A Case Analysis of Management Information System

ERPA, which ignores safety requirements, is a domestic company that manufactures construction vehicles. Enterprises began to prepare ERP projects in the 1990s, selected software in the late 1990s, and began to implement an integrated ERP system including finance, distribution and manufacturing. Therefore, Company A has set up an ERP implementation team. With the assistance of professional consulting companies, after a period of demand analysis, process design and user training, the implementation has entered a critical stage of intense pre-production data preparation. At this time, the procurement department questioned the security of sensitive procurement information in the system, including the input, modification, approval, inquiry, reporting and printing of relevant procurement data, and put forward a series of requirements. The entire procurement department has dozens of staff engaged in procurement-related business, responsible for the procurement of dozens of categories and tens of thousands of different items. According to the requirements of internal control, the purchase price and quantity of different kinds of goods, as well as the order information and supplier information, are confidential to other unrelated departments and even other purchasers in the same department. Under such internal control requirements, the setting of ERP user permissions can meet the requirements of job isolation, not just setting permissions on the menu of functional modules. Many security requirements are specific to the need to set corresponding permissions for fields in data tables in a database. The demand of job isolation forms an extremely complex security demand matrix. In the later stage of system implementation, it is undoubtedly a difficult problem for ERP implementation team to put forward such security requirements. Due to insufficient preparation in advance, the function, demand analysis, process design and project implementation resources of ERP system have not fully considered the requirements of internal control and information security of the company. The above requirements of information security and post isolation have formed an insurmountable obstacle to the implementation of the procurement module, and directly led to: 1. The procurement module has not been integrated with other modules. 2. The application of accounts payable module, inventory management module and cost calculation function is greatly limited. 3. The implementation of 3.ERP system failed to achieve the goal of financial integration of production, supply and marketing. In fact, other departments of the company have similar information security considerations and internal control requirements, but there is no strong reaction from the purchasing department. These problems deeply perplex enterprise A. ...