Chapter OneINTRODUCTION

1.1 A Brief Introduction of the Bank

Kist Bank was initially incorporated as a 'C' class financial institution in 2003 for undertaking limited banking activities. The Bank started commercial banking activities from May 7, 2009 after complying with all the conditions of Nepal Rastra Bank (Central Bank of Nepal) for becoming a commercial bank. The Bank is a public limited company incorporated under the Bank and Financial Institution Act 2006 and the Companies Act, 2006. The Bank is licensed by NRB to undertake commercial banking services and merchant banking activities in the country. The Authorized Capital of the Bank is Rupees 5 billion and the Issued & Paid-Up Capital is Rupees 2 billion. 60 percent of the Paid-Up Capital is held by the promoter and remaining 40% is held by the general public. The shares of the Bank are listed at Nepal Stock Exchange Limited (NEPSE), the only stock exchange in the country, as 'A' category share.

The Bank has a seven member Board of Directors (BOD) out of which four represents the promoters’ group; two represents the general public and one as a professional director. Till the end of fiscal year 2065/66 (2009-10) the bank has 30 branches across the country and plans to further add 20 to the existing list

1.2 Vision of the Bank

“To become the best bank based on operational excellence and superior financial performance”.

1.3 Mission of the Bank

Our mission is to become a leading bank by providing best quality financial products and services to our customers, enhancing shareholders value, contributing to the economic prosperity of the country and creating excellent growth opportunity for our employees.

The bank currently is best known for:

Personalized Services

Speedy Transaction

Transparency in Production

1.4 Objectives of the Study:

With Technology making a leap to a higher level, various fields have been impacted severely. The extensive and irksome activities carried out in traditional/manual information systems have been swapped to an extent by the use of computerized information systems. The primary objective of this case study assignment is to carry out a detailed study of the Information system of an organization. Besides this other objectives of the study were as follow:

i. To gather information regarding the hierarchy and responsibilities within the IT Department of the bank.

ii. To identify the role of deployed Information Systems in different levels of management.

iii. To obtain knowledge regarding the system deployment process.iv. To understand the various ethical and security issues maintained within the bank.

1.5 Limitations of the Study

i. The time frame to carry out the assignment was restricted due to the hectic schedule of the respondent

ii. Managerial focus of the study might have led to the lack of technical depth of IT.

Chapter TwoFINDINGS FROM THE STUDY

2.1 Hierarchy and Responsibilities within the IT Department

Fig: Hierarchy and Reporting Mechanism

Head of IT

IT Officer (System Software)

IT Officer (Web Designing and

Maintenance)

IT Officer (Networking and

Database)

IT Officer (Card Issues)

IT Member Staff IT Member Staff

Chief Operating Officer

Chief Business Officer

Chief of Corporate Affairs

2.1.1 Responsibilities:

i. Head of IT: Monitoring and effective management of IT officers of different sub departments and provide opinions/suggestions to company executives regarding strategic decisions of IT.

ii. IT Officers: Specialize in IT Department’s sub-function and coordinate with other departments and functions.

iii. IT Member Staffs: Carry out operational tasks assigned by the IT Officers.

2.2 Role of Information System in different levels of management

The IS provides following facilities to respective level of management

a. Top Level Management: It Provides Year (period) end financial analysis reports/statements to senior executives for strategic and broad decision making (For Eg: Launching of new feasible services, extension of new counters & branches, issuing shares for raising capital funds.

b. Middle Level Management:Provides necessary information to develop and implement tactical decisions. Also helps to increase the productivity of a particular function. For Eg; to carry out performance appraisal of employees, develop/modify compensation plans, manage and operate a specific business unit (branch).

c. Operational Level Management: To store and retrieve information needed for routine transactions and encounters. For Eg: i) Storing/Retrieving transactional details of deposits, withdraws, loan etc. ii) Opening/Closing of accounts. Iii) Providing bank statements to customers.

2.3 Availability of Decision Support System or Expert System

The Bank has no such support systems currently; the benefits of such systems were suggested as following:

Benefits of DSS

i. Research has demonstrated that decision support systems help to reduce decision cycle time for an organization. DSS provides timely information, which is then used for decision making and results in enhanced employee productivity.

ii. DSS is efficient decision making, resulting in better decisions. This is because use of DSS results in quick transfer of information, better data analyses, thus resulting in efficient decisions.

iii. Use of decision support system in an organization provides a competitive advantage over other organizations which do not use DSS.

iv. Due to the use of DSS business transaction data is easily available for monitoring the performance of employees and ad hoc querying. It thus leads to enhanced understanding of business operations for the management.

Benefits of Expert System

i. Expert systems are capable of handling enormously complex tasks and activities as well as an extremely rich knowledge-database structure and content. As such, they are well suited to model human activities and problems.

ii. Improvements in reliability and quality frequently appear when expert systems distribute expert advice, opinion, and explanation.

2.4 Deployment of Information System

i. The general activities and functions carried out by a commercial bank were studied prior to the development of the system.

ii. The concerned authorities from the IT Dept were explained the operational and business functions of the bank.

iii. A thorough study report of the procurement and setup details for the system were made and purchased accordingly.

2.4.1 Development/Acquirement of the Systems

The Bank has both purchased as well as developed (in house) necessary information systems as follow

A. General Banking System(PUMORII) It is considered as one of the integral system for banking operations. The overall banking transactions and customers details are managed by this system. It also helps to formulated different types of financial reports at the time of necessity. It was bought from Mercantile Communications Pvt Ltd Nepal.

B. KIST Employees Information System The domain space was bought from a vendor (Endeavour Infotech Pvt Limited-India). The interface, contents and layout designing was done by the IT personnel themselves. It stores and manages overall employee information of the bank.

C. KBL System This system was developed in house by the bank. Its main objective is to support the general banking system. It helps to formulate detailed report which cannot be generated from the PUMORII.

2.4.2 Factors Considered During Procurement

The following factors/parameters were analyzed while purchasing Hardware, Software and other networking components:

a. Cost: The bank had realized the core importance of these IT components while making the purchase. A large amount of budget was allocated for investment in

IT. Approximately Rs 50, 00,000 was required per system configuration and installment.

b. After Sales Services: The main criteria to evaluate after sales service were; frequent visits from the company personnel, free of cost maintenance and prompt replacement if needed.

c. Performance: The system should be efficient enough to carry out overall banking transactions without any failures. The reports and statements generated through the system must be reliable and free from errors.

2.4.3 System Conversion

The bank has been relying on the same system till now for its overall banking transactions. Therefore there have been no cases of data/system conversion until this date.

However, the conversion of data and system has taken place for other organizational activity such as; Attendance recording.

In the past the bank used manual system (Ledger books) for the purpose of maintaining attendance of the employees. This type of traditional system has been replaced by the new ‘Automatic Attendance’ system. To adapt the new system, the details of employees were fed to the computerized system and automatic attendance recording were carried out.

Apart from that, the sole dependence on SCT (Smart Choice Technology) network system was replaced when the bank started to use its own switch for the ATM services. The conversion was done within a span of few months while under the parallel conversion process. Precise on-the-job training was also provided to the staffs accordingly.

2.5 Maintenance of Business Ethics in the Workplace

The bank follows a strict moral guideline while operating. The following are some of the moral/ethical grounds that the bank adherers to:

a. The information of a customer cannot be accessed by another. The same applies with employees also.

b. A unique access ID and password is provided to the employee. The employee therefore should not misuse his/her authority by intruding in other employees’ information.

c. An employee should not leak official information to outsiders. d. On the other hand, the bank has maintained a safe working environment for the

employees. The bank also has specific medical allowance for its employees.

Besides these principle followed by the bank, few technological ethical principles were suggested as follow:

i. The bank should continuously and cautiously make the employees aware for their active participation

ii. The consequences of over independence upon IT/IS should be made aware along with its risks.

iii. Benefits should be fair, equitable and transparent.iv. More benefits should be given to an employee, if he/she has to take higher risk or

responsibility.

2.6 Threats and Security Measures:

As organization is based on information system, so there lies numbers of possible threats regarded to the system. Talking to one of the member of the organization we got to know that as organization might face different sorts of internal, external and accidental threats, so the organization have undertaken different precautions or safety measures so as to avoid such threats or to get rid of such threats.

Some of the threats that the organization is facing are:

i. Internal threats- Threats from the internal staff of the organization. - Threats from the unauthorized user etc.

ii. External threats- Threats from the intruders.- Threats from the ethical hackers.- Threats from the external organization etc

iii. Accidental Threats- Wearing and tearing of the system due to natural disaster.- Threats from human accidents etc.

2.6.1 Security Measures

As mentioned the information system of the bank faces threats which might be accidental, internal or external. The bank has applied or implanted different sorts of techniques in order to get rid of the different occurring threats. Some of the precautions considered by the bank to overcome the threats are:

Encryption

Firewall

Access Control

Authentication

Security & E-mail Monitoring

Virus Protection (NOD 32)

Backup Files (Hard Disks of Branch servers, Head office servers, External Hard drives)

Control of System Failure

Auditing IT Security etc.

2.7 Vendor Information

Mercantile Communications Pvt Ltd (Nepal):

Mercantile is an emerging leader in the world of fluid convergence between technology, communication and business. As one of the largest facilities-based broadband networks, Mercantile leads the way toward a New World of frictionless business with its unique and seamless combination of technology, applications and implementation.

Endeavour InfoTech Pvt Ltd:

Endeavour InfoTech Pvt. Ltd. is headquartered in Baroda, India with other production facilities in Ahmedabad, India. It also has its global reach in countries like USA, United Kingdom, Ireland, Australia and New Zealand.

Chapter ThreeCONCLUSION

3.1 Conclusion

The case study assignment provided an opportunity to gain knowledge regarding the overall information system deployed in an organization. It encompassed information related with the IT Department of the bank that was under observation. Definite roles and responsibility of different personnel were also obtained. The study also depicted the role of IS/IT in different levels of management. There were many instances where the bank lacked the use of different information systems which were suggested to them while carrying out the study.

The initiation of an information system is carried out by a need analysis. In this context the IT personnel along with the representative from the vendors had discussions in order to finalize the procurement and installation of required IS. The bank also has its own in-house developed information system to support the general banking system.

The study was also fruitful in generating information regarding the moral and ethical principles that are held by the bank while carrying out its daily operations. Further possible technological ethical principles were also suggested. Finally different types of threats that the bank is vulnerable to were known along with its safety precautionary measures.