| Back to Home |
| ICT1 |
| ICT2 |
| ICT3 -Excel Project |
| ICT4 |
| ICT5 |
| ICT6 - Access Project |
| Contact |
| Testimonials |
|
ICT4 Revision Guide
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
DUIC, BURY AS ICT MODULE 4 REVISION NOTES
These revision notes are based on the past examination papers for the last 6 years. They include the answers to all the questions in the following exam papers:
June: 2005, 2004, 2003, 2002, January: 2006, 2005, 2004, 2003,
As of December 2006, the June 2006 mark scheme has not yet been released by AQA.
Also, I don't have a copy of the January 2002, 2001, 2000 and June 2001, 2000 mark schemes. If you have an electronic copy, please send it to me and I will add it to the notes. If you have a paper copy, please scan it, and email it to me. My email address is abdulhaf at hotmail dot com
· General notes - each question is about one section of the specification - 1.1, 1.2, 1.3 etc. if you can work out which section it is, you'll know what to write. Very rarely does a question spill over to cover 2 sections. · Do not use tippex. · Go over your answers once you've finished · Don't give over-generalised examples - keep them specific to ICT · If the question asks for an example, give an example · If the question asks for an explanation & an example, give both, not just one. · The use of brand names - Excel, Access, Word - does not gain credit. · If you don't know the meaning a word, LOOK IT UP. Use a dictionary, or go to Dictionary.com, onelook.com, or in google type in define: anyword to find the meaning of the word. Do not guess. Find out.
Table of contents
Examples of categories of users of information systems, and the level at which they operate 13.2 Information Systems and Organisations Definition and example of a data processing system Definition and example of an information processing system Definition of an MIS (Management Information System) why an organisation would implement an MIS How a Managing Director (MD) would use an MIS Actions that managers could take to increase the chances of a MIS being successful Problems that staff might encounter when a system has been introduced too quickly Factors that should be considered when discussing the introduction of a new information system 13.3 Corporate Information Systems Strategy Role of a corporate information systems security policy Definition of informal information flow Definition of formal information flow Difference between formal and informal information flows within an organisation Topics that should be covered in a corporate information systems security policy Information systems that would be useful to managers at the highest level of an organisation Effects that the structure of an organisation could have on the flow of information Factors that might be considered when producing a corporate information system strategy. Levels of information that each of the above users might require Ways of classifying information, with examples Benefits to customers of a company using good information in the context of an online store Benefits to a company of having good information Reasons for using a formal method Problems that might occur when entering free text answers from a questionnaire into an MIS Data capture methods that a company could use for entering the data collected on the questionnaires Methods of presenting the information produced from a questionnaire to a group of managers Data capture method for a 'free text' response/open question on a market research questionnaire methods that could be used to ensure accurate data entry on a 'free text' response Output format to use when summarising free text responses Output format to use when summarising closed questions/ 'crossed or circled response' question. The reason why a market research company would use an ICT system to process responses The manager of the fresh food department in one store; The company executive officer, based at head office. Manager of the fresh food department in one store; Company executive officer, based at head office; Definition of the term 'Risk Analysis' Threats to an ICT system, and countermeasures for each one Legislation that should be considered when writing an Information System Security Policy Factors that should be considered when writing an Information System Security Policy. Methods of enforcing and controlling health and safety legislation within an organisation Principles of the current Data Protection Act Measures a doctor's practice could take to show that their records were accurate. Methods of making sure that staff in an organisation are aware of the company's policies How to make a new member of staff aware of the company's security policy Ways in which support may be provided for users of ICT systems. User support options that a software house could offer its potential customers Ways in which training may be provided for users of ICT systems. Methods of providing training in the use of software Means of providing the training material, and give an advantage of each. Factors that need to be taken into account when planning training. 13.8 Project Management and Effective ICT Teams Tasks that a team leader should perform to help a team achieve success Why are ICT projects often sub-divided into tasks and allocated to teams The need for 'clear timescales' The need for 'approval to proceed' The need for 'agreed deliverables' Characteristics of an good and effective ICT team 13.9 Information and the Professional Definition of the term 'ICT Code of Practice' The reason why a code of practice is required Social, moral and ethical issues that could affect an ICT professional SPG marking criteria for the essay ESSAY - SDLC & Project Management and ICT teams Organisation and use of ICT teams Use of formal Methods for development of IS How the structure of the organisation influences the Corporate Information Systems Strategy. How the personnel in the organisation influences the Corporate Information Systems Strategy. Dev Life Cycle (D) (need description of a stage for 1 mark - if just listed, then (G) Max 4 marks - 2 for introduction and 2 for conclusion only. (D, S, C, H) Under each of the four headings, allow up to 4 marks. Why regulation is required (R) Issues in Devising regulations (I) Potential problems with regulation (P) Methods (M) - max 4 - could be Information generated (A) - max 5
13.1 Organisational StructureLevels in an organisation
· Strategic · Tactical (Implementation) (1); · Operational (1) Examples of categories of users of information systems, and the level at which they operate· Higher Management · They work at the Strategic level · Middle Management · They work at the Tactical level · Workers · They work at the Operational level
Role of an information system in decision making for the tactical and strategic levels of supermarket management· Tactical (local in this context) - affecting hour by hour/day-to-day/short¬term operational decisions (1), · e.g. staff rosters, reorder quantities on previous local sales, how many tills to open etc (1) · Strategic (central in this context) - long term decisions (1), ·
where to locate new stores, what
lines of merchandise to carry, based on sales figures etc (1) 13.2 Information Systems and OrganisationsDefinition and example of a data processing system· A data processing system is an Operational or low level system which will in most cases involve electronic data capture(1). Such systems are used for repetitive and routine business activities (1), including for day-to-day transactions, like transaction processing. (1) · Examples: · Register/attendance, · Point-of-sale, · Stock control, · ticket booking system etc Definition and example of an information processing system· An a system that takes data from different sources and converts it into information which can be communicated in appropriate format to managers at different levels, like the tactical and strategic levels, to aid planning or decision-making · Examples: Student Info system, Financial reporting system, Sales Information system, library information system, Management Information System, Executive information system, Decision support system etc
The difference between a data processing system and an information system, in the context of a supermarket· 1 mark for each of DP and IS, plus 1 for each example · DP - precise/low level/electronic data capture/used for repetitive/routine business activities. (1) · Examples: Stock control/payroll calculations/invoices/ point-of-sale (1) · IS - collection of data to improve performance/aid to decision making/support for management. (1) · Examples: Sales Information system/Financial info system/stock summary (1)
Examples of how a data processing operation in a supermarket might provide data for a company-wide information system.· Must be in context - first mark for indicating output from DP system is used/processed by an MIS; second mark is dependant on the first · The data from the POS system (items sold, loyalty card information) is processed (1) · to show who buys what, location, time of day/week/year (1) OR · into information that can be presented in a way to enable management to make strategic decisions(1)
Deliverables in the information life cycle of an information system, and when they are produced/completed
Definition of an MIS (Management Information System)· An MIS is a system to convert data from internal and external sources into information (1) · The information is communicated in an appropriate/understandable form (1). · .for use by managers at different levels (1). · .so that they can use the information produced (1). · .to enable them to make effective decisions (1) · Examples: · Sales Information system · Financial Info system · Production summary why an organisation would implement an MIS· so that managers at different levels of an organisation (1) can use the information produced (1) to enable them to make effective decisions (1) How a Managing Director (MD) would use an MIS· A supermarket CEO may take a report showing the comparative performance of all the supermarkets in the country (1) to decide the long‑term strategy/make strategic decisions (1) · An MD could use an MIS to analyse financial information, such as the income of a supermarket, (1) to see whether the store is making money or not, thus aiding the decision to keep the store open. (1) Actions that managers could take to increase the chances of a MIS being successful1 for action (a), 1 for description/statement/expansion of how it would help (h) · Ensuring the right amount of management knowledge of ICT and its capabilities or having awareness or training sessions (a) so that they do not make excessive demands that are not technically possible (h) · Ensuring emphasis is on business process, not on low level data processing (a) regularly checking that the development will deliver what is required by the business (h) · Making only appropriate demands on development and ICT team (a) by not expecting them to take short cuts to deliver a sub-standard product (h) · Allowing development team to adhere to standards (a) not pressurising then to produce a ěquick and dirtyî solution that would become un-maintainable (h) · Have all parties working as a team (a) allowing good communication between managers, users and development team (h) · Allowing the development team to have enough time to complete each stage properly (a) by not pressurising them to cut corners (h) · Making sure there are no problems with changeover (a) by ensuring that all training and documentation is complete and that all other departments are ready (h) · Ensuring the right amount of user involvement/communication throughout the development cycle (a) and making sure that all parties are available for consultation (h) · Allowing for and ensuring the right staff/resources are available to the project team at all stages (a) e.g. Users for acceptance testing (h) Factors that might cause an MIS to fail / may cause the failure of a system that has been introduced too quickly
· lack of communication between management, users and the development team · inadequate analysis/other phase · emphasis on computer system/ not on info needs of users · concentration on low level data processing · not giving managers what they need/not meeting requirements · lack of management knowledge of ICT and its capabilities · lack of team work · lack of standards · Incomplete documentation · problems with changeover/procedures not ready · staff not prepared/ change in roles/ training not taken place etc · lack of consideration for post-implementation maintenance · excessive management demands
Problems that staff might encounter when a system has been introduced too quickly· Problems using the system properly (P), because of lack of training/lack of skill (E) · May lose job/be made redundant (P), due to new system doing what used to be a manual task (E) · Changes forced upon staff (P) leading to resentment/attitude problems (E) · Employment pattern changed (P) may want to relocate (E) · May have a problem with new system and not know what to do (P), as new working procedures have been introduced but not communicated · (E) · Have problems with new/changed working conditions (P), which were introduced without consultation (E) · Fall foul new/updated rules (P) that are included in a new Code of Practice (E)
Issues that the IT department should address, so that any new information system developed is more likely to succeed· Professional standards used (1) so everyone knows what processes and procedures to use during development (1) · Effective team working/balanced teams as a norm( 1), with everyone working together on appropriate tasks, well-controlled by good leadership (1) · To have a project management methodology in place (1) that allows good control of the development process (1). · Always follow a life-cycle methodology in a standard way (1), to allow effective/exhaustive analysis/design/testing methods, making sure no important steps are missed (1) · Strong communication links with management (1), so that impossible demands are not made/so that compromises can be agreed for any particular requirement (1) · Involvement of manager/user in development (1) needs to be at an appropriate level (1) · Implementation strategy (1) making sure that all parties are prepared (e.g. training planned or documentation written) (1).
Reasons why a feasibility study might recommend the replacement or updating of an existing information system.· Current system no longer fit for purpose/is ineffective · Changes in processes/business methods (Do not allow business studies reasons) · New legislation forces changes · Technical developments mean current system outdated/redundant · Current system inflexible/too expensive to run/developer skills rare therefore expensive
Factors that should be considered when discussing the introduction of a new information system· 1 for factor (F), 1 for expansion/example (E) · Technical issues · Economic issues · Legal issues · Operational issues · Schedule issues · Training issues · Changeover issues
13.3 Corporate Information Systems StrategyRole of a corporate information systems security policy· to have written procedures to follow (1) · that spell out what is to be protected (1) · how it is to be protected (1) · and who is responsible (1) Definition of informal information flow· Informal information is Information that naturally arises, is not structured and is produced ad-hoc (1) · Such as a phone call, personal conversation, during a meeting or by observation, e-mail, bulletin board, special interest group (1) Definition of formal information flow· A system with fully documented/agreed procedures (1) · Stating stages of flow/control/exception handling/distribution (1) · Eg. "Business letter" is good example; · "Letter" on its own not good Difference between formal and informal information flows within an organisation· Formal flow is a system with fully documented/agreed procedures (1) Stating stages of flow/control/exception handling/distribution (1) · Informal is not a system/ is using the grapevine/is unstructured/ is naturally arising (1) · Formal example - e.g. business letter/report/memo/agenda/minutes of meeting/planned or scheduled meeting( 1) · Informal example - e.g. note/gossip/non-documented conversation/phone call/personal conversation/during a meeting/observation/e-mail/bulletin board/special interest group (1) Topics that should be covered in a corporate information systems security policy· prevention of misuse · detection of misuse · investigation of misuse · procedures for preventing misuse (accept an example e.g. Access levels etc) · staff responsibilities · disciplinary procedures Information systems that would be useful to managers at the highest level of an organisation· 1 mark for an info sys, 1 for use (planning/decision-making), 1 for describing how. · Info sys are (e.g.) MIS, EIS, DSS. These get the 1 for info sys. · Anything else, read the whole answer and, if the explanation is at strategic level, give the mark for info sys as a ëbodí. · Eg1 A Sales Management information system (1) could be useful when planning future expansion (1) as the information provided would show the growth areas in terms of product or geography (1) · Eg2 Use MIS to create analyse sales in 50 stores around the country, to determine which of the 50 stores to close down. · NOTE: Not IS on its own. · NOTE: Not DBMS. Factors that can influence an information system within an organisation, and which should be considered when writing a Corporate Information Systems Strategy.· 1 for stating factor (f), 1 for description/example/expansion · Business strategy/Business objectives (f) + (e) · Legal and Audit requirements (f) + (e) · Information flow within the organisation (f) + (e) · Staff knowledge and experience with ICT (f), + (e) · Management style and methods/culture (f), + (e) · General organisational structure (f) + (e) · Breakdown of functions (f), + (e) · Responsibilities for ICT (f), + (e) · Personalities within org (f), + (e) · Ability to adapt to change (f), + (e) · Motivation of staff (f), + (e) · Training facilities for staff (f), + (e) · Hardware/technology available/considerations (f) + (e) · Software/applications/systems available/considerations (f) + (e) · Standards in use within organisation/within the industry (f) + (e) · Behavioural factors (f) + (e) Effects that the structure of an organisation could have on the flow of information1 for the effect on flow, 1 for description/example/expansion · EFFECTS · Time (slower/faster) · Accuracy (distorted) · Style (formal/informal) · Types · Quality · Examples: · STYLE - Hierarchical, or pyramid shape organisation has longer more formal paths for information flow (1) may take longer (1) · TIME - Flatter, matrix/mesh shape tends to allow shorter routes (1), information may be less reliable/idea of Chinese whispers (1)
Factors that might be considered when producing a corporate information system strategy· Organisation and functions of management (1), description of current departments/functions, how information used (1) · methods of planning and decision-making (1), levels of (strategic, tactical, operational)/formal and informal methods/ democratic(consensus)/ project boards/autocratic/automatic/ prescriptive/descriptive/rational (1) · legal and audit requirements (1), nature of business/compliance with DPA or other acts/industry standards etc (1) · general organisational structure (1) pyramid etc and information going up/down between (1) · responsibility for the information system within an organisation (1), IT manager/department, managers of different departments (1) · information flow (1) directions/movement/type/procedures (1) · hardware/technology (1) age/capabilities/upgrading of/compatibility (1) · software/applications (1) compatibility/future direction/ upgrades/ versions/ generic/ bespoke (1) · standards and behavioural factors (1) personalities/motivation/ability to adapt to change (1) · EG1: How information will flow around the organisation (f), for example the use of a company wide intranet or internal email systems can be used to get information to all employees quickly and efficiently (e). · EG2: The structure of the organisation (f), for example a formal pyramid shaped structure will require a method of ensuring information is passed up and down the structure appropriately and in a timely manner (e).
Potential users of a bespoke package to manage client information, including the booking of lessons, the tracking of progress, and the recording of payments for an independent driving school· Driving school owner · Driving instructor · Administrative assistant/receptionist/secretary · Driving learner or parents of a driving learner Levels of information that each of the above users might require· Owner - strategic, support decision making, e.g. whether or nor to employ more instructors · Instructor - tactical, planning, e.g. scheduling programme for a particular learner driver; also could be operational, daily diary, where and at what time is next pick-up. · Administrative - accept any reasonable tactical or operational · Learner - operational enquiry only as part of booking next lesson/s e.g. seeing when instructor is free. 13.4 Information and DataWays of classifying information, with examples· Source - internal, external, primary, secondary · Eg. A high-level manager may use sales information (e) that is based on information that has come from different sources (c), both internal and external (w), to help him decide what products to stock. · Nature - quantitative, qualitative, formal, informal · Level - strategic, tactical, operational · Time - historical, current, future · Frequency - real-time, hourly, daily, monthly · Use - planning, control, decision · Form - written, visual, aural, sensory · Type - disaggregated, aggregated, sampled.
Characteristics of good information in the context of an online store which gives indirect access to the stock control and ordering systems of the company
· Complete, for example the sales director of a company uses a report that is based on the sales in all the regions that the company works in. · Relevant - an area manager uses a report to make decisions about his area ń it does not need sales information included about the other areas in the company. · Accurate, for example the figures on a financial report have come from reliable sources. · In the right detail, the CEO of a company does not need to see every product sold, but just needs summary reports with indicators of any problem areas.
Benefits to customers of a company using good information in the context of an online store· means that the customer knows that what they have ordered is available · will be delivered when the on-line store says it will · the price quoted is accurate · customer has confidence
Benefits to a company of having good information· means that the organisation will have the stock · capability to satisfy customer buying requirements · will not be duped by fraudulent transactions · will be competitive with similar on-line selling organisations · customer satisfaction/so will use the site again · can use the statistics/info to make company decisions · increased business/profits Reasons for using a formal method· to have standards in use · to provide clear timescales/deadlines · to identify the agreed deliverables · to identify milestones, where approval to proceed can occur · to give clear tasks/objectives · to see who should be doing what, and when · to enable control/monitoring of the schedule or budget Problems that might occur when entering free text answers from a questionnaire into an MIS· Translation problems e.g. illegible writing (1) (i.e. reading difficulties) · Transcription problems (1) (i.e. keying difficulties) · Verification (1) · Difficulty understanding the responses (1) · Irrelevant answers · Too wide a range of answers Data capture methods that a company could use for entering the data collected on the questionnaires· Optical Mark Recognition · Keyboard Entry/ key-to-disk · Optical Character Recognition/scanning into a word processing program · Pointer (Mouse acceptable) for Radio button/check box · Touch Screen · Voice Input · Bar code scanning/recognition (needs to be for form identification, not · numeric codes) Methods of presenting the information produced from a questionnaire to a group of managers· OHP/Presentation (1) plus description/example/expansion (1) · Report (1) plus description/example/expansion (1) · Eg. Using reports which summarise the largest number of opinions. These reports could include illustrative presentation, such as graphs and charts.í · (Series of) graphs/charts (NOT a single graph/chart) Data capture method for a 'free text' response/open question on a market research questionnaire· Keyboard entry/Keying/Typing · Optical Character Recognition · Voice Recognition methods that could be used to ensure accurate data entry on a 'free text' response· Double-entry verification (1), where a second person overtypes the first entry(1); · Sight/spell verification (1) to check OCR has correctly translated the input text (1) · Sight verification (1) check back with original document (1) Data capture method that would be suitable for a closed question/'crossed or circled response' question· Optical Mark Recognition · Optical character recognition (if not used in (a) i) · Mouse-click methods that could be used to ensure accurate data entry on a closed question/ 'crossed or circled response' question
Output format to use when summarising free text responses· summary of comments/report with management summary (1), · most frequent comments highlighted/because management do not need to see every detail (1)
Output format to use when summarising closed questions/ 'crossed or circled response' question· Graphs/charts/numerical summary (1), because it is easy to see bulky results (1) The reason why a market research company would use an ICT system to process responses· process large number · results received faster · displayed suitably/easier to read · reduce errors/better accuracy · could combine with other internal or external data
Examples of INTERNAL information requirements including information on: who needs the information; what information they require; what it is to be used for.· 1 for who (w), 1 for what info (i), 1 for use (u). · A supermarket fresh produce department manager (w), needs information about current stock levels on the shelf (i), so they can decide what needs stocking up and ultimately reordering from the warehouse (u) · A pastoral tutor in a college (w), needs up-to-date grades and attendance records (i), to use in a one-to-one progress review with their tutee (u) · The accountant at a hotel (w) needs to see what bookings have been made (i) so that they can predict revenue expected (u) Examples of EXTERNAL information requirements including information on: who needs the information; what information they require; what it is to be used for.· The inland revenue (w) receives lists of tax paid from payroll systems (i) so they can work out if any tax has been under or overpaid (u) · Suppliers (w) receive automatic ordering information from customer stock control systems (i) so that they can fill the orders and satisfy their customersí requirements (u) · Examination boards (w) receive lists of candidate names and subjects from school exam control systems (i) so that they can administer their examination entry and result systems more efficiently (u) · Shareholders (w) who want to see details of profit & loss (i) so they can decide whether to sell or buy more shares (u) · Parents (w) who like to see performance statistics for the school (i) to decide whether or not to send their child there(u) Level of information needed by: 1- a supermarket stock-checker; 2- the manager of the fresh food department in one store; 3 - the company executive officer, based at head office.Supermarket stock-checker;· Operational The manager of the fresh food department in one store;· Tactical The company executive officer, based at head office.· Strategic
Examples of outputs, with a typical item of data that the output may contain, and how the output may be used, for different members of staff at a supermarket:· 1 for naming a suitable output/method of output(o), · (These can be generic e.g. list/printout/VD U) · 1 for giving an item of content(c), · 1 for stating its use(u)
Supermarket customer;· Till receipt (o) shopping items bought, prices, total cost, (c), used to check shopping against receipt/check prices/check new loyalty card points/use to get refund/see how much youíve spent (u) · Or. Touch screen display (o) showing stock levels of particular items/special offers/loyalty card balance (c), used for deciding what to buy/see whatís on special (u) Supermarket stock-checker;· Stock list (o) showing item description/quantities/size/price (c) so that they can be certain the correct goods are picked up from the warehouse and go on the shelves/so they can see what needs reordering (u) Manager of the fresh food department in one store;· Fresh goods sales list/stock position list (o) showing quantities sold (in a period), wastage, and costs (c), used for deciding whether to order more/less of item (u) Company executive officer, based at head office;· must have feel for strategic level/overview · Sales summary (o) showing total goods sold by department/store/region (possibly graphically) (c), used for making long-term decisions for the company (u)
Why the information used by the stock-checker is not appropriate for the company executive officer (CEO)· Stock-checker uses - · in detail/tabular listing(1) · operational/day-to-day level info(1) · immediate use information( 1) · CEO uses · summary/graphs & totals(1) · strategic level(1) · historical for future use/long-term decisions(1)
Applications where the use of barcodes for data capture has had an impact, with advantages of that use· Any 2 applications, · 1 for naming the application/area (a), · 1 for where the barcode is (b), · 1 for how the data gets into the system (c), and · 1 for stating the advantage of using them (d) · 2 x (4,3,2,1,0)
· Airport baggage handling - paper handles are attached to luggage with bar codes for destination and changeover airports, scanners route luggage to correct loading bay - impact is that now process much faster as baggage handlers do not have to read labels (scanners above the conveyor belt)/ can tell customer quickly where luggage is, if lost/ general speeding up of all processes at airport. · Parcel delivery - attach bar code to package/letter, also on input sheet, customer can track parcel round the world, often on the internet through satellite tracking systems, portable scanners used on delivery - impact is more security, know where package is in transit, faster working at post office/parcel collection, just 'peel and stick' · Any organisation using very large amounts of paper/bills egg Inland revenue or Electricity boards, bar coded forms/bills, allow office staff to call up correct customer details, can track progress of the form from issue through receipt - impact is more security (can deny access if no bar code) and more accuracy, more throughput. · Lottery ticketing - system generates the bar code on printing of ticket, indicates where bought, it is used to check for winners by putting it back in same machine on different mode - impact is very quick throughput and safer from fraud than anything manually typed/keyed. · Manufacturing systems - bar codes on components, can be identified and tracked through the warehouse, coordinate the right parts for delivery to the assembly line - impact, save time looking for items in an automated environment. · Hospital patients/new baby systems - patients/new born babies are tagged so that no mix-ups can occur, vital information recorded at the same time, check baby not given to wrong mum/correct operation or check correct procedure is carried out - impact less mistakes/less lawsuits! · Borrowing systems - both item (book/video etc) and borrower card can use bar codes to identify, scanners read the information and record the loan, can be used to return the item - impact, accuracy, consistency, throughput. · EPOS system - bar codes on each item, scanned either at checkout using flatbed scanner, or by smaller hand-held scanner, can provide description and item price to save manual keying in of price. · Stock Control - bar codes on each item, scanned either at checkout using flatbed scanner, or by smaller hand-held scanner, can automatically update stock levels in system · Sales information/forecasting - bar code on each item have been scanned in at checkout/till, information and reports provided for tactical/strategic management, automatically. · Examination administration systems - entry forms have bar codes produced at board, filled in by schools/colleges, scanned in at board, accuracy/faster processing etc as advantages · Any other reasoned and probable system where bar codes would or could be used.
Ways of collecting data for an ICT based display system. The new system will give patients general information about the different surgery and clinic times, and who is on duty.· 1 for collection method (M), 1 for description (D). Any 2 x (2,1,0) · Low tech: paper based pro-forma (1) given to main reception by a set time each day (1) to form a batch of messages for the display (1) · High tech: template on the network is completed (1) by a set time each day (1) or sent by e-mail to message e-mail address (1) · Medium tech: Pro-forma (1) on a disk (1) given to reception by a set time (1) 4 marks
How an ICT based display system could be used to display urgent messages, and the safeguards which should be present to prevent the misuse of this feature.How the feature could be used· e.g. Sudden delay/increase in waiting times · or urgent contact from one of the clinics for a particular patient, especially if a patient is deaf · in case of fire (one button input) Safeguard· nominated person/user from each area (1) to send message for display (1) · procedures (1) that all staff know to use (1) · automated logoff (1) to prevent other user using receptionist PC (1) · NOT password
Differences between the information needed by sales personnel in their day-to-day work, and by shareholders reading the annual report.· 2 marks per point, max 2 points - 2 × (2,1,0) · Level (operational/strategic) · Timing (current/historical) · Frequency (short/long-term) · Use · Type 13.5 The Management of ChangeChanges that may occur when an organisation introduces a new information system, and how these affect employees· the job may change · may mean a need for re‑ training/re-skilling · employment conditions may change (contract changes) · may have to move house · employment patterns may change · May mean working shifts round the clock · internal procedures (Security procedure, Data processing/handling routes, Communication paths Or Staff vetting) may change · may mean interfacing with unfamiliar people · change in structure (job losses, delayering, or job gains) · may mean job losses/ fear of redundancy · changes in management · may mean different communication methods
Areas that will change and need effective management following the introduction or development of an information system / factors that will need to be managed to ensure a smooth period of change.1 for area (a), 1 for description/example/expansion · Staffing · Keeping current employees involved · Attitude of existing employees · resistance to change/ de-motivation if fear redundancy/ making sure they are consulted/well informed (1) · Organisational structure · may flatten as a result/close (or open) departments/ increase or decrease in no. of staff (1) · Employment work pattern · staff move around/get retrained/longer(shorter) hours/shift work required (e.g. Call centre 24-hour operation) (1) · Employee work conditions · staff move around/get re-trained · Internal procedures (or any example of such) · new working practices · Re-skilling (of existing employees) · assess training needs/ have to take on specialist staff. eg security policy/codes of practice/backup/disaster recovery/interface with suppliers or customers/legislation issues (1)
13.6 Legal AspectsDefinition of the term 'Risk Analysis'Risk analysis is the idea of · identifying each element of an information system (1) · placing a value to the business/organisation on that element (1) · identifying any potential threats to that element (1) · and the likelihood of the threat occurring (1) · putting a value against each (1) · calculating an overall Risk figure (1) · making a contingency/disaster recovery plan based on the result (1) Threats to an ICT system, and countermeasures for each one· 1 for threat(t), 1 for counter-measure(c), 1 for description of why/how it would counteract the threat(e). · Threat · Counter measure · Example/expansion · Natural disaster. e.g. flood, earthquake · backup kept off-site; · hardware kept above · flood-line; · so that a safe copy is held and system can be reloaded; · Electrical surge/power loss · UPS/ RAID/ off-site duplication/ Mirror · as above · Physical . e.g. theft · use locks etc · prevent easy entry · Personnel . e.g. accidental overwrite · have procedures · trained staff less likely to make mistakes · Hardware . e.g. disk crash · have duplicate system/ hot site arrangment · so that system can be up and running a.s.a.p · Communications breach . e.g. hacking in · firewalls, encryption, passwords · to lessen ability to see/steal/tamper with data · Virus . e.g. Trojan · anti-virus software · to stop files getting infected · Data errors, inaccurate data in system · verification and validation · pick up data errors before they get into the system Criteria that an organisation should consider when choosing a suitable disaster recovery plan/contingency plan..· Scale of the organisation and its ICT systems/Volume of data/Size of the system · Nature of the operation / The importance of data held · Timescale until the system is up and running · Costs of recovery options relative to 'value' of systems · Perceived likelihood of disaster happening, based on risk analysis The methods an organisation could use to inform all its staff of a new Code of Practice, and how it would be effective/how it would work
Procedures that appear in an Information Systems Security Policy, and how each one is used to protect systems and data· 1 for procedure (p), 1 for expansion/example (e) to 3x(2, 1,0) · User Ids & Passwords - keeping them safe (p), + e · Having access levels for staff (p) + e · Logging off computers when not in use (p) + e · Having a backup and recovery plan (p) + (e) · Having anti-virus software that automatically runs (p) + (e) · Having a firewall (p) + (e) · Encrypting data or emails being sent (p) + (e) · Physical security (e.g. swipe cards/door locks) (p) + (e) · Education & awareness of staff (p) + (e) Legislation that should be considered when writing an Information System Security Policy· Data Protection Act · Computer Misuse Act · Freedom of Information Act Factors that should be considered when writing an Information System Security Policy.· prevention of misuse/protection against misuse/prevent unauthorised access (F); allow any sensible prevention example e.g. physical, anti-hacking etc (NOT vetting of staff) · detection of misuse; e.g. finding an anomaly/discrepancy by regular checking · investigation of misuse; e.g. by using monitoring software, audit trail etc · procedures for keeping data safe e.g. data backup, file passwords etc · staff responsibilities e.g. network manager monitors; · disciplinary procedures · responsibilities for backup procedure Methods by which a company can ensure that the requirements of Data Protection legislation are followed
· Having a departmental data protection officer (w) whose job is to make sure all employees follow procedures/ makes sure that the organisation is following the legislation (h) · Having detailed job descriptions (w) so that all employees know what they should and should not be doing with personal data (h) · Having procedures to follow up anomalies/error handling (w) to make sure that data held is accurate and reliable in accordance with the legislation (h) · Having a strict code of practice for employees (w) e.g. re personal databases/ software etc (h) · Educating staff (w) e.g. by having regular briefing sessions for new employees and for all employees whenever procedures or the law change (h) · Network activity logging (w) to monitor who is accessing data (h) · Having Disciplinary Procedures (w) so that the organisation can take steps when there has been unauthorised access to data (h) · Having procedures for data collection & storage (w) to ensure only relevant and accurate data/ for purpose intended/ with subject consent (h) · Having procedures for checking data held (w) to ensure data is up‑to-date/still accurate/still needed (h) · Having procedures for data access/viewing (w) staff access levels/ subject access/ transferring to other countries/ selling information on (h) · Having procedures to prevent unauthorised access to data (security) (w) e.g. using password/ physical means/ logins/ firewalls/ encryption (h) · Having a procedure for informing the Information Commissioner (Data Protection Registrar) (w) about what data is held and for what purpose (h)
Methods of enforcing and controlling health and safety legislation within an organisation· Have a Health and Safety officer · Regular inspections of work stations against Health and Safety criteria (electrical equipment, VDU emissions etc) · Regular inspections of work stations against ergonomic criteria (seat positioning, wrist supports, sight levels etc) · Staff training re H&S legislation when working with computers and especially VDUs. · thorough testing of software · Procedures for ensuring faulty equipment replaced in a timely manner. · Written procedures/memos/posters advising good Health and Safety · practice ·
How a college with 200 computers, but a license for 40 copies of a piece of software, would installing the package to ensure that it does not break the licence agreement· Installing the software directly onto 40 computers (1), so that no more copies are available (1) · Installing the software onto a network server (1) and using software controls to limit the usage (1) Actions that the college could take to control the installation of unauthorised software on the college network.· Regular audits/monitoring (a) of software on all computers/network (e) · do not give a mark for 'audit' or 'audit trail' unless it also mentions 'software' or 'licence' · Establish levels of access (a) so only authorised people can install software · (e) · Appoint a software/network manager (a) who is responsible for all software licensing matters (e) · Monitoring of internet usage(a) checking for illegal downloading (e) · Code of practice for college network users (a) then any 1 of · Not allowed to install unauthorised/unlicensed software · Not allowed to copy software for home/unlicensed use · Disciplinary Procedures (e) · Virus scanning (a) of any externally used disk (e) · Disabling floppy/CD/USB drives (a) so users cannot load unauthorised software (e) · Reinstall all software when each computer is rebooted (a) so that any illegally installed software is erased (e)
Items of data that would appear in a company's stock control system and could be used in the audit of the system· Items of data - (any 2 x 1) · User ID/User Name/ · Function reference · Date & Time (Must have both) · Item Code/Stock code/Product code/Item of stock/(NOT name/description) · Quantity/No of items/Amount · How used (any 1) · to identify the ups and downs of stock usage/able to know when reorder level reached · to reconcile stock levels during a stock take · to identify who accessed the data, when and what for. Items of data that would appear in a company's network security system and could be used in the audit of the system· (b) Items of data ń ( any 2 x 1) · Logon ID/User ID/Name/ · Terminal ID/I.P.address/ · Date & Time (Must have both) · Length of connections/Time spent logged on · Number of login attempts · Applications accessed · Data or Files accessed · CPU usage · Storage usage · How used (any 1) · to identify who was connected, when, where and for how long ń for · security control purpose s/ to monitor for malpractice (allow · hacking) · what system resources were accessed and used, for accounting · purposes in a company that has internal accounting systems
Principles of the current Data Protection Act· any 4 'Data must be... · fairly and lawfully processed; · processed for limited purposes; · adequate, relevant and not excessive; · accurate; · not kept longer than necessary; · processed in accordance with the data subject's rights/data is not passed on without permission; · secure; · not transferred to countries without adequate protection.
Measures a doctor's practice could take to show that their records were accurate.· 1 for factor (F), 1 for description/example (E) - max. 4 × (2,1,0) · prevention of misuse/protection against misuse/prevent unauthorised access (F); allow any sensible prevention example e.g. physical, anti-hacking etc (NOT vetting of staff) · detection of misuse; e.g. finding an anomaly/discrepancy by regular checking · investigation of misuse; e.g. by using monitoring software, audit trail etc · procedures for keeping data safe e.g. data backup, file passwords etc · staff responsibilities e.g. network manager monitors; · disciplinary procedures responsibilities for backup procedure ·
By using an audit trail (1) to show what was amended and by whom/when (1) 13.7 User SupportMethods of making sure that staff in an organisation are aware of the company's policies· Formal staff meeting (m) so that everyone has the awareness at the same time (s) · internal course(s) (m) so that all attend and are made aware (s) · Meeting/course that supervisors attend, formal waterfall information sessions (m) this will not disrupt too many people at once (s) · CD or Video that explains new policy (m), people can study at a time convenient for them (s) · Handouts of policy/ Leaflet/Pamphlet/Handbook/Report (m), so each member of staff has one to refer to (s) · Email to all staff (m) this ensure that all staff have the information available (s) · As part of company induction, include security policy for reading (m) so that people are aware from the start (s) · Have a session with IT security manager (m) so that questions can be asked from the most able person (s) · Assign a mentor to check awareness and understanding (m) this enables the employee to ask questions for clarification (s) · Bulletin board/Intranet (m) that is regularly checked and used by staff in the organisation (s) · Home page on Intranet/central information store - so that when the user logs in, the information comes up automatically · Posters (on noticeboards/wall) - that are near the main entrance or in the dining hall, and more likely to be seen and read by staff
How to make a new member of staff aware of the company's security policy· Handout (report/pamphlet/handbook/leaflet) about security policy for reading (1); · Have a session with IT security manager/other member of staff (1); · CD or Video (1). · Include in code of practice/code of conduct/acceptable use policy · NOT posters/notice boards/newsletters Ways in which support may be provided for users of ICT systems.
User support options that a software house could offer its potential customers· Help Desk/phone line (Call centre) open hours of business (1), a package expert to guide/help (1) · Call out support service (1) where technician is available to come on-site to provide specific support (1) · On-site technical support (1), for first few weeks/months of new installation/to be on-hand (1) · User guides for the package (hard OR soft copy) (1), people can work at own pace/have instructions at side/look it up for themselves (1) · Communications systems/bulletin boards/specific internet site/email updates/on-line package user groups (1), more able users can help themselves (1) · On-line technical help to package supplier(1) use of the internet to get queries solved by a package expert/via email (1) · On-screen help(1) installed with package/wizards to help solve problems (1)
Methods of providing staff at different levels in an organisation with instructions and help in the use of this package, with reasons/justifications
· Company management - e.g. (Paper) manual (1) holding directions for using the reports from the package with samples (1) useful to help them understand which report will aid decision-making (1); also allow information sessions and others.. · Call-centre staff/mobile salesmen - e.g. On-screen/on-line help(1) to help solve problems with data entry (1), easy to pop up on-screen whilst on the phone(1); e.g. CD-ROM (1) holding user guide for data entry (1) can carry round, don't have to be connected to network/pick up latest version from office/any reasonable justification (1); also allow information sessions, phone help and others. · Customers who apply on-line - Detailed non-technical on-line user guide/simple on-screen instructions (1) with FAQs and step-by-step instructions for the functions that are available/showing examples of output documentation with explanations /able to be printed off for reference (1), needs simple explanations to all aspects, including what to put in each field. (1)
Ways in which training may be provided for users of ICT systems.
Methods of providing training in the use of software
· 1 for Name(N), 1 for example(E) and 1 for justification(J) · Classroom training course (off-site) · CBT · model office training(on-site 'classroom') · pre-release version training, at user's premises · involvement with user testing, at supplier's premises · skills-based training for IT illiterates · on-the-job training · on-line tutorial · internet-based training · user training manual (NOT user guide) · video/interactive video
· Sample answers might be: · Classroom training, off the premises for a group of managers, because they won't get disturbed by day-to-day office interruptions. · User training manual (accept book) with step-by-step instructions, used generally for individual learning, it can be read for review even if the machine is not available. (often expressed as "read at home") · CBT, available to be used by individuals as they are required to learn a package, means that everyone gets the same/standard training Means of providing the training material, and give an advantage of each.· 1 for method, 1 for advantage - max. 2 × (2,1,0) · advantage must be viable in context and is dependant on the method (i.e. no single marks for advantage) · CBT (allow CD-Rom or DVD-Rom)/course on intranet/delivered through network; adv. e.g. Study at own pace · Video/interactive video adv. e.g. can be rewound · On-line tutorial · Self-study/step through guides · Formal external course adv. e.g. tutor present to help or answer questions
Factors that need to be taken into account when planning training.· 1 for factor (F), 1 for explanation/example (in context) (E) · Level of detail for level of user/type of use of training e.g. skill-based or task-based · Staff familiarisation with hard/software · Staff IT literacy · Strategy for new staff
13.8 Project Management and Effective ICT TeamsTasks that a team leader should perform to help a team achieve success· 1 for task (t) and 1 for expansion/example (e) to any 3 x (2,1,0) · allocating the right task to the right team member (t) + e · controlling any changes requested (t) + e · controlling costs of the project (t) + e · Ensuring everyone sticks to the time scales (t) + e · making sure that good communication is maintained (t) + e · keeping the management/users informed of team progress (t) + (e) · motivating the team/keeping up team morale (t) + (e) Why are ICT projects often sub-divided into tasks and allocated to teams· broken into more manageable sub-projects (1) · within smaller managed (1) teams · with a balance of skills//allocating ICT task to correct ICT team (1) · that would make the project easier to control (1) · and testing more manageable (1) · can run sub-projects simultaneously (1) · doing this would bring down the elapsed timescale (1) The need for 'clear timescales'· so that the project can be monitored (1) · using stage end dates/deadlines that are achievable (1) · that both parties have agreed to (1) · so that the project is completed on time (1)
The need for 'approval to proceed'· to ensure the user is satisfied with work to date/there are no errors in the system (1) · by getting sign off for a stage from the user/management (1) giving the go-ahead for the project to continue (without errors) (1)
The need for 'agreed deliverables'· so that the users' requirements are met. (1) · .with documents as proof,. (1) · .with agreed content. (1) · .and produced to agreed standards (1)
Characteristics of an good and effective ICT team· Leadership (c) as appropriate management and project control will encourage(motivate) the team to work together /in an organised manner/effectively/ will ensure deadlines are met(e) · Appropriate allocation of tasks (c), so that each team member is asked to work to their strengths/will ensure each task is completed in the best way possible (e) · Adherence to standards (c), so that anyone would be able to continue the work in an emergency/others to do with professional or methodical ways of working e.g. appropriate documentation is produced and kept up-to-date/as by following set procedures the team will ensure that nothing is missed by mistake (e) · Monitoring of progress (c), to ensure that the project completes to schedule/to ensure that the work has not been underestimated/ to ensure that each team member is working at the appropriate pace/to ensure that all team members are doing what they are supposed to do to the right level of effectiveness (e) · Monitoring of costs (c), to ensure that money has not been misused/ to keep within the customer's budget/ to be able to report back to customer (e) · Control (over change) (c), to make sure that the project is delivering only what is required/ to allow for change to be incorporated or left to a later phase/ to ensure the project is delivered to original schedule (e) · Balance of team (c) People from many departments work together effectively/e.g. programmers, analysts, users and Ö work together (e) · Good communication skills (c) Someone/people who are able to communicate well with people outside the team/they have clear internal communication (e) n.b. communication skills only given once
13.9 Information and the ProfessionalDefinition of the term 'ICT Code of Practice'· A set of rules/regulations which governs the use of ICT systems. (1) · NOT guidelines · .established by an organisation. (1) · .for all employees/users to follow. (1) · The code may refer to the responsibilities of employees, (1) · .and penalties for misdemeanours (1) · The Code of Practice is separate from any legal or ethical considerations (1)
The reason why a code of practice is requiredIt has procedures and rules over and above any legal requirements/ it sets acceptable boundaries (1), so that disciplinary action can be taken (1) Topics/'elements' that should be covered in an ICT Code of Practice (make sure when you answer this question, you relate it to the context - company/school/charity etc)
Social, moral and ethical issues that could affect an ICT professional1 for issue (i), 1 for description/example/expansion (e) · De-skilling of employees (i) e.g. taking decision-making tasks off staff and changing their jobs to recipient of results or information (e) · Flexibility of workforce (i) e.g. introduction of on-line ordering or enquiry systems mean that the working day is extended, so staff may have to go onto shifts. (e) · Hacking into unauthorised areas (i) for malicious/mischievous purposes (e) · Un-licensed software use (i) e.g. bringing software into work/copying for home use (e) · Privacy of data (i) e.g. disclosing sensitive data to unauthorised people (e) · Security/accessibility (i) making sure that data and information are seen only by authorised people/setting passwords or physical security or access levels (e) · Property & copyright (i) not illegally copying someoneís work and claiming it as your own (e) · Abiding by legislation (i) and making sure that others around you do so too (e) · Need to follow a Code of Practice/Conduct (i) which will cover staff procedures and outline consequences if rules are broken (e) · Introduction of virus/logic bombs (i) which could damage data within that organisation (e) · Provision of a safe working environment for ICT users/workers (i) in line with ergonomic and health and safety criteria (e) · Use of company internet/intranet/email for non-company business there may be consequences if get caught on inappropriate sites · Blurring of work/home life (i) if using ICT to work remotely (e)
Social, moral and ethical issues for a professional working within the industry that might arise when introducing and using information and communication systems· This answer should be in continuous prose - question is Discuss. · Points made must be expanded to get a single mark. · Expansion must be descriptive or by use of a pertinent example, · using both will get a second mark for that point made.
· De-skilling of employees, e.g. taking decision-making tasks off staff and changing their jobs to recipient of results or information · Flexibility of workforce, e.g. introduction of on-line ordering or enquiry systems mean that the working day is extended, so staff may have to go onto shifts. · Hacking · Un-licensed software use · Privacy of data · Security/accessibility · Property & copyright · Abiding by legislation · Need for a Code of Practice/Conduct · Introduction of virus/logic bombs · Provision of a safe working environment for ICT
users/workers Essay QuestionsSPG marking criteria for the essayContinuous prose is expected for essay answers. Discuss is the question, so each point made must be full, not just a single word/phrase. A full explanation/description gets an extension mark (Oe, Fe or Pe) no more than 6 marks awarded in each section to a maximum of 16 content marks.
ESSAY - Ways of providing on-going and initial user support to staff of a supermarket who fall into the following categories: 1. part-time store staff; 2. full-time store staff; 3. warehouse and home delivery staff; 4. head office staff; 5. managers at all levels.· Continuous prose is expected for this answer. · you can gain a second mark on a point made for discussing it or expanding on it. · A list of training options or support options will only gain one mark (per point?) · Overall, one option or method must be fully explained/described/discussed to get one mark. They do not get a mark just for naming the method or option. The essay could be structured in more than one way: 1. The discussion of support/training options, then recommendations made i. i.e explain the support and training options first, then have a couple of short paragraphs explaining who would use which option 2. By people a. ie. Go through each category of staff, and explain what training and support options they would need. Support options· Help Desk/phone line · On-site technical support · User guides/articles/utilities/books · Communications systems/bulletin boards/internet site/email updates, · On-line technical help · On-screen help · Peer or supervisor/managerial support · System Developer support · Help desk software/expert system/knowledge base Training methods· On-line tutorials/internet · Step through guide/user training manual (NOT text-book) · Training course (internal or external) · CBT - computer based training · Video · One-to-one (on the job) training · model office training(On-site classroom) · pre-release version training, at user's premises · involvement with user testing, at supplier's premises · skills-based training where appropriate · task-based training where appropriate · training cascade
ESSAY - SDLC & Project Management and ICT teamsWhen an organisation develops a large information system several teams may be used. Discuss how ICT development proj ects should be organised to ensure successful outcomes, paying particular attention to the following topics:
The quality of written communication will be assessed in your answer
Organisation and use of ICT teams· Projects sub-divided into tasks (and allocated to teams) (o) · Small 4-6 people teams making up a full project team (o), so that the number of people for the team leader to control does not become unmanageable (oe) · Each team one specialism (e.g. testers, designers) (o), often a mixture of trainees through to highly experienced specialists/ allows development of less experienced team members (oe) · Or each team analysis to design of one functional area (o) so that there is a feeling of achievement when the function is completed (oe) · Each team own team leader (o) reporting to Project manager (oe) · Each team own plan (o) with own set of tasks (oe) · Teams can work in parallel (o) to lessen elapsed(overall) time/bring deadline forward (oe) Characteristics of ICT teams· Leadership; seniority to task (c) understanding, ability to hold team together/control team (ce) · Balance of team members (c) business/system/operational/technical (ce). · Appropriate allocation to task (c) play to strengths of team member, viewing whole(ce) · Adherence to agreed standards (c) using agreed design methodology or procedures (e.g. ISO9000/2000, CMM) (ce) · Skills to monitor and control (c) progress against plan/ keeping to deadlines /recording progress etc (ce) · Skills to adequately and systematically monitor and control costs (c) · Good communication skills; with end users/company management (c) · Good internal/within team communication skills (c) Use of formal Methods for development of IS· Systems development life cycle (m) plus description/expansion of stages (e) (only 1 expansion mark even if all stages are well described) · Structured methods (m) plus example (spiral, dsdm, ssadm etc) (me) · Prototyping (m) to show users quicly what the system could be (me) · Clear timescales (m) so that milestones are set/agreed / project will finish on time (me) · Agreed deliverables (m) e.g. system documentation, tested programs etc/ so that user knows what they are getting (me) · Approval to proceed (m) when users sign-off/ at end of stage (me) · Project/stage review meetings (m) with system commissioners/to get sign off (me) · Team/progress meetings (m) internal ń against project plan at task level (me) ESSAY - A long-standing national chain of shoe shops has built up its information systems one at a time, and without an overall plan. It is now having difficulty in getting these systems to work together effectively and has therefore decided to create a Corporate Information Systems Strategy. Discuss the influence of the following factors when planning a Corporate Information Systems Strategy: 1. the structure of the organisation; 2. information flow around the organisation; 3. personnel in the organisation.How the structure of the organisation influences the Corporate Information Systems Strategy· Organisational shape (hierarchical, flat etc) · Functions in the organisation · Organisational size (single site/national/international) · Centralised/Distributed management · Levels of personnel or task · Different levels need different tasks · Business objectives How the information flow around the organisation influences the Corporate Information Systems Strategy· Formal methods · Informal methods · Planning and decision making methods · Examples of information flow · Effects of legislation on flow How the personnel in the organisation influences the Corporate Information Systems Strategy· Behavioural factors · Attitudes/personalities · Motivation/leaders · Working in teams · Ability to adapt to change · Skills of staff (Training needs) · Levels of personnel (can be given here as an alternative to O) ESSAY - IS and Organisations' - 'Information systems are the life-blood of any organisation' Discuss this statement with the aid of examples. Include in your discussion: 1. the rule and relevance of an information system to aid decision making;2. the development and life-cycle of an information system; 3. factors which lead to the success or failure of an information system.· All points made are single · if well-expanded/described or exampled, can get a second mark. · Maximum of 6 marks in each area ń to max 16 content marks.
Rule and relevance (R)· Difference between data processing system and an information system · Difference between IS and MIS · Where data comes from/ Internal/external sources · Examples of information systems · What used for/ Keeping businesses operational · Who used by/ Managers at all levels · Currency of information · Appropriate formats · Decision making for planning/directing/controlling · Tactical/short-term examples · Strategic/long-term examples Dev Life Cycle (D) (need description of a stage for 1 mark - if just listed, then· 1 for 2 or more stages) · Feasibility study · Requirements/systems analysis · (systems) design · project planning · programming/build · testing · implementation/installation · review and maintenance · Different development methodologies · Success/Failure (S) (need description too) · inadequate analysis or other stage/use of development life cycle methodology · lack of management/end-user involvement in design or testing or development/ good relationships with business managers and end users emphasis on computer system · concentration on low level data processing · lack of management knowledge of ICT and its capabilities/ effective project management methodology being used · inappropriate or excessive management demands/good management communication links · lack of team work/effective teamworking/team leadership/well-balanced teams · lack of standards/ use of standards · lack of training/ adequate training for all staff/users/managers · problems with changeover/ consideration of staff who will be using new system/ having an implementation strategy · documentation (user/technical) ready at the right time
ESSAY - legislation - Organisations that make use of Information Technology, and use ICT systems, have to ensure that they comply with the relevant legislation currently in place. Discuss the implications of complying with such legislation on the operation of an organisation, showing how these may impact on the procedures used by the organisation. Your discussion should cover: 1) data protection legislation; 2) software copyright and licensing legislation; 3) computer misuse legislation; 4) health and safety legislation.Marking criteria· MAXIMUM 16 marks for content (20 available) and 4 for Quality of Written Communication · general as G · DPA as D · software copyright as S · computer misuse as C · health and safety as H (G) Max 4 marks - 2 for introduction and 2 for conclusion only.· Allow up to two marks for a good general introduction that acknowledges that having to conform to legislation poses restrictions on an organisation. · (Beware: no marks for regurgitation of question as stated.) · Likewise, a good conclusion that makes a valid (non-repetitive) point can gain up to two marks. (D, S, C, H) Under each of the four headings, allow up to 4 marks.· Points made are worth 1, plus an expansion or example mark, if deserved, for: · Description of the legislation (e.g. what it covers); expansion mark here · must have 1 or more of the 'contents' e.g. "DPA is about protection of personal data (1), there are eight principles - for instance Personal Data must be gathered fairly and lawfully (1)" · Reasoned implication (e.g. extra security); only accept cost implications if explained properly · Impact on procedures (e.g. having a code of practice to set out rules, appointing a health and safety officer, installing monitoring software
ESSAY - Information and the professional - The expansion of e-business using the Internet in the past few years has led to more businesses including this medium for their operations. In the absence of a regulatory body to police the Internet, the ICT and computing industry must regulate itself. Using specific examples, discuss this statement. Include in your discussion: 1) why regulation might be required; 2) the issues in devising regulation across a world-wide medium; 3) the potential problems in enforcing regulation.· Identify points from each area · Why regulation (R); · Issues in devising. (I); · Potential problems (P). · 5 marks max under each area to a maximum of 12, as there are up to 5 marks specifically for examples (E) Why regulation is required (R)· Hacking · Un-licensed software use · Privacy of data · Security/accessibility · Accuracy of data · Property & copyright · Protection of the user · Increase in size/accessibility, or ease of use of Internet software Issues in Devising regulations (I)· Different countries have different laws and standards · Different countries have different cultures/acceptable content depends on local custom · Technical issues · Difficulty in agreeing a code of practice/one size fits all strategy · Difficulty in introducing world wide/ implementation issues · No-one "owns" the Internet, so who has authority? Potential problems with regulation (P)· Scale of the Internet - so many sites to cover · Site based in country A where content is legal can be accessed in country B where it is not · Not all countries can afford to implement regulations · Professional hackers will always be willing to flout any regulations · Hard to prevent fraud or false businesses being set up · Finding/funding an incorruptible "policing" authority · Identifying and prosecuting the culprits/law breakers · Hard to enforce regulations/time consuming/requires regular checking Good example (E) that makes a valid point gets a mark,
but make sure not repetitive. ESSAY - Information and Data - Puregreens, a retailer of organic vegetables, have recently launched a marketing web site. The e-mail response from the "contact us" button has been overwhelming, so they are thinking of expanding into selling on-line. Discuss the implications of this, paying particular attention to the following: 1) methods of data capture that will be available for on-line or off-line payment; 2) the control and audit issues associated with this method of selling; 3) the information needs of the management of this system; 4) the additional information that might be generated.· Continuous prose is expected for this answer. · Discuss is the question, so each point made must be full, not just a single word/phrase. · Mark as M, C and I or A for four bullets - no more than the given marks awarded in each section Methods (M) - max 4 - could be· Filling in credit/debit card details on-line and submitting the payment · Printing a form for off-line filling in, either by word processor or by hand or .pdf; submitting by e-mail, or by non-electronic means (i.e. post with a cheque) Control and audit (C) - max 6· Ask for pre-shopping registration - e-mail back access codes · Confirm order to e-mail address (insist e-mail address provided, check exists) · Use of credit checking agencies · Use of electronic payment, normally specialist applications/services - get authorisation before dispatching goods · Basic cross-field validation - e.g. checking address is correct for post-code; restricting values in fields · Keeping customer details secure and protected during communication (S SL or equivalent) · Holding previous orders and/or payment details, making easy to re-order same (like Tesco) · Adherence to Data Protection Legislation e.g. not passing data on unless the customer has given permission Information needs (I) - max 4· Different levels of information (Strategic, tactical and operational) · Source · Frequency · (gathering) customer info, demographics, spending habits/patterns and so on Information generated (A) - max 5· targeted market research/opinion, also targeted advertising/special offers to generate more sales · food, seasonal, supply and demand issues (no point stocking up on certain items out of season if no/little demand - esp. as most is produce with short shelf life) · importance of having up-to-date information of use for .
ESSAY - multiple sections - New information and communication technologies are frequently introduced into companies as a result of outdated existing systems, market pressure, new legislation and other factors. Companies have to adapt quickly, or face going out of business. Discuss the factors that need to be considered to manage such changes successfully within an organisation. Particular attention should be given to: 1) organisation structure and information needs; 2) management and staffing issues; 3) internal procedures, external procedures and the customer interface. Illustrate your answer with specific examples.· Maximum 6 marks in each category; · generally 1 for point, plus 1 for expansion or example, but can give up to 4 single points (but no example mark without point made). · Maximum 16 content marks each marked with a letter as given below. · Organisation structure and information needs [O] · Changing shape of organisational structure (need to mention · hierarchical/flat or jobs created/lost) (be careful not to credit pure business studies answers - changing shape is due to new systems) · Levels of information pertinent to different people/Operational, Tactical and Strategic · Definition of an MIS, plus reasons · Information strategy in organisation · Information flow · Management /Staffing issues [S] · Team working/Project organisation · Code of practice/code of conduct · Staff attitude/resistance to change · Importance of good communication · Staff training planning/re-skilling · Employment patterns/conditions · Internal and External procedures and interfaces [P] · Changeover methods · Security procedures · H&S policy/procedures · Other internal policy/procedures/guidelines · Coping mechanisms for legislative changes · Management/interface with external sources and sinks
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
