2. Security of Information
• Security means that data is safe from unauthorised or
unexpected access, alteration or destruction
• Management should dictate who can view and update
information
• This could be:
– Everyone in the organisation
– Those on authorised lists
– More controlled access following complex rules, with
logging of access to data
• IT Department is usually responsible for advising and
implementing rules
3. Backups
• Organisations need to safeguard against
physical data loss or processing problems
• Information should be backed up regularly
• Could be full or partial backups of information
which has changed
• IT Departments should practise data recovery
and restores
4. Health and Safety
• MIS are relatively low risk
• Regulations for using, and the position of
screens and monitors
• Keyboards, mice, chairs and tables must be
positioned appropriately
• Computer users are entitled to eye tests
• Computer users should take regular breaks
away from the computer
• All existing office and workplace environment
laws apply to using information systems
5. Organisation Policies
• Organisations can have policies related to
the use of information systems
• Examples:
– Keeping information confidential
– Correcting data that is incorrect
6. Business Continuance Plan (BCP)
• Plan in case any major part of an IT System fails
• IT Department should have procedures to follow
in case of a failure so that they can at least
provide a limited service.
• Example: Dual network with alternate terminals
connected to each network. If one network
fails, half the terminals will still work.
• Organisations need to plan their BCP, e.g. having
additional servers
7. Costs
• It is important to manage the costs of IT Projects
• The total benefits of a project should exceed the
total costs
• Two areas to consider regarding costs for a
business case:
– Additional resources required e.g.
• New computer equipment and installation
• User testing and training
• Additional IT resources to run the systems
– Cost of development
• Cost of getting/developing the new system
• Costs of future developments of the system
8. Impact of Increasing Sophistication of
Systems
• Early MIS often automated manual systems
• Software was relatively simple and users did not
need extensive training
• Today's systems are more complex. They need:
– More trained personnel – training needed in using
equipment and using the software
– More complex software packages are provided for
business experts to build information systems
– Problems may need both business experts and
development experts to solve them