DESIGN AND DEVELOPMENT USING PARTICIPATORY DESIGN

The core design approach involved the use of participatory design elements (Stephenson, 2003) within DSRP in the following key areas of the research:

 Discussing and addressing issues discovered during a SWOT analysis (Hump (Humphrey A. , 2005), through participant interviews, and the lab assessments findings.

 Discussing and evaluating whether or not the modular approach was best suited for DF-C²M², and what if any were the limitations of such approach, and what were the advantages?

 How to best incorporate SMART criteria into the design and the assessment tool (Doran, 1981), and whether or not the sample weights and scores assigned in each area were justifiable and appropriate.

 Whether incorporating the Capability Maturity Model (CMM) and People Capability Maturity (P-CMM) (Curtis, Hefley, & Miller, The People Capability Maturity Model: Guidelines for Improving the Workforce, 2002) goals into the design of components of the solution was essential and practical.

 Relevance, and completeness of the model, the assessment tool and the Body of Knowledge.

The model is based on GNU/‘open source’ principles – where the digital forensics community at large is able to use the model and its elements, and are also invited to help improve, refine, and assist in the long-term sustainability and relevance of the model as a ‘peer-reviewed’ model created and contributed to by the community. Participatory design is therefore key to the long-term viability, and acceptance of the model and its key elements.

82

4.1.1 Demonstration

The model has been designed and implemented in part through a series of assessments using the model and tested against the research problem statement and objectives. Participants reviewed the key elements of the model during assessments, interviews, and reviews and provided feedback on relevance, effectiveness, suitability and how elements could be improved.

4.1.2 The Assessment Process

As part of this research, digital forensic laboratories were sought for participation in the DF-C²M² interviews and assessments as part of the participatory design ethos. Due to sensitivities around permitting external researchers to evaluate internal lab process several labs approached were not able to participate. Two digital forensic laboratories that expressed interest in participating in the research and in evaluating the proposed Model were selected due to geographic practicalities. The two volunteer labs were interested to determine DF-C²M² possible benefits to their existing digital forensic lab processes, and to get insight into how they Capability Maturity could be implemented within the digital forensic lab operations.

The necessary permissions were obtained to interview personnel, and their internal evaluate processes as part of the DF-C²M² assessments. The required Ethics approval from the University of Lancaster had also been previously secured – details of which can be found in Appendix I.

The DF-C²M assessment research method was designed to be executed as a ‘consultative audit’ and would involve:

1. Solicit participants for online survey.

2. Solicit and select suitable volunteer labs to participate. 3. Introductory meeting and overview with key stakeholders. 4. Reviewing processes and documentation.

5. Interviews with key administrative and a subset of select technical personnel. 6. Interactive discovery workshops on DF-C²M.

7. Witnessing tasks and procedures.

8. Review of assessed lab’s customer feedback.

9. Review of any relevant supporting documentation and records. 10.Soliciting feedback on DF-C²M² from participants.

83

11.Wrap-up summary meeting (SWOT analysis based on DF-C²M²). 12.Preparation of final report.

13.Presentation of final report to the assessed organisation.

14.Benchmarking the findings for future analysis and comparisons.

4.1.3 Evaluation and Communication

The proposed model was evaluated the DF-C²M² in two digital forensics labs to study its effectiveness in assessing the maturity of digital forensics capabilities in real- world scenarios. The evaluation took the form of a ‘consultative audits’ and was conducted on-site by the researcher. This thesis will present the findings of the research, and how it has been able to address the research problem and objectives, as well as any limitations related to the scope of the research. Reviews of the proposed model were conducted by experienced practitioners in both law enforcement and academic fields.

Based on feedback from participating practitioners; the approach to assessing a lab was refined slightly to make the process a more consultative, and an engaging learning opportunity, therefore providing a means to enable two-way idea and information exchange between the assessor and the interviewees. This approach was found to be a natural progression on how best to proceed and was also highlighted as a key aspect of participatory design by Murphy and Hands (Murphy & Hands, 2012).

This constant feedback enabled evaluation and adjustment of key metrics throughout the practitioner workshops and assessments rather than only at the end of the workshops and assessments. Murphy and Hands defined this evolution in design as the 3E Approach where “this dynamic relationship becomes a trade-off between the designer’s Expertise in design, the client’s Experience of their business and indeed the user’s Engagement in the whole process” (Murphy & Hands, 2012). This provided a more “mutually-engaging” research exercise, which enhanced practitioner participation and provided a collaborative learning and discovery opportunity for all parties involved. Proof of this is perhaps that while assessments are typically considered as a means to provide the ‘client’ with feedback and findings, the assessments conducted using the participatory design approach provided invaluable insight into how certain elements with the model could be improved, added or eliminated (due to redundancy) and to help identify elements previously not considered. The assessments therefore

84

proved to be as much a refinement and learning exercise for the researcher as the assessment findings did for the assessed labs.