The use of participational approaches to system design has been debated for a number of years. In some situations it seems that participational approaches are not a suitable or practical method by which to design an Information System or to analyse a problem. Within this paper we describe a framework in which participation plays an active and effective role and describe a method that was used to effectively design information systems and implement computer security countermeasures.