References
- 금융보안연구원, "금융IT 보안컴플라이언스," 2011.
- 금융위원회, "금융회사 정보기술 보호업무 모범규준," 2012.
- 김경규, 신호경, 박성식, 김범수, "정보자산보호 성과가 조직성과에 미치는 영향에 관한 연구 : 관리활동과 통제활동을 중심으로," 정보관리연구, 제40권, 제3호, 2009, pp.61-77.
- 김상현, 박현선, "위치기반서비스 사용에 영향을 미치는 프라이버시 염려감소 선행요인, 신뢰 그리고 개인혁신성의 조절효과," 한국정보시스템학회지, 제21권 제2호, 2012, pp.73-96.
- 김인재, 설경환, "조직성과에 미치는 SPI 영향 요인에 관한 연구," 정보시스템연구, 제19권, 제2호, 2010, pp.97-118.
- 백민정, 손승희, "중소규모 조직구성원의 정보 보안인식과 행동이 정보보안성과에 미치는 영향에 관한 연구," 중소기업연구, 제33권, 제2호, 2011, pp. 113-132.
- 배병렬, "구조방정식모델 이해와 활용," 도서출판 대경, 2011.
- 송정석, 전민준, 최명길, "공공기관 정보보호 거버넌스 수준에 영향을 미치는 요인에 관한 연구," 한국전자거래학회지, 제16 권 제1호, 2011, pp.133-151. https://doi.org/10.7838/jsebs.2011.16.1.133
- 윤재욱, 김인재(2006), "소프트웨어 프로세스 개선활동이 조직성과에 미치는 영향," 한국경영과학회지, 제31권, 제1호, 2006, pp.37-53.
- 임채호, "효과적인 정보보호인식제고 방안," 정보보호학회지, 제16권, 제2호, 2006, pp.30-36.
- 전자금융거래법 시행령 제 11조의2, 2012.
- 최명길, 황원주, 김명수, "정보보호정책의 성숙도에 영향을 미치는 요인에 관한 연구," 한국정보보호학회지, 제18권, 제3호, 2008, pp.132-142.
- 한국정보보호진흥원, "인터넷 침해사고 피해액 산출모형 개발에 관한 연구," 2006.
- Agarwal, R. and Prasad, J., "A Conceptual and Operational Definition of Personal Innovativeness in the Domain of Information Technology," Information Systems Research, vol.9 No.2, 1998, pp.204-215.
- Alder, M. P., "A unified approach to information security compliance," EDUCASE Review, Vol.41, No.5, 2006, pp.46-48.
- Alshawaf, A.H., Ali, J.M.H. and Hasan, M.H., "A benchmarking framework for information systems management issues in Kuwait," Benchmarking: An International Journal, Vol.12 No.1, 2005, pp.30-44. https://doi.org/10.1108/14635770510582899
- Bassellier, G., Reich, B.H. and Benbasat, I., "Information Technology Competence of Business Managers: A Definition and Research Model," Journal of Management Information Systems, Vol.17, No.4, 2001, pp.159-182. https://doi.org/10.1080/07421222.2001.11045660
- Beznosov, K. and Beznosova, O., "On the imbalance of the security problem space and its expected consequences," Information Management & Computer Security, Vol.15, No.5, 2007, pp. 420-431. https://doi.org/10.1108/09685220710831152
- Bostrom, R.P., & Heinen,J.S.. "A socio-technical perspective. Part I :The causes," MIS Quarterly, Vol.1, No.3, 1977, pp.17-32. https://doi.org/10.2307/248710
- Bulgurcu,B.H. and Cavusoglu,H., "Roles of Information Security Awareness and Perceived Fairness in Information Security Policy Compliance," AMCIS 2009, pp.419.
- Chang, S.E. and Ho, C. B., "Organizational factors to the effectiveness of implementing information security management," Industrial Management & Data Systems, Vol.106, No.3, 2006, pp.345-361. https://doi.org/10.1108/02635570610653498
- Choi, N. and D. Kim, "Knowing is doing," Information Management and Computer Security, Vol.16, No.5, 2008, pp.484-501. https://doi.org/10.1108/09685220810920558
- COBIT(Control Objectives for Information and Related Technology) 5, ISACA, 2012.
- Dzazali, S. and Zolait, A. H., "Assessment of information security maturity: An exploration study of Malaysian public service organizations," Journal of Systems and Information Technology, Vol.14 No.1, 2012, pp.23-57. https://doi.org/10.1108/13287261211221128
- Dzazali, S., "Social Factors Influencing the Information Security Maturity of Malaysian Public Service Organisation: An Empirical Analysis," ACIS 2006 Proceedings, 2006, pp.103.
- Dhillon, G. and Backhouse, J., "Current direction in IS security research: toward socio-technical perspectives," Information System, Vol.11, No.2, 2001, pp. 127-53. https://doi.org/10.1046/j.1365-2575.2001.00099.x
- Doddrell, G.R., "Information security and the internet," Internet Research, Vol.6, No.1, 1996, pp.5-9.
- Eloff, J.H.P., "Information security policy—what do international information security standards say?," Computers & Security, Vol.21, No.5, 2002, pp.402-409. https://doi.org/10.1016/S0167-4048(02)00504-7
- Fornell, C. and D. Larcker, "Evaluating structural equation models with unobservable variables and measurement error," Journal of Marketing Research, Vol.18, 1981, pp.39-50. https://doi.org/10.2307/3151312
- Goldsmith, R. E., and Hofacker, C. F., "Measuring Consumer Innovativeness," Journal of the Academy of Marketing Science, Vol.19, No.3, 1991, pp.209-221. https://doi.org/10.1007/BF02726497
- Hagen, J.M., Albrechtsen, E. and Hovden, J., "Implementation and effectiveness of organizational information security measures," Information Management & Computer Security, Vol.16, No.4, 2008, pp.377-397. https://doi.org/10.1108/09685220810908796
- Hall, J. H., Sarkani, S. and Mazzuchi, T.A., "Impacts of organizational capabilities in information security," Information Management & Computer Security, Vol.19, No.3, 2011, pp.155-176. https://doi.org/10.1108/09685221111153546
- ISO27001, "ISO/IEC 27001-2005(E): Information Technology-Security Techniques- Information Security Management Systems-Requirements," International Organisation for Standardization, Geneva, 2005.
- Kankanhalli, A., Teo, H., Bernard, C.Y. and Tan, K. W., "An integrative study of information systems security effectiveness", International Journal of Information Management Vol.23, 2003, pp.139-154. https://doi.org/10.1016/S0268-4012(02)00105-6
- Knapp, K.J., Marshall, T.E., Rainer, R.K. and Ford, F.N., "Information security: management's effect on culture and policy," Information Management & Computer Security, Vol.14, No.1, 2006, pp.24-36. https://doi.org/10.1108/09685220610648355
- Koufteros, X., and G. Marcoulides., "Product development Practices and performan ce: A structural equation modeling-based multi-group analysis," International Journal of Production Economics, Vol.103, No.1, 2006, pp.286-307. https://doi.org/10.1016/j.ijpe.2005.08.004
- Kowalski, S., "IT Insecurity: A Multi-disciplinary Inquiry. Diss. The Royal Institute of Technology," Department of Computer and Systems Science Stockholm Univ. Report series No 94-040, 1994.
- Midgley, D. and Dowling, G. R., "Innovativeness: The Concept and Its Measurement," Journal of Consumer Research, Vol.4, No.4, 1978, pp.229-242. https://doi.org/10.1086/208701
- NIST SP 800-30, "Guide for Conducting Risk Assessment," 2012.
- NIST SP 800-33, "Underlying Technical Models for Information Technology Security," 2001.
- NIST SP 800-61, "Computer Security Incident Handling Guide," 2007.
- NIST SP 800-100, "Information Security Handbook: A Guide for Managers," 2007.
- Peltier, T.R., "Information Security Risk Analysis," Auerbach Publications, New York, 2001.
- Rogers, E. M., "Diffusion of Innovation," The Free Press, New York, 2003.
- Schneier, B., "Secret and Lies -Digital Security in a Networked World," Wiley Computer Publishing, New York, 2002.
- Smith, S., Stephen, G., and Malampy, W., "A financial Management Approach for Selecting Optimal, Cost-Effective Safeguards Upgrades for Computer and Information Security Risk Management," Computer and Security, Vol.14, No.1, 1995, pp.28-29.
- Solms, R., "Driving safely on the information superhighway," Information Management & Computer Security, Vol.5, No.1, 1997, pp.20-22. https://doi.org/10.1108/09685229710168006
- Stanton, J.M., Stam, K.R., Mastrangelo, P. and Jolton, J., "Analysis of end user security behaviors," Computers & Security, Vol.24, No.2, 2005, pp.124-33. https://doi.org/10.1016/j.cose.2004.07.001
- Steven J. Ross, Risk Masters and ISACA, "Creating a culture of Security," 2011.
- Tashi, I., "Regulatory Compliance and Information Security Assurance," 2009 International Conference on Availability, Reliability and Security, 2009, pp.670-674.
- Thomson, K. and Solms, R., "Information security obedience: a definition," Computers & Security, Vol.24, 2005, pp.69-75. https://doi.org/10.1016/j.cose.2004.10.005
- Trist, E., "The evolution of socio-technical systems," Vol.2, Wiley, 1981.
- Werlinger, R., Hawkey, K. and Beznosov, K., "An integrated view of human, organizational and technological challenges of IT security management," Information Management & Computer Security, Vol.17 No.1, 2009, pp.4-19. https://doi.org/10.1108/09685220910944722
- Yngstrom, L., "A Systemic- Holistic Approach to Academic Programmes in IT Security," Ph.D Thesis, Department of Computer and Systems Science, University of Stockholm and the Royal Institute of Technology, 1996, Stockholm.
- Young, R.F, "Defining the Information Security Posture : An Empirical Examination of Structure and Managerial Effectiveness," University of North Texas, 2008.