2026 Study Guide Revision

Information Systems 622 Study Hub

A dark, readable one-page guide covering the major development, design, implementation, support, and security ideas from the Information Systems 622 study guide.

Core concepts Good practice Trade-offs Risks Structures

Exam Focus Areas

These focus areas are derived from the chapter learning outcomes and summaries in the 2026 Information Systems 622 Study Guide. Use them to revise the decisions, comparisons, and definitions that connect multiple chapters.

Exam Overview

Focus area What to know Likely exam action
Development strategy Traditional vs web-based systems, in-house development, packages, outsourcing, SaaS, RFP/RFQ, TCO. Compare options and justify a recommendation.
Interface and input design UI, HCI, usability, forms, reports, validation rules, input/output controls, prototyping. Evaluate whether a screen, form, or report supports users and controls errors.
Data design DBMS components, keys, referential integrity, ERDs, cardinality, normalization, codes, controls. Explain relationships, normalize data, and identify data-quality controls.
Architecture Architecture checklist, ERP, client/server tiers, middleware, online vs batch, network models. Select architecture features based on cost, scalability, security, and processing needs.
Implementation QA, structured/OO/agile development, testing, documentation, installation, changeover, training. Sequence implementation activities and compare changeover methods.
Support and security User support, maintenance types, performance measures, security levels, backup, recovery, retirement. Classify maintenance/security actions and explain operational controls.

Development Strategy

Know how a systems analyst chooses between traditional development, web-based development, in-house software, commercial packages, outsourcing, offshoring, and SaaS. The guide stresses that the choice depends on requirements, cost, risk, long-term support, and total cost of ownership.

Exam trap: a low initial price is not automatically the best option. TCO includes maintenance, support, upgrades, retraining, disruptions, and long-term operating costs.

UI, Input and Output Design

Focus on how UI design supports two-way communication between users and systems. Strong answers connect HCI, usability, feedback, validation rules, source documents, reports, input controls, output controls, and prototyping.

Good pattern: design from user tasks and business goals, then reduce errors with input masks, validation checks, clear feedback, and access controls.

Data Design

Revise how data moves from file-oriented systems into relational database design. Be ready to explain entities, fields, records, primary keys, foreign keys, referential integrity, ERDs, cardinality, normalization, and data controls.

Exam trap: many-to-many relationships usually need an associative entity. Without it, the design is difficult to implement cleanly in relational tables.

System Architecture

Architecture converts logical design into a physical structure: hardware, software, networks, processing methods, and security. The guide highlights ERP, SCM, scalability, web integration, legacy interfaces, client/server tiers, middleware, and network choices.

Exam trap: architecture is not just hardware. It includes processing choices, security, data, procedures, people, and how the system fits the organization.

Implementation

Implementation covers application development, testing, documentation, installation, training, changeover, data conversion, and post-implementation evaluation. QA is a thread through the whole phase, not a single final check.

Good pattern: prevent defects early, test in layers, keep operational and test environments separate, train users properly, and evaluate the new system after rollout.

Support and Security

After implementation, systems need user support, maintenance management, performance management, security, backup, recovery, and eventual retirement. The guide separates maintenance into corrective, adaptive, perfective, and preventive tasks.

Watch for classification questions: fixing an error is corrective; adding new capabilities is adaptive; improving efficiency is perfective; avoiding future failure is preventive.

General Module Content

The chapter notes below compress the study guide into always-visible revision blocks. Use the focus cards above for high-yield review, then read the chapter cards to fill the gaps.

Chapter 1: Development Strategies

Development strategy is about choosing the most suitable way to acquire or build software while balancing requirements, cost, risk, web integration, staffing, and long-term support.

Chapter 1

1.1 Traditional vs Web-Based Systems

Traditional systems usually run within company-controlled hardware, software, LAN/WAN, and legacy environments. Internet features may exist, but they are often add-ons.

Web-based systems treat the web as the platform. They are more scalable, less tied to one hardware environment, and often easier to deliver as services.

TraditionalWeb-based
Legacy integration strongly affects design.Internet framework is central to the application.
Often depends on company networks and desktop resources.Can operate across varied devices and environments.
Security is often inside a private network.Security must handle internet exposure and service access.

1.3 Development Options

Organizations can build internally, buy a package, customize existing software, outsource, offshore, or use SaaS. In-house development gives control and business fit but needs more internal resources. Packages can be faster and cheaper, but may require process change or customization.

The systems analyst's role changes by option: deeper design and testing involvement for in-house work, more vendor evaluation and contract/support focus for packages and outsourcing.

1.4 Software Acquisition Process

The acquisition process evaluates requirements, network and web issues, vendors, outsourcing choices, alternatives, cost-benefit results, recommendations, and implementation planning.

DocumentUse
RFPRequests vendor proposals against business needs, required features, service levels, and support expectations.
RFQRequests pricing for a specific product or service once the requirement is clearer.
System requirements documentOutputs analysis work and supports the management decision to proceed, change direction, or stop.

Back to Exam Focus Areas

Chapter 2: User Interface Design

UI design covers how users interact with systems through screens, menus, functions, outputs, forms, controls, feedback, and error prevention.

Chapter 2

2.1 UI and HCI

A user interface is the hardware, software, screens, menus, functions, outputs, and features that support communication between user and computer. HCI focuses on making that interaction productive, learnable, and user-friendly.

Modern UI design starts from user needs and business goals, not from printed outputs alone. The best interfaces often feel invisible because users can complete tasks naturally.

2.3-2.4 Design Guidelines

  • Understand the business and user tasks.
  • Think like a user and invite feedback.
  • Use models and prototypes to reduce misunderstandings.
  • Keep screens easy to learn, productive, flexible, and clear.
  • Use familiar terms, helpful feedback, and attractive but practical layout.

2.4 Validation Rules

Validation rules reduce incorrect or inconsistent data before it enters the system. The study guide highlights checks such as sequence, existence, range, reasonableness, and validity checks.

CheckPurpose
SequenceEnsures values are entered in the required order.
ExistencePrevents mandatory fields from being left blank.
RangeRejects values outside allowed limits.
ReasonablenessFlags values that are possible but suspicious.
ValidityChecks values against accepted codes or records.

2.5-2.8 Forms, Reports and Controls

Source documents can include heading, control, instruction, body, totals, and authorization zones. Reports may be detail, summary, or exception reports. Input and output controls protect accuracy, privacy, and access.

Security is part of design: output control protects reports and data; input control uses audit trails, encryption, passwords, data security, and access levels.

2.9 Prototyping and Trends

Responsive web design, modular design, and prototyping help designers test ideas and gain user approval. Throwaway design prototypes document and benchmark desired features but should not be mistaken for production-ready systems.

Prototype risk: users may want to adopt a rough prototype too quickly, even when reliability, maintainability, and quality have not been fully tested.

Back to Exam Focus Areas

Chapter 3: Data Design

Data design organizes data into structures that support storage, retrieval, integrity, security, and analysis.

Chapter 3

3.1-3.2 Data Structures and DBMS

A data structure organizes, stores, and manages data. File-oriented systems store separate files, which can create redundancy and inconsistency. A database uses connected tables as an overall data structure.

A DBMS provides tools, features, and interfaces to add, update, manage, access, and analyze data. Components include user interfaces, DBA interfaces, DML, schemas, subschemas, and the physical data repository.

3.4 Data Terms and Integrity

TermMeaning
EntityA person, place, thing, or event about which data is stored.
Attribute/fieldA characteristic of an entity.
Record/tupleA set of fields describing one entity instance.
Primary keyUniquely and minimally identifies a record.
Foreign keyMatches the primary key in another table.
Referential integrityPrevents a foreign key value unless the matching primary key exists.

3.5 Entity-Relationship Diagrams

ERDs show entities and relationships. Basic relationships are one-to-one, one-to-many, and many-to-many. Cardinality describes how many instances of one entity can relate to instances of another.

In relational design, an M:N relationship normally becomes two 1:M relationships through an associative entity.

3.6 Normalization

Normal formRule
1NFNo repeating groups.
2NFIn 1NF and every non-key field depends on the whole primary key.
3NFIn 2NF and no non-key field depends on another non-key field.

Normalization refines table design to reduce redundancy, update problems, and data inconsistency.

3.7-3.9 Codes, Storage and Control

Codes use letters or numbers to represent data. They can speed entry, reduce storage, cut transmission time, reveal information, or conceal information. Data controls include access privileges, encryption, backups, recovery procedures, audit logs, and audit fields.

Back to Exam Focus Areas

Chapter 4: System Architecture

System architecture transforms logical design into the physical structure of hardware, software, networks, processing methods, data, procedures, people, and security.

Chapter 4

4.1 Architecture Checklist

  • Corporate organization and culture
  • ERP and SCM integration
  • Initial cost and total cost of ownership
  • Scalability and web integration
  • Legacy system interfaces
  • Processing options, security, and corporate portals

4.2-4.3 Client/Server Architecture

Servers provide data and processing services to clients. In client/server architecture, processing is distributed between the client and a central server.

DesignMeaning
Fat clientMost application processing happens on the client.
Thin clientMost processing shifts to the server.
Two-tierClient handles UI; server stores data and may share logic.
Three-tierAdds an application server/middle layer between client and data server.

4.4-4.6 Internet, E-Commerce and Processing

The internet changed architecture through e-commerce, packaged web solutions, service providers, cloud computing, and Web 2.0 collaboration. Processing methods also shape design.

MethodUse
Online processingUsers interact with systems that process transactions in real time.
Batch processingTransactions are collected and processed in scheduled groups.

4.7-4.8 Networks and Wireless

Networks share hardware, software, and data. The OSI model has seven layers: physical, data link, network, transport, session, presentation, and application. Topologies include hierarchical, bus, ring, star, and mesh designs.

Wireless LANs based on IEEE 802.11 standards improve flexibility, but they introduce interference and security concerns.

4.9 Systems Design Completion

The system design specification documents the complete architecture and supports final presentations. After review, the project may move into development, require more design work, or be canceled.

Back to Exam Focus Areas

Chapter 5: Managing Systems Implementation

Implementation turns design into a working system through development, testing, documentation, installation, training, and evaluation.

Chapter 5

5.1 Quality Assurance

QA aims to prevent defects or detect them early. Poor quality can come from unclear requirements, design flaws, coding mistakes, weak documentation, or ineffective testing.

Software engineering applies engineering principles to requirements, design, construction, testing, and maintenance. Systems engineering widens the view to hardware, networks, and interfaces.

5.3-5.5 Development Methods

MethodTools and ideas
StructuredDFDs, structure charts, modules, data flows, control flows, loops, conditions.
Object-orientedUse case diagrams, class diagrams, sequence diagrams, state transition diagrams.
AgileUser stories, priorities, iterations, releases, and customer testing.

5.3 Cohesion and Coupling

Cohesion measures how focused a module is. High cohesion is desirable because a module performs one specific function.

Coupling measures interdependence between modules. Loose coupling is desirable because modules can work with less reliance on each other.

5.7-5.8 Testing and Documentation

Programmers use desk checking, code reviews, and unit testing. Analysts prepare test plans for integration testing and system testing. Documentation includes program, system, operations, user, and online documentation.

A strong answer separates unit testing, integration testing, and system testing instead of calling everything "testing".

5.9 Installation and Changeover

MethodRisk and cost profile
Direct cutoverLeast expensive, but highest risk because the old system stops immediately.
Parallel operationSafest, but most expensive because both systems run together.
Pilot operationTests the new system in one group before wider rollout.
Phased operationIntroduces the system one module or function at a time.

Installation also includes data conversion, user training, post-implementation evaluation, and a final report to management.

Back to Exam Focus Areas

Chapter 6: Managing Systems Support and Security

Support and security cover the operational life of a system: helping users, maintaining the system, managing performance, protecting assets, backing up data, and planning retirement.

Chapter 6

6.1 User Support

Systems analysts often act as internal consultants. User support includes training, help desks, troubleshooting, technical guidance, knowledge bases, and support for new versions or changes.

A help desk is a centralized resource that helps users use system resources effectively, answers technical and operational questions, and improves productivity.

6.2 Maintenance Tasks

TypePurpose
CorrectiveFix system errors.
AdaptiveAdd capabilities or respond to new business/system requirements.
PerfectiveImprove efficiency, performance, or maintainability.
PreventiveReduce the likelihood of future failures.

6.3-6.4 Maintenance and Performance Management

Maintenance requests are evaluated, prioritized, scheduled, investigated, analyzed, designed, developed, tested, and implemented. Change management controls versions, documentation changes, and release timing.

Performance measures include response time, bandwidth, throughput, and turnaround time. Capacity management uses these measures to forecast future support needs.

6.5-6.6 Security Levels

A security policy defines how assets are protected and how attacks are managed. Risk management identifies, analyzes, anticipates, and reduces risks to an acceptable level.

LevelFocus
PhysicalProtect rooms, servers, desktops, and equipment.
NetworkProtect communications, including wireless links.
ApplicationUse hardening, permissions, input validation, patches, and logs.
FileControl file permissions and encryption.
UserManage identities, passwords, awareness, and social engineering risk.
ProceduralUse managerial controls and secure operating procedures.

6.7-6.9 Backup, Recovery and Retirement

Backup and recovery decisions include media, schedules, retention periods, RAID, cloud backup, and business continuity. Systems eventually reach the end of useful life when maintenance or operating costs rise, new technology becomes available, or the system cannot meet new requirements.

Future IT professionals need technical skill, critical thinking, credentials, and awareness of security, environmental, economic, political, and social pressures.

Back to Exam Focus Areas

Final Revision Tables

Decision Comparisons

QuestionBest comparison
Build or buy?Fit, time, cost, internal skill, customization, vendor support, TCO.
Traditional or web?Legacy fit, scalability, internet exposure, device access, maintenance responsibility.
Online or batch?Real-time interaction versus scheduled group processing.
Direct or parallel?Direct is cheaper and riskier; parallel is safer and more expensive.

Fast Definitions

TermRemember
TCOFull ownership cost over time, not just purchase price.
Referential integrityForeign key must match an existing primary key.
MiddlewareConnects applications and enables data sharing.
High cohesionA module has one focused purpose.
Loose couplingModules are relatively independent.

Security Layers

  1. Physical security
  2. Network security
  3. Application security
  4. File security
  5. User security
  6. Procedural security

Normalize in Order

  1. Remove repeating groups for 1NF.
  2. Make non-key fields depend on the full primary key for 2NF.
  3. Remove dependencies between non-key fields for 3NF.
Normalization questions are usually about spotting dependency problems, not memorizing table names.