INFORMATION CONCEPTS FOR ORGANIZATION AND MANAGEMENT

Introduction Information Defined Characteristics of Information Information as a Corporate Resource Classification of Information Generating Information Data: An Element of Information Information and Data Methods of Information and Data Collection Data and Information Processing Value of Information Organization and Information

INTRODUCTIONThe English word was apparently derived from the Latin accusative form

“informationem” of the nominative “informatio”. This noun is in its turn derived from the verb “informare” (to inform) in the sense of “to give form to the mind”, “to discipline”, “instruct” or “teach”.

Often information is viewed as a type of input to an organism or designed device. Information is any type of pattern that influences the formation or transformation of other patterns. In this sense, there is no need for a conscious mind to perceive, much less appreciate, the pattern.

Systems theory at times seems to refer to information in this sense, assuming information does not necessarily involve any conscious mind, and patterns circulating (due to feedback) in the system can be called information. In other words, it can be said that information in this sense is something potentially perceived as representation, though not created or presented for that purpose.

Records are a specialized form of information. Essentially, records are information produced consciously or as by-products of business activities or transactions and retained because of their value. Primarily their value is as evidence of the activities of the organization but they may also be retained for their informational value. Sound records management ensures that the integrity of records is preserved for as long as they are required.

INFORMATION DEFINEDThe word ‘information’ is used commonly in our day-to-day working.

Information is an extremely important resource for both individuals and organizations. Davis and Olson define information as “a data that has been processed into a form that is meaningful to the recipient and is of real or perceived value in the current or the prospective actions or decisions of the recipient”. Information generated with a certain purpose for a primary user, may have secondary purposes to some other users in the organization. Information is a product of data processing.

The manager will determine the quality of the information based on the degree of contribution it provides for effective decision making. While data are raw material, information is output. As raw materials are processed in manufacturing for final products, so raw data is processed in information systems to create useful information. Sometimes, data in one context is considered

information in another context. To be useful, information must be relevant, complete, accurate, and current. Partial information is often worse than no information and erroneous information may lead to disastrous decisions.

“Information is interpreted data”

This implies some form of interpretation

Information has some sort of context in which it is placed

This is essentially “meaning attribution”

Information might be meaningful at some time or may be completely irrelevant at another time

Information to one person may not be the same as to another

Information is data interpreted in some meaningful context.

This implies some form of interpretation.

You cannot have information without some people with interests and some context.

Information has a temporal dimension - what might be meaningful at some time may be completely irrelevant at another time and what might be information to one person may not be to another.

In the broadest sense, information is anything that we are capable of perceiving. This includes written and spoken communications, photographs, art, music, or anything that is perceivable. We are essentially minute organisms floating in a sea of information. In MIS, information has a precise meaning and it is different from data. The information has a value in decision making while data does not.

figure

Characteristics of Information

1. Information is interpreted data.

2. Information improves representation of an entity.

3. Information updates the level of knowledge.

4. It has time utility.

5. Information has a surprise value.

6. It is base of knowledge.

7. Information helps in reducing uncertainty.

8. Information is a decision-aiding tool.

9. Important resource for individuals and organizations.

4. Information as a Corporate Resource

Information is an important resource in today’s context. Late 80’s onward, information is being used as strategic resource for competitive advantage. During 50’s it was treated as a necessary evil, and a bureaucratic requirement. It has been used to promote the survival and prosperity of the organization.

5. Classification of Information

Within organizations, information is growing at an alarming rate and looks to continue to do so for the foreseeable future. In a de-parameterized environment this problem is worse. Data is going to be created and utilized by more than just employees, with partners, suppliers, consultants and customers all having a hand on your data.

Classified information is sensitive information to which access is restricted by law or regulation to particular classes of persons. A formal security clearance is required to handle classified documents or access classified data. The clearance process requires a satisfactory background investigation. There are typically several levels of sensitivity, with differing clearance requirements. This sort of hierarchical system of secrecy is used by virtually every national government. The act of assigning the level of sensitivity to data is called data classification.

Some corporations and non-government organizations also assign sensitive information to multiple levels of protection, either from a desire to protect trade secrets, or because of laws and regulations governing various matters such as personal privacy, sealed legal proceedings and the timing of financial information releases.

Ultimately, the classification of information ultimately corresponds to the level of protection afforded and consistency required, not only within an organization but also across organizations living in the de-parameterized business environment.

Current information classification systems are designed for specialists to use and subsequently only a very small percentage of information is labeled. The problem is worsened when you look at some of the other factors which need to be taken into account when looking at protecting information.

Why Classify Information?

There are a number of reasons why organizations pursue an information classification program, including:

1. Control over access to sensitive or confidential information.

2. Protection of sensitive or confidential information.

3. Simplifying the discovery of sensitive or confidential information.

Before embarking on an information classification program, it is worth analysing why you are doing it. Is it for regulatory reasons? Is it as part of a corporate governance initiative? Will the information be used to help in information storage and protection or not? Quite often it is a mixture of all three, but this too is important to your understanding of how to evaluate the possible solutions.

The Value of Data Varies Over Time

Data has different values to different people. Its misuse or loss can result in differing consequences to the organisation "owning" the data and those impacted.

The key phrase here is "to different people". We deal in preventing the harmful side effects of misuse of information. The most important element of any risk specification is the person(s) or thing(s) which would be impacted. This may be an individual, a group of individuals, an organization, a market, an industry, a country, etc. So in assessing the value of data, we need to understand "who we are protecting". Impact level may be viewed as secondary to this and should be evaluated in this context.

What is serious to one person may be trivial to another - hence, one person may categorise information as "Highly Sensitive" while another may regard it as only "Normal Business".

Consistent Information Classification is Hard

If something has been classified, especially when it is done by an individual, then consistency becomes an issue. What one person thinks of as being 'Highly Sensitive' another might think is just 'Sensitive' and a third might think is 'Public'. For example, a CEO probably deals in 'Highly Sensitive' information all the time whereas a sales manager doesn't. For the sales manager, they may classify an ongoing deal as 'Highly Sensitive' when the correct labeling would be 'Sensitive'.

As such, a classification system is needed, whereby information is classified, a policy is laid down on how to handle information according to its class and security mechanisms are enforced on systems handling information accordingly.

Classification Levels

While there is a number of different information classification systems around, a simpler 'less is more' approach is recommended so as to reduce confusion. To this end, the proposal put forward by the G8 countries, commonly called the 'Traffic Light Proposal', makes a great deal of sense as it is simple to explain and therefore relatively simple to follow.

There are four levels:

Red: Highly Sensitive. Personal for named recipients only.

Amber: Sensitive. Named Groups.

Green: Normal Business. Business community wide. (This is the default classification for organizations.)

White: Public. Public distribution, unlimited control.

Tagging classification using colours has to be augmented with another visual clue such as an icon. The following icons are proposed:

Figure

It should be noted that there are a number of different classification schemes available. Some have more levels and others less levels. It is a worthwhile task to map any scheme you are currently using to the 08 traffic light protocol, as this will make sharing the information with other companies possible without either side having to change their classification scheme. For example, in BS17799 there are five levels:

B817799 G8 Traffic Light

Public Documents White (Public)

Internal Use Only Green (Normal Business)

Proprietary Green (Normal Business)

Highly Confidential Amber (Sensitive)

Top Secret Red (Highly Sensitive)

Of course, whether 'Proprietary' maps to 'Sensitive' or 'Highly Sensitive' is entirely up to the user organisation and depends on what type of information placed in that category.

The classes for information availability and sensitivity are proposed below:

(I) Availability Classification

Here a classification system is proposed which has four availability classes. It is based on individual experience; hence, no equivalent standards are available for reference.

To improve availability, preventative measures reduce the probability of downtime and recovery measures reduce the downtime after an incident.

Table

(II) Sensitivity Classification

A classification system is proposed which classifies information/processes into four levels. The lowest is the least sensitive and the highest is for the most important information/processes.

1. Concepts

All data has an owner.

The data or process owner must classify the information into one of the security levels depending on legal obligations, costs, corporate into policy and business needs.

If the owner is not sure at what level data should be classified, use level.

The owner must declare who is allowed access to the data.

The owner is responsible for this data and must secure it or have it secured (e.g. via a security administrator) according to its classification.

All documents should be classified and the classification level should be written on at least the title page.

Once the data on a system has been classified to one of the following levels, then that system should be installed to conform to all directives for that class and classes below. Each level is a superset of the previous level. For example, if a system is classified as class, then the system must follow the directives of class, and.

If a system contains data or more than one sensitivity class, it must be classified according that needed for the most confidential data on the system.

2. Class : Public/Non-Classified Information

Data on these systems could be made public without any implications for the company (i.e. the data is not confidential). Data integrity is not vital. Loss of service due to malicious attacks is an acceptable danger.

Examples: Test services without confidential data, certain public information services, product brochures widely distributed and data available in the public domain anyway.

3. Class.: Internal Information

External access to this data is to be prevented, but should this data become public, the consequences are not critical (e.g. the company may be publicly embarrassed). Internal access is selective. Data integrity is important but not vital.

Examples of this type of data are found in development groups (where no live data is present), certain production public services, certain Customer Data, "normal" working documents and project/meeting protocols, Telephone books.

4. Class : Confidential Information

Data in this class is confidential within the company and protected from external access. If such data were to be accessed by unauthorised persons, it could influence the company's operational effectiveness, cause an important financial loss, provide a significant gain to a competitor or cause a major drop in customer confidence. Data integrity is vital.

Examples: Datacenters normally maintain this level of security. Salaries, Personnel data, Accounting data, passwords, information on corporate security weaknesses, very confidential customer data and confidential contracts.

5. Class : Secret Information

Unauthorised external or internal access to this data would be critical to the company. Data integrity is vital. The number of people with access to this data should be very small. Very strict rules must be adhered to in the usage of this data.

Examples: Military data, secret contracts.

(III) Corporate Classification

Private corporations often require written confidentiality agreements and conduct background checks on candidates for sensitive positions. Policies dictating methods for marking and safeguarding company-sensitive information (e.g. "IBM Confidential") are common and some companies have more than one level. Such information is protected under trade secret laws.

New product development teams are often segregated and forbidden to share information about their efforts with un-cleared fellow employees, the original Apple Macintosh project being a famous example.

Other activities, such as mergers and financial report preparation generally involve similar restrictions. However, corporate security generally lacks the elaborate hierarchical clearance and sensitivity structures and the harsh criminal sanctions that give government classification systems their particular tone.

(IV) Personally Identifiable Information

While "classification level" is important, it is worth drawing out one other category of information - Personally Identifiable Information (PII). Protection of PII has become a global issue, after wide experience of the consequences of a number of data leaks by companies and governments alike. Legislation to protect PH is in place in the United States of America and is in progress in Europe.

This information is often classed as 'Sensitive', although the consequences of it being lost or leaked means that it should probably be treated as 'Highly Sensitive '.

When dealing in electronic information and records it is important to look at the effect of aggregation. Using PH as an example, if you were to lose a single record then the impact is not nearly so great as if you were to lose a million. Electronic systems make it very easy to aggregate records and to copy them around as easily as if it was just one.

Classification of information may apply to entire data sets. For example, for a customer database with PH information, it is not just the database that is 'Highly Sensitive' but each record too, should it be copied into other documents.

The Way Forward

The ability to consistently classify information at all points in its life cycle and across the entire IT infrastructure is critical. If the information cannot be

classified correctly then it will not be able to be managed appropriately. Static classification of information by the information owner is not workable in today's global environment and so consistent automation is also required.

6.Generating Information

Information is an important resource in today’s context. Information is data that has been given meaning by way of relational connection, data is plural of word datum. Latin ‘datum’ meaning “that which is given.”

Data are facts, text, numbers, graphics, audio, video images, sounds or any combination of these that may or may not be relevant or useful for performing a particular task. Data simply exists and has no significance beyond its existence. It can exist in any form, usable or not. It does not have meaning by itself. Data are raw material for information. Information is data placed in a meaningful and useful context for an end user or decision maker. Information: Data that are processed to be useful; provides answers to “who”, “what”, “where”, and “when” questions.

The process of converting data into information uses formatting, filtering, and summarizing processes. It incorporates tabulation, addition, subtraction, division and other operations. In computer parlance, a relational database makes information from the data stored within it.

8.Information and Data

According to Russell Ackoff, a system’s theorist and professor of organizational change, the content of the human mind can be classified into five categories:

l. Data : It is plural of word datum. Latin ‘datum’ meaning “that which is given”, data is raw. It can exist in any form, usable or not. It does not have meaning by itself. Data represents a fact or statement of event without relation to other things. A spreadsheet generally starts out by holding data.

2. Information : Data that are processed to be useful; provides answers to “who”, “what”, “where”, and “when” questions, information is data that has been given meaning by way of relational connection. This “meaning” can be useful, but does not have to be. In computer parlance, a relational database makes information from the data stored within it.

3. Knowledge : Application of data and information; answers “how” questions, knowledge is the appropriate collection of information, such that it’s intent is to be useful. Knowledge is a deterministic process. Knowledge represents a pattern that connects and generally provides a high level of predictability as to what is described or what will happen next. Knowledge is the information that has been incorporated into our way of understanding the world around us. It is the sense we have made of the world.

4. Understanding : Appreciation of “why”. Understanding is an interpolative and probabilistic process. It is cognitive and analytical. It is the process by which one can take knowledge and synthesize new knowledge from the previously held knowledge. The difference between understanding and knowledge is the difference between “learning” and “memorizing”. People who have understanding can undertake useful actions because they can synthesize new knowledge, or in some cases,

at least new information, from what is previously known (and understood). That is, understanding can build upon currently held information, knowledge and understanding itself. In computer parlance, AI systems possess understanding in the sense that they are able to synthesize new knowledge from previously stored information and knowledge.

5. Wisdom : Evaluated understanding, wisdom is an extrapolative and non-deterministic, non-probabilistic process. It calls upon all the previous levels of consciousness, and specifically upon special types of human programming (moral, ethical codes, etc.). It beckons to give us understanding about which there has previously been no understanding, and in doing so, goes far beyond understanding itself. It is the essence of philosophical probing. Unlike the previous four levels, it asks questions to which there is no (easily-achievable) answer, and in some cases, to which there can be no humanly-known answer period. Wisdom is therefore, the process by which we judge, between right and wrong, good and bad. Wisdom embodies more of an understanding of fundamental principles embodied within the knowledge that are essentially the basis for the knowledge being what it is. Wisdom is essentially systemic.

Ackoff indicates that the first four categories relate to the past; they deal with what has been or what is known. Only the fifth category, wisdom, deals with the future because it incorporates vision and design. With wisdom, people can create the future rather than just grasp the present and past. But achieving wisdom isn’t easy; people must move successively through the other categories.

Wisdom is a uniquely human state, or as one can see, wisdom requires one to have a soul, for it resides as much in the heart as in the mind. And a soul is something machines will never possess.

Data : An Element of Information

Facts, statistics used for reference or analysis.

Numbers, characters, symbols, images etc. which can be processed by a computer.

Data must be interpreted, by a human or machine, to derive meaning.

“Data is a representation of information” * 0 Latin ‘datum’ meaning “that which is given.”

Data are facts about the world.

There are numerous facts about the world, only some of which are significant or of interest to people.

Some facts might be agreed by all, some are disputed, some accepted as meaningful by all, and some private to an individual or group.

The interchange of the words data and information is widespread, but there are differences between the two.

So it can be concluded that data (or capta) are the raw inputs of information systems, facts of some interest to the information systems users.

Figure

9.Methods of Data and Information Collection

Various method are available for the collection of data. The choice of the method will have an impact on the quality of data and information. A manager must be aware of all the methods used for information collection. He should have a better answer of the following questions before choosing any type of method:

What type of information is needed by him?

How much information can be collected and analyzed at a low cost and in a practical way e.g. by using questionnaire surveys and check-lists.

What type of methods should be used ?

What additional methods are required if additional information is needed ?

Does this information has a perfect value for the users ?

Do the existing people know how to utilize the information/training which is required?

What would be the method of analyzing this information ?

After confirming the answers to the above questions, a manager gets a clear picture of the method which should be used for the collection of information.

The methods commonly used for data and information collection are as follows:

1. Observation : It is used to gather the data directly by observing an event. The person collecting the information looks at how the system actually operates. It is specially used where the processes, instruments etc are observed to collect the facts.

Advantages

It is viewed as and when the events are occurring

Actual operations of a program are viewed

First hand knowledge

Disadvantages

It is dependent on the observers

Can be governed by a bias

2. Experiment : By this method, the information on a specific parameter can be obtained through a control over other variables. For e.g. test marketing of a new product before its commercialization.

Advantages

A general idea can be drawn for a whole lot, by checking the sample.

Disadvantages

The quality of the information depends very much on the design of the experiment.

3. Questionnaire/Survey : It is a method by which lots of information can be collected from the people interested or related to the given aspect of the whole population, e.g. opinion polls and market surveys

Advantages

Easy to analyze

Lots of data can be collected without much cost

Can be administered to many people at a time.

Disadvantages

The feedback might not be carefully given.

Depends largely on the design of the questionnaire.

4. Interviews : In this method the information is collected by face-to-face interaction. It is a two-way process in which a full impression of a person can be drawn. It develops a relationship between an interviewer and interviewee.

Advantages

A full range of in-depth information can be taken out.

Disadvantages

Interviewer can be biased.

The results can be hard to analyze and to reach a conclusion.

5. Documentation Review : Under this method data is collected through a review of applications, reports, documents, minutes, memos and gazettes. They are second hand data and easily available either in the organization (if internally related to the organization) or easily available at a price (external data like government reports).

Advantages

Easy availability

May not be directly used.

Disadvantages

May be biased depending upon the source.

Takes time to collect and organize.

10. DATA AND INFORMATION PROCESSING

The word data is commonly used to mean “information.” It often suggests large amounts of information in a standardized format. Data may contain letters, numbers, equations, dates, images, and other material. Used specifically, data processing refers to a discrete step in the information processing cycle. In information processing, data is acquired, entered, validated, processed, stored, and output, either in response to queries or in the form of routine reports. Used in a more general sense, data processing refers to the act of recording or otherwise handling one or more sets of data.

Data processing is any process that uses a specific system to organise data and summarise, analyse or otherwise convert data into usable information. The process may be automated and run on a computer. It involves recording, analysing, sorting, summarising, calculating, disseminating and storing data. Because data is most useful when well-presented and actually informative, data-processing systems are often referred to as information systems. Nevertheless, the terms are roughly synonymous, performing similar conversions; data-processing systems typically manipulate raw data into information, and likewise information systems typically take raw data as input to produce information as output.

Information processing is the change (processing) of information in any manner detectable by an observer. As such, it is a process which describes everything which happens (changes) in the universe, from the falling of a rock (a change in position) to the printing of a text file from a digital computer system. In the latter case, an information processor is changing the form of presentation of that text file. Information processing may more specifically be defined in terms used by Claude E. Shannon as the conversion of latent information into manifest information. Latent and manifest information are defined through the terms of equivocation (remaining uncertainty, what value the sender has actually chosen), dissipation (uncertainty of the sender what the receiver has actually received) and transformation (saved effort of questioning - equivocation minus dissipation).

10. Value of Information

Decision making is a process of choosing the best alternative among a number of alternatives. This process usually works under uncertainty, risk and certainty. The situation of certainty is possible when the decision maker has full knowledge about the available alternatives of its outcomes. This type of information is known as perfect information. It has a perceived value in terms of decision making, as it wipes out uncertainty and risk up to a certain extent.

It can be understood with the help of the following formula:

VPI = (V2-V

1) - (C

2-C

1)

where V = value of information

C = cost of obtaining information

V1 and C

1 = one set of information

V2 and C

2 = second/new set of information

Note: If VPI is very high then it is beneficial to serve the additional information need.

The value of information depends on certain factors. They are as follows:

a. The new or additional information can cause a change in the decision.

b. The experienced manager uses the information in a better way and he needs less information than the inexperienced manager.

c. If the value of information is highly increased, then the perfect information should be provided.

d. The value of additional information is usually high at the higher level of management because the decisions at this level are tactical and strategic in nature.

e. Apart from the monetary value of information it also promotes the strength and motivation level of managers.

11. Organization and Information

Organizations are regarded as living systems because as living systems engage in activities to maintain functioning and existing, organizations must have procedures for dealing with all the information that they need to send and receive in order to attain their goals. Much like systems, organizations are made of persons and teams that are interrelated. They depend on each other to complete their objectives and endeavours.

Organizational Information Theory

Karl Weick an American organizational theorist states, "Organizations and their environments change so rapidly that it is unrealistic to show what they are like now, because that's not the way they are going to be later". This theory focuses "on the process of organizing members of an organization to manage information rather than on the structure of the organization itself". It addresses aspects of the individual and also the group within the organization. Organizational Information Theory focuses on the communication of information that is vital in determining the success of an organization.

Weick's Organizational Information Theory is an approach to describe the process by which organizations collect, manage, and use the information that they receive. This theory does not focus on the structure of the organization in terms of its rules, roles that guide its members. It emphasizes on the process of organizing. Therefore, the primary focus of this theory is on the exchange of information within the organization itself, and how members take steps to understand this information for the organization's development and success.

The task of managing vast amount of information is a typical challenge for most organizations. As options for new communication channels increase, the number of messages that we send and receive as well as the speed at which we send them, increases as well.

Figure

Consider the saying "No Man is an Island", for organizations to survive; they must keep constant communication in and out of their borders. Organizations are not only faced to decode messages that they receive but they are also tasked to determine which people should receive the information needed to attain goals. Organizational members are instrumental in the creation and maintenance of message meaning. Members of the organization should communicate with each other so that having common understanding of messages will be maintained. Communication plays a big role inside the organization since it is the key for the organization to be able to make sense of it by identifying meanings from confusing or ambiguous message.

According to the OIT, organization evolves to blend, make it recognizable to its people and its environment. Weick's OIT states that as the information received becomes difficult to interpret, an organization needs to solicit input from others (multiple sources) to make sense or make use of the information to be provided to appropriate people or departments. By simply putting the outside forces and the demands of the surrounding environment in place, makes the organization and its members to change their goals, rules and priorities by making sense of what is the need and how to use this need for their benefit. However, the task of information processing is not completed simply by attaining information; the harder, part is deciphering and distributing the information gained.

General Systems Theory

Ludwig Von Bertalanffy, a General Systems theorist proposed that when there is a disruption in a system, it affects the entire system. System theorists argue that complex patterns of interaction are present among the parts of a system, and understanding these interactions will help understand the entire

system. Although departments may work independently, the aims of the organization require sharing and integration of information that each of them should give a conclusion of a solution. Organizations depend on combined information so they can make necessary adjustments to comply with the needs at the moment, thus reach their objectives.

Feedback is one of the key components of General System Theory. Though it could either be positive or negative, it is essential to making sense of information in an organization and its members. The information derived from feedback can help the organization to change for the better or can stay the same. It is up to the founding members to decide if they will have to engage in change if they think it is the best way to attain objectives.

It is through feedback that units are able to determine if the information that is being transmitted in clear and is sufficient to achieve desired goals. If an organization hopes to accomplish its goals, it will continue to engage in cycles of feedback to obtain information and reduce uncertainty for a better effect. Moreover, this process reflects the Darwinian approach to how organizations manage information.

Darwin's Theory of Socio-Cultural Evolution

The phrase, "Survival of the Fittest" mainly describes this theory, since organizations need to be competitive in nature for them to survive the ever challenging world. It is a perspective used to illustrate the process by which organizations gather information and therefore make sense out of it. The organizations just like living things manage to undergo changes to be able to cope with their environment.

Karl Weick used the idea of the theory to explain the process organizations undergo in adapting to various information pressures. Again, since information can be pressures or information that is ambiguous, unclear or is overloading, theories like System Theory and the Socio-Cultural Evolution can help us understand why there is such a need to change in processing information, highlight the roles of teams, departments, and the members.

Assumptions of Organizational Information Theory

Human Organizations exist in an information environment.

The information an organization receives differs in terms of equivocality.

Human Organizations engage in information processing to reduce equivocality of information.

First Assumption

Organizations depend on information in order to function effectively and accomplish their goals. This information environment is created by the members since they are the ones making rules, researching for data and making decisions for the benefit of the organization. However, inputs differ in terms of their level of understandability. It is because in the first assumption, scholars have seen information environment is also a media environment. Information environments include surroundings that are greatly affected by new technologies. So, the possibilities for information are limitless, since modem technology does not stop at one point, it will always improve and change over time.

Second Assumption

It focuses on the ambiguity that is in information. Information's meaning can differ depending on the understand ability of the people who will encounter it.

The key is to know the member's skills on understanding things so that there will be a development in their abilities and most importantly in their productivity as members of the organization. A plan should be devised to educate the members of the organization.

Third Assumption

The third assumption of the theory tells us that organizations engage in activities to make message meaning understandable. Reducing equivocality is a collective effort of the organization and its members. This mean that if there is equivocality, information overload or unclear message meaning, departments in the organization as well as their faculties may depend on each other to make sense of such information. Mutuality is developed and on-going cycle of communication feedback will give way for understanding equivocalities and the give-and-take of information is obtained.

Key Concepts and Conceptualizing Information

Organizational Information Theory contains key concepts that are essential to understand its contents.

(I) Information Environment: The availability of all stimuli in an organization

Internal and External Source of Information

People in an organization must interpret information from external stimuli or sources in their information environment.

They must coordinate inside their organization so that information absorbed and get responded to internally.

(II) Information Equivocality: Multiple Sources of Information

To be able to successfully process information must engage in behaviours in complex states. "It takes Equivocality to remove Equivocality".

(III) Rules

Rules help organizations to solve equivocality, crisis and other malfunctions in and out of their borders. It is like a philosophy where in organizations look upon as limits and power. These are guidelines in organizations as they review responses to equivocal information.

(IV) Cycles

Series of communication behaviours that serve to reduce equivocality.

Organizational Information Behaviour

We can define organizational information behaviour in the same way in which organizations set up systems and services that are designed to acquire, share and disseminate information of all kinds, from the production data from factories to events in the market-place. However, information also reaches the organization by all kinds of routes that are not initially set up as information acquisition mechanisms. For example, the salesman in the field collects information on the contracts made and the discounts provided by competing firms, and the CEO learns of the market difficulties of his/her competitor when playing on the golf course. In other words, organizational (or corporate) information behaviour embraces not only the formal systems set up to manage internal information flows, but also the systems, including libraries and information centers designed to access external information as well as the organizational and personal communication systems through which information reaches the organization and is disseminated.

The primary purpose is to test the idea that the information intensive areas of an organization can be identified within the value chain by using the Critical Success Factors (CSF) technique to indicate the critical areas and, thereby, enable the identification of corporate information needs. Corporate information needs are defined as those needs for information that must be satisfied if the organization is to achieve its strategic aims. The proposition is that those parts of the value chain that are perceived by organizational members to be of critical significance would be the areas in which effort should to be concentrated so that the information systems could be effective.

Information Dynamics in Organizations

Here, a theory gets developed about a limited subset of information dynamics: the combined effects of information content and socio-organizational structure on the management, treatment and diffusion of information in organizations.

In addition to global structural properties of organizational groups, there exist hierarchal, demographic and functional enablers and constraints of information dispersal in an organization. It can be hypothesized that information may diffuse more readily vertically (or laterally) through an organizational hierarchy due to authority or status differences, or more quickly through functional relationships than strong ties as such. Different types of information content spread differently. The characteristics of information are pertinent to how it diffuses. The content and structure jointly predict the diffusion path of a given piece of information, and that different social and structural factors will govern the diffusion of different types of information. Simple, declarative news will diffuse relatively indiscriminately without regard to the strength of relations, the function of relationships, or authority; in contrast, the diffusion of discussion topics, characterized by superficial flows and back and forth conversations, will be influenced by the strength of ties, the function of relationships and by authority and hierarchy.

Drivers of Organizational Information

Several factors could influence the flow of information in organizations. Four categories of factors that may impact information dynamics in organizations: demography, organizational hierarchy, tie and network characteristics and functional task characteristics.

Demography: Individuals' demographic characteristics and dissimilarity are likely to affect personal choices about information seeking and information transmission. Similar individuals tend to flock together in personal relationships creating parity in perspectives, information and resources across demographically similar individuals in organizations. Demographic diversity has also been shown to introduce socio-hierarchical divisions and create tension in organizational work groups, reducing the likelihood that individuals of dissimilar demographic backgrounds will go to each other for advice or pass information to one another.

Organizational Hierarchy: There is good reason to suspect that information flows are affected by formal organizational structures. Formal structures define reporting relationships and work dependencies that necessitate communication and coordination (Mintzberg 1979). Managers and employees frequently communicate to manage administrative tasks even when they are not working on the same

projects, and the importance of notification for accountability, and recognition for upward mobility encourages dialogue and information exchange along hierarchical lines.

Embedded within formal organizational hierarchies are gradients of status and authority that may also guide information flows. Task level knowledge and familiarity with customers, specialized technology, competitors and new market opportunities often resides with mid-level managers rather than upper management, leading some firms to decentralize decision rights to take advantage of local knowledge (Dessein 2002).

If this is the case, we might expect information to flow most quickly to employees in mid-level management positions. In our organization, teams are composed hierarchically, generally consisting of one partner, one consultant, and one researcher. As project teams are organized hierarchically, task related information is likely to flow vertically rather than laterally across individuals of the same organizational rank.

Tie & Network Characteristics: Informal networks are also likely to impact information handling and dispersal in organizations. A vast literature treats the relationship between personal network structure and organizational performance. Although most of this work does not measure information flows explicitly, evidence of a relationship between performance and network structure is typically assumed to be due in part to the information flowing between connected actors.

Some network research does explicitly treat information transmission. For example, several studies have shown that the strength of relationships increases the transfer of information and knowledge in pairs which measures the probability that the individual will fall on the shortest path between any two other individuals linked by email communication, predicts the total amount of knowledge acquired from other parts of the network, and that actors with high network constraint and relationships in particular, improves the effectiveness of transfers of implicit knowledge.

As individuals interact more frequently, they are likely to pass information to one another. The strength of communication ties therefore can be measured by the total volume of email passing between each pair of individuals in a network. Other studies demonstrate that 'betweenness centrality' (Freeman 1979), which measures the degree to which an individual's contacts are connected to each other (a proxy for the redundancy of contacts), are less privy to new information (Burt 1992).

The total amount of email communication that individuals engage in is also likely to drive their access to information and how quickly they see it (Cummings & Cross 2003). Finally, a great deal of evidence links physical proximity to communication between actors, however, in the case of email communication, it could be that greater geographic distance is associated with more email communication between actors who find it costly to meet and communicate face to face. We therefore measure physical proximity by whether or not two people work together in one of the firm's fourteen offices.

Task Characteristics: Working relationships are conduit of communication and information flow. As individuals work together, they develop stronger

bonds of trust and experience that encourage them to exchange information. Working relationships also necessitate exchange of task related information and create relatively stable and enduring ties that individuals rely on for advice on future projects. The strength of project co-work relationships by the number of projects employees have worked on together may be accounted for.

Related knowledge helps individuals consume new information, and individuals in related fields and of related expertise are more likely to swim in the same pools of information depending on whether or not employees work in the same expertise area in the firm. Finally, as with demographic distance, information is expected to flow more easily among employees in the same industry group. Employees with the same industry tenure have likely been through similar work related milestones and may already be familiar with each other through industry relationships. In addition, more experienced workers may rely on other experienced workers for information, while status and authority prevent the less experienced from sharing as much information across industry tenure levels.

Organizational Information and IT

Many information assets within an organization have an associated value relative to the business impact of an incident or threat that affects the confidentiality, availability, authenticity or availability of the information. The threat model for information stored locally, within network perimeters, is different from that of information shared in collaborative, de-perimeterised environments. The former allows an organization to control access to information within a secured perimeter for a specified set of users, while the latter allows information "into the wild" where there is no perimeter in which to enforce access control and no finite set of users to control access for.

It is therefore essential that information is correctly and accurately classified to identify the organizations and individuals that should have access to it as well as the data handling requirements such as secure storage and safe disposal that are relevant to the information content.

It is also crucial that the confidentiality, integrity, authenticity and availability of the information are categorized are made clear in order to inform information users how to secure information in place, use and transit outside the secure perimeter.

Getting along with Changing Times

The way in which people work is changing. Web 2.0 is bringing a cultural change and business drivers are forcing organizations to collaborate. At the same time, changes to the Data Protection Act 1998 are putting personal responsibility for data losses -and exposures with the data controller. It is more important than ever to maintain strict control over information, while at the same time allowing information to move into an environment over which organizations currently have minimal control. Organizations must begin to classify and categorize information that is to be shared in de-perimeterised environments in this way to maintain control over it and comply with legislative control, maintain control over the intellectual property of the information, and maintain control of their sensitive business information.

Suggested Way-out

The illustration below details the Information Lifecycle Management (ILM) Process model for use in organizations, defining the actions that can be taken on information at anyone time, the options available while taking those actions and the path an individual should follow to ensure the information remains secure throughout its lifetime from creation to deletion. Sensitivity and confidentiality assurance must be considered. The physical location of the storage devices and the encryption of information are example considerations.

Figure

A Step Ahead

Organizations need to begin trialing Information Classification and Impact Sensitivity Categorizations schemes as part of their internal operations and then moving the successful ILM process model into a collaborative domain. De-perimeterisation is happening; Data Protection Laws are becoming more powerful and will soon carry civil penalties; business drivers are forcing organizations to collaborate. It is essential that the ILM process begins to become part of everyday business activity.

Better measurement and communication associated with IT change the information available within the firm. To the extent that the internal organization of the firm is determined by the economics of information and communication, these technologies will change the optimal structure of the organization. The case literature reports a variety of such impacts: changes to authority relationships, decentralization of decision authority, shifts in the task content of clerks', operatives', professionals', and managers' work, and changes in reward schemes, among others. This is a source of being complementary -investments in IT and re-organization of the firm.

Questions1. Distinguish between

(i) Information and Data

(ii) Information processing and Data processing

2. Explain the value of information in business management.

3. Describe the various methods for collection of Data for MIS.4. What do you understand by value of information? Is it useful to compute it?