A framework to elicit user requirements for information systems: a localised participatory approach from Southern Africa
- Authors: Tyukala, Mkhululi
- Date: 2014
- Subjects: Information technology -- Africa, Southern , User-centered system design -- Africa, Southern , Management information systems -- Africa, Southern
- Language: English
- Type: Thesis , Doctoral , PhD
- Identifier: http://hdl.handle.net/10948/4546 , vital:20615
- Description: The “What” and “Why” in information system development in resource restricted environments is already well covered in literature. However, the “How” to do it still has not been explored. This thesis reports on the development of a locally flavoured participatory user requirements elicitation framework for the development of information systems in resource restricted environments. It uses existing participatory design practices, user requirements elicitation literature and local participatory norms and traditions to achieve this. In doing so, it takes a step towards the way information systems could be developed in resource restricted environments. The topic of this thesis is mainly motivated by the recent calls in existing literature for developing countries to start developing their own information systems in order to address their own requirements. Accordingly, and to lay a foundation towards the realisation of this goal, this research is positioned within the user requirements elicitation region of information systems development. Current user requirements elicitation methods use traditional methods where experts/designers ask system users questions through interviews or learn about their environment through observations. This research proposes a shift from this approach to one that not only views users as equal partners in the elicitation process but in the whole information systems development process. This is in the spirit of participatory design, which was developed in Scandinavia more than four decades ago. Further, recent research in participatory design emphasises the importance of its contextual nature and concedes that there is no single best practice for participatory design in information systems that applies to all contexts. This research explores the information systems development discourse in resource restricted environments in Africa. Its purpose is to enhance understanding of the local contexts, thus providing new insights on how to develop a framework that speaks to local challenges using norms and traditions in order to develop information systems that address local requirements. Thus, the main contribution of this research lies in laying a foundation for a locally flavoured participatory approach for information systems development in resource restricted environments. It contributes to the existing information systems development, participatory design and user requirements elicitation body of knowledge by developing a framework for participatory user requirements elicitation. In addition, it contributes to the participatory design body of knowledge by introducing an age-old African participatory decisionmaking approach to the academic participatory design community. In doing so, it adopts the meaning of participation from an African value system point of view, which is something that has only been previously explored in the Nordic countries and North America. Finally, recommendations for the application, limitations and avenues for further research are incorporated into the findings of this research.
- Full Text:
- Date Issued: 2014
Governing information security using organisational information security profiles
- Authors: Tyukala, Mkhululi
- Date: 2007
- Subjects: Data protection , Computer security -- Management , Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9788 , http://hdl.handle.net/10948/626 , Data protection , Computer security -- Management , Computer networks -- Security measures
- Description: The corporate scandals of the last few years have changed the face of information security and its governance. Information security has been elevated to the board of director level due to legislation and corporate governance regulations resulting from the scandals. Now boards of directors have corporate responsibility to ensure that the information assets of an organisation are secure. They are forced to embrace information security and make it part of business strategies. The new support from the board of directors gives information security weight and the voice from the top as well as the financial muscle that other business activities experience. However, as an area that is made up of specialist activities, information security may not easily be comprehended at board level like other business related activities. Yet the board of directors needs to provide oversight of information security. That is, put an information security programme in place to ensure that information is adequately protected. This raises a number of challenges. One of the challenges is how can information security be understood and well informed decisions about it be made at the board level? This dissertation provides a mechanism to present information at board level on how information security is implemented according to the vision of the board of directors. This mechanism is built upon well accepted and documented concepts of information security. The mechanism (termed An Organisational Information Security Profile or OISP) will assist organisations with the initialisation, monitoring, measuring, reporting and reviewing of information security programmes. Ultimately, the OISP will make it possible to know if the information security endeavours of the organisation are effective or not. If the information security programme is found to be ineffective, The OISP will facilitate the pointing out of areas that are ineffective and what caused the ineffectiveness. This dissertation also presents how the effectiveness or ineffctiveness of information security can be presented at board level using well known visualisation methods. Finally the contribution, limits and areas that need more investigation are provided.
- Full Text:
- Date Issued: 2007