4.3.1 Networks
1 Choosing a network for a company:
- cost of network
- size of organisation
- how the system will be used
- existing systems
- performance required
- security issues
2 Types of networks available and the use of associated hardware
- advantages and disadvantages of client server networks
- peer-to-peer networks
3 Network topologies
- bus/Ethernet
- ring
- star
- suitable topologies for LANs and WANs
- advantages and disadvantages of different network topologies
4 Wireless networking
- advantages and disadvantages of wireless networks
5 Software components - network management, administration and problem solving strategies:
- user accounts and logs
- security strategies
- configuration management
- remote management
- disaster planning (backup and restoration)
- auditing (keeping logs
- cost of network
- size of organisation
- how the system will be used
- existing systems
- performance required
- security issues
2 Types of networks available and the use of associated hardware
- advantages and disadvantages of client server networks
- peer-to-peer networks
3 Network topologies
- bus/Ethernet
- ring
- star
- suitable topologies for LANs and WANs
- advantages and disadvantages of different network topologies
4 Wireless networking
- advantages and disadvantages of wireless networks
5 Software components - network management, administration and problem solving strategies:
- user accounts and logs
- security strategies
- configuration management
- remote management
- disaster planning (backup and restoration)
- auditing (keeping logs
4.3.2 The Internet
6 The impact of the Internet upon business and the advantages and disadvantages of:
a) FTP
- distribution of information between business and other organisations
b) E-commerce
- the requirements of interactive shopping, for example:
- maintaining a company website
- catalogue of stock
- methods of secure payment
- database of customer orders
c) Online databases
- how to access online information
- how a search engine works
- how web pages are added to search engine lists
- Define and explain how the following can be used to access information:
- URLs
- web crawlers
- Boolean searches
- hyperlinks
d) Distributed computing using the internet
- shared processing across the Internet
- advantages and disadvantages of shared processing
- WHO's 'Popular Power' influenza research
- music distribution
- SETI research into radio signals
7 Connecting to the internet
- cable access to the Internet
- describe the use of and advantages and disadvantages of dial-up and broadband
- mobile access to the Internet
- describe the use of and the advantages and disadvantages of mobile access to the Internet
8 Moral, social and ethical issues associated with the Internet
- You must be aware of and understand:
- censorship
- accuracy of information
- privacy
- effects upon communities
- ownership and control
a) FTP
- distribution of information between business and other organisations
b) E-commerce
- the requirements of interactive shopping, for example:
- maintaining a company website
- catalogue of stock
- methods of secure payment
- database of customer orders
c) Online databases
- how to access online information
- how a search engine works
- how web pages are added to search engine lists
- Define and explain how the following can be used to access information:
- URLs
- web crawlers
- Boolean searches
- hyperlinks
d) Distributed computing using the internet
- shared processing across the Internet
- advantages and disadvantages of shared processing
- WHO's 'Popular Power' influenza research
- music distribution
- SETI research into radio signals
7 Connecting to the internet
- cable access to the Internet
- describe the use of and advantages and disadvantages of dial-up and broadband
- mobile access to the Internet
- describe the use of and the advantages and disadvantages of mobile access to the Internet
8 Moral, social and ethical issues associated with the Internet
- You must be aware of and understand:
- censorship
- accuracy of information
- privacy
- effects upon communities
- ownership and control
4.3.3 Human Computer Interface
9 The factors to be taken into account when designing a good user interface:
- consistency of signposting and pop up information
- on screen help
- layout appropriate to task
- differentiation between user expertise
- clear navigational structure
- use by disabled people
- consistency of signposting and pop up information
- on screen help
- layout appropriate to task
- differentiation between user expertise
- clear navigational structure
- use by disabled people
4.3.4 Working with ICT
10 Telecommuting
a) Teleworking
- working from home using computer networks
- use and associated hardware
- advantages and disadvantages for the organisation
- advantages and disadvantages for the individual
b) Video-conferencing
- use and associated hardware
- advantages for the organisation
- advantages and disadvantages for the individual
11 Codes of Conduct
- definition - an agreement made by an employee to obey the rules of the organisation and work
within specified guidelines as regards use of ICT and the Internet
- potential problems
- introduction of viruses
- misuse of ICT, eg using an organisation's printers for personal work, using the Internet and
running up telephone bills for own purposes, using company time for personal email
- distribution of material that is racially or sexually offensive
- misuse of data for illicit purposes
- inappropriate use of mobile phones in restaurants, schools and public transport
- blackmail, computer fraud or selling to other organisations
- violating terms of copyright or software agreements
- contents of a code of conduct
- responsibilities
- respecting the rights of others
- abiding by current legislation
- protecting hardware and software from malicious damage
- complying with licensing agreements
- authorisation
- permissions on data access
- security defining rules about password disclosure, personal use of emails and the
Internet and data transfer rules
- penalties for misuse
- informal warnings
- written warnings
- dismissal
- prosecution
12 Difference between legal and moral issues with respect to codes of conduct, including:
- disinformation
- Not fully informing potential customers or clients of all available facts concerning products
or services, eg imminent introduction of new models
- privacy
- Informing data subjects of their legal rights and processes for complying with those rights
- employment patterns
- effects upon the workforce
- personal empowerment
- equity
- information poor and information rich societies and the consequences of such
- intellectual property rights
- ownership rights to data
a) Teleworking
- working from home using computer networks
- use and associated hardware
- advantages and disadvantages for the organisation
- advantages and disadvantages for the individual
b) Video-conferencing
- use and associated hardware
- advantages for the organisation
- advantages and disadvantages for the individual
11 Codes of Conduct
- definition - an agreement made by an employee to obey the rules of the organisation and work
within specified guidelines as regards use of ICT and the Internet
- potential problems
- introduction of viruses
- misuse of ICT, eg using an organisation's printers for personal work, using the Internet and
running up telephone bills for own purposes, using company time for personal email
- distribution of material that is racially or sexually offensive
- misuse of data for illicit purposes
- inappropriate use of mobile phones in restaurants, schools and public transport
- blackmail, computer fraud or selling to other organisations
- violating terms of copyright or software agreements
- contents of a code of conduct
- responsibilities
- respecting the rights of others
- abiding by current legislation
- protecting hardware and software from malicious damage
- complying with licensing agreements
- authorisation
- permissions on data access
- security defining rules about password disclosure, personal use of emails and the
Internet and data transfer rules
- penalties for misuse
- informal warnings
- written warnings
- dismissal
- prosecution
12 Difference between legal and moral issues with respect to codes of conduct, including:
- disinformation
- Not fully informing potential customers or clients of all available facts concerning products
or services, eg imminent introduction of new models
- privacy
- Informing data subjects of their legal rights and processes for complying with those rights
- employment patterns
- effects upon the workforce
- personal empowerment
- equity
- information poor and information rich societies and the consequences of such
- intellectual property rights
- ownership rights to data
4.3.5 ICT Security Policies
13 Potential threats:
- terrorism
- natural disasters
- sabotage
- fire
- theft
14 Potential consequences
- loss of business and income
- loss of reputation
- legal action
15 Factors to be taken into account when designing security policies
- physical security
- prevention of misuse
- audit trails for detection
- continuous investigation of irregularities
- system access - establishing procedures for accessing data such as log on procedures
and firewalls
- personnel administration
- operational procedures including disaster recovery planning and dealing with threats
from viruses
- staff code of conduct and responsibilities
- disciplinary procedures
16 Operational procedures for preventing misuse
- screening potential employees
- routines for distributing updated virus information and virus scanning procedures
- define procedures for downloading from the Internet, use of floppy discs, personal backup
procedures
- establish security rights for updating web pages
- establish a disaster recovery programme
- set up auditing procedures (audit trails) to detect misuse
17 Prevention of accidental misuse
- backup and recovery procedures
- standard backups to floppy disc
- RAID systems - mirror discs (Redundant Array of Inexpensive Disc)
- Grandfather, Father, Son systems
- Backing up program files
18 Prevention of deliberate crimes or misuse
- methods for controlling access to computer rooms
- methods of security integrity of transmitted data, eg:
- encryption methods, including private and public keys
- call back procedures for remote access
- establish firewalls
- proxy servers
- methods to define security status and access rights for users
- methods for physical protection of hardware and software
- security of document filing systems
19 Factors determinining how much a company spends to develop control, minimising risk:
- identify potential risks
- likelihood of risk occurring
- short and long term consequences of threat
- how well equipped is the company to deal with threat
- terrorism
- natural disasters
- sabotage
- fire
- theft
14 Potential consequences
- loss of business and income
- loss of reputation
- legal action
15 Factors to be taken into account when designing security policies
- physical security
- prevention of misuse
- audit trails for detection
- continuous investigation of irregularities
- system access - establishing procedures for accessing data such as log on procedures
and firewalls
- personnel administration
- operational procedures including disaster recovery planning and dealing with threats
from viruses
- staff code of conduct and responsibilities
- disciplinary procedures
16 Operational procedures for preventing misuse
- screening potential employees
- routines for distributing updated virus information and virus scanning procedures
- define procedures for downloading from the Internet, use of floppy discs, personal backup
procedures
- establish security rights for updating web pages
- establish a disaster recovery programme
- set up auditing procedures (audit trails) to detect misuse
17 Prevention of accidental misuse
- backup and recovery procedures
- standard backups to floppy disc
- RAID systems - mirror discs (Redundant Array of Inexpensive Disc)
- Grandfather, Father, Son systems
- Backing up program files
18 Prevention of deliberate crimes or misuse
- methods for controlling access to computer rooms
- methods of security integrity of transmitted data, eg:
- encryption methods, including private and public keys
- call back procedures for remote access
- establish firewalls
- proxy servers
- methods to define security status and access rights for users
- methods for physical protection of hardware and software
- security of document filing systems
19 Factors determinining how much a company spends to develop control, minimising risk:
- identify potential risks
- likelihood of risk occurring
- short and long term consequences of threat
- how well equipped is the company to deal with threat
4.3.6 Database Systems
20 Explain the terms data consistency, data redundancy, data integrity and data independence
21 Explain the terms relational database organisation and data normalisation
22 Restructure data into normalised form
23 Describe the use of primary keys, foreign keys and links
24 Describe the advantages of different users having different views of data
25 Database security - recognise that the individual user of a database may be prevented from accessing
particular elements of the information
26 Data warehousing and mining
27 The purpose of a database management system (DBMS), query languages and data dictionaries
28 Define a distributed database
29 Discuss the advantages and disadvantages of a distributed database, with reference to suitable examples
21 Explain the terms relational database organisation and data normalisation
22 Restructure data into normalised form
23 Describe the use of primary keys, foreign keys and links
24 Describe the advantages of different users having different views of data
25 Database security - recognise that the individual user of a database may be prevented from accessing
particular elements of the information
26 Data warehousing and mining
27 The purpose of a database management system (DBMS), query languages and data dictionaries
28 Define a distributed database
29 Discuss the advantages and disadvantages of a distributed database, with reference to suitable examples
4.3.7 Management of Change
30 Consequences of change and the effect on:
- the skills required and not required
- organisational structure
- work patterns
- internal procedures
- the workforce (fears introduced by change)
- the skills required and not required
- organisational structure
- work patterns
- internal procedures
- the workforce (fears introduced by change)
4.3.8 Management Information Systems
31 Features of an effective MIS, appreciating that they should:
- include data that is relevant and accurate
- give information when required
- be accessible to a wide range of users
- present data in the most appropriate format
- be flexible
32 Understand the flow of information between external and internal components of an MIS
- be able to draw and interpret data flow diagrams
33 Features of a good MIS, to include:
- accuracy of the data
- flexibility of data analysis
- providing data in an appropriate form
- accessible to a wide range of users and support a wide range of skills and knowledge
- improve interpersonal communications amongst management and employees
- allow individual project planning
- avoid information overload
34 Factors which can lead to poor MIS:
- complexity of the system
- inadequate initial analysis
- lack of management involvement in initial design
- inappropriate hardware and software
- lack of management knowledge about computer systems and their capabilities
- poor communications between professionals
- lack of professional standards
- include data that is relevant and accurate
- give information when required
- be accessible to a wide range of users
- present data in the most appropriate format
- be flexible
32 Understand the flow of information between external and internal components of an MIS
- be able to draw and interpret data flow diagrams
33 Features of a good MIS, to include:
- accuracy of the data
- flexibility of data analysis
- providing data in an appropriate form
- accessible to a wide range of users and support a wide range of skills and knowledge
- improve interpersonal communications amongst management and employees
- allow individual project planning
- avoid information overload
34 Factors which can lead to poor MIS:
- complexity of the system
- inadequate initial analysis
- lack of management involvement in initial design
- inappropriate hardware and software
- lack of management knowledge about computer systems and their capabilities
- poor communications between professionals
- lack of professional standards
4.3.9 System Development Life Cycle (SDLC)
35 System investigation - analysis of existing system and feasibility report
- existing hardware and software
- definition of the scope of the present problem
- organisation chart
- define sources of data
- methods of data capture
- major data processing functions and processes - high level (contextual view) data flow
- identification of problems with the present system
- identify user requirements for the new system
- analysis of costs and benefits of the new system
36 System analysis
- identify and understand tools and techniques used to analyse a system
- identify internal and external components to a system and the flow of data between them, including:
- data flow diagrams (DFDs)
- high level (contextual view) DFDs and low level (detailed view) DFDs
- decision tables
- systems diagrams
- use all elements of a DFD correctly, including:
- flow direction line
- process
- entity
- data store
- data dictionaries
- entity relationship diagrams - draw and interpret ERDs, including one-to-many, many-to-many and
many-to-many diagrams
37 System design
- hardware
- software
- data and file structures
- information systems
- network and data transmission issues
- personnel issues
- security processes and procedures
38 System implementation
- acquisition and installation of hardware and software re-training
- appropriateness of different changeover strategies including 'direct' and 'parallel running'
39 System maintenance
- maintenance issues, including:
- identification of errors
- security issues
- changes in the business environment
- dissatisfaction with hardware and software
- updating the system
- perfective, adaptive and corrective maintenance
40 System evaluation
- understand the tools and their appropriateness for gathering information for the evaluation report,
including quantative test, error logging interviews and questionnaires
- methods of avoiding post implementation cost
- existing hardware and software
- definition of the scope of the present problem
- organisation chart
- define sources of data
- methods of data capture
- major data processing functions and processes - high level (contextual view) data flow
- identification of problems with the present system
- identify user requirements for the new system
- analysis of costs and benefits of the new system
36 System analysis
- identify and understand tools and techniques used to analyse a system
- identify internal and external components to a system and the flow of data between them, including:
- data flow diagrams (DFDs)
- high level (contextual view) DFDs and low level (detailed view) DFDs
- decision tables
- systems diagrams
- use all elements of a DFD correctly, including:
- flow direction line
- process
- entity
- data store
- data dictionaries
- entity relationship diagrams - draw and interpret ERDs, including one-to-many, many-to-many and
many-to-many diagrams
37 System design
- hardware
- software
- data and file structures
- information systems
- network and data transmission issues
- personnel issues
- security processes and procedures
38 System implementation
- acquisition and installation of hardware and software re-training
- appropriateness of different changeover strategies including 'direct' and 'parallel running'
39 System maintenance
- maintenance issues, including:
- identification of errors
- security issues
- changes in the business environment
- dissatisfaction with hardware and software
- updating the system
- perfective, adaptive and corrective maintenance
40 System evaluation
- understand the tools and their appropriateness for gathering information for the evaluation report,
including quantative test, error logging interviews and questionnaires
- methods of avoiding post implementation cost