Module 2: Introduction to Information Systems

This unit discusses information systems and their development, capabilities, and security. It includes explanations on
how computer-based information systems contribute to the success of business organizations. Furthermore, it describes
how information systems improve the processes and operations of businesses. Real-world scenarios and examples are
included to further discuss information systems.

UNIT OUTLINE
2.1 Information Systems and Their Capabilities
2.2 Computer-based Information System
2.3 Developing Information Systems
2.4 Information System Security

LEARNING OBJECTIVES
At the end of this unit, the student should be able to:
1. understand the basic concepts of an information system and explain its contributions to business organizations;
2. describe the nature and scope of computer-based information systems and explain how they are used in a business;
3. identify appropriate system development methodologies in designing and developing information systems; and
4. provide a clear overview of the concepts, issues, and approaches in information system security.

2.1 INFORMATION SYSTEMS AND THEIR CAPABILITIES

In the Digital Age, an information system (IS) is used by people and business organizations for the improvement of
processes and operations to make things simpler and easier. It is a combined set of modules for gathering, processing,
and storing of data and for delivering of information and digital products.

IS remains in a state of constant development and change to respond to the needs of people and business organizations.
Furthermore, IS focuses on the development of technological innovation.

Understanding an Information System

Data versus Information
Data, from the Latin word, datum, refer to raw, unorganized, and unprocessed facts. Data can be in the form of a
number, alphabets, date, measurement, and even statement.
Listed below are examples of data:
a. A student's class attendance
b. A car's accident record
c. The price of a meal at McDonalds
d. A student's exam scores
e. The postcode of a customer used by a call center agent

Information is popularly described as refined, structured, and organized data. A process is required to transform data
into information.

Listed below are examples of information:

a. A financial statement
b. The average exam scores in a class

The collection of data for whatever reason should always have a clear purpose and plan for their use. A business
organization's main reason for collecting data is to monitor and improve performance.

For example, if company XYZ Corporation wants to collect data to get feedback from its customers regarding its services
and performance, it must consider the following:
a. Indicators must be clearly defined to measure effective performance.
 b. Collected data must be complete, relevant, reliable, and accurate.
c. Collected data must be gathered on time.
d. Data must be convertible into information that is needed.
e. Data must be entered into the computer system.
f. Information must be analyzable using appropriate technological tools and allow for proper interpretation.

System
A system can be defined as a collection of parts that interact, interconnect, and work together to accomplish certain
objectives.

A subsystem is a part of a whole system that has its own area of immediate focus. For example, the College of Computer
Studies is only a subsystem of a university. Similarly, the Finance Department is a subsystem of any business
organization.

The specific objectives of a system depend on its type.

The following are the types of systems:
a. Natural systems. These systems are made by nature.
Examples are weather systems such as typhoons, floods, and other forces of nature.
b. Man-made systems. These systems are designed, developed, and implemented by human beings.
Examples are transportation systems, computer systems, and healthcare and education systems.

A computer system takes inputs and processes them to create outputs. In today's modern understanding of a computer
system, after the set of outputs has been generated, it can proceed to three stages: storage (to store the output in a
specific storage location, i.e., database or cloud), getting appropriate feedback from users, and control (to correct
problems that occur during the process and make sure that the system fulfills its purpose).

Input
The fundamental idea of a computer system is that in every input, there is an expected output. Users are required to
input data into a specific program or computer system using input devices such as a keyboard, mouse, scanner, and so
on. The data could be text, graphics, audio, or even videos. Then, the data will be processed.
For example, a user enters data in a Microsoft Word program using a keyboard. The text will automatically appear on
the monitor. In this example, the keyboard serves as the input device.

Process
Every computer has a microprocessor. The central processing unit or the CPU is considered the brain of a computer and
the one responsible for controlling all activities and handling input/output (I/O) operations within a computer system.
Data inputted into a system is processed by the CPU.

Output
The output is the result after data processing. It is usually presented externally from the computer system. The output
can be presented using an output device. Output devices include printers, monitors, and speakers.

Storage
Storage devices help users keep data, information, and instructions from specific programs. Storage devices areprimarily
divided into two types: (1) primary storage device and (2) secondary storage device. Primary storage devices include
random-access memory (RAM) and read-only memory (ROM).
These devices are also called internal memories located inside the CPU, which can easily be accessed by the processor
anytime.

On the other hand, secondary storage devices are known as any alternative storage. It allows users to store data,
information, files, and programs temporarily for future use.

Listed below are examples of storage devices:

 a. CD-ROM
b. Cloud storage
c. DVD
d. USB flash drive
e. Hard drive disk
f. Zip diskette
g. Memory card

Introducing Information Systems

An information system (IS) is a man-made system that collects, stores, retrieves, processes, manages, disseminates, and
analyzes information needed to facilitate a business organization's operational functions and support its management in
making decisions. IS is essential for business firms as it manages and organizes their operations.

Like any other system, it operates within a specific environment. It includes inputs, processes, and outputs. Data and
instructions are part of the input; these are processed in a specific IS to produce valuable outputs such as reports,
analyses, or calculations that will be sent later on to the concerned users or other systems. A feedback mechanism is
also included.

Take an IS used to maintain and manage student records in a university as an example. The possible inputs are a
student's ID, name, program, subjects, subject schedule, and tuition fees. An IS processes these to update a student's
registration records in the database (storage), and it gives a valuable output: the list of registered students in a particular
subject or program.

Assume that while users enter data about registration, they must also enter related information such as who will
register the subject, how the student will pay his/her tuition fees, and why the student has decided to be part of the
program. These data will be stored in a storage location (master data) of the IS and can produce outputs such as annual
reports in the future. It could also help an organization analyze the available data for future reference or improvements.

Master data are relatively permanent data that are stored in the IS for a long time. These data may include customer
master data (complete customer information), employee master data (complete details of an employee), and subject
master data (including information related to the subject, i.e., subject name, description, schedule, and so on).

There are two (2) types of updates that can be made in the master data of an IS: (a) information processing (IP) and (b)
data maintenance (DP).

Information processing refers to data processing functions that are commonly related to internal operations (e.g.,
manufacturing) and economic and financial activities.

Data maintenance refers to a system's functional activities such as adding, saving, deleting, updating, retrieving, and
editing data from the master data.
An IS is more concerned about the organization's business processes. The following are the three (3) logical components
of a business process within the scope of an IS:
a. Information process
b. Operations process
c. Management process

Information process refers to a portion of an IS closely related to a specified business process. It plays a crucial role in
making these three components work together to attain a specific objective.
Information users for this particular process include the staff, employees, management, and customers. Maintaining
customer data and receiving a customer's complete order from an e-commerce website are examples of this process.

Operation process refers to a man-made IS that consists of people, policies, procedures, and equipment whose main
objective is to accomplish a certain goal of a particular business organization. The people involved in this process include
those from human resources and those who are tasked with product distribution. Attaching shipment details and
including the tracking information about a product are examples of this process.

Management process refers to a man-made IS that consists of people, policies, procedures, and equipment whose main
objective is to plan, manage, and control the overall operations of a business organization. These processes include
activities concerning planning and decision-making. Creating new policies and procedures on delivering products to
customers is an example of this process.

Difference between Information Technology and Information System

IT refers to any technological or computer-based tool primarily used for supporting the needs of business organizations.
On the other hand, an IS collects, stores, retrieves, processes, manages, disseminates, and analyzes information needed
to facilitate business organizations' operational functions and support management in making decisions. An IS is used by
a business organization to attain its common goal.

Capabilities of an Information System

For business organizations to thrive in the modern business environment, they must take competition seriously. They
must expect powerful capabilities with regard to an IS. The following are the capabilities of an IS.

A. Processing transactions quickly and precisely

Each activity done over an IS is called a transaction. In a bank, for example, the transactions are bank deposits and
withdrawals. For a university, transactions include registering in courses, paying tuition fees, and viewing attendance
summaries. Business organizations can produce thousands to millions of transactions per day, and these are managed by
an IS. This is referred to as transaction processing wherein an IS can record, store, delete, capture, and update data
easily.

The most common example of a transaction processing system is a point of sale (POS). This POS can be seen in malls,
retail stores, restaurants, and supermarkets that use automated cash registers and bar code readers to record and store
data.

B. Managing large-capability storage and fast and easy access storage

An IS should focus not only on providing a vast data storage for business organizations but also on fast and easy access
to any type of storage.

C. Efficiently communicating through a network

An IS must have strong communication features that can easily transfer information from one computer to another or
from one user to another. Through the use of networks, employees of business organizations can easily and quickly
communicate with each other. In addition, networks could transmit data, such as text, audio, video, and documents
simultaneously.

D. Easing information overload for users

IS, including networks, contribute a lot of information to users, particularly to people in charge of decision-making. The
amount of information available over the Internet nowadays are doubled and even tripled every day. As a result, top-
management users (managers, supervisors, and executives) are having difficulty making decisions because of
information overload. Thus, an IS must be designed to analyze problems and support decision-making ti reduce
information overload.

E. Supporting decision-making
One of the most popular ISs is the decision support system or DSS. This system helps users make decisions anytime at all
levels of a business organization. The Is allows low-level employees to participate in information sharing, which is
necessary for decision-making.
F. Serving as a competitive weapon against competitors
More than a decade ago, ISs were viewed as a waste of money for business organizations. Today, IS; are viewed as profit
makers and a means for competitive advantage over competitors. For example, many years ago, airline ticket
reservations were restricted to one travel agency with a specific system that was not linked to other branches of the
travel agency. The worst scenario was that this travel agency was also not linked to another travel agency (organization
to organization), Therefore, profit was limited, access was poor, transactions were done slowly, and information may
have been inaccurate. Nowadays, a travel agency integrates its IS with other travel agencies and coordinates closely with
their suppliers.

G. Uniting an organization through the coordination of its big and small groups
This capability allows organizations or parts of them to come together toward achieving a common goal or objective

H. Strengthening organizational memory and learning and exploring new things

This means practices and knowledge in the past have vast influences on current organizational operations or activities.

I. Determining the process of separating products and services

J. Automating Business Processes

This refers to labor-saving technology by which business processes or procedures are executed using IS with minimum
human assistance and to reduce costs and expedite work.

2.2 COMPUTER-BASED INFORMATION SYSTEM

IS these days are mostly computer-based. These computer-based ISs (CBISs) use both computer and
telecommunications technology to perform certain tasks.

The basic components of CBISs are as follows:

1. Hardware. Hardware consists of the system's physical devices.

Examples: printer, mouse, keyboard, scanner, microcomputers, workstations, servers, storage devices (RAM, ROM,
hard drive), network devices (switches, hubs, fiber optics, routers), and other devices (ATM, ID readers/systems)

Computer Hardware and Its Components

The hardware is always referred to as the physical component of a computer. It can be found in an internal
component of the central processing unit (CPU) such as the motherboard, which serves as the brain of the
computer. The hardware and software are connected to each other, which means that a computer will not work
without either of them.

2. Software. Software refers to the set of computer programs that control the overall operation of the computer
system.
Examples: word processor and multimedia software

Computer Software and Its Types

A computer software can be categorized into two
(2) different types:
• System software. It refers to a program that controls the overall operations of a computer. File
management utilities and operating systems are the best examples for this type of software.
Examples: disk operating system (DOS) and Unix
• Application software. It refers to an end-user program, also known as a productivity program, such as MS
Office applications, game applications, Internet browsing, and email applications. This type of software is
specifically designed to answer the needs of its users. It is simple and easy to use.3. Database. It refers to a
collection of related files and records that are stored in a special location for easy access.
Examples: MS Access and Oracle
3. Database. It refers to the collection of related files and records that are stored in a special location for easy access.
Examples: MS Access and Oracle

4. Networks. It refers to the connection of two or more computers established for the purpose of sharing various data.
Examples: local area network (LAN), metropolitan area network (MAN), and wide area network (WAN)

5. Procedures. These are the rules, policies, and methods that administer the operation of a computer system. They
are as significant as the people using the system. The procedures state the appropriate software to use with the
hardware and clarify the role of the components in the CBIS.

6. People. They are the most crucial component of an IS. They are the people who work with an IS to produce useful
outputs.

Other Computer-Based IS Components

1. Telecommunications. It refers to the electronic transmission of information within a specific distance.
2. Internet. It is the largest type of network that allows users to share information worldwide.
3. World Wide Web. It is accessible through the Internet, and it consists of multimedia collections that are stored
in a particular database of a CBIS.

Other Types of IS

1. Transaction Processing Systems (TPS)

A TPS is also known as a real-time processing system. it is an IS for all types of business transactions. It captures, stores,
classifies, maintains, updates, and retrieves transaction data for record keeping and inputting data to other types of
CBISs. The characteristics of a TPS include quality performance, reliability, and consistency.
In a TPS, there is no delay in batch processing, and the results of each transaction are immediately available. In the case
of a delay in batch processing, errors usually occur; they are uncommon but acceptable and will not demand a shutdown
of the entire system.

For an organization to achieve quality performance, reliability, and consistency of transaction processing, data must be
readily accessible in a data warehouse, and backup procedures, as well as recovery processes, must be put in place to
deal with system and human failure, computer viruses, software application glitches and incompatibilities, and natural
disasters.

2. Management Information Systems (MIS)

An MIS is a CBIS that consists of hardware and software applications that support all the organization's business
transactions. This IS collects raw data from different computer systems, analyzes and processes them, and reports them
to assist and serve in decision-making. An MIS, as well as the study on how such system works, should be considered.

The MIS collects and gathers data, such as employee profile, project timeline, financial status, inventory management,
raw materials, and marketing and manufacturing; places them in a data warehouse; and makes them ready for access at
all times to managers and higher-ups who want to evaluate the data from the reports generated.

3. Decision Support Systems (DSS)

A DSS is a computer-based application that helps companies identify and give solutions by making decisions on how to
solve problems including issues on raw data, documents, employee and company profiling and management, and
business models.

The DSS is responsible for delivering information to managers who make assessments about specific scenarios that are
not well-managed. Other DSS applications include medical diagnosis, business management, forest management,
railroad projects, and financial verification (for credit loan, credit card application, and so on).
4. Executive Information Systems (EIS)
An ElS is a specialized DSS that assists senior executives of organizations in making decisions. It provides easy access to
valuable information necessary to achieve organizational goals. It is usually made up of four components: hardware,
software, telecommunication, and user interface.

As with other computer systems, the software is the one that controls the computer hardware in terms of execution in
an EIS. Telecommunication is the process of transmitting data from one location to another and facilitating
communication among users. User interface (UI) refers to the means by which a person deals with a system, that is, how
he/she accesses the system or experiences it. A typical EIS has a user-friendly UI, which means that the operating system
is easy to use, and the output is easy to interpret.

Early ElSs were built as programs for mainframe computers to help company administrations provide information in
terms of the company's profile and business performance for the senior executives. IS data that are available in a
company are assisted by technologies such as computers, machines, and workstations done through a network known
as LAN or the local area network, which is a type of network that consists of a group of computers and associated
devices that share common communication lines or wireless links to a server. This network allows employees to deliver
appropriate and accurate information, as well as ideas, both to the company's higher and lower management levels.

2.3 DEVELOPING INFORMATION SYSTEMS

This chapter will discuss the different approaches involving how information system (IS) is developed and implemented
by whom and by what.

Systems development consists of the procedures in building and upholding IS. It includes the five main components of
15 such as hardware, software, data, procedures, and people, which have been already discussed in the previous
chapter, It has a combination of one's technical expertise with knowledge and management skill in business.

System Development Life Cycle (SDLC) is one of the methodologies used in software development. However, many
developed systems fail to meet the needs and requirements of a business. One of the many reasons for such failure is
that the systems are not fully functional or not so flexible to adjust to the changing needs of the business. The SDLC
emphasizes that the system can be developed in a series of phases. This simply means that each phase must be
completed first before other phase commences. In terms of programming, the development phase (building the system)
will only commence once the users requirements have already been determined, and the system design has been
produced.

An SDLC is composed of multiple phases. In general, it follows the following: (1) planning, (2) analysis, (3) design,
(4) development, (5) testing, (6) implementation, and (7) maintenance. The SDLC emphasizes that a system can be
developed in a series of phases. It simply means that each phase must be completed first before another phase
commences. In terms of programming, the development phase (building the system) will only commence once the
users' requirements have already been determined, and the system's design has been produced.

Phases of the System Development Life Cycle

1. Planning
The system project plan is composed of the following:
• Determining a business problem or verifying if there are problems and opportunities that might exist
• Investigating if the solution to be given to the problem(s) is feasible such that there would be an
improvement on the IS to be executed
• Obtaining a project management plan approval for implementation
• Identifying appropriate system requirements, which includes:
a. Five components of the IS in terms of what hardware devices would be needed, software that would be used,
data that must be gathered, procedures that would be followed, the people who would be followed, and the
people who would be involved in developing the system
b. Criteria for the requirements analysis to start, which should always be approved by a project manager
2. Analysis
The following are dons in this phase:
• Identifying and taking into account the risks that are related to how the technology to be used for the project
will be integrated into the standard operating procedures
• Studying and gathering the functional and nonfunctional requirements of the business process
Software applications (e.g., computer programming languages), files, and data flow must not be considered during the
system analysis stags,

3. Design
This phase aims to transform the system requirements that have been identified during the previous stages into a more
detailed system architecture that will be feasible, full-bodied, and valuable to the organization.

4. Development
This phase aims to convert the approved system architecture and design into a working system that is reliable and stable
through the functional as well as technical and non-technical requirements that were identified and observed during the
earlier stages of the life cycle solutions.

Solutions in coding may be through the following:

• The availability of technical specifications
• Approved and signed-off blueprints of the system architecture by clients, stakeholders, managers, and the like

5. Testing
This phase executes the system integration testing of the created and developed system. It guarantees that the
developed systems have brought together all the technical and non-technical requirements with the necessary
components and subsystems integrated.
The system test may require a series of tests depending on the scope and involvedness of the requirements, including
the six main quality characteristics: functionality, reliability, usability, efficiency, maintainability, and portability.

The entire system must be prepared for the congregation before proceeding to the integration and testing stage,
meaning:
• All hardware and software configurations must have been constructed and tested successfully
All integration plans are ready and prepared
Implementation
The deployment or implementation phase first installs the system in the production environment and makes it ready for
operation. It then ensures that the system is fully developed and free from system errors.
The following must be confirmed:
• The fulfillment of all the functional and non-functional requirements
• The approval of business necessities
• An observation of all authorizations, physical constraints, and service-level agreements (e.g., SOA)
• The operations as mentioned and discussed in the user manuals

6. Maintenance
This phase involves making changes to the hardware, software, and documentation process to support and sustain the
system's operational effectiveness.

This is the phase where modifications are made to enhance the system's performance, solutions to the problems or
system errors encountered are derived, security enhancements are performed, and user requirements are addressed.

Security enhancement during this phase is essential to ensure that information and the entire system are free from
malware or malicious software.
2.4 INFORMATION SYSTEM SECURITY
Information security means protecting information and ISs from malicious software and unauthorized access, use,
disclosure, modification, disruption, or destruction.

Information security management is the process of identifying the security controls to keep and defend information
assets.
The succeeding chapters will provide more information about
IS security.

REFERENCE:
Rolou Lyn Rodriguez Maata, Ronina Caoili-Tayuan (2021), IT Application Tools in Business, C & E Publishing, Inc., ISBN:
9789719815808