Project Plan & Managment

Charting the Course: My Project Plan, Management, and Evaluation for a Cutting-Edge Study

Embarking on my research project, “EVALUATING THE IMPACT OF ADAPTIVE MULTI-FACTOR AUTHENTICATION ON USABILITY AND PERCEIVED SECURITY IN ENTERPRISE ENVIRONMENTS: A Human-centred Study of Context-Aware Authentication Systems and Their Effect on Employee Experience and Trust,” I recognize that a standard project plan simply won’t suffice. This isn’t just another study; it’s an exploration into an area at the forefront of cybersecurity, human-computer interaction, and organizational behaviours. To truly succeed, my approach to planning, management, and evaluation must be as adaptive and insightful as the technology I’m studying.

Project Planning: Navigating the Unknown with Agility

My project sits at the intersection of several disciplines, blending technical aspects of adaptive multi-factor authentication with the intricate human elements of usability, perceived security, employee experience, and trust. This interdisciplinary nature demands a flexible and iterative planning approach, rather than a rigid, step-by-step roadmap (Métayer et al., 2017).

I will begin by devoting significant time to deeply understanding the domain problem and discussing potential solutions, especially with any domain experts or potential collaborators (Barakhshan and Eigenmann, 2024). While defining high-level goals, scope, and deliverables is crucial from the outset, I’ll resist the urge to over-prescribe every detail. Instead, my plan will be iterative, recognizing that mutual understanding and new insights will emerge over time (Ruecker and Radzikowska, 2008). This means tasks won’t be too precisely defined initially, allowing creativity and new ideas to shape the project as it progresses. Such flexibility is essential for deriving the full benefits of an interdisciplinary approach (Métayer et al., 2017).

Furthermore, given the human-centred aspect, I must plan for ethical considerations from day one. Research involving users, particularly “at-risk” users who might be disproportionately affected by digital security failures, poses significant safety challenges (Bellini et al., 2024). My plan will explicitly integrate safety practices and ethical review processes to protect participants, ensuring that my research is not only rigorous but also responsible.

Project Management: Steering My Interdisciplinary Ship

A strong research project begins with a clear roadmap. For my study on adaptive MFA, my project plan follows four key phases:

• Scoping & Literature Review: This initial phase involves mapping the current state of authentication research and meticulously identifying gaps in understanding usability and employee trust. I’ll need to absorb a vast amount of existing knowledge to pinpoint where my research can make the most significant contribution.
• Design & Preparation: Here, I’ll focus on developing my research instruments, including usability tasks, surveys, and interview guides. Crucially, I’ll set up secure testing environments to simulate realistic enterprise conditions and dedicate significant effort to gaining ethical approval, ensuring full compliance with data protection standards.
• Execution & Data Collection: This is where the core data gathering happens. I’ll be running usability tests where employees interact with adaptive versus traditional MFA, collecting survey data on perceived security and trust, and conducting in-depth interviews for richer insights into employee experiences.
• Analysis & Reporting: In the final phase, I’ll combine quantitative metrics, such as task times and error rates, with qualitative themes, like trust perceptions and frustrations. My goal is to draw out actionable recommendations for enterprises and system designers and then disseminate these findings through both academic and professional forums.

This phased structure allows for a crucial balance of predictability (knowing what happens when) and adaptability (making room for discoveries during the research). This iterative planning approach is essential given the interdisciplinary nature of my work, which requires flexibility as new insights emerge. My plan will remain fluid, prioritizing mutual understanding and the integration of new ideas as the project progresses. Furthermore, given the human-centred aspect, I must plan for ethical considerations from day one. My plan explicitly integrates safety practices and ethical review processes to protect participants, ensuring that my research is not only rigorous but also responsible.

Project Management in Practice

Managing a human-centred cybersecurity study requires meticulous coordination across people, tasks, and technologies. While traditional project management principles don’t always perfectly align with the inherent uncertainties and human factors in academic research, their application can significantly benefit my study, potentially reducing wasted resources. Highly organized project management facilitates rigorous study implementation and helps manage the large amounts of information involved.

Tools like Asana will be invaluable in helping me break the work into manageable milestones, such as literature review, ethics approval, participant recruitment, data collection, and analysis. Shared workspaces like Google Workspace will ensure seamless collaboration and version control for all my research documents.

Key management principles I’m embedding in this project include:

• Agility: My plans must adapt if, for example, participant recruitment slows down or if pilot studies reveal unforeseen usability issues. This flexibility is critical in a fast-evolving field. Agile methodologies and user-centred design principles are well-suited for iterative design and continuous improvement, allowing me to incorporate feedback quickly and flexibly.
• Transparency: Documenting each decision, from tool selection to coding frameworks, is vital for strengthening credibility and ensuring my research is reproducible.
• Security Awareness: Because the project itself deals with authentication and trust, managing sensitive participant data ethically and securely is absolutely non-negotiable.

Research Evaluation Approach

Evaluation is where rigor meets reflection. For this project, three layers of evaluation come into play:

• Formative Evaluation: This involves continuous reflection during the study. I plan to conduct pilot usability sessions to refine tasks and surveys before the main rollout, allowing me to catch and correct issues early.
• Summative Evaluation: This assesses outcomes at the end of the project. I’ll be asking: Did adaptive MFA improve usability? Did it increase or decrease perceived trust and security? Using mixed methods ensures my findings are robust and triangulated.
• Meta-Evaluation: This is a reflection on the research process itself. I’ll be asking: Were the methods appropriate for a project at the cutting edge of cybersecurity and HCI? I’ll consider what worked well and what could be improved in future studies.

Tailoring to the Forefront of the Discipline

Adaptive MFA is not just another incremental security measure—it represents a fundamental shift toward context-aware, dynamic authentication. Studying it demands methods that are just as adaptive. That’s why my project plan emphasizes:

• Human-centred evaluation: because usability and trust will determine adoption as much as technical robustness (Zimmermann et al., 2022). User perceptions heavily influence how security technologies are used and adopted, and sometimes these perceptions can deviate from purely technical aspects.
• Mixed-methods rigor: combining hard performance data with rich qualitative narratives.
• Enterprise relevance: my findings must be actionable for organizations, not just theoretical. Implementing continuous feedback loops in my evaluation, where users can report issues and suggest improvements, will help maintain the usability and relevance of security systems.

By tailoring my project planning, management, and evaluation to these needs, I aim to generate insights that matter both academically and practically.

🔐 Final Thought:
At the forefront of cybersecurity, success depends on more than innovative systems—it depends on how people experience and trust those systems. Careful project planning and evaluation make sure the research itself reflects that same balance of structure and flexibility.

References

• Barakhshan, P. and Eigenmann, R. (2024) “Best Practices for Developing Computational and Data-Intensive (CDI) Applications,” Available at: https://arxiv.org/abs/2406.01780 and accessed on the 19^th of September 2025
• Bellini, R. et al. (2024) “SoK: Safer Digital-Safety Research Involving At-Risk Users,” Available at: https://ieeexplore.ieee.org/document/10646660 and accessed on the 21^st of September 2025
• Métayer, D.L. et al. (2017) “Interdisciplinarity in practice: Challenges and benefits for privacy research,” Available at  https://www.sciencedirect.com/science/article/abs/pii/S0267364917302066?via%3Dihub and accessed on the 25^th of September 2025.

• 
Ruecker, S. and Radzikowska, M. (2008) “The iterative design of a project charter for interdisciplinary research” AVAILABLE AT: https://dl.acm.org/doi/10.1145/1394445.1394476 and accessed on the 23^rd of September 2025.

• Zimmermann, V., Gerber, P.J. and Stöver, A. (2022) “That Depends — Assessing User Perceptions of Authentication Schemes across Contexts of Use,”  Avaliable at: https://arxiv.org/abs/2209.13958 and accessed on the 15^th of September 2025.