Module 2 GIT

System Development- is the process of defining, testing,

and implementing a software application.

System Development Methods

- Predictive Approach
- Use of Process models
- Process-centered technique

System Development Life Cycle (SDLC)

- Planning
- Analysis
- Design
- Implementation - A business flowchart shows the steps that make
- Maintenance up a business process, along with who's
responsible for each step.
Systems planning- The initial stage in the SDLC. It is the - They are useful for analyzing current processes,
fundamental process of understanding why an planning improvements, and crystallizing
information system should be built and determining communication between process participants.
how the project team will build it.
Types of flowchart:
Systems analysis- Done by systems analysts. This must
be done when creating a new system or improving an ● Document
old system. - Illustrates the flow of documents and information
Requirements modeling- Involves fact-finding to between areas of responsibility within an organization.
describe the current system and identification of the - A document flowchart is particularly useful in analyzing
requirements for the new system. the adequacy of control procedures.
1. Inputs- refer to necessary data that enters the ● System
system, either manually or in an automated
manner. - System flowcharts depict the relationship among the
2. Processes- refer to the system characteristics input, processing, and output of an AIS
such as speed, volume, capacity, availability, and
● Program
reliability.
3. Outputs- refer to electronic or printed - A program flowchart describes the specific logic to
information produced by the system. perform a process shown on a systems flowchart
4. Performance- refers to the logical rules that are
applied to transform the data into meaningful
information. System Requirements - In the context of software
5. Security- refers to hardware, software, and development and system design, requirements are
procedural controls that safeguard and protect statements that describe what the system should do or
the system and its data from internal or external possess to meet the needs of its users and stakeholders.
threats.
These requirements can be broadly categorized into two Systems Design – Systems Design is the third of five
types: phases in the systems development life cycle (SDLC).
Now you are ready to begin the physical design of the
1. functional requirements
system that will meet the specifications described in the
2. non-functional requirements.
system requirements document.

Examples of functional requirements for a website:

System Design Guidelines:
- Allow users to register and log in to their
• Data design
accounts.
- Provide a search functionality to find products • User interface
or information.
• Architecture
- Enable users to add items to a shopping cart
and proceed to checkout. • System design specification
- Allow administrators to manage user accounts
and product listings.
- Display real-time stock availability for products. System Design Objectives

• The goal of systems design is to build a system that is

Non-functional Requirements- define the attributes and effective, reliable, and maintainable
qualities that describe how the system should perform, • A system is reliable if it adequately handles errors
rather than what it should do. These requirements focus
on aspects related to system behavior, performance, • A system is maintainable if it is well-designed, flexible,
security, and user experience. and developed with future modifications in mind

Examples of non-functional requirements for a website: •User Considerations

Performance: The website should load within 3 ❏ Carefully consider any point where users receive
seconds to provide a good user experience. output from, or provide input to, the system

- Scalability: The system should handle an ❏ Anticipate future needs of the users, the system, and
increasing number of users without significant the organization – hard-coded
performance degradation.
❏ Provide flexibility
- Security: User passwords should be securely
hashed and stored to prevent unauthorized ❏ Parameter, default
access.
- Usability: The website's interface should be
intuitive and easy to navigate for users of all • Data Considerations
experience levels.
- Reliability: The system should have at least ❏ Data should be entered into the system where and
99.9% uptime, with minimal downtime for when it occurs because delays cause data errors
maintenance.
❏ Data should be verified when it is entered, to catch
Functional requirements define what the system should errors immediately
achieve in terms of features and capabilities, while non-
functional requirements ensure the system meets the ❏ Automated methods of data entry should be used
desired levels of performance, quality, and user whenever possible
satisfaction.
•Data Considerations  Consider potential problems - The rapid pace of
development can create quality problems In very
❏ Audit trail complex systems, the prototype becomes unwieldy and
❏ Every instance of entry and change to data should be difficult to manage
logged

❏ Data should be entered into a system only once Prototyping Tools – systems analysts can use powerful
tools to develop prototypes
❏ Data duplication should be avoided
 CASE tools - Computer-aided systems
engineering (CASE), also called computer-aided
•Design Trade-Offs software engineering is a technique that uses
powerful software, called CASE tool, to help
❏ Most design trade-off decisions that you will face
systems analysts develop and maintain
come down to the basic conflict of quality versus cost
information systems.
❏ Avoid decisions that achieve short-term savings but  Application generators -A tool that supports the
might mean higher costs later rapid development of computer programs by
translating a logical model directly into code.
Also called a code generator.
Prototyping- The method by which a prototype is  Report generators - a computer program whose
developed. It involves a repetitive sequence of analysis, purpose is to take data from a source such as a
design, modeling, and testing. It is a common technique database, XML stream, or spreadsheet, and use
that can be used to design anything from a new home to it to produce a document in a format that
a computer network. satisfies a particular human readership
 Screen generators - or form painter, is an
interactive tool that helps you design a custom
interface, create screens forms, and handle data
Prototyping methods:
entry format and procedures.
 System prototyping - produces a full-featured,
Limitations of Prototypes
working model of the information system. Because the
model is “on track” for implementation, it is especially ❏ A prototype is a functioning system, but it is less
important to obtain user feedback, and to be sure that efficient than a fully developed system
the prototype meets all requirements of users and
management. ❏ Systems developers can upgrade the prototype into
the final information system by adding the necessary
 Design prototyping or Throwaway prototyping – capability.
method of development that employs technical
mechanisms for reducing risk in a project, when the
project needs are vaguely and poorly laid out. The end
User Interface - Describes how users interact with a
product of design prototyping is a user-approved model
computer system, and consists of all the hardware,
that documents and benchmarks the features of the
software, screens, menus, functions, output, and
finished system.
features that affect two-way communications between
 Prototyping offers many benefits- Users and systems the user and the computer.
developers can avoid misunderstandings Managers can
Graphical User Interface - uses visual objects and
evaluate a working model more effectively than a paper
techniques that allow users to communicate effectively
specification
with the system.

Usability – user satisfaction, support for business

functions, and system effectiveness
❏ Process-control systems – allow users to send
commands to the system 6. Invite Feedback- Even after the system is
operational, it is important to monitor system
❏ User-centered systems – how users communicate usage and solicit user suggestions. The analyst
with the information system, and how the system can determine if system features are being used
supports the firm’s business operations as intended by observing and surveying users.
The user interface requires an understanding of human-
computer interactions and user-centered design 7. Document Everything- All screen designs should
principles. be documented for later use by programmers.

Systems Implementation – This phase begins once the

Human-Computer Interaction- describes the client has tested and approved the system. The system
relationship between computers and people who use is installed at this phase to support the specified
them to perform their jobs business functions. The performance of the system is
compared to the performance targets defined during
 Electronic health records (EHRs)
the planning phase.

Systems Maintenance – System maintenance is a

Seven Habits of Successful Interface Designers continuous operation that includes eliminating program
and design flaws, updating documentation and test
1. Understand the business- The interface
data, and updating user support.
designer must understand the underlying
business functions and how the system supports
individual, departmental, and enterprise goals.
Internet etiquette, also known as “Netiquette,” is
The overall objective is to design an interface
essential in a civilized work environment or personal
that helps users to perform their jobs.
relationship.
2. Maximize Graphical Effectiveness- The
immense popularity of Apple’s iOS and
Microsoft Windows is largely the result of their General Guidelines for Computer Etiquette
GUIs that are easy to learn and use. A well- 1. When communicating with people online, remember
designed interface can help users learn a new how you want to be treated, that’s probably how others
system rapidly and be more productive. want to be treated too, with respect.

3. Think like a user- The designer must learn to 2. Always be aware that you are talking to a person, not
think like a user and see the system through a a device. Be courteous.
user’s eyes. The interface should use terms and 3. Adhere to the same standards of behavior online that
metaphors that are familiar to users. you follow in real life.

4. Use Models and Prototypes- It is essential to 4. Know where you stand. Netiquette varies from
construct models and prototypes for user domain to domain. What is acceptable in a chat room
approval. An interface designer should obtain as may not be appropriate in a professional forum so “lurk
much feedback as possible, as early as possible. before you leap”.

5. Respect other people’s time and bandwidth.

5. Focus on usability- The user interface should
include all tasks, commands, and 6. Spelling and grammar count! Always check, recheck
communications between users and the your posts, and keep your language appropriate.
information system. The opening screen should
7. Keep under control the posts or content that invoke
show the main option. Each screen option leads
rage, sadness, humiliation, self-doubt, and others.
to another screen, with more options.
8. Respect other people’s privacy. Ask for consent for Computer security- the protection of computer systems
everything! From post-sharing to citations, to the use of and information from harm, theft, and unauthorized
materials and more. use.

9. Help out those people who are new to the Cyber security- is the practice of defending computers,
technology. servers, mobile devices, electronic systems, networks,
and data from malicious attacks. It's also known as
10. Read, and research before asking. Try not to waste
information technology security or electronic
other people’s time.
information security.
11. Some emotions and meanings do not transmit very
 Network security- is the practice of securing a
well in an email or a post. However, do not use all caps if
computer network from intruders, whether
you want to communicate strong emotions. All caps will
targeted attackers or opportunistic malware.
make you look like you’re shouting. Don’t overuse
smileys and emoticons because they make you look
 Application security- focuses on keeping
unprofessional. Constructing your sentences carefully
software and devices free of threats. A
and editing what you write before hitting send is often
compromised application could provide access
enough.
to the data it's designed to protect.
12. Remember that your posts and account can be easily
traced back to you even if you write under an alias or a  Information security- protects the integrity and
made-up handle. You leave data footprints whenever privacy of data, both in storage and in transit.
you’re online. These are stored and can be retrieved.
Even when using incognito. Always be a decent and  Disaster recovery- and business continuity
responsible netizen. define how an organization responds to a cyber-
security incident or any other event that causes
the loss of operations or data. Disaster recovery
10 Commandments of Computer Ethics policies dictate how the organization restores its
operations and information to return to the
1. Thou shalt not use a computer to harm other same operating capacity as before the event.
people
2. Thou shalt not interfere with other people’s  End-user education- addresses the most
computer work unpredictable cyber-security factor: people.
3. Thou shalt not snoop around in other people’s Anyone can accidentally introduce a virus to an
computer files otherwise secure system by failing to follow
4. Thou shalt not use a computer to steal good security practices.
5. Thou shalt not use a computer to bear false
witness
6. Thou shalt not copy or use proprietary software
for which you have not paid
7. Thou shalt not use other people’s computer
resources without authorization or proper
compensation
8. Thou shalt not appropriate other people’s
intellectual output
9. Thou shalt think about the social consequences
of the program you are writing or the system
you are designing
10. Thou shalt always use a computer in ways that
ensure consideration and respect for your fellow
humans
 Definition of Terms

Firewall: A firewall is a network security device that

monitors incoming and outgoing network
traffic and decides whether to allow or block specific
traffic based on a defined set of security
rules.

Hackers: A hacker is a person who breaks into a

computer system. The reasons for hacking can
be many: installing malware, stealing or destroying
data, disrupting service, and more. Hacking
can also be done for ethical reasons, such as trying to
find software vulnerabilities so they can
The goal of information security follows three main be fixed.
principles:
Threats: A threat is anything that can compromise the
1. Confidentiality- ensuring that information is confidentiality, integrity, or availability of
available only to the intended audience – An an information system.
organization obtains or creates a piece of
Vulnerability: A vulnerability is any weakness in the
sensitive data that will be used in the course of
information technology (IT) infrastructure
its business operations. that hackers can exploit to gain unauthorized access to
data.
2. Integrity- protecting information from being
modified by unauthorized parties – Integrity Some of the most common cybersecurity threats
involves maintaining the accuracy, consistency, include:
and trustworthiness of data. Malware: This refers to malicious software such as
viruses, worms, and Trojan horses
3. Availability- is protecting information from that can infect computers and devices, steal sensitive
information, or damage systems.
being modified by unauthorized parties – When
the individual who needs that piece of data to
Phishing: This is the practice of sending fake emails or
perform a job duty is ready to utilize it, it must messages that appear to come
be readily accessible (i.e. online) in a timely and from a trustworthy source, such as a bank or a popular
reliable manner so the job task can be website, in order to trick people
completed on time and the company can into revealing sensitive information.
continue its processing.
Ransomware: This is a type of malware that encrypts a
victim's files and demands a
Good Security Practices for Individuals ransom payment in exchange for the decryption key.
1. Install anti-virus and anti-malware software
Distributed Denial of Service (DDoS) attacks: These
2. Use a strong password
attacks overload a website or online
3. Log off public computers
service with traffic, making it inaccessible to users.
4. Save and Back-up
5. Limit social network information Insider threats: Refers to current or former employees,
6. Download files legally business partners, contractors,
7. Keep personal information safe or anyone who has had access to any systems or
8. Lock your computer networks in the past. can be
9. Do not click on suspicious links or pop-up considered an insider threat if they abuse their access
notifications permissions.
10. Keep applications up to date
Man-in-the-middle attacks: Man-in-the-middle is an
eavesdropping attack, where a
hacker/intruder intercepts and relays messages
between two parties in order to steal
data.

Advanced persistent threats (APTs): In an APT, an

intruder or group of intruders sneak
into a system and remain undetected for an extended
period. The intruder leaves
networks and systems intact to avoid detection so that
the intruder can spy on business
activity and steal sensitive data.

Information security, also known as InfoSec, refers to

the processes and tools designed
and deployed to protect sensitive business information
from modification, disruption,
destruction, and inspection.