Basic Systems Concepts and Tools

THE SYSTEMS VIEW

· a discipline for seeing wholes

· a framework for seeing interrelationships rather than things

· an antidote to the sense of helplessness one feels when confronted with

complexity

What is system view?

Ø A system is a set of interrelated components that must work together to achieve some
common purpose.

An information system (IS) can be defined in a very broad way as the collection of IT,
procedures, and people responsible for the capture, movement, management, and
distribution of data and information.

Seven Key Systems Element

1. Boundary

2. Environment

3. Inputs

4. Outputs

5. Components

6. Interfaces

7. Storage

Three system characteristics that are especially important for analyzing and designing
information systems are the following:

1. What can be controlled

2. What scope is manageable within a given time period

3. The impact of a boundary change

The components of a subsystem can be further broken down into more subsystems. The
process of breaking down a system into successive levels of subsystems, each of which
shows more detail, is called hierarchical (or functional) decomposition.

Five important goals of hierarchical decomposition of a system are the following:

1. To cope with the complexity of a system

2. To analyze or change only part of the system

3. To design and build each subsystem at different times

4. To direct the attention of a target audience

5. To allow system components to operate more independently

An interface is the point of contact between a system and its environment or between
two subsystems. In an information system, the functions of an interface are generally as
follows:

Ø Filtering Disposing of useless data (or noise)

Ø Coding/decoding Translating data from one format into another

Ø Error detection and correction Checking for compliance to standards and for
consistency

Ø Buffer Allowing two subsystems to work together without being tightly synchronized

Ø Security Rejecting unauthorized requests for data and providing other protection
mechanisms

Ø Summarizing Condensing a large volume of input into aggregate statistics

Interfaces also can be built between preexisting independent systems.

Another important objective of an interface is system decoupling.The principal methods

of system decoupling are these:

Ø Slack and flexible resources Providing alternative paths to follow when one
component breaks down or slows down

Ø Buffers Storing data in a temporary location as a buffer or waiting line that can be
depleted as the data are handled by the next component.
Ø Sharing resources Creating shared data stores with only one program (part of the
interface component) maintaining the data, thus avoiding the need to synchronize
multiple step updating or to operate with inconsistent multiple copies of data

Ø Standards Enforcing standards that reduce the need for two components to
communicate.

BUSINESS PROCESSES

- Functional "silo approach -> process-oriented approach

- chain of activities required to achieve an outcome such as order fulfillment or material

acquisition

IDENTIFYING BUSINESS PROCESSES

- a key analytical task

- not be viewed just as its workflow rather be viewed as firms’ assets and liabilities.

- to yield the greatest value

Folklore Processes

- process carried out only because they have been in the past.

- should be abandoned because they create no economic value

- process not necessarily the same for others

BUSINESS PROCESS REDESIGN

- start clean state

- Don’t automate; obliterate!

Business Process Reengineering (BPR)

- radical business redesign initiatives that attempt to achieve dramatic improvements in
business process

○ Accounts Payable at Ford Motor Company

- Concluded to reduce 20 percent in this department but when it took the clean state
approach it achieve a 75 percent improvement gain
○ Mutual Benefit Life Insurance
- old application processing was a 30-step process that involve 19 people in 5
departments, but with the reengineered process, an individual case manager is
empowered to handle the entire loan application process.

IT ENABLER OF BPR

6 PRINCIPLES (HAMMER,1990)

1. Organize Business Processes Around Outcomes, Not Tasks

- this principle implies that knew person should perform all the steps in given process

2. Assign Those Who Use the Output to Perform the Process

- the intent of this principle is to make those most interested in a result accountable for the
production of that result.

3. Integrate Information Processing into The Work That Produces the Information

- This principle states that information should be processed at its source.

4. Create A Virtual Enterprise by Treating Geographically Distributed Resources as Though

They Were Centralized

- this principle implies that the distinction between centralization and decentralization is
artificial with IT.

5. Link Parallel Activities Instead of Integrating Their Results

- this principle says that related activities should be constantly coordinated rather than
waiting until a final step to ensure consistency.

6. Have the People Who Do the Work Make All the Decisions, And Let Controls Built into The
System Monitor the Process

- the result of this principle is the drastic reduction of layers of management, the
empowerment of employees, and the shortcutting of bureaucracy.

Ø Not all BPR projects of the early 1990s were success

THE INFORMATION SYSTEM DEVELOPMENT LIFE CYCLE

1: DEFINITION
- end users and systems analysts conduct a multistep analysis of the current business
operations and the information system or systems in the area of concern.
2: CONSTRUCTION
- entails the designing, building and testing of a system that satisfies the requirements
developed in the definition phase.

3: IMPLEMENTATION
- business managers and IS professionals work together to install the new system, which
often involves converting data and procedures from an old system.

STRUCTURED TECHNIQUES
- these techniques exist for all phases of the system development process, and many
variations have emerged.

2 MAJOR APPROACHES TO SYSTEM BUILDING

1. PROCEDURAL ORIENTED SYSTEMS

- most common
- include data-oriented as well as sequential, process-oriented activities.

2. OBJECT ORIENTED TECHNIQUES

- newer approach to system development.
- require an entirely new way of thinking for veteran IS professional

PROCEDURAL-ORIENTED TECHNIQUES

- This process is akin to the general problem solving approach of analysis, design, and
take action.
- Also called Sequential Approach
- It helps ensure that the new process will work in concert with the new information
system, NOT against it.

Three Modeling Step Approach

Document As-Is > Create Logical To-Be > Translate Into Physical To-Be

As-Is Model

- Documenting of the existing system

- Baseline for system: Why build a new one if it will not do more than the old one, do it
faster, or avoid existing problems?
- Includes both LOGICAL and PHYSICAL models
- User incentive

Context Diagram
 - Positions the system as a whole with regards to the other entities and activities with
which it interacts
- Provides common frame of reference for project participants and helps define project
scope

Work Process Flow Diagram

- Identifies existing information sources, information sources that are updated, the order in
which steps occur, and some of the dependencies or decisions.
- The work process flow diagram and other as-is techniques serve to point out where the
existing system does and does not perform as desired.
Logical To-Be Model

- Creating a model of the desired future system

- Majority of effort is typically involved in this model
- Shows what the system will do, including improvements possibly only because of new
technology
- Describes the WHAT, rather than the HOW
- Involves critical appraisal of existing work processes to:
- Identify major subprocesses, entities, and their interactions
- Separate processing from the flow of data
- Capture relationships between data elements
- Determine those entities and processes within the project scope, and those that
are not

Data Flow Diagram

- It maps out the flow of information for any process or system. This involves groups of
people and is accomplished through multiple iterations.

Four Types of Symbols Used in DFDs

1) External Entity - indicates some elements in the environment of system that send or
receives data
2) Data flow - indicates data in motion
3) Process - processing components of the system
4) Data Store - depicts data at rest

Process of Creating Data Flow Diagram

1) Identify the entities that supply or use system information

2) Distinguish process form the data that they use or produce
3) Explicate business rules that affect the transformation of data to information
4) Identify logical relationships
5) Pinpoint duplicate storage and movements of data

FIGURE 8.13: Top-Level Data Flow Diagram For Accounts Payable System
Data Dictionary/Directory (DD/D)

- Most common approach to maintain the metadata in DFD. Its goal is to maintain the
metadata as possible.
- Also the place to capture whether elements are calculated, how many decimal places
are required, and how an element may be referred to in external systems that reference
it.

FIGURE 8.14 shows a typical data dictionary entry for the data element Purchase Order (PO)
Number.
Data Model

- Created by logically defining the necessary and sufficient relationships among system
data

The most common notation for a data model is an entity-relationship diagram, aka ERD.

FIGURE 8.16: Key Terms for Logical Data Modeling

Physical To-Be Model

- Task dominated by IS specialists, as it requires technology expertise to map logical

requirements to available technology
- Interpretation of the logical future model as physical system design
- Requires additional analysis and host of decisions
OBJECT-ORIENTED TECHNIQUES

- It focuses on implementing real world objects using Classes to create variations of

Objects, that has attributes and purpose.
- Object-oriented is a computer programming model that organizes software design
around data, or objects, rather than functions and logic.

What is the structure of object-oriented programming?

The structure, or building blocks, of object-oriented programming include the following:

CLASSES

- It is created by the programmer, it will act as a blueprint of an object that you want to
implement in your program.
- They contain all the attributes and methods that your desired object should have.

OBJECTS

- It is created by instantiating a Class.

- It is anything that has an attribute and a purpose.

Example: Person, Furniture, Food

ATTRIBUTES

- These are the global variables declared inside of our object.

- It is used to create variations of an object using only one class.

OBJECT METHODS

- are methods declared inside an object class.

- are considered as the object's purpose.

TWO MAJOR PRINCIPLES OF O-O Approach:

1. ENCAPSULATION
- Is an OOP technique used to hide data from direct access.

USING ENCAPSULATION

"Declare attributes as private"

2. INHERITANCE
- is an OOP technique used to inherit attributes and methods from one class to
another.
 SUPERCLASS

- The class where we will inherit the attributes and methods.

SUBCLASS

- The class who will inherit the attributes and methods from a superclass.

INFORMATION SYSTEMS CONTROLS TO MINIMIZE BUSINESS RISK

Although the security and reliability issues will differ somewhat due to the nature of the software
application, this list of control mechanisms provide a starting point for understanding the role of
the IS professional in helping to ensure that business risks have been accounted for.

INFORMATION SYSTEM CONTROLS

- are needed to maintain data integrity, allow only authorized access, ensure proper
system operation, and protect against malfunctions, power outages, and disasters.

SECURITY CONTROLS

- related to the technology infrastructure---such as backup power supplies, network

access control, and firewall protection---are typically the purview of the IS organization.

☆ TYPES OF CONTROL MECHANISMS ☆

CONTROLS IN THE DEFINITION AND CONSTRUCTION PHASES

METHODOLOGY STANDARDS

- One way to avoid errors is to developed standard, repeatable, and possibly reusable
methods and techniques for system developers.
- The importance of standards also extends to the documentation of the system during
construction and the following period of maintenance and upgrades. Standards are also
important for supporting information systems and users.

VALIDATION RULES AND CALCULATIONS

- Each time a data element is updated, the new value can be checked against a
legitimate set or range of values permitted for that data. Providing a screen display with
 associated data can be a very useful edit check. Well-designed user interfaces also will
prevent data entry mistakes.

Various calculations can be performed to a validate processing. Batch totals that calculate the
sum of certain data in a batch of transactions can be computed both manually before
processing and by the computer during processing. A check digit can be appended to critical
identifying numbers such as general ledger account numbersor vendor numbers.

SYSTEM TESTING

The most common and effective of all IS controls is complete system testing. Each program
must be tested individually and in combination with the other programs in the application.

CONTROLS IN THE IMPLEMENTATION PHASE

SECURITY

- The security of data and computers is necessary so that employees, customers,

shareholders, and others can be confident that their interactions with the organization
are confidential and the business’s assets are safe.

Logical access controls are concerned with whether users can run an application, whether
they can read a file or change it, and whether they can change the access that others have.

Two mechanisms for controlling logical access are:

Authentication involves establishing that the person requesting access is who he

or she appears to be.

Authorization involves determining whether or not authenticated users have

access to the requested resources and what they can do with those resources.

Encryption techniques are used to encode data that are transmitted across organizational
boundaries.

BACKUP AND RECOVERY

The ultimate protection against many system failures is to have a backup copy. Periodically a
file can be copied and saved in a separate location such as bank vault.

AUDITING ROLES

IS auditing is still frequently referred to as EDP auditing---a name chosen when the term
electronic data processing was used to refer to computer operations. EDP auditors use a variety
of methods to ensure the correct processing of data, including:
 Compliance tests check that systems builders use high-quality systems development
procedures that lead to properly functioning systems.

Statistical sampling of a portion of databases can identify abnormalities that indicate

systematic probles or security breaches.

Embedded auditing methods include reporting triggers programmed into a system that are
activated by certain processing events. The flagged records are then analyzed to determine if
error or security breaches are occuring in the system.

Audit trails trace transactions from the time of input through all the processes and reports in
which the transactions are used.

- most commonly used EDP auditing technique in the past.