2. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-1 Introduction to Information Technology 2 nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. Chapter 14: Information Systems Development Prepared by: Roberta M. Roth, Ph.D. University of Northern Iowa

3. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-2 Chapter Preview  In this chapter, we will study:  Planning process for IS application development  The process of developing systems as outlined in the SDLC  Alternatives to the SDLC and why they are useful  Ways to obtain applications from outside the organization  Methods that are useful in developing Internet/intranet applications

4. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-3 Information Systems Planning Process IS Development Projects Organization Mission Business Assessment Organization Strategic Plan Current Information Technology Architecture IS Strategic Plan New Information Technology Architecture IS Operational Plan

5. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-4 IS Strategic Plan  Objectives  Align with the organization’s strategic plan  Provide for an IT architecture that enables users, applications, and databases to be seamlessly networked and integrated  Allocate IS development resources efficiently among competing projects, so the projects can be completed on time, within budget, and have required functionality ( NEVER HAPPENS SO DON’T COUNT ON IT )  Issues - efficiency; effectiveness; competitiveness

6. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-5 IS Operational Plan  Mission - the mission of the IS function  IS environment - the summary of the information needs of the functional areas and of the organization as a whole  Objectives - the IS function’s current best estimate of its goals  Constraints - technological, financial, and personnel limitations on the IS function  Long-term systems need - a summary of the processes needed by a company and the IS projects selected to support them and reach organizational goals  Short-range plan - an inventory of current projects, and a detailed plan of projects to be developed or continued during the current year  Information Systems Planning – The process of translating an organizations’ goals into the systems development initiatives

7. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-6  SDLC - the development method used by most organizations today for large, complex systems  Systems Analysts - IS professionals who specialize in analyzing and designing information systems  Software Developers – IS Professionals who develop computer programs  Programmers - IS professionals who modify existing computer programs or write new computer programs to satisfy user requirements  Technical Specialists - experts in a certain type of technology, such as databases or telecommunications, who help create information systems Information Systems Development Terms

8. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-7 The Traditional SDLC (1) Systems Investigation (2) Systems Analysis (3) Systems Design (4) Programming (5) Testing (6) Implementation (7) Operation (8) Maintenance Go Back to a previous Stage or Stop An eight-stage systems development life cycle (SDLC)

9. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-8  System Investigation  Feasibility study determines the probability of success of proposed system’s development project. Includes … Technical feasibility (will we be able to build the system?) Economic feasibility (how much will it cost to build the system and how much will it benefit us?) Behavioral feasibility (if we build the system, will it be accepted and used?)  Systems Analysis  Examines the business problem(s) that the organization plans to solve with information systems  Determines what the new system must do by examining: Strengths and weaknesses of the existing system Functions that the new systems must have to solve the business problem(s) User information requirements for the new system Phases in SDLC

10. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-9  Systems Design  Describes how the system will fulfill the user requirements  Develop both logical design and physical design  Output => technical design or system specification… system outputs, inputs, and user interfaces hardware, software, databases, telecommunications, personnel, and procedures how these components are integrated  Programming  the translation of the design specifications into computer code  structured programming techniques improve the logical flow of the program by decomposing the computer code into modules Phases in SDLC (continued)

11. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-10  Testing  Checks to see if the computer code will produce the expected and desired results under certain conditions  Implementation  The process of converting from the old system to the new system  Four major conversion strategies Parallel conversion : the old and new systems operate simultaneously for a period of time Direct conversion : the old system is cut off and the new systems is turned on at a certain point in time Pilot conversion : introduces the new system in one part of the organization Phased conversion : introduces components of the new system in stages Phases in SDLC (continued)

12. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-11  Operation  the new system will operate for a period of time, until it no longer meets its objectives  Maintenance (simultaneous with Operation)  debugging the programs  updating the system to accommodate changes in business conditions  adding new functionality to the system SDLC Phases

13. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-12  Prototyping  Starts with only a general idea of user requirements, and develops models of the system ‘until it’s right’.  Advantages :  Speeds up the development approach  Gives the users the opportunity to clarify their information requirements  Useful in the development of decision support systems and executive information systems  Helps to enable early detection of logic, UI, & function errors.  Disadvantages :  Replaces the systematic analysis and design stages of the SDLC - quality may be sacrificed  Can result in an excess of iterations Alternatives to the SDLC

14. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-13  Joint Application Design (JAD)  A group-based method for collecting user requirements and creating staged designs  Advantages :  Saves time  Greater support for, and acceptance of new systems  Produces higher quality systems  Easier implementation  Lower training costs  Disadvantages :  Very difficult to get all users to JAD meetings  All the problems that may be caused by any group process Alternatives to the SDLC

15. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-14  Rapid Application Development (RAD)  A method that can combine JAD, prototyping, and integrated CASE tools, to rapidly produce a high-quality system  Advantages :  Active involvement of users in the development process  Speeds the development process  Reduces development costs  Can create applications that are easier to maintain and modify  Disadvantages :  May result in systems with limited functionality and adaptability for change Alternatives to the SDLC

16. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-15  Integrated Computer-Assisted Software Engineering (ICASE) Tools  Automate many of the tasks in the SDLC  Advantages :  Produces systems with a longer effective operational life  Speeds up the development process and result in systems that are more flexible and adaptable to changing business conditions  Results in excellent documentation  Disadvantages :  More expensive to build and maintain initial system  Requires more extensive and accurate definition of user needs and requirements  Difficult to customize and may be difficult to use with existing systems Alternatives to the SDLC

17. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-16  Object-Oriented Development  A fundamentally different view of computer systems  Advantages:  Reduces the complexity of systems development and leads to systems that are easier and quicker to build and maintain by allowing the reuse of existing objects in multiple applications which had been previously developed and debugged.  Improves programmers’ productivity and quality  More flexible  Allows systems analysts to think as users do about the system  Ideal for developing Web applications  Depicts the system in user terms, increasing understanding of what the new system does and how it meets its objectives  Disadvantages  Runs more slowly (REALLY?)  Need to retrain the programmers in OO methodology Alternatives to the SDLC

18. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-17 Development Outside the IS Department  End User Development  Users perform ad hoc programming to solve business problems  Factors that drive the trends toward increased end-user computing and end-user development More powerful, inexpensive desktop hardware Increasingly diverse software capabilities Increasingly computer literate population Backlog of IS projects Apparent cost savings  End-users (usually) don’t produce adequate documentation or perform adequate testing resulting in hidden costs, inability to evaluate functionality of software, & verifying the results  Security may be breached

19. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-18  External Acquisition of Prewritten Software  Factors to consider during make-or-buy decision On-time On-budget Full functionality User acceptance Favorable costs-to-benefits ratio Low maintenance Scalability Integration with other systems Minimal negative cross-impacts Reusability Development Outside the IS Department

20. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-19  Application Service Providers (ASPs)  Software obtained via subscription  Software resides on ASP’s systems  Software is accessed via Web or VPN  Subscriber does not have to host software on existing computer systems  Updates and bug fixes are provided by the ASP  ASP can provide help-desk support Development Outside the IS Department

21. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-20  Outsourcing  Using third parties to provide some or all functions and services of the IT department  IT may not be a core competency of the firm; better to hire outside specialists  Advantages:  Outsourcer can obtain hardware capabilities less expensively due to economies of scale  Outsourcer can hire needed technical staff  Outsourcer specializes in providing computer services  Ability to expense outsourcing fees provides tax benefits Development Outside the IS Department

22. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-21  Outsourcing (continued)  Disadvantages:  Economies of scale may be of limited value  Staffing depends on outsourcers needs, not client’s  Lack of familiarity with business/industry  Contract problems  Internal cost reduction opportunities could eliminate the advantage of outsourcers  Guidelines:  Write short-period contracts or have flexibility since business needs are dynamic  Use of subcontractors should be controlled  Use selective outsourcing only for those functions where it makes sense Development Outside the IS Department

23. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-22 Building Internet & Intranet Applications  Much future development will likely be Web-based due to its relative simplicity and ease of development  SDLC probably not followed due to simplified Web development  A Strategy for Internet/Intranet Development  Identify the objectives for organizational Web site(s) and pages  Include infrastructure requirements as well as security and legal issues in plans  Obtain/assign necessary personnel and provide oversight  Identify and prioritize potential projects

24. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-23 Building Internet & Intranet Applications  JAVA - A Promising Tool  Important programming language for putting extra features into Web pages  An object-oriented language designed for implementation on networks  Includes numerous security features to prevent downloaded programs from damaging files or creating other problems on the receiving computer

25. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-24 Chapter Summary  IS Strategic and Operational Plans derive from the organization’s strategic plan and current IT architecture  The SDLC provides a basic framework for the process of development information system applications  There are several alternatives to the SDLC, including prototyping and RAD  IS applications can also be obtained outside the IS organization, including end user development, package purchases, ASPs, and outsourcing  Development for Internet/intranet applications generally follows prototyping process

26. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-25 Introduction to Information Technology 2 nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. Chapter 15: Implementing IT: Ethics, Impacts, and Security Prepared by: Roberta M. Roth, Ph.D. University of Northern Iowa

27. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-26 Chapter Preview  In this chapter, we will study:  Types of ethical issues that arise in relation to information systems  Impacts that information systems have had on organization, jobs, individuals, and society  Various threats that may damage computer and information systems  Ways to protect computer and information systems from hazards and threats

28. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-27 IT Ethical Issues  Ethics – branch of philosophy that deals with what is considered to be right and wrong  Code of ethics – principles that guide members of an organization to promote fair and responsible use of IS  Types of ethical issues  Privacy – what is collected, stored, and shared about others  Accuracy – what is done to assure authentic and accurate data  Property – who owns intellectual property and how are they compensated for it  Accessibility – who can obtain information

29. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-28 Privacy Issues  Information privacy – the right to determine what information about oneself can be shared with others  Electronic surveillance – computer users ’ actions can be monitored without knowledge both at work and at home  Storage of personal information in databases:  What is stored? How can be we sure it ’ s accurate? Who will it be shared with? How will it be used?

30. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-29 Privacy Issues (continued)  Many organizations are developing and enforcing privacy policies  Internationally, countries vary widely regarding their concerns about privacy. Adds complexity to global commerce.  Generally, an organization should … Only collect data that can be obtained legally and fairly Make sure data is accurate, complete, and kept up to date Know why we are collecting data and be sure there is a reason to have it Make sure data is used just for its intended purpose Safeguard the data to ensure its quality Enable those about whom we store data know what we plan to do with the data and can verify its accuracy

31. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-30 Intellectual Property Issues  Intangible property created by people or organizations, protected by trade secret, patent, and copyright laws  Trade secret – intellectual work - not public  Patent – exclusive rights to invention granted to inventor for 20 years  Copyright – creators of intellectual property granted ownership for their lives plus 50 years. Owners have right to collect fees for use. Software is generally copyrighted.  What are the negative consequences of illegally copying software?  Wide variation in the way different countries protect intellectual property – globalization issue

32. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-31 IT and Organizations  IT has the potential to significantly change organizations.  Structures can be flatter, eliminating middle layers, with broader span of control  More extensive supervision is possible electronically, even for those working remotely  Power shifts are likely as knowledge is captured, stored, and shared.

33. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-32 IT and Jobs  Some jobs will be eliminated, especially intermediaries (e.g., travel agents)  BPR will cause many jobs to be redesigned; more emphasis on computing capabilities  Experience and seniority may become less important in job advancement  Managers ’ approach to decision making may change  Computer-based communication skills may be more in demand

34. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-33 IT and Individuals  Fears of dehumanization and loss of social contact  Increasing workload and demand for computer skills can be threatening  Certain aspects of using computers can be physically damaging  Job stress & Anxiety due to an increase in workload and/or responsibilities  Video display terminals causes concern relating to radiation exposure  Repetitive strain injuries caused by poorly designed work environments

35. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-34 IT and Society  Some will say that IT has improved our quality of life  Improvements for people with disabilities  Improvements in health care system  Improved consumer information  Robots performing in dangerous situations  Improvements in crime fighting  Concern about deepening divide between those with and without IT access  Internet communities provide social contact for people with common interests  Telecommuting adds flexibility for workers and organizations

36. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-35 Security Concerns  Information systems are subject to many threats  Unintentional threats Human error – in design or use of system Environmental hazards – acts of God and other Computer system failures – faulty products  Intentional threats Theft of data Deliberate manipulation in processing of data Destruction from viruses and denial of service (DOS) attacks

37. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-36 Computer Crimes  Computers may be the target of criminal activity or the means by which criminal activity is carried out  Methods of attack:  Data tampering is most common attack on computer systems  Deliberate programming fraud also common Viruses are a highly visible form of programming attack Denial of service attacks target e-commerce web sites

38. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-37 Protecting IT  Individuals and organizations must actively establish protection mechanisms  Prevent and deter damage  Detect errors, attacks, and and unauthorized access before damage is widespread  Limit loss from threat  Plan for recovery in event of attack  Correct system to prevent recurrence

39. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-38 Protecting IT (continued)  General protection strategies:  Physical security of facilities and resources  Control access to system  Protect data from unauthorized access  Application control strategies:  Ensure quality of inputs  Verify quality of processing  Ensure quality and accessibility of outputs

40. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-39 Protecting IT (continued)  Network control strategies:  Control access to network resources  Protect data on network with encryption  Monitor and detect intruders  Protect with firewalls  Verifying quality through audits  Regular evaluation of records and procedures  May be performed by internal and external auditors

41. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-40 Protecting IT (continued)  Disaster Prevention and Recovery Plans  Organizations need to think through how various disasters will be handled  Key people should know exactly what to do in the event of a disaster  Disaster plans should be tested through practice drills  Critical component is back-up procedures  Discipline is needed to ensure that protection plans are implemented (how often do you back up your hard drive?)

42. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-41 Chapter Summary  Information systems pose a number of ethical challenges for businesses and individuals  Information systems have changed organizations, jobs, individual workers, and society  Information systems are vulnerable to a number of hazards  Individuals and organizations must take steps to protect their systems from threats

43. Introduction to Information Technology, 2nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 14-42 Copyright © 2003 John Wiley & Sons, Inc. All rights reserved. Reproduction or translation of this work beyond that permitted in Section 117 of the 1976 United Stated Copyright Act without the express written permission of the copyright owner is unlawful. Request for further information should be addressed to the Permissions Department, John Wiley & Sons, Inc. The purchaser may make back-up copies for his/her own use only and not for distribution or resale. The Publisher assumes no responsibility for errors, omissions, or damages, caused by the use of these programs or from the use of the information herein.