Unit 3: IT applications

ITA Unit 3 Outcome 1

ITA KK3.1.01 - project management strategies for coordinating the creation of solutions and information products;

• Project management strategies

• identify tasks
• develop timelines (Gantt or PERT chart)
• determine indicators and methods to monitor the progress of plans (milestones)
• Gantt charts - note the double "t" (not double "n") and it's NOT all in capitals! Named after Henry Laurence Gantt (1861-1919) .
• PERT charts - yes, all capitals: it's an acronym of Project Evaluation and Review Technique.
• You need to know terms like: predecessors, dependencies and dependent tasks, milestones, critical paths, slack etc

ITA KK3.1.02 - types of decisions made in organisations, including strategic, tactical and operational;

Strategic: decisions made by organisation's top managers e.g. CEO, president. Long term, expensive, affect the whole nature of the organisation.

Tactical: decisions made by middle-managers - e.g. regional manager, state manager of a national org - to implement strategic decision. Time frames of weeks, months.

Operational: decisions made by - for example - store managers. Time frame of days. Deals with non-management workers, and keeps the organisation working and productive.

ITA KK3.1.03 - characteristics of audiences;

• Think of features that make audiences different.
• What features of different audiences might change the way information needs to be presented to them?
  • gender - men and women are different and can have different needs for, and responses to information.
  • special needs - e.g. because of a disability or ability
  • culture - some topics are taboo in some cultures
  • age - information must be crafted and presented differently for different ages of children; old people may need large typeface
  • education - people with less education may not understand information that assumes extensive understanding of obscure topics
  • status - some people must be addressed more respectfully
  • location - where you live can affect your information needs e.g. people in flood-prone areas might value rainfall statistics highly

ITA KK3.1.04 - a problem-solving methodology involving analysis, design, development, testing, implementation and evaluation;

analyse -

• identify the problem (problem statement).
• feasibility study to find if the problem can be solved.
• cost/benefit analysis to find if the problem is worth solving.
• study current system.
• identify I/O requirements of new/changed system
• list constraints on the system (e.g. cost, time available, staffing)
• finish with a logical design which describes what the finished system will be able to achieve, but not saying how it will be achieved.

design

• appearance of output (page/screen mockups).
• hardware (prototypes)
• software (IPO charts, hierarchy diagrams)
• procedures (flow charts, NS charts, decision trees)
• data structures (data dictionary)
• data flow (DFD).
• documentation, training.
• implementation, testing, data backup, evaluation strategies.
• ends with physical design which describes how the system works.

Design tools include... Input-Process-Output (IPO) charts create algorithms for program modules, spreadsheet/database formulas etc. Hierarchy charts - graphically represent the structure of complex structures such as programs, organisations (org chart) screen/print mock-ups (layout diagrams) - to represent what how output is laid out, what it contains and how it looks flow charts - to design behaviours, processes, procedures (e.g. for programs, office procedures, emergency procedures) Nassi-Shneiderman charts - a condensed form of flowchart with shapes dedicated to common structures such as loops, multi-case decisions etc. storyboards (e.g. web page or slideshow map of pages/slides and their links to each other) prototype - a demonstration version that is similar to the finished product but is more a proof of concept. Parts may be simulated or and there may be non-functional 'dummy' components.

develop

• use the steps in the info processing cycle (AIVPSROCD)
• acquire hardware and software (buy or build it).
• carry out informal testing (testing each part as it is produced)
• assemble the system

test

• Formal testing.
• implement test plan devised during design phase
• comparing the expected output with the actual output
• checking the relevance and completeness of the output
• performing manual calculations to check results of formulae
• observe users
• survey users
• create test data which will test all aspects of the solution
• formal testing
• acceptance testing (prove to customer that system works as planned)
• user acceptance testing (get actual workers to use system, observe and survey them)
• stress testing
• concentrate on testing boundary conditions where behaviour of solution is meant to change at vital points

document (not demanded by some outcomes, but know it anyway)

• for all people affected by the new or changed system e.g. staff, managers, technicians, customers, corporate partners
• media - printed books, booklets, posters, pamphlets, video, online help, audio-visual
• clear, concise, comprehensive, current, correct, consistent
• easy to read
• easy to navigate and find needed information
• be conscious of language and jargon - glossary of specialist terms
• break into parts for different users (e.g. installation brochure, getting started tutorial, user manual, technical reference)
• decide between printed and onscreen presentation - each has pros and cons

implement

• roll solution out to end-users... here are the changeover methods...
  • direct changeover - quick, cheap, risky if new system fails
  • phased changeover - introduce big new system in phases. Spreads costs and training over time; users can adapt slowly to new features arriving bit by bit; takes quite some time to completely roll it out
  • parallel changeover - keep old system running after new system introduced. Offers insurance if new system fails; good to evaluate new system against old system; possible confusion between output of two systems; costly to run 2 systems; cannot use parallel if new system is a modification of the old system.
  • pilot scheme - can be used with other changeover strategies but not alone. Try out new system in small part of organisation (e.g. one branch) to identify problems, test training schemes etc. Not recommended if using the new system makes part of the organisation incompatible with the rest of the organisation (e.g. changing one bank branch from Windows to Linux might mean they can't communicate with head office or exchange data any more!)
• note: parallel and pilot are not enough in themselves. They are useful adjuncts to direct and phased, but are not implementation strategies in their own right!

evaluate

• When? After the new system is bedded down and users are comfortable using it (e.g. 3 months after implementation)
• Don't wait too long - users might have forgotten what the old system was like!
• How? Measure performance where possible (e.g. counting, timing). For user satisfaction, use surveys, interviews, questionnaires
• Who? All classes of users - data entry operators, managers, technicians, customers etc
• Why? To verify system is working as planned after implementation. Justifies expense and work involved in producing new system. Lets organisation learn from their experiences so they can do similar projects better next time.
• What? Need to evaluate criteria that were identified during problem analysis, e.g. if the system was changed to achieve greater speed, the speed of the new system needs to be evaluated. If the aim of the project was to increase the accuracy of the system, the number of errors encountered should be evaluated.

ITA KK3.1.05 - purposes of databases and their applications in a range of settings.

DBMS (database management software/systems) are programs that store, search, sort, and report on large quantities of data

ITA KK3.1.06 - capabilities and limitations of database management software to manipulate data.

Remember - A capability is what a piece of equipment can achieve: often what it can do that similar equipment cannot do. A limitation is something the equipment cannot do.

ITA KK3.1.07 - structure of databases, including fields, records, tables.

A 'database' has at least one table. Relational databases must have at least 2 tables. Tables have rows (records) and columns (fields). Example: a table may contain student information.

A table is a collection of individual records (each row is a record) Example: the complete set of information on Fred Smith.

Each record is a collection of fields. Example: the date of birth or sex of students. Within a field, all records must have the same type of data (e.g. everyone's date of birth must be date format; every shoe size must be numeric).

A relational database uses more than one related table, for example the students information table may be connected to another table that contains teacher information and a third table containing information on enrolments in classes.

To relate one table with another, it is important that each record has a field that can uniquely identify each record. This is called a key field. Typically, this is a student ID, a class ID, a teacher ID, a subject ID for example. IDs must be unique.

See here for discussion of Access and Filemaker.

ITA KK3.1.08 - naming conventions to support efficient use of databases.

e.g. Precede global fields with 'g_ '.

Identify Access objects with a distictive prefix e.g. tblStaff, qryStaff, rptStaff.

In Filemaker scripts, identify controlling scripts and subscripts, e.g.

Quality Control Master... (which invokes)
...Quality control slave

ITA KK3.1.09 - advantages and limitations of flat file databases and relational databases.

Flat file databases are simple to create, but are limited in their data storage efficiency and their ability to link data together.

Relational databases can be complex to design and create, but are far more efficient when storage, and are more effective when managing large amounts of data that are related in complex ways.

ITA KK3.1.10 - data types and data formats.

Typical data types:

• numeric (Access allows finer-tuned numeric types like integer, floating point, byte)
• boolean (yes/no, true/false)
• text (either with a fixed maximum length, or variable length such as Access' memo field type)
• date, time, timestamp (combining date and time)
• container [Filemaker] - stores any binary data such as pictures, video, sounds, PDF files

Data formats:

• normal edit box
• checkboxes (tickboxes - allow any number of options to be selected from a group e.g. favourite music styles)
• radio buttons (only one option in a group can be selected, e.g. sex)
• percentages
• currency
• graphs
• calendar control (select a date from a calendar rather than entering a date as text)
• limited lists [Access] or value lists [FMP]
• FMP lets you include data in pop-up tool tips

ITA KK3.1.11 - characteristics of effective user interfaces.

They should be readable, simple, pleasant to look at, logically organised (e.g. initial operations appear before later operations), consistent, respect conventions (e.g. use shortcuts like CTRL+C to copy, not ALT+CTRL+SHIFT+Y. They should not be too crowded or cluttered, they should be equally usable on different screen sizes. Button captions and instructions should be in clear English. Background and foreground colours should be very different (i.e. high contrast) for clarity. Dangerous actions should not be default actions; confirmation should be sought before carrying out operations that could cause data loss (e.g. exiting without saving). Help is easily accessible. Where possible, users should be able to undo or step backwards or at least cancel operations.

ITA KK3.1.12 - design tools including Input-Process-Output charts, data tables, structure charts, annotated diagrams/mock-ups, layout diagrams.

The main categories of design tools are those that design the appearance of something (e.g. mockups, layout diagrams, prototypes), and those that design how something is constructed or how it works (e.g. flowcharts/NS charts, IPO charts, data dictionaries, pseudocode, structure diagrams, hierarchy charts).

Use the right design tool for each job. e.g. when designing spreadsheet formulae, an IPO chart is perfect; a page mockup is useless.

ITA KK3.1.13 - techniques for validating and efficiently processing data

• Validation only involves checking the reasonableness of input data - usually checks of existence, type and range. Validation does not prove data are accurate!e.g. if a student in year 7 says he's 13, the data is valid (unlike an age of 99 or -3), but not necessarily accurate - he could be 12.
• Validation is not the same as testing. Testing ensures the output is accurate.
• Efficient processing means manipulating data in a way that is not wasting time, money or effort.

Types of validation

• Electronic
  • range checking in database (e.g. age between 5 and 25)
  • existence checking (is box filled in?)
  • spell checking (treat electronic spellchecking with great suspicion - treat it more like a "typing error checker"!)
  • validation rules in databases, spreadsheets (rejects or queries dubious input)
  • spreadsheet formulas to check values in other cells (e.g. =IF(AND(A10< >"M",A10< > "F","Gender must be M or F","")
  • use drop-down limited lists to prevent erroneous data entry (e.g. must select state of Australia from a list rather than being allowed to type one in). This is not really a validation technique which checks for invalid data : it is a tool to prevent invalid data being entered.
  • NOTE: do not use electronic validation for data that must be checked with human judgement (e.g. people's surnames, dates of events)

• Manual
  • proof-reading a document to see if it makes sense
  • checking the placement of graphics and text on a page/screen
  • items that require human common sense to tell if they are valid or not
  • checking if an image is too blurry or obscure
  • checking colour combinations for readability and attractiveness
  • checking spelling of words or names that are not in a dictionary
  • checking that data is complete (e.g. that "Printing" is included in a set of instructions)

efficiently processing data;

• Use the right tool for the job e.g. spreadsheet for calculating, database for data storage
• Use the right function for the job e.g. automatic table of contents in Word
• Use Macros, Batch files - automate common/complex operations
• Use Templates (e.g. web pages, letters, resumes)
• Learn and use Keyboard Shortcuts e.g. CTRL+X, SHIFT+END
• Use Wizards
• Re-use documents, subprograms, modules, classes, #include
• Use Format painting
• Use Heading Styles
• Use Cascading Style Sheets (CSS) in webpages
• Use Automatic scheduled backups (Word)
• Use drag and drop between applications
• Refer to the Help file and RTFM - read the manual! Master your tool.
• Save often
• Use sensible file naming, especially incremental file naming
• Learn to touch type
• Use appropriate hardware for the job

ITA KK3.1.14 - procedures for effectively managing the production and handling of data and information.

• Remember that "effectively" relates to quality, accuracy, ease of use etc. It does not include issues of cost, time or labour needs.
• Use documented procedures to govern who does what to data and info

• Storage:
  • Use good (consistent, meaningful, logical) file/folder naming schemes.
  • Keep duplicate copies of important files.
  • Do regular backups using grandfather-father-son scheme, using full and incremental backups.
  • Verify that backed up files can be restored if necessary.
  • Use RAID on servers.
  • Assume hard disks will fail eventually.
  • Use good quality storage media.
  • Use version numbering
  • Classify files into appropriate directories/folders.
  • Apply network security - password protection, encryption (How Encryption stuff works), firewalls, biometrics etc
• Communication:
  • Encrypt sensitive information. Remember that emails can travel through many servers before they arrive at their destination - they are not private.
  • Set up filters to remove spam from your mailbox, but don't make the filters so aggressive that they inadvertently remove legitimate emails.
  • Use virus-detection software (How virus stuff works)
• Disposal:
  • Archive rather than delete information that might be needed later.
  • Do not trust recycle bins: files sent to the recycle bin are not securely deleted. They can easily be retrieved.
  • Files can be relatively easily recovered even after the recycle bin has been emptied.
  • Files need to be wiped, rather than deleted, to ensure they cannot be recovered.
  • Wipe or destroy hard disks before selling used computers that contained sensitive information

ITA KK3.1.15 - formats and conventions applied in the creation of information products in order to meet their purposes.

Formats are ways in which data and information can be presented - e.g. as tables, graphs, webpages, sounds, text.

Each format has its own conventions that specify the mandatory, preferred or optional ways the format is used.

Mandatory conventions are dictated by law or rule; you have no choice but to comply

• e.g. law states that a legal invoice must have the words "Tax Invoice" and the company's Australian Business Number - more details
• driving on the left hand side of the road in Australia
• passwords must be at least 6 characters and must contain at least one uppercase letter and one digit.

Preferred conventions are those that are not compulsory, but are strongly recommended

• e.g. the post office's preferred style for addressing envelopes
• beginning letters with "Dear".
• starting sentences with capital letters
• right-justified numbers in columns
• 2 decimal places for dollar currency

Optional conventions are those where people have freedom of choice about presentation

• e.g. where to put page numbers
• whether to use serif or sans serif fonts for headings and body text
• indicating the size of downloads on a web page
• providing thumbnailed versions of images
• using smilies in email/chat to indicate irony or joking

ITA KK3.1.16 - techniques for testing solutions and information products, and testing for user acceptance.

• Testing confirms that a product works as it should.
• All parts of a solution need testing.
• Calculations can be tested by recalculating the figures manually.
• Readability can be tested by giving to typical audience members and asking them questions to see if they've understood it well.
• User acceptance testing is getting a typical real-world user of the product to try it out and see whether they find it acceptable.

ITA KK3.1.17 - criteria for evaluating the efficiency and effectiveness of solutions and information products

• Evaluation takes place after implementation and the system is in place and being used in the real world.
• Evaluation ensures the product is fulfilling the ambitions the project workers set out in the logical design.
• Typical evaluation criteria include ease of use, accuracy, speed, cost, productivity, safety, data security etc.
• Each criterion has a matching method to use to evaluate the criterion: when possible, measure. If you can't measure, do surveys or interviews to evaluate opinion-based criteria.
• Evaluation lets a project team learn from its successes and failures so their next project is more successful.
• e.g. efficiency (speed, cost, labour needed)

Typical criteria include

• effectiveness (e.g. appearance, accuracy of output)
• maintainability
• reliability
• user acceptance
• ease of use

ITA Unit 3 Outcome 2

Click here for a video demonstration of an ITA prototype website for a virtual team (29M, DivX)

ITA KK3.2.01 - organisational goals and objectives and how these can be achieved through networked information systems.

• Organisational goals are long-term ambitions that an organisation wants to achieve and continue achieving.
• They can define the very nature of an organisation (e.g. whether its main aim is quality or low cost)
• Typical goals include:
  • profit
  • good customer service
  • good reputation
  • competitiveness in the marketplace
  • good decision-making
  • efficient work practices
  • high quality products
  • reasonable prices
  • innovative design
  • flexibility and quick response
  • personalised service
• Organisational objectives are smaller, more specific, achievable and measurable steps towards achieving a larger goal. For example, a goal of "good customer support" can be implemented by objectives such as "We will respond to all customer emails within 1 working day" and "We will increase the number of times we smile at customers by 10%".
• Objectives are often identifiable by a specific numeric target.

ITA KK3.2.02 - an overview of types and characteristics of networks, and functions of network operating systems.

Networks can be categorised into several "types".

Functions of NOS such as Microsoft Windows Server 2003 and Novell Netware

• Security - controls user logins and checking of passwords
• Allocates resources to users based on their access level and privilege set (e.g. home directory, which printers they may use)
• Runs community programs such as DHCP (allocating IP addresses to allow internet access), print queue management, virus scanning, internet caching etc
• Does backups of users' data

ITA KK3.2.03 - types of information systems and settings in which they are used.

Executive Information System (EIS) used by strategic management (the most senior managers) to see an overview of a large organisation. Lets them "zoom in" to see details and zoom out to see the big picture.

Management information system (MIS) used by tactical management to get an overview of data coming from the TPS.

Decision support system (DSS) used by tactical mangement to do modelling and simulations and play "what if..."

Transaction Processing System (TPS) used to manage and record transactions (e.g. a supermarket checkout register). It communicates with other systems such as the inventory. It produces large amounts of data that are filtered, summarised and fed up to the MIS and EIS.

Also refer to types of decisions made in organisations - strategic, tactical and operational.

ITA KK3.2.04 - suitability of types of transmission media to support local and remote communication, including cabling and wireless links.

Coaxial ("coax", pronounced co-ax) - never to be recommended for a modern LAN. Comes in 3 flavours: thin, thick and broadband. About the only time it's used nowadays is to bring cable TV and internet to homes. Resistant to electromagnetic interference (EMI) from things like fluorescent lights, electric motors, nuclear explosions. Maximum length of a thin coax is about 165 metres. Requires a terminator at the end of the cable. Cables can be connected with T-pieces. Connector type is BNC.

Unshielded Twisted Pair (UTP) comes in a range of CATegories, from the earliest (CAT1) to the most recent version CAT6. It looks like telephone cable and is not very resistant to EMI. Maximum length of a cable is 100m. Connector type is RJ45.

Fibre optic cable (FOC) - differs from all other cables because it transmits data as pulses of light rather than as electric signals. Very fast, can carry many simultaneous signals along one thread (unlike other cables), capable of very long cable lengths. Requires an optical/electrical adapter at each end of the cable so it can connect to 'normal' electrical network components such as switches.

Wireless - a wireless network interface card (NIC) converts normal network traffic into wireless signals and beams them to a wireless access point (WAP) which is connected to a regular, wired network point. Wireless signals are weakened by distance (reaching even 50 metres is often optimistic) and obstacles (such as walls, book cases, metal structures). Since a wireless signal can easily be intercepted beyond the boundary of the LAN, all transmissions should be encrypted with weak WEP (Wireless Equivalent Privacy) or stronger WPA. As an adjunct to a normal LAN, wireless offers great freedom of momement and flexibility. Temporary networks can be instantly set up, e.g. on building sites.

ITA KK3.2.05 - characteristics of collaborative problem-solving practices and knowledge sharing practices within virtual teams.

Virtual teams consist of people working on the same project even though they may never meet face to face. They use ICT tools to assist with communication, such as:

• email
• mailing lists
• VoIP voice calls
• IRC chat
• instant messaging
• web sites
• blogs
• networked databases
• shared calendars and project management tools
• Wiki
• Moodle and similar content-management systems

ITA KK3.2.06 - design elements that influence the presentation of on-screen information products.

"Factors that contribute to the appearance and functionality of an information product: proportion (visual hierarchy), orientation (direction/aspect), clarity and consistency, colour and contrast, usability and accessibility, appropriateness, relevance."

• Proportion - large headings, smaller subheadings, smaller body text.
• Orientation - horizontal page heading. Vertical navbar on right hand side. Columnar or tabular body topics.
• Clarity and consistency - same (apparently - hard to see in a black and white graphic!) background colour for all headings. Highlighted colour on selected item in the top menu/navbar.
• Colour and contrast - Good contrast between text and background colours.
• Usability - Home and Contact links provided. 'Created' and 'Last modified' dates appear. Link to site map for people who are lost. Search box. Links to related information are easy to find and use.
• Appropriateness - no sex or violence included. A formal tone.
• Relevant - Content is relevant to the organisation. Discussion and links are relevant to the current topic.

ITA KK3.2.07 - characteristics of high-quality user interfaces and effective information architecture of websites.

• accurate (e.g. links and buttons do what they claim to, spelling is accurate)
• easy to use
• easy to read (simple language, good colour contrast)
• consistent, predictable
• follows standard conventions
• logical
• similar items are grouped together
• warnings are given before potentially dangerous actions are taken
• help is relevant and easy to get
• shortcuts make common operations quicker to perform
• wizards help with complex or rarely-used operations
• attractive to look at
• configurable to suit users' preferences
• allows users to undo operations, cancel actions or go back to change previous decisions
• hides scary details from beginners, but allows experts to enjoy the full power

ITA KK3.2.08 - design tools for representing websites including storyboards, annotated diagrams/mock-ups, layout diagrams, site maps.

Storyboards in IT are not the same as in media!

ITA KK3.2.09 - techniques and procedures for manipulating information in order to create working prototype websites.

• information needs checking for accuracy and 'up-to-dateness'
• images need editing (fixing, resizing, cropping, changing, converted to different formats, slicing)
• thumbnailed images need to be created
• navigation bars need creating
• multimedia needs to be converted to appropriate web formats, and possibly edited to reduce its size
• documents need to be converted to a suitable format for the web (e.g. HTML, PDF)
• image maps are created so "hotspots" can be clicked on images
• links need to be created
• external tools need to be linked to the site
• server-based PHP tools need to be configured and integrated into the site (e.g. site search tools)
• security needs to be set up, such as team members' logins
• decoration needs to be added to make the site more attractive
• pages must be tested to ensure all links and media work
• files need to be uploaded to the web server
• features that are to simulated rather than actually implemented must be mocked up

ITA KK3.2.10 - techniques and procedures for managing and transmitting files used in a virtual team environment including encryption, access hierarchy, regular backups, virus-detection software, classifying and naming files into appropriate directories/folders, version control.

• Encryption - changing a document into a form that is only readable if one has authorised access. e.g. public key encryption (PGP, RSA, SSL) or something as simple as ROT13.
• Access hierarchy - different people have different levels of access to information depending on their needs. e.g. administrators can access and modify anything. Visitors can only view (but not change) selected information. Others can (for example) add records but not change scripts or export data.
• Regular backups - must be documented, tested that they work, regular. Backups must be stored offsite. Backup media must not be re-used or wiped too soon. See Grandfather-Father-Son scheme.

ITA KK3.2.11 - criteria for evaluating the effectiveness of websites.

• ease of use
• accuracy
• reliability
• uniqueness
• attractiveness
• functionality of media, links etc
• popularity

Methods of evaluating criteria could include measuring:

• Number of positive comments left in feedback
• Increase in number of sales or transactions
• Reduced numbers of calls to help desks (because the website helped people)
• Numbers of links from other sites to the effective website
• Number of visitors who stay more than 30 seconds
• Number of downloads
• Number of complaints about inaccuracy or difficulty of using the site

Unit 4: IT applications

ITA Unit 4 Outcome 1

ITA KK4.1.02 - goals of ... information systems.

• Just as organisations have goals and objectives, so do information systems within those organisations.
• Systems include: communications system, office automation system, data storage system, transaction processing system etc.
• Each system has its long-term goals and shorter term specific and measurable objectives.

ITA KK4.1.03 - role of hardware and software components of information systems.

Hardware is physical equipment - monitors, printers, keyboards, CPUs, RAM chips, cables, switches, disks, CDs, barcode readers etc.

Software is programming code and is invisible. Software includes:

• System software, which runs the system or keeps it working
  • e.g. operating systems, device drivers, protocols, utilities
• Application software, which gets work done
  • e.g. word processors, graphics editors, games, web browsers

Note that disks and CDs are hardware, but they can store software on them.

Computers typically use:

• System software which runs the system itself
• BIOS (Basic Input Output System) software to start themselves up
• Operating system software to interact with users, run programs, allocate memory, control disk access, and negotiate with hardware devices.
• Application software so the user can actually get work or recreation done
• Utility software to help the user perform specific tasks, often related to maintaining the system (e.g. defragging)

Hardware and software are useless without each other - like a car and its fuel. Hardware devices need software device drivers so the operating system can communicate with them, and hardware devices usually need other software to exploit their capabilities - e.g. a scanner needs not only scanning software, but often comes with picture editing software and OCR software to convert pictures of scanned text into editable text.

ITA KK4.1.05 - reasons why information problems occur.

• poor training and documentation - users don't know how to do their jobs safely, effectively or efficiently
• poor planning of new systems
• software or hardware failure or faults
• incompatibility between hardware and/or software components
• out of date equipment
• inefficient procedures (e.g. double-handling of data)
• ineffective data validation
• lack of data security
• inadequate backups
• overworked equipment, inadequate resources (e.g. bandwidth)
• poor file/folder naming procedures
• using the wrong equipment (e.g. hubs instead of switches, slow networking components)
• lack of hardware maintenance
• choice of improper software (e.g. spreadsheet instead of database)
• viruses, worms, trojans, spyware
• network congestion
• others?

ITA KK4.1.09 - content and types of on-screen user documentation including quick start guide, tutorial, content sensitive help and manual.

• Quick-start guide - a brief introduction to a product with just enough information for the user to get it started and into its basic operation.
• Tutorial - an example-based step-by-step lesson covering how to use the product.
• Content-sensitive help - electronic help built into the product that responds to what the user is currently doing. e.g. if they have a table formatting dialogue box open and they press F1, the first help topic offered would relate to table formatting. Also called context-sensitive help.
• User Manual - complete and detailed information on every aspect of the product, used for random reference by the user.

ITA KK4.1.12 - techniques for visually representing the decisions to be made and actions taken when problem­solving.

• Decision tree
• Mind map
• POOCH: Problem, options, outcomes and choices
• PCD (Possibilities-Consequences-Decision)
• others? No-one seems to know exactly what the VCAA wants here!

ITA KK4.1.13 - criteria for evaluating the effectiveness of the decisions made and actions taken when problem solving.

• whether decisions were made in a timely manner
• whether a decision was superior to a decision made in similar circumstances in another time or place
• whether they were effective in solving the problem
• how efficiently the decision solved the problem
• how many further problems were consequently caused by the decision
• how many people were satisfied by the decision and action

ITA Unit 4 Outcome 2

ITA KK4.2.01 - an overview of the legal and ethical reasons why organisations should monitor and control the storage, communication and disposal of information.

• Privacy Act 1988 - affects
  • federal government organisations (e.g. Medicare, tax office) and private companies working for them
  • non-government organisations turning over $3 million a year or more (which is quite rare)
  • non-government organsisations of any size that trade in personal information for profit
  • non-government organisations that store health or medical information on people (not including their own employees)

Most state and federal privacy laws in Australia are based on the same national privacy principles...

1. Collection - Organisations should only collect personal information that is necessary for one or more of its functions and activities.

2. Use and Disclosure - An organisation must not use or disclose information about an individual for any other purpose (a secondary purpose) other than the purpose for which the information was collected.

3. Data Quality - An organisation must take reasonable steps to ensure that the personal information it collects, uses or discloses is accurate, complete and up to date.

4. Data Security - An organisation must take reasonable steps to ensure that the personal information that it collects is protected from misuse such as unauthorised access, modification or disclosure, or loss.

5. Openness - An organisation must set out in a document a clearly expressed policy on its management of personal information and make this document available to anyone who asks for it.

6. Access and Correction - If an organisation holds personal information about an individual, it must provide the individual with access to the information on request by the individual.

7. Identifiers - cannot identify people using other organisations' identifiers, such as a Tax File Number or Medicare number. Must use own IDs for people.

8. Anonymity - Where lawful and practicable, individuals must have the option of not identifying themselves when entering into transactions.

9. Transborder data flow - An organisation in Australia or an external Territory may not transfer personal information about an individual to someone (other than the organisation or the individual) who is in a foreign country without the consent of the individual.

10. Sensitive Information - An organisation must not collect sensitive information about an individual unless the individual has consented, or law requires the collection.

VICTORIAN LAWS

• Information Privacy Act (Vic.) - affects Victorian governement organisations
• Health Records Act 2001 (Vic.) - affects any government or non-government organisation in Victoria that holds medical or health information on people, including hospitals, doctors, therapists, psychologists, masseurs, sport clubs etc

Copyright Act, 1968

Protects intellectual property e.g. books, songs, MP3s, MPEGs, digital books, films recorded digitally, websites, software, electronic/computer games.

In brief, the owner or licencee of intellectual property (IP) is the only one who has the right to publish, transmit, convert to a different format (e.g. DVD to DivX), or profit from the IP.

Recent changes have brought the copyright law a little more in line with common sense (e.g. if you buy a CD you can convert it to MP3 to listen to it on your iPod - but not to share it or upload it as a torrent!)

Copyright owners have the right to use technologies to protect their IP - such as copy protection - and the copyright law specifically prohibits the importation of any device designed to counteract such technologies.

If anyone changes the copyright notice on a published work (e.g. removing it) they are hit especially hard and can face criminal charges as well as being sued (because other people will not know of the original copyright restrictions and may innocently redistribute it).

Remember -

• in Oz, US and the UK, copyright is automatic once IP has been created and recorded in some tangible form (e.g. recorded electronically, written down, filmed). You do not have to register copyright.
• you do not have to put the © symbol or your name and date on a copyrighted work, but it is recommended and conventional.
• just because a publication or website does not have a copyright notice on it does not mean that it is not copyrighted and is available to be used freely. Basically, unless there's a statement that you can use it, assume it is copyrighted.
• just because you may never be caught breaking copyright does not make it legal!
• at least one Australian copyright violator has been arrested, taken to America, charged, tried, convicted and jailed in America.
• copyright is different to registered trademarks and patents. They do have to be registered.
• ideas cannot be copyrighted; the expression of an idea can be copyrighted. e.g. you cannot copyright the idea of a love song, but the Beatles can copyright 'She Loves You Yeah Year Yeah'.
• there are some exceptions to the copyright law to allow research, study, satire and review. The general rule is that for those purposes one can use 10% of a work or a chapter.

This act now includes the amendment of 2000 (Digital Agenda). Don't refer to that act separately now.

ITA KK4.2.03 - procedures and equipment for preventing unauthorised access to data and information and for minimising the loss of data accessed by authorised users.

• Viruses and other 'malware' - scanners for viruses/worms, trojans, spyware
• Hackers - hardware or software firewalls; train staff to reject suspicious attachments, social engineering attempts (including phishing)
• Equipment failure - redundant backup equipment (e.g. backup power supply, RAID)
• Fire - detectors, extinguishers, alarms
• Incompetent or disgruntled employees - staff need training to avoid errors that could damage or lose data
• Don’t give everyone access to all data – apply the “need to know” principle and only give people access to data they need to do their job.
• Use reliable hardware to minimise risk of failure
  
• Use passwords (but don't believe they're foolproof security by themselves!)
• Use biometric identification
• Don’t let disgruntled employees near data
• Use physical security such as lock and key, security passes
  
• Set up and rigidly follow a backup scheme, e.g. Grandfather-Father-Son, Tower of Hanoi
• Use good backup equipment and quality backup media.
• Store backups off site
• Do a test restore so you know backups are valid
• Have a valid and tested data disaster recovery plan

ITA KK4.2.04 - possible consequences for organisations of the violation of, or failure to follow, security measures.

• breach of privacy of information - can result in criminal prosecution
• loss of intellectual property - can lose valuable brainwork such as music, films, books
• loss of income due to unavailability of information or services - organisations with a malfunctioning network, website, or online ordering will lose sales and customers
• loss of good reputation with the public
• damage to equipment by hackers, viruses
• theft of expensive equipment

ITA KK4.2.05 - disaster recovery strategies, including testing.

• Have a data disaster recovery plan (DDRP)
• Have recent, reliable backups
• Have emergencies procedures documented and conduct drills to practise them [i.e. testing the strategies]

ITA KK4.2.06 - criteria for evaluating the effectiveness of data security management strategies.

• How many data losses were experienced in relation to the nunber of threats encountered
• How disruptive or inconvenient the strategies were
• How much the strategies cost in terms of time, staffing and money
• Did strategies have effect in a timely manner to prevent loss, or at least minimise damage or loss?
• In the event of disaster, did the strategies allow data to be recovered?