Purpose This research project sets out to identify the security event management problems perceived in the SME context, prioritise these problems and then seek to solve them through the design and implementation of a prototype Security Information and Event Management (SIEM) system. Design/Methodology/Approach Action Design Research (ADR) is the research methodology used in this research project. ADR combines Action Research (AR) and Design Science (DS) research to solve a problem situation in a specific organisational setting through intervention and evaluation as well as the construction and evaluation of a novel IT artefact. A prototype SIEM was successfully designed and implemented in the case organisation over the course of a ten week intervention. Findings A number of findings emerged related to the testing of Design Principles (DPs) extracted from earlier SIEM research, the testing of ADR in the context of an SME as well as the presentation of nine new DPs for SIEM design and implementation in similar future projects. Practical Implications Apart from a working prototype SIEM in the SME context one output from the research project is a planning and implementation checklist for practitioners for future SIEM design and implementation projects, generalizable to all contexts and not just that of the SME. Originality/Value This research provides a short state-of-the-art summary of current SIEM research, validates two DPs extracted from earlier SIEM research, proposes nine new DPs relevant to future SIEM design and implementation and tests the effectiveness of ADR in the context of an SME research project.