ENTERPRISE BUSINESS SYSTEMS

Supply Chain Management Systems

Supply chain

 A supply chain refers to the collection of people, tasks,

equipment, data and other resources required to produce and

move products from a vendor to a customer.

 Information flows backwards and goods flow forward in a

supply chain
 ENTERPRISE BUSINESS SYSTEMS

Supply Chain Management

 Supply chain management is a set of approaches utilized to

efficiently intergrate suppliers, manufacturers, warehouses,

and stores, so that merchandise is produced and distributed at
the right quantities, to the right locations, and at the right
time, in order to minimize system wide costs while satisfying
service level requirements.
ENTERPRISE BUSINESS SYSTEMS
Goal of a Supply Chain Management System
Functions of SCM System

 Inventory Management -organisations track and manage

their supplies of raw materials and components needed for
production, finished goods to satisfy open sales orders, and
spare parts required for field service and support.
 Order Management – generating and tracking orders as well
enabling scheduling of supplier deliveries to more effectively
meet demand
 Procurement - All activities and tasks associated with
sourcing, purchasing, and payables can be fully automated
and streamlined across a company’s entire supplier network
 Coordinating processes: Supply chain management increases

profitability by aligning the processes used to plan, source,

make, deliver, and (when necessary) return a company’s
products and services.

 Managing resources: Supply chain managers are responsible

for using people, processes, and technology to meet the

needs of customers.

 Integrating functions: Supply chain management connects the

activities of logistics, purchasing, and operations to ensure

that they focus on goals that benefit overall performance.
 ENTERPRISE BUSINESS SYSTEMS

Customer relationship management

All businesses are about people & managing relationship with
people.
 It costs more for the business to get a new customer than to
get existing customers back to our door.
 People have other relationships that they have with other
people and therefore word of mouth affects the organization.
 CRM systems act as an organization storefront
 Users of the systems are all members of the organization
who are in contact with our customers e.g sales, marketing,
customer services
 ENTERPRISE BUSINESS SYSTEMS

Customer relationship management (CRM)

 It is a strategy for managing relationships with customers in

an organized way.
 The main goals of CRM are to attract new customers, retain
current customers, and entice former customers to return to
the organization as well as reduce marketing costs and lower
the cost of providing customer service.
 ENTERPRISE BUSINESS SYSTEMS

Why is CRM important

 Today’s businesses compete with multi-product offerings

created and delivered by networks, alliances and partnerships

of many kinds. Both retaining customers and building
relationships with other value-adding allies is critical to
corporate performance

 The adoption of C.R.M. is being fuelled by a recognition

that long-term relationships with customers are one of the

most important assets of an organisation
 ENTERPRISE BUSINESS SYSTEMS

 Successful CRM systems rely upon two basic elements:

identifying customer touch points and consolidating customer

data.

 Customer touch points are the various types of diverse

interactions that companies have with their customers.

 Some of the more traditional customer touch points include

telephone contact, direct mailings.

 CRM systems are capable of managing additional customer

touch points that can occur through the use of popular

technologies such as e-mail, websites, and smartphones.
 ENTERPRISE BUSINESS SYSTEMS

Data consolidation
 Data from the different touch points should be collected and
integrated into a single destination for processing.
 Customer data must be managed properly to build long-term
customer relationships. This is very important because repeat
customers are the largest generators of revenue for an
organization.
 Customer data may include demographic information, health
histories, marital status, work history, and educational
background
 The CRM system relies on a data warehouse that makes
customer data available throughout the various functional
areas of the organization.
 ENTERPRISE BUSINESS SYSTEMS

Customer relationship management System

 CRM systems involve the use of databases, data mining and

one-to-one marketing, these techniques assist organisations

to increase customer value and their own profitability

 CRM system uses analytics to understand and predict

customer behaviors, allowing call center reps to make the

right offer and deliver the right information at the right time.
 ENTERPRISE BUSINESS SYSTEMS

Examples of how CRM systems are used

Having access to customers contact details and their service or

purchase preferences through databases, organizations can alert
customers to new, similar or alternative services or products

Cookies

HTTP cookies are used for authenticating, tracking, and maintaining

specific information about users, such as site preferences and the
contents of their electronic shopping carts” e.g Amazon
 ENTERPRISE BUSINESS SYSTEMS

Advantages of CRMs

1. Personalize customer experience

2. Deliver a consistent experience.

3. Manage interactions across the service chain

4. Monitor and control business performance in real time and quickly

develop new process strategies to adapt to changing customer
requirements and business goals.

5. Create more successful targeted marketing campaigns

DECISION SUPPORT
SYSTEMS
 ENTERPRISE BUSINESS SYSTEMS

 DSS is a part of special category of information systems that

are designed to enhance managerial decision-making.

 A Decision Support System (DSS) is a computerized

management information system designed to help business

managers resolve complicated business problems and/or
questions.

 A decision support system helps in decision-making but does

not necessarily give a decision itself. Meant to be adjuncts to

decision makers (extending their capabilities but not replacing
their judgment)
 ENTERPRISE BUSINESS SYSTEMS

The nature of decisions

 Information systems can support decision-making levels. These
include the three levels of management activity Strategic
management, tactical management, and operational management.
Strategic management
 A board of directors and an executive committee of the CEO develop
long-range planning.
 Decisions made at the strategic level tend to be unstructured
 ENTERPRISE BUSINESS SYSTEMS

Unstructured decisions

 Decision scenarios that often involve new or unique solutions

 Decision is non routine and there is no agreed nor well understood

procedure for making the decision.

 Unstructured decisions are made for a sudden one-shot kind of

situations
 ENTERPRISE BUSINESS SYSTEMS

Tactical management
 Mid-level managers deal with middle level management activities
such as short-term planning, medium range plans and control.
 They come up with strategies on how to achieve objectives set by the
strategic level managers
 Decisions made at the tactical management level tend to be semi-
structured.
 Semi structured decision scenarios have some structured components
and some unstructured components.
 ENTERPRISE BUSINESS SYSTEMS

Operational management
 Operating managers deal with day-to-day operations of an
organization, such as assigning employees to tasks, or placing or
purchase an order.
 They come up with activities that help achieve objectives set by
strategic management
 Decisions made at the operational management level tend to be
more structured.
 ENTERPRISE BUSINESS SYSTEMS

Structured decisions
 The decisions are made under the established situations.
 They are programmable decisions and they are preplanned.
 Structured decisions are made in situations which are fully
understood
 Structured decisions are made on a regular basis in business
generally made for routine tasks
 There are usually specific policies, procedures, or actions that can
be identified to help make the decision
 ENTERPRISE BUSINESS SYSTEMS

Benefits of DSS
 Improved decision making through in depth analysis of issues and
alternatives.
 Ability to examine more alternatives
 Ability to respond quickly to unexpected situations e.g. analyzing
impact of new legislation on profitability
 Better control of the organisation
 Time saving
 ENTERPRISE BUSINESS SYSTEMS

Disadvantages of DSSs

 Monetary costs- investing in information systems

 Level of User-Friendliness

 Lack of quality assurance- not enough validation of input data

used

 Lack of data security

 Failure to specify correct requirements.

ENTERPRISE RESOURCE
PLANNING SYSTEMS
 Enterprise Resource Planning (ERP) system is a series of
software applications or modules that collects data from your
sales, purchasing, finance, inventory, supply chain,
manufacturing and quality functions into a common database
so that your company can share the information, coordinate
activities and collaborate
 It is the practice of consolidating an enterprise's planning,
manufacturing, sales and marketing efforts into one
management system.
 The basic goal of using an enterprise resource planning
system is to provide one central repository for all
information that is shared by all the various ERP facets to
improve the flow of data across the organization.
 ENTERPRISE BUSINESS SYSTEMS

 Finance : modules for bookkeeping eg accounts receivables account

payables , Ledger

 HR :Software for handling personnel-related tasks for corporate

managers and individual employees eg payroll

 Manufacturing and logistics: A group of applications for planning,

production, taking orders and delivering products to the customers.eg

production planning, material management, order entry and
processing and warehouse management.
ERP COMPONENTS
Advantages of adopting ERP

 ERP provides an integrated real-time view of core business processes

 ERP systems track business resources such as cash, raw materials,

production capacity and the status of business commitments: orders,

purchase orders, and payroll.

 The applications that make up the system, share data across the various

departments

 Integrate customer order information.

Advantages of adopting ERP

 Standardize and speed up operations processes.

 Reduce inventory.

 Fewer errors

 Update one module, automatically updates others.

 Enhances customer service by providing one source for billing and

relationship tracking.
TRANSACTION PROCESSING SYSTEM
 ENTERPRISE BUSINESS SYSTEMS

 TPS-Transaction Processing Systems are simple data processing systems

used at operational levels

 TPS are processing system for business transactions.

 Transactions include Customer Orders, Receipts, Invoices, Payments,

Registration/ bill payment/ cash out

 ENTERPRISE BUSINESS SYSTEMS

 Example : bill payment transaction real time

1. Customer initiates a payment for rates: City Council

2. The customers wallet is debited

3. The billers wallet is credited

4. Simultaneously both receive confirmation messages of the transaction

Types of TPS

1. Payroll
2. Inventory Control
3. Order entry
4. Accounts Receivable
5. Point of sale
 ENTERPRISE BUSINESS SYSTEMS

Advantages of TPS

Promotes efficiency through the following:

• Paperless processes

• Increase in speed of transactions

• immediate feedback

• Produce valuable input for other systems in the organization

• TPS provides a good description of the account activity

 INFORMATION
SYSTEMS SECURITY
 COMPUTER SECURITY

 If you operate a business today, you need to make

security and control a top priority

 ISS - Protection of information systems against

unauthorized access to or modification of information,

whether in storage, processing, or transit, and against the
denial of service to authorized users, including those
measures necessary to detect, document, and counter
such threats – ISO 2700/2014
 COMPUTER SECURITY

Security

A condition that results from the establishment and

maintenance of protective measures that enable an
enterprise to perform its mission or critical functions
despite risks posed by threats to its use of information
systems. Protective measures may involve a combination
of deterrence, avoidance, prevention, detection, recovery,
and correction that should form part of the enterprise’s
risk management approach.
 COMPUTER SECURITY

Vulnerability
Weakness of an asset or control that can be exploited by a
threat
Why systems are vulnerable
 When large amounts of data are stored in electronic form,
they are vulnerable to many more kinds of threats than
when they existed in manual form.
 The potential for unauthorized access, abuse, or fraud is not
limited to a single location but can occur at any access point
in the network.
 Threats can stem from technical, organizational, and
environmental factors compounded by poor management
decisions
 Users at the client layer can cause harm by introducing
errors or by accessing systems without authorization.
 COMPUTER SECURITY

Vulnerability
Weakness of an asset or control that can be exploited by a
threat
 Administrators, vendors and super user users have access to
perform transactions including own records
 There are no audit trails enabled
 Privileged accounts are shared and can delete or edit audit
trails
 Privileged accounts use default settings and passwords
 Unsupported software and hardware
 Outdated security patches and antivirus
 Default user names and passwords
 Lack of awareness and training
 COMPUTER SECURITY

 It is possible to access data flowing over networks,

steal valuable data during transmission, or alter
messages without authorization.
 Those capable of penetrating corporate systems can
destroy or alter corporate data stored in databases or
files.
 Systems malfunction if computer hardware breaks
down, is not configured properly, or is damaged by
improper use or criminal acts.
 Errors in programming, improper installation, or
unauthorized changes cause computer software to
fail.
 COMPUTER SECURITY

 Power failures, floods, fires, or other natural

disasters can also disrupt computer systems

 Domestic or offshore partnering with another

company adds to system vulnerability if valuable

information resides on networks and computers
outside the organization’s control

 Portability makes cell phones, smartphones, and

tablet computers easy to lose or steal.

COMPUTER SECURITY
 COMPUTER SECURITY

Internal threats: employees

Security threats often originate inside an organization
 Inside knowledge

 Sloppy security procedures

 User lack of knowledge

 Social engineering:

Tricking employees into revealing their passwords by

pretending to be legitimate members of the company
in need of information
 COMPUTER SECURITY

Internet vulnerabilities
 Network open to anyone

 Use of fixed Internet addresses with cable or DSL

modems creates fixed targets hackers since they can be

easily identified.
 Unencrypted VOIP anyone with a network can listen in

on conversations.
 E-mail may contain attachments with malicious software

and allow unauthorized access to corporate systems

 COMPUTER SECURITY

Internet vulnerabilities
 Employees may use email to transmit trade secrets or

confidential information to unauthorized recipients.

 With Instant messaging, messages may be intercepted

and read by outsiders during transmission.

 Sharing files over peer to peer networks may also

expose confidential information.

 COMPUTER SECURITY

Threat

 Any circumstance or event with the potential to adversely

impact organizational operations (including mission,

functions, image, or reputation), organizational assets,
individuals, other organizations, or the Nation through an
information system via unauthorized access, destruction,
disclosure, modification of information, and/or denial of
service.
 COMPUTER SECURITY

Threats
 Mishandling of critical or sensitive information by
authorized users
 Incorrect privilege settings
 Fire, flood, hurricane, windstorm or earthquake at primary
or backup facilities
 Introduction of vulnerabilities into software products
 Pervasive disk errors or other problems caused by aging
equipment.
 COMPUTER SECURITY

Wireless security challenges

 Many Wi-Fi networks can be penetrated easily by
intruders using sniffer programs to obtain an address
to access the resources of a network without
authorization.
 Wireless networks are vulnerable because radio
frequency bands are easy to scan
 Bluetooth and Wi-Fi networks are susceptible to
hacking by eavesdroppers
 Hacking software can be used to detect unprotected
networks, monitor network traffic, and, in some
cases, gain access to the Internet or to corporate
networks.
 COMPUTER SECURITY

 An intruder that has associated with an access point is

capable of accessing other resources on the network.

 Intruders can also use the information they have to set up

rogue access points where they capture usernames and

passwords of unsuspecting users.
Malware (malicious software)
 Malicious software programs are referred to as malware
and include computer viruses, worms and Trojan
horses.
Computer Virus
 Rogue software program that attaches itself to other
software programs or data files in order to be executed
usually without the user’s knowledge or permission.
 They can destroy programs or data, clogging computer
memory, reformatting a computer’s hard drive, or
causing programs to run improperly.
 Viruses typically spread from computer to computer
when humans take an action, such as sending an e-mail
attachment or copying an infected file.
 COMPUTER SECURITY

Worms
 Independent computer programs that copy themselves from
one computer to other computers over a network.
 Worms operate on their own without attaching to other
computer program files.
 Worms destroy data and programs as well as disrupt or even
halt the operation of computer networks.
 Rely less on human behavior in order to spread from
computer to computer.
 Worms and viruses are often spread over the internet from
files of downloaded software, attached email transmissions,
online ads, or instant messaging.
 COMPUTER SECURITY

Trojan horses

 Software program that appears to be benign but then

does something other than expected

 The Trojan horse is not itself a virus because it does

not replicate, but it is often a way for viruses or

other malicious code to be introduced into a
computer system.
 COMPUTER SECURITY

Malware and smartphones

 Hackers can do to mobile devices just about anything

they can do to any internet device especially now that

they are increasingly being used as payment devices.

 They can request malicious files without user

intervention, delete files, transmit files, install programs

running in the background to monitor user actions, and
convert the smartphone into a robot that sends emails
and text messages to anyone.
 COMPUTER SECURITY

Malware and smartphones

 Malware spreads using e-mail, text messages, Bluetooth,

and file downloads from the Web via Wi-Fi or cellular

networks.

 Web 2.0 applications allow users to post software code

as part of the permissible content, and such code can be

launched automatically as soon as a web page is viewed.
 COMPUTER SECURITY

 SQL injection attacks

Hackers submit data to Web forms that exploits site’s

unprotected software and sends rogue SQL query to
database
 Exploit can read sensitive data from the database, modify

database data (Insert/Update/Delete), execute

administration operations on the database (such as
shutdown the DBMS), recover the content of a given file
present on the DBMS file system and in some cases issue
commands to the operating system
 COMPUTER SECURITY

 Spyware

Small programs install themselves surreptitiously on

computers to monitor user Web surfing activity and
serve up advertising
 Key loggers

Record every keystroke on computer to steal serial

numbers, passwords, launch Internet attacks
 Unauthorised access to vehicle systems
 Jeep Cherokee remotely hacked and controlled in 2015
– By killing the engine, abruptly engaging the brakes,
or disable them altogether, control radio – literally take
over all radio functions through the CAN
 COMPUTER SECURITY

 Denial-of-service attacks (DoS)

Hackers flood a network server or Web server with many

thousands of false communications or requests for
services to crash the network. The network becomes
unavailable to service legitimate requests.

 Packet sniffers

Programs that covertly search individual packets of data

as they pass through the internet, capturing passwords or
the entire contents.
 COMPUTER SECURITY

Ransomware
 Ransomware works by infecting the system and
quickly encrypting the data.
 Ransomware is now a multimillion business. The
underlying concept is pay or loose your critical data.
WannaCry
 Distributed through spam emails and fake ads, which
trick users into downloading the virus onto their
computer
 Self-propagating
 Locked down the files on users’ computers, and
demanded that they pay a ransom to have their own files
unlocked.
 Encrypts its victims systems using a 2048-bit RSA
 Spread to more than 150 countries and infected more
than 300 000 computers
 Renault’s largest factory shut down on Monday 15 May
2017. 3500 staff affected.
 COMPUTER SECURITY

 Spoofing

 Misrepresenting oneself by using fake e-mail addresses or

masquerading as someone else

 Redirecting Web link to address different from intended one,

with site masquerading as intended destination

 Sniffer

 Eavesdropping program that monitors information traveling

over network
 Enables hackers to steal proprietary information such as e-

mail, company files, etc.

Watering Hole

 Water Hole is a computer attack strategy, in which the

victim is a particular group (organization, industry, or

region). In this attack, the attacker guesses or observes
which websites the group often uses and infects one or
more of them with malware. Eventually, some member
of the targeted group gets infected
 COMPUTER SECURITY

 Identity theft

Theft of personal Information (social security id, driver’s

license or credit card numbers) to impersonate someone else

 Phishing

Setting up fake Web sites or sending e-mail messages that

look like legitimate businesses to ask users for confidential
personal data.

 Evil twins

Wireless networks that pretend to offer trustworthy Wi-Fi

connections to the Internet
 COMPUTER SECURITY

 Pharming

Redirects users to a bogus Web page, even when

individual types correct Web page address into his or her
browser

 Click fraud

Occurs when individual or computer program

fraudulently clicks on online ad without any intention of
learning more about the advertiser or making a purchase
 Sunday, 15 May 2016, 100 people reportedly used
forged Standard Bank credit cards to withdraw ¥1.8bn
[about R300 Million] from 1 400 ATMs in Tokyo and
other areas in Japan in under 3 hours – 05hr00 – 08hr00.
 Unauthorised access to Standard Bank system in South
Africa leading to a malfunction of the system shortly
before the cash was withdrawn.
 The group obtained 3000 sets of personal data and
loaded it into empty cards.
 Seven Bank ATMs, located in 7-Eleven convenience
stores, were targeted because they are the only Japanese
banks that allow withdrawals on foreign-issued credit
and debit cards.
 Each of the 14 000 transactions saw the gang withdraw
¥100 000 or roughly R14 300, the maximum withdrawal
limit set for ATMs.
 COMPUTER SECURITY

Risk assessment

 A risk assessment determines the level of risk to the firm if a

specific activity or process is not properly controlled.

 Each unit making use of ICTs should have their own risk register

showing risk event, impact, likelihood and mitigation plan

 Not all risks can be anticipated and measured, most businesses

should be able to identify some of the risks they might face.

 COMPUTER SECURITY

Security policy

 A security policy consists of statements ranking information

risks, identifying acceptable security goals (risk appetite),

and identifying the mechanisms for achieving these goals.

 It help maximise protection against risks so that the security

of its information and systems is assured.

 The security policy drives policies determining acceptable

use of the firm’s information resources and which members

of the company have access to its information assets.
 COMPUTER SECURITY

Other ICT policies

 General use policy - guide users in the general accepted use

of ICT services within the organisation.

 Acceptable use policy (AUP)- Defines acceptable uses of

firm’s information resources and computing equipment

 Authorization policies- Determine differing levels of user

access to information assets

 Password policy - governs the use of usernames and

passwords by users of ICT facilities

 COMPUTER SECURITY

Disaster Recovery Planning and Business Continuity Planning

 Disaster recovery planning focus at devising plans for

restoration of disrupted services

 Business continuity planning: Focuses on restoring business

operations after disaster strikes

 Both types of plans identify the firm’s most critical systems

 Business impact analysis should be carried out to determine

impact of an outage

 Management must determine which systems are to be restored

first
MIS Audit

 Examines firm’s overall security environment as well as controls

governing individual information systems

 Reviews technologies, procedures, documentation, training, and

personnel.
 May even simulate disaster to test response of technology, IS staff,

other employees.
 Lists and ranks all control weaknesses and estimates probability of

their occurrence.
 Assesses financial and organizational impact of each threat

 Ethical hackers help determine efficiency of security controls in

place
 COMPUTER SECURITY

Identity management software

 automates the process of keeping track of all users and their

system privileges, assigning each user a unique digital identity for

accessing each system.

 It also includes tools for authenticating users, protecting user

identities, and controlling access to system resources.

 To gain access to a system, a user must be authorized and

authenticated. Authentication refers to the ability to know that a

person is who he or she claims to be.
 COMPUTER SECURITY

 Authentication is often established by using passwords known

only to authorized users.

 A token is a physical device, similar to an identification card, that

is designed to prove the identity of a single user. It contains a chip

formatted with access permission and other data.

 Biometric authentication uses systems that read and interpret

individual human traits, such as fingerprints, irises, and voices, in

order to grant or deny access.
 COMPUTER SECURITY

Firewalls

 Prevent unauthorized users from accessing private networks. A

firewall is a combination of hardware and software that controls the

flow of incoming and outgoing network traffic. There are a number of
firewall screening technologies:

 Packet filtering examines selected fields in the headers of data

packets flowing back and forth between the trusted network and the
Internet, examining individual packets in isolation.

 Stateful inspection provides additional security by determining

whether packets are part of an ongoing dialogue between a sender and

a receiver.
 COMPUTER SECURITY

Intrusion detection systems

 Feature full-time monitoring tools placed at the most vulnerable

points or “hot spots” of corporate networks to detect and deter

intruders continually.

 The system generates an alarm if it finds a suspicious or

anomalous event.

Antivirus and antispyware software:

 Checks computers for presence of malware and can often eliminate

it as well

 Require continual updating

 COMPUTER SECURITY

Encryption

 Encryption is the process of transforming plain text or data

into cipher text that cannot be read by anyone other than the
sender and the intended receiver.

 Data are encrypted by using a secret numerical code, called

an encryption key, that transforms plain data into cipher text.

 COMPUTER SECURITY

 Training and awareness for all enterprise stakeholders –

Board, Executives, Process Owners,..
 Frequency of penetration testing
 Evidence of review of penetration test results
 List of controls corrections taken after penetration testing
 Patch updates effectiveness review
Social and ethical issues in
Information Technology
 Ethics refers to the principles of right and wrong that individuals,

acting as free moral agents, use to make choices to guide their

behaviors (Laundon and Laundon,2012) .

 It has been described as the art and science that seeks to bring

sensitivity and methods to the discernment of moral values (Carbo,

2006).

 Information technology can be used to achieve social progress, but

it can also be used to commit crimes and threaten cherished social

values.
 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Five moral dimensions of the information age

1. Information rights and privacy in the internet age

 Privacy is the claim of individuals to be left alone, free from

surveillance or interference from other individuals or

organizations, including the state.

 What information rights do individuals and organizations

possess with respect to themselves

 European countries do not allow businesses to use personally

identifiable information without consumers’ prior consent.

 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Internet Challenges to Privacy

 Information sent over this vast network of networks may be

monitored, captured or stored before it reaches its final destination.

 Cookies-web browser software that track web activities

 Web beacons-tiny objects invisibly embedded in e-mail messages

and web pages that are designed to monitor the behaviour on the
web.

 Spyware -calls out to Web sites to send banner ads and other

unsolicited material to the user, and it can also report the user’s
movements on the Internet to other computers.
 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

2. Property rights and obligations.

 Information technology has made it difficult to protect

intellectual property because computerized information can be

so easily copied or distributed on networks.

Challenges to intellectual property rights

 Digital media different from physical media (e.g. books)

 Ease of replication

 Ease of transmission (networks, Internet)

 Difficulties in establishing uniqueness

 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

3. Accountability and control.

Who can and will be held accountable and liable for the harm
done to individual and collective information and property
rights?
 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

4. System quality.

 Flawless software is economically unfeasible. What is an

acceptable technologically, feasible level of system quality ?

Three principle sources of poor system performance are

(1) software bugs and errors

(2) hardware or facility failures caused by natural or other

causes

(3) poor input data quality.

 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

5. Quality of life.

Rapidity of Change: Reduced Response Time to Competition

 Information systems have reduced the normal social buffers

that permitted businesses many years to adjust to

competition.

 There is risk of developing a “just-in-time society” with

“just-in-time jobs” and “just-in-time” workplaces, families,

and vacations.
 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Maintaining Boundaries: Family, Work, and Leisure

 The danger to “do anything anywhere” computing

environment is the traditional boundaries that separate work

from family and just plain leisure have been weakened.

 The work umbrella now extends far beyond the eight-hour

day, infringing on family and personal time

 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Dependence and Vulnerability

 Today our businesses, governments, schools, and private

associations, such as churches are incredibly dependent on

information systems and are, therefore, highly vulnerable if
these systems fail.

 The absence of standards and the criticality of some system

applications will probably call forth demands for national

standards and perhaps regulatory oversight.
 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Computer Crime and Abuse

 New technologies, including computers, create new

opportunities for committing crimes by creating new

valuable items to steal, new way to steal them, and new ways
to harm others.

 Computer abuse is the commission of acts involving a

computer that may not be illegal but that are considered

unethical. E.g. Spam
 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Employment

 Reengineering work results in lost jobs

 One economist has raised the possibility that we will create a

society run by a small “high tech elite of corporate

professionals…in a nation of permanently unemployed”
(Rifkin, 1993).

 Careful planning and sensitivity to employee needs can help

companies redesign work to minimize job losses.

 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Equity and Access: digital divide

 Not everyone have access to computers or Internet access

even though computer ownership and Internet access have

soared in the past five years.

 Some schools have computers, high-quality educational

technology programs, or internet access availability for their

students.
 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Health Risks

 The most common occupational disease today is repetitive

stress injury (RSI)

 Computer vision syndrome (CVS) refers to any eyestrain

condition related to display screen use in desktop computers,

laptops, smart-phones, and hand-held video games. Its
symptoms, which are usually temporary, include headaches,
blurred vision, and dry and irritated eyes.
 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

Other ethical issues

 Use of mobile gadgets while driving

 Cyber bullying

 Piracy

 The rise in violent computer games

 Children accessing internet

 SOCIAL AND ETHICAL ISSUES IN INFORMATION TECHNOLOGY

To guide behavior organizations can make use of

 Acceptable use policy

 Copyrights laws

 Anti plagiarism software