Text book yang digunakan “Modern System Analysis and Design, 5th Edition, 2008, oleh Hoffer, J.A. Practical software memperkenalkan pembuatan system design dengan Oracle Designer.
Kuliah dimulai dengan memperkenalkan system development methodology, SDLC (Planning, Analysis, Design, Implementation dan Maintenance) dari waterfall, prototyping, CASE tool, JAD (Joint Application Development), RAD (rapid Application Development), Agile, eXtreme Programming (XP), dan OOAD (Object-Oriented Analysis Design).
Identifying and selecting system development projects: identify potential development projects (selection method: top management, steering committee, user department, development group); classifying and ranking IS development projects (Evaluation criteria: value chain analysis, strategic alignment, potential benefits, resource availability, project size/duration, technical difficulty/risks).
Managing the information system project: dimulai dengan Project initiation and planning: fokus pada organizing project team dan perkembangan project charter. Deliverables dan outcomes: Feasibility study (Economic, technical, operation, scheduling, legal and contractual, dan political); BPP (Baseline Project Plan); PSS(Project Scope Statement).
Requirement determination: Traditional method: interviewing, NGT (Nominal Group Technique), directly observation, Analyzing procedures and documents; contemporary method: JAD (Joint Application Design, GSS (Group Support Systems), CASE tools, system prototypes. RAD (Business Process Engineering/BPR), disruptive technologies, Agile methodologies. Sedangkan Sources of Software: Information and Communication (ICT) services firm, packaged software providers, ERP provider, application service providers (ASPs), open source, in-house development.
Requirement structuring: Process modeling: context diagram, DFD of physical system, DFD of logical system. Logic Modeling: English pseudocode dan decision table.
Conceptual data modeling: Entity Relationship Diagram (ERD) dan a set of entries about data objects to be stored in repository or project dictionary. ERD: Entity type, Attribute, Relationship, cardinality, associate entities, subtypes and supertypes, dan business rules (domain dan triggering operation).
Database Design: well-structured relation and primary keys, normalization and rule of normalization, design physical file and physical table (denormalization), file organization (sequenced, hashed, or pointer), indexed file organization, designing controls for files.
Designing forms dan reports: meaningful title, information, balanced layout, dan easy navigation system. Designing interface and dialogues: flexibility and consistency; controlling data input; providing feedback and help. Finalysing design specifications: stated simply, complete, unambiguous, dan concise.
6 kegiatan utama pada system implementation: coding; testing (yaitu: unit testing, integration testing, system testing); installation (direct, parallel, single-location, phased); documentation (system documentation dan user documentation); training (use of the system, general computer concept, IS concept, organizational concept, system management, system installation); and support (Internet-based online, FAQs, On-demand fax, voice response system, knowledge bases, dan help desk).
Sedangkan User testing mencakup: acceptance testing, alpha testing (recovery testing, security testing, stress testing, performance testing), dan beta testing.
4 kegiatan utama pada Maintaining information system meliputi: obtaining maintenance request, transforming request into changes, designing changes, dan implementing changes.
Kamis, 16 Juli 2009
INFS7221, IS Control dan Audit (Course semester 1)
Text book yang dipergunakan “Information Technology Auditing and Assurance, 2th edition: 2005, oleh Hall and Singleton. Sedangkan practical software menggunakan ACL Aplikasi.
Perkuliahan dimulai dengan penjelasan nature and function of auditing, Jenis internal audit (yaitu: IT Audit, fraud audit, operational audit, compliance dan financial audit). Perbedaan antara internal dan eksternal audit. Penjelasan istilah audit risk, inherent risk, control risk, detection risk. Dilanjutkan dengan penjelasan secara garis besar bahwa IT Audit mencakup IT Risk Management , IS Risk Management, Operational Systems Risk Management , dan Technologi and Security Risk Services.
Penerapan Internal Control bertujuan untuk mencapai effective, efficient, penyelamatan asset, dan kesesuaian dengan rule dan policy. Kegiatan control meliputi general control, application control dan physical control (verification, authorization, segregation of duty, supervision, accounting records, dan access controls).
IT Auditor harus mengerti mengenai data management seperti struktur dan organisasia data dan database, ethics for IS/IT Auditors (Irregular and illegal acts dan frauds, Regulatory and legal issues, computer crimes, computer ethical issues, Intellectual property, Cybercrimes, privacy issues, business ethics).
Disamping itu, IT auditor harus memahami teknikal dalam IT yaitu: centralized data processing dan distributed data processing, computer centre controls, control object risks, controlling audit trail, Disaster Recovery Plan (DRP), dan fault tolerance. Peran penting auditor dalam proses SDLC (System Development Life Cycle) baik in-house development maupun purchase software. Auditor harus memahami network topology (star, hierarcy, ring, bus), network architecture (peer to peer, client server), network device dan EDI (inter-company transfer). Trend teknologi yang mengarah pada penggunaan ERP Software yang terdiri dari 2 main application: OLTP (Online Transaction Processing) dan OLAP (Online Analytical Processing). Auditor harus memahami pula input control, process control dan output control sebuah system yang baik.
Aplikasi auditing pada “revenue cycle system” yang dimulai dari sales procedures, warehouse procedures, shipping process, billing procedures sampai cash receipt yang diterima account receivables. Selanjutnya, penerapan auditing pada “expenditure cycle system” yang dimulai dari purchasing department, inventory control, validasi vendor, receiving department, sampai dengan pembayaran pada account payable. Subtantive test yang harus diperhatikan pada kedua system ini adalah: existence, accuracy, completeness,dan valuation.Finally, auditor harus mengerti jenis fraud (fraudulent financial statement, corruption, asset misappropriation) dan teknik mendeteksi fraud dengan menggunakan ACL Software (contoh: personal purchases, ghost employees, fictitious expenses, altered payee, pass-through vendors, theft of cash or inventory, dan lapping).
Perkuliahan dimulai dengan penjelasan nature and function of auditing, Jenis internal audit (yaitu: IT Audit, fraud audit, operational audit, compliance dan financial audit). Perbedaan antara internal dan eksternal audit. Penjelasan istilah audit risk, inherent risk, control risk, detection risk. Dilanjutkan dengan penjelasan secara garis besar bahwa IT Audit mencakup IT Risk Management , IS Risk Management, Operational Systems Risk Management , dan Technologi and Security Risk Services.
Penerapan Internal Control bertujuan untuk mencapai effective, efficient, penyelamatan asset, dan kesesuaian dengan rule dan policy. Kegiatan control meliputi general control, application control dan physical control (verification, authorization, segregation of duty, supervision, accounting records, dan access controls).
IT Auditor harus mengerti mengenai data management seperti struktur dan organisasia data dan database, ethics for IS/IT Auditors (Irregular and illegal acts dan frauds, Regulatory and legal issues, computer crimes, computer ethical issues, Intellectual property, Cybercrimes, privacy issues, business ethics).
Disamping itu, IT auditor harus memahami teknikal dalam IT yaitu: centralized data processing dan distributed data processing, computer centre controls, control object risks, controlling audit trail, Disaster Recovery Plan (DRP), dan fault tolerance. Peran penting auditor dalam proses SDLC (System Development Life Cycle) baik in-house development maupun purchase software. Auditor harus memahami network topology (star, hierarcy, ring, bus), network architecture (peer to peer, client server), network device dan EDI (inter-company transfer). Trend teknologi yang mengarah pada penggunaan ERP Software yang terdiri dari 2 main application: OLTP (Online Transaction Processing) dan OLAP (Online Analytical Processing). Auditor harus memahami pula input control, process control dan output control sebuah system yang baik.
Aplikasi auditing pada “revenue cycle system” yang dimulai dari sales procedures, warehouse procedures, shipping process, billing procedures sampai cash receipt yang diterima account receivables. Selanjutnya, penerapan auditing pada “expenditure cycle system” yang dimulai dari purchasing department, inventory control, validasi vendor, receiving department, sampai dengan pembayaran pada account payable. Subtantive test yang harus diperhatikan pada kedua system ini adalah: existence, accuracy, completeness,dan valuation.Finally, auditor harus mengerti jenis fraud (fraudulent financial statement, corruption, asset misappropriation) dan teknik mendeteksi fraud dengan menggunakan ACL Software (contoh: personal purchases, ghost employees, fictitious expenses, altered payee, pass-through vendors, theft of cash or inventory, dan lapping).
INFS7210, E-commerce Fundamental (Course semester 1)
Textbook yang dipergunakan Electronic Commerce, 8th Edition: 2009, oleh Schneider. Sedangkan practical programming adalah introduction HTML, CSS dan Java Script, yang sebagian materinya diambil dari http://www.w3schools.com.
Awal kuliah meperkenalkan definisi e-commerce, perbedaannya dengan traditional commerce. Kemudian sejarah dan ‘pros and cons’ menerapkan ecommerce. Menjelaskan ‘overview’ kategori dari ecommerce meliputi B2B, B2C dan B2G. Dan issue terkait dengan ecommerce seperti: teknologi, sekuriti, payment, legal dan globalization.
Business Decision-Making dengan menggunakan SWOT analysis; Porter’s five force model; Supply chain and value chain; WCOC (Working Capital Operating Cycle); NPV (Net Present value).
Planning e-commerce project: Identifying objectives, linking objectives to business strategies, measuring benefit dan cost objectives, strategi untuk website development, project management, staffing, post implementation audit.
Technology basics: Tracking shipment, packed-switched networks, routing packets, Internet services and protocols, domain name, public and private network, Internet connection, markup language, Intelligent Agents, and cookies.
10 langkah membuat commercial website: domain name selection and registration, website creation, web host selection, accept payments, site security, site promotion, site maintenance, CRM (customer Relationship Management), site globalization, stay education.
5 requirements for secure ecommerce: confidentiality, integrity, availability, authentication, non-repudiation. Data security dengan menggunakan cryptography, public and private key, digital signature, dan certificate signature.
B2C Application: Web business revenue (web catalog, digital content, advertising supported, advertising-subscription mixed, fee-based); disintermediation and re-intermediation; 4 Ps marketing (product, price, Promotion, Place).
B2B Application: pelaku yang terlibat adalah perusahaan dan pemerintah dengan nilai transaksi yang besar. B2B sangat memperhatikan sekuriti yang lebih ketat, dan penggunaan EDI (electronic Data Interchange) yang mempunyai peran yang sangat penting untuk purchasing process, keperluan inventory, dan electronic auction.
Electronic Payment System (EPS): electronic payment cards (credit, debit, store-value card), virtual credit card, e-wallet, smart card, e-cash. 5 pelaku yang terlibat dalam e-payment: buyer, seller, issuer, regulator, Automated Clearing House (ACH).
Ecommerce berorientasi untuk pecapaian ‘globalization’ dengan akses pasar yang lebih luas, mobility, flexibility, ability to do business anytime anywhere dengan reasonable cost. Analisa CAGE (Culture, Administration, Geography, Economics) digunakan untuk mengukur ‘market barier’ di suatu negara.
Ethical dan Legal issue terkait dengan “contract enforcement, intellectual property (patent, copyright, trademark), taxation, online crime, terrorism and warfare, online gambling”.
Awal kuliah meperkenalkan definisi e-commerce, perbedaannya dengan traditional commerce. Kemudian sejarah dan ‘pros and cons’ menerapkan ecommerce. Menjelaskan ‘overview’ kategori dari ecommerce meliputi B2B, B2C dan B2G. Dan issue terkait dengan ecommerce seperti: teknologi, sekuriti, payment, legal dan globalization.
Business Decision-Making dengan menggunakan SWOT analysis; Porter’s five force model; Supply chain and value chain; WCOC (Working Capital Operating Cycle); NPV (Net Present value).
Planning e-commerce project: Identifying objectives, linking objectives to business strategies, measuring benefit dan cost objectives, strategi untuk website development, project management, staffing, post implementation audit.
Technology basics: Tracking shipment, packed-switched networks, routing packets, Internet services and protocols, domain name, public and private network, Internet connection, markup language, Intelligent Agents, and cookies.
10 langkah membuat commercial website: domain name selection and registration, website creation, web host selection, accept payments, site security, site promotion, site maintenance, CRM (customer Relationship Management), site globalization, stay education.
5 requirements for secure ecommerce: confidentiality, integrity, availability, authentication, non-repudiation. Data security dengan menggunakan cryptography, public and private key, digital signature, dan certificate signature.
B2C Application: Web business revenue (web catalog, digital content, advertising supported, advertising-subscription mixed, fee-based); disintermediation and re-intermediation; 4 Ps marketing (product, price, Promotion, Place).
B2B Application: pelaku yang terlibat adalah perusahaan dan pemerintah dengan nilai transaksi yang besar. B2B sangat memperhatikan sekuriti yang lebih ketat, dan penggunaan EDI (electronic Data Interchange) yang mempunyai peran yang sangat penting untuk purchasing process, keperluan inventory, dan electronic auction.
Electronic Payment System (EPS): electronic payment cards (credit, debit, store-value card), virtual credit card, e-wallet, smart card, e-cash. 5 pelaku yang terlibat dalam e-payment: buyer, seller, issuer, regulator, Automated Clearing House (ACH).
Ecommerce berorientasi untuk pecapaian ‘globalization’ dengan akses pasar yang lebih luas, mobility, flexibility, ability to do business anytime anywhere dengan reasonable cost. Analisa CAGE (Culture, Administration, Geography, Economics) digunakan untuk mengukur ‘market barier’ di suatu negara.
Ethical dan Legal issue terkait dengan “contract enforcement, intellectual property (patent, copyright, trademark), taxation, online crime, terrorism and warfare, online gambling”.
ACCT7209, Business Information Systems (Course semester 1)
Textbook yang dipergunakan Accounting Information Systems 7th Edition, 2007 karya Gelinas dan Dull. Sedangkan untuk practical menggunakan buku MYOB17, 2008 karya Flanders D dan Gourlay, D.
Konsep yang diperkenalkan dalam kuliah ini adalah membentuk kerangka berpikir (framework) ketika menghadapi sebuah studi kasus atau permasalahan terkait dengan business information systems. Pertama-tama kita harus menentukan level “key decision” sebuah organisasi atau perusahaan yang akan dicapai (level transactional, operational, managemen atau strategis?). Contoh: Transactional: Has a sales order been processed on a timely basis?; Operational: Do we need to order more inventory?;
Management: Can we reduce delivery time for products sold?; Strategic: Should we be in this line of business? Kemudian, mendefinisikan Critical Success Factors (CSFs), Key Performance Indicators (KPIs) dan mengetahui sumber informasi yang diperlukan. Contoh: Critical Decision: Should we be in this line of business?; CSF: Predicted sales trends; Information required: Demand and price prediction, entry of competitors.
Karakteristik informasi untuk strategic level: less defined, External, summarized, future, infrequent, dan less accurate. Sedangkan karakteristik infomasi untuk operational level: well-defined, internal, detailed, historical, frequent, dan more accurate. Perspektif dari managerial decision making: Effective (Are goals being achieved?), Efficient (Is resource consumption being minimized?), Asset safeguard (Are the assets of the organization being protected?)
Memahami konsep ‘IT Governance’ dan Business Process Management (BPM), Flowchart, dan Data Flow Diagram (DFD). Memahami ‘term of System Concepts’, diantaranya: thing (resource, agent, location, external entity); property (attribute); state of thing (value); event; history of thing; tight internal cohesion and loosely coupling between system or subsystem; system; sub system; type; subtype; component; input and output; environment; hereditary and emergent properties. Perlunya sebuah control dalam system yang dapat mendeteksi, mencegah, dan memperbaiki loss, threat, unlawful state, event, atau transformation.
Nature of Information Systems, IS adalah a symbol system yang memberikan representasi dari some real-world phenomena.(Contoh: Fields: properties of things; records: collection of properties, things and events; Files: types/classes; Programming language statement: transformations, laws). IS adalah model (states atau events), tidak merepresentasikan the real world directly.
Membahas dan mendiskusikan penerapan business information system pada sebuah sistem, yaitu: Sales/Order Entry System; Billing/Debtors/Cash Collection System; General Ledger System; Purchasing/Accounts Payable/Cash Disbursement System; Production System; Inventory System, dan Human Resources/Payroll System. Dengan menjelaskan definisi dan major function dari setiap system, komponen dan proses yang terjadi, dan identifikasi major decision yag diambil, CSFs, resiko, rules, dan controls.
Konsep yang diperkenalkan dalam kuliah ini adalah membentuk kerangka berpikir (framework) ketika menghadapi sebuah studi kasus atau permasalahan terkait dengan business information systems. Pertama-tama kita harus menentukan level “key decision” sebuah organisasi atau perusahaan yang akan dicapai (level transactional, operational, managemen atau strategis?). Contoh: Transactional: Has a sales order been processed on a timely basis?; Operational: Do we need to order more inventory?;
Management: Can we reduce delivery time for products sold?; Strategic: Should we be in this line of business? Kemudian, mendefinisikan Critical Success Factors (CSFs), Key Performance Indicators (KPIs) dan mengetahui sumber informasi yang diperlukan. Contoh: Critical Decision: Should we be in this line of business?; CSF: Predicted sales trends; Information required: Demand and price prediction, entry of competitors.
Karakteristik informasi untuk strategic level: less defined, External, summarized, future, infrequent, dan less accurate. Sedangkan karakteristik infomasi untuk operational level: well-defined, internal, detailed, historical, frequent, dan more accurate. Perspektif dari managerial decision making: Effective (Are goals being achieved?), Efficient (Is resource consumption being minimized?), Asset safeguard (Are the assets of the organization being protected?)
Memahami konsep ‘IT Governance’ dan Business Process Management (BPM), Flowchart, dan Data Flow Diagram (DFD). Memahami ‘term of System Concepts’, diantaranya: thing (resource, agent, location, external entity); property (attribute); state of thing (value); event; history of thing; tight internal cohesion and loosely coupling between system or subsystem; system; sub system; type; subtype; component; input and output; environment; hereditary and emergent properties. Perlunya sebuah control dalam system yang dapat mendeteksi, mencegah, dan memperbaiki loss, threat, unlawful state, event, atau transformation.
Nature of Information Systems, IS adalah a symbol system yang memberikan representasi dari some real-world phenomena.(Contoh: Fields: properties of things; records: collection of properties, things and events; Files: types/classes; Programming language statement: transformations, laws). IS adalah model (states atau events), tidak merepresentasikan the real world directly.
Membahas dan mendiskusikan penerapan business information system pada sebuah sistem, yaitu: Sales/Order Entry System; Billing/Debtors/Cash Collection System; General Ledger System; Purchasing/Accounts Payable/Cash Disbursement System; Production System; Inventory System, dan Human Resources/Payroll System. Dengan menjelaskan definisi dan major function dari setiap system, komponen dan proses yang terjadi, dan identifikasi major decision yag diambil, CSFs, resiko, rules, dan controls.