BT22103 BIS | TEH HUI SHEAN

CHAPTER 1 FUNDAMENTAL OF INFORMATION What is Information System?

SYSTEM FOR BUSINESS - Set of interrelated components.
- Collect, process, store & distribute information.
IT – hardware, software & networks that make IS possible. - Support decision making, coordination & control.
Common use of IT: Information vs data
1) Social media - Data are streams of raw facts.
2) Online transaction - Information is data shaped into meaningful form.
3) Online business
4) Education system ● IS is more than just computers. It is the core that brings
5) Department management organizations, technology & management together.
6) Education management
● 3 activities of IS produce information organizations need:
EG:
i) Input: capture raw data from organization or external
1) PC & Apps environment
2) Software (Office 365)
ii) Processing: converts raw data into meaningful form
3) Server hardware & software (email & database)
4) Voice response system iii) Output: transfer processed information to people or
5) Radio communication network activities that use it
6) Open/integrated computer systems
Component of IT
1) Hardware (pc, tablet, printer)
2) Software (windows, office 365)
3) Data (email, name, address)
4) Network (connection to another device or network)
IS – a system that uses IT to capture, transmit, store,
retrieve, manipulate & display information.
EG: Digital Landscape

1) Hardware (pc access to SMARTV3) Digital technologies: electronic tools, system, devices &
2) Software (Google Chrome, Microsoft Edge) resources that generate, store or
3) Data (students’ data to access SMARTV3) process data.
4) Network (UMS Wifi, Eduroam)
Landscape: a large are of countryside especially in relation to
5) Process (Login via SMARTV3 login page)
its appearance.
6) People (user & IT dept)
Technology: the study & knowledge of the practical esp.
industrial, use of scientific discoveries.
Main elements: tangible (hardware) & intangible (software)
of IT system.

1
 BT22103 BIS | TEH HUI SHEAN

2
 BT22103 BIS | TEH HUI SHEAN

CHAPTER 2 PRINCIPLE OF COMPETITIVE Porter’s Competitive Forces Model

ADVANTAGE WITH INFORMATION SYSTEM + provides general view of firm, its competitors &
environment.
Why IS important for business?
5 competitive forces
1) To achieve operational excellence (productivity,
efficiency, agility) i) traditional competitors
2) To develop new products, services & business model
~ existing competitors in the industry & their ability to
3) To attain customer intimacy & services (continuous
undercut a company
marketing, sales, services, customization &
personalization) ~ as the number of competitors is larger with the number of
4) To improve decision making (accuracy & speed) equivalent products & services they offer, a company would
5) To achieve competitive advantage hold less power
6) To ensure survival/sustainability of business
~ all business share market space with competitors that is
EG: Progress & Development of AirAsia from ticketing, continuously devising new products, services, efficiencies &
customer service, expansion of business beyond aviation switching cost
service & development of AirAsia Super APP.
~ suppliers & buyer seek for the company that provides
How BIS help in career? better deal with relatively lower price.
1) Position description (special requirement) Eg:
2) Job requirement (basic requirement)
3) During interview (answer questions) + telco providers celcom, digi, maxis, umobile

Types of IS + soft drinks company coca-cola & pepsi

a) Transaction processing system ii) new market entrants

b) Executive support system ~ some industry has high barriers to entry.
c) Management information system
~ new company have new equipments & younger workers
Value Chain but low/little brand recognition.
≈ a collection of activities that are performed by a company ~ an industry with strong barriers to entry is ideal for existing
to create value for its customers companies within that industry since that the company
≈ value creation creates added value which leads to would be able to charge higher price & negotiate better
competitive advantage. terms.

≈ added value also creates higher profitability for an Eg:

organization. + aviation company AirAsia & MyAirlines
iii) substitute products & services
~ substitutes that customers might use if your price become
too high.
~ companies that produce goods & services where there’s no
close substitutes will have more power to increase prices &
lock in favorable terms.
~ when close substitute is available, customers will have the
option to buy whichever products that offer better value & a
company’s power can be weakened.
Eg:
+ F&B mcd, kfc, burger king, domino’s, pizza hut

3
 BT22103 BIS | TEH HUI SHEAN

iv) customers IS strategies for dealing with competitive forces

~ customers’ ability to drives prices or levels lower. 4 generic strategies
~ customers has a lot of power when there is low number in a) low-cost leadership
the pool of consumer or consumer has other alternatives to
get the same products or services. - produce products & services @ lower price than
competitors
Eg:
-eg: giant vs jaya grocer, mr diy vs ace hardware
+ aviation company AirAsia & MyAirlines
b) product differentiation
+ travel apps agoda, traveloka, airbnb
- enable new products/services, greatly change customer
v) suppliers convenience & experience
~ a firm can exercise greater control over its suppliers by - eg: google home, apple watch,
having more suppliers.
- mass customization
~ dependent on concentration of suppliers & availability of
substitute suppliers c) focus on market niche

~ businesses are in better position when there are more - use IS to enable a focused strategy on a single market
options of suppliers. niche, specialization

~ factors that determine bargaining power of suppliers: - eg: 5-star hotel chains, apple membership

a) Switching cost of companies in the industry - contemporary CRM systems feature analytical capabilities
b) Presence of available substitutes for intensive customer data analysis
c) Strength of their distribution channels
d) strengthen customer & supplier intimacy
d) Uniqueness/level of differentiation in the
product/services the supplier is delivering. - internet technology is based on universal standards, making
it easy for rivals to compete on price alone & for new
Eg:
competitors to enter the market
+ aviation company use of fuel supply (Shell, Petronas,
- use IS to develop strong ties & loyalty with customers &
Petron etc) & aircraft supply (Boeing or Airbus)
suppliers
- increase switching cost
- eg: Starbucks (redeemable point collections)
3 strategies competitive advantages in IS
1) Synergies
- when output of some units are used as inputs to
others/organizations pool market & expertise
- involved takeover, merger, joint venture & strategic alliance
- eg: Google purchase Youtube, Digi-Celcom joint venture
2) Core Competencies
- activity for which firm is world-class leader
- relies on knowledge, experience & sharing this across
business units
- eg: Procter & Gamble intranet

4
 BT22103 BIS | TEH HUI SHEAN

3) Network-based Strategies CHAPTER 3 INFORMATION SYSTEM IN GLOBAL

- take advantage of firm’s abilities to network with one BUSINESS CONTEXT
another
E-Business
- Include use of - Use of technology & Internet to drive major business
a) network economics processes.
- Eg: Excel
~ marginal cost of adding new participants almost zero E-Commerce
with much greater marginal gain - Subset of e-business
- Buying & selling goods & services through internet
~ value of community grows with size.
- Types: consumer to consumer (c2c), business to
~ value of software grows as installed customer base consumer (b2c) & business to business (b2b)
grows. - Eg: shopee, Lazada, ebay, amazon
~ compare to traditional economics & law of
diminishing returns.
b) virtual company model
~ uses network to link people, assets & ideas; ally with
other companies.
~ creates & distributes products without being limited
by traditional organizational boundaries/physical
locations
~ eg: shopee where it manages orders & logistics for its 5 basic business entities:
merchants.
1. Suppliers
c) business ecosystems & platforms
2. Customers
~ industry sets of firms providing related services & 3. Employees
products. 4. Invoices/Payments
5. Products & Services
~ platforms: Microsoft & Facebook marketplace
4 major types of systems:
~ individual firms can consider how IT will help them
become profitable niche players in larger ecosystems. 1. Enterprise systems
- also known as enterprise resource planning (ERP)
Location Analytics & Geographic IS - collect data from different firm functions & store
Location Analytics data in single central data repository
- resolve problems of fragmented data
- Ability to gain business insight from the - enable coordination of daily activities
location/geographic component of data - enable efficient response to customer orders
- Eg: mobile phones, sensors, scanning devices, map
- enable decision making by managers about daily
data
operations & longer-term planning
Geographic IS (GIS) Eg: Oracle, Lark
- Ties location-related data to maps
2. Supply chain management systems
- Eg: Mysejahtera location sharing to help local gov. to
- manage firm’s relationship with suppliers
track active cases in the locality
- share information about orders, production,
inventory levels, delivery of products & services
Eg: SAP Easy Access, Xeersoft

5
 BT22103 BIS | TEH HUI SHEAN

3. Customer relationship management systems

- provide information to coordinate all of the
business processes that deal with customers
- sales, marketing, customer service
- helps firms identify, attract & retain most profitable
customers
Eg: Microsoft Dynamics CRM, Xeersoft, Salesforce

4. Knowledge management systems

- support processes for capturing & applying
knowledge & expertise
- collect internal knowledge & experience within firm
& make it available to employees.
- link to external sources of knowledge
Eg: scribe, researchgate

- business usually operate e-business but not necessarily own

e-commerce
- use of the internet & web to transact business
- new e-commerce: moved from desktop to smartphones
- e-commerce are categorized according to the nature of the
participants.

Collaboration
- become inevitable in pursuing e-business.
- eg: upin ipin & Astro
- Technology platforms associated with collaborations

6
 BT22103 BIS | TEH HUI SHEAN

- increase integration & expedite the flow of information: CHAPTER 4 TELECOMMUNICATIONS &
a) Intranet – internal networks based on internet
standards. Often are private access area in
WIRELESS TRCHNOLOGY
company’s website. What is internet?
b) Extranets – company websites accessible only to - world’s most extensive network
authorized vendors & suppliers facilitate - internet service providers (ISPs)
collaboration.
● provides connection
● types of internet connections
~ dial-ups
~digital subscriber line
~ cable internet connections
~ satellite
~ t1/t3 lines
The Web
Hypertext: ~ hypertext markup language (html)
~ hypertext transfer protocol (http)
~ uniform resource locator (url)
Web service: ~ software for locating & managing web pages.

Network
– collection of nodes connected to each other electronically
to support the communication between the nodes.
– when computers are connected, it is also called a computer
network.

Computer Network
- major components in simple network
● client & server computers
● network interfaces (NICs)
● connection medium
● network operating system (NOS)
● hubs, switches, routers

7
 BT22103 BIS | TEH HUI SHEAN

● packet switching
- software-defined networking (SDN) - method of slicing digital messages into parcels
● functions of switches & routers managed by central (packets), sending packets along different
program communication paths as they become available & then
reassembling packets at destination
- previous circuit-switched networks required assembly
of complete point-to-point circuit
- packet switching more efficient use of network’s
communications capacity

- key digital networking technologies

● client/server computing
- distributed computing model
- clients linked through network controlled by network
server computer
- server sets rules of communication for network &
provides every client with an address so others can find
it on the network
- has largely replaced centralized mainframe computing
- the internet: largest implementation of client/server
computing

● tcp/ip & connectivity

- common worldwide standard that is basis for the
internet.
- IP is responsible for packet disassembling during
transmission

8
 BT22103 BIS | TEH HUI SHEAN

- development of communications standards for linking > client/server vs peer-to-peer

networks & computers 2) Wide Area Networks (WANs)
- protocols: rules that govern transmission of 3) Metropolitan Area Networks (MANs)
information between 2 points 4) Campus Area Networks (CANs)
- Dept. of defense reference model for tcp/ip:
~ 4 layers:
+ application layer
+ transport layer
+ internet layer
+ network interface layer

Transmission Media & Transmission Speed

● physical transmission media (network medium)
~ twisted pair wire (CAT5)
~ coaxial cable
~ fiber optics cable
~ wireless transmission media & devices
> satellites
> cellular systems
● transmission speed
~ bits per second (bps): total amount of digital information
that can be transmitted through any telecommunications
medium
~ hertz: the number of cycles per second that can be sent
through that medium
~ bandwidth: difference between the highest & lowest
frequencies that can be accommodated on a single channel.

Types of networks
> signals: digital vs analog
> modem: translates digital signals into analog form & vice
versa.

> 4 types of networks:

1) Local Area Networks (LANs)
> connect personal computers & other digital devices.
> uses radio signals to transmit & receive data over
distances of a few hundred feet.
> ethernet
+ dominant LAN standard at the physical network
level, specifying the physical medium to carry
signals between computers, access control rules &
a standardized set of bits that carry data over the
system.

9
 BT22103 BIS | TEH HUI SHEAN

CHAPTER 5 THE INTERNET - Internet services

Internet = interconnected networks

- world’s most extensive stands for inter-working
- internet service providers (ISPs)
● provides connection
● types of internet connections
~ dial-ups
~digital subscriber line
~ cable internet connections
~ satellite > Voice over IP (VoIP)
~ t1/t3 lines ~ digital voice communication using IP, packet switching.
- Internet Protocol (IP) address ~ eg: whatsapp call, messenger call
> each device on internet has assigned IP address.
> able to trace location. > Unified communication
> 32-bit number. Eg: 207.46.250.119 ~ communication systems that intergrate voice, data,
email, conferencing into a single experience
- Domain Name System
> converts IP addresses to domain names.
> Virtual private network (VPN)
> hierarchical structure
~ secure, encrypted, private network run over internet.
> top-level domain
~ several competing protocols are used to protect data
transmitted over the public internet including Point-to-
Point Tunneling Protocol (PPTP)
~ in tunneling process, packets of data are encrypted &
wrapped inside IP address.

The Internet
> Inter-networking (intranet-extranet) / International
networking
> basic format: html
> accessing: web browser via http/https via search engines.
> www: one part of the internet
Stores, retrieves, formats & displays information in
page format using generally accepted standards.

- Dark nets: private networks that run on the Internet but

ONLY open to users of that network
- major uses of darknets:
● contribute to freedom of speech
● companies able to create highly secure network
● allow to illegally chare the things that protected by
copyrights

10
 BT22103 BIS | TEH HUI SHEAN

● website – logical collection of html documents which

normally stored on a web server
● web page – to used not only to display information but as
also sophisticated data entry to ict systems
● portal – webpages that try to attract users by offering
value-added services such as information, news & also e-
shopping via a web interface
● softacoulous – a commercial script library that automates
the installation of commercial & open-source web
application to a website.

Web 1.0 Static, basic web pages

Web 2.0 Interactive, real-time user control, sharing
Web 3.0 Website can be created by novice user, IoT

Emergence of ‘The App Internet’

11
 BT22103 BIS | TEH HUI SHEAN

CHAPTER 6 MOBILE-BASED APPLICATION How to build a mobile app for business

- 5 lessons for all business
- to access web/mobile version web ● know what message you want to send
- associated with .mobi extension ● understand your audience
- evolution to develop mobile version to display the actual ● clarify what you want your app to achieve
“desktop site.” ● forget about android & ios
- eg: opera mini, Microsoft edge, google chrome & safari ● fasten your seatbelt

Web app & hybrid app - revenue model

- A type of application software designed to run mobile ● in-app advertising
device ● in-app purchases
- to provide users with similar services to those accessed on ● data monetization
PCs. ● donations
- generally small, individual software units with limited ● affiliate marketing (cross brand marketing) & lead
functions generation
● sms & email marketing
● sponsorships
● paid apps

How booking sites make their money

- sites like expedia book in large amounts to get rooms at a
cheaper rate
- commission: hotels offer commissions on every sale

M-commerce
- mobile commerce, a subset of e-commerce
- started in late 90s but not fully accepted
- in 2018, m-commerce strongly used by consumers
- enormous growth in terms of mobile access device
Mobile apps as collaboration tools
- collaboration & social technologies can be classified in Trend of mobile apps development 2021 & beyond
terms of whether they support interactions at the same or ● folding display – Samsung z flip
different time or place & whether these interactions are ● mobile wallets – touch n go, apple pay, grabpay etc
remote or collocated. ● wearables – smart watches & smart lenses linked with
a) synchronous – instant messaging, video call smartphones
b) asynchronous – email, wikis, docs. Editing ●enterprise mobile apps – developed by company to do
company related daily activities. Able to improve
communications, improve productivity & employees’
satisfaction. Eg: Lark
● 5G mobile internet network – adoption of 5G technology
networks of mobile devices.

12
 BT22103 BIS | TEH HUI SHEAN

CHAPTER 7 COMPUTER OPERATION & > green computing: practices, design & manufacture the
computer related that only produce minimize impact to the
DATABASE CONTEXT (HARDWARE) environment. ↑ performance & power saving processors
IT infrastructure – platform for supporting all IS in the
business. Types of computers
● Hardware – consists of the physical devices associated ● personal computers & mobile devices
with a computer system ● workstations
● Software ● servers
● Data management ● mainframes
● Networking ● supercomputers
● Services ● grid computing

Hardware Basics Client-server computing

> computer: electronic device operating under the control of = form of distributed computing
instructions stored in its own memory that can accept, = splits processing between “clients” & “servers”
manipulate & store data. ~ two-tiered client/server
> hardware components include: ~ multi-tiered client/server architecture
- central processing unit (cpu)
- primary storage
- secondary storage
- input device
- output device
- communication device
> the system unit: a set of electronic components that
processes data & runs the computer instructions. Common
electronic components of a system unit are:
- motherboard
Computer Storage Fundamentals
- processor
> storage media holds the data, instructions & information in
- cooling device
the computer.
- memory
> eg of traditional storage media:
- slots
● hard disks
- cards
● memory cards
- ports
● optical disks
- buses
● tape
- power supply
● magnetic stripe cards
● microfilm
Contemporary Hardware Trend
> modern age using cloud storage.
> the mobile digital platform: tablet computers, netbooks
> uses of cloud computing:
> consumerization of IT or BYOD (bring your own device)
● access storage from a computer with internet access
>nanotechnology: to create computer chips & other devices
● store large file
that smaller than current technology.
● share files with friends by allowing them access to the
>quantum computing: use quantum physics to represent
storage
data.
● serve as back-up for existing data or information
> virtualization: process of presenting set of computing
resources such as data storage.
> cloud computing: computer processing, storage, software
& other services are provided as shared pool of virtualized
resources over a network, primarily the Internet

13
 BT22103 BIS | TEH HUI SHEAN

Cloud Computing Input Technologies

- storage over the Internet - data or instructions entered into a computer are known as
- characteristics: on-demand self-service, rapid elasticity, input.
measured service - comes in the form of:
- 2 models of cloud computing: > a program (series of related instructions)
● Platform-as-a-Service (PaaS) – creates businesses using > command (instruction to perform a specific task)
its own custom applications for use by all in the company > user response (replies to the questions posed by the
● Software-as-a-Service (SaaS) – manage the program)
infrastructure & platforms that run the applications - few categories of input devices:
> keyboards
Types of Computers – Data storage, input & output > pointing devices – mouse, optical mouse, touchpad
1) magnetic disk > touch screens
2) solid state drives (SSDs) – lightweight & replaced hd > digital cameras
3) optical disks > microphone
4) magnetic tape > scanners
5) storage networking > optical readers
6) input devices – eg: keyboard, mouse > biometric input devices
7) output devices – eg: monitor
Output Technologies
- types of output include:
> printed text: letters, documents, books, reports
> images: photos, animated graphics, graphs, charts
> audio: conversations, songs, music, podcasts
> video: video clips & streaming
> display devices: lcd monitors, hdtv
> printers: impact printers
> audio output: speaker, headphones, earbuds
> others: data projection, interactive whiteboards

Current Issues of IT hardware

● Shortage of global chip
- could last about 2023
- chips are almost in everything such as alarm clock, play
station
- impact of pandemic
● Shortage in many sides of PC component
- increase price
- impact of pandemic

14
 BT22103 BIS | TEH HUI SHEAN

CHAPTER 7 COMPUTER OPERATION & Significance of software:

DATABASE CONTEXT (SOFTWARE) > enhances users experience in using a computer.
> tasks are performed & accomplished easily.
Software – consists of detailed, preprogrammed instructions > provides instructions to the hardware.
that control & coordinate the computer hardware > increases interaction & acts as a middleware between
components in an IS users & the hardware.

Outdated software – the technology dimension of business

problems.

System software – software that manages the resources of

the computer, eg: OS software, utility software & app
software.

System software:
> software which interacts primarily with the hardware.
> an intermediate medium between the user, the hardware
& the application software
> consists of programs which regulates the operation of a
computer & its devices.
> important for every computer device
> Integrated software: software applications that combine
different components of online software applications.
> Functions:
~ enables the computer to run properly & smoothly.
~ controls other devices connected to the computer.
~ processes other programs in the computer’s memory
~ monitors commands in the processor & how
applications are carried out.
Software & Its Significance Operating System (OS)/Software Platform
- a program that controls the function of a computer
Software usage: - enables the application software to interact with the
> helps businesses to produce more competent activities. computer hardware & other software
> allows users to develop interesting projects related to > main function is to:
multimedia & graphics. 1) run the computer.
> supports users of different ages, backgrounds & categories 2) runs applications & manages the computer’s hardware
> is broad, cannot be applied in many places, anywhere & at 3) acts as a middleware for the application software to
any time interact with the CPU & users to communicate with the
> facilitates communication between users & their computer system
computers. 4) supervises the overall operation of a computer such as
> is the easiest & fastest way to connect users & the program management, scheduling, system maintenance
hardware. & manages the CPU & memory
> allows users to interact wisely with the hardware & other > How an OS work?
parts of the computers. 1) once data are entered into a computer, the OS will be
loaded from the hard disk into the computer memory
2) the OS will ensure that all activities in the computer
run smoothly includes identifying new devices, starting
new application software etc
15
 BT22103 BIS | TEH HUI SHEAN

> OS features:
- icons: graphic representations which can represent
words used in a program
- files & folders: very useful tools to manage data stored
in the computer Types of OS
- windows & dialog boxes: help users to view information - real-time OS: used mostly in industrial systems to manage
displayed on the screen of the computer resources of the computer so that certain processes are
- pointer: controlled by input devices such as the mouse & performed precisely within the specific time
touchpad & it can be used to select icons, menus or tabs - single-user/single task OS: designed for individuals to
in the computer perform one task at a time
- many other features that have their own functions & - single user/multitasking OS: designed for individuals to run
uniqueness several programs at the same time
> OS functions: - multi-user OS: enables multiple users to run several
- coordinates instructions between users, hardware & programs simultaneously
application software
- enables the computer to boot Application software
● booting is a process of starting & restarting a computer - end-user software
● warm boot: process switching on the computer by - designed to help users in their daily tasks such as browsing
restarting the Internet & writing letters
● cold boot: process of switching on a computer that has - application software functions:
been turned off ● provides usability to support many tasks related to
- load & run applications personal use
● multitasking – few applications running at the same ● helps organizations to run many activities
time ● increases interaction between users
- types of application software:
1) browser
2) communication
3) data management
4) desktop publishing
5) email
6) groupware
7) presentation graphics
8) programming
9) spreadsheet
10) word processing

16
 BT22103 BIS | TEH HUI SHEAN

Seven principles for selecting software packages for business

1. when you buy software, you join its network
2. take long term perspective
3. when choosing software, there is safety in numbers
4. focus on compatibility
5. choose the software package with accessible knowledge
6. choose the software with the right type of standardization
7. all journeys starts with first steps

The software trends

1) Open-source software – linux, apache, chatgpt
2) cloud-based software & tools – SaaS: google docs,
mashups: software apps that combine different components
of online software apps, zip realty uses google map, apps:
mobile apps

Managing mobile platform

- mobile devices provide productivity gains
- expenses of equipping employees with devices
- network configuration
- software
- device security
- stolen or compromised devices
- mobile device management software

Managing software localization for global business

- software localization – translating software to different
languages
- local language interfaces: eg: Microsoft in Spanish & Korean
- complex software interfaces
- differences in local cultures
- differences in business processes

17
 BT22103 BIS | TEH HUI SHEAN

CHAPTER 8 CYBER SECURITY & PROFESIONAL

ISSUES IN INFORMATION SYSTEMS
(PROFESSIONAL ISSUE/ETHIC)
Ethics in IS
Ethics: principles of right & wrong that individuals, acting as
a free moral agent, use to make choices to guide their
behaviors
Information ethics: govern the ethical & moral issues arising
from the dev. & use of IT as well as the creation, collection,
duplication, distribution & processing of information itself.
IS raise new ethical questions because they create
opportunities for:
> intense social change, threatening existing distributions of
power, money, rights & obligations System quality: data quality & system error
> new kinds of crimes - what is an acceptable, technologically feasible level if
Business issues related to information ethics system quality?
● copyright ● flawless software is economically unfeasible
● counterfeit software - three principal sources of poor system performance:
● digital rights management ● software bugs, errors
● intellectual property ● hardware or facility failures
● patent ● poor input data quality
● pirated software
Quality of life: equity, access & boundaries
Key technology trends that raise ethical issues ● negative social sequences of systems:
● computing power doubles every 18 months > balancing power: center vs periphery
● data storage costs rapidly decline > rapidity of change: reduced response time to
● data analysis advances competition
● networking advances > maintaining boundaries: family, work & leisure
● mobile device growth impact > dependence & vulnerability
> computer crime & abuse
Five moral dimensions of the information age
● information rights & obligations CHAPTER 8 CYBER SECURITY & PROFESIONAL
● property rights & obligations ISSUES IN INFORMATION SYSTEMS (CYBER
● accountability & control
SECURITY)
● system quality
● quality of life Security
= policies, procedures & technical measures used to prevent
unauthorized access, alteration theft or physical damage to
IS
Controls
= methods, policies & organizational procedures that ensure
safety of organization’s assets, accuracy & reliability of its
accounting records & operational adherence to management
standards

18
 BT22103 BIS | TEH HUI SHEAN

Why systems are vulnerable

→ accessibility of networks
→ hardware problems (breakdowns, configuration errors,
damage from improper use or crime)
→ software problem (programming errors, installation
errors, unauthorized changes)
→ disasters
→ use of networks/computers outside of firm’s control
→ loss & theft of portable devices

Hackers & computer crime

Wireless security challenges

- radio frequency bands easy to scan
- SSIDs (service set identifiers)
> identify access points, broadcast multiple times, can be
identified by sniffer programs
- war driving
> eavesdroppers drive by buildings & try to detect SSID &
gain access to network & resources
Security threats caused by hackers & viruses
> once access point is breached, intruder can gain access
to networked drives & files
- rogue access points

Malicious Software

Hackers & computer crime

19
 BT22103 BIS | TEH HUI SHEAN

● govern design, security & use of computer programs &

security of data files in general throughout organization
● software controls, hardware controls, computer
operations controls, data security controls, system
development controls, administrative controls
- application controls
● controls unique to each computerized application
● input controls, processing controls & output controls

Risk management
- determines level of risk to firm if specific activity or process
is not properly controlled
● types of threat
● probability of occurrence during year
● potential losses, value of threat
● expected annual loss
● Identity theft
Security policy
+ phishing
- ranks information risks, identifies acceptable security goals
+ evil twins
& identifies mechanisms for achieving these goals
+ pharming
- drives other policies
● click fraud
● acceptable use policy (AUP)
● cyberterrorism
● defines acceptable uses of firm’s information resources
● cyberwarfare (possible in future WW3)
& computing equipment
- identify management
What is the business value of security & control
● identifying valid users
> failed computer systems can lead to significant or total loss
● controlling access
of business function
> firms are now more vulnerable than ever
Disaster recovery planning & business continuity planning
- confidential personal & financial data
> disaster recovery planning
- trade secrets, new products, strategies
- devices plans for restoration of disrupted services
> a security breach may cut into a firm’s market value almost
> business continuity planning
immediately
- focuses on restring business operations after disaster
> inadequate security & controls also bring forth issues of
> both types of plans needed to identify firm’s most
liability
critical systems
- business impact analysis to determine impact of an
Electronic evidence & computer forensics
outage
Electronic evidence
- management must determine which systems restored
- evidence for white collar crimes often in digital form
first
- proper control of data can save time & money when
responding to legal discovery request
The role of auditing
Computer forensics
> information systems audit
- scientific collection, examination, authentication,
~ examines firm’s overall security environment as well
preservation & analysis of data from computer storage
as controls governing individual IS
media for use as evidence in court of law
> security audits
- recovery of ambient data
~ review techs, procedures, documentation, training &
personnel
Information system controls
~assess financial & organizational impact of each
- maybe automated or manual
threat
- general controls

20
 BT22103 BIS | TEH HUI SHEAN

> list & rank control weaknesses & the probability of - two methods of encryption
occurrence = symmetric key encryption
> assess financial & organization impact of each threat > sender & receiver use single, shared key
= public key encryption
What are the most important tools & technologies for > uses 2 mathematically related keys: public key &
safeguarding IS? private Key
● identity management software > sender encrypts message with recipient’s public
~ automates keeping track of all users & privileges key
~ authenticates users, protecting identities & controlling > recipient decrypts with private key
access
● authentication
~ password systems
~ tokens
~ smart cards
~ biometric authentications
~ two-factor authentication Encryption & public key infrastructure
● firewall a) digital certificate
~ combination of hardware & software that prevents - data file used to establish the identity of users & electronic
unauthorized users from accessing private networks assets for protection of online transactions
~ technologies include: - uses a trusted third party, certification authority (CA), to
> packet filtering validate a user’s identity
> stateful inspection - CA verifies user’s identity, stores information in CA server,
which generated encrypted digital certificate containing
> network address translation (NAT)
owner ID info & copy of owner’s public key
> application proxy filtering
● intrusion detection system
~ monitors hot spots on corporate networks to detect &
deter intruders
● antivirus & antispyware software
~ checks computers for presence of malware & can often
eliminate it as well
~ requires continual updating
● unified threat management (UTM) systems

Security Wireless Networks

● WEP security
>static encryption keys are relatively easy to crack
> improved if used in conjunction with vpn
● WPA2 specification
b) public key infrastructure (PKI)
> replaces WEP with stronger standards
- use of public key cryptography working with certificate
> continually changing, longer encryption keys
authority
● WEP3 – most recent
- widely used in e-commerce
Encryption & public key infrastructure
Ensuring system availability
● Encryption
= online transaction processing requires 100% availability
- transforming text or data into cipher text that cannot be
= fault-tolerant computer system
read by unintended recipients
~ contain redundant hardware, software & power supply
- two methods for encryption on networks
components that create an environment that provides
= secure sockets layer (SSL) & successor Transport Layer
continuous, uninterrupted service
Security (TLS)
= Secure Hypertext Transfer Protocol (S-HTTP)

21
 BT22103 BIS | TEH HUI SHEAN

Security issues for cloud computing & the mobile digital CHAPTER 9 ENTERPRISE & FUNCTIONAL
platform
APPLICATIONS
● Security in the cloud
Defining enterprise
- security policies should include & cover any special
requirements for mobile devices - a company or business, often a small one
- mobile device management tools - a business which aims to make a profit
> authorization Enterprise system
> inventory records - enterprise resource planning (ERP) systems
> control updates - suite of integrated software modules & a common central
> lockdown/erase lost device database
> encryption - collects data from many division of firm for use in nearly all
● Securing mobile platform firm’s internal business activities
- information entered in one process is immediately available
Ensuring software quality for other processes.
● software metrics: objective assessments of system in form - support organization-wide process coordination &
of quantified measurements integration
> number of transactions - eg: Xeersoft, sage, Microsoft dynamics 365
> online response time
How enterprise systems work
> payroll checks printed per hour
> known bugs per hundred lines of code
● early & regular testing
● walkthrough: review of specification or design document
by small group of qualified people
● debugging: process by which errors are eliminated

Enterprise software
- built around thousands of predefined business processes
that reflect best practices
● finance & accounting
● hr
● manufacturing & production
● sales & marketing
● marketing
● cs
● r&d
●distribution
- to implement, firms:
● select functions of system they wish to use
● map business processes to software processes
22
 BT22103 BIS | TEH HUI SHEAN

~ use software’s configuration tables for customizing - Social CRM

Supply Chain Management (SCM) Systems > incorporating social networking techs
- use to change a production schedule if a key supplier was > company social networks
late in delivering goods > monitor social media, social media analytics
- eg: streamline, blueyonder > manage social & web-based campaigns
Types of IS - business intelligence
- transaction processing system > inclusion of BI with enterprise applications
- executive support system > flexible reporting, adhoc analysis, “what if” scenarios,
- management information system digital dashboards, data visualization
Transaction processing systems Radio frequency identification (RFID)
● serve operational managers & staff - use tiny tags with microchips containing data about an item
● perform & record daily routine transactions necessary to & location
conduct business - tag antennas to transmit radio signals over short distances
- eg: sales order entry, payroll, shipping to special RFID readers
● allow managers to monitor status of operations & relations - common uses:
with external environment > automated toll-collection
● serve predefined, structured goals & decision making > tracking goods in a supply chain
Executive support systems - reduction in cost of tags making RFID viable for many firms
● support senior management - how RFID works:
● address non-routine decisions
- requiring judgement, evaluation & insight
● incorporate data about external events as well as
summarized information from internal MIS & DSS
● eg: digital dashboard with real-time view of firm’s financial
performance
Management IS
● summarize & report on the company’s basic operation
● tactical or middle management level
Decision support systems IT infrastructure
● serve middle management - computing platforms
● supports decisions making process that are unique, rapidly - telecommunications services
changing & not easily specified in advance - data management services
- eg: what is the impact on production schedule if peak - application software services
season sales doubled? - physical facilities management services
● may use external information as well as tps/mis data - IT management services
● model driven DSS: voyage-estimating systems - IT standards services
● data driven DSS: intrawest’s marketing analysis systems - IT education services
Next-generation enterprise applications - IT research & development services
- enterprise solutions/suites Business value of enterprise system
> make applications more flexible, web-enabled, > increase operational efficiency
integrated with other systems > provide firm-wide information to support decision making
- SOA standards > enable rapid responses to customer request for
- open-source applications information or products
- on-demand solutions > include analytical tools to evaluate overall organizational
- cloud-based versions performance & improve decision making
- functionality for mobile platform

23
 BT22103 BIS | TEH HUI SHEAN

CHAPTER 10 INDUSTRIAL REVOLUTION 4.0/5.0

> Revolution – denotes abrupt & radical change

> IR 4.0 – scope is wider & not limited to smart & connected
machines & systems
> emerging techs & broad-based innovation are diffusing
much faster & more widely than in previous ones which
continue to unfold in some parts of the world

Eg: Internet of Things &

cloud computing
Benefits of IR 4.0
1) improved productivity & efficiency
2) better flexibility & agility
3) increased profitability
4) improves the customer experience through more
personalized & intelligent products
Impacts

Business

Tipping points
- moments when specific techs shifts hit mainstream society
- expected to occur in the next 10 years & therefore vividly
capture the deep shifts triggered by IR 4.0

24
 BT22103 BIS | TEH HUI SHEAN

CHAPTER 11 FUTURE OUTLOOK FOR ICT IN

BUSINESS

25
 BT22103 BIS | TEH HUI SHEAN

● Business/Organization:
- utilization of big data
- emergence of future internet & web 3.0
- privacy concern
- introduce of new internet domain
- future currency
Individual/society
- similar with organizations
~ privacy concern
~ use IT for decision making process related
~ utilization of social media for daily life
~ future banking, payment & currency
The consequences of the future of IS
> Business/Organization
● management/business able to calculate the risk in more
effective
● business will have a lot of choices in term of supplier
● utilize the networking in term of domestic &
international
● marketing will deployed in more effective channel
● daily operation will become more effectively in context
increases the performance & reduce the cost operation as
well
26
 BT22103 BIS | TEH HUI SHEAN

> Individual/society Techs shaping our future

● technology offered by company will become more - Digital Mesh:
standardized & affordable ● the device mesh: vr, ar
● technology offered will increase in term of choices ● ambient user experience: ambient digital experience
which from local & international ● 3d-printinf materials: biological 3d-printing
● technology will become more friendly user & - Smart machines
customized to cater individual needed
● information of everything: IoT, IoE
> Government
● advanced machine learning
● become more alike government for society
● autonomous agents & things: virtual assistant etc
● reduce the issue that usually face by government such
- New IT reality
as bribe issue
● adaptive security architecture
The preparations for future world
● advanced system architecture: autonomic computing
> Organization/business
● put in the mission/vision of the company about the
future adaptability
● cultivate the attitude of adaptability culture in the
organization
● have a norm across the organization which is positive
attitude & not resistance towards the changes
● always increases the skill among the employees by
attending seminar/hire new skillful worker
● allocate some budget for hardware or software in order
to keep pace in adapting the new tech changes
> Individual/society
● similar with the organization

Reminisce on past 20 – 30 years

● cybercafe
● dial-up internet
● introducing e-mail
● social media
● Nokia era
● Windows 98 > XP > Vista > 7,8,9,10,11 …

Next 20 – 40 years & its possibilities

> new market for business
> new nature of business will introduce
> new products to prospects
> new era for all organization including ourself

27