Second Cycle CodingDavid Lee — TIM 158, Spring 2019Conte.docx

Second Cycle Coding
David Lee — TIM 158, Spring 2019
Content drawn from Johnny Saldana’s The Coding Manual for
Qualitative Researchers
and Michael Bernstein’s design course.
Deep, rich understanding of individuals
Hypotheses about narrow user segments
Hypotheses about solution concepts
Recall
“essence-capturing and essential elements of the
research story that, when clustered together according
to similarity and regularity - a pattern - facilitate the
development of categories and analysis of their
connections.”
Qualitative coding is about
The Coding Manual for Qualitative Researchers, Johnny
Saldana
Recall
DATA → CODES → CATEGORIES → THEMES → THEORY

Recall
The Coding Manual for Qualitative Researchers (2009), Johnny
Saldana (p. 12)
First cycle
focused on
who/what
Second cycle
moving from
who/what to
how/why
Recall
Saldana (p. 189)
Attribute codes
Holistic/structural code
Line-by-line/sentence-
by-sentence codes
Recall
Memo type: networks
Saldana, pg 45
Integrate your codes into a narrative (codeweaving) to interpret

how individual
components weave together in hierarchies, chronological flows,
influences and affects, etc.
Recall
Saldana (p. 43)
First and second cycle
coding intermixed with
data collection and
memo writing
Gradual development
from codes to categories
to theory, facilitated by
memo writing
Recall
General process
• End with annotated data, hierarchical coding scheme,
codebook, analytic
memos, developed theory
• For us, the “theory” we’re aiming for is a hypothesized model
that is:
• grounded in user data and quotes
• a cohesive narrative and logical interpretation

• communicated richly to help the reader in “being there”
• Remember: we are generating not validating hypotheses, so
choose
diverse perspectives
Recall
Today
• Second cycle coding methods
• Defining a model: participant profiles, personas,
storyboards, customer journey maps
• Our process for assignment #3
transitioning from managing, focusing, highlighting, filtering
data to generate categories, themes, and theory
Second cycle coding
The Coding Manual for Qualitative Researchers, Johnny
Saldana
Recall
Organizing/focusing/interpreting codes
• Pattern/focused coding: create categories from groups of codes
• Can consider emergent patterns or those most central to the
analytic question
• Axial coding: flesh out a category with properties &
dimensions

• Properties are attributes of a category, dimensions are the
location of a property on
a continuum that tells if, when, how, why something happens,
• Theoretical coding: summarize the central/core concern
• If can achieve generalizable/transferable theory, that’s great!
Code mapping
• Start from the full
set of codes and
reorganize into a
list of categories,
and then condense
further into themes
or concepts
Saldana, pg 194-198
Theming the data
• Instead of codes, label with thematic
statements that draw out a code’s
essence: what it’s about, what it means.
• Can take a broad code and elaborate it
using “is” or “means” after phenomenon
• Example: phrases for code “Negotiating” might be
result in “negotiating is the path of least resistance”
or “negotiating means manipulating others”.

• Then condense into meta-themes or
theoretical constructs
Saldana, pg 177
Saldana, pg 178
What is the theory/model we are trying
to develop for designing a product?
Recall the business model canvas
strategyzer.com
Cost structure Revenue streams
Key resources Channels
Key activitiesKey partners
Value
proposition
Customer
relationships
Customer
segments
Recall
This model includes
Pr
o

du
ct
Marketing,
Sales, Support
U
ser segm
ents
• Groups of users whose contexts and
values give rise to similar experiences in
encountering and using your product
• The strategic roadmap of which groups
you plan to target first and the
accompanying product / marketing
features needed
Stems from a rich model of users
• Context of user segment: what is the broader environment,
values, and goals
they are operating in, especially as affecting the below.
• Adoption of product: what motivates or prevents them from
using your
product? how do they first discover and adopt it?
• Experience of product: how do they use your product (e.g.
tasks, frequency,
length)? what is their experience and how do they affect the
ecosystem?

• Summary of value: how are their needs ultimately satisfied
and what is the
extent or limits? what does success for this segment look like?
SEGMENT → SETTING → SEQUENCE → SATISFACTION
Recall
Credit: Crossing the Chasm: Geoffrey Moore
Recall
How do you represent
this model?
Cookie Monster
Cookie Connoisseur, 4
“Not a day goes by when I don’t think
about my precious cookies.”
Cookie Monster cares most about enjoying cookies and
maintaining his image as relentless cookie thief .
‐ A day in Cookie Monster’s life ‐

Cookie Monster is a voracious monster and one of the main
characters on Sesame Street . Covered with blue fur and
possessing a pair of googly eyes, Cookie Monster has an
insatiable appetite. As his name implies, his primary craving
is cookies, but he can (and often does) consume anything
and everything , from apples and pie to letters , flatware, and
hubcaps. When Cookie Monster eats something, he makes a very
distinct, loud munching "noise", often
interpreted as " OMM-nom-nom-nom... " Cookie Monster has a
deep, growly voice, and generally speaks
with simplistic diction, saying everything with "me" - for instan
ce, as opposed to "I want a cookie!"
- Cookie Monster’s Challenges -
Cookie monster is generally very happy but when he had has a f
ew
traumatic experience in his life. At some point someone offered
him
fruit instead of cookies and he cried for a week. Cookie monster
works hard to maintain his image as trouble maker to ensure a

steady cookie supply. Whenever Ernie or Bert have cookies, he
barges into the scene and eats all their cookies. Cookie monster
has a sweet personality but he thinks he needs to be scary in ord
er
to not threaten his cookie supply.
Participant profiles
& personas
• Conveys context of their life and
needs, especially characterizing
attributes of segments.
• Help people visualize/empathize
with your user. Useful for creating
alignment within a team.
• Concrete and specific. Enough depth
to tell a story and communicate in a
more emotionally resonant way
Storyboard
No artistic skill required!
Hand-drawn comic that features:
Setting + Sequence + Satisfaction
(slides adapted from Amal Dar Aziz)

Storyboard
Storyboard
Storyboard
Storyboard
Storyboard
For modeling and prototyping:
• Gets everyone on same page about
the app’s goals
• Focuses the conversation and
feedback on user tasks
• Avoids nitpicking about user
interface details

Customer Journey Map
• Provide a holistic and rich
visualization of a user’s
encounter with a product
• Combines:
• User segment attributes and context,
• Actions and touchpoints the user
encounters,
• Mindsets and emotions in that encounter,
• Reflections on metrics, risks, priorities,
Credit: When and How to Create Customer Journey Maps,
Nielsen Norman Group
The goal
• Represent the hypothesized model of the user
segments that can be used to inform future iterations
• Communicate a cohesive narrative grounded in data
that can help readers empathize with the user journey
How do you know if its effective?
• As a representation of the hypothesis
• Does it help describe something about this particular segment?

• Does it make assertions about their experience that can be
questioned or
validated or that can inform iteration of the product?
• As communicating a rich and cohesive narrative
• Does it help someone put themselves into the user’s shoes?
• Does the story it tells of the experience fit compellingly with
the context?
Today
• Second cycle coding methods
• Defining a model: participant profiles, personas,
storyboards, customer journey maps
• Our process for assignment #3
Code your interview
• Preparation: Annotate it with attribute and holistic/structural
codes
• Who/What: use descriptive and process codes to describe the
characters, setting, and
other context
• How/Why: Use emotion, evaluation, values, versus coding to
develop a richer view
of the participant context and experiences. Bias towards using
in vivo codes to ground
these in the user’s language.
• Memos: Write short analytic memos that use codeweaving to
write narratives of the
participant context and experiences

• (On Wednesday) We’ll talk about organizing codes into
categories and defining models of
our participant and of hypothesized user segments
Recall
Code mapping to create categories
• Do it for the entire set of codes for each individual
• Code map into two high-level groups of categories
• Persona and setting: groups of attributes, values, motivations,
etc. that potentially
characterize segments
• Adoption and experience: how and why do they join and use
it, what value/pain do
they encounter, why does it work or not
• These are categories and subcategories, and potentially themes
• Think of these as potential features predicting a segment or
predictions of
experiences you could try validating
Write insights on segments/themes
• Define notable segments reflected in the individual or other
major themes
that arose

• A segment is a group of users who experience adoption and/or
use of the product in a similar way.
Think about some of the major point-of-views that might be
reflected in that individual’s experience,
• Write a short memo summarizing these notable segments with
1-2 particularly illustrative quotes,
• Then write a memo for each segment containing
• The major hypotheses you might want to validate
• Ideas you have for how to build a product to better nail fit,
• Questions you have that you’d want to understand more.
Get started on synthesizing
for final report
Share in your groups
• Share the potential segments and themes you saw in
unpacking of individuals
• Based on patterns across individuals, decide on 2-3
segments you want to target as early adopters or a
beachhead segment
• Then detail each of these segments with a customer
journey map elaborated by a 2-page narrative
Customer journey map
• 4 columns corresponding to segment, discovery,

experience, satisfaction
• Segment describes the user before they encounter your
product,
• Discovery describes how they encounter and join/buy your
product,
• Experience describes their use/participation of your product,
• Satisfaction describes the user’s satisfaction with your product
and after
they finish using your product.
• 5 rows for each column (some are blank for first and last)
• Concise summary (200-400 characters) of each of the four
columns
• Actions that a user would be going through, and their
mindset/emotions as they
go through these actions
• Touchpoints for connecting to the user as they go through this
journey
• Data collection that you would eventually want to do to
validate key hypotheses
• Risks, questions, and ideas that you think of
• Link to your 2-page supporting narrative

• Basically mirrors the customer journey map, but has space to
add some
illustrative quotes, and actually explain the short phrases in the
map
Define implications for future
• Explain your prioritization of user segments
• Who are the early adopters? Your beachhead into the early
majority? Explain the strength of
the value you are providing to them and why they are likely to
be good early target segments
• What are later segments you could potentially grow to and
what would be an estimate of
the market size?
• Define the next iteration
• How will you change the product or marketing? What is the
next version? A longer roadmap?
• What do you feel is still unanswered? What are the biggest
questions or risks?
Running Head: DEPTH (CYBERSECURITY)
1
DEPTH (CYBERSECURITY)
5

RAKESH PRAKASH GENTYALA
ITS 834 Emerging Threats and Countermeasures
Annotated Bibliography - Depth (Cyber Security)
Dr. Steve Brown
29th March, 2019
Depth –Cyber Security
The paper will provide an overview of the defense in depth
strategy as a practical method of attaining information
assurance, considering the widespread of the networked
environment in today’s modern world. It will look into the
purpose of the defense in depth technique and how exactly this
strategy works, more importantly, its role as a defensive
countermeasure in protecting national infrastructure from cyber-
attacks. The different elements of the defense in depth strategy
will be explored. It will also give insight on how to measure the
effectiveness of the defense in depth strategy and ways to
improve its effectiveness in order to ensure that national
infrastructure remains secure.
Annotated Bibliography

Harrop, W., & Matteson, A. (2015). Cyber resilience: A review
of critical national infrastructure and cyber-security protection
measures applied in the UK and USA. In Current and Emerging
Trends in Cyber Operations (pp. 149-166). Palgrave Macmillan,
London.
This article points out the defense in depth approach as amongst
the security measures adopted by the USA and UK to safeguard
national infrastructure. The article looks into the possibility of a
country’s financial systems suffering from an unexpected
malicious downtime, or even the possibility of digital terrorists
interfering with power grids and breaching water treatment
plants. The article provides the defense in depth strategy as a
measure for protecting the basic way of life which is highly
dependent on national infrastructure.
Ani, U. P. D., He, H., & Tiwari, A. (2017). Review of
cybersecurity issues in industrial critical infrastructure:
manufacturing in perspective. Journal of Cyber Security
Technology, 1(1), 32-74.
This paper looks into cybersecurity concerns regarding
industrial control systems. It offers an insightful review on
vulnerabilities, threats and cyber-attack patterns and their
impact on the industrial environment. The defense in depth
strategy for improving the cybersecurity of industrial control
systems is examined in detail. Industrial control systems are
quite complex and so lack of defense in depth strategy can
result in long term exposure to threats.
Hausken, K., & Levitin, G. (2016). Review of Systems Defense
and Attack Models. International Journal of Performability
Engineering, 8(4).
This paper highlights the importance of the defense in depth
strategy and provides a well-described example of its role in the
health care industry. It explores the WannaCry Malware
outbreak and the havoc it caused on the healthcare industry. It
looks into cybersecurity practices that the health care industry
moved into, the defense in depth strategy being one of them.
The healthcare industry is charged with the protection of crucial

patient data and so adopting the defense in depth strategy was
considered a way to exponentially multiply the industry’s cyber
defense.
Khattak, M. A., Shaharuddin, M. K. H., Islam, M. S., & Ahmad,
M. H. N. (2017). Review of cyber security applications in
nuclear power plants. Journal of Advanced Research in Applied
Sciences and Engineering Technology, 7(1), 43-54.
This paper reviews the application of the defense in depth
strategy for nuclear safety by the International Atomic Energy
Agency. It summarizes the historical development of nuclear
safety concepts, with a focus on the Defense in depth concept. It
describes how the defense in depth strategy can be enhanced for
the safety of the nuclear power plants that are currently in
operation. It provides the objectives of the defense in depth
mechanism for nuclear safety.
Geramiparvar, S., & Modiri, N. (2015). Security as a Serious
Challenge for E-Banking: a Review of Emmental
Malware. International Journal of Advanced Computer
Research, 5(18), 62.
This paper explores electronic payment frauds in financial
institutions. Cyber threats are have increased in the financial
sector owing to the various innovations on digital payment
techniques by banks. The paper recommends the defense in
depth strategy as a security measure to combat online payment
frauds. The paper also looks into how cyber attackers use
Emmental malware to compromise digital banking platforms and
gain access to the private information of customers. The paper
gives insight into how a defense in depth strategy works to stop
fraudulent transactions.
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K.,
Soulsby, H., & Stoddart, K. (2016). A review of cybersecurity
risk assessment methods for SCADA systems. Computers &
security, 56, 1-27.
This paper explores the unprecedented security threats
introduced by computer technologies in the SCADA
(Supervisory Control And Data Acquisition) systems. SCADA

systems are used by the national government to monitor
transport processes. The systems are faced with numerous
security threats and so traditional security measures are not
effective enough. This paper proposes the use of the defense in
depth strategy as SCADA defense measure against cyber-attacks
and describes its effectiveness in safeguarding SCADA systems.
Tayan, O. (2017). Concepts and tools for protecting sensitive
data in its industry: a review of trends, challenges, and
mechanisms for data-protection. International Journal of
Advanced Computer Science and Applications, 8(2), p46-52.
This journal gives insight into the potential cyber threats on a
government's IT industry. Attackers can easily gain access to
the protected information of a government agency. The journal
looks into the various cyber security measures that government
agencies can adopt to prevent their private information getting
into the wrong hands. In this journal, the defense in depth
strategy has been explored as a security measure for protecting
the data of government agencies.
1
Copyright © 2012, Elsevier Inc.
All Rights Reserved
Chapter 6
Depth
Cyber Attacks
Protecting National Infrastructure, 1st ed.

2
• Any layer of defense can fail at any time, thus the
introduction of defense in depth
• A series of protective elements is placed between an
asset and the adversary
• The intent is to enforce policy across all access points
All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Introduction
3
Fig. 6.1 – General defense in depth
schema

All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
4
• Quantifying the effectiveness of a layered defense is
often difficult
• Effectiveness is best determined by educated guesses
• The following are relevant for estimating
effectiveness
– Practical experience
– Engineering analysis
– Use-case studies

– Testing and simulation
All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Effectiveness of Depth
5
All rights Reserved
C
h
a
p
te

r 6
–
D
e
p
th
Fig. 6.2 – Moderately effective single
layer of protection
6
• When a layer fails, we can conclude it was either
flawed or unsuited to the target environment
• No layer is 100% effective—the goal of making layers
“highly” effective is more realistic
All rights Reserved
C
h
a
p
te
r 6
–
D
e

p
th
Effectiveness of Depth
7
All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Fig. 6.3 – Highly effective single layer of
protection
8

All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Fig. 6.4 – Multiple moderately effective
layers of protection
9
• A national authentication system for every citizen
would remove the need for multiple passwords,
passphrases, tokens, certificates, and biometrics that
weaken security
• Single sign-on (SSO) would accomplish this
authentication simplification objective
• However, SSO access needs to be part of a
multilayered defense

All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Layered Authentication
10
All rights Reserved
C
h
a
p
te
r 6
–
D

e
p
th
Fig. 6.5 – Schema showing two layers of
end-user authentication
11
All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Fig. 6.6 – Authentication options
including direct mobile access
12

Layered E-Mail Virus and Spam
Protection
• Commercial environments are turning to virtual, in-
the-cloud solutions to filter e-mail viruses and spam
• To that security layer is added filtering software on
individual computers
• Antivirus software helpful, but useless against certain
attacks (like botnet)
All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
13

All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Fig. 6.7 – Typical architecture with
layered e-mail filtering
14
• Layering access controls increases security
• Add to this the limiting of physical access to assets
• For national infrastructure, assets should be covered
by as many layers possible
– Network-based firewalls
– Internal firewalls
– Physical security

All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Layered Access Controls
15
Fig. 6.8 – Three layers of protection
using firewall and access controls
All rights Reserved
C
h
a
p
te

r 6
–
D
e
p
th
16
• Five encryption methods for national infrastructure
protection
– Mobile device storage
– Network transmission
– Secure commerce
– Application strengthening
– Server and mainframe data storage
All rights Reserved
C
h
a
p
te
r 6
–

D
e
p
th
Layered Encryption
17
All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Fig. 6.9 – Multple layers of encryption
18

• The promise of layered intrusion detection has not
been fully realized, though it is useful
• The inclusion of intrusion response makes the
layered approach more complex
• There are three opportunities for different intrusion
detection systems to provide layered protection
– In-band detection
– Out-of-band correlation
– Signature sharing
All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Layered Intrusion Detection

19
All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
Fig. 6.10 – Sharing intrusion detection
information between systems
20
• Developing a multilayered defense for national
infrastructure would require a careful architectural
analysis of all assets and protection systems
– Identifying assets
– Subjective estimations
– Obtaining proprietary information

– Identifying all possible access paths
All rights Reserved
C
h
a
p
te
r 6
–
D
e
p
th
National Program of Depth
1
All Rights Reserved
Chapter 10
Awareness
Cyber Attacks

Protecting National Infrastructure, 1st ed.
2
• Situational awareness is the real-time understanding
within an organization of its security risk posture
• Awareness of security posture requires consideration
of the following
– Known vulnerabilities
– Security infrastructure
– Network and computing architecture
– Business environment
– Global threats
– Hardware and software profiles
All rights Reserved
C
h
a
p
te
r 1
0
–

A
w
a
re
n
e
s
s
Introduction
3
Fig. 10.1 – Optimal period of system
usage for cyber security
All rights Reserved
C
h
a
p
te
r 1
0
–
A

w
a
re
n
e
s
s
4
• Factoring in all elements of situational awareness
should create an overview of current security risk
• Descriptors such as high, medium, and low are too
vague to be helpful
• Security risk levels should be linked with actionable
items
All rights Reserved
C
h
a
p
te
r 1
0
–

A
w
a
re
n
e
s
s
Introduction
5
Fig. 10.2 – Rough dashboard estimate
of cyber security posture
All rights Reserved
C
h
a
p
te
r 1
0
–
A

w
a
re
n
e
s
s
6
Fig. 10.3 – Security posture changes
based on activity and response
All rights Reserved
C
h
a
p
te
r 1
0
–
A
w
a
re

n
e
s
s
7
Detecting Infrastructure Attacks
• No security task is more difficult and complex than
the detection of an ongoing attack
• Many tools for detecting attack, yet none
comprehensive or foolproof
• Determination of risk level is a fluid process
All rights Reserved
C
h
a
p
te
r 1
0
–
A
w

a
re
n
e
s
s
8
Fig. 10.4 – Attack confidence changes
based on events
All rights Reserved
C
h
a
p
te
r 1
0
–
A
w
a
re

n
e
s
s
9
Managing Vulnerability Information
• Situational awareness for national infrastructure
protection requires a degree of attention to daily
trivia around vulnerability information
• Practical heuristics for managing vulnerability
information
– Structured collection
– Worst case assumptions
– Nondefinitive conclusions
– Connection to all sources
All rights Reserved
C
h
a
p
te
r 1

0
–
A
w
a
re
n
e
s
s
10
Fig. 10.5 – Vulnerability management
structure
All rights Reserved
C
h
a
p
te
r 1
0
–
A

w
a
re
n
e
s
s
11
Managing Vulnerability Information
• Three basic rules for managers
– Always assume adversary knows as much or more about
your infrastructure
– Assume the adversary is always keeping vulnerability-
related secrets from you
– Never assume you know everything relevant to the
security of your infrastructure
All rights Reserved
C
h
a
p
te

r 1
0
–
A
w
a
re
n
e
s
s
12
Cyber Security Intelligence Reports
• Daily cyber security intelligence reports are standard
in government agencies
• They would be useful in enterprise settings
• A cyber security intelligence report would include
– Current security posture
– Top and new security risks
– Automated metrics
– Human interpretation

All rights Reserved
C
h
a
p
te
r 1
0
–
A
w
a
re
n
e
s
s
13
Cyber Security Intelligence Reports
• Tasks for creating a cyber security intelligence report
– Intelligence gathering
– Interpretation and publication

All rights Reserved
C
h
a
p
te
r 1
0
–
A
w
a
re
n
e
s
s
15
Risk Management Process
• Security risks must be tracked and prioritized
• Generally agreed upon approach to measuring risk
associated with specific components begins with two
estimations
– Liklihood

– Consequences
• Actual numeric value of risk less important than
overall relative risk
• A useful construct compares security risk against cost
of recommended action
All rights Reserved
C
h
a
p
te
r 1
0
–
A
w
a
re
n
e
s
s
16

• Summary of management considerations
– Maintaining a prioritized list of security risks
– Justifying all decisions
All rights Reserved
C
h
a
p
te
r 1
0
–
A
w
a
re
n
e
s
s
18
Security Operations Centers

• The security operations center (SOC) is the most
visible realization of real-time security situational
awareness
• Most SOC designs begin with centralized model – a
facility tied closely to operation
• A global dispersal of SOC resources is an around-the-
clock real-time analysis of security threats
All rights Reserved
C
h
a
p
te
r 1
0
–
A
w
a
re
n
e
s
s

• A national-level view of security posture will require
consideration of the following
– Commercial versus government information
– Information classification
– Agency politics
– SOC responsibility
All rights Reserved
C
h
a
p
te
r 1
0
–
A
w
a
re
n
e
s
s
National Awareness Program

Research Paper Rubric
Component 100% 75% 50% 25% 0
Basic
Requirements
Formatted correctly, at
least 500 words in
length, citation page
and internal citations
correct (APA format), at
least 2 cited peer
reviewed sources.
Does not meet required
page length, and/or
does not have 2 cited
peer reviewed sources.
Thesis
Statement
Engaging, challenging,
and clearly focuses the
paper. Effectively
stated in the
introduction and
carried throughout the
paper.

Clear and articulate,
engaging and clearly
focuses the paper, but
is not challenging. Is
effectively carried
throughout the paper.
Clearly stated in the
introduction, attempts
to be engaging, is
adequate, but lacks
insight and focus, and is
carried through the
paper.
Included in the
introduction, but is
vague. Lacks insight,
focus, and is not carried
throughout the paper.
Is vague or may be
lacking in the
introduction; is not
focused and lacks
development; is not
carried throughout the
paper.
Introduction Strong and effective, it
is engaging and clearly
defines the thesis, as
well as provides a
foundation for the body
of the paper.

Effective and engaging,
defines the thesis and
provides foundation for
the body of the paper.
Introduces the topic of
the paper and builds a
connection between
the topic, the thesis,
and the body of the
paper. Informative but
not engaging or strong.
Introduces the topic of
the paper loosely and
includes the thesis
statement. Provides
little information
regarding the topic.
Includes little more
than the thesis and
shows no demonstrable
knowledge of the topic
of the paper.
Content
Strongly and vividly
supports the thesis and
is reflective of strong,
thorough research.
Illustrates extensive
knowledge of the topic.
Every aspect of the

thesis is supported by
quality academic
research.
Strongly supports the
thesis and is reflective
of good, thorough
research. Illustrates
knowledge of the topic,
but could be extended.
Most aspects of the
thesis are supported by
quality academic
research.
Supports the thesis and
reflects research, and
illustrates adequate
knowledge of the topic.
Could be extended and
shows some gaps in
understanding of the
topic. Although there
may be some
inconsistencies with
support from quality
academic research.
Related to the thesis
but reflects inadequate
research and
knowledge of the topic,
and demonstrates a
lack of understanding.
There may be a lack of
support from quality

academic research.
Does not convey
adequate
understanding of the
topic, the research, or
the thesis. There are
many unsupported
aspects of the thesis
and the research lacks
quality sources.
Organization Effectively organized.
Logical structure of
points and smooth
transitions convey both
understanding of topic
and care in writing.
Well organized, but
may lack some
transitions between
ideas. Logical structure
of most ideas conveys
understanding of topic
and composition.
Ideas are logically
structured, but may
lack transitions
between ideas. Could
benefit from
reorganizing 1 or 2
ideas.
Some significant gaps in

organization are
present but the basic
framework of ideas is
logical. Overall
organization could be
improved.
Much of the paper lacks
organization of ideas,
making it difficult to
understand the ideas
expressed in the paper.
Citation Format APA format is used
accurately as needed
throughout the entire
paper.
APA format is used
paper, but may show
variations or slight
inconsistencies of
format.
APA format is used
paper, but may be
noticeably inconsistent
in format.
APA format is used
inaccurately and
inconsistently in the
paper.

APA is not used
(regardless of the
number of sources or
citations).
Conclusion Strongly and clearly
connects the thesis
statement to the
research to draw a
specific conclusion that
does not leave the
reader with questions
regarding the thesis.
Clearly connects the
thesis statement and
the research to draw a
clear conclusion that
draws the research to a
logical close.
Connects the thesis
statement and research
to draw a conclusion
regarding the research.
Restates the topic
statements throughout
the paper.
Restates the thesis and
the topic statements,
but does not draw any
specific conclusion
about the research or
the thesis.

There is no conclusion;
it restates the thesis at
best.
Conventions Conventions of
standard written
English are used with
accuracy; there are few,
if any, minor errors.
Conventions of
standard written
English are used; there
may be several minor
errors of usage.
Conventions of
standard written
English are used;
however, there may be
a few major errors and
few minor errors of
usage.
Conventions of
standard written
English are used with
numerous major errors
and several minor
errors of usage.
The paper shows
significant errors in
conventions of
standard written
English.

In this third project milestone, you will learn techniques for
rigorously analyzing qualitative data. You will apply this to
analyze the interview that you conducted at the end of the last
assignment. This assignment should be done individually.
Readings and Resources:
· Transcribing: Finally, an easy, quick way to transcribe audio,
for free, Quartz, Leah Fessler, Trint (automated transcription,
but I don’t have a sense for how high-quality it is)
· Step-by-step instructions and example for TIM 158 qualitative
coding
· The Coding Manual for Qualitative Researchers, Johnny
Saldana
Requirements:
1. Transcribe the interview, then skim through and annotate
your transcript (individual).
If you have not already, transcribe the interview you conducted
in homework #2. Annotate the transcript with attribute codes,
e.g. participant demographics or other potential factors of
interest for analysis. Quickly skim through the transcript and
section it off into major topic areas using holistic codes. Use
Google Docs for your transcript. You can copy the example in
Step 1 in the step-by-step instructions as a template.
0. Make one detailed pass through the transcript to code
characters and setting (individual).
Use the Google Docs comment functionality to annotate the
transcript with Descriptive (D) and Process (P) codes. This

helps to capture the setting. Only code the interviewee
responses to make sure that you’re not just coding leading
questions, and use In Vivo codes. Then organize your codes,
and use codeweaving to write short analytic memos that
describe the various characters and settings discussed in the
interviews. You can copy the example in Steps 2-3 of the step-
by-step instructions as a template.
· Descriptive codes describe the things being talked about.
Process codes describe the actions going on and should use
gerunds whenever possible (e.g. -ing words). Make sure to also
mark any quotes that are particularly salient, illustrative, or
evocative,
· Organize all your descriptive and process codes into a list
organized by the section headers. Include quotes associated with
codes,
· When codeweaving, all of the codes should be used in at least
one memo, and the memos should minimize the use of words
that are not codes. All codes should be underlined within the
memos and quotes should be italicized.
0. Make a second detailed pass through the transcript to code
values and experience (individual).
Create a copy of the annotated transcript from before and make
a second pass through it, this time annotating it with Values
(V), Attitudes (A), Beliefs (B), Emotions (E), and Judgments
(positive: J+, negative: J-). Only code interviewee responses,
and use In Vivo codes (written with “quotation marks”)
whenever possible to ground your codes in the user’s own
words. Then organize your codes, and use codeweaving to write
short analytic memos that give a richer depiction of the various
characters and their experiences. You can copy the example in
Steps 4-5 of the step-by-step instructions as a template.
Value codes describe the importance we attribute to things.
Attitude codes describe the way we think and feel about things.

Belief codes describe what we accept as true including personal

Second Cycle CodingDavid Lee — TIM 158, Spring 2019Conte.docx

Recommended

Recommended

More Related Content

Similar to Second Cycle CodingDavid Lee — TIM 158, Spring 2019Conte.docx

Similar to Second Cycle CodingDavid Lee — TIM 158, Spring 2019Conte.docx (20)

More from rtodd280

More from rtodd280 (20)

Recently uploaded

Recently uploaded (20)

Second Cycle CodingDavid Lee — TIM 158, Spring 2019Conte.docx