Management Information Systems (M.I.S.

) Review

MIS Definition

A management information system is an information system used for decision-making, and for
coordination, control, analysis, and visualization of information in an organization. The study of the
management information systems involves people, processes and technology in an organizational
context.

In short Management Information Systems (MIS) is the study of how people use technology to manage
information. It includes both the hardware and software used to store, process, and retrieve information.
Computer science is the study of how computers work. It includes the design and implementation of
computer systems.

Types of Management information systems

- Transaction Processing Systems (TPS)

- Decision Support Systems (DSS)
- Executive Information Systems (EIS)
- Knowledge Management Systems (KMS)
- Enterprise Resource Planning (ERP)

Role of MIS in an Organization

The MIS helps the top level management in;

- goal setting
- strategic planning
- evolving the business plans
- implementation of business plans

The MIS plays the role of information generation, communication, problem identification and helps in the
process of decision-making.

Example of MIS

A management information system example is a customer relationship management system. It collects

customer data and provides organizations with a channel for direct communication with clients. Feedback
from customers is essential data that can be processed for better decision-making.

Objective of an MIS

An effective Management Information System has the following objectives: The objective of MIS is to
provide information for decision making on planning, initiating, organizing, and controlling the operations
of the subsystems of the firm and to provide a synergistic organization in the process.

Benefits of MIS

MIS applications help managers make better decisions. In addition to helping business make more
informed decisions, an MIS also provides benefits such as;

1
- Improved employee productivity
- Reduce errors, and
- Increased customer satisfaction

Limitations of MIS

MIS cannot replace managerial judgments in decision making. The quality of output of MIS is directly
proportional to the quality of input and processes. In a fast changing and complex environments, MIS may
not have enough flexibility to update itself quickly.

Careers in MIS

Management Information Systems (MIS) is a fast-pace and exciting filed that explores how businesses use
technology to operate more efficiently and effectively. The specialists’ work is to analyze business
processes; identify inefficiencies, risks and opportunities for improvement; and implement solutions by
integrating computer systems to function as one seamless system. Some M.I.S. specialists include;

- Technical services manager

- Information systems manager
- Networking specialist
- Systems administrator
- Web content specialist
- Web developer
- IT analyst
- IT technician
- Management analyst
- Information security analyst
- Data Manager
- Business intelligence analyst

2
Week 9: E-Commerce / Knowledge Management

I) E-Commerce

Before focusing on E-Commerce. It is good to understand what is E-business.

E-Business

E-business involves several key activities including improving business processes, enhancing
communications and providing the means to carry out business transactions securely. E-business is
part of a broader Internet economy which encompasses all of the activities involved in using the
internet for commerce. The internet economy is made up of the following layers:

- Internet Infrastructure. Companies that provide the hardware, software, and other equipment for the
Internet. Examples: ISPs, networking companies and manufacturers of PCs and servers.
- Internet Applications Infrastructure. Companies that provide software facilitating Internet
transactions. Also, companies that provide web development, design and consulting services.
Examples: producers of web development software, web-enabled databases and search engines.
- Internet Intermediaries. Companies that link buyers and sellers, for example by providing content or
by creating marketplaces where business can be transacted. Examples: travel agents, content
providers and online brokerages.
- Internet Commerce. Companies that sell products and services to consumers or other companies.
Examples online retailers, subscription or fee-based services and manufacturers selling directly to the
public.

Benefits of e-business

- Reduced costs e.g. automation of administrative tasks and E-procurement.

- Improved efficiency e,g. the use of electronic production processes
- Access to larger markets e.g. e-business using the internet opens to a larger, global market.

E-commerce

A common activity associated with e-business is e-commerce which can be described as using technology
to conduct business transactions, such as buying and selling goods and services. However, e-commerce
involves more than merely conducting electronic transactions; it also encompasses a wide range of
associated activities, such as after-sales support and even logistics. E-commerce (electronic commerce is
the buying and selling of goods and services, or the transmitting of funds or data over an electronic
network, primarily with the use of the internet.

E-commerce Activities

These include the types or models of e-commerce. They are;

- Business-to-business (B2B). Transactions take place between companies. Approximately 80 per cent
of all e-commerce is of this type.
- Business-to-consumer (B2C). Companies sell products directly to consumers. B2C can involve activities
such as product research (where consumers gather information and compare prices) and electronic
delivery (where information products are delivered to consumers via e-mail or other means).
- Consumer-to-business (C2B). Individual consumers sell goods and services directly to a business.

3
- Business-to-government (B2G). Transactions take place between companies and public sector
organizations.
- Consumer-to-consumer (C2C). Transactions take place between private individuals. Perhaps the best
examples of C2C commerce are online auction sites and peer-to-peer systems.
- Mobile commerce (m-commerce). M-Commerce is a relatively new development and involves selling
goods or services via wireless technology, especially mobile phones.

Examples of E-commerce

- Amazon
- FlipKart
- eBay
- Myntra
- Quikr
- Olx

Negative Effects of e-commerce

- Security concerns: One of the biggest concerns with e-commerce is the risk of cyber-attacks and
identity theft. Customers need to be careful when entering their personal and financial information
online, and it is important for online stores to have secure systems in place to protect this information.
- Lack of personal interaction
- Return and exchange issues
- Scams and fraudulent activity
- Poor customer service
- Lack of accountability

Benefits of E-commerce

- Convenience: you can shop at any time from any geographical space and location
- Access to a wider range of products
- Lower prices
- Easy comparison shopping

II) Knowledge Management System

Before looking into a knowledge management system lets look at knowledge management.

Knowledge Management

Knowledge management is the collection of methods relating to creating, sharing, using and managing
the knowledge and information of an organization. It refers to a multidisciplinary approach to achieve
organizational objectives by making the best use of knowledge

Areas of knowledge management

- Accumulating knowledge
- Storing knowledge
- Sharing knowledge

4
 Implementation of a Knowledge Management System

- Capturing
- Creation
- Codification
- Communication
- Capitalization

Components of knowledge management

In an organizational context, knowledge management infrastructure includes five major components

(Becarra-Fernandez and Sabherwal, 2010).

- Organizational culture
- Organization structure
- Organization’s information technology infrastructure
- Common knowledge, and
- Physical environment

The additional two are;

- People
- Processes

Knowledge Management System

A knowledge management system is any kind of IT system that stores and retrieves knowledge to
improve understanding, collaboration, and process alignment. Knowledge management systems can
exist within organizations or teams, but they can also be used to center your knowledge base for your
users or customers.

Types of Knowledge Management System

- Enterprise wide knowledge management systems

- Knowledge work systems
- Intelligent techniques

Examples of Different Types of Knowledge Management Systems

- Online Community Forums

- Learning Management Systems (LMS)
- Customer Service Knowledge Bases
- Research and Insights Libraries

Components of Knowledge Management Systems

- People, Processes, technology, structure and culture.

5
Week 10: People in Information Systems

People are involved in information systems in just about every way you can think of: people imagine
information systems, people develop information systems, people support information systems, and
perhaps most importantly, people use information systems. The people in information systems are
grouped as follows.

The Creators of Information System

The first group of people we are going to look at play a role in designing, developing, and building
information systems. These people are generally very technical and have a background in programming
and mathematics. Just about everyone who works in the creation of information systems has a minimum
of a bachelor’s degree in computer science or information systems, though that is not necessarily a
requirement.

- Systems Analyst
- Programmer
- Computer Engineer breakdown into specialties as hardware engineer, software engineer, systems
engineer, network engineer.

Information – Systems Operations and Administration

Another group of information systems professionals are involved in the day-to-day operations and
administration of IT. These people must keep the systems running and up-to-date so that the rest of the
organization can make the most effective use of these resources. They are;

- Computer Operator
- Database Administrator
- Help-Desk/Support Analyst
- Trainer

Managing Information Systems

The management of information-systems functions is critical to the success of information systems within
the organization. Here are some of the jobs associated with the management of information systems.

- CIO or Chief Information Officer

- Functional Manager
- ERP Management
- Project Managers
- Information-Security Officer
- Emerging Roles

Information-Systems Users – Types of Users

Besides the people who work to create, administer and manage information systems, there is one more
extremely important group of people: the users of information systems. This group represents a very large
percentage of the people involved. If the user is not able to successfully learn and use an information
system, the system is doomed to failure.

6
One tool that can be used to understand how users will adopt a new technology comes from a 1962 study
by Everett Rogers. In his book, Diffusion of Innovation, Rogers studied how farmers adopted new
technologies and he noticed that the adoption rate started slowly and then dramatically increased once
adoption hit certain point. He identified five specific types of technology adopters:

- Innovators
- Early adopters
- Early majority
- Late majority
- Laggards

7
Week 11: Information Systems Development

Background

Defining Data and Information

Data is a raw fact and can take the form of a number or statement such as a date or a measurement.

Information is data that have been processed so that they are meaningful and can be used for decision
making.

Factors affecting software acquisition

- Time
- Cost
- Quality
- Organisation size
- In-house IS/IT expertise
- Complexity of the required information system
- Uniqueness of the business or business area to be supported
- IS/IT expertise among end-users
- Linkages with existing application software

Methods of acquiring software

Bespoke Development

Bespoke development refers to when an information system is developed by an information systems

professional to match the business requirements of the application. The information systems
professionals will either work for the business which is termed ‘in-house’ bespoke development or for a
third party such as a software house which is termed ‘outsourced’ software development.

Off-the-shelf software

Off-the-shelf purchase of packaged software is an acquisition method that involves direct purchase of a
pre-written application used by more than one company. This type of software is pre-written and is
available for a whole variety of hardware platforms from PCs to mainframes. Off-the-shelf software is
written to offer a broad functionality that will suit a wide range of different businesses. This broad range
of functions has the benefit of fitting the requirements of a large number of businesses.

End-user-developed software

End-user-developed software is software written by non-IS professionals, i.e. the business users.

Developing Information Systems

The systems development life cycle

The systems development life cycle (SDLC) is the classical approach used to develop information system.
The SDLC approach recognizes that systems are developed in a series of steps or phases and that each
phase needs to be completed before the next one commences. Recognition is also given to the fact that

8
the programming activity (part of the build phase) should only commence once user requirements have
been determined and the system design produced. We will now summarise the basic steps that most
systems development projects follow,

Initiation

Initiation phase is the initiation or startup phase and is the first phase in an information systems
development project. Its aims to establish whether the project is feasible and then prepare to ensure the
project is successful.

Feasibility assessment

Feasibility assessment is the activity that occurs at the start of the project to ensure that the project is a
viable business proposition. The feasibility report analyses the need for and impact of the system and
considers different alternatives for acquiring software. The feasibility assessment can be considered to be
part of the initiation phase. It will establish whether a computer-based information system fits certain
feasibility criteria such as technical feasibility, economical feasibility, operational and organizational
feasibility.

Systems analysis

Systems analysis is the capture of the business requirements of a system from talking to or observing end-
user and using other information sources such as existing system documentation. Once a proposed
information system is agreed to be feasible, it is necessary to carry out the detailed work of assessing the
precise requirements that the intended users have for the new system. The systems analysis step is
sometimes referred to as the requirements determination step or the systems study step. There are three
main tasks within this phase.

First, it is necessary to gain an understanding of how the current information system (computerized or
paper-based works. Second, a diagrammatic model of the current system workings is produced to ensure
that IT professionals and system users are in agreement. Finally, a set of requirements (features, scope,
performance standard and physical working environment) for the new information system is produced.

Systems design

The systems design phase defines how the system will work in key areas of the user interface, program
modules, security and database transactions. The input to this stage is a breakdown of the requirements
that the proposed information system is to deliver. The task of the systems design stage is to convert
those requirements into a number of design alternatives from which the best will be selected. The design
step therefore deals with how the proposed information system will deliver what is required. Systems
design deals with such matters as: choosing an appropriate database management system, establishing
general systems security standards, deciding on methods of system navigation (e.g. menu systems and
graphical user interfaces), general standards for printed report production, screen design standards for
input and output, data capture requirements and data storage requirements.

Detailed design, on the other hand, will result in a blueprint for individual system modules which will be
used in the systems build phase that follows.

9
System build

System build is the creation of software by programmers. It involves writing the software code
(programming), building release versions of the software, constructing and populating the database and
testing by programmers and end-users. Writing of documentation and training may also occur at this
stage.

System implementation and changeover

System implementation covers practical issues such as making sure the hardware and network
infrastructure for a new system are in place; testing of the system; and also human issues of how best to
educate and train staff who will be using or affected by the new system. Implementation also involves the
transition or changeover from the old system to the new. This step in the waterfall model deals with
preparing for and making the change from old to new information systems.

Review and Maintenance

Once an information system is operating under live running conditions, it will be inevitable that changes
will be required over time. The maintenance phase involves two different types of maintenance. The first,
known as ‘unproductive maintenance’, stems from errors or oversights in the original systems
development which, while not preventing the system operating to an acceptable level, are still necessary
to correct for it to conform with the original specification. The second form of maintenance involves the
addition of new features and facilities that extend the scope and functionality of the information system.
Also an activity known as the post-implementation review should also be undertaken.

Systems Development Methodologies

The various types of systems development methodologies are

1. SSADM Structured Systems Analysis and Design Method (SSADM)

2. Rapid application development (RAD)
3. The spiral model
4. The Capability Maturity Model

10
Week 12: Globalization and the Digital Divide / The 4th Industrial Revolution

Introduction

The Internet has wired the world together into one unit. Today it is just as simple to communicate with
someone on the other side of the world as it is to talk to someone next door. In this chapter, we will look
at the implications of globalization and the impact it is having on the world.

What is Globalization

Globalization is the term used to refer to the integration of goods, services, and culture among the nations
of the world. Globalization is not necessarily a new phenomenon; in many ways, we have been
experiencing globalization since the days of European colonization. Further advances in
telecommunication and transportation technologies accelerated globalization. The advent of the
worldwide Internet has made all nations next-door neighbours.

The Internet is truly a worldwide phenomenon. As of 2012, the Internet was being used in over 150
countries by a staggering 2.4 billion people worldwide, and growing. From its initial beginnings in the
United States in the 1970s to the development of the World Wide Web in the 1990s to the social networks
and e-commerce of today, the Internet has continued to increase the integration between countries,
making globalization a fact of life for citizens all over the world.

Phases of Globalization

In 2005, Thomas Friedman’s seminal book, The World Is Flat, was published. In this book, Friedman
unpacks the impacts that the personal computer, the Internet, and communication software have had on
business, specifically the impact they have had on globalization. He begins the book by defining the three
eras of globalization

“Globalization 1.0″ occurred from 1492 until about 1800. In this era, globalization was centered around
countries. It was about how much horsepower, wind power, and steam power a country had and how
creatively it was deployed. The world shrank from size “large” to size “medium.”

“Globalization 2.0″ occurred from about 1800 until 2000, interrupted only by the two World Wars. In this
era, the dynamic force driving change was multinational companies. The world shrank from size “medium”
to size “small.”

“Globalization 3.0″ is our current era, beginning in the year 2000. The convergence of the personal
computer, fiber-optic Internet connections, and software has created a “flat-world platform” that allows
small groups and even individuals to go global. The world has shrunk from size “small” to size “tiny.”

According to Friedman, this third era of globalization was brought about, in many respects, by information
technology. Some of the specific technologies he lists include:

- The graphical user interface for the personal computer popularized in the late 1980s. Before the
graphical user interface, using a computer was relatively difficult. By making the personal computer
something that anyone could use, it became commonplace very quickly. Friedman points out that this
digital storage of content made people much more productive and, as the Internet evolved, made it
simpler to communicate content worldwide.

11
- The build-out of the Internet infrastructure during the dot-com boom during thelate-1990s. During the
late 1990s, telecommunications companies laid thousands of miles of fiber-optic cable all over the
world, turning network communications into a commodity. At the same time, the Internet protocols,
such as SMTP (e-mail), HTML (web pages), and TCP/IP (network communications) became standards
that were available for free and used by everyone.
- The introduction of software to automate and integrate business processes. As the Internet continued
to grow and become the dominant form of communication, it became essential to build on the
standards developed earlier so that the websites and applications running on the Internet would work
well together.

Friedman calls this “workflow software,” by which he means software that allows people to work together
more easily, and allows different software packages and databases to integrate with each other more
easily. Examples include payment-processing systems and shipping calculators.

Effects of Globalization

- Access to new markets

- Lower cost for products
- Access to new talents
- Facilitate information sharing
- Easy spread of technology and innovation

The Digital Divide / The 4th Industrial Revolution

As the Internet continues to make inroads across the world, it is also creating a separation between those
who have access to this global network and those who do not. This separation is called the “digital divide”
and is of great concern. An article in Crossroads puts it this way

Adopted by the ACM Council in 1992, the ACM Code of Ethics and Professional Conduct focuses on issues
involving the Digital Divide that could prevent certain categories of people those from low-income
households, senior citizens, single-parent children, the undereducated, minorities, and residents of rural
areas from receiving adequate access to the wide variety of resources offered by computer technology.

This Code of Ethics positions the use of computers as a fundamental ethical consideration: “In a fair
society, all individuals would have equal opportunity to participate in, or benefit from, the use of
computer resources regardless of race, sex, religion, age, disability, national origin, or other similar
factors.” This article summarizes the digital divide in its various forms, and analyzes reasons for the
growing inequality in people’s access to Internet services. It also describes how society can bridge the
digital divide: the serious social gap between information “haves” and “have-nots.”

The digital divide can occur between countries, regions, or even neighborhoods. In many US cities, there
are pockets with little or no Internet access, while just a few miles away high-speed broadband is common.

Solutions to the digital divide have had mixed success over the years. Many times, just providing Internet
access and/or computing devices is not enough to bring true Internet access to a country, region, or
neighborhood.

12
One Laptop per Child

One attempt to repair the digital divide was the One Laptop per Child effort. As stated on the
organization’s website, “The mission of One Laptop per Child (OLPC) is to empower the children of
developing countries to learn by providing one connected laptop to every school-age child. In order to
accomplish our goal, we need people who believe in what we’re doing and want to help make education
for the world’s children a priority, not a privilege.” 1 Announced to great fanfare in 2005 by Nicholas
Negroponte, the OLPC project seemed destined for success.

The centerpiece of the project was the laptop itself: an inexpensive computer designed to withstand a lot
of punishment. It utilized a revolutionary “mesh” network, allowing the laptops to act as repeaters,
extending a Wi-Fi network far beyond their normal range. They also used minimal power, making them
practical for remote areas with limited access to the electrical grid.

Unfortunately, the OLPC project failed to live up to expectations, running into many of the problems
related to globalization discussed above: different cultures, corruption, and competition. In an article that
examined the success and failures of OLPC, the authors state, “Expecting a laptop to cause such a
revolutionary change showed a degree of naivete, even for an organization with the best of intentions
and the smartest of people.”
Today, OLPC is evolving their methods and their technology, trying to deliver an OLPC tablet computer.

A New Understanding of the Digital Divide

In 2006, web-usability consultant Jakob Nielsen wrote an article that got to the heart of our understanding
of this problem. In his article, he breaks the digital divide up into three stages: the economic divide, the
usability divide, and the empowerment divide.

What is usually called the digital divide is, in Nielsen’s terms, the economic divide: the idea that some
people can afford to have a computer and Internet access while others cannot. Because of Moore’s Law,
the price of hardware has continued to drop and, at this point, we can now access digital technologies,
such as smartphones, for very little. This fact, Nielsen asserts, means that for all intents and purposes, the
economic divide is a moot point and we should not focus our resources on solving it.

The usability divide is concerned with the fact that “technology remains so complicated that many people
couldn’t use a computer even if they got one for free.” And even for those who can use a computer,
accessing all the benefits of having one is beyond their understanding. Included in this group are those
with low literacy and seniors. According to Nielsen, we know how to help these users, but we are not
doing it because there is little profit in doing so.

The empowerment divide is the most difficult to solve. It is concerned with how we use technology to
empower ourselves. Very few users truly understand the power that digital technologies can give them.
In his article, Nielsen explains that his (and others’) research has shown that very few users contribute
content to the Internet, use advanced search, or can even distinguish paid search ads from organic search
results. Many people will limit what they can do online by accepting the basic, default settings of their
computer and not work to understand how they can truly be empowered.

13
Understanding the digital divide using these three stages provides a more nuanced view of how we can
work to alleviate it. While efforts such as One Laptop per Child are an excellent start, more work needs to
be done to address the second and third stages of the digital divide for a more holistic solution.

Using Gaming to Bridge the Digital Divide

Paul Kim, the Assistant Dean and Chief Technology Officer of the Stanford Graduate School of Education,
designed a project to address the digital divide for children in developing countries.

In their project, the researchers wanted to understand if children can adopt and teach themselves mobile
learning technology, without help from teachers or other adults, and the processes and factors involved
in this phenomenon. The researchers developed a mobile device called Teacher Mate, which contained a
game designed to help children learn math. The unique part of this research was that the researchers
interacted directly with the children; they did not channel the mobile devices through the teachers or the
schools.

Another important factor to consider: in order to understand the context of the children’s educational
environment, the researchers began the project by working with parents and local non-profits six months
before their visit. While the results of this research are too detailed to go into here, it can be said that the
researchers found that children can, indeed, adopt and teach themselves mobile learning technologies.

What makes this research so interesting when thinking about the digital divide is that the researchers
found that, in order to be effective, they had to customize their technology and tailor their
implementation to the specific group they were trying to reach. One of their conclusions stated the
following:

Considering the rapid advancement of technology today, mobile learning options for future projects will
only increase. Consequently, researchers must continue to investigate their impact; we believe there is a
specific need for more in-depth studies on ICT [information and communication technology] design
variations to meet different challenges of different localities.

The 4th Industrial Revolution

Also called the Fourth Industrial Revolution or 4IR is the next phase in the digitization of the
manufacturing sector driven by disruptive trends including the rise of data and connectivity, analytics,
human machine interaction, and improvement in robotics.

The 5th Industrial Revolution

The Fifth Industrial Revolution or 5IR encompasses the notion of harmonious human-machine
collaborations, with a specific focus on the well-being of the multiple stakeholders (i.e. society,
companies, employees, customers).

14
Week 13: Ethical and Social Implications of Information Systems

The term ethics is defined as “a set of moral principles” or “the principles of conduct governing an
individual or a group.” Since the dawn of civilization, the study of ethics and their impact has fascinated
mankind. But what do ethics have to do with information systems?

Digital technologies have given us the ability to aggregate information from multiple sources to create
profiles of people. What would have taken weeks of work in the past can now be done in seconds, allowing
private organizations and governments to know more about individuals than at any time in history. This
information has value, but also chips away at the privacy of consumers and citizens.

The introduction of new technology can have a profound effect on human behavior. New technologies
give us capabilities that we did not have before, which in turn create environments and situations that
have not been specifically addressed in ethical terms.

One method for navigating new ethical waters is a code of ethics. A code of ethics is a document that
outlines a set of acceptable behaviors for a professional or social group; generally, it is agreed to by all
members of the group. The document details different actions that are considered appropriate and
inappropriate.

A good example of a code of ethics is the Code of Ethics and Professional Conduct of the Association for
Computing Machinery (ACM), an organization of computing professionals that includes academics,
researchers, and practitioners.

This Code, consisting of 24 imperatives formulated as statements of personal responsibility, identifies the
elements of such a commitment. It contains many, but not all, issues professionals are likely to face.
Section 1 outlines fundamental ethical considerations, while Section 2 addresses additional, more specific
considerations of professional conduct. Statements in Section 3 pertain more specifically to individuals
who have a leadership role, whether in the workplace or in a volunteer capacity.

In the ACM’s code, you will find many straightforward ethical instructions, such as the admonition to be
honest and trustworthy. But because this is also an organization of professionals that focuses on
computing, there are more specific admonitions that relate directly to information technology: No one
should enter or use another’s computer system, software, or data files without permission. One must
always have appropriate approval before using system resources, including communication ports, file
space, other system peripherals, and computer time.

Designing or implementing systems that deliberately or inadvertently demean individuals or groups is

ethically unacceptable.

Organizational leaders are responsible for ensuring that computer systems enhance, not degrade, the
quality of working life. When implementing a computer system, organizations must consider the personal
and professional development, physical safety, and human dignity of all workers. Appropriate human-
computer ergonomic standards should be considered in system design and in the workplace.

One of the major advantages of creating a code of ethics is that it clarifies the acceptable standards of
behavior for a professional group. The varied backgrounds and experiences of the members of a group
lead to a variety of ideas regarding what is acceptable behavior. While to many the guidelines may seem

15
obvious, having these items detailed provides clarity and consistency. Explicitly stating standards
communicates the common guidelines to everyone in a clear manner.

Having a code of ethics can also have some drawbacks. First of all, a code of ethics does not have legal
authority; in other words, breaking a code of ethics is not a crime in itself. So what happens if someone
violates one of the guidelines? Many codes of ethics include a section that describes how such situations
will be handled. In many cases, repeated violations of the code result in expulsion from the group.

In the case of ACM: “Adherence of professionals to a code of ethics is largely a voluntary matter. However,
if a member does not follow this code by engaging in gross misconduct, membership in ACM may be
terminated.” Expulsion from ACM may not have much of an impact on many individuals, since
membership in ACM is usually not a requirement for employment. However, expulsion from other
organizations, such as a state bar organization or medical board, could carry a huge impact.

Another possible disadvantage of a code of ethics is that there is always a chance that important issues
will arise that is not specifically addressed in the code. Technology is quickly changing, and a code of ethics
might not be updated often enough to keep up with all of the changes. A good code of ethics, however,
is written in a broad enough fashion that it can address the ethical issues of potential changes to
technology while the organization behind the code makes revisions.

Finally, a code of ethics could have also be a disadvantage in that it may not entirely reflect the ethics or
morals of every member of the group. Organizations with a diverse membership may have internal
conflicts as to what is acceptable behavior. For example, there may be a difference of opinion on the
consumption of alcoholic beverages at company events. In such cases, the organization must make a
choice about the importance of addressing a specific behavior in the code.

Many organizations that provide technology services to a group of constituents or the public require
agreement to an acceptable use policy (AUP) before those services can be accessed. Similar to a code of
ethics, this policy outlines what is allowed and what is not allowed while someone is using the
organization’s services. An everyday example of this is the terms of service that must be agreed to before
using the public Wi-Fi at Starbucks, McDonald’s, or even a university. Here is an example of an acceptable
use policy from Virginia Tech.

Just as with a code of ethics, these acceptable use policies specify what is allowed and what is not allowed.
Again, while some of the items listed are obvious to most, others are not so obvious:

“Borrowing” someone else’s login ID and password is prohibited.

Using the provided access for commercial purposes, such as hosting your own business website, is not
allowed.

Sending out unsolicited email to a large group of people is prohibited.

Also as with codes of ethics, violations of these policies have various consequences. In most cases, such
as with Wi-Fi, violating the acceptable use policy will mean that you will lose your access to the resource.
While losing access to Wi-Fi at Starbucks may not have a lasting impact, a university student getting
banned from the university’s Wi-Fi (or possibly all network resources) could have a large impact.

PRIVACY

16
The term privacy has many definitions, but for our purposes, privacy will mean the ability to control
information about oneself. Our ability to maintain our privacy has eroded substantially in the past
decades, due to information systems. Information about a person that can be used to uniquely establish
that person’s identify is called personally identifiable information, or PII. This is a broad category that
includes information such as:

Name;

Social security number;

Date of birth;

Place of birth;

mother‘s maiden name;

Biometric records (fingerprint, face, etc.);

Medical records;

Educational records;

Financial information; and

Employment information.

Organizations that collect PII are responsible to protect it. The Department of Commerce recommends
that “organizations minimize the use, collection, and retention of PII to what is strictly necessary to
accomplish their business purpose and mission.” They go on to state that “the likelihood of harm caused
by a breach involving PII is greatly reduced if an organization minimizes the amount of PII it uses, collects,
and stores.

” Organizations that do not protect PII can face penalties, lawsuits, and loss of business. In the US, most
states now have laws in place requiring organizations that have had security breaches related to PII to
notify potential victims, as does the European Union.

Just because companies are required to protect your information does not mean they are restricted from
sharing it.

17