Is Chapter9&10 Erp&Isc
-
Upload
shawn-moore -
Category
Documents
-
view
228 -
download
0
Transcript of Is Chapter9&10 Erp&Isc
-
7/28/2019 Is Chapter9&10 Erp&Isc
1/29
ICWAI IS
ERP
1
-
7/28/2019 Is Chapter9&10 Erp&Isc
2/29
legal
Inventory
Finance
Maintenance
EngineeringDesign
Controlling
ProductionPlanning
Sales
Human resources
Quality
Functions Of Enterprise
Enterprise
2
-
7/28/2019 Is Chapter9&10 Erp&Isc
3/29
Business Process
A business process is a sequence of activities
followed by individuals in a business to achieve
some business goal.
Often these are manual activities executed by
employees who play certain roles in the business in
addition to others who are external to the business:customers, business partners, etc.
3
-
7/28/2019 Is Chapter9&10 Erp&Isc
4/29
Systems from a Functional PerspectiveExamples of Business Processes
Functional Area Business Process
Assembling the product
Checking for quality
Producing bills of materials
Identifying customers
Making customers aware of theproduct
Selling the product
Paying creditors
Creating financial statements
Managing cash accounts
Hiring employees
Evaluating employees job
performance
Enrolling employees in benefitsplans
Manufacturingand production
Human resources
Finance and accounting
Sales And Marketing
4
-
7/28/2019 Is Chapter9&10 Erp&Isc
5/29
Categories Of Information System
5
-
7/28/2019 Is Chapter9&10 Erp&Isc
6/29
Enterprise Systems
Enterprise systems, also known as enterpriseresource planning (ERP) systems, provide asingle information system for organization-
wide coordination and integration of keybusiness processes.
Information that was previously fragmented in
different systems can seamlessly flowthroughout the firm so that it can be shared bybusiness processes in manufacturing,accounting, human resources, and other areas.
6
-
7/28/2019 Is Chapter9&10 Erp&Isc
7/29
ERP or Enterprise Resource Planning systems are softwaresystems for businesses management encompassingmodules supporting functional areas such as sales and
marketing, finance, production, distribution accounting,human resource management, maintenance, inventorymanagement, project management, transportation and e-business etc.
Business strategy and set of industry-domain-specificapplications that build customer and shareholdercommunities value network system by enabling andoptimizing enterprise and inter-enterprise collaborativeoperational and financial processes (Source: Gartners
Research Note SPA-12-0420)
Enterprise Resource Planning ERP
7
-
7/28/2019 Is Chapter9&10 Erp&Isc
8/29
Software solution that addresses the Enterpriseneeds, taking a process view of the overallorganization to meet the goals, by tightly
integrating all functions and under a common software platform
ERP is a commodity -- product in the form of
software
SAP, Oracle Applications, PeopleSoft, JD Edwards,Great plains etc. are worlds leading ERPpackages
8
ERP Software
-
7/28/2019 Is Chapter9&10 Erp&Isc
9/29
Challenges of Enterprise Systems
Difficult to build:Require fundamentalchanges in the way the business operates
Technology: Require complex pieces ofsoftware and large investments of time,money, and expertise
Centralized organizational coordination anddecision making:Not the best way for thefirms to operate
9
-
7/28/2019 Is Chapter9&10 Erp&Isc
10/29
Prime Reasons for Implementing ERP
Need for common platform
Process improvement.
Data visibility that could be used to improveoperating decisions.
Operation cost reductions.
Increased customer responsiveness.
Improved strategic decision making
Personal Improvement
10
-
7/28/2019 Is Chapter9&10 Erp&Isc
11/29
BPR & ERP
Just automating the existing business practiceswill not help ERP to achieve the anticipated resultsbecause, OO + NT = EOO
Business Process Re-engineering [BPR] brings out thedeficiencies of the existing setup
BPR and ERP will give way to implement newsystems and the long pending improvements in theexisting systems
BPR may be time consuming but the scope can be
restricted & controlled by the Management 11
'OO + NT = EOO' (Old Organisation + New Technology = Expensive Old Organisation
-
7/28/2019 Is Chapter9&10 Erp&Isc
12/29
ERP Execution phases
ERP product selection
Preparations
Production
Implementation
Post-Implementation
12
-
7/28/2019 Is Chapter9&10 Erp&Isc
13/29
How should we implement ERP systems
Obtain the right mix of people, processes andtechnology!!
13
-
7/28/2019 Is Chapter9&10 Erp&Isc
14/29
Vendors
14
http://www.microsoft.com/dynamics/default.mspxhttp://www.oracle.com/index.htmlhttp://www.sap.com/index.epxhttp://www.siebel.com/ -
7/28/2019 Is Chapter9&10 Erp&Isc
15/29
ICWAI IS
Information System Control
15
-
7/28/2019 Is Chapter9&10 Erp&Isc
16/29
16
What is security?
Prevention: take measures that preventyour assets from being damaged.
Detection: take measures so that you candetect when, how, and by whom an asset hasbeen damaged.
Reaction: take measures so that you canrecover your assets or to recover from a
damage to your assets
-
7/28/2019 Is Chapter9&10 Erp&Isc
17/29
System Vulnerability and Abuse
Hardware failure
Software failure
Personnel actions Terminal access
penetration
Theft of data,services, equipment
Fire
Electrical problems
User errors Unauthorized
program changes
Telecommunicationproblems
Threats to Computerized InformationSystems
17
-
7/28/2019 Is Chapter9&10 Erp&Isc
18/29
Disaster
Destroys computer hardware, programs, data
files, and other equipmentSecurity
Prevents unauthorized access, alteration, theft,or physical damage
Errors
Cause computers to disrupt or destroyorganizations record-keeping and operations
SYSTEM VULNERABILITY AND ABUSE
18
-
7/28/2019 Is Chapter9&10 Erp&Isc
19/29
Data Quality Problems
Caused due to errors during data input orfaulty information system and databasedesign
System Quality Problems: Software and Data
19
-
7/28/2019 Is Chapter9&10 Erp&Isc
20/29
Controls
Methods, policies, and procedures that ensureprotection of organizations assets
Ensure accuracy and reliability of records,and operational adherence to managementstandards
20
-
7/28/2019 Is Chapter9&10 Erp&Isc
21/29
Establishing a Framework for Security and Control
Application controls
Specific controls unique to each computerized application, such aspayroll or order processing
Include both automated and manual procedures
Ensure that only authorized data are completely and accuratelyprocessed by that application
Include:
Input controls
Processing controls
Output controls
21
-
7/28/2019 Is Chapter9&10 Erp&Isc
22/29
Risk Assessment
Determines level of risk to firm if specific activity or process isnot properly controlled
Types of threat
Probability of occurrence during year
Potential losses, value of threat
Expected annual loss
EXPOSURE PROBABILITY LOSS RANGE EXPECTED
ANNUAL LOSS
Power failure 30% $5K - $200K $30,750
Embezzlement 5% $1K - $50K $1,275
User error 98% $200 - $40K $19,698
22
-
7/28/2019 Is Chapter9&10 Erp&Isc
23/29
High-availability computing: Tools andtechnologies enabling system to recoverquickly from a crash. Fault Tolerant system
Disaster recovery plan: Runs business inevent of computer outage
Load balancing: Distributes large number ofrequests for access among multiple servers
High Availability
23
-
7/28/2019 Is Chapter9&10 Erp&Isc
24/29
Access Control
Passwords
Authentication:
Access control: Consists of all the policies and procedures a company
uses to prevent improper access to systems by unauthorized insiders
and outsiders
Tokens, smart cards
Biometric authentication
24
-
7/28/2019 Is Chapter9&10 Erp&Isc
25/29
Identification
Identification
Method of establishing the subjects (user,
program, process) identity. Use of user name or other public information.
Know identification component requirements.
25
-
7/28/2019 Is Chapter9&10 Erp&Isc
26/29
Authentication
Authentication
Method of proving the identity.
Something a person is, has, or does.
Use of biometrics, passwords, passphrase,token, or other private information.
Strong Authentication is important
26
-
7/28/2019 Is Chapter9&10 Erp&Isc
27/29
27
Authorization
Authorization
Determines that the proven identity has
some set of characteristics associated withit that gives it the right to access therequested resources.
-
7/28/2019 Is Chapter9&10 Erp&Isc
28/29
Authorization
Access Criteria can be thought of as:
Roles
Groups
Location
Time
Transaction Types
28
-
7/28/2019 Is Chapter9&10 Erp&Isc
29/29
Check digits, appended to the end of a long number
can provide some protection against data input
errors.
The last character of UPC barcodes and ISBNs arecheck digits.
Longer data streams require more economical and
sophisticated error detection mechanisms.
Cyclic redundancy checking (CRC) codes provide
error detection for large blocks of data.
Data Error Detection
29