- ItemThe impact of using a contract-driven, test-interceptor based software development approach(Stellenbosch : Stellenbosch University, 2023-12) Posthuma, Arend Justus; Solms, Fritz; Watson, Bruce; Stellenbosch University. Faculty of Arts and Social Sciences. Dept. of Information Science.ENGLISH SUMMARY: Contract Driven Development, also known as Design by Contract (DBC), Contract Programming and Programming by Contract, is a well-known methodology for designing software. The main aim of the methodology is to reduce quality assurance costs, and to improve reusability and software quality through the use of formalized component contracts. Companies are spending large amounts of money and resources on quality assurance and testing in the pursuit of correct and bug-free software, yet contract driven development is not currently used extensively in industry. This is because the specification of formalized component requirements within component contracts is perceived to be complex, tedious and expensive. In this study, we introduce the concept of test-interceptors, which are automatically generated from component contracts. The function of the testinterceptors is to validate whether, in the context of rendering component services, the component contracts are satisfied. These test interceptors can be used for unit testing, integration testing, operational testing and external service provider oversight. It is expected that such an approach improves verifiability, enforces separation of test logic and test data and assists with recuperating part of the requirements formalization costs through lower test development costs and lower costs associated with bug fixes. This study aims to assess the impact of introducing contract-driven development to both, the quality attributes of the software development process, and the quality of the software produced by the process.
- ItemManaging knowledge in projects : the transition to agile development at Vodacom SA(Stellenbosch : Stellenbosch University, 2023-12) Mana, Nqaba; Maasdorp, Christiaan Hendrik; Stellenbosch University. Faculty of Arts and Social Sciences. Dept. of Information Science.ENGLISH SUMMARY: The thesis presents a case study of a telecommunications company’s transition to agile development and the effect this had on knowledge management. The case organization underwent organizational restructuring to improve its responsiveness and competitiveness by introducing agile ways of working. The thesis proceeds from the observation that knowledge management at the organization is rooted in document management. Whilst the waterfall development method encourages extensive documentation and explicating knowledge, the focus in agile methods is more on tacit knowledge and face-to-face interactions. This means that lots of knowledge is never captured and can be lost when members retire or resign. The research comprised interviews with people involved in development projects and with selected managers that were project owners. Interviewees were asked how the transition to agile methods affected the management of knowledge, about the technological tools they used in their projects, and their perception of the support from management. The findings were that top management drove the transition to agile as part of a larger objective to become a technology company as opposed to a mere telecommunications company. As part of this journey, the organization had to adopt a new culture and restructure various departments. In terms of support, agile coaches, and courses it provided afforded staff extensive training in the new method and new knowledge management software tools. The change of culture, availability, and support of top management in taking the staff through the change management process gave them confidence and trust. The knowledge journey towards the new agile method is still a work in progress with many lessons learnt.
- ItemData-driven decision-making in local governments : a case study of a Zambian local government(Stellenbosch : Stellenbosch University, 2023-12) Kalaba, Chiyesu Joseph; Maasdorp, Christiaan; Stellenbosch University. Faculty of Arts and Social Sciences. Dept. of Information Science.ENGLISH SUMMARY: Informed decisions at local government level are difficult to achieve in developing countries because of problems around the availability of actionable data. The thesis investigates the issues that affect decision making and identifies the necessary conditions for data-driven decision making processes at local government level in such a developing country context. The research was conducted by examining March's frameworks for decision making, and Anderson’s work on the prerequisites for constructing, operating, and leveraging comprehensive data platforms for decision making, forecasting, and operational functionalities. Symons' empirical findings on innovative, data-driven practices in local governmental settings in the United Kingdom are described as a developed country benchmark against which to contrast the developing country case. Using a mixed-methods approach, staff with decision-making responsibilities at a Zambian municipality were asked about the data they need and the tools and skills they need to analyse that data effectively. The quantitative analysis identified the data analysis skills levels, and the qualitative research delve into the decision-making processes and the challenges experienced by staff members. Secondary sources such as government legislation, policies, and websites were consulted. The research stages comprised reviewing documentation, interviewing local government decision-makers, surveying the data analysis skills of decision-makers and support staff, assessing the efficacy of current data tools and IT infrastructure, and an interview with the human resources officer regarding training in data analysis. The findings reveal that decision making in the case organisation is primarily driven by intuition and political considerations rather than data. Drawing comparisons with the UK Local Government, where data-driven approaches yielded effective decision making across varied political landscapes and with limited funding, the research suggests that similar strategies can significantly improve decision quality and accountability in Zambian local administrations. However, the adoption of such methodologies in Zambia is hampered by challenges, including insufficient IT infrastructure, limited data literacy, and a weak culture of data-driven decision making. To overcome these barriers, a multifaceted approach is needed to improve IT infrastructure and data literacy, coupled with funding for digitalisation initiatives.
- ItemA study and analysis of human behaviour influence on cybersecurity. a human behaviourist approach to mitigate social engineering attacks(Stellenbosch : Stellenbosch University, 2023-12) Smit, Vian; Dewald, Blaauw; Watson, Bruce; Stellenbosch University. Faculty of Arts and Social Sciences. Dept. of Information Science.ENGLISH SUMMARY: Protecting intellectual property has become one of the biggest challenges organisations are facing. Information contains private and sensitive data about employees, customers and business dealings that is protected by cybersecurity systems. Oftentimes, these systems which have been developed to protect data, become attractive to thieves, called cybercriminals. Cybercriminals infiltrate information systems to view, steal, corrupt and cause malicious activity by exploiting the most vulnerable areas of the system. Most cybersecurity mitigation techniques focus on improving software, hardware or policies, but rarely focus on the common denominator in all these elements. People are known as the weakest link in any cybersecurity system because they fall prey to human error and external manipulation. Social engineering attacks encompass deceitful techniques which are used by cyberattackers to manipulate human beings into sharing sensitive data. Victims succumb to these attack types because they incorporate clever psychological techniques that trigger basic human needs. Research indicates that human beings have different psychological needs based on their personality types, which cyber offenders exploit by executing social engineering attacks. The purpose of this study is to research which personality type is more susceptible to social engineering attacks in order to better understand the cyber weaknesses present in each personality trait. This will be executed by determining the personality type of participants and how susceptible they are towards social engineering attacks. The first part of the survey makes use of the Five Factor Model (FFM), which has been created by Costa Jr. and McCrae (1990). The second section of the survey will present respondents with the ten known social engineering attack types that contain a combination of Cialdini’s six principles of persuasion. The taxonomy developed from the research results indicates that the agreeableness personality type is most susceptible towards social engineering attacks and pose the highest cybersecurity risk. Neuroticism was found to have the lowest social engineering susceptibility and associated cybersecurity risk. A framework has been created that showcases each personality type’s susceptibility towards the ten social engineering attacks. A second framework indicates the vulnerability level each personality type has towards the various principles of persuasion. This research will help cybersecurity experts better understand key vulnerabilities in system that will help offer better protection.
- ItemThe application of knowledge management frameworks in the public service of South Africa(Stellenbosch : Stellenbosch University, 2023-03) Booi, Bulelwa Cynthia; Maasdorp, Christiaan; Stellenbosch University. Faculty of Arts and Social Sciences. Dept. of Information Science.ENGLISH SUMMARY: Several government departments in South Africa (SA) are implementing Knowledge Management (KM) frameworks. However, there is little academic research about actual KM practices and therefore it is not clear how the proposed KM frameworks will improve KM in the public sector. The thesis describes how government departments in South Africa are implementing knowledge management practices and seeks to determine whether and how KM frameworks are applied by government departments and to assess the current state of KM practices. This thesis described KM practices in the public sector of South Africa using a validated KM Assessment Tool (KMAT), developed by Botha & Fouche (2001). KMAT measures the key dimensions to be considered when establishing knowledge management maturity in an organization. Since KMAT was developed to assess corporations, the formulation of its statements had to be adapted slightly so that they would make sense to KM practitioners in the public sector. The thesis is aimed at providing the basis for the formulation, articulation and implementation of knowledge-based strategies, organization culture, value, structure and processes. The KMAT assessment model makes it possible to identify trends in KM practices, to identify good practices and to provide the public sector with opportunity for self-assessment and benchmarking. The thesis employs a qualitative approach for the purpose of obtaining in-depth understanding and description of the practices of KM in the public sector. Three national government departments that practice knowledge management were the cases studied. Two focus-groups with junior and middle management and three semi-structured interviews with senior managers of the selected departments were conducted. In addition, secondary documentary data from various sources such as government strategic plans, websites and KM strategic frameworks helped to inform the interpretation of the findings. The findings indicate that the departments recognized the importance of KM to the extent that some had formulated KM strategies. However, some were not yet approved by management of the departments. In all departments, KM is practiced as a broad construct; the boundaries are not clearly defined and as a result, KM is implemented in an ad hoc manner. Whilst KM practices are encouraged within departments, such practices are virtually non-existent between departments. There is a limited sharing culture within the departments as well as between departments.