Slide Slide 11- 11-1 Chapter 11 rmation Resource Management Strate Introduction to Information Systems Judith C. Simon
Dec 26, 2015
Slide 11-Slide 11-11
Chapter 11Chapter 11
Information Resource Management Strategies
Introduction to Information Systems
Judith C. Simon
Slide 11-Slide 11-22
"Copyright © 2001 John Wiley & Sons, Inc. All rights reserved. Reproduction or translation of this work beyond that permitted in Section 117 of the 1976 United States Copyright Act without
the express written permission of the copyright owner is unlawful. Request for further information should be addressed to the Permissions Department, John Wiley & Sons, Inc. The purchaser may make back-up copies for his/her own use only and not for distribution or resale. The Publisher assumes no
responsibility for errors, omissions, or damages, caused by the use of these programs or from the use of the information
contained herein."
Slide 11-Slide 11-33
Chapter 11 Major TopicsChapter 11 Major Topics
Management of hardware and software Management of data Management of human resources Management of procedures
Slide 11-Slide 11-44
Overview of Information Resource Management (IRM)
Overview of Information Resource Management (IRM)
Major purposes of information resource management (IRM) include:
assisting in making and executing appropriate strategic decisions related to information resources to achieve and maintain a competitive advantage
managing all aspects of information systems - the technology, the people, and the procedures
IRM is often coordinated by a top-level executive, such as a CIO, so that technologies are developed that fit and enhance the strategic plans of the organization.
Slide 11-Slide 11-55
Management of Hardware and SoftwareManagement of Hardware and Software
Major concerns include asset management performance monitoring configuration management security
Slide 11-Slide 11-66
Asset ManagementAsset Management
Primarily concerned with managing the organization’s hardware and software
Software is available that can create and maintain an inventory of hardware and software (including version numbers)
Can help with future purchases and limit the chances of software piracy
Slide 11-Slide 11-77
Performance MonitoringPerformance Monitoring
Used to monitor system workloads and thus provide a more uniform level of service to system users
Also used to monitor network performance so that problem areas can be identified and adequate service provided
Slide 11-Slide 11-88
Configuration ManagementConfiguration Management
Involves management of the ways hardware and software are set up to work together as well as with other systems so that a change in one item will not cause unexpected problems with other parts of the system that might have been designed to work with the item being changed or deleted
Configuration data typically includes names, versions or models, and uses of the hardware and software
Slide 11-Slide 11-99
Hardware and Software SecurityHardware and Software Security
Involves the physical loss of the hardware and/or software programs (data security is discussed later)
Hardware and software loss includes disappearance or destruction of any part of the equipment or programs
Needed level of security must be decided; security methods may include card access, biometric identifiers, passwords, etc.
Slide 11-Slide 11-1010
Management of DataManagement of Data
Major concerns include consistency security backup/recovery disaster recovery
Slide 11-Slide 11-1111
Data ConsistencyData Consistency
Error-checking methods should be used to detect any errors or inconsistencies in data
Results of monitoring of error-checking should be maintained for evaluation of resources
Slide 11-Slide 11-1212
Data SecurityData Security
Primary concerns: Access and control Virus protection Transmission protection
Slide 11-Slide 11-1313
Access and ControlAccess and Control
Need to keep records of who is authorized to access each type of data file
Files should be monitored, with reports indicating how many times a file is accessed, by whom, for how long, and for what purpose
Employees should be trained in good security practices, such as changing passwords often, etc.
Special procedures should be considered, such as multiple IDs or a call-back modem that only sends data to accepted phone numbers
Slide 11-Slide 11-1414
Virus ProtectionVirus Protection
Systems should be analyzed to determine which are vulnerable to viruses and which of those systems are most critical to the operation of the business
Virus protection measures should be put into place as warranted; e.g., an important distributed system should have a high level of protection
Adequate employee procedures may reduce the likelihood of acquiring a virus, such as prohibiting use of disks that have not been checked for viruses
Slide 11-Slide 11-1515
Transmission ProtectionTransmission Protection
Involves having controls to ensure that transmitted data is correct and secure during transmission to its destination
Encryption software is available for transmission protection; systems often use a combination of a “public key” and a “private key” for encoding and decoding the transmission
Slide 11-Slide 11-1616
Routine Backup and RecoveryRoutine Backup and Recovery
Refers to procedures established for maintaining backup data in case of problems with any part of the daily computer operations and for recovery of the data if a problem does occur
Backups should be performed at least once a week At least two people should know how to perform
backup and recovery procedures At least one copy of important data should be kept
offsite at all times
Slide 11-Slide 11-1717
Disaster RecoveryDisaster Recovery
Refers to methods of recovering from a major disaster (e.g., hurricane, tornado, fire), which are different from routine backup/recovery methods
System must be at a different site, often geographically distant from the site of interest
Slide 11-Slide 11-1818
Typical Disaster Recovery OptionsTypical Disaster Recovery Options
Hot site: similar computer system is available and ready to use immediately if needed for most important functions; service is typically provided by a separate company
Redundant system: existence of a second system (mirrored system) at a different location; system is usually maintained by the same organization
Reciprocal agreement: agreement among companies with similar environments to provide backup systems (unless disaster affects them, too)
Slide 11-Slide 11-1919
Typical Disaster Recovery Options, continuedTypical Disaster Recovery Options, continued
Cold site: basic shell that can be set up with everything when needed; less expensive than hot site but not as readily available
Service bureau: provides short-term backup, usually for application-specific needs (less expensive but more limited provisions)
Slide 11-Slide 11-2020
Management of Human ResourcesManagement of Human Resources
Major issues include End user application development Support systems for end-user computing Control systems for end-user computing
Slide 11-Slide 11-2121
End User Application Development - Advantages
End User Application Development - Advantages
May save time and expense compared with development by information systems professionals
May reduce backlog of projects for systems development staff so they can concentrate on most critical projects for the organization
May be more likely to meet end users’ needs
Slide 11-Slide 11-2222
End User Application Development - Disadvantages
End User Application Development - Disadvantages
May duplicate systems already in existence because of lack of knowledge of other departments’ systems
May develop systems that are incompatible with other systems or that do not meet company standards
May have to use trial and error, possibly producing an inferior or erroneous system
May omit important systems development procedures useful in long term
May result in need for additional management controls and coordination
Slide 11-Slide 11-2323
Support Systems for End User ComputingSupport Systems for End User Computing
Decisions must be made as to the level of support needed, as well as whether to provide the services with internal personnel or with external personnel
Widely used support systems: Training Help desk systems
Slide 11-Slide 11-2424
Training ConsiderationsTraining Considerations
Length of training needed may vary with different end users
Too many participants may reduce the chances for meeting individual needs
Computer applications training should involve actual hands-on activities
Multiple short sessions are more effective than the same total time in one session
Evaluation should be included, both of the trainer and of the participants
Slide 11-Slide 11-2525
Training TrendsTraining Trends
Use of simultaneous interactive video, involving videoconferencing equipment and computer networks, so trainees can be at various locations worldwide
Use of Internet-based training, which allows training to be self-paced and available from any location with an Internet connection; also allows for quick updates to course content
Slide 11-Slide 11-2626
Help Desks and Related AssistanceHelp Desks and Related Assistance
Allows end users to use phone or email to obtain assistance, depending on system in use
Some companies have internal systems, some have external systems, some use a combination of both
Software is available to assist with this activity
Slide 11-Slide 11-2727
Typical Capabilities of Help Desk SoftwareTypical Capabilities of Help Desk Software
Automatic call distribution, so the appropriate person responds to an end user question
Text retrieval system that can be searched quickly to provide assistance
Call-tracking system, so records can be maintained concerning the types of calls and locations of problems
Slide 11-Slide 11-2828
Typical Capabilities of Help Desk Software, continued
Typical Capabilities of Help Desk Software, continued
Multimedia support so that help desk personnel can view diagrams and other media that can assist them in answering end users’ questions
Online solution database so end users can try to find answers without calling help desk
Slide 11-Slide 11-2929
Control Systems for End User ComputingControl Systems for End User Computing
End user control systems are used to reduce the potential waste of time and money by coordinating activities and to provide security to the systems. Specific types of controls involve identification of appropriate application development
projects proper access and use of hardware and software,
including productive use appropriate data access and use, with security
equivalent to other systems
Slide 11-Slide 11-3030
Management of ProceduresManagement of Procedures
In addition to controls already discussed, other major procedural issues include
quality assessment, such as use of Malcolm Baldrige guidelines or ISO 9000 criteria
cost allocations, keeping records to assist in using resources most effectively
usage logs, which can assist in cost allocations and planning; usage log software is also available for Internet/intranet operations
Slide 11-Slide 11-3131