edge. Similarly, information technologists often lack the appropriate domain knowledge and often use a system development process that makes it difficult to incorporate human and organizational considerations.
This point suggests that research is relevant in at least four different areas.
The formulation of system development methods that are more amenable to the incorporation of domain knowledge and social science expertise. The “spiral development” methodology for software development is an example of how user inputs and concerns can be used to drive the development process, but the method is hard to generalize to incorporate knowledge about the organizational context of use.
The translation of social science research findings into guidelines and methods that are readily applied by the technical community. The results of this research effort might very well be software toolboxes as well as a “Handbook of Applied Social Science” or a “Cognitive Engineering Handbook” containing useful principles for system development and design derived from the social science research base.
The development of reliable security measures that do not interfere with what legitimate workers must do. These methods must minimize loads on human memory and attention and task interference while providing the appropriate levels of security in the face of adversaries who use sophisticated technologies as well as social engineering techniques to penetrate the security.
Understanding of the IT issues related to the disparate organizational cultures of agencies that will be fused under the Department of Homeland Security. This is a complex task, with difficult technical issues interspersed with complex procedural, permissions, and organizational issues requiring a mix of technical and social skills to manage. Operationally, the question is how to allow for the sharing of communication and data among different organizations that have different needs to know, differing requirements, and different cultural and organizational structures, in a way that enhances the desired goals while maintaining the required security.