Types of Information System: TPS, DSS & Pyramid Diagram

A typical organization is divided into operational, middle, and upper level. The
information requirements for users at each level differ. Towards that end, there are
number of information systems that support each level in an organization.

● Pyramid Diagram of Organizational levels and information requirements

● Transaction Processing System (TPS)
● Management Information System (MIS)
● Decision Support System (DSS)
● Artificial intelligence techniques in business
● Online Analytical Processing (OLAP)

Pyramid Diagram of Organizational levels and information requirements

Understanding the various levels of an organization is essential to understand the

information required by the users who operate at their respective levels.

The following diagram illustrates the various levels of a typical organization.

Operational management level

The operational level is concerned with performing day to day business transactions of
the organization.
Examples of users at this level of management include cashiers at a point of sale, bank
tellers, nurses in a hospital, customer care staff, etc.

Users at this level use make structured decisions. This means that they have defined
rules that guides them while making decisions.

For example, if a store sells items on credit and they have a credit policy that has some
set limit on the borrowing. All the sales person needs to decide whether to give credit to
a customer or not is based on the current credit information from the system.

Tactical Management Level

This organization level is dominated by middle-level managers, heads of departments,

supervisors, etc. The users at this level usually oversee the activities of the users at the
operational management level.

Tactical users make semi-structured decisions. The decisions are partly based on set
guidelines and judgmental calls. As an example, a tactical manager can check the credit
limit and payments history of a customer and decide to make an exception to raise the
credit limit for a particular customer. The decision is partly structured in the sense that
the tactical manager has to use existing information to identify a payments history that
benefits the organization and an allowed increase percentage.

Strategic Management Level

This is the most senior level in an organization. The users at this level make
unstructured decisions. Senior level managers are concerned with the long-term
planning of the organization. They use information from tactical managers and external
data to guide them when making unstructured decisions.

Transaction Processing System (TPS)

Transaction processing systems are used to record day to day business transactions of
the organization. They are used by users at the operational management level. The
main objective of a transaction processing system is to answer routine questions such
as;

● How printers were sold today?

● How much inventory do we have at hand?
● What is the outstanding due for John Doe?

By recording the day to day business transactions, TPS system provides answers to the
above questions in a timely manner.

● The decisions made by operational managers are routine and highly structured.
 ● The information produced from the transaction processing system is very
detailed.

For example, banks that give out loans require that the company that a person works for
should have a memorandum of understanding (MoU) with the bank. If a person whose
employer has a MoU with the bank applies for a loan, all that the operational staff has to
do is verify the submitted documents. If they meet the requirements, then the loan
application documents are processed. If they do not meet the requirements, then the
client is advised to see tactical management staff to see the possibility of signing a
MoU.

Examples of transaction processing systems include;

● Point of Sale Systems – records daily sales

● Payroll systems – processing employees salary, loans management, etc.
● Stock Control systems – keeping track of inventory levels
● Airline booking systems – flights booking management

Management Information System (MIS)

Management Information Systems (MIS) are used by tactical managers to monitor the
organization's current performance status. The output from a transaction processing
system is used as input to a management information system.

The MIS system analyzes the input with routine algorithms i.e. aggregate, compare and
summarizes the results to produced reports that tactical managers use to monitor,
control and predict future performance.

For example, input from a point of sale system can be used to analyze trends of
products that are performing well and those that are not performing well. This
information can be used to make future inventory orders i.e. increasing orders for well-
performing products and reduce the orders of products that are not performing well.

Examples of management information systems include;

● Sales management systems – they get input from the point of sale system
● Budgeting systems – gives an overview of how much money is spent within the
organization for the short and long terms.
● Human resource management system – overall welfare of the employees, staff
turnover, etc.

Tactical managers are responsible for the semi-structured decision. MIS systems
provide the information needed to make the structured decision and based on the
experience of the tactical managers, they make judgement calls i.e. predict how much
of goods or inventory should be ordered for the second quarter based on the sales of
the first quarter.
Decision Support System (DSS)

Decision support systems are used by senior management to make non-routine

decisions. Decision support systems use input from internal systems (transaction
processing systems and management information systems) and external systems.

The main objective of decision support systems is to provide solutions to problems that
are unique and change frequently. Decision support systems answer questions such as;

● What would be the impact of employees' performance if we double the

production lot at the factory?
● What would happen to our sales if a new competitor entered the market?

Decision support systems use sophisticated mathematical models, and statistical

techniques (probability, predictive modeling, etc.) to provide solutions, and they are very
interactive.

Examples of decision support systems include;

● Financial planning systems – it enables managers to evaluate alternative ways

of achieving goals. The objective is to find the optimal way of achieving the goal.
For example, the net profit for a business is calculated using the formula Total
Sales less (Cost of Goods + Expenses). A financial planning system will enable
senior executives to ask what if questions and adjust the values for total sales,
the cost of goods, etc. to see the effect of the decision and on the net profit and
find the most optimal way.
● Bank loan management systems – it is used to verify the credit of the loan
applicant and predict the likelihood of the loan being recovered.

Artificial intelligence techniques in business

Artificial intelligence systems mimic human expertise to identify patterns in large data
sets. Companies such as Amazon, Facebook, and Google, etc. use artificial intelligence
techniques to identify data that is most relevant to you.

Let's use Facebook as an example, Facebook usually makes very accurate predictions
of people that you might know or went with to school. They use the data that you
provide to them, the data that your friends provide and based on this information make
predictions of people that you might know.

Amazon uses artificial intelligence techniques too to suggest products that you should
buy also based on what you are currently getting.
Google also uses artificial intelligence to give you the most relevant search results
based on your interactions with Google and your location.

These techniques have greatly contributed in making these companies very successful
because they are able to provide value to their customers.

Online Analytical Processing (OLAP)

Online analytical processing (OLAP) is used to query and analyze multi-dimensional

data and produce information that can be viewed in different ways using multiple
dimensions.

Let's say a company sells laptops, desktops, and Mobile device. They have four (4)
branches A, B, C and D. OLAP can be used to view the total sales of each product in all
regions and compare the actual sales with the projected sales.

Each piece of information such as product, number of sales, sales value represents a
different dimension

The main objective of OLAP systems is to provide answers to ad hoc queries within the
shortest possible time regardless of the size of the datasets being used.

MIS Development Process with SDLC & Agile

The software is one of the major components of a management information system.

Some of the software used in a MIS system is off the shelf. These include packages
such as spreadsheet programs, database applications, etc.

However, they are times when off the shelf, software does not meet the business
requirements. The solution to this problem is custom made software.

This tutorial will focus on the methodologies used to develop custom software.

In this tutorial, you will learn-

● Information Systems Development Stakeholder

● MIS Systems Analysis and Design
● MIS Object oriented analysis and design
● MIS Systems Development Life Cycle (SDLC)
● Waterfall Model
● Agile Development
● Prototyping

Information Systems Development Stakeholder

A typical information systems development usually has three (3) stakeholders namely;

Testing

● Users – Users are the ones who use the system after it has been developed to
perform their day to day tasks.
● Project sponsors - this category of the stakeholders is responsible for the
financial aspect of the project and ensuring that the project is completed.
● Developers – this category is usually made up of systems analysts and
programmers. The system analysts are responsible for collecting the user
requirements and writing system requirements.

The programmers develop the required system based on the system

requirements that is developed by the system analysts.

The most important stakeholders in a project are users. For a project to be accepted as
being completed, the users must accept it and use it. If the users do not accept the
system, then the project is a failure.

MIS Systems Analysis and Design

Systems analysis and design refers to two closely related disciplines system

analysis and system design.

● System analysis is concerned with understanding the business objectives, goals

and developing business processes. The end product of systems analysis is
systems specifications.
● System design uses the output from system analysis as its input. The main
objective of system design is to interpret the system requirements into
architectural, logical and physical designs of how the information system to be
implemented.

MIS Object oriented analysis and design

Object-oriented analysis and design (OOAD) is closely related to systems analysis and
design. The main difference between object-oriented analysis and design (OOAD) and
systems analysis and design is that OOAD uses objects to represent real-world entities.

Object oriented analysis and design uses visual modeling to improve communication
among all stakeholders and produce high-quality products.
An object is a representation of a real-world entity such as a customer, a product, an
employee, etc. Unified Modeling Language (UML) is a general-purpose language used
to create visual designs for a system.

The following image shows a sample UML diagram that shows users interacting with a
point of sale system

MIS Systems Development Life Cycle (SDLC)

The system development life cycle refers to the processing of planning, creating,
testing, and deploying an information system. The main objective of system
development life cycle is to produce high-quality information systems that meet or
exceed the expectations of the users within the stipulated budget and time frame.

SDLC uses a number of development methodologies to achieve this objective. The next
sections will discuss some of the most popular development methodologies.

Waterfall Model

The waterfall model uses a sequential design model. The next stage starts only after the
completion of the previous stage. The first stage is usually drawn on the top and the
subsequent stages below and to the left bottom. This forms a waterfall like structure,
and it's where the name came from.
The main objective of the waterfall model is

● Planning
● Time scheduling
● Budgeting and
● Implementing an entire system at once

The waterfall model is ideal when the user requirements are clearly understood and are
not expected to change radically during the development of the information system. The
waterfall model is ideal in situations where a project has a fixed-scope, fixed time frame,
and fixed price.

The biggest challenge of the waterfall model is adoption to change. It is not easy to
incorporate new user requirements.

Agile Development

Agile development is an alternative methodology to traditional project management

which promotes adaptive planning, evolutionary development, early delivery, continuous
improvement, and encourages rapid and flexible response to change.

A sprint in agile terms is a well-defined task to be accomplished within a given time.

Sprint goals and durations are set by the customers and development team. All
stakeholders must meet in person to get the feedback on the sprint before they can
move on to the next sprint if any.

Agile methodologies usually follow the agile manifesto. The agile manifesto is based on
the following twelve (12) principles

1. Customer satisfaction through early and continues delivery of software

2. Welcoming changes in requirements any time of the project
3. Frequent releases of working software usually on a weekly basis
4. Collaboration between business people and developers when working on a
project
5. Projects built around motivated and trusted individuals
6. Efficient and effective Face-to-face meetings
7. Progress is measured based on working software
8. Sustainable development, sponsors, users, and developers should be able to
maintain a constant pace indefinitely
9. Continuous attention to technical excellence and good design enhances agility.
10. Simplicity
11. Self-organizing teams
12. At regular intervals, the team reflects on how to become more effective, then
tunes and adjusts its behavior accordingly.
The following diagram illustrates how agile development methodologies are
implemented.

Prototyping

A prototype is a semi-functional simulation model of the actual system to be developed.

Prototyping development methodologies make use of prototypes. Prototypes allow both
developers and users to get feedback early.

Prototyping makes it easy for users to specify their requirements and developers
understanding the requirements of the users because of the prototypes. A prototyping
methodology stands with identifying the basics system requirements especially the input
and output from the system. These requirements are then used to create a simulation
model that users can interact with and provide feedback. The user feedback is used to
enhance the prototype and make other important decisions such as project costing and
feasible time schedules.
The following diagram illustrate the stages of prototyping

Ethical & Security Issues in Information System

Information systems have made many businesses successful today. Some companies
such as Google, Facebook, EBay, etc. would not exist without information technology.
However, improper use of information technology can create problems for the
organization and employees.

Criminals gaining access to credit card information can lead to financial loss to the
owners of the cards or financial institute. Using organization information systems i.e.
posting inappropriate content on Facebook or Twitter using a company account can
lead to lawsuits and loss of business.

This tutorial will address such challenges that are posed by information systems and
what can be done to minimize or eliminate the risks.

In this tutorial, you will learn –

● Cyber-crime
● Information system Security
● Information system Ethics
● Information Communication Technology (ICT) policy

Cyber-crime

Cyber-crime refers to the use of information technology to commit crimes. Cyber-crimes

can range from simply annoying computer users to huge financial losses and even the
loss of human life. The growth of smartphones and other high-end Mobile devices that
have access to the internet have also contributed to the growth of cyber-crime.
Seven Testing Principles Software Testing

Types of cyber-crime

Identity theft

Identity theft occurs when a cyber-criminal impersonates someone else identity to

practice malfunction. This is usually done by accessing personal details of someone
else. The details used in such crimes include social security numbers, date of birth,
credit and debit card numbers, passport numbers, etc.
Once the information has been acquired by the cyber-criminal, it can be used to make
purchases online while impersonating himself to be someone else. One of the ways that
cyber-criminals use to obtain such personal details is phishing. Phishing involves
creating fake websites that look like legitimate business websites or emails.

For example, an email that appears to come from YAHOO may ask the user to confirm
their personal details including contact numbers and email password. If the user falls for
the trick and updates the details and provides the password, the attacker will have
access to personal details and the email of the victim.

If the victim uses services such as PayPal, then the attacker can use the account to
make purchases online or transfer funds.

Other phishing techniques involve the use of fake Wi-Fi hotspots that look like legitimate
ones. This is common in public places such as restaurants and airports. If an
unsuspecting user logons into the network, then cyber-crimes may try to gain access to
sensitive information such as usernames, passwords, credit card numbers, etc.

According to the US Department of Justice, a former state department employee used

email phishing to gain access to email and social media accounts of hundreds of
women and accessed explicit photos. He was able to use the photos to extort the
women and threatened to make the photos public if they did not give in to his demands.

Copyright infringement

Piracy is one of the biggest problems with digital products. Websites such as the pirate
bay are used to distribute copyrighted materials such as audio, video, software, etc.
Copyright infringement refers to the unauthorized use of copyrighted materials.

Fast internet access and reducing costs of storage have also contributed to the growth
of copyright infringement crimes.

Click fraud

Advertising companies such as Google AdSense offer pay per click advertising
services. Click fraud occurs when a person clicks such a link with no intention of
knowing more about the click but to make more money. This can also be accomplished
by using automated software that makes the clicks.

Advance Fee Fraud

An email is sent to the target victim that promises them a lot of money in favor of
helping them to claim their inheritance money.

In such cases, the criminal usually pretends to be a close relative of a very rich well-
known person who died. He/she claims to have inherited the wealth of the late rich
person and needs help to claim the inheritance. He/she will ask for financial assistance
and promise to reward later. If the victim sends the money to the scammer, the
scammer vanishes and the victim loses the money.

Hacking

Hacking is used to by-pass security controls to gain unauthorized access to a system.

Once the attacker has gained access to the system, they can do whatever they want.
Some of the common activities done when system is hacked are;

● Install programs that allow the attackers to spy on the user or control their system
remotely
● Deface websites
● Steal sensitive information. This can be done using techniques such
as SQL Injection, exploiting vulnerabilities in the database software to gain
access, social engineering techniques that trick users into submitting ids and
passwords, etc.

Computer virus

Viruses are unauthorized programs that can annoy users, steal sensitive data or be
used to control equipment that is controlled by computers.

Information system Security

MIS security refers to measures put in place to protect information system resources
from unauthorized access or being compromised. Security vulnerabilities are
weaknesses in a computer system, software, or hardware that can be exploited by the
attacker to gain unauthorized access or compromise a system.

People as part of the information system components can also be exploited using social
engineering techniques. The goal of social engineering is to gain the trust of the users
of the system.

Let's now look at some of the threats that information system face and what can be
done to eliminate or minimize the damage if the threat were to materialize.
Computer viruses – these are malicious programs as described in the above section.
The threats posed by viruses can be eliminated or the impact minimized by using Anti-
Virus software and following laid down security best practices of an organization.

Unauthorized access – the standard convention is to use a combination of a username

and a password. Hackers have learnt how to circumvent these controls if the user does
not follow security best practices. Most organizations have added the use of mobile
devices such as phones to provide an extra layer of security.

Let's take Gmail as an example, if Google is suspicious of the login on an account, they
will ask the person about to login to confirm their identity using their android powered
mobile devices or send an SMS with a PIN number which should supplement the
username and password.

If the company does not have enough resources to implement extra security like
Google, they can use other techniques. These techniques can include asking questions
to users during signup such as what town they grew up in, the name of their first pet,
etc. If the person provides accurate answers to these question, access is granted into
the system.
Data loss – if the data center caught fire or was flooded, the hardware with the data can
be damaged, and the data on it will be lost. As a standard security best practice, most
organizations keep backups of the data at remote places. The backups are made
periodically and are usually put in more than one remote area.

Biometric Identification – this is now becoming very common especially with mobile
devices such as smartphones. The phone can record the user fingerprint and use it for
authentication purposes. This makes it harder for attackers to gain unauthorized access
to the mobile device. Such technology can also be used to stop unauthorized people
from getting access to your devices.

Information system Ethics

Ethics refers to rules of right and wrong that people use to make choices to guide their
behaviors. Ethics in MIS seek to protect and safeguard individuals and society by using
information systems responsibly. Most professions usually have defined a code of
ethics or code of conduct guidelines that all professionals affiliated with the profession
must adhere to.

In a nutshell, a code of ethics makes individuals acting on their free will responsible and
accountable for their actions. An example of a Code of Ethics for MIS professionals can
be found on the British Computer Society (BCS) website.

● ll users involved in using ICT and MIS