Slide 11-1 Chapter 11 Information Resource Management Strategies Introduction to Information Systems Judith C. Simon.

Slide 11-Slide 11-11

Chapter 11Chapter 11

Information Resource Management Strategies

Introduction to Information Systems

Judith C. Simon


"Copyright © 2001 John Wiley & Sons, Inc. All rights reserved. Reproduction or translation of this work beyond that permitted in Section 117 of the 1976 United States Copyright Act without

the express written permission of the copyright owner is unlawful. Request for further information should be addressed to the Permissions Department, John Wiley & Sons, Inc. The purchaser may make back-up copies for his/her own use only and not for distribution or resale. The Publisher assumes no

responsibility for errors, omissions, or damages, caused by the use of these programs or from the use of the information

contained herein."


Chapter 11 Major TopicsChapter 11 Major Topics

Management of hardware and software Management of data Management of human resources Management of procedures


Overview of Information Resource Management (IRM)

Overview of Information Resource Management (IRM)

Major purposes of information resource management (IRM) include:

assisting in making and executing appropriate strategic decisions related to information resources to achieve and maintain a competitive advantage

managing all aspects of information systems - the technology, the people, and the procedures

IRM is often coordinated by a top-level executive, such as a CIO, so that technologies are developed that fit and enhance the strategic plans of the organization.


Management of Hardware and SoftwareManagement of Hardware and Software

Major concerns include asset management performance monitoring configuration management security


Asset ManagementAsset Management

Primarily concerned with managing the organization’s hardware and software

Software is available that can create and maintain an inventory of hardware and software (including version numbers)

Can help with future purchases and limit the chances of software piracy


Performance MonitoringPerformance Monitoring

Used to monitor system workloads and thus provide a more uniform level of service to system users

Also used to monitor network performance so that problem areas can be identified and adequate service provided


Configuration ManagementConfiguration Management

Involves management of the ways hardware and software are set up to work together as well as with other systems so that a change in one item will not cause unexpected problems with other parts of the system that might have been designed to work with the item being changed or deleted

Configuration data typically includes names, versions or models, and uses of the hardware and software


Hardware and Software SecurityHardware and Software Security

Involves the physical loss of the hardware and/or software programs (data security is discussed later)

Hardware and software loss includes disappearance or destruction of any part of the equipment or programs

Needed level of security must be decided; security methods may include card access, biometric identifiers, passwords, etc.


Management of DataManagement of Data

Major concerns include consistency security backup/recovery disaster recovery


Data ConsistencyData Consistency

Error-checking methods should be used to detect any errors or inconsistencies in data

Results of monitoring of error-checking should be maintained for evaluation of resources


Data SecurityData Security

Primary concerns: Access and control Virus protection Transmission protection


Access and ControlAccess and Control

Need to keep records of who is authorized to access each type of data file

Files should be monitored, with reports indicating how many times a file is accessed, by whom, for how long, and for what purpose

Employees should be trained in good security practices, such as changing passwords often, etc.

Special procedures should be considered, such as multiple IDs or a call-back modem that only sends data to accepted phone numbers


Virus ProtectionVirus Protection

Systems should be analyzed to determine which are vulnerable to viruses and which of those systems are most critical to the operation of the business

Virus protection measures should be put into place as warranted; e.g., an important distributed system should have a high level of protection

Adequate employee procedures may reduce the likelihood of acquiring a virus, such as prohibiting use of disks that have not been checked for viruses


Transmission ProtectionTransmission Protection

Involves having controls to ensure that transmitted data is correct and secure during transmission to its destination

Encryption software is available for transmission protection; systems often use a combination of a “public key” and a “private key” for encoding and decoding the transmission


Routine Backup and RecoveryRoutine Backup and Recovery

Refers to procedures established for maintaining backup data in case of problems with any part of the daily computer operations and for recovery of the data if a problem does occur

Backups should be performed at least once a week At least two people should know how to perform

backup and recovery procedures At least one copy of important data should be kept

offsite at all times


Disaster RecoveryDisaster Recovery

Refers to methods of recovering from a major disaster (e.g., hurricane, tornado, fire), which are different from routine backup/recovery methods

System must be at a different site, often geographically distant from the site of interest


Typical Disaster Recovery OptionsTypical Disaster Recovery Options

Hot site: similar computer system is available and ready to use immediately if needed for most important functions; service is typically provided by a separate company

Redundant system: existence of a second system (mirrored system) at a different location; system is usually maintained by the same organization

Reciprocal agreement: agreement among companies with similar environments to provide backup systems (unless disaster affects them, too)


Typical Disaster Recovery Options, continuedTypical Disaster Recovery Options, continued

Cold site: basic shell that can be set up with everything when needed; less expensive than hot site but not as readily available

Service bureau: provides short-term backup, usually for application-specific needs (less expensive but more limited provisions)


Management of Human ResourcesManagement of Human Resources

Major issues include End user application development Support systems for end-user computing Control systems for end-user computing


End User Application Development - Advantages

End User Application Development - Advantages

May save time and expense compared with development by information systems professionals

May reduce backlog of projects for systems development staff so they can concentrate on most critical projects for the organization

May be more likely to meet end users’ needs


End User Application Development - Disadvantages

End User Application Development - Disadvantages

May duplicate systems already in existence because of lack of knowledge of other departments’ systems

May develop systems that are incompatible with other systems or that do not meet company standards

May have to use trial and error, possibly producing an inferior or erroneous system

May omit important systems development procedures useful in long term

May result in need for additional management controls and coordination


Support Systems for End User ComputingSupport Systems for End User Computing

Decisions must be made as to the level of support needed, as well as whether to provide the services with internal personnel or with external personnel

Widely used support systems: Training Help desk systems


Training ConsiderationsTraining Considerations

Length of training needed may vary with different end users

Too many participants may reduce the chances for meeting individual needs

Computer applications training should involve actual hands-on activities

Multiple short sessions are more effective than the same total time in one session

Evaluation should be included, both of the trainer and of the participants


Training TrendsTraining Trends

Use of simultaneous interactive video, involving videoconferencing equipment and computer networks, so trainees can be at various locations worldwide

Use of Internet-based training, which allows training to be self-paced and available from any location with an Internet connection; also allows for quick updates to course content


Help Desks and Related AssistanceHelp Desks and Related Assistance

Allows end users to use phone or email to obtain assistance, depending on system in use

Some companies have internal systems, some have external systems, some use a combination of both

Software is available to assist with this activity


Typical Capabilities of Help Desk SoftwareTypical Capabilities of Help Desk Software

Automatic call distribution, so the appropriate person responds to an end user question

Text retrieval system that can be searched quickly to provide assistance

Call-tracking system, so records can be maintained concerning the types of calls and locations of problems


Typical Capabilities of Help Desk Software, continued

Typical Capabilities of Help Desk Software, continued

Multimedia support so that help desk personnel can view diagrams and other media that can assist them in answering end users’ questions

Online solution database so end users can try to find answers without calling help desk


Control Systems for End User ComputingControl Systems for End User Computing

End user control systems are used to reduce the potential waste of time and money by coordinating activities and to provide security to the systems. Specific types of controls involve identification of appropriate application development

projects proper access and use of hardware and software,

including productive use appropriate data access and use, with security

equivalent to other systems


Management of ProceduresManagement of Procedures

In addition to controls already discussed, other major procedural issues include

quality assessment, such as use of Malcolm Baldrige guidelines or ISO 9000 criteria

cost allocations, keeping records to assist in using resources most effectively

usage logs, which can assist in cost allocations and planning; usage log software is also available for Internet/intranet operations


Slide 11-1 Chapter 11 Information Resource Management Strategies Introduction to Information Systems Judith C. Simon.

Documents

software slide

simon slide

software software

software security

software loss

software major concerns

information resources

later hardware