Simon Text Book

1
Chapter 11
Information Resource Management Strategies
Introduction to Information Systems
Judith C. Simon
2
Chapter 11 Major Topics

• Management of hardware and software
• Management of data
• Management of human resources
• Management of procedures

3
Overview of Information Resource Management (IRM)

• Major purposes of information resource management
  (IRM) include
• assisting in making and executing appropriate
  strategic decisions related to information
  resources to achieve and maintain a competitive
  advantage
• managing all aspects of information systems - the
  technology, the people, and the procedures
• IRM is often coordinated by a top-level
  executive, such as a CIO, so that technologies
  are developed that fit and enhance the strategic
  plans of the organization.

4
Management of Hardware and Software

• Major concerns include
• asset management
• performance monitoring
• configuration management
• security

5
Asset Management

• Primarily concerned with managing the
  organizations hardware and software
• Software is available that can create and
  maintain an inventory of hardware and software
  (including version numbers)
• Can help with future purchases and limit the
  chances of software piracy

6
Performance Monitoring

• Used to monitor system workloads and thus provide
  a more uniform level of service to system users
• Also used to monitor network performance so that
  problem areas can be identified and adequate
  service provided

7
Configuration Management

• Involves management of the ways hardware and
  software are set up to work together as well as
  with other systems so that a change in one item
  will not cause unexpected problems with other
  parts of the system that might have been designed
  to work with the item being changed or deleted
• Configuration data typically includes names,
  versions or models, and uses of the hardware and
  software

8
Hardware and Software Security

• Involves the physical loss of the hardware and/or
  software programs (data security is discussed
  later)
• Hardware and software loss includes disappearance
  or destruction of any part of the equipment or
  programs
• Needed level of security must be decided
  security methods may include card access,
  biometric identifiers, passwords, etc.

9
Management of Data

• Major concerns include
• consistency
• security
• backup/recovery
• disaster recovery

10
Data Consistency

• Error-checking methods should be used to detect
  any errors or inconsistencies in data
• Results of monitoring of error-checking should be
  maintained for evaluation of resources

11
Data Security

• Primary concerns
• Access and control
• Virus protection
• Transmission protection

12
Access and Control

• Need to keep records of who is authorized to
  access each type of data file
• Files should be monitored, with reports
  indicating how many times a file is accessed, by
  whom, for how long, and for what purpose
• Employees should be trained in good security
  practices, such as changing passwords often, etc.
• Special procedures should be considered, such as
  multiple IDs or a call-back modem that only sends
  data to accepted phone numbers

13
Virus Protection

• Systems should be analyzed to determine which are
  vulnerable to viruses and which of those systems
  are most critical to the operation of the
  business
• Virus protection measures should be put into
  place as warranted e.g., an important
  distributed system should have a high level of
  protection
• Adequate employee procedures may reduce the
  likelihood of acquiring a virus, such as
  prohibiting use of disks that have not been
  checked for viruses

14
Transmission Protection

• Involves having controls to ensure that
  transmitted data is correct and secure during
  transmission to its destination
• Encryption software is available for transmission
  protection systems often use a combination of a
  public key and a private key for encoding and
  decoding the transmission

15
Routine Backup and Recovery

• Refers to procedures established for maintaining
  backup data in case of problems with any part of
  the daily computer operations and for recovery of
  the data if a problem does occur
• Backups should be performed at least once a week
• At least two people should know how to perform
  backup and recovery procedures
• At least one copy of important data should be
  kept offsite at all times

16
Disaster Recovery

• Refers to methods of recovering from a major
  disaster (e.g., hurricane, tornado, fire), which
  are different from routine backup/recovery
  methods
• System must be at a different site, often
  geographically distant from the site of interest

17
Typical Disaster Recovery Options

• Hot site similar computer system is available
  and ready to use immediately if needed for most
  important functions service is typically
  provided by a separate company
• Redundant system existence of a second system
  (mirrored system) at a different location system
  is usually maintained by the same organization
• Reciprocal agreement agreement among companies
  with similar environments to provide backup
  systems (unless disaster affects them, too)

18
Typical Disaster Recovery Options, continued

• Cold site basic shell that can be set up with
  everything when needed less expensive than hot
  site but not as readily available
• Service bureau provides short-term backup,
  usually for application-specific needs (less
  expensive but more limited provisions)

19
Management of Human Resources

• Major issues include
• End user application development
• Support systems for end-user computing
• Control systems for end-user computing

20
End User Application Development - Advantages

• May save time and expense compared with
  development by information systems professionals
• May reduce backlog of projects for systems
  development staff so they can concentrate on most
  critical projects for the organization
• May be more likely to meet end users needs

21
End User Application Development - Disadvantages

• May duplicate systems already in existence
  because of lack of knowledge of other
  departments systems
• May develop systems that are incompatible with
  other systems or that do not meet company
  standards
• May have to use trial and error, possibly
  producing an inferior or erroneous system
• May omit important systems development procedures
  useful in long term
• May result in need for additional management
  controls and coordination

22
Support Systems for End User Computing

• Decisions must be made as to the level of support
  needed, as well as whether to provide the
  services with internal personnel or with external
  personnel
• Widely used support systems
• Training
• Help desk systems

23
Training Considerations

• Length of training needed may vary with different
  end users
• Too many participants may reduce the chances for
  meeting individual needs
• Computer applications training should involve
  actual hands-on activities
• Multiple short sessions are more effective than
  the same total time in one session
• Evaluation should be included, both of the
  trainer and of the participants

24
Training Trends

• Use of simultaneous interactive video, involving
  videoconferencing equipment and computer
  networks, so trainees can be at various locations
  worldwide
• Use of Internet-based training, which allows
  training to be self-paced and available from any
  location with an Internet connection also allows
  for quick updates to course content

25
Help Desks and Related Assistance

• Allows end users to use phone or email to obtain
  assistance, depending on system in use
• Some companies have internal systems, some have
  external systems, some use a combination of both
• Software is available to assist with this activity

26
Typical Capabilities of Help Desk Software

• Automatic call distribution, so the appropriate
  person responds to an end user question
• Text retrieval system that can be searched
  quickly to provide assistance
• Call-tracking system, so records can be
  maintained concerning the types of calls and
  locations of problems

27
Typical Capabilities of Help Desk Software,
continued

• Multimedia support so that help desk personnel
  can view diagrams and other media that can assist
  them in answering end users questions
• Online solution database so end users can try to
  find answers without calling help desk

28
Control Systems for End User Computing

• End user control systems are used to reduce the
  potential waste of time and money by coordinating
  activities and to provide security to the
  systems. Specific types of controls involve
• identification of appropriate application
  development projects
• proper access and use of hardware and software,
  including productive use
• appropriate data access and use, with security
  equivalent to other systems

29
Management of Procedures

• In addition to controls already discussed, other
  major procedural issues include
• quality assessment, such as use of Malcolm
  Baldrige guidelines or ISO 9000 criteria
• cost allocations, keeping records to assist in
  using resources most effectively
• usage logs, which can assist in cost allocations
  and planning usage log software is also
  available for Internet/intranet operations