We'll email you at these times to remind you to study
You can set up to 7 reminders per week
We'll email you at these times to remind you to study
information systems can help to improve managerial control, they create a tremendous control problem themselves. Information systems are very complex.
levels of management control are top management tools,middle management tools and lower management tools
Information and Control
One contribution of information systems is to strengthen control systems. A manager needs information about the deviation of actual from standard, or targeted performance.
Senior management may be able to take immediate action if sales are falling below projections. Managers may alter production schedules, emphasize different products, and/or begin to reduce expenditures.
Although information systems can help to improve managerial control, they create a tremendous control problem themselves. Information systems are very complex.
So although managers do not necessarily understand the technology, they are often responsible for seeing that information systems are under control.
In the earlier days of corporate information systems, a computer problem at the Bank of New York nearly halted the Treasury bond market for 28 hours. The computer program had a transaction number counter that could reach as high as 32,000 items. On the day of the failure, the number of transactions exceeded 32,000 for the first time. The computer then stored each record on top of the last one, losing data and corrupting the database. This control failure rippled through the financial system. Because the Bank of New York did not know its position, it could not demand payment from customers to settle trades. The bank had to borrow the cost of carrying the securities from the Federal Reserve and asked for $20 billion overnight. The interest on this loan was $4 million per day! Since other banks were expecting to pay for the bonds, they had an extra $20 billion on hand overnight, causing the federal funds' rate to plummet from 8% percent to 5 percent.
Programmers in a financial institution computed interest calculations on savings accounts as if there were 31 days in every month. In the five months it took to discover the error, the institution paid more than $100,000 in excess interest.
Programmers and analysts in a large mail-order house designed a "perfect" system. It would operate only if all errors were eliminated. After installation, auditors discovered that errors were occurring at the rate of almost 50 percent. The system collapsed and had to be abandoned after an investment of approximately a quarter of a million dollars.
A student at a major university introduced a virus, or, more correctly, a worm, into one of the major networks connecting various computers. He is thought to have exploited a little-known opening in systems software to send a program to other computers. The program replicated itself and slowed the computers to a near standstill.
These examples all represent failure of control in the organization. For a control system to work, the organization must have a model of its desired states. Often, this model is in the form of routine procedures or generally accepted accounting practices. For problems like controlling a sales representative, standards are less clear, as is our ability to influence behaviour.
Click the managers to read about some failure of control examples in real firms.
Control of Operations
All levels of control in the organization are the responsibility of management. In the United States, the Foreign Corrupt Practices Act makes operational control a legal as well as a normal management task.
This act requires that publicly held companies devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances of the following:
Transactions are executed according to management authorization.
Transactions are recorded as necessary to permit the preparation of financial statements according to generally accepted accounting principles.
Records of assets are compared with existing assets at reasonable intervals, and action is taken when there are differences.
The EU possesses similar anti-corruption laws, which are considered to be less stringent than the US equivalent.
Control Problems and Challenges
Information Technology gives organizations the ability to process large numbers of transactions in an efficient manner. These same systems create significant control problems and challenges, however.
With thousands of transactions processed in a short time, an error can spread through an immense number of transactions in minutes.
Control failures can become costly, and firms have been forced out of business because of their inability to control information processing activities.
On the next interactive slide we will look at areas in which a client server architecture is vulnerable. Click the numbers to read about each area.
Computer based processing errors: Client-Server Architecture
1. The operating systems for the client and server control the operations of the computers and allocate computer resources. Operating systems can and have been penetrated. They also have errors in coding, as does any other program. Someone who is unauthorized could gain access to a network through the operating system of the server, or possibly through a client machine. An intruder would masquerade as a legitimate client in order to gain access to the server's operating system.
2. Applications programs contain the logic of business processes in the organization. These programs may have errors or may be incomplete in their editing and error checking for input and processing. The programs may execute entirely on the client computer or on some combination of the client and the server. The server might replicate an error across all the clients using a certain program.
3. Databases exist on the server, and there may be local user data on the clients. Data are often proprietary or confidential within the organization. Are the data safe from accidents? Are crucial data files on the server backed up?
4. The entire network must operate reliably if transactions are to be processed effectively. Is the network operating system reliable and secure? Can outsiders gain unauthorized access to company systems through the Internet?
5. Many applications have a number of associated manual procedures for the submission of input and the processing of output after it has been produced by the system. These procedures must be developed with adequate controls to ensure the accuracy and integrity of processing.
6. At a higher level than the individual user, the organization itself must be structured with control in mind. Management must take its responsibilities seriously and emphasize control.
7. Networks provide connectivity. Wide area communications links are subject to failure, penetration, and sabotage. This is especially true with the Internet, which opens the firm to access by millions of people.
8. Many systems are also available to external users from other organizations. These individuals may make mistakes or intentionally try to misuse a system. Controls must protect the system from these users and the users from themselves.
Log in to save your progress and obtain a certificate in Alison’s free Understanding Information Control for IT Managers online course
Sign up to save your progress and obtain a certificate in Alison’s free Understanding Information Control for IT Managers online course
Please enter you email address and we will mail you a link to reset your password.