This paper will attempt to reconcile the apparent developmental duality (Baskerville, 1992) between Information Systems (IS) development and IS security development IS Development and IS Security Development each have a substantial foundation of literature on their respective approaches and methodologies. Livari, Hirschheim and Klein (2001) provide a dynamic framework for classifying IS development approaches and methodologies. Besides providing a method for classification, this framework demonstrates the rich history behind IS Development. Baskerville (1993) likewise provides a valuable literature history for IS security development. We believe part of the cause of the security problems that continue to plague organizations (Dhillon, 2001) is ad hoc security implementation (Baskerville, 1993). This "security after the fact" can lead to an incompatibility between the system and the security of the system. Our argument is that a theoretically grounded and methodological approach is lacking for integrating security with Information Systems Development
