There’s More to Information Systems Development than Structured Approaches: Information Requirements Analysis as a Socially Mediated Process

Information systems (IS) development approaches are considered with particular reference to those aspects of the process most concerned with the determination of information requirements. The majority can be classified as adopting a unitary, objective perspective. This perspective fails to recognise the interpretative, inter-subjective nature of information and the importance of informal as well as formal data-processing systems. This paper aims to contribute to the discussion on socio-technical and soft approaches to IS development by providing a contrasting perspective on information requirements analysis as a process which is socially mediated. A framework is developed which places information requirements analysis in the context of strategic IS development. This locates social communication networks centrally in this process and raises implications for the practice of IS development, and of information requirements analysis.     

An Experimental Investigation into the Effectiveness of OOA for Specifying Requirements

The application of object oriented concepts (OO) to the requirements phase of information systems (IS) and software development has been adopted by many proponents of IS and software development methodologies. Although many claims have been made about the effectiveness of OO techniques for improving requirements analysis, very few experimental studies have been done to substantiate these claims. This paper addresses this gap in the literature by conducting an experimental study that attempts to validate the effectiveness of object-oriented analysis (OOA) by comparing it to structured analysis (SA) for producing requirements. We argue that the quality of the requirements specification can be measured and that measurement can be used to compare the effectiveness of OOA and SA. We present an overview of the basic models and principles associated with OOA and SA, a discussion of quality in requirements definition, and a detailed discussion of the research methodology used. A review of relevant research is also presented and directions for further research are suggested. Our findings suggest that the OOA methodology does not necessarily produce better requirements statements.     

Modelling Off-the-Shelf Information Systems Requirements: An Ontological Approach

Requirements for choosing off-the-shelf information systems (OISR) differ from requirements for development of new information systems in that they do not necessarily provide complete specifications, thus allowing flexibility in matching an existing IS to the stated needs. We present a framework for OISR conceptual models that consists of four essential elements: business processes, business rules, information objects and required system services. We formalise the definitions of these concepts based on an ontological model. The ontology-based OISR model provides a framework to evaluate modelling languages on how appropriate they are for OISR requirements specifications. The evaluation framework is applied to the Object-Process Methodology, and its results are compared with a similar evaluation of ARIS. This comparison demonstrates the effectiveness of the ontological framework for evaluating modelling tools on how well they can guide selection, implementation and integration of purchased software packages.     

Impacts of Computer-Mediated Communication on Cultural Aspects at Work

This paper examines how computer-mediated communication (CMC) affects cultural aspects in workplaces. For the concept of culture used in this paper, we draw on the surface level of culture among three levels of organisational culture and 10 categories of culture. Some studies on CMC are presented based on its impacts on some cultural categories, among which temporality and territoriality are emphasised. The knowledge imparted by this kind of analysis can help CMC and information systems (IS) developers understand and predict what will happen in the users’ way of working after implementation. It will also help them develop effective systems. By emphasising time and space from the cultural point of view, we expect the paper will contribute to understanding newly emergent organisational forms such as virtual organisations in which temporal and spatial dimensions are significantly transformed.     

The Spiral of Change Model for Coping with Changing and Ongoing Requirements

This paper is a discussion on the problem of establishing information requirements in changing and ongoing business organisations. Attempts within existing software development paradigms to cope with business change are identified and discussed, and their problems concerning business change are highlighted. The alternative spiral of change model of tailorable information systems is proposed for thinking about establishing changing and ongoing information systems requirements. It is also proposed that information should be reconceptualised as tailorable. Such a reconceptualisation would allow us to explore ways of establishing information systems requirements that cope with business change. Deferred system’s design is proposed as a form of business software design and development that can cope with business change, as well as with the contextual and situational nature of tailorable information.     

Negotiating and Understanding Information Systems Requirements: The Use of Set Diagrams

A major contributor to the failure of information technology-based systems is the problem of understanding user or customer requirements in the initial analysis and requirements identification stage of development. This paper identifies and describes an approach to help overcome some of these problems, particularly the mismatch or understanding gap between the customer and the developer. The approach is intended to be used at the early stages of requirement determination and introduces techniques from operational research into the process. In particular set theory and Venn diagrams are used as a way of graphically representing the relationships and gaps in understanding that may exist. The benefit obtained from the use of the technique is partly in the graphical representations themselves but mainly in the dialogue and negotiation that result from the construction of the diagrams. The technique has been developed in a research study of retail organisations’ use of information technology in the UK and an example case study from the sector is used to illustrate and discuss the technique.     

People, Information Systems and Change

Information systems are the glue between people and computers. Both the social and business environments are in a continual, some might say chaotic, state of change while computer hardware continues to double its performance about every 18 months. This presents a major challenge for information system developers.  The term user-friendly is an old one, but one which has come to take on a multitude of meanings. However, in today’s context we might well take a user-friendly system to be one where the technology fits the user’s cognitive models of the activity in hand. This article looks at the relationship between information systems and the changing demands of their users as the underlying theme for the current issue of Cognition, Technology and Work.  People, both as individuals and organisations, change. The functionalist viewpoint, which attempts to freeze and inhibit such change, has failed systems developers on numerous occasions. Responding to, and building on, change in the social environment is still a significant research issue for information systems specialists who need to be able to create living information systems.     

Linguistic Problems with Requirements and Knowledge Elicitation

Human and conversational aspects of requirements and knowledge identification are employed to show that requirements ‘engineering’ is not the same as civil engineering or scientific problem solving. Not only can requirements not be made fully explicit at the start of a project, they cannot be made fully explicit at all. A need is identified to enhance computer-based information systems (CBIS) development methods to accommodate: plurality of incommensurable perspectives, languages and agendas; dynamic representations of system features that can be experienced rather than abstracted and forced into an abstract paper-based representation; recognition that CBIS development is in general a continuous process where users changing their minds is a natural and necessary indication or organisational vitality.  It is suggested that prototyping and rapid application development go some way to addressing these requirements but that they require further development in the light of the theoretical light thrown on the nature of the problem.     

Engineering Requirements Through Use Cases in Complex Business Environment

The increasingly global nature of financial markets and institutions means that the collection and management of information on which decisions might be based are increasingly complex. There is a growing requirement for the integration of information flows at individual and departmental levels, and across processes and organisational boundaries. Effective information management is an important contributory factor in the efficiency of such institutions, though there are many associated problems that do not have obvious or simple answers. This paper discusses the problem of information gathering in complex business environments and considers how use cases can help to alleviate the problem using an example of a multinational organisation. Such organisations often require information systems that can support regional differences. However, management requires consistent and uniform representation of information. The example shows that use cases can be a helpful mechanism for capturing user requirements that accommodate both regional properties as well as their organisational commonalties.     

Healthcare Modelling through Role Activity Diagrams for Process-Based Information Systems Development

The aim of this paper is to introduce the socio-technical Role Activity Diagram modelling language to National Health Service (NHS) information systems requirements engineering using a process approach. Most requirements engineering in the NHS is done using data-driven methods such as data flow diagrams. Role Activity Diagrams provide not only a socio-technical method for analysing a particular systems development problem, but they also offer a process-based approach for capturing workflows and their associated information flows, and facilitate communication between analysts and users in an intuitive fashion. In particular, they elicit the important roles in a process and the interaction and collaboration required to achieve the goals of the process. The process approach has been applied in business information systems development. It is introduced here as a potential for systems development in the NHS.     

Dealing with forward and backward jumps in workflow management systems

Workflow management systems (WfMS) offer a promising technology for the realization of process-centered application systems. A deficiency of existing WfMS is their inadequate support for dealing with exceptional deviations from the standard procedure. In the ADEPT project, therefore, we have developed advanced concepts for workflow modeling and execution, which aim at the increase of flexibility in WfMS. On the one hand we allow workflow designers to model exceptional execution paths already at buildtime provided that these deviations are known in advance. On the other hand authorized users may dynamically deviate from the pre-modeled workflow at runtime as well in order to deal with unforeseen events. In this paper, we focus on forward and backward jumps needed in this context. We describe sophisticated modeling concepts for capturing deviations in workflow models already at buildtime, and we show how forward and backward jumps (of different semantics) can be correctly applied in an ad-hoc manner during runtime as well. We work out basic requirements, facilities, and limitations arising in this context. Our experiences with applications from different domains have shown that the developed concepts will form a key part of process flexibility in process-centered information systems. Received: 6 October 2002 / Accepted: 8 January 2003 Published online: 27 February 2003 This paper is a revised and extended version of [40]. The described work was partially performed in the research project “Scalability in Adaptive Workflow Management Systems” funded by the Deutsche Forschungsgemeinschaft (DFG).     

Requirements Engineering, Soft Systems Methodology and Workforce Empowerment

The fidelity and practicality of using soft systems methodology (SSM) to empower the workforce such that its members can make a fuller contribution to the requirements engineering process is critically analysed. The detailed analysis is carried out by using a (critical) philosophical approach to develop an interpretation of (some key aspects of) requirements engineering practice in actual information systems development situations, utilising a number of practical requirements engineering studies. This analysis is built upon to explain the relationship between requirements engineering, SSM and workforce empowerment. It is concluded that, by maintaining critically focused attention on the economic context, it is theoretically possible to engineer requirements for information systems that would actually empower the workforce. However, the likelihood of using SSM successfully for this purpose is low, as the economic context in which requirements engineering takes place is largely ignored by the SSM advocates.     

The Use of a Formalised Risk Model in NHS Information System Development

Information systems (IS) and technology are used extensively throughout the National Health Service (NHS), and the 1998 national information strategy, ‘Information for Health’, sets out how the NHS will be developing and implementing IS to support patient care within the next decade. This new IS initiative is set against a mixed record of success of IS projects in the NHS, with a number of high-profile failures. This paper highlights the need to consider the ‘organisational issues’ involved in systems implementation to avoid failures. It goes on to advocate the use of a process-oriented and organisation studies-based model for risk analysis and management for use in NHS IS projects. Two famous NHS case studies are used to validate the model. It is concluded that there is a real need in the NHS for tools to better control the inherent risks involved in IS development and implementation. Ultimately, the success of IS projects in the NHS is crucial if they want to best utilise clinical and patient information, with the overall aim of improving the efficiency and standard of the nation’s health care.     

A Feasibility Study of Automated Natural Language Requirements Analysis in Market-Driven Development

In market-driven software development there is a strong need for support to handle congestion in the requirements engineering process, which may occur as the demand for short time-to-market is combined with a rapid arrival of new requirements from many different sources. Automated analysis of the continuous flow of incoming requirements provides an opportunity to increase the efficiency of the requirements engineering process. This paper presents empirical evaluations of the benefit of automated similarity analysis of textual requirements, where existing information retrieval techniques are used to statistically measure requirements similarity. The results show that automated analysis of similarity among textual requirements is a promising technique that may provide effective support in identifying relationships between requirements.     

An Approach to Security Requirements Engineering for a High Assurance System*

Requirements specifications for high-assurance secure systems are rare in the open literature. This paper examines the development of a requirements document for a multilevel secure system that must meet stringent assurance and evaluation requirements. The system is designed to be secure, yet combines popular commercial components with specialised high-assurance ones. Functional and non-functional requirements pertinent to security are discussed. A multidimensional threat model is presented. The threat model accounts for the developmental and operational phases of system evolution and for each phase accounts for both physical and non-physical threats. We describe our team-based method for developing a requirements document and relate that process to techniques in requirements engineering. The system requirements document presented provides a calibration point for future security requirements engineering techniques intended to meet both functional and assurance goals. RID="*" ID="*"The views expressed in this paper are those of the authors and should not be construed to reflect those of their employers or the Department of Defense. This work was supported in part by the MSHN project of the DARPA/ITO Quorum programme and by the MYSEA project of the DARPA/ATO CHATS programme. Correspondence and offprint requests to: T. Levin, Department of Computer Science, Naval Postgraduate School, Monterey, CA 93943-5118, USA. Tel.: +1 831 656 2339; Fax: +1 831 656 2814; Email: levin@nps.navy.mil     

Rationale-Based Use Case Specification

The requirements specification – as outcome of the requirements engineering process – falls short of capturing other useful information generated during this process, such as the justification for selected requirements, trade-offs negotiated by stakeholders and alternative requirements that were discarded. In the context of evolving systems and distributed development, this information is essential. Rationale methods focus on capturing and structuring this missing information. In this paper, we propose an integrated process with dedicated guidance for capturing requirements and their rationale, discuss its tool support and describe the experiences we made during several case studies with students. Although the idea of integrating rationale methods with requirements engineering is not new, few research projects so far have focused on smooth integration, dedicated tool support and detailed guidance for such methods.     

Time Aspects in Requirements Engineering: Or ‘Every Cloud Has A Silver Lining’

Nowadays, time is critical in most system engineering projects. The ability to deliver systems in short time determines the success of the system supplier. For customers, the quicker the system delivery time, the better are their chances to get some business advantages in their ever-changing business environments. As a consequence, an increasing number of projects are subjected to tight deadlines in all project phases, including requirements elicitation. A project with plenty of time for developing a requirements specification is hard to find. In this paper, experiences from one such project are reflected. Based on these experiences, time aspects in requirements engineering are discussed; i.e., what could be done better in requirements engineering if there were more time and what can easily be missed in requirements engineering under a tight deadline.     

Specifications in Context: Stakeholders, Systems and Modelling of Conflict

This paper looks from an ethnographic viewpoint at the case of two information systems in a multinational engineering consultancy. It proposes using the rich findings from ethnographic analysis during requirements discovery. The paper shows how context – organisational and social – can be taken into account during an information system development process. Socio-technical approaches are holistic in nature and provide opportunities to produce information systems utilising social science insights, computer science technical competence and psychological approaches. These approaches provide fact-finding methods that are appropriate to system participants’ and organisational stakeholders’ needs.  The paper recommends a method of modelling that results in a computerised information system data model that reflects the conflicting and competing data and multiple perspectives of participants and stakeholders, and that improves interactivity and conflict management.     

Requirements Reuse for Improving Information Systems Security: A Practitioner’s Approach

Information systems security issues have usually been considered only after the system has been developed completely, and rarely during its design, coding, testing or deployment. However, the advisability of considering security from the very beginning of the system development has recently begun to be appreciated, and in particular in the system requirements specification phase. We present a practical method to elicit and specify the system and software requirements, including a repository containing reusable requirements, a spiral process model, and a set of requirements documents templates. In this paper, this method is focused on the security of information systems and, thus, the reusable requirements repository contains all the requirements taken from MAGERIT, the Spanish public administration risk analysis and management method, which conforms to ISO 15408, Common Criteria Framework. Any information system including these security requirements must therefore pass a risk analysis and management study performed with MAGERIT. The requirements specification templates are hierarchically structured and are based on IEEE standards. Finally, we show a case study in a system of our regional administration aimed at managing state subsidies.     

The Importance of Context in Information System Design: An Assessment of Participatory Design

This paper is predicated on requirements analysis as the Achilles heel of information systems development, and accepts that information systems often disappoint. Most design paradigms can be located within a rationalistic framework polarised by requirements analysis and system delivery. Such traditional design paradigms are seen as palliatives that prevent us moving toward more satisfying information systems. It is argued that this rationalistic framework forces us to identify, and attempt to solve, problems that are symptomatic of the approach adopted. A pluralistic framework for information system development is presented which rejects the notions of requirements analysis and system optimality. Participatory design, derived from the field of human computer interaction, is located within this framework and identified as a possible paradigm for information system development. A case study is conducted to assess the benefits of participatory design techniques and to evaluate the extent to which participatory design can overcome the failings of traditional methodologies.