Many people use information systems and information technology as if they meant the same. They are different, and it is important for you to understand the difference between them. As we illustrated in Figure 10.1, an Information System is comprised of two sub-systems, a social subsystem and a technical subsystem. The social subsystem has two parts: people and organizational structure. The technical subsystem also has two parts: technology and business processes. The reason it is important to understand this is that all four parts of an Information system must work effectively if the system is to meet the needs for which it was designed and installed.
Information systems can be very powerful tools to help you run your organization. On the other hand, in a startup, be sure you need the support of information systems before you invest in them. It may be that you can handle your operations manually for a time and avoid the cost and time investing in a computer-based IS requires.
If you do decide to move forward with computer-based information systems it is wise to develop a plan first, and make sure you are proceeding in an orderly manner. There are three general approaches to developing an IS plan. You will also find that you have many options available for hardware and software, and the options can vary widely in initial purchase price and the kind of support provided by the vendor. If you see value in having a website there are some generally-accepted principles you should follow to make your website effective.
Many organizations have found ways to use IS for competitive advantage. Michael Porter’s frameworks, the five forces model, the three generic strategies, and value chain have proven to be useful tools in coming up with ideas for innovative information systems.
Finally, when an organization has valuable information stored in computers, it is exposed to risks from errors and from various internal and external threats. It is important for managers to evaluate the risks and come up with cost-effective measures to be sure the organization is adequately protected from loss or damage to valuable information.