Action Research For Information Systems

This tutorial provides an introduction and “how-to” overview of the action research methodology within the context of information technology and qualitative information systems research. The introductory material will deal with conflicting definitions of action research and the appropriate application of this technique in particular information technology settings. The how-to overview will focus on the participatory and clinical forms of action research. The practical overview will conclude with a discussion of criteria for evaluating the effectiveness of action research and the relationship between action research and consulting

Agile Security for Information Warfare: A Call for Research

The context of information security is changing dramatically. Networking technologies have driven the global expansion of electronic commerce. Electronic commerce is increasingly engaging sophisticated advances like digital agents and web services. As a result of such advances, the information systems architectures that must be secured are becoming dynamic: shifting landscapes of changing vulnerabilities. At the same time, the threats in these landscapes are also becoming more sophisticated and dynamic. Information warfare is raising the stakes in information security by leveling intensive and highly novel threats against civilian systems. Information security researchers need to develop organizational approaches and methodologies that respond to this new context. The conflation of information warfare and short cycle development theories promises new information security practices. These approaches and methodologies would effectively lead to agile information security development. Agile information security development anticipates threats and rapidly deploys necessary safeguards in the context of shifting systems landscapes amid pervasive systems threats

The Information Security Standards Marketplace

From the perspective of much of the literature dealing with Information Security Standards, the decision to adopt or follow such standards is mainly a technical decision subject to regulatory requirements. This paper explains why the decision to adopt an information security standard is one taken in a complex marketplace of competing standards, competing service providers, competing security design methods, and competing national and international legislative requirements, all under the oversight of closely watched audit firms and government regulators. While the dependence on standards for guidance in information security is growing, so is the complexity of the decision. The decision affects the economic justification of internal controls in information systems. Without regulatory standards, risk economics are necessary to justify acquisition and implementation of controls. With regulatory standards, risk economics are necessary to justify exceptions to the acquisition and implementation of controls. The impact of this economic shift may drive down organizational competitiveness or increase misleading compliance behaviour among IT professionals

Information Security: Going Digital

Because “going digital” regards using digital technologies to fundamentally change the way things get done, information security is necessarily engaged in going digital. Society and science are going digital. For the sciences, this digitalization process invokes an emerging model of the science of design that incorporates the assembly of information systems from a wide variety of platform ecosystems. According to principles of bounded rationality and bounded creativity, this mode of design requires more creativity to develop needed functionality from a finite set of available platforms. Going digital requires more creativity in designers of all types of information systems. Furthermore, the designers’ goals are changing. The traditional model of information systems is representational: the data in the system represents (reflects) reality. Newer information systems, equipped with 3D printing and robotics actually create reality. Reality represents (reflects) the data in the system. The paper explores the example of information security. Designers of security for information systems not only must be more creative, they must design for more goals. The security task is no longer just protecting the digital system, the security task is protecting the products of the digital system

Investigating Information Systems with Action Research

Action research is an established research method in use in the social and medical sciences since the mid-twentieth century, and has increased in importance for information systems toward the end of the 1990s. Its particular philosophic context is couched in strongly post-positivist assumptions such as idiographic and interpretive research ideals. Action research has developed a history within information systems that can be explicitly linked to early work by Lewin and the Tavistock Institute. Action research varies in form, and responds to particular problem domains. The most typical form is a participatory method based on a five-step model, which is exemplified by published IS research

Design ethnography in information systems

Until recently, most ethnographic research in information systems has been based on the traditional anthropological model of ethnography. In this traditional model of ethnography, one of the most important data-gathering techniques is participant observation. The ethnographer observes and participates but does not actively seek to change the situation. In recent years, however, a new type of ethnographic research has emerged - one that can be called design ethnography. Design ethnography is where the researcher goes beyond observation and actively engages with people in the field. Our view is that design ethnography has much potential for research in information systems. It is a new form of engaged scholarship that bridges the gap between ethnographic research and design science research

The Debate in Structural Linguistics: how it may impact the information systems field

This paper argues that the use of concepts in IS research which have been borrowed from references disciplines may present difficulties when the concept is only partially imported into our IS research. The paper provides a glimpse into the ongoing debate in one of those IS references disciplines, namely linguistics. The debate between Chomskyan structural linguists and linguists developing the notion of emergent grammars is briefly described. Finally, the paper provides insight as to how that debate may impact our fiel

Computational Science: A Field of Inquiry for Design Science Research

The digitalization of science has resulted in the development of essential, specialized, devices and software. Computational science, as a branch of science, is specifically identified as an important, potential area for which it would be helpful to apply design science research. This paper examines computational science, identifies its past and ongoing challenges, and suggests that progressing computational science with design science research can serve as an important area of inquiry for continuing design science research

Eating Our Own Cooking: Toward a Design Science of Research Methods

This paper argues that Design Science is an appropriate paradigm for research into Research Methods. Research Methods are designed and created by people to achieve a specific purpose –creating new knowledge. Research methods vary in utility depending on how well they their purpose in the particular contexts and contingencies for which they were developed. Applying a DSR perspective to research methods should yield increased utility in the application of research methods, better guidance in applying them and greater confidence in achieving the desired outcomes of applying them. Based on these premises, this paper analyses the logical consequences of taking a Design Science perspective on research methods. First, it analyses the various purposes of research methods to clarify the alternative and competing design goals of research methods. Second, it analyses and characterises the types of design artefacts that comprise research methods. Third, it considers issues of the evaluation of research methods. Fourth and finally, it considered the development of design theories of research methods