12.3 The costs and benefits of IS

Question 1

Cost benefit analysis (CBA) can be used to

Answer 1

• assess the expected costs and benefits of IS
• this evaluation should be done when org sees possibility for new IS to decide whether the potential benefits are sufficient to justify the costs
• The FF can assist the It function with this CBA

Question 2

The initial costs of a new IS are:

Answer 2

• Costs to design and develop system if software is bespoke
• Purchase price of software if it is not bespoke
• Purchase cost of new hardware
• Cost of testing and implementation of the new system
• Training costs

Question 3

The running costs of a new IS are:

Answer 3

• Cost of labour time to run the system
• Cost of materials, ie. replacement parts
• Cost of service support, ie IT helpdesk
• Other ongoing costs such as the cost of quality or security adherence / failure

Question 4

The benefits of a new IS include:

Answer 4

• Speed - in dealing with repetitive tasks
• Accuracy - should reduce the occurrence of human error and produce better info
• Volume - should be able to handle much larger volumes of data, 24 hours a day
• Complexity - they can generally handle a greater level of complexity than humans
• Collaboration - can be enabled across the org due to better access and sharing of real-time info
• Presentation - may display info in as user friendly way as possible
• Lower costs- all of the above benefits means they have become highly cost effective providers of good info

Question 5

More specifically the different costs and benefits of information systems include:

Answer 5

• Privacy and security
• Systems architecture
• Data flows
• Big data info management

Question 6

Privacy and security:

Answer 6

• The org must safeguard the privacy and security of data and also ensure complete and accurate processing of data
• there are different privacy and security risks as well as solutions to how these can be tackled
• each of the solutions will have an associated costs (ie. implement the solution) and benefit (ie. reduction of risk)

Question 7

Potential privacy and security threats:

Answer 7

• Natural disasters (fire / flood)
• Malfunction (hardware / software)
• Unauthorized access, usage, damage or theft
• Viruses (small program that spreads extensively and can affect whole system)
• Hackers (deliberate access to system by unauthorized persons)
• Human errors (unintentional errors)
• Human resource risk (injury to employees)

Question 8

Natural disasters potential solutions:

Answer 8

• Fire procedures
• Safe location from flooding
• Physical environment, ie. air conditioning / dust controls
• Back up procedures regularly to allow recovery
• Business continuity planning - to decide which system are critical for org to continue it’s activities

Question 9

Malfunction potential solutions:

Answer 9

• Network design - to cope with periods of high volume
• Back up procedures and business continuity planning

Question 10

Unauthorized access, usage, damage or theft potential solutions:

Answer 10

• Personnel controls (segregation of duties, hierarchy of access, GDPR)
• Access controls (passwords / time lock outs)
• Computer equipment controls - to protect from theft or destruction

Question 11

Viruses potential solutions:

Answer 11

• Anti virus software - should be run and updated regularly
• Formal security policy and procedures (only download or open attachments from trusted sources)
• Regular audits to check for unauthorized software

Question 12

Hackers potential solutions:

Answer 12

• Firewall software - to prevent unauthorised access to system from internet
• Passwords and user names - to limit unauthorised access to system
• User awareness training and a formal security policy to make employees aware of risks and how to avoid them
• Data encryption - data is scrambled prior and then returned to readable format after transmission

Question 13

Human errors potential solutions:

Answer 13

• Training - staff and having operating procedures
• Controls to ensure only valid data is input and all data is processed

Question 14

Human resource risk potential solutions:

Answer 14

• Ergonomic design of workstations should reduce RSI (repetitive strain injury)
• Anti glare screens reduce eye strain
• Cables should be in ducts (prevent tripping)

Question 15

Systems architecture

Answer 15

• Is the way the systems infrastructure is organised together to support the org functions and it’s overall goals

Question 16

The development of network technology

Answer 16

• has faciliated the transfer of info within bus
• org connect their computers together in
  
  • Local area networks (LANs) - which enables them to share data and devices
  • Wide area networks (WANs) - are used to connect LANs together, so that computer users in one location can communicate with those in another location

Question 17

There are two broad approaches to systems architecture:

Answer 17

• Centralised systems architecture is when the whole IT function or the entire IS is based in a single central location
• Decentralised systems architecture is when the IT function or IS is spread out throughout the org locations

Question 18

The benefits of a decentralised approach are:

Answer 18

• Better able to meet local needs
• Fewer staff relying on a single system
• Less reliant on the few key staff who plan, develop and run the systems
• Technology tends to be less complex making problems easier to diagnose
• Security breaches will have less impact
• Efficiencies since time is saved not having to collect info locally, process and collate it centrally and then feedback down to a local level

Question 19

The costs of a decentralised approach are:

Answer 19

• Higher costs due to duplication of equipment and effort
• Barriers to sharing data between different parts of the org
• Inconsistent data, ie. one version may be more up to date
• Loss of control at a central level may lead to common goals not being worked towards

Question 20

Data flow is the

Answer 20

• Movement of data through a process or system
• The benefit of having good data flows is understanding the potential value of data and it’s significance to an org presents an opportunity to gain unique insight which can be used to improve competitive position and potentially gain competitive advantage over rivals
• The costs of data flow include the upfront cost for a data flow diagram (model used to map out entire process of data movement) as well as cost of collecting, processing, output costs and storage of data

Question 21

Data flow includes:

Answer 21

• Data inputs - raw data
• Data processing - turning raw data into meaningful info
• Data outputs - good information produced for the user
• Data storage

Question 22

Big data information management benefits:

Answer 22

• Enhanced transparency
• Performance improvement
• Market segmentation and customisation
• Improved decision making
• Possible product innovation
• Effective risk management and control

Question 23

Big data information management costs:

Answer 23

• Cost of necessary hardware and software and the costs of constantly updating and maintaining it
• There may be technical difficulties with integrating existing data warehousing
• Incorrect data may lead to incorrect conclusions being made which can lead to poor and costly decisions being made
• The risk that valuable time is spent measuring relationships that have no org value
• The security of data is a major concern and if org lacks resources to manage data this increases risk of leaks and losses. Plus current laws and regulations must be complied with which will come at a cost.
• The nature of much of the data means there is a risk that it will become outdated and irrelevant quickly resulting in need to constantly monitor the database
• The availability of skills to use big data systems which are rapidly developing and support is not always easily and readily available