• The term ―computer‖ describes a device made up of a combination of

electronic and electromechanical components. By itself, a computer has no intelligence and is referred to as hardware which means simply the physical equipment. Tile hardware cannot be used, until it is connected to other elements, all of which constitute the six parts-of a computer-based information system.



Describe the six components of a computer-based information system. (12 marks)


  • Any communication network, such as a telephone system, can be connected to others. This is an example of connectivity, the ability to connect computers, telephones and other devices to other computers, other devices and sources of information. It is this connectivity that is the foundation of Information Age. Connectivity has also made many activities possible.




Explain any four activities that have become possible because of connectivity.

(8 marks)

(Total: 20 marks)

December 2013





  • Input, processing, storage, output
  • Organization
  • Environment
  • Technology
  • Feedback
  • People



  • Data sharing
  • e-Business and Commerce
  • e-Learning
  • Communication
  • Video conferencingQUESTION TWO
    • Explain the role of senior management during systems implementation.

    (6 marks)

    • Locating computer hardware, software and information communication staff in one area realizes a number of benefits to an organization. (2 marks)



    Explain the nature of the following advantages:


    • The firm you work for is in the process of designing a customer database in order to improve its debts management.

    Name any eight important customer details that would constitute this  database system.

    8 marks)

    (Total: 20 marks)



    An approval from senior management is required after the completion of the first

    • seven of the SDLC phases, annually during operations and maintenance phase and six months after the disposition phase.

    Senior management approval authority may be varied based on currency value, visibility   level, congressional interests or a combination of these.



    Economies of scale.

    Use of resources in a pool makes it possible to save on costs especially for

     shared purchases which can be bought in bulk.  (ii) Enforcement of systems development standards

    Sharing of information between departments. All users are given guidelines on systems to be developed i.e. tools to be used, level of testing required and

    implementation plans. Resources located in one place e.g. network printer can

    be shared by staff in one area.


    Customer name, number, items purchased, cost of the items, form of payment, Date of   transaction, receipt number, Payment date,, customer contacts.



    You have been appointed the internal auditor of a bank. The bank has several computerized  systems networked in a distributed network system. There is need to review the variouscontrols existing within the systems.

    • Outline six main areas that the review should cover. (6 marks)
    • Describe how you would carry out your audit procedures using the following computer assisted audit techniques (CAATs):

    Parallel simulation      (3 marks)

  • Embedded Audit Module(3 marks)
    • Explain why you may have some difficulties in auditing distributed systems.

    (8 marks)

    (Total: 20 marks)



    Comparison of the actual system performance against the anticipated performance

    • This involves assessment of system running cost, benefits etc. as they  compare with estimated or anticipated.
    • The staffing needs and whether th0ey are more or less than anticipated.
    • Any delays in the processing and effects of such delays.
    • Effectiveness of the inbuilt security procedures in the system.
    • The error rates for input data.


    • Parallel simulation

    In which actual client data is processed using a copy of the client‘s software and isunder the control of the auditor. The data processed on the auditor‘s copy of the software is compared to the data previously processed by the client to ensure that the processing is identical. This procedure provides evidence as to the effectiveness of design of programmed control procedures as well as aspects of the effectiveness of operation.


    • Embedded Audit Module

    Is a CAAT in which code prepared by the auditor is embedded in the clients software. The code may be designed for example, to replicate a specific aspect of control procedure, or to record details of certain transactions in a file accessible only to the auditor. Thus, this audit software may be used as both a test control or as a substantive procedure. This CAAT is particularly applicable to continuous auditing.



    • Inconsistency: There may be a problem when it comes to consistency in auditing sincethe systems are distributed hence part of the system may be audited and some parts may not

    hence ―half baked‖ auditing of systems may crop up leading to poor auditing. – Quality Tools: System quality can be significantly enhanced by the use of quality tools.Lack of these tools may bring about difficulties in auditing systems. Some of the tools developed may not me tailored to suite distributed systems hence a challenge to system auditors where as some tools may not be easy to use or lack proper  documentation.

    • Difficulty in Data Quality Audits: In may be difficult for an organization to undertakeregular data quality audits for the fact that data is distributed to some or all the components of a distributed system hence the difficulty to know what data is accurate, incomplete of ambiguous.
    • Size: The size of a distributed system may be too large for an organization to fully andeffectively carry out a successful audit. The possibility of redundancy auditing may bring about



    Farmquip Ltd. designs and manufactures irrigation equipment. The irrigation equipments are sold to flower nationality. The company regards customer service, that is the ability to respond effectively and properly to service calls as critical to its success.


    Initially, field engineers inspect faulty irrigation equipment. Currently three quarters of the faulty irrigation equipment are referred to the repair centre, to be mended by the repair centre.


    Engineers, resulting in a turnaround time of up to 10 days. The company has decided to investigate the possibility of carrying out more field repairs with the aid of a portable expert system, in order to reduce the turnaround time.


    The prototyping approach was used, and an evaluation of the final prototype made it clear that an expert system used in conjunction with 11.1ptop microcomputer would improve the situation to the extent that only 10% of irrigation equipment would need to be returned to the repair centre, with majority of repairs being carried out at the customers‘ premises by the field engineers.



    • Define the term expert system and explain how it could be of use in this context.

    (4 marks)

    • What is meant by prototyping? Briefly comment on its advantages and disadvantages and explain how this approach is used.     (4 marks)


    • Discuss the changes that would take place if the expert system was implemented in terms of position, status; tasks and responsibilities of engineers at the company‘s

    repair centre and in the field.                                                       (12 marks)

    (Total: 20 marks)



    An expert system is an intelligent computer system which uses knowledge and interface

    • procedures to solve problems that are difficult enough to require significant human experts for their solution.

    It is a computer-based system that simulates the human thought process or reasoning to

    • solve problems which require human expertise. It enables nonachieve comparable results to human experts in that field. -experts in a given filed to

    In this context, the expert system will help in solving time in repairs and reduce cost drastically   which would have incurred on the repair engineers.


    Prototyping is a technique for quickly building a functioning, but incomplete modelof the information system using rapid application development tools. Prototypes typically   evolve into the final version of the system or application.


    Advantages of prototyping

    • It is useful for projects in which user requirements are uncertain or imprecise.

    It encourages active user and management participation (as opposed to a passive reaction   to non-working system models). This increase end-user enthusiasm for the project.

    Projects have higher visibility and support because of extensive user involvement throughout the

    Users and management see working, software   -based solutions more rapidly than in model-driven development.

    • Errors and omissions tend to be detected earlier in prototypes than in system models.   § Testing and training is a natural by-product of the underlying prototyping approach.

    The interactive approach is a more ―natural‖ fit because change is an expected factor

    • during development.

    It reduces risk because you test the technical solution iteratively instead of making a wholesale   commitment to any solution.


    Disadvantages of prototyping

    There can be considerable pressure to implement an early prototype. Often users observing a working model cannot understand why the early prototype has to be refined further. The fact that the prototype has to be expanded to handle transaction

    • volumes, terminal networks, back up and recovery procedures, as well as provide for audit ability and control is not often understood.

    It often leads to functions or extras being added to the system that are not included in the initial requirements document. All major enhancements beyond the initial requirements document should be reviewed to ensure that they need the strategic

    • needs of the organization and are cost effective otherwise, the final system can end up being functionally rich but inefficient.

    The finished system will have poor controls. By focusing mainly on what the user wants and what the user uses, system developers may miss some of the controls that come out of the traditional system development approach, such a back up recovery, security and audit trails. Change control often becomes much more complicated with prototyped systems. Changes in designs and requirements happen so quickly that they are seldom documented or approved and can escalate to a point of being   unmaintainable.


    How this approach is used

    Build the model to create the design. Then based on that model, develop the system with   all the processing capabilities needed.


    • Retrenchment of some engineers
    • Some specialized positions would be faced out for instance some engineers may have acquired specialization due to many years of experience hence regarded special in position such positions may be faced out by the new system, leading to

    loss of status in the organization

    • The new system may lower morals of those affected negatively by it.
    • Repositioning of staff, some engineers may be assigned other responsibilities, which may be different from what they used to do and probably not in the engineering sector.



    • Lack of historical data and prior knowledge of an information system makes it difficult to estimate the cost of an information systems project.




    Formulate a checklist that could assist an organization in identifying, quantifying and evaluating information systems costs. (12 marks)


    • The basic objective of user interface is to minimize the human error during data entry.




    • Explain the error control measures that should be incorporated into a user interface. (4 marks)


    What are the implications of the error control measures in (i) above?  (4 marks) (Total: 20 marks)



    • Feasibility study: Preparation of gross estimates ofcosts for each probable alternative solution.  developments, implementation and operation

    Development costs are one-time costs that will not recur after the project has been

    • completed e.g. systems development, hardware/software, user training, site and data conversion. preparation

    Operating costs are costs that tend to recur throughout the lifetime of the system. E.g.

    • maintenance, data storage expenses, communications expenses, software licenses. Such  costs can be classified as:

    Fixed costs – occur at regular intervals but at relatively fixed rates


    Forward error control – additional redundant information is transmitted with each

    • character or frame so that the receiver cannot only detect when errors are present, but can also determine where the error has occurred and thus corrects it.

    Feedback (backward) error control – only enough additional information is transmitted so that the receiver can identify that an error has occurred. An

    • associated retransmission control system is then used to request that another copy  of the information be sent.

                   §        Ensures data integrity during data transmission.



    The following diagram illustrates the e-business planning process, which focuses on discovering innovative approaches to satisfying a company‘s customer value and business value goals:


    Key insight                               Key objectives               Priorities

    Customer and e-business e-business e-business
    business value strategies and strategies and application















    development and deployment



    More questions                          Feedback                      Feedback


    The planning process leads to development of strategies and business models for new e business and e-commerce platforms, processes, products and services. The company can then develop IT strategies and an IT architecture that supports the building and implementation of the newly planned e-business applications. Such an e-business planning process has three major components one of which is information technology architecture.



    Describe the other two e-business planning process components.   (4 marks)

  •  State  and  explain  the  four  major  components  of  the  information  technology

    architecture component.                                                             (8 marks)

    The e-business application development and deployment process involve some activities that should be properly managed for the e-business planning process to be  completed successfully.

    List and briefly explain these activities.                                         (8 marks)

    (Total: 20 marks)




    • Infrastructure opportunities and constraints, which will include Information System requirements and priorities
    • Business processes: that is business focused processes, demand oriented and function


    • Hardware – The tangible parts of a computer system
    • Operating System – Gives life to the hardware
    • Database – stores data and information
    • Telecommunication – Enables communication between the users of the system and the organization system


    • In-house review: Evaluating what has been accomplished and resources that have been acquired
    • Analyzing the environment
    • Anticipating future development (projecting trends)
    • Deciding what goals are to be achieved (setting goals)
    • Deciding what actions to take to achieve the goal set



    During output design, the designer‘s ideas are put to test. Some ideas are essential while others are dictated by circumstances.



    • (i) State the general principles applied in output design. (2 marks) (ii) Outline the ―Steps taken in designing an output.‖(6 marks)


    • Describe the options available for the analyst to use when implementing an output

    (8 marks)


    • Systems development projects are usually triggered by:
      • Problems
      • Directives


    Explain the meaning of these terms in the context of systems development.

    (4 marks)

    (Total: 20 marks) 




    • Use a single line for column heading to conserve space.
    • Adjust formats or eliminate information in order to fit the information to be displayed.
    • Place command buttons on the bottom
    • Always include the current time indicator



    • Define the output and data flows – before beginning a program, you must have a firm idea of what the program should produce and what data is needed to

    produce that output.

    • Develop the logic. After you and the user agree to the goals and output of the program your job is to take that output definition and decide how to make a

                            computer produce the output.

    • Writing the code.



    • Printer – to produce text and graphics on paper.  § Screen VDU it displays text and graphics on monitor

    Computer output microfiche   – it records reduced size information on sheet film known as microfiche


    • of speech.Voice/audio devices – they convey information to the end-user from the computer in the form

    Specialized devices  – they produce outputs for specialized application e.g. electronic point of sale

    • terminals, ATMs.

    Systems development projects are usually triggered by:

    • Problems
    • Directives


    • Problems: This is the business need(s) for the information system. Businessreason(s) for the new information system due to change of trends.
    • Directives: The underlined steps, procedures and controls (standards in systemdevelopment


E-banking or on-line banking is one of the newest financial products in the Kenyan financial market. Commercial banks are outdoing each other in order to capture a bigger share of the market. They target middle aged individuals with steady incomes and who appreciate the impact of information communication technology (ICT) in their day to day lives. These individuals have access to mobile telephones and computer terminals connected to the internet.


Through on-line banking, the individuals can pay their rents, insurance premiums, mortgages and a host of other payments without ever going to a banking hall or even to an automated teller machine (ATM). This adoption of on-line banking has resulted in increased cases of on-line frauds.



  • What is meant by on-line fraud? (2 marks)
  • Discuss security measures which could be adopted by businesses and individuals

involved in e-banking/on-line banking.                                           (18 marks)

(Total: 20 marks)




On-line fraud: is any fraudulent behaviour with computerization by which someoneintends to gain financial advantage.



  • Security measures taken by business;

Secure customer identification and authentication. Access to the e-banking service is

  • controlled through the use of a customer number and password. The euses the combination of these two codes to uniquely identify each customer.-banking serve

Guarantee of maximum secrecy in the transmission of data. e-banking is hostedon, and supported by, a system which uses the most powerful encryption technology that is commercially available. The use of encryption guarantees that the information exchanged between your system and the e-banking system remain confidential and cannot be intercepted. Both the online submission of applications

  • for subscribing to internet banking services and the electronic transactions conducted are protected using the highest encryption levels applied worldwide for this purpose.
  • Digital certificates users to verify the identity of a system.–the use of digital certificates which are issued by trusted thirdparties, allow

Automatic log-out the e-banking service has been designed so as to log you out ofthe system automatically, if the system has not been used for more than 5 minutes.

  • This precaution aims to provide you with relative security in case you forget to disconnect, by preventing third parties from using the service in your place.

Use of special purpose security software and mechanisms –maximum care hasbeen taken to ensure the security of the network as well as of the systems that support the service. In addition to encryption, the e-banking service is protected by multiple, state-of-the-art, special purpose security software systems such as firewalls and intrusion detection systems (IDs). At the same time, special emphasis has been

  • placed on physical security, and for this purpose access to the eallowed only to authorize employees of the bank. -banking systems

High availability with the aim to offer a continuous, uninterrupted service to

  • itscustomers, the banks have invested in technologies that ensure high availability levels for the e-banking service.

Continuous security audits and checks against electronic fraud         

forguaranteeing the best possible service to you, the bank conducts daily audits of the e-banking infrastructure and application, checking for attempts or traces of security threats or electronic fraud. In parallel, and in co-operation with companies

  • specializing in security, the banks conduct regular additional audits to confirm and enhance the security of this particular infrastructure.

Protection of personal data. Acquisition and processing of your personal data andaccount details   is performed by the banks with the utmost care and only to the extent


required for the services provided. The banks continuously sees to it that your personal data are secure, in compliance with Laws 2472/1997 and 2774/1999, and with all additional ordinances, circulars and directives issued by the Hellenic Data  Protection Authority and by any other national or European Community authority.

Security measures taken by individuals protect your e-banking service password. Try to memorize your password, and destroy any document on which itis printed. Customers are held liable for all the transactions conducted using the customer numbers and passwords regardless of whether the natural persons who

  • conducted such transactions were the customers themselves or not. Therefore, protecting your password is very important.
  • Never disclose in any way whatsoever (e.g. orally, in writing, via e -mail) your password to third

Password that you originally receive is valid only for the first time you log into the system. After you enter your customer number and password for the first time, the system will prompt you to change your password. Select a password that is difficult to figure out; this should be composed of 6 to 8 digits, of which at least one should

  • be a letter of the alphabet. Avoid using your name, ythat is characteristic of you or of those close to you. our date of birth or information
  • If you believe that a third party may have found out your password, contact immediately the Direct Banking Customer support centre.

Check the digital certificate in order to be sure that you are connected to the e-

  • banking system. You should check the identity of the system by checking its digital

Check your account if you observe in your monthly account statement anyactivities

  • which do not remember to Customer Support. have made, contact immediately the Direct Banking

Follow the log-in and log-out procedure you should always follow the log-in andlog-

  • out procedure for connecting to, and disconnecting from the eif you are using a computer that is also available to other users. -banking system, especially

Protect your PC against viruses –you should protect your PC against computerviruses, which are mainly spreading through email messages, by installing an

  • antiapplication in accordance with the instructions of its manufacturers.-virus application on your PC. You should also remember to regularly update this

Configure your PC for Enhanced Security   this will assist to keep off hacker andany other unauthorized user to the system.


(Visited 34 times, 1 visits today)
Share this:

Written by 

Leave a Reply

Your email address will not be published. Required fields are marked *