Table Of Content

Information Technology F21 Management Audit & Control ICAP SKANS Mohammad Amjad Bhatti ACA Mohammad Qaiser Sheikh ACCA Information Technology Management, Audit & Control DEDICATED TO To my parents, teachers and all my seniors without their guidance and advice I would have been nowhere in life And Especially to a person who has directed me towards the meaning of life ….. 1 Acknowledgements This book is not the end of anything; its just the beginning…. For you, for me and for all the friends and colleagues who have helped me shape and express the knowledge shared on these pages. They include, first and foremost, my family – my mother who has been from the day one my greatest source of inspiration; my father who taught me to be on the righteous path and who knew just when to kick the tar out of me to keep me in the line. I also wish to express my deep appreciation for someone who is far and away, the true intellectual powerhouse of the offspring for being there, through so many turning points. 2 Information Technology Management, Audit & Control Aims and Objectives To provide: • Essential body of IT knowledge relating to business systems • IT security, control, and governance knowledge related to business systems • Application of knowledge to manage and evaluate IT Interactive Grid Syllabus Content Area Weightage 1. IT Strategy and Management 30 2. IT Security, Control and Management 40 3. Case Studies 30 TOTAL 100 Syllabus 1. IT Strategy and Management 1.1 IT Strategy Chapter 1 to 4 a. What is Strategy? b. The Strategic Plan c. The IT Strategic Plan d. Considerations for IT Strategic Planning e. Aligning the IT and Business Strategic Plans f. Components of Long Range Plans g. E-Business Models 1.2 Management of IT Chapter 5 h. Management of computer operations i. Management of inter-organisational computing j. Management of end-user computing k. Financial analysis and control l. IT Control Objectives 1.3 Software Chapter 6 a. Supply Chain Management (SCM) b. Enterprise Resources Planning (ERP) c. Customer Relationship Management (CRM) d. Sales Force Automation (SFA) e. E-Business Products 1.4 IFAC Guidelines/Discussion papers Chapter 7 a. Managing Security of Information b. Managing Information Technology Planning for Business Impact c. Acquisition of Information Technology d. Implementation of Information Technology Solutions e. IT Service Delivery and Support f. IT Executive Checklist g. Other Papers and Guidelines 3 2. Information Technology Security, Control and Management 2.1 Introduction Chapter 8 2.2 Control frameworks Chapter 8 a. Risks and exposures in computer-based information systems b. IT control frameworks 2.3 Control objectives Chapter 8 a. Effectiveness, efficiency, economy of operations b. Reliability of financial reporting c. Effectiveness of design d. IT asset safeguarding e. Compliance with applicable laws and regulations f. System reliability g. Data integrity 2.4 Layer of control Chapter 10 a. Societal b. Organisational environment c. Technology infrastructure d. Software e. Business process 2.5 Responsibility for control Chapter 10 a. Role and responsibilities of key parties 2.6 Control environment Chapter 10 a. External regulatory controls b. Board/audit committee governance c. Management philosophy and operating style d. Plans/structure of organisation e. Method to communicate the assignment of authority and responsibility f. Management control methods g. Human resource policies and practices h. Financial policies and practices 2.7 Risk assessment Chapter 9 a. Risk categories b. Probability of loss c. Consequences 2.8 Control activities Chapter 11, 12 and 13 a. Control design b. Control procedures c. Control over data integrity, privacy and security d. Availability / continuity of processing, disaster recovery planning and control e. IS processing /operations 2.9 Monitoring of control compliance Chapter 10 a. Roles of management, users, auditors b. Computer-assisted audit techniques 4 Information Technology Management, Audit & Control TABLE OF CONTENTS Detailed Table of Contents 1. INFORMATION & INFORMATION SYSTEMS 19 1.1 INFORMATION REQUIREMENTS..............................................................................................................................................19 1.1.1 Types of Information................................................................................................................................................20 1. Strategic information.....................................................................................................................................20 2. Tactical information.......................................................................................................................................21 3. Operational information.................................................................................................................................21 1.1.2 Improvements to information..................................................................................................................................22 1.2 THE VALUE AND COST OF INFORMATION..............................................................................................................................22 1.2.1 Assessing the value of information..........................................................................................................................23 1.2.2 Cost of information...................................................................................................................................................24 1.2.3 Traditional methods for assessing cost....................................................................................................................25 1.2.4 The benefits of a proposed information system......................................................................................................25 1.3 INFORMATION MANAGEMENT AND DECISION MAKING........................................................................................................26 1.3.1 Structured and unstructured decisions...................................................................................................................26 1.3.2 Information systems to support decision making...................................................................................................27 1.4 TYPES OF INFORMATION SYSTEM...............................................................................................................................28 1. Operational level information systems..........................................................................................................28 2. Tactical level information systems................................................................................................................28 3. Strategic level information systems...............................................................................................................28 1.4.2 Executive Support Systems (ESS)............................................................................................................................30 1.4.3 Management Information Systems (MIS)...............................................................................................................30 1.4.4 Decision Support Systems (DSS)..............................................................................................................................31 1.4.5 Knowledge Work Systems (KWS)...........................................................................................................................33 1.4.6 Office Automation Systems (OAS)..........................................................................................................................34 1.4.7 Transaction Processing Systems (TPS)...................................................................................................................35 1. Batch Processing and On-line processing......................................................................................................36 1.4.8 Expert Systems..........................................................................................................................................................36 1.5 KNOWLEDGE MANAGEMENT..................................................................................................................................................37 1.5.1 What is knowledge?..................................................................................................................................................37 1. Knowledge and intellectual capital................................................................................................................37 2. Knowledge processes.....................................................................................................................................38 1.5.2 Knowledge management...........................................................................................................................................38 1. Why knowledge management is important....................................................................................................38 1.5.3 Approaches to knowledge management..................................................................................................................39 1. Dealing with the human factor.......................................................................................................................39 2. Organisation structure....................................................................................................................................39 3. Top executive behaviour................................................................................................................................40 4. The role of information and communication technologies (ICT)..................................................................40 5. Organisation, People or ICT?........................................................................................................................41 6. Defining a strategy.........................................................................................................................................41 7. What are organisations doing?.......................................................................................................................41 8. Measuring success in knowledge management..............................................................................................42 1.5.4 Conclusion.................................................................................................................................................................42 2. STRATEGIC PLANNING OF INFORMATION SYSTEMSI 48 2.1 STRATEGIC PLANNING............................................................................................................................................................48 2.1.1 Corporate strategy....................................................................................................................................................48 2.1.2 Business strategy.......................................................................................................................................................48 2.1.3 Functional/operational strategic; information systems strategy...........................................................................49 5 2.2 FORMULATING STRATEGIES: THE RATIONAL MODEL...........................................................................................................49 2.2.1 Strategic analysis.......................................................................................................................................................49 2.2.2 Strategic choice..........................................................................................................................................................50 2.2.3 Strategy implementation..........................................................................................................................................50 2.3 WHY HAVE AN IS/IT STRATEGY?...........................................................................................................................................50 2.3.1 Importance of information systems.........................................................................................................................50 2.3.2 Strategic potential for IT..........................................................................................................................................52 2.4 THE INFORMATION SYSTEMS STRATEGY..............................................................................................................................52 2.4.1 Purpose of an information systems strategy...........................................................................................................52 2.4.2 Contents of IS strategy..............................................................................................................................................53 2.5 DEVELOPING A STRATEGY FOR INFORMATION SYSTEMS AND INFORMATION TECHNOLOGY.............................................54 2.5.1 The Information Engineering..................................................................................................................................54 1. Initiating the ISP project................................................................................................................................55 2. Clarifying the business strategy.....................................................................................................................55 3. Modelling the business..................................................................................................................................55 4. Reviewing current information systems........................................................................................................56 5. Building the information systems' architecture..............................................................................................56 6. Developing the strategic information systems plan (SISP)............................................................................58 2.5.2 Parson Generic IS Strategies....................................................................................................................................58 1. Centrally planned...........................................................................................................................................58 2. Leading edge..................................................................................................................................................59 3. Free market....................................................................................................................................................59 4. Monopoly.......................................................................................................................................................59 5. Scarce resource..............................................................................................................................................59 6. Necessary evil................................................................................................................................................60 2.5.3 Generic framework for developing an IS strategy.................................................................................................60 1. ‘W3?’ Where We Were?................................................................................................................................60 2. ‘W2R?’ Where We Are?................................................................................................................................61 3. ‘W32B?’ Where We Want To Be?................................................................................................................61 4. ‘(GT)2?’ Going To Get There?......................................................................................................................63 5. ‘W4?’ Where We Went Wrong?....................................................................................................................64 6. Strategic Tools and Techniques.....................................................................................................................65 7. Conclusion.....................................................................................................................................................65 2.5.4 Earl three leg approach for IS Strategy development............................................................................................66 1. Infrastructure led - bottom up planning process............................................................................................66 2. Business led - top down planning process.....................................................................................................66 3. Eclectic (mixed) planning process.................................................................................................................66 3. STRATEGIC PLANNING OF INFORMATION SYSTEMS II 70 3.1 IS/IT STRATEGY......................................................................................................................................................................70 3.2 ESTABLISHING ORGANISATIONAL INFORMATION REQUIREMENTS (REQUIREMENT ANALYSIS).........................................70 3.2.1 Enterprise analysis....................................................................................................................................................71 3.2.2 Critical success factors..............................................................................................................................................71 1. Data sources for CSFs....................................................................................................................................72 3.2.3 CSF analysis..............................................................................................................................................................73 3.2.4 Using Anthony’s levels of management...................................................................................................................73 3.3 IT CURRENT SITUATION ANALYSIS........................................................................................................................................74 3.3.1 Nolan’s stage Model..................................................................................................................................................75 3.3.2 Earl’s Grid.................................................................................................................................................................77 3.3.3 McFarlan IS Strategic Grid.....................................................................................................................................77 3.3.4 The applications portfolio.........................................................................................................................................79 3.4 IS/IT ENVIRONMENTAL ANALYSIS.........................................................................................................................................80 6 Information Technology Management, Audit & Control TABLE OF CONTENTS 3.4.1 Opportunities And Threats......................................................................................................................................80 3.4.2 Pest Analysis..............................................................................................................................................................81 3.5 SWOT ANALYSIS.................................................................................................................................................................82 1. Economic/industry context............................................................................................................................83 2. Stakeholders...................................................................................................................................................83 3. Technical issues.............................................................................................................................................84 4. The importance of management.....................................................................................................................84 3.6 INFORMATION SYSTEMS AND COMPETITIVE ENVIRONMENT................................................................................................85 3.6.1 Changing the industry structure..............................................................................................................................85 3.6.2 Creating new businesses and industries..................................................................................................................87 3.6.3 USING IS/IT FOR COMPETITIVE ADVANTAGE............................................................................................87 1. Generic strategies for competitive advantage................................................................................................87 2. Porter's value chain........................................................................................................................................88 3. IS/IT and competitive advantage - other writers............................................................................................90 3.7 INFORMATION SYSTEMS AND ITS ALIGNMENT WITH CORPORATE/BUSINESS STRATEGY.....................................................91 3.7.1 Ward's Top down aligning of IS and business strategies......................................................................................91 3.7.2 Management and behavioural styles.......................................................................................................................94 3.7.3 Business objectives and IS/IT resources..................................................................................................................95 3.7.4 Components of Long Range plans...........................................................................................................................95 4. INTERNET & E-COMMERCE 112 4.1 THE INTERNET- AN OVERVIEW..................................................................................................................................112 4.1.1 Problems with the Internet.....................................................................................................................................113 4.1.2 INTERNET SECURITY ISSUES..........................................................................................................................114 4.1.3 Hacking....................................................................................................................................................................115 4.1.4 Viruses......................................................................................................................................................................116 1. Types of viruses...........................................................................................................................................116 4.2 ENCRYPTION AND OTHER SAFETY MEASURES......................................................................................................................118 4.2.1 Encryption...............................................................................................................................................................118 4.2.2 Authentication.........................................................................................................................................................118 4.2.3 Firewalls...................................................................................................................................................................118 4.2.4 Dial-back security...................................................................................................................................................118 4.2.5 Cryptography, keys and signatures.......................................................................................................................118 4.3 ELECTRONIC COMMERCE.....................................................................................................................................................119 4.3.1 Electronic Data Interchange (EDI)........................................................................................................................120 4.3.2 Opportunities over E-commerce and the web......................................................................................................120 1. Distribution..................................................................................................................................................121 2. Electronic marketing....................................................................................................................................121 3. Collecting information about customers......................................................................................................122 4. 4. Clickstreams............................................................................................................................................122 5. Virtual companies and virtual supply chains (VSC)....................................................................................123 4.3.3 Impact of e-commerce and Internet on the traditional business.........................................................................123 4.3.4 Disadvantages of e-commerce................................................................................................................................126 1. Lack of trust.................................................................................................................................................127 2. Confidentiality.............................................................................................................................................127 3. Integrity.......................................................................................................................................................127 4. Availability..................................................................................................................................................127 5. Authentication and non-repudiation.............................................................................................................127 6. Power:..........................................................................................................................................................127 4.4 E BUSINESS MODELS.............................................................................................................................................................128 4.4.1 Types of E-business Models....................................................................................................................................129 1. Business to Consumer Models.....................................................................................................................129 7 2. Business to Business Models.......................................................................................................................131 4.5 ELECTRONIC PAYMENT METHODS........................................................................................................................................132 4.5.1 Introduction to electronic payments......................................................................................................................132 4.5.2 Electronic cash.........................................................................................................................................................133 4.5.3 Electronic payment protocols.................................................................................................................................133 1. Secure Socket Layer (SSL)..........................................................................................................................133 2. Secure-HTTP...............................................................................................................................................133 3. Secure Electronic Payment Protocol (SEPP)...............................................................................................134 4. Secure Electronic Transactions (SET).........................................................................................................134 5. ECML..........................................................................................................................................................134 6. Automated Clearing House (ACH)..............................................................................................................134 7. Digital Signature..........................................................................................................................................134 4.5.4 Electronic payment systems/methods....................................................................................................................135 1. Micro Payment.............................................................................................................................................135 2. Smart Cards.................................................................................................................................................135 3. Online Banking............................................................................................................................................136 4. E-cash (Digicash).........................................................................................................................................136 5. E-Checks......................................................................................................................................................136 6. E-Wallets.....................................................................................................................................................137 7. Financial electronic data interchange (F-EDI).............................................................................................137 5. MANAGEMENT OF INFORMATION TECHNOLOGY 144 5.1 MANAGEMENT OF IT OPERATION........................................................................................................................................144 5.1.1 Computer operations..............................................................................................................................................145 1. Operator Assisted Operations......................................................................................................................145 2. Lights Out Operations (Automated Unattended Operations).......................................................................145 5.1.2 Input/Output Control Function.............................................................................................................................146 1. Data Entry Personnel...................................................................................................................................146 5.1.3 Management of IS Operations...............................................................................................................................147 5.1.4 Control Function.....................................................................................................................................................147 5.1.5 Planning and Scheduling: Service Level...............................................................................................................147 1. Service Level Agreements...........................................................................................................................148 5.1.6 Job Accounting........................................................................................................................................................149 5.1.7 Scheduling................................................................................................................................................................149 5.1.8 Monitoring Use of Resources.................................................................................................................................149 5.1.9 Problem Management.............................................................................................................................................149 5.1.10 Program Change Control.......................................................................................................................................151 5.1.11 Quality Assurance...................................................................................................................................................151 5.1.12 Support/Help Desk..................................................................................................................................................151 5.1.13 IS Operations Staffing............................................................................................................................................152 5.1.14 Privacy.....................................................................................................................................................................153 5.2 MANAGEMENT OF INTER-ORGANIZATIONAL COMPUTING..................................................................................................154 5.2.1 Collaborative Computing.......................................................................................................................................154 1. Benefits and Costs involved in CSCW.......................................................................................................155 5.2.2 Distributed Systems................................................................................................................................................156 5.2.3 EDI and Electronic Commerce..............................................................................................................................157 5.2.4 Outsourcing.............................................................................................................................................................157 1. Different approaches to outsourcing............................................................................................................158 5.2.5 Application Service Provider.................................................................................................................................159 1. Defining an ASP..........................................................................................................................................160 2. Defining an Internet ASP.............................................................................................................................161 3. Advantages of ASPs....................................................................................................................................161 4. Examples of ASPs.......................................................................................................................................162 5. Things to Ask a Prospective ASP................................................................................................................163 5.3 MANAGEMENT OF END-USER COMPUTING...........................................................................................................................164 5.3.1 Levels of End User Computing..............................................................................................................................164 8 Information Technology Management, Audit & Control TABLE OF CONTENTS 1. By Skill and Job Content.............................................................................................................................164 2. By Control...................................................................................................................................................166 3. By Maturity..................................................................................................................................................166 5.3.2 Risks in User Controlled Computing....................................................................................................................167 5.3.3 Approaches to Managing User Controlled Computing.......................................................................................168 5.4 FINANCIAL ANALYSIS AND CONTROL....................................................................................................................................169 5.4.1 Limitations of Cost Benefit Analysis.....................................................................................................................169 5.4.2 Checklist for IS costs...............................................................................................................................................169 1. Technology costs -.......................................................................................................................................169 2. Organisational costs -...................................................................................................................................170 3. IS Balance sheet...........................................................................................................................................170 5.4.3 Value.........................................................................................................................................................................171 5.5 ACCOUNTING FOR IS COSTS..................................................................................................................................................172 5.5.1 Costs incurred in delivering information system.................................................................................................172 5.5.2 Accounting for costs of an information system.....................................................................................................173 1. Non-recharged cost centre...........................................................................................................................174 2. Recharged at cost.........................................................................................................................................174 3. Recharged at a mark-up...............................................................................................................................175 4. Cross charging of costs including shared infrastructure costs.....................................................................175 5.5.3 Establishing information systems function as a separate entity..........................................................................176 6. E BUSINESS ENABLING SOFTWARE 183 6.1 CUSTOMER RELATIONSHIP MANAGEMENT.........................................................................................................................183 6.1.1 Definition.................................................................................................................................................................183 6.1.2 CRM Objectives......................................................................................................................................................183 6.1.3 Impacts of CRM on Organizations........................................................................................................................184 6.1.4 CRM Applications...................................................................................................................................................184 1. Customer-Facing Applications....................................................................................................................185 2. Customer-Touching Applications................................................................................................................186 3. Customer-Centric Intelligence Applications................................................................................................186 6.1.5 The CRM Application Supplier.............................................................................................................................187 1. CRM Suite Suppliers...................................................................................................................................188 2. CRM Point Solution Suppliers.....................................................................................................................188 3. E-Commerce Suppliers................................................................................................................................188 6.1.6 Selecting CRM Products.........................................................................................................................................188 6.1.7 How to Succeed with CRM.....................................................................................................................................189 6.1.8 Conclusion...............................................................................................................................................................189 6.2 SALES FORCE AUTOMATION (SFA)......................................................................................................................................190 1. Stages of SFA..............................................................................................................................................190 2. Data Mapping..............................................................................................................................................190 3. Mobile devices and SFA..............................................................................................................................191 4. Benefits of Sales Force Automation include...............................................................................................191 6.3 SUPPLY CHAIN MANAGEMENT.............................................................................................................................................193 6.3.1 Introduction.............................................................................................................................................................193 6.3.2 Supply Chain Management Software....................................................................................................................194 1. Supply chain planning (SCP) software........................................................................................................194 2. Supply chain execution (SCE) software......................................................................................................194 3. Supply chain process management (SCPM) software.................................................................................194 6.3.3 Features of a SCM software...................................................................................................................................195 1. Forecast........................................................................................................................................................195 2. Collaborate...................................................................................................................................................195 3. Optimize......................................................................................................................................................196 4. Execute........................................................................................................................................................196 5. Process Management...................................................................................................................................196 9

Description:
Information Technology. Mohammad Amjad Bhatti ACA. Mohammad Qaiser Sheikh ACCA. F21. ICAP. Management Audit & Control. SKANS
ebook img

ITMAC by Muhammad Amjad Bhatti, ACA & Muhammad Qaiser Sheikh, ACCA PDF

434 Pages·2012·5.52 MB·English
by  
Save to my drive
Quick download
Download
Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview ITMAC by Muhammad Amjad Bhatti, ACA & Muhammad Qaiser Sheikh, ACCA

Information Technology F21 Management Audit & Control ICAP SKANS Mohammad Amjad Bhatti ACA Mohammad Qaiser Sheikh ACCA Information Technology Management, Audit & Control DEDICATED TO To my parents, teachers and all my seniors without their guidance and advice I would have been nowhere in life And Especially to a person who has directed me towards the meaning of life ….. 1 Acknowledgements This book is not the end of anything; its just the beginning…. For you, for me and for all the friends and colleagues who have helped me shape and express the knowledge shared on these pages. They include, first and foremost, my family – my mother who has been from the day one my greatest source of inspiration; my father who taught me to be on the righteous path and who knew just when to kick the tar out of me to keep me in the line. I also wish to express my deep appreciation for someone who is far and away, the true intellectual powerhouse of the offspring for being there, through so many turning points. 2 Information Technology Management, Audit & Control Aims and Objectives To provide: • Essential body of IT knowledge relating to business systems • IT security, control, and governance knowledge related to business systems • Application of knowledge to manage and evaluate IT Interactive Grid Syllabus Content Area Weightage 1. IT Strategy and Management 30 2. IT Security, Control and Management 40 3. Case Studies 30 TOTAL 100 Syllabus 1. IT Strategy and Management 1.1 IT Strategy Chapter 1 to 4 a. What is Strategy? b. The Strategic Plan c. The IT Strategic Plan d. Considerations for IT Strategic Planning e. Aligning the IT and Business Strategic Plans f. Components of Long Range Plans g. E-Business Models 1.2 Management of IT Chapter 5 h. Management of computer operations i. Management of inter-organisational computing j. Management of end-user computing k. Financial analysis and control l. IT Control Objectives 1.3 Software Chapter 6 a. Supply Chain Management (SCM) b. Enterprise Resources Planning (ERP) c. Customer Relationship Management (CRM) d. Sales Force Automation (SFA) e. E-Business Products 1.4 IFAC Guidelines/Discussion papers Chapter 7 a. Managing Security of Information b. Managing Information Technology Planning for Business Impact c. Acquisition of Information Technology d. Implementation of Information Technology Solutions e. IT Service Delivery and Support f. IT Executive Checklist g. Other Papers and Guidelines 3 2. Information Technology Security, Control and Management 2.1 Introduction Chapter 8 2.2 Control frameworks Chapter 8 a. Risks and exposures in computer-based information systems b. IT control frameworks 2.3 Control objectives Chapter 8 a. Effectiveness, efficiency, economy of operations b. Reliability of financial reporting c. Effectiveness of design d. IT asset safeguarding e. Compliance with applicable laws and regulations f. System reliability g. Data integrity 2.4 Layer of control Chapter 10 a. Societal b. Organisational environment c. Technology infrastructure d. Software e. Business process 2.5 Responsibility for control Chapter 10 a. Role and responsibilities of key parties 2.6 Control environment Chapter 10 a. External regulatory controls b. Board/audit committee governance c. Management philosophy and operating style d. Plans/structure of organisation e. Method to communicate the assignment of authority and responsibility f. Management control methods g. Human resource policies and practices h. Financial policies and practices 2.7 Risk assessment Chapter 9 a. Risk categories b. Probability of loss c. Consequences 2.8 Control activities Chapter 11, 12 and 13 a. Control design b. Control procedures c. Control over data integrity, privacy and security d. Availability / continuity of processing, disaster recovery planning and control e. IS processing /operations 2.9 Monitoring of control compliance Chapter 10 a. Roles of management, users, auditors b. Computer-assisted audit techniques 4 Information Technology Management, Audit & Control TABLE OF CONTENTS Detailed Table of Contents 1. INFORMATION & INFORMATION SYSTEMS 19 1.1 INFORMATION REQUIREMENTS..............................................................................................................................................19 1.1.1 Types of Information................................................................................................................................................20 1. Strategic information.....................................................................................................................................20 2. Tactical information.......................................................................................................................................21 3. Operational information.................................................................................................................................21 1.1.2 Improvements to information..................................................................................................................................22 1.2 THE VALUE AND COST OF INFORMATION..............................................................................................................................22 1.2.1 Assessing the value of information..........................................................................................................................23 1.2.2 Cost of information...................................................................................................................................................24 1.2.3 Traditional methods for assessing cost....................................................................................................................25 1.2.4 The benefits of a proposed information system......................................................................................................25 1.3 INFORMATION MANAGEMENT AND DECISION MAKING........................................................................................................26 1.3.1 Structured and unstructured decisions...................................................................................................................26 1.3.2 Information systems to support decision making...................................................................................................27 1.4 TYPES OF INFORMATION SYSTEM...............................................................................................................................28 1. Operational level information systems..........................................................................................................28 2. Tactical level information systems................................................................................................................28 3. Strategic level information systems...............................................................................................................28 1.4.2 Executive Support Systems (ESS)............................................................................................................................30 1.4.3 Management Information Systems (MIS)...............................................................................................................30 1.4.4 Decision Support Systems (DSS)..............................................................................................................................31 1.4.5 Knowledge Work Systems (KWS)...........................................................................................................................33 1.4.6 Office Automation Systems (OAS)..........................................................................................................................34 1.4.7 Transaction Processing Systems (TPS)...................................................................................................................35 1. Batch Processing and On-line processing......................................................................................................36 1.4.8 Expert Systems..........................................................................................................................................................36 1.5 KNOWLEDGE MANAGEMENT..................................................................................................................................................37 1.5.1 What is knowledge?..................................................................................................................................................37 1. Knowledge and intellectual capital................................................................................................................37 2. Knowledge processes.....................................................................................................................................38 1.5.2 Knowledge management...........................................................................................................................................38 1. Why knowledge management is important....................................................................................................38 1.5.3 Approaches to knowledge management..................................................................................................................39 1. Dealing with the human factor.......................................................................................................................39 2. Organisation structure....................................................................................................................................39 3. Top executive behaviour................................................................................................................................40 4. The role of information and communication technologies (ICT)..................................................................40 5. Organisation, People or ICT?........................................................................................................................41 6. Defining a strategy.........................................................................................................................................41 7. What are organisations doing?.......................................................................................................................41 8. Measuring success in knowledge management..............................................................................................42 1.5.4 Conclusion.................................................................................................................................................................42 2. STRATEGIC PLANNING OF INFORMATION SYSTEMSI 48 2.1 STRATEGIC PLANNING............................................................................................................................................................48 2.1.1 Corporate strategy....................................................................................................................................................48 2.1.2 Business strategy.......................................................................................................................................................48 2.1.3 Functional/operational strategic; information systems strategy...........................................................................49 5 2.2 FORMULATING STRATEGIES: THE RATIONAL MODEL...........................................................................................................49 2.2.1 Strategic analysis.......................................................................................................................................................49 2.2.2 Strategic choice..........................................................................................................................................................50 2.2.3 Strategy implementation..........................................................................................................................................50 2.3 WHY HAVE AN IS/IT STRATEGY?...........................................................................................................................................50 2.3.1 Importance of information systems.........................................................................................................................50 2.3.2 Strategic potential for IT..........................................................................................................................................52 2.4 THE INFORMATION SYSTEMS STRATEGY..............................................................................................................................52 2.4.1 Purpose of an information systems strategy...........................................................................................................52 2.4.2 Contents of IS strategy..............................................................................................................................................53 2.5 DEVELOPING A STRATEGY FOR INFORMATION SYSTEMS AND INFORMATION TECHNOLOGY.............................................54 2.5.1 The Information Engineering..................................................................................................................................54 1. Initiating the ISP project................................................................................................................................55 2. Clarifying the business strategy.....................................................................................................................55 3. Modelling the business..................................................................................................................................55 4. Reviewing current information systems........................................................................................................56 5. Building the information systems' architecture..............................................................................................56 6. Developing the strategic information systems plan (SISP)............................................................................58 2.5.2 Parson Generic IS Strategies....................................................................................................................................58 1. Centrally planned...........................................................................................................................................58 2. Leading edge..................................................................................................................................................59 3. Free market....................................................................................................................................................59 4. Monopoly.......................................................................................................................................................59 5. Scarce resource..............................................................................................................................................59 6. Necessary evil................................................................................................................................................60 2.5.3 Generic framework for developing an IS strategy.................................................................................................60 1. ‘W3?’ Where We Were?................................................................................................................................60 2. ‘W2R?’ Where We Are?................................................................................................................................61 3. ‘W32B?’ Where We Want To Be?................................................................................................................61 4. ‘(GT)2?’ Going To Get There?......................................................................................................................63 5. ‘W4?’ Where We Went Wrong?....................................................................................................................64 6. Strategic Tools and Techniques.....................................................................................................................65 7. Conclusion.....................................................................................................................................................65 2.5.4 Earl three leg approach for IS Strategy development............................................................................................66 1. Infrastructure led - bottom up planning process............................................................................................66 2. Business led - top down planning process.....................................................................................................66 3. Eclectic (mixed) planning process.................................................................................................................66 3. STRATEGIC PLANNING OF INFORMATION SYSTEMS II 70 3.1 IS/IT STRATEGY......................................................................................................................................................................70 3.2 ESTABLISHING ORGANISATIONAL INFORMATION REQUIREMENTS (REQUIREMENT ANALYSIS).........................................70 3.2.1 Enterprise analysis....................................................................................................................................................71 3.2.2 Critical success factors..............................................................................................................................................71 1. Data sources for CSFs....................................................................................................................................72 3.2.3 CSF analysis..............................................................................................................................................................73 3.2.4 Using Anthony’s levels of management...................................................................................................................73 3.3 IT CURRENT SITUATION ANALYSIS........................................................................................................................................74 3.3.1 Nolan’s stage Model..................................................................................................................................................75 3.3.2 Earl’s Grid.................................................................................................................................................................77 3.3.3 McFarlan IS Strategic Grid.....................................................................................................................................77 3.3.4 The applications portfolio.........................................................................................................................................79 3.4 IS/IT ENVIRONMENTAL ANALYSIS.........................................................................................................................................80 6 Information Technology Management, Audit & Control TABLE OF CONTENTS 3.4.1 Opportunities And Threats......................................................................................................................................80 3.4.2 Pest Analysis..............................................................................................................................................................81 3.5 SWOT ANALYSIS.................................................................................................................................................................82 1. Economic/industry context............................................................................................................................83 2. Stakeholders...................................................................................................................................................83 3. Technical issues.............................................................................................................................................84 4. The importance of management.....................................................................................................................84 3.6 INFORMATION SYSTEMS AND COMPETITIVE ENVIRONMENT................................................................................................85 3.6.1 Changing the industry structure..............................................................................................................................85 3.6.2 Creating new businesses and industries..................................................................................................................87 3.6.3 USING IS/IT FOR COMPETITIVE ADVANTAGE............................................................................................87 1. Generic strategies for competitive advantage................................................................................................87 2. Porter's value chain........................................................................................................................................88 3. IS/IT and competitive advantage - other writers............................................................................................90 3.7 INFORMATION SYSTEMS AND ITS ALIGNMENT WITH CORPORATE/BUSINESS STRATEGY.....................................................91 3.7.1 Ward's Top down aligning of IS and business strategies......................................................................................91 3.7.2 Management and behavioural styles.......................................................................................................................94 3.7.3 Business objectives and IS/IT resources..................................................................................................................95 3.7.4 Components of Long Range plans...........................................................................................................................95 4. INTERNET & E-COMMERCE 112 4.1 THE INTERNET- AN OVERVIEW..................................................................................................................................112 4.1.1 Problems with the Internet.....................................................................................................................................113 4.1.2 INTERNET SECURITY ISSUES..........................................................................................................................114 4.1.3 Hacking....................................................................................................................................................................115 4.1.4 Viruses......................................................................................................................................................................116 1. Types of viruses...........................................................................................................................................116 4.2 ENCRYPTION AND OTHER SAFETY MEASURES......................................................................................................................118 4.2.1 Encryption...............................................................................................................................................................118 4.2.2 Authentication.........................................................................................................................................................118 4.2.3 Firewalls...................................................................................................................................................................118 4.2.4 Dial-back security...................................................................................................................................................118 4.2.5 Cryptography, keys and signatures.......................................................................................................................118 4.3 ELECTRONIC COMMERCE.....................................................................................................................................................119 4.3.1 Electronic Data Interchange (EDI)........................................................................................................................120 4.3.2 Opportunities over E-commerce and the web......................................................................................................120 1. Distribution..................................................................................................................................................121 2. Electronic marketing....................................................................................................................................121 3. Collecting information about customers......................................................................................................122 4. 4. Clickstreams............................................................................................................................................122 5. Virtual companies and virtual supply chains (VSC)....................................................................................123 4.3.3 Impact of e-commerce and Internet on the traditional business.........................................................................123 4.3.4 Disadvantages of e-commerce................................................................................................................................126 1. Lack of trust.................................................................................................................................................127 2. Confidentiality.............................................................................................................................................127 3. Integrity.......................................................................................................................................................127 4. Availability..................................................................................................................................................127 5. Authentication and non-repudiation.............................................................................................................127 6. Power:..........................................................................................................................................................127 4.4 E BUSINESS MODELS.............................................................................................................................................................128 4.4.1 Types of E-business Models....................................................................................................................................129 1. Business to Consumer Models.....................................................................................................................129 7 2. Business to Business Models.......................................................................................................................131 4.5 ELECTRONIC PAYMENT METHODS........................................................................................................................................132 4.5.1 Introduction to electronic payments......................................................................................................................132 4.5.2 Electronic cash.........................................................................................................................................................133 4.5.3 Electronic payment protocols.................................................................................................................................133 1. Secure Socket Layer (SSL)..........................................................................................................................133 2. Secure-HTTP...............................................................................................................................................133 3. Secure Electronic Payment Protocol (SEPP)...............................................................................................134 4. Secure Electronic Transactions (SET).........................................................................................................134 5. ECML..........................................................................................................................................................134 6. Automated Clearing House (ACH)..............................................................................................................134 7. Digital Signature..........................................................................................................................................134 4.5.4 Electronic payment systems/methods....................................................................................................................135 1. Micro Payment.............................................................................................................................................135 2. Smart Cards.................................................................................................................................................135 3. Online Banking............................................................................................................................................136 4. E-cash (Digicash).........................................................................................................................................136 5. E-Checks......................................................................................................................................................136 6. E-Wallets.....................................................................................................................................................137 7. Financial electronic data interchange (F-EDI).............................................................................................137 5. MANAGEMENT OF INFORMATION TECHNOLOGY 144 5.1 MANAGEMENT OF IT OPERATION........................................................................................................................................144 5.1.1 Computer operations..............................................................................................................................................145 1. Operator Assisted Operations......................................................................................................................145 2. Lights Out Operations (Automated Unattended Operations).......................................................................145 5.1.2 Input/Output Control Function.............................................................................................................................146 1. Data Entry Personnel...................................................................................................................................146 5.1.3 Management of IS Operations...............................................................................................................................147 5.1.4 Control Function.....................................................................................................................................................147 5.1.5 Planning and Scheduling: Service Level...............................................................................................................147 1. Service Level Agreements...........................................................................................................................148 5.1.6 Job Accounting........................................................................................................................................................149 5.1.7 Scheduling................................................................................................................................................................149 5.1.8 Monitoring Use of Resources.................................................................................................................................149 5.1.9 Problem Management.............................................................................................................................................149 5.1.10 Program Change Control.......................................................................................................................................151 5.1.11 Quality Assurance...................................................................................................................................................151 5.1.12 Support/Help Desk..................................................................................................................................................151 5.1.13 IS Operations Staffing............................................................................................................................................152 5.1.14 Privacy.....................................................................................................................................................................153 5.2 MANAGEMENT OF INTER-ORGANIZATIONAL COMPUTING..................................................................................................154 5.2.1 Collaborative Computing.......................................................................................................................................154 1. Benefits and Costs involved in CSCW.......................................................................................................155 5.2.2 Distributed Systems................................................................................................................................................156 5.2.3 EDI and Electronic Commerce..............................................................................................................................157 5.2.4 Outsourcing.............................................................................................................................................................157 1. Different approaches to outsourcing............................................................................................................158 5.2.5 Application Service Provider.................................................................................................................................159 1. Defining an ASP..........................................................................................................................................160 2. Defining an Internet ASP.............................................................................................................................161 3. Advantages of ASPs....................................................................................................................................161 4. Examples of ASPs.......................................................................................................................................162 5. Things to Ask a Prospective ASP................................................................................................................163 5.3 MANAGEMENT OF END-USER COMPUTING...........................................................................................................................164 5.3.1 Levels of End User Computing..............................................................................................................................164 8 Information Technology Management, Audit & Control TABLE OF CONTENTS 1. By Skill and Job Content.............................................................................................................................164 2. By Control...................................................................................................................................................166 3. By Maturity..................................................................................................................................................166 5.3.2 Risks in User Controlled Computing....................................................................................................................167 5.3.3 Approaches to Managing User Controlled Computing.......................................................................................168 5.4 FINANCIAL ANALYSIS AND CONTROL....................................................................................................................................169 5.4.1 Limitations of Cost Benefit Analysis.....................................................................................................................169 5.4.2 Checklist for IS costs...............................................................................................................................................169 1. Technology costs -.......................................................................................................................................169 2. Organisational costs -...................................................................................................................................170 3. IS Balance sheet...........................................................................................................................................170 5.4.3 Value.........................................................................................................................................................................171 5.5 ACCOUNTING FOR IS COSTS..................................................................................................................................................172 5.5.1 Costs incurred in delivering information system.................................................................................................172 5.5.2 Accounting for costs of an information system.....................................................................................................173 1. Non-recharged cost centre...........................................................................................................................174 2. Recharged at cost.........................................................................................................................................174 3. Recharged at a mark-up...............................................................................................................................175 4. Cross charging of costs including shared infrastructure costs.....................................................................175 5.5.3 Establishing information systems function as a separate entity..........................................................................176 6. E BUSINESS ENABLING SOFTWARE 183 6.1 CUSTOMER RELATIONSHIP MANAGEMENT.........................................................................................................................183 6.1.1 Definition.................................................................................................................................................................183 6.1.2 CRM Objectives......................................................................................................................................................183 6.1.3 Impacts of CRM on Organizations........................................................................................................................184 6.1.4 CRM Applications...................................................................................................................................................184 1. Customer-Facing Applications....................................................................................................................185 2. Customer-Touching Applications................................................................................................................186 3. Customer-Centric Intelligence Applications................................................................................................186 6.1.5 The CRM Application Supplier.............................................................................................................................187 1. CRM Suite Suppliers...................................................................................................................................188 2. CRM Point Solution Suppliers.....................................................................................................................188 3. E-Commerce Suppliers................................................................................................................................188 6.1.6 Selecting CRM Products.........................................................................................................................................188 6.1.7 How to Succeed with CRM.....................................................................................................................................189 6.1.8 Conclusion...............................................................................................................................................................189 6.2 SALES FORCE AUTOMATION (SFA)......................................................................................................................................190 1. Stages of SFA..............................................................................................................................................190 2. Data Mapping..............................................................................................................................................190 3. Mobile devices and SFA..............................................................................................................................191 4. Benefits of Sales Force Automation include...............................................................................................191 6.3 SUPPLY CHAIN MANAGEMENT.............................................................................................................................................193 6.3.1 Introduction.............................................................................................................................................................193 6.3.2 Supply Chain Management Software....................................................................................................................194 1. Supply chain planning (SCP) software........................................................................................................194 2. Supply chain execution (SCE) software......................................................................................................194 3. Supply chain process management (SCPM) software.................................................................................194 6.3.3 Features of a SCM software...................................................................................................................................195 1. Forecast........................................................................................................................................................195 2. Collaborate...................................................................................................................................................195 3. Optimize......................................................................................................................................................196 4. Execute........................................................................................................................................................196 5. Process Management...................................................................................................................................196 9

Description:
Information Technology. Mohammad Amjad Bhatti ACA. Mohammad Qaiser Sheikh ACCA. F21. ICAP. Management Audit & Control. SKANS
See more

The list of books you might like

Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.
DMCA & Copyright: Dear all, most of the website is community built, users are uploading hundred of books everyday, which makes really hard for us to identify copyrighted material, please contact us if you want any material removed.
Copyright @ PDFdrive.to, 2022 | We love our users