Your objective as a systems analyst should be to install or modify systems that have a reasonably useful life. You want to create a system whose design is comprehensive and farsighted enough to serve current and projected user needs for several years to come. Part of your expertise should be used to project what those needs might be and then build flexibility and adaptability into the system. The better the system design, the easier it will be to maintain and the less money the business will have to spend on maintenance.
Reducing maintenance costs is a major concern, because software maintenance alone can devour upward of 50 percent of the total data processing budget for a business. Excessive maintenance costs reflect directly back on the system’s designer, because approximately 70 percent of software errors have been attributed to inappropriate software design. From a systems perspective, it makes sense that detecting and correcting software design errors early on is less costly than letting errors remain unnoticed until maintenance is necessary.
Maintenance is performed most often to improve the existing software rather than to respond to a crisis or system failure. Maintenance is also done to update software in response to the changing organization. This work is not as substantial as enhancing the software, but it must be done. Emergency and adaptive maintenance comprises less than half of all system maintenance.
Part of the systems analyst’s job is to ensure that there are adequate channels and procedures in place to permit feedback about—and subsequent response to—maintenance needs. Users must be able to communicate problems and suggestions easily to those who will be maintaining the system. Solutions are to provide users email access to technical support, as well as to allow them to download product updates or patches from the Web.
Auditing is yet another way of ensuring the quality of the information contained in the system. Broadly defined, auditing refers to having an expert who is not involved in setting up or using a system examine information in order to ascertain its reliability. Whether or not information is found to be reliable, the finding on its reliability is communicated to others for the purpose of making the system’s information more useful to them.
For information systems, there are generally two kinds of auditors: internal and external. Whether both are necessary for the system you design depends on what kind of system it is. Internal auditors work for the same organization that owns the information system, whereas external (also called independent) auditors are hired from the outside.
External auditors are used when the information system processes data that influences a company’s financial statements. External auditors audit the system to ensure the fairness of the financial statements being produced. They may also be brought in if there is something out of the ordinary occurring that involves company employees, such as suspected computer fraud or embezzlement.
Internal auditors study the controls used in the information system to make sure that they are adequate and that they are doing what they are purported to be doing. They also test the adequacy of security controls. Although they work for the same organization, internal auditors do not report to the people responsible for the system they are auditing. The work of internal auditors is often more in-depth than that of external auditors.