document.
If the contacts touch a pen or pencil mark then a current can flow between them.
This is used most commonly in the National Lottery, where a player’s numbers are
read from the board they have filled in and a ticket is produced. This method is
also used for marking multiple-choice question papers.
Storing information
Information can be stored on a variety of media such as magnetic tape, hard disk,
CD-ROM and DVD. These fall into two categories, those where data can be written
to, re-written and amended, and those where data can only be written once and
read many times. Generally speaking all of the data input from any of the above
methods of data input will be stored on hard disks. These have very fast access
allowing records on the disk to be accessed very quickly. The access is also random
or direct meaning the disk heads can go to any part of the disk without starting at
the beginning and working through towards the end, as with magnetic tape.
Generally tape is only used for backing up large hard disks and usually only file-
servers on a network. It is totally unsuitable for most modern data-processing
applications. When fitted to a computer, CD-ROM and DVD drives that can be
written to are usually used for backing up data from the hard disk of a personal
computer.
Business Education, ICT & Enterprise Page 7
Information Systems – Higher Using Information
Another popular device for transporting data from one computer to another (home
to school or work and vice versa) is the memory stick. This small, large-capacity
device plugs into the USB port on the computer and almost immediately is
recognised by the computer as an external disk drive and data can be saved to it
just like a disk, except that it can have a larger capacity and is a lot faster than a
disk drive.
Processing data
There are several types of processing that can be applied to data to turn it into
information, as follows:
• searching/selection
• sorting/rearranging
• aggregating
• performing calculations.
Searching involves selecting a sub-section of the data that meets a specified
criterion. You may be familiar with this technique from work you may have done on
databases in school or college when results of searches or queries happened
instantaneously; but on a commercial basis searching can take a very long time.
One example would be the National Lottery where the winning numbers are
entered in as search criteria. On average it takes half an hour to find the match for
any winning combination. Even if they find a match on the first record they must
continue to the end, as the last of around 14 million records could also be a match.
Every time a bar code is scanned the database in the supermarket is searched for a
match and the details returned. Even with 20 or so tills working and some 20,000
items in store the match is fairly instant.
Sorting involves arranging the data into some form of order. The choices are usually
alphabetical or numeric, and then ascending or descending. Large commercial
organisations usually have their data sorted or indexed in some way. It is common
to have the customer file permanently sorted in customer number order and when
transactions are made over the course of a day (orders and payments usually), the
transaction file is also sorted by customer number. The files are then merged and a
new file created with the transactions attached to the correct customers. A bank
will sort its customers firstly into branches and then by account number within the
branch.
Aggregating involves summarising data by taking numerous data values and
reducing them to either one value or a substantially reduced number of data
values. Financial data is often aggregated, as actual totals of money earned or
owed are wanted more often than the detail. For example, when you buy goods in
a shop or supermarket and pay for them you only pay the aggregated total and if
you pay by credit or debit card then the card company or bank is only interested in
the aggregated total to debit your account. When you receive the statement for
the credit card all the transactions you have made are listed on the statement but
you are only really interested in the aggregated total at the bottom – the amount
you have to pay.
Business Education, ICT & Enterprise Page 8
Information Systems – Higher Using Information
Performing calculations involves applying a formula to data to compute a new
value. Obviously when using examples looked at in this section, calculations have
taken place. The items have been totalled or added up; and the total found for the
till receipt, the bank and credit card statements have been similarly totalled.
When a utility bill is calculated then several calculations take place:
Cost of units = units used * unit cost
Net bill = cost of units + standing charge
Total bill = net bill + (net bill * 0.175)
So the total bill is calculated in three stages with the VAT finally being added. The
same principles apply for electricity, gas and phone bills, although the phone bill
has many more sub-sections and performs many more calculations.
Outputting information
Paper
The most popular output method is printing information onto paper. The list of
examples of paper output is almost endless, but tying them in to our examples we
include till receipts and bills of many kinds to customers; in a business we call
these invoices and statements. Internal reports and business communications tend
to be internal printed output within a business, while many businesses exist to
produce printed output to send to customers and potential customers.
Screen
Often in a large data processing operation the operator is only allowed to see their
input screen and maybe some customer details. Managers and directors are more
likely to see reports and progress checks on screen. However, with the rise of web-
based and web-aware software, management reports can be viewed on screen in
an interesting and visually stimulating manner, as with intranet pages (an intranet
is like an internal internet for an organisation).
Organisational Information Systems
File
Once a database file has been updated with new information it will be saved to
backing storage for future reference. In some situations reports or filtered data will
be selected from the file and saved as a separate file. This allows the data to pass
to another part of an information system that deals with the subset of data. Files
can be e-mailed to managers and viewed on-screen to save paper.
Organisational Information System Management Strategies
When an organisation decides to install a computerised information system, several
important decisions need to be made and lots of planning undertaken. There are
five areas where an organisation needs to have clear strategies when planning and
using information systems. These are as follows: Networks, Security, Backup and
Recovery, Upgrading and Software.
Network strategy
Business Education, ICT & Enterprise Page 9
Information Systems – Higher Using Information
An organisation needs a network strategy initially to plan how to set up the
network in general to manage effectively its distribution of data and information to
assist its decision-making and general operation. The network strategy should be
based on sound fundamentals so that no matter the advances in technology the
network will be able to adapt and still deliver the services the organisation
requires.
The strategy needs to address the following areas:
• Data transfer (traffic)
• Distribution/coverage
• Access and security
• Facilities
• Storage capacity.
Security strategy
An organisation needs a security strategy to ensure that staff or competitors do not
steal important operational data. The security strategy will also deal with those
areas of the network that staff can access (you cannot have data entry clerks
accessing reports meant for senior management). Nowadays security must also deal
with keeping unauthorised people from remotely accessing business networks; and,
of course, it must protect against virus attacks.
Backup and recovery strategy
An organisation needs a backup and recovery strategy to ensure that operational
data is not accidentally destroyed or damaged. As organisations rely more and
more on information systems to store and process their data, it is vital that
processes and procedures are introduced to ensure data is kept safe from loss or
harm.
Upgrade strategy
An organisation needs an upgrade strategy to ensure its information systems can
continue to support the core business as the organisation grows and changes over
time. There are likely to be advances in the hardware technology such as faster
cabling systems, faster and more secure communications hardware and computers.
Advances are also likely to be found in the software used with faster and more
secure operating systems and greater functionality in the application software.
Organisations need to decide whether and when to upgrade, usually when it
appears cost effective to do so.
Software strategy
Initially the organisation will decide whether it needs bespoke or specially written
software. The latter is common for large organisations like banks, insurance
companies, supermarkets, and companies like call centres and modern mail-order
companies. The organisation contacts a software house that will create the
bespoke software. This is always expensive and many organisations will try and
configure off-the-shelf application packages to suit their purposes. Often there is a
mixture of bespoke and off-the-shelf packages in use, with managers often
manipulating and analysing in spreadsheets figures produced in bespoke systems.
Business Education, ICT & Enterprise Page 10
Information Systems – Higher Using Information
Network strategy
Topologies
A network topology is basically the way in which the network has been built.
Although there are several different variations on each of these basic topologies we
are only going to look at the generic types.
LAN
This stands for Local Area Network and it is a network that is restricted to one
room, building or site. The cabling and hardware (infrastructure) that defines the
network are usually owned by the organisation. LANs allow users to share data and
peripherals like printers, often they are able to log on anywhere on the network
and access their own data from any computer. The network manager is able to
control access through the use of usernames and passwords and ensure that data is
kept secure and backups made.
WAN
This stands for Wide Area Network and is a network that uses some form of
external communications for computers to communicate with each other. Some
large companies, local authorities and government departments operate WANs.
Their regional and district offices can be connected via leased lines and their
computers will all operate as if they were workstations on a LAN. More common
nowadays is for these organisations to use telephone lines and run a web-based
service or Intranet. By far the biggest WAN in the world is the World Wide Web
running the Internet.
Distributed networks
Distributed networks have been made possible on LANs by the use of modern
networking software and by having multiple servers around the network. Each
server can run a mini network within a sub-group of switches and this can reduce
network traffic significantly. Users’ data can be kept on the server they are most
likely to access although their user area should be transparent from any station on
the network. A distributed network can make the working of a network like a
school or college much more efficient, and in a business environment much more
secure as well. Server failure at one node is unlikely to render the entire network
useless.
Network Hardware
Client-server network
This type of network has a central computer called a server, although large LANs
may have more than one server. Data files and software are usually stored on the
server but can be accessed from the network stations (nodes). Some software is
installed centrally so that it only has to be installed once, although applications are
usually installed on each workstation and this software can often be installed
remotely to several stations at once. All files are stored centrally, providing a pool
of data that is accessible to all workstations on the network. The network can
support computers of differing types and usually different versions of the same
Business Education, ICT & Enterprise Page 11
Information Systems – Higher Using Information
operating system. Backup is easy to perform and there is no need to rely on users
backing up their own files.
This sort of network is heavily dependent on the server. Servers need to have fast
processing speeds, large memory and large hard disks. They are expensive and
server-based networks are complicated to install. The commonest type of server-
based LAN is based on Ethernet technology.
Peer-to-peer network
This type of network has no central server, as all workstations on the network are
equal. Installing software takes more time, as it has to be installed on each
computer. Workstations on a peer-to-peer network can access work stored on other
computers on the network. This type of network is less secure as access to and
from workstations needs to be open.
As a server is very expensive to buy, a small peer-to-peer network is a lot cheaper
then a client-server network. A peer-to-peer network is ideal in a small office
where a handful of computers need to be networked.
Network adapter card
Every computer attached to a network needs a network adapter card. Very often
now the card is built-in to the computer at the time of manufacture. The network
cable plugs into the card and the other end into a socket and it therefore allows
the computer to send and receive data across the network.
Structured cabling
Cables are the commonest form of transmission media used to build a network.
They are usually made from copper wire, such as co-axial and twisted pair. Fibre-
optic cables are also used for fast, large-capacity networks or to connect sections
of a network in a large building like a school or college.
In an Ethernet network, twisted pair cabling is normally used, and each network
point will be connected back to a hub or switch, which in turn is connected to the
server. However large a network becomes (and networks of 200–500 stations are
not uncommon in large schools and colleges) this simple structure applies. Of
course complications develop and when longish distances are covered a repeater
boosts the signal, at regular intervals to prevent the signal deteriorating until it is
unusable.
Network software
Network operating system
There are two parts to the network operating system, the version that runs on the
server and the version that runs on the personal computers to turn them into
network stations. The server software is needed to control which users and
workstations can access the server, keep each user’s data secure, and control the
flow of information around the network. It is also responsible for file and data
sharing, communications between users, and hardware and peripheral sharing.
Business Education, ICT & Enterprise Page 12
Information Systems – Higher Using Information
Each workstation (computer) connected to the network needs the Network
Operating System installed before it can connect successfully to the network
facilities. It may be extra software added to the operating system, or more likely
on modern computers running Windows 2000 or XP it comes as part of the
operating system and only needs to be run to connect the computer to the
network. Thereafter it runs automatically after start-up and makes any user log in
before they can access either the computer or the network
Network auditing and monitoring software
This software keeps a track of network activity. It not only records user activity,
but workstation activity as well. It records who has logged in where, at what time,
for what duration, which applications have been used, printer requests and file
access activity. This allows the network manager to see exactly what was
happening if a problem is reported, and also to monitor any person who may be
acting suspiciously as far as the network is concerned.
In a commercial organisation this sort of auditing and monitoring can be used to
detect fraud and suspicious activity.
Security strategy
Data stored on computer is vital to the success of any business or organisation. The
loss of computer files is an extremely serious problem for any organisation, so it is
vital that organisations take steps to protect the security, integrity and privacy of
their data. What exactly do we mean by these terms and what is the difference
between security, integrity and privacy? We will look at this question and
investigate the policies and procedures for implementing data security and access
rights on a network.
Security, integrity and privacy of data
Data security means keeping data safe from physical loss. This could be due to
accidental damage to the computer systems, such as a fire or flood. It might be
caused by electronic problems such as hardware failure or the data becoming
altered due to magnetic influences. We call this data corruption. This might be
intentional: for example, theft by a competitor, malicious unauthorised access
deleting or altering data, or it might be destruction of the data by viruses.
Data integrity means the correctness of the stored data. Measures are taken when
data is entered to ensure that it is correct. In an off-line situation data is often
double entered, once originally and once again for security. If there is a mismatch
the data has to be checked and re-entered. On-line data entry (such as from call
centres) is often checked by the software; or operators may ask customers to spell
difficult names or addresses, before reading their details back to them so they can
correct any errors. Data may be incorrect because of program bugs, hardware
breakdown, viruses or other computer crime, or through errors in data transmission
on networks or using remote terminals.
Business Education, ICT & Enterprise Page 13
Information Systems – Higher Using Information
Data privacy means protecting data so that unauthorised users cannot access it.
You as a user may wish to keep your personal data at school or college private. In a
commercial organisation different groups of users will be allowed access to
different levels of data. Thus data is kept private to specific groups of users.
You will probably rely on a network manager to keep the data secure. Its integrity
is respected when the data is entered and stored and your privacy is protected by
not letting other users into your personal data.
The security risks to information systems
A virus is a piece of programming code that causes some unexpected and usually
undesirable event in a computer system. Viruses are often designed so that they
automatically spread to other computer users on a network. They can be
transmitted as attachments to an e-mail, as a download, or be present on a disk
being used for something else. Some viruses take effect as soon as their code takes
residence in a system whilst others lie dormant until something triggers their code
to be executed by the computer. Viruses can be extremely harmful and may erase
data or require the reformatting of a hard disk once they have been removed.
Hacking is gaining unauthorised access to a computer information system. This may
be as simple as trying to break into your friend’s account at school or college; or it
may be as complex as terrorists trying to break into state security and military
systems. Much of the security on networks exists to prevent hacking, whether user
names and passwords or chip-and-pin credit and debit cards. It is not so much the
breaking in that is the offence as maliciously altering data or stealing information.
As organisations begin to incorporate the use of the network and Internet into their
core business activities, they become more vulnerable to new risks. One of these
risks comes from denial of service attacks. This involves flooding an organisation’s
Internet server with a surprisingly large amount of requests for information
(traffic). This increase in traffic overloads the server, which is incapable of dealing
with the backlog of requests, and usually results in the server crashing or needing
to be taken offline to resolve the problem.
This sort of attack on a company can be very costly. An example was the attack on
Yahoo in 2000, which involved their servers being flooded with 1 billion hits per
minute. The attack was estimated to have cost £300,000 in lost advertising revenue
alone (Financial Times, 17 November 2000).
Policies and procedures for implementing data security
Codes of conduct can be applied to anybody that uses an information system. Most
organisations insist that users follow a set of rules for using their information
system. These rules outline the organisation’s expectations of user behaviour – a
kind of school rules for adults and professionals. Employees in an organisation often
have to sign a code of conduct as part of their conditions of employment. These
are not usually onerous or unduly restrictive but more often common sense and for
Business Education, ICT & Enterprise Page 14
Information Systems – Higher Using Information
the employee’s protection (to prevent them from breaking any laws). A code of
conduct can cover basic professional competences as well as an obvious statement
like ‘Never disclose your password to anybody else’ or ‘Change your password every
week’.
Members of professional associations, like the British Computer Society (BCS), are
expected to abide by a set of principles that set out minimum standards of
competence, conduct and behaviour. They have a code of conduct for members
who work in the Information Systems industry, and many professional organisations
have such regulations to govern how their membership carries out their work.
The BCS code of ethics covers:
• Professional conduct – members’ conduct shall uphold the dignity,
reputation and good standing of the profession.
• Professional integrity – A member shall not by unfair means do anything that
would harm the reputation, business or prospects of another member and shall at
all times act with integrity.
• Public interest – A member shall have proper regard to the public interest
and to the rights of third parties.
• Fidelity – A member shall discharge his obligations to his employer or client
with complete fidelity.
• Technical competence – A member shall offer only those services which are
within his/her competence, and shall declare to his employer or client the relevant
level of competence he possesses when his services are being sought.
Password guidelines
When users are given access to an information system they will be given a specific
user identity (user ID) and a password. Most systems allow the user to change the
initial password to one of their own choice and they also require users to change
their password on a regular basis.
However, this free choice can result in a poor selection of password and increase
the risk of a hacker guessing or deducing the password. Most password systems try
to ensure a password is chosen that cannot be easily deduced, by imposing some
password rules; for example, all passwords should:
• have a minimum length of 5 characters
• have a mix of letters and numbers
• not contain any words
• not be the same as the previous password
• not use easily guessed strings of letters or numbers (e.g. 123456 and
abcdef).
Implementing data security
Virus protection
Prevention
Business Education, ICT & Enterprise Page 15
Information Systems – Higher Using Information
A virus can, like any form of data, copy itself onto a computer via portable backing
storage or across the network. There are various different ways of preventing a
computer system from being infected by a virus.
You can, as in some schools and colleges, prevent users from using floppy disks to
transfer data. Several organisations buy PCs without a built-in floppy disk to reduce
the risk of virus infection.
Another form of infection is via e-mails, specifically with attachments. In recent
years there have been several well-¬publicised examples of viruses being spread via
attachments on e¬mails. To combat this risk, organisations use filtering software to
scan incoming e-mails for potentially dangerous virus attachments. The advice that
users are given to prevent infection is not to open any attachments or e-mails from
e-mail addresses that they do not recognise.
Detection
If a user does not have any anti-virus software installed on their computer system,
they may not detect a virus until it causes damage to their computer or someone
else receives an infected e¬mail or file from them.
To detect viruses on a computer system a user needs to install anti-¬virus software
that is capable of scanning incoming data for viruses. Virus scanning involves
looking at each file for a known virus signature. If the anti-virus software has not
been updated recently, there may be new viruses (and their signatures) that the
system is unable to recognise.
Most anti-virus software can be configured to scan floppy disks or other portable
media for viruses, when they are inserted into the computer. If a virus is detected
it will either refuse to read the disk or ask the user if they wish to repair the
infected file.
Repair
It is generally a good idea to scan the hard disk of the computer system on a
regular basis to ensure no viruses have managed to infect the system. If a virus is
discovered the anti-virus software can offer to quarantine or repair the files.
Quarantining involves coping the files into a secure sub-directory on the hard disk.
Repairing a file involves the anti-virus software deleting the part of the file that it
believes contains the virus infection.
Firewall
A firewall is an intelligent device or software item that is used to prevent
unauthorised access to an organisation’s network. The firewall is placed between
the network file server and the Internet connection (usually a router). The firewall
checks all messages sent to the fileserver from outside and filters the contents.
Access may be blocked for certain applications whilst being restricted for others.
The firewall is a method of preventing unauthorised access to the workstations or
servers in an organisation’s network, from a computer external to the organisation.
Business Education, ICT & Enterprise Page 16
Information Systems – Higher Using Information
It will check any requests to join the network with validated user accounts on the
server and will only grant access to authorised users.
Encryption
When someone tries to buy goods on the Internet they usually have to give their
credit card number. Hackers can monitor the servers used by the companies
accepting credit cards and use ‘packet sniffer’ software to intercept the 16-digit
credit card numbers and store them for later use. Internet retailers therefore use
encryption techniques to protect their customers (which they must do if they are
to maintain credibility). Encryption is the method of scrambling or coding messages
so that anyone who intercepts them cannot understand the message, and it can
only be recovered by people authorised to see it. When the data is to be used it
needs to be decrypted. The usual method is called 32-bit encryption (64-bit also
exists) and is thought to be virtually impossible to crack.
Access rights
Users of an information system usually have different kinds of access rights to their
own and shared areas of the system. These rights involve how files can be
accessed, modified and erased. Folders can be set so that files can be read only in
the folder, files can be created, deleted or not, and so on. The main actions are
explained below:
• Read – relates to files and the user can read the file. Files can be made
‘read only’, which means users cannot save changes made to them.
• Write – Usually refers to folders where users have the right to write or save
files to that folder.
• Create – Again in folders groups of users have the right to create files.
• Erase – Similarly groups of users may be able to erase files.
• Modify – Groups of users can be given rights to modify files.
It is usual for these access rights to be grouped so that a user will have
Read/Write/Create/Erase on their own drive. Maybe students have ‘read only’
access to a folder containing sample files where staff have full access.
In another example, a group of users may be given access to a central file space
that they can all share. In this case access rights may be restricted to read and
write access, but not to erase.
Other users, such as a Network Administrator, will have full access (super user
access) to all areas of the system. This allows them to fix any problems with the
system and configure the system for new users.
Backup strategy
Archive, recovery and storage methods
Every computer user and certainly every network and MIS should have a strategy in
place to back up their (often irreplaceable) data. Backing up is the process of
Business Education, ICT & Enterprise Page 17
Information Systems – Higher Using Information
making a copy of data stored on fixed hard disks to some other media. This can be
tape, external portable hard disks, writeable CD-ROM or DVD. The purpose of
backing up data is to ensure that the most recent copy of the data can be
recovered and restored in the event of data loss.
What can cause this data loss that so many companies worry about? Firstly, there
are the natural perils of fire, flood, and building collapse. Secondly, there are
electronic disasters. A simple example of the latter is when the hard disk becomes
corrupted by a disk-head crash; this is usually due to the computer being suddenly
moved when the disk is rotating, causing the disk head to crash into the surface of
the disk and can render the whole disk instantly useless. Another example is when
files are accidentally erased, or whole areas of the disk are attacked by a virus.
This list is not exhaustive but identifies some of the main worries of a computer
user.
There are different types of backup procedures and we shall examine only one or
two different situations.
Archive
Archiving data is the process of copying data from hard disk drives to tape or other
media for long-term storage. This is often used to free hard disk space by off-
loading seldom-used data to backup tape or other media. An example of this would
be to archive last year’s accounts when they had been finalised. This year’s
accounts have already been started with carry-forward figures and it is only
accountants and VAT inspectors, for example, who wish to see last year’s. They can
usually be easily recovered for that purpose. But accounts for the previous 10 years
are usually archived and anything older than last year is said to be a long-term
archive. Long-term archives are usually stored in a fireproof safe away from the
main site. Banks offer a long-term archiving service at a cost.
Recovery
Data verification is an important, if often forgotten, aspect of backup strategy.
After the backup process has been completed it is important to check the backup
has been successful. It is important to check that the data stored on the backup
media can be recovered. It would be extremely foolish to wait until the data in the
information system was corrupted before testing the backup media to see if it
could be recovered.
Assuming that the backed-up data can be recovered it is usually a fairly simple task
to recover the data. The relevant tape is brought from the off-site storage facility
and the backup and recovery software will restore the data. Usually the software
can be set to archive mode when the backup is taken and this means that archive
data can be restored without overwriting the current data.
Another method of backup is to make a full backup of the entire computer at a
fixed point in time. Thereafter an incremental backup is made at predetermined
times (daily, weekly, termly even). This means that only files that have been added
or amended since the last full or incremental backup are backed up. Again, the
Business Education, ICT & Enterprise Page 18
Information Systems – Higher Using Information
recovery software can be set to ‘full’, ‘incremental’ or ‘full and incremental
restore’.
Storage methods
Most servers have built-in tape drives to allow backup to take place easily. The
mention of tape does not mean large reel-to-reel tape machines with ½-inch data
tape moving from reel to reel. Such tapes were essentially analogue tapes (like VHS
video and audio tapes) and nowadays we use digital tapes called DAT tapes. The
older ones store around 2 or 4 GB of data and are like an audio cassette, but the
modern ones can store around 20 or 40 GB and are more like a short video cassette
in size and shape. Some organisations backup onto USB hard drives which plug into
the computer’s USB port (USB2 is very fast). The advantage of these is that they
are often the same capacity as the drive they are backing up.
Frequency and version control
The duration of a backup (backup window) is another important aspect. If a backup
is carried out each night after close of business (out of hours), it is important that
the backup method can be completed before the start of business the next
morning. A full backup is usually taken at the end of a working week on Friday or
Saturday night (automatically under software control – the operator does not spend
all Friday or Saturday night watching the backup happening). Several sets of full
tapes will be required for a 6-week rotation. A tape will be required every night for
an incremental backup, which usually does not take too long.
A version of a week’s work will then be the full backup set plus the incremental
tapes made during the week. It is important that these tapes are kept together and
clearly labelled. If using the Grandfather, Father, Son method then a set of tapes is
required for each generation. A generation may last longer than a week; a month is
quite common, with weekly increments. A school may keep four generations of a
full backup and then weekly increments and that way a pupil’s work can be
recovered right back to the start of the year when they accidentally deleted the
most important essay they have ever written. When the rotation period is complete
then the rotation starts again.
Upgrade strategy
Future proofing
This concerns finding ways of making sure that a system has a reasonable life and
does not need to be totally replaced too soon. ‘Too soon’ are the operative words,
as any computer will have to be replaced eventually. Look at the systems at GCHQ
now compared to the Enigma Code Cracker of 1944. That computer worked but
eventually would not run programs that the management wanted to run, and was
far too slow.
Computers have developed so rapidly that machines which are four or five years
old seem slow and their operating systems cannot cope with recent versions of the
application software. It is usually the operating system which cannot run updated
Business Education, ICT & Enterprise Page 19
Information Systems – Higher Using Information
software (Windows ME will not run the latest software written for XP). The older
hardware will not accept the upgraded operating system so you are into a cycle
and the only option is to upgrade. It is not possible to predict the future other than
to say it is unpredictable.
Future proofing hardware is a bit of a wish and really means that you try and buy a
computer that has more features than you actually need. You try and buy a more
advanced and faster processor, the maximum amount of RAM that you can and the
biggest hard disk you can fit into the computer. In a year or so then the super new
future-proofed computer will be the standard that everyone else is buying.
Software is a slightly different story as there is software that has been running for
several years and works perfectly well and does not need upgraded. On the other
hand some software needs to be upgraded almost immediately and is always in a
state of flux. There is a happy medium and this is probably where most software is.
Software is either written by a software house for a client’s needs (call-centre,
bank, telephone ordering system, etc.) or is an application (like Microsoft Office).
A software house will generally respond to individual customers’ requests for
upgrades, while an application developer will always try and improve the product
to keep it ahead of the competition.
When upgrading an information system two main areas of hardware and software
updating need to be investigated thoroughly. This investigation is called integration
testing, and it ensures that any new hardware or software can work with all the
other parts of the information system.
Integration testing – there are several inter-connected elements that need to be
tested to ensure that new developments in the information system work with the
old. When considering the information system you need to ensure that all its
elements are compatible. Here are some of the questions that need to be
considered:
• Are the peripheral devices compatible with the hardware and operating
system?
• Does the network software support the hardware and operating system?
• Is the application software compatible with the operating system and
computer?
• Is the hardware compatible with the operating system?
Over the lifetime of the information system various elements will be updated as
new technology is purchased.
Legacy systems – Old information systems running on out-of-date hardware and
operating systems are often referred to as ‘legacy systems’. These were originally
characterised by old mainframe systems but now often refer to very old micros
whose specification is less than the minimum specified by the company. The
reasons companies and organisations continue to use legacy systems are that the
cost of buying new hardware and re-writing the application software for the new
hardware is so costly that it does not make financial sense to move to the new
Business Education, ICT & Enterprise Page 20
Information Systems – Higher Using Information
system. Problems then arise because the old hardware companies stop building and
supporting their information systems. This means that if any problems arise, or if
the hardware breaks down, there are no specialists available to fix the problem;
however, when a central computer system is upgraded it is necessary to try to
maintain the legacy systems.
These problems with legacy systems led to many computer companies developing
software that conformed to Open Standards. This meant that applications would be
developed for non-proprietary systems. An application running on one
manufacturer’s hardware could easily be moved to another (portable) because it
was designed to work with open systems. Open Standards are exemplified in Linux
OS, various Communications software programs, and languages like Java.
Emulation – A problem occurs when changing to a new hardware platform if the use
of the old system is still required. If a change to incompatible new hardware is
made, it may be possible to run old software using a software emulator. This is
system software that acts as an interface between the hardware of a system and
any applications running on that system in order that the application software can
run on a hardware platform other than the one for which it was designed. Thus the
original software can be run. The computer gives the appearance of being a
different platform.
Using software emulation allows access to a greater range of applications that
might not be available on the given hardware platform. The use of an emulator
allows data to be transferred between platforms.
However, software emulation may not provide full functionality of the software
and will not exploit all the facilities of the new hardware. As an extra layer of
software is in place this will often cause the application software to run slowly.
Software strategy
Every organisation with an information system needs to consider very carefully the
following points when writing and implementing a software strategy. It needs to
take account of several important issues:
• evaluating the software for use, using several key criteria
• the user support for the software
• the training supplied for end users of the software
• the upgrade path of the software.
Software evaluation
Functionality – This refers not only to the number of features an application
program has but the number of useable features it has. Also the tasks to be
completed need to be evaluated against the features in the software.
Performance – The performance of software can be measured by several different
criteria depending on the type of software:
Business Education, ICT & Enterprise Page 21
Information Systems – Higher Using Information
Speed – A database program could be measured for the speed it takes to search
through, say 10,000 records, by a variety of criteria. A spreadsheet’s speed may be
measured by the time it takes to recalculate a complex formula over a set number
of cells.
Usability – This can be simply the look and feel of the software, whether tabs or
buttons are used and whether standard menus or specific menus are used. Usability
can also mean what choices one has in the menus (e.g. you expect to find cut, copy
and paste in the edit menu and no other) and also whether the software does what
you expect it to.
Compatibility – Is the software compatible with other software on the system and
also the intended hardware. The commonest compatibility problem is with
operating systems. As software becomes more modern and up-to-date it is likely
not to run on older operating systems. Developers write routines that they know
are supported by the newest operating system, but not by a version several years
old (e.g. trying to use the USB port – Windows 98 onwards supports USB, but try to
use the software on Windows NT and it will not work).
Data migration – The process of translating data from one format to another. Data
migration is necessary when an organisation decides to use a new computing
system or database management system that is incompatible with the current
system. Typically, data migration is performed by a set of customised programs or
scripts that automatically transfer the data.
Reliability – Reliable software does the job it is supposed to do, and gives the
expected results to test data supplied to it. It can be a long process devising
suitable test data and running reliability tests but this is a very important area of
testing. For example a program dealing with small decimal parts of numbers may
only be accurate to 10 decimal places when the requirement is for 12 places.
Resource requirements – Software must be investigated to see whether or not the
computer going to operate it has adequate resources. This means questions must
be asked about whether the processor is fast enough and has the correct type of
processor, and how much RAM is required to run the software and deal with
associated data files. The next level is to look at the hard disk space required and
the type of monitor and graphics adapter. Other considerations will be more
peripheral, such as sound capability and other storage requirements, CD-ROM, DVD,
USB devices.
Portability – When used to describe software, portable means that the software has
the ability to run on a variety of computers or operating systems. ‘Portable’ and
‘machine independent’ mean the same thing – that the software does not depend
on a particular type of hardware.
Support – This usually means customer support, the assistance that a vendor or
technical support desk offers to customers or users. Support can vary widely, from
nothing at all to a phone hotline to on-site calls. The level of support usually
depends on how much money the organisation is paying for the support.
Business Education, ICT & Enterprise Page 22
Information Systems – Higher Using Information
Training
On-the-job – This type of training comes when a new user starts using an
information system. A new user needs to be introduced to the software; this
usually takes the form of working through a tutorial to become familiar with the
functions of the software. It will either be an online tutorial program or tutorial
manual that teaches the user about the software.
In-house – This is when small groups of staff, within the company or organisation,
receive a training course usually delivered by IT staff. This allows staff to become
fully familiar with the information system; if they have any complex or unusual
questions relating to using the system, the IT staff have the expert knowledge to
answer them.
External – This type of training is used when an organisation does not have in-house
IT specialists to deliver the training internally. It is offered by specialist training
providers for popular application software, such as software created by Microsoft,
Macromedia and Adobe.
User support
There are numerous sources of user support that allow a user to solve a problem
when using a piece of software.
Manuals
There are several types of manuals available for application software:
• Installation guide – gives advice on how to install the software
and how to configure it to work with various hardware.
• Tutorial guide – gives step-by-step instructions on how to use
the software.
• Reference manual – Is an indexed guide detailing all the functions of the
software.
On-line help – This is usually a facility associated with a piece of software that
explains to the user what each feature of the software does. Importantly, it is a
part of the program situated on the computer and is not on the Internet
On-line tutorials – This is usually a facility associated with a piece of software that
teaches the user how to use the software. Users are led through a set of steps that
illustrate how the software works and this is usually very similar to the paper-based
tutorial manual (replacing it very often). This facility is also situated on the
computer and is not on the Internet.
Help desk – There are two types of help desk: internal and external. They both
provide support information on how to use the information system or software.
Sometimes the company that is the end user of the software and focuses on solving
low-level user problems operates an internal help desk. These problems can usually
Business Education, ICT & Enterprise Page 23
Information Systems – Higher Using Information
be solved very simply and do not require a complex understanding of the
information system.
An external help desk is usually associated with the software company that
provided the software. They deal with complex high¬ level user problems. They
provide detailed technical information to the user and are also responsible for
logging any bug reports for the software, which would require the programming
team to fix.
Newsgroups – A newsgroup allows users of a piece of software to post e-mail
messages to the wider user community. Users subscribe to a newsgroup and when a
message is posted there it is sent to all members of the group. If it is a problem
that another user has experienced then they may reply with helpful advice. A
newsgroup helps support a user by allowing the user group to share the knowledge
of the community. It is also common for the moderator of a newsgroup to create an
FAQ (see below), which is updated and posted on a regular basis.
FAQs – This stands for Frequently Asked Questions. It is usually a file that contains
a list of commonly asked user queries about a piece of software. These FAQ files
are often posted on newsgroups or on a website to allow users to access them
easily. They can be a simple starting point when trying to find a solution to a
problem. If the user can’t find the answer in the FAQ then they can try one of the
other sources of support.
Decisions to upgrade software
There are several reasons why an organisation may decide to upgrade their
software, as it is usually a large step to take and care must be taken to ensure that
the upgrade is not a costly mistake.
Data files, which may be more valuable than the computer system, must be
compatible with upgraded software, and upgraded software must be compatible
with the current hardware, or else that will need to be upgraded also; and so the
cycle continues.
Lack of functionality – At some time the organisation will evolve and change. For
example, a mail-order company might move over to telephone ordering. The mail-
order software will not be able to cope with telephone ordering. In the case of an
application package there may be new features in the software that the users want
to use or need to use. An example was Web Authoring software that worked
perfectly well but did not support MP3 files (which came out after the software
was released), so the different companies released upgrades to cope with these
and other new file formats.
Hardware incompatibility – It may be that an organisation has to upgrade its
computers and the new computers have an operating system that will not support
the original software, so upgraded software will need to be ordered or bought.
Software incompatibility – Likewise, an organisation may have to upgrade its
software for operational reasons and finds that the upgraded software will not run
Business Education, ICT & Enterprise Page 24
Information Systems – Higher Using Information
on the version of the operating system installed. The next step is then to upgrade
the operating system.
Perfecting the software – If a software company releases software and it discovers
there are bugs in the software, the company will try and remove those bugs and
release an update. This may well be free, but users should check that their data
files are upwardly compatible.
Centralised and distributed databases
At the heart of most organisational information systems will be found a very large
and powerful centralised database. The database program is often called the
database engine and it saves and indexes files in tables and manages the
relationships between the tables. The other functions such as data entry screens,
querying and reporting are part of the database shell and are often seen as
peripheral tools for handling the data.
Information held by the company can be found fairly easily by querying its
centralised database. Usually a multi-user or network system is used which means
that any user on the system can have access to the database. It can usually be
configured to allow different operators different but relevant views of the
information (sales screens, account screens, stock screens, etc.).
The advantages of the database being centralised are that it is much easier to
organise, edit, update and back-up the data. Communications are easier if the data
is held on one central computer rather than spread over several and there are no
real disadvantages to having a centralised database.
A centralised database holds all of an organisation’s data on a central computer,
whether mainframe or server. Dumb terminals on a mainframe system and PCs on a
network system can access it. These terminals and PCs can be some distance from
the central database, but the point is that all the data is together at the same
place.
The main advantage of a centralised database is that it is far easier to manage and
control if all the data is in one location. For example, in an ordering system, a
customer may phone orders and gives notice that their address has changed; when
the order operator changes that address it has been changed across the system. If
the accounts department then wish to send a statement to the customer they will
have the customer’s new address.
Another advantage is that the database is far easier to back up when it is
centralised than if it was kept on different computers; a suitable backup strategy
can easily be implemented.
A distributed database is a database that consists of two or more files located at
different sites on a computer network. Because the database is distributed,
different users can access it without interfering with one another. The DBMS must
periodically synchronise the scattered databases to make sure they all have
consistent data.
Business Education, ICT & Enterprise Page 25
Information Systems – Higher Using Information
Traditionally a distributed database was a collection of data and files, which
actually belonged to a system but was physically distributed to a number of
computers that were connected via some communication network. Nowadays it is
more likely to be independent database systems with facilities for exchanging data.
Data warehousing and data mining
As you can imagine with data files with different structures, users wanting
different reports from their data, some users wanting to use archived data for
analysis and other users only being interested in the immediate transactions,
different techniques for archiving and interrogating the data have been developed.
These are data warehousing and data mining.
Data warehouse
Data warehousing has been around since the 1990s. The idea behind data
warehousing is that historical data, mainly from past transactions and orders that
the company has carried out, are separated out from the business.
The data is re-organised in such a way as to allow it to be analysed, the newly
structured data is then queried and the results of the query are reported.
Data warehousing could be used as a predictive tool, to indicate what should be
done in the future. However, the main use of data warehousing is not as a
predictive tool but as a review tool, to monitor the effects of previous operational
decisions made in the course of a business. For example, if Marks & Spencer
decided to open stores in Asia, data could be collected over the first few months as
the stores opened. This could then be passed to a data warehouse. The wisdom of
opening stores in Asia for the business as a whole could then be reviewed and
conclusions backed up with statistical evidence.
Data mining
Data mining has been defined as ‘The non-trivial extraction of implicit, previously
unknown, and potentially useful information from data’. It uses machine learning,
and statistical and visualisation techniques to discover and present knowledge in a
form that is easily comprehensible to humans.
Data mining is the analysis of data and the use of software techniques for finding
patterns and regularities in sets of data. The computer is responsible for finding
the patterns by identifying the underlying rules and features in the data.
It is possible to ‘strike gold’ in unexpected places because the data mining
software may extract patterns not previously discernible or so obvious that no one
has noticed them before.
The mining analogy is that large volumes of data are sifted in an attempt to find
something worthwhile, and (as in a mining operation) large amounts of low-grade
materials are sifted through in order to find something of value.
Business Education, ICT & Enterprise Page 26
Information Systems – Higher Using Information
Data-mining software allows users to analyse large databases to solve business
decision problems. For example, consider a catalogue retailer who needs to decide
who should receive information about a new product. The information surveyed by
the data-mining process is contained in a historical database of previous
interactions with customers and the features associated with the customers (such
as age, post code, their responses, etc.). The data-mining software would use this
historical information to build a model of customer behaviour that could be used to
predict which customers would be likely to respond to the new product. By using
this information a marketing manager can select only the customers who are most
likely to respond. The results of the decision can then be fed to the appropriate
marketing parts of the organisation so that the right customers receive the right
offers.
Business Education, ICT & Enterprise Page 27