| Back to Home |
| ICT1 |
| ICT2 |
| ICT3 -Excel Project |
| ICT4 |
| ICT5 |
| ICT6 - Access Project |
| Contact |
| Testimonials |
|
ICT Module 1 Revision Guide
|
DUIC, BURY AS ICT MODULE 1 REVISION NOTES These revision notes are based on the past examination papers for the last 6 years. They include the answers to all the questions in the following exam papers: June: 2005, 2004, 2003, 2002, 2001, 2000 January: 2006, 2005, 2004, 2003, 2002 As of December 2006, the June 2006 mark scheme has not yet been released by AQA. Also, I don't have a copy of the January 2001 and January 2000 mark schemes. If you have an electronic copy, please send it to me and I will add it to the notes. If you have a paper copy, please scan it, and email it to me. My email address is abdulhaf at hotmail doc com · General notes - each question is about one section of the specification - 1.1, 1.2, 1.3 etc. if you can work out which section it is, you'll know what to write. Very rarely does a question spill over to cover 2 sections. · Do not use tippex. · Go over your answers once you've finished · Don't give over-generalised examples - keep them specific to ICT · If the question asks for an example, give an example · If the question asks for an explanation & an example, give both, not just one. · The use of brand names - Excel, Access, Word - does not gain credit. · If you don't know the meaning a word, LOOK IT UP. Use a dictionary, or go to Dictionary.com, onelook.com, or in google type in define: anyword to find the meaning of the word. Do not guess. Find out. Table of contents 10.1 Knowledge, Information and Data Definition of Data, Information and Knowledge Definitions of input, processing and output An example of input process output in the context of an invoicing system Items of data that need to be input to a payroll program each week for each employee two items of data that would be stored for use every time a payroll program is executed Two possible documents output on paper from the payroll program 10.2 Value and Importance of Information Causes of incorrect output produced by computer systems Definition of GIGO - garbage in, garbage out Characteristics of good quality data Characteristics that give information value and importance · Relevant for a particular use Advantage of purchasing a mailing list compared to making your own Disadvantage of using an outdated, 5 year old mailing list What must a company do if it wants to sell the personal data it has why is it so important to have the 'date produced' on a report? Why will the age of the data used to produce graphs included in a report, be important 10.4 Capabilities and Limitations of ICT Uses of ICT and benefits of ICT to a newspaper firm, supermarket, travel company and the Police Advantages to a bank of providing ATMs Advantages to a customer of using ATMs The things a bank can do with records of transactions that it keeps The things a customer can do with records of transactions/bank statements that a bank provides Limitations of hardware, software, communications and data control mechanisms 10.5 The Social Impact of Information and Communication Technology Effects of ICT on Organisations Functions of an email package and how they improve the effectiveness of email usage Definition of videoconferencing Advantages of videoconferencing Disadvantages of videoconferencing Benefits that ICT can offer an organisation Data that are entered into the EPOS system information that are produced by the EPOS system What use is the daily sales summary report for the store manager. advantages to a learner of following an on-line course Disadvantages to a learner of following an on-line course advantages to the course organisers, at the college, of providing a course on-line. 16 advantage for the supermarket's customers of the store using an automatic stock control system. 10.6 Role of Communication Systems Factors to consider when deciding on a domain name for a website Actions to take in order to make a domain name your own Different ways that a company could make use of the internet to benefit its business: Definition of carbon copy (CC) in emails: Definition of the email feature 'attach' The block of text that appears at the bottom of an email Why complete email addresses do not appear in the address bar of an email Benefits to an organisation of using email Limitations to an organisation of using email/disadvantages of using email for a business Why people are worried about buying goods online using their credit cards Measures a company can take to help give customers confidence in using their on-line facilities. Advantages to a company of selling goods online Advantages to the customer of using an on-line store rather than a high street shop Disadvantages to the customer of using the on-line store rather than a high street shop How a reporter/student/someone researching can access websites Information about website sources that have to be given in a school report The internet for students and universities Advantages to the university of providing free internet access Disadvantages to the students of using the Internet for study Ways in which a company can use a webcam devices that can be used to access internet services Why can you send emails even when the recipients computer is switched off? 10.7 Information and the Professional · Written communication skills Skills required by staff working on an ICT support desk / Helpdesk Personal qualities required by ICT professionals working with end users Personal skills that are needed by an ICT professional when producing user documentation Definition of a code of practice Benefits to the company of having a code of practice 10.8 Information Systems Malpractice and Crime Difference between malpractice and crime Difference between internal threats and external threats Ways in which a company could protect itself from internal and external threats Preventing malpractice in the use of data, hardware, and Preventing malpractice in the use of data Preventing malpractice in the use of hardware Preventing malpractice in the use of communications networks Measures that may be taken to maintain the integrity of data against malicious or accidental damage Guidelines that may appear in a company's handbook to protect the company's data Threats to ICT systems caused by employees using laptops Ways in which a company's own staff can be a weak point in its ICT systems Different types of legislation legislation used to protect companies and individuals producing software; legislation to protect employees working with ICT systems. Why the DPA, CMA and CLA were introduced/what they do copyright and licensing agreements. Why must an organisation apply for entry onto the Data Protection Register The 8 principles of the Data Protection Act Personal data shall be accurate and, where necessary, kept up to date" Exemptions to the Data Protection Act Definition and role of the information commissioner Duties of the Information Commissioner. Items of data that a company must include in an entry on the data Register Ways in which the data subject may request to view a copy of their data. What must a company do if it wants to sell the personal data it has The three sections of the Computer Misuse Act Reason for so few prosecutions under the Computer Misuse Act ways in which the Internet is being used to support illegal activities Definition of the term 'software licensing agreement' License required for a program used by 100 users License required for a program used by 2 users why are software copyright and licensing agreements are needed Features of a well-designed workstation and the health risks they reduce Health and safety features of a keyboard and the risks they reduce Health and safety features of a Chair and the risks they reduce Health and safety features of a software packages and the risks they reduce Health and safety guidelines that may appear in a company's health and safety booklet 34 Work practices that ensure the health and safety of a data entry clerk Design features of a workstation that ensure the health and safety of a data entry clerk Design features/characteristics of software that ensure the health and safety of a data entry clerk four factors that should be considered when designing a piece of software Design functions of software that ensure the health and safety of a data entry clerk factors that could give rise to health and safety problems associated with the use of IT equipment 10.1 Knowledge, Information and DataDefinition of Data, Information and KnowledgeData· Data are raw facts or figures, or a set of values, facts, figures, measurements, records of transactions(l) o eg a list of student marks, a set of customer gas meter readings. (1) · NOT no processing carried out, no use to anyone, have no meaning · NOT single numbers like 12 or 010768 · MUST speak in terms of plurals - (Data=plural, Datum=singular) Information· Information is data, which has been processed or converted to give it meaning/to give it context/to organise it o Eg taking a list of student marks (the data), adding all the marks up, dividing by the number of students, to give an average mark for the class (this is the processing) Knowledge· Knowledge is a "set of rules or concepts" used to interpret/make use of information · An example for knowledge might include the sales manager using sales data for last year to predict next year's sales. His knowledge of sales trends allows him to interpret the sales information. · In a school context, a teacher could look at the results of internal tests to decide on expected grades for students that have to be submitted to the examination board Definitions of input, processing and output· Input is the act of capturing or entering data into an ICT system, for example scanning barcodes or typing in Book ISBNs. · Processing is the act of converting or changing data into information, eg taking barcode numbers and returning the name of the product they are stuck to · Or Processing is the act of ordering data to produce information eg an ordered list of all the books in stock. · Or Processing is the act of searching data for information eg. Looking for details of a book based on its isbn · Output . is the act of getting out information from the ICT system eg, a printed list of books, a display on the screen that shows full details of the book that has been searched for. · NOTE: data is plural so that the use of a single number as an example of input cannot gain credit. Also, check that their answer does not simply repeat the question for example, .input is putting in the data,. would not gain credit. An example of input process output in the context of an invoicing system· The task is to produce invoices (requests for payment) for ABC landscapes. · The number of hours worked (1) is entered using a keyboard(1). · The hours worked have to be multiplied by the rate per hour charged to get the labour total. (This is a 2 mark answer) · The invoice(1) is produced as hardcopy for the customer(1). Items of data that need to be input to a payroll program each week for each employee· employee code/ name(1) · hours worked (1) two items of data that would be stored for use every time a payroll program is executed· rates of pay (1) · Identifier / employee code/ (1) · Name / address (1) · employee grade (1) · bank account details(1) / [account number(1) sort code (1)] · Totals to date (1) Two possible documents output on paper from the payroll program· payslip (1) · spreadsheet/summary report showing total paid out/statistics for company (1) · individual bank transfer details/ BACS reports (1) · Tax/ NI detailed document · NOTE: (Must show understanding of document/report) advantages to the organisation of transferring money electronically into its employees' bank accounts, rather than paying their employees in cash· Less chance of error (1) no money needs counting (1) · Less chance of money being lost/stolen (1) as no cash involved (1) · Saves time/staff (1) no need to count and put up wages (1) · Easier to produce statistics/accounts (1) no manual calculations needed (1) Why does data like pictures, sounds, numbers and letters have to be encoded before being input into an ICT system
10.2 Value and Importance of InformationCauses of incorrect output produced by computer systems· If the data input is incorrect, it will still be processed, resulting in incorrect output - GIGO. (3) · Or correct data is input but error in program (1) will mean incorrect processing (1) and therefore incorrect output(l) · Eg. You receive a 10,000 bill, instead of 100 pounds. This will be because of one of the above 2 reasons (you entered 10000 into the system, or the software that processed the data has a flaw in it) Definition of GIGO - garbage in, garbage out
Characteristics of good quality data
Characteristics that give information value and importance· Accuracy/correct (1) - this means that the information on an invoice must be exact to the nearest penny otherwise customers may complain /incorrect stock figures may cause the manager to re-order the wrong amounts (1) · Up to Date (1) this means that the information must be as recent as needed, eg. a five year old list of e-mail addresses/home addresses would be out of date and may mean that people have changed address and cannot be contacted (1) and letters will be sent to the wrong address · Relevant for a particular use (1). the information on a sales summary would not be relevant to the manager of the payroll department (1)
· Complete (1) incomplete sales information might give rise to an incorrect sales forecast (1) why companies prefer to buy a database of postcodes rather than to collect the data from the customer· Saves on cost/time/staff as staff do not have to spend time collecting all of the address (1) · increases productivity (and so can answer more calls in a given time) (1) · Increased customer satisfaction/increased sales (1)Improves image as faster for customer (1) · Accuracy (1) avoids errors due to clerk mishearing/miss-typing addresses (1) · Completeness (1) buying complete list means that they have all postcodes available for the area (1) · Saves on cost of bulk mailing (1) Post Office provides discount if mailing ordered by postcodes (1) Advantage of purchasing a mailing list compared to making your ownSaves time or money (1) than having to collect the data yourself Disadvantage of using an outdated, 5 year old mailing listData no longer up to date/people may have moved/married/died(1) means waste of money/time on sending mail shots/data no longer has value (1) What must a company do if it wants to sell the personal data it hasFirst, get the data subject's permission (they may already have it), then inform the information commissioner of their intentions. Why a hotel should not use old data, gained from people who stayed there 4 years ago, for planning next year's holidays· Data from 2002 is too old /out of date (1) because. · Over time, peoples tastes change - they may prefer different holidays now. · hotel may have altered - it may target different people now · spending patterns/holiday patterns will have changed - people go on different types of holidays now Effect/impact on a hotel if it uses old data gained from people who stayed there 4 years ago, for planning next year's holidays· b) Hotel may offer wrong deals (1) · and therefore lose money/go out of business/lose business (1) · They may be unable to predict room utilisation (1) · resulting in empty rooms or too much demand (1) · price offers wrong due to wrong assessment of demand · so the hotel may lose a lot money · In violation of Data Protection Act for keeping out of date data · so, if caught, may be fined(1)
why is it so important to have the 'date produced' on a report?· So you know how old it is / how up to date / when produced (1) · Information or data changes over time (1) · May not know if the information is out of date (1) · Wrong decisions can be made if no date/accurate decisions can be made if date present (1) Why will the age of the data used to produce graphs included in a report, be importantIf the data itself is old then the graphs will/could be misleading (1) example (1) 10.4 Capabilities and Limitations of ICTUses of ICT and benefits of ICT to a newspaper firm, supermarket, travel company and the PoliceA newspaper.
A supermarket.
A travel company.
The Police.
NOTE: examples must be ICT examples e.g. Not just "they can store records of criminals" Note2: question asks for different examples so not 'database' four times Advantages to a bank of providing ATMs
Advantages to a customer of using ATMs
The things a bank can do with records of transactions that it keepsMARKS AWARDED IN THE FOLLOWING WAY:
For example, and related three from:
The things a customer can do with records of transactions/bank statements that a bank provides· Returning goods/ proof of purchase (1) if don't have receipt (1) · Records for customers (1) financial planning (1) Limitations of hardware, software, communications and data control mechanismsHardware limitations· Slow printer/small printer buffer (1) reduces throughput (1) · Low processing speed/needs faster processor (1) makes searching/sorting of data slow (1) · Screen small (1) plus how (1) · Poor resolution (1) plus how (1) · Unreliable hardware (1) plus how (1) · Poorly designed hardware (1) plus how (1) Software limitations· Software not compatible with other software (1) means data cannot be transferred across business (1) · Software poorly designed (1) plus how (1) Communications limitations· Network has insufficient capacity (1) means transfer of files slow (1) Low speed modem (1) means slow download of files (1) Poor data control mechanisms· No backup procedures in place (1) data may be lost in event of system failure (1) · No access control (1) Data Protection Act may be breached (1) benefits to a company of installing information systems on their vehicles that give details of traffic problems across the country (ie sat nav)
10.5 The Social Impact of Information and Communication TechnologyDefinition of ICT
Benefits of introducing ICT· Increased speed of processing(1), greater productivity( 1) · increased accuracy of calculations(1), less loss of money/customers(1) · 24 hour availability( 1), allows greater flexibility in hours( 1) · vast amounts of data stored in small space(1), allows reduction in office space and hence overheads( 1) · frees up staff for other duties(1), e.g. by performing repetitive tasks(1), · better presentation possible(1), better image to customers(1) · efficient search and retrieval(1), allows quick response to queries(1) · improved communication(1) - more efficient organisation/less misunderstandings( 1) easier customer contact e.g. email and Web · Improve security (1) e.g. harder to lose files (1) · better working conditions(1) - happier staff/easier to recruit staff(1) · Use of expert systems/modelling tools (1) leading to better decision-making (1) Effects of ICT on individuals· Change in Working habits (can now work from home, and remotely log in to work computer) · Shopping habits (save time going to shop, can just buy online) · Leisure (play games, research family tree, all from home) · Communication (can speak to and see relatives in far off places via webcam) Effects of ICT on Organisations· Retraining of existing staff needed (new ways of working, with computers, so staff have to be trained in the new ways) · Redeployment (staff's jobs are replaced by computers, so employees then required to do other work) · Changes in working practice (ways of working change) · Regrading and improvements in career prospects · Changes in working conditions · Increased legal responsibilities · New services can be offered Effects of ICT on Society· Increased productivity · Higher standard of living · Cleaner and safer working environment · Shorter working hours and more leisure time · Polarisation of society into two groups · Threat of a totalitarian state · Invasion of privacy · Growth of techno crime · Improvements in provision of services Functions of an email package and how they improve the effectiveness of email usage· Forward is an email feature that allows the receipient to send the received message to another individual(1). The recepeint only has to type in new name/address to send the message (1) and can add to original message (1) · Reply is an email feature that allows the receipient to add a response to the original message and return it to sender (1). There is no need to type a new address (1) · Attach is an email feature that allows the sender to send other files by adding them on to the mail message (1) this saves on postage/using other file transfer methods (1) and it is easy: you just select and click to add the file to the message (1) · Prioritise is an email feature that allows the sender to mark a message with a symbol (1) to denote the importance to recipient (1) It saves having to use the telephone to tell someone whether a message is urgent or not (1) and allows sorting of messages so you can deal with the emails in order of importance (1) · Send/Receive - is an email feature used to collect incoming mail (1) and dispatch outgoing mail (1) Ways in which an organisation can make use of the Internet to communicate with suppliers and customers around the world
Definition of videoconferencingVideoconferencing is the action of individuals or groups of people at different locations (1) having an interactive (1) discussion enabled by the use of telecommunications (1) A video link and other equipment is needed as video conferencing is done in real time(1) Advantages of videoconferencing
Disadvantages of videoconferencing· Quality of images can be poor/time delay · Investment in set up can be high · Training in how to use needed · Loss of social interaction · Control of meeting is more difficult Advantages and disadvantages of the use of ICT in Education, Leisure in the home, Industry, Medicine and TeleworkingAdvantages
Disadvantages
Benefits that ICT can offer an organisation
Data that are entered into the EPOS systembar code/numeric code/product code information that are produced by the EPOS system· itemised till receipt/total spend for a customer's till receipt (1) and · daily sales summary/product out/low stock notification (1) · description of item (1) · cost/price of item (1) What use is the daily sales summary report for the store manager.· Answer must show understanding of principle of knowledge (1) being used to interpret information (1) to give benefit to company (1) · Daily sales summary report can show most popular items/times of purchasing (1) allows manager to organise stock levels/staffing (1) reducing cost of staffing for company (1) advantages to a learner of following an on-line course· Can be followed at any time of day or night(1) means not constrained by course hours (1) Saving time/cost (1) plus reason (1) · Easier to study at home (1) plus reason (1) · Cost issues (1) plus explanation (1) Disadvantages to a learner of following an on-line course· Lack of face to face support (1) cause student to feel isolated (1) · Health issues (1) from too much use of pc (1) advantages to the course organisers, at the college, of providing a course on-line
advantages for a supermarket of using an automatic ordering system between the stores and a central warehouse· speed of ordering - faster than ordering manually(1) · store can be kept fully stocked/no overstocking(1) · reduction in staff time spent on stock ordering(1) · automatic ordering means lack of human error(1) · increased accuracy/ know exactly what stock they have at any one time(1) advantage for the supermarket's customers of the store using an automatic stock control system.· store should not run out of items customer wants(1) if levels maintained automatically(1) · prices may be lower(1) if less staff used/less wastage in stock/less space needed for stock(1) · 1 mark for stating advantage, second mark for explaining - 10.6 Role of Communication SystemsFactors to consider when deciding on a domain name for a website
Actions to take in order to make a domain name your own
Ways in which a company could use facilities available on the internet to encourage visitors to use its site.
Different ways that a company could make use of the internet to benefit its business:
Definition of carbon copy (CC) in emails:carbon copy (1) is an email feature that enables a user to send a copy of an email they have received to someone else(1) Definition of the email feature 'attach'The 'attach' feature in email is a feature that allows a user to add files or 'Attachments' to an email; the fiel is included with the email, and the in the 'attachment' section of an email, the Name of the attached file (1) and the Size of the attached file (1) is given. The block of text that appears at the bottom of an emailAt the bottom of many emails, a disclaimer is added (1) stating that the sender takes no responsibility for the contents of the email. (1) Why complete email addresses do not appear in the address bar of an emailThe recipients e-mail addresses have been added to the contacts/address book/ e-mail account (1) user has only to click onto their name and does not have to type in the full e-mail address (1) Benefits to an organisation of using email
Limitations to an organisation of using email/disadvantages of using email for a business· Excessive amounts of mail to deal with (1) leads to loss of staff time for other tasks/expansion(1) · Used for personal use (1) results in lost staff time/other expansion (1) · Clogging up of network with mail messages (1) reducing speed of communication for other business activities (1) · Excessive amounts of storage used on mail messages(1) reduces disk space available/slows activities (1) · Tendency to abruptness in email (1) leads to communication problems (1) · Lack of social interaction (1) less of a productive environment (1) · NOTE: NO TO VIRUSES More general examples: · Length of disclaimer can be significant (1) if printing (1) · Legal issues/liability issues (1) if emails passed on can cause company problems (1) · Lack of all having the facility (1) means can't rely on being able to use for · all(1) · Interception of email / vulnerability to outside viewing / accessibility of address book (1) leading to changed content or secret info being acquired (1) · System failure leading to suspension of e-mail service (1) inability to send/receive e -mails (1) Definition of a browser· A piece of software Used to display/view/download web pages (1) in a human understandable form (1) · It Displays HTML(1) in viewable form(1) · Enables user (1) to navigate the web/move between pages of HTML/going backwards and forwards(1) · NOT SEARCH AND DEFINITELY NOT SURF AND NOT TRADE NAMES · NOT JUST 'ACCESS THE INTERNET' Definition of a search engine· A Piece of software Used to find specific pieces of data/web pages/information(1) using key words (1) · Piece of software/application program(1) used to find sites/words/topics(1) Services provided by an ISP· Web space/editor to create web pages(1) · Chat rooms/newsgroups(1) · Search Engines(1) · News/provide information(1) · Goods for sale, auctions, shopping (1) · Virus protection(1) · Email;1) · Technical help(1) After Mr Patel bought a fishing DVD through the internet he started getting fishing-related junk mail. Why?
Why people are worried about buying goods online using their credit cardspeople are afraid that their credit details may be stolen/hacked into/misused Measures a company can take to help give customers confidence in using their on-line facilities.
Advantages to a company of selling goods online
Advantages to the customer of using an on-line store rather than a high street shop· Saves time/cost of travel (1) no need to visit shops/saves time searching for what you want (1) Allows people with limited movement (1) to shop from home (1) · Saves leaving home (1) crowds/comfort factor/convenience (1) Disadvantages to the customer of using the on-line store rather than a high street shop· Cannot try on clothes (1) · Possibility of fraud (credit card) (1) · Social interaction/ direct help from sales staff lost (1) Time delay between purchase and receipt of goods (1) How a reporter/student/someone researching can access websites
Problems you could have with information obtained from the internet, in the context of a school report
Information about website sources that have to be given in a school report
The internet for students and universitiesAdvantages to the university of providing free internet access· Students can study independently (1) saves costs/staff time (1) · Means easier to contact all students using e-mail (1) saves time and costs (1) · Work can be submitted on line (1) less likely to be lost (1) · Improve image/no of students (1) more money/students(1) · Less resources required (e.g. books)(1) saves money (1) Advantages (other than a financial one) to the students of having Internet access provided by the university· Can access material from anywhere/anytime (1) saves time finding staff or other acceptable reason (1) · Easier to submit work (1) word process and email (1) · No need to go to lectures (1) as materials available on line (1) · Discussion groups/news groups can be available (1) get help with studies (1) · Greater availability of information (1) books/articles out on loan or other acceptable reason (1) Disadvantages to the students of using the Internet for study· Health problems (1) due to overuse of ICT (1) · Lack of social contact (1) as work from room (1) · No need to go to lectures as notes on line (1) so misses detail of lecture (1) Information obtained may be unreliable/inaccurate (1) Do not know source/not updated recently (1) · INTERNET not as stimulating as a teacher (1) does not learn as well (1). Ways in which a company can use a webcam· The Webcam can be used for videoconferencing (1) cheap way to hold meetings with people at a distance/can get immediate feedback (1) · Ability to monitor activities (1) benefits (1) An opticians keeps records in a database of all its customers who have had eye tests. Customers who do not make appointments after two reminders have been sent out have their details deleted from the database. Why?· To comply with Data Protection Act(1) plus business advantage/explanation (1) · Reduce storage required (1) plus business advantage/explanation (1) · Speed issues (1) plus business advantage/explanation (1) Ways in which a businessman can use ICT to send data to the office, while he is at a motorway service station/away from home and the office· Laptop to send email (1) connected to the internet via a data card · Webcam to send images (1) can be connected to laptop, which is connected to the internet · Fax machine to send images (1) can be sent from nearby hotel · Mobile phone to send text messages (1) can be sent anytime · NOTE: need to state both the device used and what is sent devices that can be used to access internet services· WAP phones(1) MUST BE WAP PHONES NOT NEW MOBILE PHONES · E-mail telephones/new BT telephone boxes · Televisions with digital capabilities(1) i.e. Digital Tv or normal Tv plus box(freeview for example) Why can you send emails even when the recipients computer is switched off?ISP stores
messages on server (1) until addressee collects mail (1) 10.7 Information and the ProfessionalThe way in which written, listening and problem-solving skills are used by ICT professionals, and why the skill is important
Skills required by staff working on an ICT support desk / Helpdesk
Personal qualities required by ICT professionals working with end users
Personal skills that are needed by an ICT professional when producing user documentationOne mark for skill one mark for expansion in context
personal skills that are needed by an ICT professional when preparing the requirements specification/investigating the end users' requirements· Be able to communicate well orally/Articulate/Good questioning skills (1)-- to enable efficient and effective communication with users/or colleagues/ being able to use suitable language, free from jargon so they can find out requirements (1) · Have patience (1) - to keep calm and prevent end users from becoming flustered when discussing requirements/ follow through all the detail design work needed (1) · Have good written skills (1) - to be able to provide end users with clear documentation of the requirements specification to enable discussion/ make notes at interviews (1) · Approachable/Gain trust/people skills/confidence (1) makes users feel at ease/easier to get information from them (1) · Observant/Listening skills (1) plus explanation · Analytical/Problem solving/logical (1) plus explanation Definition of a code of practice· A set of rules/policy/guidelines/Procedures/Standards (1) that belongs to an organisation/employer/company (1), and which governs the behaviour and action of members/employees(1) Benefits to the company of having a code of practiceCodes of conduct help prevent the. · Misuse of equipment(1), stopping company from having large maintenance bills or replacement costs(1) · Misuse of software( 1), preventing company being liable under copyright laws(1) · Misuse of Internet facilities(1), preventing company from having wasted resources ñ staff time and phone costs(1) · Misuse of email facilities( 1), lack of work being done and therefore low productivity( 1) · Misuse of data(1), leaving company open to prosecution under Data Protection Act(1) · Gives company option of dismissal (1) if Code of Practice not followed (1) Better trained/informed work force/higher level of employee skills (1) Due to interchange of ideas/skills (1) 10.8 Information Systems Malpractice and CrimeDifference between malpractice and crimemalpractice is bad or incorrect practice caused by staff within an organisation who did not follow that organisation's rules or procedures. Eg users not keeping backups, then deleting files which they thought were unimportant.(3) Crime is concerned with illegal activities(1) frequently caused by people from outside the company but can be its own staff too (1)Crime is actions that are without permission ie unauthorized e.g a person Hacking into a company's payroll system to increase his salary(1) Difference between internal threats and external threatsInternal threats are from within the company or organisation / caused by own staff(1) for example theft of components External threats come from outside the company or organisation / caused by people from outside the organisation (1) for example a Natural Disaster or power cut
Ways in which a company could protect itself from internal and external threatsProtection against Internal threats
Protection against External threats
Preventing malpractice in the use of data, hardware, andPreventing malpractice in the use of data· Create levels of access/ use passwords (1) so users only have access to data that they need for their job/ prevent modifications or deletions of data( 1) · Have automatic save functions built into software (1) to prevent data loss in event of system failure (1) · Procedural (e.g. logging off, no one member of staff to have total control of process) (1) explanation (1) · Code of practice (1) DETERS (1) · Provide training (1) explanation (1) · NOTE: NOT use of audit trails or monitoring software except where they explicitly state they are a deterrent Preventing malpractice in the use of hardware· Prevent users from using floppy disks or CDs/disable/remove external drives (1) means viruses/unauthorised software not introduced (1) Code of conduct/ practice (1) DETERS (1) · Provide training (1) explanation (1) · NOT secure room etc. as this is preventing any use not misuse Preventing malpractice in the use of communications networks· Use a firewall (1) to prevent the network becoming vulnerable to external sources when staff use external networks (1) · Anti virus software (1) to prevent downloading/spreading of viruses when using networks (1) · Customise log in/passwords/user ids (1) prevent users accessing software/data they do not need (1) · Control email usage/ timed access (1) prevent networks being overloaded (1) · Code of conduct/ practice (1) DETERS /may prevent/might prevent/can prevent the committing of an offence (1) Measures that may be taken to maintain the integrity of data against malicious or accidental damage· Use of copies of sensitive data for day to day use ñ master copies only updated at end of day/week(1) plus (1) for reason · Use of virus baths/virus software/firewalls to prevent deliberate damage to data(1) plus (1) for reason · Clear set of internal procedures for staff to follow when using data to prevent use of own software/data from dubious sources etc(1) plus (1) for reason · Audit trails(1) to record use of data by whom when etc( 1) · Good selection and vetting procedures for new staff(1) to prevent any person with a grudge or ulterior motives being employed( 1) · Physical/Automatic log off of terminals( 1) to prevent unauthorised access( 1) · Keyboard locks( 1) as above(1) · Physical restrictions on access to equipment(1) reason to restrict access(1) · Regular backups(1) to ensure data kept as up to date as possible in the event of accidental damage( 1) · Not staying on line longer than necessary(1) to reduce chances of hacking(1) · Write protection of disks/files(1) to prevent overwriting/damage to data(1) · Encryption/Encoding (1) · Restriction on use of floppy disks (1) · Call-back system for log-on (1) · Authenticity of software (1) · Screensavers (1) · Software measures to protect data · Better training Guidelines that may appear in a company's handbook to protect the company's data· Do not disclose passwords to other people(1) prevents outsiders accessing data (1) · Do not use damaged floppies (1) prevents damage to disk drives (1) · One mark for stating guideline WHAT the worker should do and · one mark for reason for inclusion WHY they should do it i.e. how it helps to protect the company's data Threats to ICT systems caused by employees using laptops· Loss of hardware (T) due to it being the responsibility of the employee to keep laptop secure rather than the company/easier to steal because of size(R) · Loss of data (T) no control on whether employee lets others access machine/fails to make back up copies of data/battery runs out (R) · Corruption of data (T) employee lets others have access to data no record/controls on access on a laptop(R) · Introduction of viruses (T) virus downloaded on to laptop hard drive and then employee uses unchecked disks to transfer viruses to machines at work from laptop(R) · Damage to hardware (T) employee drops machine/keeps in unsuitable environment as no control over this by company(R) · Errors may be made(T) due to lack of support when used remotely (R) Ways in which a company's own staff can be a weak point in its ICT systems
Levels of access that could be given to different categories of users of an on-line stock control system· Stock manager-read/write access (1) · - ability to add delete and amend records of stock e.g. add a new product, delete a product out of stock, change prices (1). · Sales staff - read/write access (1) · need to be able to see details about stock and to change data as sales are made(1) · Store manager - · read/view only
access(1) - needs to be able to view(read) data but not change it(1) 10.9 The Legal FrameworkDifferent types of legislationlegislation used to protect companies and individuals producing software;Copyright, Designs and Patents Act (1) an Act introduced to protect the privacy of individuals / legislation designed to protect the privacy of individuals whose personal data is held by others.Data Protection Act( 1) an Act designed to allow companies to prosecute anyone accessing their Information Systems without authorisation;Computer Misuse Act (1) legislation to protect employees working with ICT systems.Health and Safety at work Act(1) or EU Directives (1) NOT Codes of Practice or Conduct Why the DPA, CMA and CLA were introduced/what they dothe Data Protection Act..was introduced to protect the individual /individual's rights/privacy/personal data] (1) and to control what data is stored/passed on/used on individuals (1) example/expansion (1) the Computer Misuse Act..was introduced to allow unauthorised access to be prosecuted (1) and to to discourage/prevent the misuse/modification of data/programs (1) example/expansion (1) copyright and licensing agreements.. is designed to protect producers of software products/software/ideas (1) (comes under same copyright laws as literary works ) by controlling number of copies a user is allowed to have (1) example/expansion (1) Why must an organisation apply for entry onto the Data Protection Register· Because it is a legal requirement/Data Protection Act requirement The 8 principles of the Data Protection Act1. data shall be obtained and processed fairly and lawfully 2. Personal data shall only be held for one or more specified and lawful purposes 3. Personal data shall not be disclosed or used in any manner incompatible with that purpose or purposes 4. Personal data shall be adequate, relevant and not excessive for the purpose 5. Personal data shall be accurate and up to date 6. Personal data shall not be kept for longer than is necessary for the purpose 7. Appropriate security measures shall be taken against unauthorised access to, alteration or disclosure or destruction of personal data 8. Personal data shall not be transferred to a country or territory outside the European economic area unless that country or territory ensures an adequate level of protection The data protection actPersonal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed"For first principle mark as 1 for any of the following: · Company must not store more data than they need (1) · Company must make sure the data they use is relevant for that use (1) · Enough data must be stored for purpose it is used for (1) And second mark for one of the following: · a deeper explanation (1) · example (1) · also addressing adequate (1) · separately covering excessive and relevant (1) Personal data shall be accurate and, where necessary, kept up to date"For second principle mark as 1 for any of the following: · Accurate -Company must make sure that data used is validated and verified (1) · Up to date - They check regularly or update regularly to ensure the data they hold is up to date (1) And second mark for one of the following · Example (1) · also addressing accurate/up to date (1) Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal dataFor third principle mark as 2 from any of the following: · Security - Company should ensure that they protect the data by keeping it secure (1) · It is backed up to reduce chance of accidental loss (1) · Privacy explanation (1) · Example of security measure · Example of privacy measure Exemptions to the Data Protection Act
Definition and role of the information commissionerAn Information commissioner is An individual who reports directly to the UK Parliament (1) and enforces and oversees (1) the data Protection Act 1998 and the Freedom of Information Act 2000. He promotes good information handling (1), provides guidelines (1) and provides help (1), and acts as Ombudsman (1) to investigate complaints (1) Duties of the Information Commissioner.
Definition of a data subjectA Data subject is A living (1), identifiable (1) human being about whom data is held (1). Any data held about a data subject comes under the DPA 1998. Items of data that a company must include in an entry on the data Register
Why an organisation which holds personal data, must have procedures in place to allow the data subjects to view any data that it holds about them.· Due to Data protection Legislation - DPA (1) · Otherwise anyone could look at data · To verify person's identity (1) · Allows data subjects to check accuracy of data held (1) Ways in which the data subject may request to view a copy of their data.
What must a company do if it wants to sell the personal data it hasFirst, get the data subject's permission (they may already have it), then inform the information commissioner of their intentions. The three sections of the Computer Misuse Act
Reason for so few prosecutions under the Computer Misuse Act
ways in which the Internet is being used to support illegal activities· Examples of illegal activities: Mark as 4 × 1 · Terrorism/illegal groups · Football hooliganism · Hacking / logic bombs and viruses (if don't mention blackmail) i.e. all Computer Misuse Act crimes · Stalking · Blackmail · Paedophilia · Theft/Fraud - this covers "false sites" · Copyright infringement · Money Laundering · Selling illegal items inc. pornography · Explanations of how the Internet can support these activities: Mark as 4 * 1 · Recruitment of members web sites set up/ wider audience reached (1) · Easier to keep in contact any time any place (1) · Wider groups can be formed international boundaries removed (1) · Easier to be anonymous/harder to find Internet addresses/names not based on physical location (1) · Can give false personal details (1) · Purchase goods on line, easier to commit credit card fraud with stolen card numbers (1) · More data moving across communication links makes hacking easier · Easier to launder money/ harder to track fraud as vast sums can be moved quickly electronically (1) · Downloading of music/pictures/software (1) Software Licensing agreementsDefinition of the term 'software licensing agreement'A Legal document or contract(1) between a software user and software producer (1) on how a piece of software may be used (1) (NOTE: remember that not all software is sold) License required for a program used by 100 usersa) Multi-user/Site licence/network licence/volume licence (they all mean pretty much the same thing) (1) for a minimum of 100 copies/number specified (1) of the software to be used at any one time, because there are lots of users for the program, and the numbers could grow, thus this license is best(1) License required for a program used by 2 usersb) Single user licences (1) . because there are only 2 users; more cost effective. only need to buy it for those people who will use it (1) . MUST STATE .USER. if someone has a single-user license but installs the software on both a PCand a laptop, is he breaking the law/.No. (1) they are not committing an offence provided they only use the PC or the laptop at any one time (1). why are software copyright and licensing agreements are neededbecause they Make copying illegal/deters copying/protect producer (1) and ensure producer of software does not lose money (1) What is the possible consequences for a company of an employee using unlicensed software on a computer belonging to that company.Company can be held responsible (1) and prosecuted/fined (1) Features of a well-designed workstation and the health risks they reduce
Health and safety features of a keyboard and the risks they reduce
Health and safety features of a Chair and the risks they reduce
Health and safety features of a software packages and the risks they reduce
Health and safety guidelines that may appear in a company's health and safety booklet
Work practices that ensure the health and safety of a data entry clerk
Design features of a workstation that ensure the health and safety of a data entry clerk
Design features/characteristics of software that ensure the health and safety of a data entry clerk· Shortcuts/macros (1) prevent repetitive typing/RSI (1) · Appropriate use of colour/fonts/text size(1) -preventing eye strain (1) · Clear error messages (1) prevents stress/frustration (1) · Clear help/understandable messages(1) preventing stress/frustration (1) · Appropriate menu/input screen design(1) stress/frustration (1) four factors that should be considered when designing a piece of software
Design functions of software that ensure the health and safety of a data entry clerk· Validation to prevent errors on entry (1) reduces stress from entering incorrect data (1) · Short cut keys (1) use reduces stress for experienced users by avoiding use of drop down menus (1) · Help provided (1) prevents stress from not knowing what to do (1) · Pre coding/use of drop down lists etc (1) reduces data entry and therefore RSI (1) · Messages to take a break appear at intervals (1) encourage users to break from software use (1) · Autosave facilities (1) prevent stress by reducing likelihood of lost work (1) · NOTE: Question is about functions, not just characteristics and so the function must DO something factors that could give rise to health and safety problems associated with the use of IT equipment· Inappropriate physical setting : incorrect seat positioning, no foot rests, no wrist support (1)leading to Fatigue and stress: back pains/headaches/tendon strain (RSI) etc due to prolonged use of equipment or poorly designed equipment(1) · Inappropriate lighting, poor screen positioning e.g. facing window, orientation, flicker(1) leading to Eyesight defects(1): · Prolonged use without breaks(1) can lead to eye focusing muscles suffering from static posture (1) · Poor software design/hardware or inadequate training(1) OR monitoring of work leading to stress(1) · Flickering light and patterns(1) can cause Epilepsy(1) · Radiation from screens (1)may have effects on pregnant women(1) miscarriage and birth defects concerns caused by radiation · Ozone emissions from laser printers(1) causing headaches(1) · Printer noise(1) causing deafness(1)
|