Documente Academic
Documente Profesional
Documente Cultură
Information System
Are sets of formal procedures by which data are collected, processed into
information, and distributed to users.
Transaction
A transactions is an event that affects or is of interest to the organization and it’s
processed by its information system as a unit of work.
Financial Transaction
A financial transaction is an economic event that affects the assets and equities of
the organization, is reflected in its accounts, and measured in monetary terms.
Nonfinancial Transaction
Nonfinancial transactions are events that do not meet the narrow definition of a
financial transaction.
1|Page
1.1 Review of Manual Accounting
Manual accounting uses several paper ledgers and journals where accountants record
financial information. The general ledger includes miscellaneous transactions and the aggregate
balance of all subsidiary ledgers and journals. Computerized accounting uses software programs
designed from traditional manual accounting systems. It involves the use of computers,
spreadsheets and programs designed to record and report financial information electronically.
A sole proprietor who simply wants to do her own books and develop a working
understanding of her company's financial activities may not need a double-entry program
that transfers debits and credits between theoretical accounts such as equity and accounts
payable.
Usability
Manual accounting systems are more durable than computer systems, because
they exist as hard copies rather than digital files that can be wiped out by a computer
mishap. However, paper files can also be destroyed as well by fires or floods, and they
are easier to misplace. In addition, a digital accounting format gives you the opportunity
to back up files by making multiple copies. It takes much longer to photocopy or
manually copy a spreadsheet than to save a computer file on a thumb drive or cloud.
Transparency
2|Page
Computer files can be modified simply by adding and deleting data. The numbers
on the screen show no trace of these changes unless you dig deeper and uncover the date
a file was last modified. In contrast, manual accounting systems show evidence of having
been changed. If you work in pencil, then erasures are obvious, and if you work in pen
you must cross out old entries to make new ones. The difficulty of hiding changes makes
it easier to tell when you have changed a manual accounting system and facilitates
transparency.
Speed
3|Page
and trial balance and financial statements manually compiled. If errors
occurred, many hours had to be spent trying to find and correct them. With
accounting software, this problem is eliminated. In the case of accounting
spreadsheets, adding simple formulas still may be needed, but it is an
easier and more accurate process.
Costs
4|Page
There are 3 Basic Functions of AIS
5|Page
• Normalization
– Storing data where it uniquely belongs, there are seven normal forms,
AIS tries to achieve the Third Normal form
• Dynasets
– The results of a query, looks like a Table but only exists in memory
• Keys
– The “string” that ties together all the data
– Primary Key: An attribute (field) that uniquely identifies each row in
a table
– Foreign Key: An attribute (field) in one table that matches the primary
key field in another table
For many companies the use of information technology starts with the purchase
of hardware such as mainframes, PCs and networks. The use of IT is based on the
opportunities of technology. Companies often find it hard to indicate to what extent
the specific resources and systems contribute to their business and their market
position. In such a case, IT is, above all, regarded as an item of expense.
On the other hand more and more organizations have become aware of the
possibilities offered by IT to achieve competitive advantage.
Strategic use of IT requires, first of all, a distinct business strategy that indicates
what the organization is aiming at in terms of customers, suppliers, competitors,
shareholders and authorities, and what role IT is playing in all this.
On the basis of the business strategy, the specific use of IT can be established, in
terms of an architecture and an infrastructure. As a result, a company is able to
indicate where and how IT supports the business and the market position. If IT is
applied in this way, it will not only be an item of expense, but also a production
factor which is integrated into the strategic planning of a company.
6|Page
Traditionally, enterprises require financial or non-financial reporting based on
quarterly and annual periods. Yet, the rapid change that occurs on market and society
causes this periodic reporting to become quickly outdated.
Organizational structure provides the guidelines for the system of reporting that
drives an organization, dividing it into areas or departments that are responsible for certain
aspects of the organization's purpose; it shows the relationships between areas and
individuals needed to achieve more efficient operations while attaining the goals of the
organization.
Structure
The structure clarifies the areas of responsibility and the individuals that
will work together. This allows for effective communication, decision making and
sharing helpful information within departments.
Organizational Climate
Motivation
7|Page
By grouping people within their specific areas of expertise, it encourages
teamwork and high levels of performance.
Upward Mobility
One method of organization is to set up departments covering the four main areas
of business activity:
• Finance
• Human Resources
• Marketing
• Operations
Synonyms
Any Enterprise must necessarily maintain a lot of data about its operation. This is
its "Operational Data".
Organization Probably
8|Page
Hospital Patient Data
A transaction is any event that passes the ACID test in which data is generated or
modified before storage in an information system
Rapid Processing
Reliability
9|Page
within tolerance levels.
Standardization
Controlled Access
Since TPS systems can be such a powerful business tool, access must be
restricted to only those employees who require their use. Restricted access
to the system ensures that employees who lack the skills and ability to
control it cannot influence the transaction process.
Atomicity
Consistency
TPS systems exist within a set of operating rules (or integrity constraints).
If an integrity constraint states that all transactions in a database must have
a positive value, any transaction with a negative value would be refused.
Isolation
Durability
These four conditions ensure that TPS systems carry out their transactions
10 | P a g e
in a methodical, standardized and reliable manner.
Types of Transactions
Batch Processing
Examples of batch processing include credit card transactions, for which the
transactions are processed monthly rather than in real time. Credit card
transactions need only be processed once a month in order to produce a statement
for the customer, so batch processing saves IT resources from having to process
each transaction individually.
In many circumstances the primary factor is speed. For example, when a bank
customer withdraws a sum of money from his or her account it is vital that the
transaction be processed and the account balance updated as soon as possible,
allowing both the bank and customer to keep track of funds.
11 | P a g e
4.1.1 Databases/Database Management Systems
Data fields – is the smallest unit of data.
Data – is consist of facts and figures that are relatively meaningless to the users. When
data is processed, it can be converted into information.
A database is not generally portable across different DBMS, but different DBMSs
can inter-operate by using standards such as SQL and ODBC or JDBC to allow a single
application to work with more than one database.
12 | P a g e
Hardware and Software Integration
System Partitioning
13 | P a g e
An alternate and emerging view of organizational design considers
a framework that is useful for both new organizations as well as existing
organizations in need of a redesign. The ability to effectively assess internal
and external factors that may hinder long-term organizational success
requires a comprehensive view of factors found by Triplett (2007) to be
critical and, perhaps, one that is the multi-use theory that works across
cultures and industry and minimizes the burden that organizational design
should be specialized:
• Goal achievement
• Strategic planning
• Organizational design
• Leadership
• Control
• Knowledge Management
• The learning organization
• Diversity
• Conflict
• Technology, structure, change, and the environment
• Ethics
• Research methodologies in organizational behavior and design
DBMSs come in many shapes and sizes. For a few hundred dollars,
you can purchase a DBMS for your desktop computer. For larger computer
systems, much more expensive DBMSs are required. Many mainframe-
based DBMSs are leased by organizations. DBMSs of this scale are highly
sophisticated and would be extremely expensive to develop from scratch.
Therefore, it is cheaper for an organization to lease such a DBMS program
than to develop it. Since there are a variety of DBMSs available, you should
know some of the basic features, as well as strengths and weaknesses, of
the major types.
14 | P a g e
Hierarchical Databases (DBMS), commonly used on
mainframe computers, have been around for a long time. It is one of
the oldest methods of organizing and storing data, and it is still used
by some organizations for making travel reservations. A hierarchical
database is organized in pyramid fashion, like the branches of a tree
extending downwards. Related fields or records are grouped
together so that there are higher-level records and lower-level
records, just like the parents in a family tree sit above the
subordinated children.
15 | P a g e
Network databases are similar to hierarchical databases by
also having a hierarchical structure. There are a few key differences,
however. Instead of looking like an upside-down tree, a network
database looks more like a cobweb or interconnected network of
records. In network databases, children are called members and
parents are called owners. The most important difference is that
each child or member can have more than one parent (or owner).
16 | P a g e
In relational databases, the relationship between data files
is relational, not hierarchical. Hierarchical and network databases
require the user to pass down through a hierarchy in order to access
needed data. Relational databases connect data in different files by
using common data elements or a key field. Data in relational
databases is stored in different tables, each having a key field that
uniquely identifies each row. Relational databases are more flexible
than either the hierarchical or network database structures. In
relational databases, tables or files filled with data are called
relations, tuples designates a row or record, and columns are
referred to as attributes or fields.
17 | P a g e
database is that searching for data can take more time than if other
methods are used.
The oldest of these, and the best known, is the waterfall: a sequence of stages in
which the output of each stage becomes the input for the next. These stages can be
characterized and divided up in different ways, including the following:
18 | P a g e
Project planning, feasibility study: Establishes a high-level view of the intended
project and determines its goals.
Systems analysis, requirements definition: Refines project goals into defined
functions and operation of the intended application. Analyzes end-user information
needs.
Systems design: Describes desired features and operations in detail, including
screen layouts, business rules, process diagrams, pseudo code and other
documentation.
Implementation: The real code is written here.
Integration and testing: Brings all the pieces together into a special testing
environment, then checks for errors, bugs and interoperability.
Acceptance, installation, deployment: The final stage of initial development,
where the software is put into production and runs actual business.
Maintenance: What happens during the rest of the software's life: changes,
correction, additions, and moves to a different computing platform and more? This,
the least glamorous and perhaps most important step of all, goes on seemingly
forever.
The image below is the classic Waterfall model methodology, which is the first
SDLC method and it describes the various phases involved in development.
19 | P a g e
An intranet is a computer network that uses Internet Protocol technology
to share information, operational systems, or computing services within an
organization. The term is used in contrast to internet, a network between
organizations, and instead refers to a network within an organization. Sometimes,
the term refers only to the organization's internal website, but may be a more
extensive part of the organization's information technology infrastructure, and may
be composed of multiple local area networks. The objective is to organize each
individual's desktop with minimal cost, time and effort to be more productive, cost
efficient, timely, and competitive.
Types of risks
Intranet risks
20 | P a g e
more than $ 1 million. Total losses from insider trade secret theft
have been estimated to exceed $24 billion per year.
Privileged Employees
Reluctance to Prosecute
Internet Risk
Risk to consumer
Theft of Passwords
Customer Privacy
Cookies are files containing user information that are created by the
Web server of the site being visited. The cookies are then stored on the
21 | P a g e
visitor’s computer hard drive. They contain URLs of visited sites. When the
site is revisited, the user’s browser sends the specific cookies to the Web
server.
IP Spoofing
Smurf Attack
22 | P a g e
A DDos attack may take the form of SYN flood or smurf attack. The
perpetrator of a DDos attack may employ a virtual army of so-called zombie
or bot (robot) computer to launch the attack. Thousands of individual attack
computer are harder to track down and turn off.
A virus or script like this can enter a victim computer either through
email, by downloading infected software from the Internet, or by using
infected media such as floppy disks or CD-ROMs. With the wide use of
email, malicious viruses and scripts have the capability to reach almost
anyone who is connected to the Internet.
Trojan Horses
Worms
23 | P a g e
but they generally cause most of their damage by tying up the network,
using up valuable memory and wasting valuable processing time.
Internet security can be defined as the protection of data from theft, loss or
unauthorized access, use or modification. With the constantly evolving
nature of the Internet, it is vital that users continuously protect themselves
and their information. This issue is so important that many large firms
employ full-time security experts or analysts to maintain network security.
However, few, if any, home and small business owners can afford that
luxury. Therefore it is up to small-office users to take these issues into their
own hands.
Any time a large attack is reported in the media, there is a great deal of
speculation about who perpetrated the attack and why. By now, most people have
heard the term hacker bandied about by the media. Often attacks are blamed on
these so-called hackers. Who or what are hackers? What role do they play in
Internet security and what motivates them to do what they do?
Hackers
24 | P a g e
Crackers
Script Kiddies
Increased Usage
Always-On Connections
25 | P a g e
Internet is an open two-way channel information goes in and out of the
system unimpeded. As long an unprotected connection is maintained, it
serves as a point of entry for potential intruders to enter or attack the system.
Insecure Technology
Another factor that has increased the risk of intrusion for Internet
users is the tremendous rate of technological change. The pace of
technological development has never been faster, and the world is trying
frantically to catch up with it. Software developers strive to make their
programs more user-friendly, often sacrificing security or reliability. Many
commercial software packages that are released to market contain inherent
flaws that may be exploited by attackers. This puts the end user at risk not
only is the technology potentially vulnerable, but users are often unaware
of how they may be at risk.
Lack of Education
One of the biggest security concerns that a small business may face
today is a lack of information about the threats that exist on the Internet.
This doesn’t mean that people don’t care, or aren’t concerned, but in today’s
world of doing business at light-speed, managers do not have the time or
resources to stay on top of the latest developments in information security.
For smaller enterprises, employing someone full-time to maintain system
security is rarely an option - security professionals don’t come cheap, even
when contracted temporarily. Furthermore, most small business operators
are sufficiently busy tackling the traditional challenges of establishing and
running their own business without trying to ensure the security of their
computer networks. As a result, information security can be an afterthought
for many small and home office users.
Port Scanning
26 | P a g e
Port scanning is a way for potential attackers to identify whether or
not a computer is vulnerable to attack. In simple terms, a port is an opening
on a computer through which information enters and exits. A computer uses
a different port to communicate with other computers for each Internet
application, such as HTTP (aka the World Wide Web), which typically uses
port 80. Port scanning checks a range of Internet addresses to identify
machines that respond to a connection request. Responding to a
communication request indicates that a port is open. A port scan would
reveal this potential victim to the attacker, and add it to a list of potential
targets that the attacker could use later on.
What is at Stake?
27 | P a g e
defaced, destroyed or removed and replaced with web graffiti, a tag or
image representing the cracker or a cracker group or affiliation. If the
computer is used for illegal activities, such as denial of service attacks, the
owner of the victim computer may be held legally responsible.
The situation isn't entirely hopeless, however. There are many things
that businesses can do to protect themselves and their assets. Knowledge is
a key component in addressing this problem. Knowing what the risks are,
how your business is vulnerable and how attacks could potentially affect
your business is paramount in maintaining security. You don’t have to be a
security expert to recognize the damage that you could incur should your
company fall victim to the efforts of a malicious attacker. By understanding
the problem, you empower yourself to protect yourself and your company
to deal with any security issues as they arise.
Transaction Authorization
Segregation of Duties
28 | P a g e
Supervisions
Accounting Records
Risk is mitigated by improved data entry accuracy through the use of default
values, cross-checking, and specified user views of data.
Independent Verification
Access Control
The key requirement for all software projects –is reliability. Clients
obviously want their projects to work accurately, to be done on time, and
economically, but reliability is always the prime requirement, and the hardest to
achieve.
Designing for reliability also makes the overall project easier to manage,
and reduces the risk of cost and time overruns, and of functional errors.
29 | P a g e
So, the fundamental challenge facing all software architects, though only
good architects realize this, is how to solve complexity. Solving any given technical
issues simply by applying effort, money, resources. But even the most well-funded
projects collapse under their own weight if is badly designed. People confuse
complexity for value, simplicity for naivety, when the truth is opposite. It is hard to
build simple systems, easy to make complex ones.
General Principles
Several classic scenarios where no architect is put in charge of the overall design:
1. There may be no clear business owner of the overall system, so no-one is willing
or able to nominate an architect and take responsibility for the global quality.
2. Competition between vendors can prevent a single person acting as architect.
3. There may be no competent architect available at all.
4. It may not be obvious to the business that there is an architecture issue.
The term “software engineer” suggests that software is a material like steel or
carbon fiber. In fact writing software is a lot more like cooking, designing clothes, or
classic architecture of homes and offices. People have limitations, make mistakes, and
need help in certain ways. This applies as much to those making the software as those
using it.
A good architect starts by cutting large problems into smaller pieces, like a
diamond cutter breaks a large stone into smaller pieces. Personal and collective
experience guides the knife.
Pieces need to fit people. Ultimately, architecture is about fitting the problem to
people. If a problem fits neatly to one developer or one small team, it has a good
size. If a problem can only be solved by collaborating teams, it's badly sized.
Interfaces define the fracture points. It's best to slice at the point where the interface
is simplest. The interface will become a contract between individual developers, or
teams. The simplest contract is the best one.
30 | P a g e
Every problem can be deconstructed. If an architect cannot break a large problem
into pieces, he or she is not competent. Sometimes lateral thinking is needed. But
we have never seen large problems that could not be divided up.
The architecture is a contract. It must be clear enough to create boundaries, between
teams and layers that cannot and never need to be crossed except through agreed
interfaces.
Decouple the change process. The architecture should package change into clean
boxes so that the overall system can be both stable and dynamic.
Every interface is a contract between two parties (or rather, two categories
of party) and must be formalized as far as reasonable. Typically we formalize some
or all these aspects of an interface:
Risk is always relative, and one reason organization pay skilled people to help
in design architectures are that they should be able to eliminate risk. There is a classic
set of risks that face all non-trivial software projects, and each can be eliminated
through careful architectural choices:
31 | P a g e
The risk of human error. Assuming people make mistakes, and designing our
processes to catch those (rather than demanding that people be perfect).
The risk of design failure. Designing progressively, especially in new areas
where we also need to learn. Sometimes we deliberately discard designs and
start afresh.
The risk of budget or schedule overruns. Working minimalistic ally, never
implementing any functionality that is not needed.
The risk of badly implemented components. Make sure every component is
fully testable before it is plugged into the architecture.
Reliable software does take longer to develop but is much cheaper to maintain.
Eliminate Dependencies
The key view here is the difference between “dependency” and “interface”.
If two components need to communicate, they do this via a formal interface that
can be documented and that allows each component to be tested in vitro.
32 | P a g e