Terms Of Reference
The management of Zoomies have put together a team of people and briefed them to examine the importance and use of information within and between organisations. This team has been given the job of establishing how and why information is communicated and looking at the legislation, which affects this. Once they have completed this they will then go on to complete a more detailed study in which they will compare and contrast documents created by Boots and Sainsburys. It is hoped that by undertaking this research that the team will be able to design some quality documentation for Zoomies to use.
The team will use a wide diversity of resources to enable them to understand how and why information is communicated and how various laws affect this. They will use business text books, the internet as well as documents collected from a number of businesses to contribute with this task.
1.2 What is an organisation?
An organisation is a group of people that are working together to achieve a mutual goal by working at a sequence of objectives. Organisations can vary in many things such as size; it could be as little as one person or thousands of people working worldwide in a large international company. The word organisation is used as a collective to describe all types like banks, charities, professional practices, production companies and government departments.
There are three different types that categorize into two different sectors. The two sectors are Public and Private and the three different types of organisations are Utility, Commercial and Governmental.
A public service organisation is to offer services and goods from public funds. The main goal is not to make a profit but many public organisations aim to try to be profitable. Their main aim is to help the public as much as possible and to do it as cheap as they can. This can apply a lot of pressure to these organisations, as keeping down costs can be difficult while providing a service. They have turned to ICT to help like many of the companies in this type of organisations. This is a public sector organisation as they are provided by the government.
Commercial organisations main goal is to try and make profit. The main function of a commercial organisation is to buy and sell goods and services. An example of a commercial organisation is a shop buys goods from its suppliers and then adds its profit before selling the goods to the public. Some shops buys the goods from a wholesaler instead of the manufacturer, the wholesaler like the shop will add profit before selling it to a retailer, which makes the wholesaler a commercial business as well. The commercial organisation is a private sector organisation as it’s the money put into the commercial business is not from the government.
The utilities organisation is an organisation, which provides an essential material to the customer for money. Utility organisations are aiming for a profit while providing their service. The majority of the utility organisations are now privatised so many of them are competing against each other to try and get the customers money. These companies that are competing against each other are responsible for the safety and the distribution of the product or service.
A Sole Trader is a person who is the single owner to a business. The business may have more employees but it will only have one owner. The sole trader is the most popular ownership in the UK. It is probably because it is very easy to succeed as the owner can offer professional services to customers. They can also be supportive to the customer’s needs as since they are more connected to each individual costumer. It can help the local people in the town or village as it is a small business and that can help get trust, which can make the business grow. It is really important for the sole trader to be keeping the business accounts and records as they are needed for the inland tax revenue and they could get into serious trouble if they did not have the paperwork to give to the inland tax revenue. In addition, the sole trader would need to follow the law to protect the customers. Some advantages of being a sole trader is it is cheap to set up and all of the profit goes to you after you pay your workers also you are in complete control of your business so if you don’t like something you can get rid of it. Some disadvantages are if the sole trader retires or dies then the business might be difficult to continue. Another disadvantage is you as the sole trader have unlimited liability for the company which means you are responsible for your company’s debt and finance and if your business goes bankrupt then you might have to sell your personal belongings to pay off the debt.
Partnership is when two or more people own the business. Most businesses have two to twenty members although there can be more for example a banking agency can have hundreds of partners. A partner is normally set up using a Deed of Partnership. The deed of partnerships usually contains the amount of money each partner should give to the company. How profit and losses are given out and who should get the most to the least. How many votes each partner gets which is usually based on how much money each partner provides to the business. As well as how the partnership takes on new partners and how existing ones leave. Some advantages to a partnership are there is less risk between one person as it is spread among all the partners so if the business gets into trouble then they can share out the debt equally to all the partners. Each partner will bring money and his or her skills to the business, which might complement the work done by the original partner. Increased reliability as the business is between many people instead of just one person; this is shown as less risky to buyers and suppliers than just trading with a sole trader. It can be beneficial for a sole trader to develop into a partnership as the new partner could bring money, new ideas or even a new location for the sole trader as well as there is less risk whenever a sole trader joins a partnership because the debt would be shared out to all the partners not just one person.
A Limited Company is a business owned by shareholders but it run by directors of the company who may also be shareholders. The directors are hired by the shareholders to run the company. The directors always have to act in the best for the company as well as being responsible for their own actions and be prepared for the consequences of their actions. Limited liability means that the shareholders can only lose they have invested into the company which means that more people will invest into a company. People can claim back the money they have lost in the company.
There are different limited companies. There is Private Limited Company and Public Limited Company. There are many differences between the two Limited Companies. Some being the public stocks or shares can be purchased or traded on the stock exchange. These shares are initially put onto the market for prices that can exceed £50,000 whereas in a private Limited Company, the shares are not available to members of the public and the price of a share can be much lower or higher. There are reasons for a Private Limited Company to become a Public Limited Company. One of these reasons is that the shares can then be offered to the public, which takes away the restriction on the finance; this is especially good if the business is looking to expand. It is also easier to get money from others sources of finance although you do not get put on the stock exchange straight away to do that you have to do floatation. There are disadvantages to becoming a plc as well. Some of them are it can be complicated and money consuming to become a plc as well some financial information has to become available for everyone which could contain your competitors. There is also an increased threat of takeover, which could get you kicked out of your own business.
Franchises are whenever a franchisor sells the rights to another business or franchisee so the franchisee may run the business for their own financial gain. The franchisor may still run some other parts of the business but the franchisee will run a certain part or place of the business. The franchisee is often told they will be given part of the business for investing around £10,000 to £50,000. Once the business is bought, the franchisee will have to pay the franchisor some money out of its profits on a regular basis. Depending on the business, the franchisor will sometimes pay for the training, marketing and even some of the supplies for the franchisees business as well as the advertising for the whole business. Some advantages of a franchise is that it is a tried and tested market place which means that it should succeed as it already has a big name and that the franchisee is only relocating this name of the business and as long as it’s in a good enough place and is given appropriate equipment it will succeed. Another advantage of a franchise is it would be easy to collect the money to buy the franchise, as a bank would give you a loan as long as you have not got a history of paying the loans back. A major issue with buying a franchise is that if you have to get a loan from the bank that means you have to pay back the bank as well as the franchisor which means you get less overall income and you have to follow the business rules as the business isn’t yours.
1.3 What is the difference between data and information?
Data is raw facts and figures, which need to be processed before it can be turned into something useful. This processing is called data processing. The data means nothing before it is processed. It is not enough for the data just to be processed, as it needs to be of use to the company. Information needs to be accurate, complete and up to date as if any of these are wrong then you would not be able to use the information or the data to its full extent.
1.4 The importance of information for organisations?
Information that is collected is just as valuable as the company’s money or resources and people. The information may come in many trends like market trends, buying preferences and customer profiles. It may be processed, analysed as well as summarised before the managers of the company will use it to make a decision, which is best for the company. For the information to be valuable, it needs to be accurate, complete and up to date. The information is to be accurate this means that the information needs to be correct because then it has more use to the company which wants to use it as then they can get more sales out of the information. If the information is not accurate then they could be wasting their time with people who have no need for their product, which will not end well and profitable for the company. The information needs to be complete this means that all the information is there because if it was not all there then some important details could be missing and that could be wasting the company’s time whenever they are not going to get a sale from the call. The information needs to be up to date this means that the information needs to be recent because if it isn’t up to date then the company could be wasting time with a customer that has already bought that product recently and has no need for another one which wastes time and money for the company. The value of information comes in many different forms such as a list of people with a large credit balance. This could be good to banks, as they do not want to give these people loans as then there is a lowered chance to get their money back. Some others examples of information are a list of customers that have bought cars in the last three months as then they are not looking a new car so the garages wouldn’t have to phone them and waste their time. Another example is a CD ROM of every postcode in the United Kingdom this is useful for companies, which have to go door to door to sell their products. This can also lead to flyers going out to these addresses, which could increase the number of customers the company gets. Some companies target people whenever they such as make a credit card purchase, a mail order purchase, a telephone order purchase and they save the information about you and the product you buy into a database. The information can be used to target you with advertisements on products that you are most likely to buy. Information is so valuable to some companies as these companies that sell products by mail need to keep an up to date list of names and addresses. This data that companies keep this data so they can sell this on to other companies who can then send you informational flyers about their company.
1.4.1What is commercial information?
1.4.2 Why is Commercial Information needed?
Commercial information is the information that is used day to day in a company day such as customer, staff and supplier details, which could mean when a delivery is coming in with materials so that a staff member could be there to collect the materials. The commercial information helps managers make decisions, which could help the business greatly like taking a main supplier by paying them slightly more to off of a competitor, which could make the business money. This commercial information needs to be kept somewhere were only trusted employees can access it as it could cost the business money if the information got out.
1.4.3 What is Financial Information?
Financial information is the information that is recorded in written or electronic documents which contains the financial information about what the company is spending and purchasing. Some examples are the Business balance sheet which shows the resources and liabilities of a company at a given time as well as An Income statement – records the company’s money made and money spent while comparing both to profits. It records how much money the organisation has used and has in the bank. Accountants are the people in charge of these within larger companies while in smaller companies the owner can handle this but may still employ someone so they do not have to. If this information was not handled correctly then a similar occurrence may happen like what happened with the commercial as a rival company could come in and steal business off of the careless company. The financial information is needed in a day to day of a business as it allows managers and executives to make informed decisions about the company.
Legal information is the information that functions within a set of laws. These laws were created and made formal by parliament and affect organisations. These laws are set up to make sure that every organisation functions fairly and if they do not then they could face fines or even jail time.
Employment law is to protect employees’ health, safety and their rights. E.g. Sex Discrimination 1975, which means employees, cannot be discriminated against due to their gender. Equal pay act 1970 which means people who do the same jobs get the same pay no matter of gender, race, religion or sexual orientation.
Consumer Protection is to ensure consumers are treated fairly. E.g. Sale and supply of goods act 1994, which means goods, must be of good quality. Consumer credit act 2006 which means protect the consumer when borrowing money or buying things on a credit card.
Competition Law is to ensure competition takes place fairly within industry. Competition means lower prices, better quality goods and wider product range. E.g. Competition Commission (CC) and Office of Fair Trading (OFT).
1.5 Network Security
We have spoken about what an organisation is and what information is. All the information that we have discussed carry’s important information that is needed to be secure and if it got into the wrong hands, it could cause major issues for the organisation. In modern business, nearly every business will use a computer to store process and transfer information. Large businesses will use a network to store, transfer and process information.
There are two different types of network which are WAN and LAN. WAN is wide area network and LAN is local area network. LANs are confined to a small area and this small area may be a single building but does not have to a single office but it could be multiple buildings as long as it stays on the same site. A computer will be near the centre of the site and it is called fileserver or server.
A WAN covers a large geographical area. For example, builds like banks have theirs main computers positioned at one place with connections made by telephone wires to the various buildings. WANs can cause computers to be linked together via satellite or telecommunication links. These computers may be in different areas or in different countries. A router is needed to enable two different networks to be connected and also allow many computers on a network to share an ISDN (Integrated Services Digital Network) line for internet access.
An advantage of using networking is expensive technology like printers and scanners can be shared between people. In addition, messages can be sent between people on the same site with LANs or anywhere in the world using WANs. Files can be shared over networks and are stored centrally making them easier to take care of and backup so you do not lose files.
Some disadvantages of using networking are that it can be expensive if a WAN is needed as sophisticated equipment and telecommunication links are needed. If the LAN or WAN does not work some people may not be able to access their work which could potential lead to tasks being done manually. Data must be set so it is secure and access rights need to be in place so people cannot access something they are meant to. In addition, networks require someone to constantly maintain them to keep them running successfully.
1.5.1 User IDs
User IDs are also known as usernames and they are a unique identifier for a person in a network. The username only allows the person that knows the username into their account so it will slow down any hackers or even stop them from getting into the account. For Example mcarr867 is a good username as the M represents his first name which is Matthew and the second part which is Carr stands for his second name. The numbers 867 are numbers selected which will be unique to his username. The username only allows Matthew Carr into his account as long as no one knows his username.
Passwords are used to keep important information away from people who are not meant to see it or are used as another security measure. Passwords usually contain capital letters, symbols and numbers. A good password should contain all of these as well as be at least eight characters long. If your password is, unsecure that means people can access your documents and other important files. An unsecure password would be a password, which has not got at least eight characters, does not contain symbols or capitals or is related to something the person really enjoys like klopp. An example of a better password is Liverpool1 but this password still is not as secure as it could be, as people may know that they are a Liverpool fan. A secure password could be a childhood pet or the street you grew up living on. This is secure, as not many people will know them and they should contain capitals, symbols and numbers. A password usually is used with usernames. The combo of usernames and secure passwords make it very difficult for someone trying to access data in some ones account or computer. The password in a network is unique and will mean you are the only one, which can access your documents. You should never have your password written down on a piece of paper which is on your desk as then someone else could learn your password and then could access your documents.
1.5.3 Access Rights
A method of securing a network is to use different levels of access within the network. This allows some people more control than others and what activities they can do. There can be many different restrictions of access such as read and write. Both can be used together and on their own so one user can have read permissions and the other can have write permissions. For example, a business can have many different departments which can access legal and financial access but the different departments do not need to see both sets of information so the business stops them from seeing and changing what they do not need to see or change. Another example is within a school. Pupils can have access to see certain documents but cannot actually change the documents while on their account as only the teacher is able to change these documents. In addition, teachers can change pupils’ passwords, access pupils’ documents and view pupils work. Whereas the pupils can only change their passwords, access their work and documents.
Encryption is whenever information is transformed into data that is unreadable to anyone that does not have the ‘key’ to access the encrypted information. The information needs to be decrypted for it to be readable. When using encryption, the sender and recipient must use the same algorithm technique. The encryption algorithm can be divided into two groups, which are symmetrical and asymmetrical. In symmetrical algorithms, the sender uses a shared secret key to encrypt the information. The receiver must use the same secret key to decrypt the information. In an asymmetrical the sender and receiver use similar but not exactly, the same keys to encrypt and decrypt the information. Each person has two pairs of keys, which one is public and one is private. When someone wants to encrypt a message, they use one of the keys, which are the public key, and then to decrypt the information they use the private key.
There are two types of encryption, which are Password Protected and Application Encrypted. Password protected is whenever a password is needed to access the information that has been sent to the user. This can be done on every document or piece of information. Both the sender and the receiver need passwords to encrypt it as well as decrypt it. An advantage of password protecting the file means the file can only be accessed if they know the password and anyone that does not know the password can know decrypt the information. If the file were not encrypted, then anybody would be able to get the information and give it to an opposing firm.
1.5.5 Back up Procedures
A back up is whenever a copy of the most recent work is made encase of the other file corrupting. This allows the user to have a copy of their work that is up to date with their proper main one as it stops the work from being permanently deleted and all their data from being lost. As if a backup is made then the user can simply restore the backup of work and continue from where they left off. This should be done regularly to stop your work form deleting and to save them time if the work does delete. The more work the person does the more the work should be backed up. A backup procedure would be saving the work onto a magnetic tape at the end of a week and then storing the tape in another building to make sure that the magnetic tape is secure and free form danger. An example of a disaster that could happen is the business could catch on fire and they could lose all of their data and information they have gathered. Whenever the magnetic tape is in another building if the business goes on fire then it is not harmed or damaged which means they could use that as a backup.
1.6 Computer Misuse Act 1990
The computer misuse act is an act set up top stop people from attacking computer user different forms such as computer viruses or computer hackers that intend to steal and possibly pass on private information to others who wish to do harm. Before 1990, there was nothing in place to stop people from doing these harmful acts so the UK government implemented this act to stop people from hacking or implanting viruses onto computers. A virus is a program that is designed to do many things on your computer such as to delete or alter files or just be an annoyance to you. A virus is usually sent over email or is in another program but there are many other ways such as downloading of the internet. Anti-virus software can be downloaded to your computer. The anti-virus will stop the virus or contain the virus so it cannot delete or access your files. A computer hacker is a person who tries to gain access to someone else’s computer with the purpose of deleting or altering files normally. You are able to take precautions or slow the hacker down by using a firewall. A firewall is a barrier of special software that stops access to areas of the computer.
There are different levels of offence for the computer misuse act 1990 as if you hack into something without permission to be there then you can be fined £5000 or up to six months in prison, which is, stage 1. Stage 2 is whenever you hack and intend to take or alter data that is on the compute. This carries an unlimited fine as well as up to five years in prison. Stage 3 is whenever you carry out the hacking as well as you alter or steal information. This carries an unlimited fine as well as five years in prison.
There are many problems to do with prosecutions that come under the misuse of computers. One of these problems are offences are difficult to prove as hackers are usually good enough to leave no evidence or trail that will lead back to them. Another problem is that firms especially like banks do not tell the police, as they are embarrassed and do not want their clients knowing that they were hacked and that they are potentially unsafe particularly when dealing with money. In addition, the police lack experience and money when dealing with such crimes and the crime is considered soft as no one dies or gets hurt. Employees are usually just demoted or fired if they are caught trying to hack or implant a virus.
Someone decides to show their skills to their friends by hacking into the university database. A couple weeks later, he finds out he did not get the mark he thought he deserved so he goes into the database with the intent to change his mark but someone comes into his room so he cancels it. The day after he decides to lock his door and hacks into the database to change his mark to something he thinks he deserves.
1.7 Data Protection Act 1998
The data protection act is a law set up to protect personal data stored on computers or in a paper filing system. The data protection act was set up to protect people from misusing data. There are eight principles of the data protection act which are: data must be kept secure, the data that is stored must be relevant, accurate and up to date, the data must be gotten rid of whenever it is not needed, the data must be attained and processed lawfully, the data must be processed within the data subject rights, the data must be attained and specified for lawful purposes, the data must not be transferred to other countries without acceptable data protection laws.
There are three people involved with the data that is collected. The first one is called the information commissioner, this is the person that is in control of the data protection act and he has the power to enforce the act. The second person is called the data controller, this is the person that collects the information about people within the company. He also stores the data about the people and it is their job to remove the data whenever the person is no longer with the company. The third person is the data subject, this is the person who has data stored about them that is outside their direct control.