Is Chapter9&10 Erp&Isc

7/28/2019 Is Chapter9&10 Erp&Isc

1/29

ICWAI IS

ERP

1


2/29

legal

Inventory

Finance

Maintenance

EngineeringDesign

Controlling

ProductionPlanning

Sales

Human resources

Quality

Functions Of Enterprise

Enterprise

2


3/29

Business Process

A business process is a sequence of activities

followed by individuals in a business to achieve

some business goal.

Often these are manual activities executed by

employees who play certain roles in the business in

addition to others who are external to the business:customers, business partners, etc.

3


4/29

Systems from a Functional PerspectiveExamples of Business Processes

Functional Area Business Process

Assembling the product

Checking for quality

Producing bills of materials

Identifying customers

Making customers aware of theproduct

Selling the product

Paying creditors

Creating financial statements

Managing cash accounts

Hiring employees

Evaluating employees job

performance

Enrolling employees in benefitsplans

Manufacturingand production

Human resources

Finance and accounting

Sales And Marketing

4


5/29

Categories Of Information System

5


6/29

Enterprise Systems

Enterprise systems, also known as enterpriseresource planning (ERP) systems, provide asingle information system for organization-

wide coordination and integration of keybusiness processes.

Information that was previously fragmented in

different systems can seamlessly flowthroughout the firm so that it can be shared bybusiness processes in manufacturing,accounting, human resources, and other areas.

6


7/29

ERP or Enterprise Resource Planning systems are softwaresystems for businesses management encompassingmodules supporting functional areas such as sales and

marketing, finance, production, distribution accounting,human resource management, maintenance, inventorymanagement, project management, transportation and e-business etc.

Business strategy and set of industry-domain-specificapplications that build customer and shareholdercommunities value network system by enabling andoptimizing enterprise and inter-enterprise collaborativeoperational and financial processes (Source: Gartners

Research Note SPA-12-0420)

Enterprise Resource Planning ERP

7


8/29

Software solution that addresses the Enterpriseneeds, taking a process view of the overallorganization to meet the goals, by tightly

integrating all functions and under a common software platform

ERP is a commodity -- product in the form of

software

SAP, Oracle Applications, PeopleSoft, JD Edwards,Great plains etc. are worlds leading ERPpackages

8

ERP Software


9/29

Challenges of Enterprise Systems

Difficult to build:Require fundamentalchanges in the way the business operates

Technology: Require complex pieces ofsoftware and large investments of time,money, and expertise

Centralized organizational coordination anddecision making:Not the best way for thefirms to operate

9


10/29

Prime Reasons for Implementing ERP

Need for common platform

Process improvement.

Data visibility that could be used to improveoperating decisions.

Operation cost reductions.

Increased customer responsiveness.

Improved strategic decision making

Personal Improvement

10


11/29

BPR & ERP

Just automating the existing business practiceswill not help ERP to achieve the anticipated resultsbecause, OO + NT = EOO

Business Process Re-engineering [BPR] brings out thedeficiencies of the existing setup

BPR and ERP will give way to implement newsystems and the long pending improvements in theexisting systems

BPR may be time consuming but the scope can be

restricted & controlled by the Management 11

'OO + NT = EOO' (Old Organisation + New Technology = Expensive Old Organisation


12/29

ERP Execution phases

ERP product selection

Preparations

Production

Implementation

Post-Implementation

12


13/29

How should we implement ERP systems

Obtain the right mix of people, processes andtechnology!!

13


14/29

Vendors

14
http://www.microsoft.com/dynamics/default.mspxhttp://www.oracle.com/index.htmlhttp://www.sap.com/index.epxhttp://www.siebel.com/


15/29

ICWAI IS

Information System Control

15


16/29

16

What is security?

Prevention: take measures that preventyour assets from being damaged.

Detection: take measures so that you candetect when, how, and by whom an asset hasbeen damaged.

Reaction: take measures so that you canrecover your assets or to recover from a

damage to your assets


17/29

System Vulnerability and Abuse

Hardware failure

Software failure

Personnel actions Terminal access

penetration

Theft of data,services, equipment

Fire

Electrical problems

User errors Unauthorized

program changes

Telecommunicationproblems

Threats to Computerized InformationSystems

17


18/29

Disaster

Destroys computer hardware, programs, data

files, and other equipmentSecurity

Prevents unauthorized access, alteration, theft,or physical damage

Errors

Cause computers to disrupt or destroyorganizations record-keeping and operations

SYSTEM VULNERABILITY AND ABUSE

18


19/29

Data Quality Problems

Caused due to errors during data input orfaulty information system and databasedesign

System Quality Problems: Software and Data

19


20/29

Controls

Methods, policies, and procedures that ensureprotection of organizations assets

Ensure accuracy and reliability of records,and operational adherence to managementstandards

20


21/29

Establishing a Framework for Security and Control

Application controls

Specific controls unique to each computerized application, such aspayroll or order processing

Include both automated and manual procedures

Ensure that only authorized data are completely and accuratelyprocessed by that application

Include:

Input controls

Processing controls

Output controls

21


22/29

Risk Assessment

Determines level of risk to firm if specific activity or process isnot properly controlled

Types of threat

Probability of occurrence during year

Potential losses, value of threat

Expected annual loss

EXPOSURE PROBABILITY LOSS RANGE EXPECTED

ANNUAL LOSS

Power failure 30% $5K - $200K $30,750

Embezzlement 5% $1K - $50K $1,275

User error 98% $200 - $40K $19,698

22


23/29

High-availability computing: Tools andtechnologies enabling system to recoverquickly from a crash. Fault Tolerant system

Disaster recovery plan: Runs business inevent of computer outage

Load balancing: Distributes large number ofrequests for access among multiple servers

High Availability

23


24/29

Access Control

Passwords

Authentication:

Access control: Consists of all the policies and procedures a company

uses to prevent improper access to systems by unauthorized insiders

and outsiders

Tokens, smart cards

Biometric authentication

24


25/29

Identification

Identification

Method of establishing the subjects (user,

program, process) identity. Use of user name or other public information.

Know identification component requirements.

25


26/29

Authentication

Authentication

Method of proving the identity.

Something a person is, has, or does.

Use of biometrics, passwords, passphrase,token, or other private information.

Strong Authentication is important

26


27/29

27

Authorization

Authorization

Determines that the proven identity has

some set of characteristics associated withit that gives it the right to access therequested resources.


28/29

Authorization

Access Criteria can be thought of as:

Roles

Groups

Location

Time

Transaction Types

28


29/29

Check digits, appended to the end of a long number

can provide some protection against data input

errors.

The last character of UPC barcodes and ISBNs arecheck digits.

Longer data streams require more economical and

sophisticated error detection mechanisms.

Cyclic redundancy checking (CRC) codes provide

error detection for large blocks of data.

Data Error Detection

29

Is Chapter9&10 Erp&Isc

Documents

Transcript of Is Chapter9&10 Erp&Isc