An integrated information system to support energy policy formulation in South Africa : a conceptual study

Cooper, Christopher John

17 March 2014

Ph.D. (Energy Studies) / The underlying assumption of this thesis is that information is critical for effective energy policy support. The objectives set and attained for this study were to: • assess existing solutions to the problem of supplying energy information; • consider developments in integrated conceptual solutions to the problems; • identify and analyse data structures for providing a single integrated information system as a solution; • evaluate and identify local energy and economic data sources for input to the proposed system; • provide a framework for information outputs in such an integrated system; and • make recommendations on the practical implementation of the conceptual . solution. The concepts underlying the basic assumption, and other parameters were clarified in Chapter 1. In particular, the link between policy formulation, modeling, and data collection, management and dissemination was shown. A study and assessment of existing energy information systems was then carried out. This investigated national systems in South Africa and other countries, and the systems of three international organisations. The structure and management of these energy information systems was assessed, as was the degree to which each provided the necessary support for policy formulation. Legislation was, where applicable, also considered. It was determined from this study and assessment that there were no integrated information systems to provide adequate information for energy policy makers through a single access point. An integrated single access point system was postulated at the conceptual level in Chapter 3. The major contribution to this conceptualisation is the concept of a single standardised referential data set A single referential data set can be used to classify all data at every level of the proposed integrated national energy information system. This integrated approach supports policy formulation and allows for the most efficient use of national resources in maintaining information. The proposed system was considered as a data flow model, to provide an overview of the collection, processing and dissemination of data. Next, a system model was developed. This divided the system into two broad divisions: the central control functions, including the referential data set; and the data modules, which provide the structure for capturing and maintaining the collected data. The final stage in this chapter . was the development of a data model which shows the relationships between the elements of the system model, particularly the relationship between the referential data set and all other data. In Chapter 4, this data model was developed further to identify entity sets and their content descriptions. It indicates in tabular format the structure of the different system components, and then shows diagrammatically the high level linkages between these components; This analysis of the proposed system is the precursor to work by systems analysts who are responsible for the final design specifications for system software. In Chapter 5 the objective was to determine sources of data for input to the national system. The South African energy economy was briefly studied and assessed for both supply and demand side information. Finally in Chapter 6, a set of output templates was developed. Once fully implemented, these will provide system users with all the necessary information to support policy formulation. Desired outputs from a system must be known before the system is designed, and are therefor included.

Energy policy - South Africa

Power resources - Simulation methods

Information security in health-care systems: a new approach to IT risk management

Smith, Elmé

16 August 2012

Ph.D. / The present study originated from a realisation about the unique nature of the medical domain and about the limitations of existing risk-management methodologies with respect to incorporating the special demands and salient features of the said domain. A further incentive for the study was the long-felt need for proper Information Technology (IT) risk management for medical domains, especially in the light of the fact that IT is playing an ever-greater part in the rendering of health-care services. This part, however, introduces new information-security challenges every day, especially as far as securing sensitive medical information and ensuring patients' privacy are concerned. The study is, therefore, principally aimed at making a contribution to improving IT risk management in the medical domain and, for this reason, culminates in an IT risk-management model specifically developed for and propounded in the medical domain. While developing this model, special care was taken not only to take into consideration the special demands of the said domain when assessing IT risks but also that it would be suited to the concepts, terminology and standards used in and applied to this domain every day. The most important objectives of the study can be summarised as follows: A thorough investigation into modern trends in information security in the medical domain will soon uncover the key role IT is playing in this domain. Regrettably, however, this very trend also triggers a steep increase in IT riskincidence figures, which, in this domain, could often constitute the difference between life and death. The clamant need for effective risk-management methods to enhance the information security of medical institutions is, therefore, self-evident. After having explored the dynamic nature of the medical domain, the requirements were identified for a risk-management model aimed at effectively vi managing the IT risks to be incurred in a typical medical institution. Next, a critical evaluation of current risk-assessment techniques revealed that a fresh approach to IT risk management in medical domains is urgently necessary. An IT risk-management model, entitled "RiMaHCoF" (that is, "Risk Management in Health Care — using Cognitive Fuzzy techniques"), was developed and propounded specifically for the medical domain hereafter. The proposed model enhances IT risk management in the said domain in the sense that it proceeds on the assumption that the patient and his/her medical information constitute the primary assets of the medical institution.

Information resources management

Computer security

Health facilities management

Developing a scaleable information architecture for an enterprise wide consolidated information management platform

Van der Walt, Pieter Willem

15 January 2009

D.Litt. et Phil. / This research addresses the concept of “information architecture” as a way of visualising and describing the various information assets and interaction of these assets within the organisation. The research further provides definitions of information and contextualises the information audit and information model as key tool for the information manager in establishing the information architecture. The establishment of the information architecture is illustrated through a case study within a large conglomeration of companies requiring a scaleable information architecture in order to address its information requirements. Through a process of interviews the information requirements of key decisions makers are established. These requirements are translated into an information architecture that forms the basis of support in delivering future information requirements for the company. The results of this research have been successfully implemented and now form the foundation of all future information management projects within this particular case study.

Information organization

Management information systems

Information technology

Information audits

Information resources management

Information overload in the South African banking industry

Burger, Elsa

14 May 2008

At present, the average employee is being bombarded with an ever-increasing number of messages information on his/her company, its products and services, as well as information on its strategy all flooding in from a myriad of sources, including internal vehicles such as e-mail, the intranet, management memoranda, internal publications, as well as the external media, such as the Internet, the local newspaper, television news and national business and industry magazines. The term “information overload” is usually understood to present a state of affairs where an individual’s efficiency in using information in his/her work is hampered by a surplus amount of relevant and potentially useful information available to him/her. The principal aim of this study, therefore, is to establish the extent and impact of information overload on the knowledge worker in the banking industry, with special reference to the part that e-mail technology plays in the creation of such overload. Broadcasting, the telephone and the Internet have revolutionised the way in which workers communicate around the globe. Electronic-messaging systems such as e-mail have become the medium of choice in many organisations, and hold significant and valuable business data, information and knowledge. These systems have had a profound impact on the way in which personal and business communications are effected in the office. With e-mail having acquired mission-critical status, a number of concomitant circumstances and consequences have arisen that present organisations, such as banks, with a variety of challenges, among which • the impact on employees’ productivity, owing to the time spent on e-mailing activities • employees’ attitudes towards e-mail • compliance with corporate policies, such as those policies governing electronic communication and computer use • surveillance and monitoring of e-mail • the quest for finding formal archiving solutions. / Prof. C.W. Rensleigh

Information resources management

Information technology

Electronic mail systems

Business communication

Banks and banking information resources

The role of management in effective knowledge and skills transfer

Buys, Neil Armstrong

01 May 2013

Ph.D. (Leadership Performance and Change) / Organisations worldwide have made substantial investments in the training of their employees even though it is generally understood that only a small amount of learning is usually transferred to the work environment. The knowledge of the extent of employer investments in training compared to the benefits that accrue from this training for the organisation underlies the continuous debate concerning the return on investment and the effectiveness of the transfer of learning. Learning Transfer is defined as the application of knowledge, skills and attitudes learned from training and the subsequent maintenance of it over a period of time. This paucity of learning transfer, in spite of the substantial investment in training by employers, must be considered against the reality of organisations continuously being confronted by demands emanating from developments such as globalisation. Equally, technological developments necessitate change in the nature of work and consequently in the knowledge and skills required by employees to perform the work, as well as for organisations to remain globally competitive. The aim of this study is to determine whether a causal relationship exists between management support for learning and the effectiveness of learning transfer. In pursuance of finding causes for the lack of learning transfer, the study has the further objective of determining whether management support could be elevated above other differentiators, such as motivation of the trainee, training design and the workplace or organisational climate factors. The study is premised on the perception that management exercises a great deal of influence over their employees and that they determine organisational outcomes because of their decision-making authority. This gave rise to the presumption that management plays a leading role in ensuring that effective learning transfer is achieved and that the nature and extent of management‟s influence determines whether effective and efficient learning transfer is realised.

Transfer of learning

Employees - Training of

Business planning

Strategic planning

Information resources management

Geographically distributed requirements elicitation

Vat, Nicholas

January 2000

The technology revolution has transformed the way in which many organisations do their business. The resultant information systems have increased the decision making powers of executives, leading to increased effectiveness and ultimately to improved product delivery. The process of information systems development is, however, complex. Furthermore, it has a poor track record in terms of on-time and within-budget delivery, but more significantly in terms of low user acceptance frequently attributable to poor user requirements specification. Consequently, much attention has been given to the process of requirements elicitation, with both researchers and businessmen seeking new, innovative and effective methods. These methods usually involve large numbers of participants who are drawn from within the client and developer organisations. This is a financially costly characteristic of the requirements elicitation process. Besides information systems, the technology revolution has also brought sophisticated communication technologies into the marketplace. These communication technologies allow people to communicate with one another in a variety of different time and space scenarios. An important spin-off of this is the ability for people located in significantly different geographical locations to work collaboratively on a project. It is claimed that this approach to work has significant cost and productivity advantages. This study draws the requirements elicitation process into the realm of collaborative work. Important project management, communication, and collaborative working principles are examined in detail, and a model is developed which represents these issues as they pertain to the requirements elicitation process. An empirical study (conducted in South Africa) is performed in order to examine the principles of the model and the relationships between its constituent elements. A model of geographically distributed requirements elicitation (GDRE) is developed on the basis of the findings of this investigation. The model of GDRE is presented as a 3-phased approach to requirements elicitation, namely planning, implementation, and termination. Significantly, the model suggests the use of interviews, structured workshops, and prototyping as the chief requirements elicitation methods to be adopted in appropriate conditions. Although a detailed study of communications technology was not performed, this thesis suggests that each individual GDRE implementation requires a different mix of communication technologies to support its implementation.

Information resources management

System design

System analysis

An assessment of the records management system with reference to the Amathole District Municipality

Ncamani, Nomsa

January 2015

Section 13 of the Eastern Cape Provincial Archives and Records Act, 2003 requires the Amathole District Municipality to manage its records in a well-structured record-keeping system, and to put the necessary policies and procedures in place to ensure that record- keeping and records management practices comply with the requirements of the Act. The study investigated the interventions that can be made to improve and promote the best system (centralised versus a decentralised records system) in terms of space resources through greater co-ordination of information management and storage systems with reference to the Amathole District Municipality. A quantitative research methodology was employed to collect data. The empirical component of the treatise utilised self-administered questionnaires. Purposive sampling was used to identify the target population at the ADM. The researcher specifically selected the users of records, namely; senior manager, mid-managers, supervisors and administration assistants. The need for training, workshops and awareness were identified as the main challenges to records management and to the employees’ understanding of the system in place at the ADM. The findings recommended that the municipality should select the records management system that best supports the conduct of business in an orderly, efficient, and accountable manner. The system should ensure that documents provide evidence of business and contribute to the cultural identity and collective memory of the ADM. Further research on the existing records management system is recommended for the Amathole District Municipality.

Records -- Management

Business process security maturity: a paradigm convergence

Box, Debra

January 2008

Information technology developments in software and hardware have enabled radical changes in information systems, culminating in the paradigm Business Process Management. There has been a concomitant rise in the importance of information security and security engineering due to the increased reliance by society on information. Information is seen as a critical success factor which needs protection. Information security is the response to increased hazards created through recent innovations in Web technology and the advent of intra and inter enterprise-wide systems. Security engineering is based on a variety of codes of practice and security metrics which aim at ameliorating these increased security hazards. Its aim is to produce a balanced set of security needs which are integrated into the system activities to establish confidence in the effectiveness of the security counter-measures. It is generally accepted that security should be applied in an integrated approach, for example, in Information Systems development. This has proved to be a noble thought but is the exception to the rule. Security, historically, is generally applied as an after-thought in an Information Technology implementation. This motivated the concept of formulating a model of integrating security inherently within the paradigm of BPM. The overarching requirements of the model are to align the overall organisational security initiatives and ensure continuous improvement through constant evaluation and adaptation of the security processes. It is the intention of this research to show that these requirements are achievable through aligning the process management methodology of BPM, with the security paradigms of Information Security Management (using the ISO 17799 standard) and security engineering (using the Systems Security Engineering Capability Maturity Model – SSE-CMM). The aim of the Business Process Security Maturity model as the output of this research, is to link the SSE-CMM, as the security metric and appraisal method, to the ISO 17799 security standard, which provides the guidance for the information security management framework and security control selection, within the Business Process Management environment. The SSE-CMM, as the security version of the Capability Maturity Model, provides the necessary strategy to control the security engineering processes that support the information systems and it maintains that as processes mature they become more predictable, effective and manageable. The aim of the model is to provide an integrated, mature security strategy within the business process and monitor and correct the security posture of the implemented counter-measures.

Management information systems

Reengineering (Management)

Organizational change

Systems engineering

Information resources management

An evaluation of management information systems in the Department of Social Development, province of the Eastern Cape

Ngqungqu, Siphokazi

January 2014

The alignment of information systems with organisational objectives and strategies is crucial to the efficient performance of any organisation. There is a growing focus on the effectiveness of management and evidence-based decision making in public institutions in South Africa. The Eastern Cape Department of Social Development and Special Programmes (ECDSD) implemented a Social Development Information Management System (SDIMS), which is an information system that supports various functions performed by the Department. While SDMIS provides large amounts of valuable information, it still has much ground to cover in terms of fully meeting the Department’s information needs. There is an increasing demand for information to inform decision making with regards to priority setting, resource usage, monitoring the impact of the Department’s intervention programmes, and monitoring the progress of the Department’s strategic goals. The main purpose of this study was to analyse the extent to which MIS is utilised in the Eastern Cape Department of Social Development and Special Programmes and to make recommendations for the alignment of MIS with organisational objectives in order to achieve these objectives. Furthermore, the study intends to investigate the extent to which the information needs of managers are considered in designing and providing information. The objectives of the study are, firstly, to analyse the current state of MIS utilisation in the Department. Secondly, to evaluate the utilisation of information provided by the MIS unit for decision making, and, thirdly, to make recommendations on how to improve MIS utilisation. Qualitative approach techniques were utilised to collect data for the study. Research questionnaires were distributed to thirty respondents. Semi-structured interviews were conducted with seven interviewees out of a target number of ten. The response rate was 68 percent and this was considered as adequate for scientific analysis and reporting. The study produced the following research findings:  Mainly, the MIS users believe that they understand MIS and its capabilities, and have received training on how to use the system.  The quality of information provided by MIS is mostly complete and largely meets user requirements and expectations.  MIS information is for the most part accurate and comprehensive enough to expedite decision-making.  Although MIS largely meets user requirements and expectations in terms of completeness, accuracy and reliability, the study indicates that it still falls short in integrating information from other sources, which include government transversal systems such as the Basic Accounting System (BAS) and the Personnel Salary System (PERSAL).  MIS information is mostly available and easy to access, but occasionally not timely. This is mostly caused by the unavailability of real-time information synchronisation between MIS and other government systems. In light of the above findings, the researcher recommends that: There is still more to be done in order to continuously inform and train users on the latest MIS capability developments in the form of awareness workshops, contact and remote support, and through internal news bulletins.  The Department needs to work with other government entities that are custodians of transversal systems in finding a solution to the creation of real-time integration of MIS with other external sources of information. Even though the level of MIS utilisation is not too much of a concern, the Department needs to ensure that users of information are kept up to date with new MIS reporting capabilities so as not to underutilise the system. It is therefore recommended that the Department ensure that information is more often reviewed and reports are customised to meet the ever-changing needs of the Department.

Navigating between information security management documents : a modeling methodology

Domingues, Steve

January 2010

Organizations no longer draft their own standards. Instead, organizations take advantage of the available international standards. One standard may not cover all the organization's needs, requiring organizations to implement more than one standard. The same aspect in an organization may be covered by two or more standards, creating an overlap. An awareness of such overlaps led to various institutions creating mapping documents illustrating how a control from one standard relates to a control from a different standard. The mapping documents are consulted by the end user, to identify how a control in one standard may relate to other standards. This allows the end user to navigate between the standards documents. These mapping documents are valuable to a person who wishes to grasp how different standards deal with a specific control. However, the navigation between standards is a cumbersome task. In order to navigate between the standards the end user is required to consult three or more documents, depending on the number of standards that are mapped to the control being investigated. The need for a tool that will provide fast and efficient navigation between standards was identified. The data tier of the tool is the focus of this dissertation. As a result, this research proposes a modeling methodology that will allow for the modeling of the standards and the information about the mapping between standards, thereby contributing to the creation of tools to aid in the navigation between standards. A comparison between the major data modeling paradigms identifies multi-dimensional modeling as the most appropriate technique to model standards. Adapting an existing modeling methodology to cater for the modeling standards, yield a five step standard modeling methodology. Once modeled, the standards can be physically implemented as a database. The database schema that results from the standard modeling methodology adheres to a specific pattern and can thus be expressed according to well-defined meta-model. This allows for the generation of SQL statements by a tool with limited knowledge of the standards in a way that allows the quick navigation between standards. To determine the usefulness of the standards modeling methodology the research presents iv a prototype that utilizes the well-defined meta-model to navigate between standards. It is shown that, as far as navigation is concerned, no code changes are necessary when adding a new standard or new mappings between standards. This research contributes to the creation of a tool that can easily navigate between standards by providing the ability to model the data tier in such a way that it is extensible, yet remains independent of the application and presentation tiers.

Computer security -- Management

Business -- Standards