1 |
Ifinedo, P., "Understanding Information Systems Security Policy Compliance : An Integration of the Theory of Planned Behavior and the Protection Motivation Theory", Computers and Security, Vol. 31, No. 1, 2012, pp. 83-95.
DOI
|
2 |
ISO, ISO/IEC 27000:2009 Overview and Vocabulary, 2009.
|
3 |
Khalid, S., Solimana, K. S., and Janzb, B. D., "An Exploratory Study to Identify the Critical Factors Affecting the Decision to Establish Internet-based Interorganizational Information Systems", Information and Management, Vol. 41, No. 6, 2004, pp. 697-706.
DOI
|
4 |
Khan, S. A., Lederer, A. L., and Mirchandani, D. A., "Top Management Support, Collective Mindfulness, and Information Systems Performance", Journal of International Technology and Information Management, Vol. 22, No. 1, 2013, p. 6.
|
5 |
Lebek, B., Uffen, J., Breitner, M. H., Neumann, M., and Hohler, B., "Employees' Information Security Awareness and Behavior : A Literature Review", 2013 46th Hawaii International Conference on System Sciences, 2013, pp. 2979-2987.
|
6 |
Lee, J. and Lee, Y., "A Holistic Model of Computer Abuse Within Organizations", Information Management and Computer Security, Vol. 10, No. 2, 2002, pp. 57-63.
DOI
|
7 |
Lee, S. M., Lee, S. G., and Yoo, S., "An Integrative Model of Computer Abuse Based on Social Control and General Deterrence Theories", Information Management, Vol. 41, No. 6, 2004, pp. 707-718.
DOI
|
8 |
Leonard, L. N. K., Cronan, T. P., and Kreie, J., "What Influences IT Ethical Behavior Intentions-Planned Behavior, Reasoned Action, Perceived Importance, Individual Characteristics?", Information Management, Vol. 42, No. 1, 2004, pp. 143-158.
DOI
|
9 |
Li, M., Lou, W., and Ren, K., "Data Security and Privacy in Wireless Body Area Networks", Wireless Communications, IEEE, Vol. 17, No. 1, 2010, pp. 51-58.
DOI
|
10 |
Lohmeyer, D. F., McCrory, J., and Pogreb, S., "Managing Information Security (Current Research)", The McKinsey Quarterly, 2002, p. 12.
|
11 |
Meredith, S. L., "Comparative Perspectives on Human Gender Development and Evolution", American Journal of Physical Anthropology, Vol. 156, No. S59, 2015, pp. 72-97.
DOI
|
12 |
Merete, J., Eirik, H., and Hovden, A. J., "Implementation and Effectiveness of Organizational Information Security Measures", Information Management and Computer Security, Vol. 16, No. 4, 2008, pp. 377-397.
DOI
|
13 |
Mobley, W. H., Griffeth, R. W., Han, H. H., and Meglino, B. M., "Review and Conceptual Analysis of the Employee Turnover Process", Psychological Bulletin, Vol. 86, No. 3, 1979, pp. 493-522.
DOI
|
14 |
Myyry, L., Siponen, M., Pahnila, S., Vartiainen, T., and Vance, A., "What Levels of Moral Reasoning and Values Explain Adherence to Information Security Rules and Quest; An Empirical Study", European Journal of Information Systems, Vol. 18, No. 2, 2009, pp. 126-139.
DOI
|
15 |
Pahnila, S., Siponen, M., and Mahmood, A., "Employees' Behavior Towards Is Security Policy Compliance", Proceedings of the 40th Annual Hawaii International Conference on System Sciences, 2007, pp. 156-166.
|
16 |
Peace, A. G., Galletta, D. F., and Thong, J. Y. L., "Software Piracy in the Workplace : A Model and Empirical Test", Journal of Management Information Systems, Vol. 20, No. 1, 2003. pp. 153-177.
DOI
|
17 |
김상현, 송영미, "조직 구성원들이 정보보안 준수 동기요인에 관한 연구", e-비즈니스 연구, 제12권 제5호, 2011, pp. 327-349.
|
18 |
강다연, 장명희, "정보보안 정책 준수가 정보 보안능력 및 행동에 미치는 영향 분석 : 해운항만조직 구성원을 대상으로", 한국항만경제학회지, 제30권 제1호, 2014, pp. 97-118.
|
19 |
교육과학기술부, 정보보안 모범사례 가이드, 2011.
|
20 |
금융위원회 전자금융과, 금융감독원 IT감독국, "금융전산 보안 강화 종합대책", 2013.
|
21 |
김상훈, 박선영, "정보보안 정책 준수 의도에 대한 영향요인", 한국전자거래학회지, 제16권 제4호, 2011, pp. 33-51.
DOI
|
22 |
김지수, 김종배, 신용태, "조직 내 정보보호 최고책임자(CISO)의 역할인식이 정보보호 성과에 미치는 영향에 관한 연구", 경영컨설팅연구, 제12권 제4호, 2012, pp. 21-34.
|
23 |
Rosemann, M. and Vessey, I., "Toward Improving the Relevance of Information Systems Research to Practice : The Role of Applicability Checks", MIS Quarterly, Vol. 32, No. 1, 2008, pp. 1-22.
DOI
|
24 |
Pogarsky, G. and Piquero, A. R., "Studying the Reach of Deterrence : Can Deterrence Theory Help Explain Police Misconduct?", Journal of Criminal Justice, Vol. 32, No. 4, 2004, pp. 371-386.
DOI
|
25 |
PricewaterhouseCoopers, "Global State of Information Security Survey 2011", http://www.pwc.com/gx/en/information-security-survey/pdf/giss-2011-survey-report.pdf, July 25, 2012.
|
26 |
Ransbotham, S. and Mitra, S., "Choice and Chance : A Conceptual Model of Paths to Information Security Compromise", Information Systems Research, Vol. 20, No. 1, 2009, pp. 121-139.
DOI
|
27 |
Sari, P. K. and Trianasari, N., "Information Security Awareness Measurement with Confirmatory Factor Analysis", 2014 International Symposium on Technology Management and Emerging Technologies(ISTMET 2014), 2014, pp. 218-223.
|
28 |
Siponen, M. T., "A Conceptual Foundation for Organizational Information Security Awareness", Information Management and Computer Security, Vol. 8, No. 1, 2000, pp. 31-41.
DOI
|
29 |
Siponen, M., Vance, A., and Willison, R., "New Insights into the Problem of Software Piracy : The Effects of Neutralization, Shame, and Moral Beliefs", Information and Management, Vol. 49, No. 7, 2012, pp. 334-341.
DOI
|
30 |
Solms, R., "Information security management( 3) : the Code of Practice for Information Security Management (BS 7799)", Information Management and Computer Security, Vol. 6, No. 5, 1998, pp. 224-225.
DOI
|
31 |
Richardson, R., "CSI Computer Crime and Security Survey", Computer Security Institute, Vol. 1, 2008, pp. 1-30.
|
32 |
보안뉴스, "개정 전자금융거래법! 꼭 체크해야 할 8개 보안조항", 보안뉴스, 2014. 12. 9.
|
33 |
박종원, 김현규, "정보보안 전략과 보안준수 의도의 관계에 관한 연구모델개발을 위한 탐색적 연구", 한국경영정보학회 추계학술대회, 2012, pp. 559-564.
|
34 |
박철주, 임명성, "보안 대책이 지속적 보안 정책 준수에 미치는 영향", 디지털정책연구, 제10권, 제4호, 2012, pp. 23-35.
|
35 |
배병렬, LISREL 구조방정식 모델-이해와 활용, 청람, 2005년.
|
36 |
신윤정, "저출산 시대의 가사 노동 및 자녀 돌봄 시간 변화와 시사점", 보건.복지 Issue and Focus, 2015.
|
37 |
신현구, 이주락, "조직공정성이 산업보안담당자의 보안정책 준수의지에 미치는 영향", 한국경호경비학회, 제39권, 2014, pp. 241-268.
|
38 |
안중호, 박준형, 성기문, 이재홍, "처벌과 윤리교육이 정보보안 준수에 미치는 영향 : 조직유형의 조절효과를 중심으로", Information Systems Review, Vol. 12, No. 1, 2010, pp. 23-42.
|
39 |
위키백과, "정보보안", http://ko.wikipedia.org/w/index.php?title=%EC%A0%95% EB%B3%B4_%EB%B3%B4%EC%95%88&oldid=13061197, 2015. 2. 1.
|
40 |
임명성, "조직 구성원들의 정책 준수행위 의도에 관한 연구", 디지털정책연구, 제10권 제10호, 2012, pp. 119-228.
|
41 |
임명성, "정보보안 정책의 채택이 구성원들의 보안정책 준수 행위에 미치는 영향에 관한 연구", 디지털정책연구, 제11권 제1호, 2013, pp. 27-38.
|
42 |
임명성, "조직 구성원들의 정보보안 정책 준수에 영향을 미치는 요인에 관한 연구 -금융서비스업을 중심으로", 서비스경영학회지, 제14권 제1호, 2013, pp. 143-171.
|
43 |
임명성, 한군희, "정보보안 정책준수에 영향을 미치는 요인 : 위험보상이론 관점에서", The Journal of Digital Policy and Management, Vol. 11, No. 10, 2013, pp. 153-168.
|
44 |
장명희, 강다연, "항만지업 종사자들의 정보보안인식과 지각된 정보보안위험에 영향을 미치는 요인", 한국항해항만학회지, 제36권 제3호, 2012, pp. 261-271.
DOI
|
45 |
Srinivasan, S., "Information Security Policies and Controls for a Trusted Environment", Information Systems Control Journal, No. 2, 2008.
|
46 |
Sandhu, R. S. and Samarati, P., "Access Control : Principle and Practice", Communications Magazine, IEEE, Vol. 32, No. 9, 1994, pp. 40-48.
|
47 |
Son, J. Y., "Out of Fear or Desire? Toward a Better Understanding of Employees' Motivation to Follow IS Security Policies", Information and Management, Vol. 48, No. 7, 2011, pp. 296-302.
DOI
|
48 |
Spears, J. L. and Barki, H., "User Participation in Information Systems Security Risk Management", MIS Quarterly, Vol. 34, No. 3, 2010, pp. 503-522.
DOI
|
49 |
Steel, R. P., "Turnover Theory at the Empirical Interface : Problems of Fit and Functions", Academy of Management Review, Vol. 27, No. 3, 2002, pp. 346-360.
DOI
|
50 |
Stemberger, M. I., Manfreda, A., and Kovacic, A., "Achieving top management support with business knowledge and role of IT/IS personnel", International Journal of Information Management, Vol. 31, No. 5, 2011, pp. 428-436.
DOI
|
51 |
Straub, D., "Effective IS Security : An Empirical Study", Information Systems Research, Vol. 1, No. 3, 1990, pp. 255-276.
DOI
|
52 |
Tomarken, A. J. and Waller, N. G., "Structural Equation Modeling : Strengths, Limitations, and Misconceptions", Annu. Rev. Clin. Psychol., Vol. 1, 2005, pp. 31-65.
DOI
|
53 |
Tariq, M. A., Brynielsson, J., and Artman, H., "The Security Awareness Paradox : A Case Study", 2014 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining(ASONAM 2014), 2014, pp. 704-711.
|
54 |
Ajzen, I., "The Theory of Planned Behavior", Organizational Behavior and Human Decision Processes, Vol. 50, No. 2, 1991, pp. 179-211.
DOI
|
55 |
황경태, 정보시스템 감사- IT 거버넌스의 핵심수단, 탑북스, 2011.
|
56 |
Gendered Innovation, "지나치게 성별 차이를 강조하면 문제가 될 수 있다", , 2015. 5. 1.
|
57 |
Nellycw, "우리나라 은행 순위 및 종류", 2015. 2. 17..
|
58 |
Bauer, S., Bernroider, E. W. N., and Chudzikowski, K., "End User Information Security Awareness Programs for Improving Information Security in Banking Organizations : Preliminary Results from an Exploratory Study", Proceedings of the Eighth Pre-ICIS Workshop on Information Security and Privacy(SIGSEC), 2013, pp. 33-49.
|
59 |
Bentler, P. M., "Comparative Fit Indexes in Structural Models", Psychological Bulletin, Vol. 107, No. 2, 1990, pp. 238-246.
DOI
|
60 |
Blakley, B., McDermott, E., and Geer, D., "Information Security is Information Risk Management", Proceedings of the 2001 workshop on New security paradigms, ACM, 2001, pp. 97-104.
|
61 |
Boss, S., Kirsch, L., Angermeier, I., Shingler, R., and Boss, R., "If Someone Is Watching, I'll Do What I'm Asked : Mandatoriness, Control, and Information Security", European Journal of Information Systems, Vol. 18, No. 2, 2009, pp. 151-164.
DOI
|
62 |
Brancheau, J. C., Janz, B. D., and Wetherbe, J. C., Key Issues in Information Sstems Mnagement : 1994-1995 SIM Delphi Results", MIS Quarterly, Vol. 20, No. 2, 1996, pp. 225-242.
DOI
|
63 |
Vroom, C. and Solms, R. von, "Towards Information Security Behavioural Compliance", Computers and Security, Vol. 23, No. 3, 2004, pp. 191-198.
DOI
|
64 |
Tsohou, A., Karyda, M., Kokolakis, S., and Kiountouzis, E., "Analyzing Trajectories of Information Security Awareness", Information Technology and People, Vol. 25, No. 3, 2012, pp. 327-352.
DOI
|
65 |
Vance, A. and Siponen, M. T., "IS Security Policy Violations : A Rational Choice Perspective", Journal of Organizational and End User Computing (JOEUC), Vol. 24. No. 1, 2012, pp. 21-41.
DOI
|
66 |
Vance, A., Siponen, M., and Pahnila, S., "Motivating IS Security Compliance : Insights From Habit and Protection Motivation Theory", Information and Management, Vol. 49, No. 3, 2012, pp. 190-198.
DOI
|
67 |
Wenzel, M., "The Social Side of Sanctions : Personal and Social Norms as Moderators of Deterrence", Law and Human Behavior, Vol. 28, No. 5, 2004, p. 547.
DOI
|
68 |
Wong, W. I. and Hines, M., "Preferences for Pink and Blue : The Development of Color Preferences as a Distinct Gender-Typed Behavior in Toddlers", Archives of Sexual Behavior, 2015, pp. 1-12.
|
69 |
Workman, M., Bommer, W. H., and Straub, D., "Security Lapses and the Omission of Information Security Measures : A Threat Control Model and Empirical Test", Computers in Human Behavior, Vol. 24, 2008, pp. 2799-2816.
DOI
|
70 |
Yildirima, E. Y., Akalpa, G., Aytacb, S., and Bayramb, N., "Factors Influencing Information Security Management in Small- and Medium-sized Enterprises : A Case Study from Turkey", International Journal of Information Management, Vol. 31, 2011, pp. 360-365.
DOI
|
71 |
Zmud, B., "Editor's Comments", Management Information Systems Quarterly, Vol. 22, No. 3, 1998, p. 1.
DOI
|
72 |
Cavusoglu, H., Mishra, B., and Raghunathan, S., "A Model for Evaluating IT Security Investments", Communications of the ACM, Vol. 47, No. 7, 2004, pp. 87-92.
DOI
|
73 |
Brockman, B. K. and Morgan, R. M., "The Moderating Effect of Organizational Cohesiveness in Knowledge Use and New Product Development", Journal of the Academy of Marketing Science, Vol. 34, No. 3, 2006, pp. 295-307.
DOI
|
74 |
Browne, M. W. and Cudeck, R., "Alternative Ways of Assessing Model Fit", Sage Focus Editions, Vol. 154, 1993, pp. 136-136.
|
75 |
Bulgurcu, B., Cavusoglu, H., and Benbasat, I., "Information Security Policy Compliance : An Empirical Study of Rationality-based Beliefs and Information Security Awareness", MIS Quarterly, Vol. 34, No. 3, 2010, pp. 523-548.
DOI
|
76 |
Chan, M., Woon I., and Kankanhalli A., "Perceptions of Information Security at the Workplace : Linking Information Security Climate to Compliant Behavior", Journal of Information Privacy and Security, Vol. 1, No. 3, 2005, pp. 18-41.
DOI
|
77 |
Chang, A. J.-T. and Yeh, Q.-J., "On Security Preparations Against Possible IS Threats Across Industries", Information Management and Computer Security, Vol. 14, No. 4, 2006, pp. 343-360.
DOI
|
78 |
Cheng, L., Li, Y., Li, W., Holm, E., and Zhai, Q., "Understanding the Violation of IS Security Policy in Organizations : An Integrated Model Based on Social Control and Deterrence Theory", Computers and Security, Vol. 39, 2013, pp. 447-459.
DOI
|
79 |
CNSS, CNSSI-4014 Information Assurance Training Standard for Information Systems Security Officers, 2010.
|
80 |
Crossler, R. E., Johnston, A. C., Lowry, P. B., Hud, Q., Warkentin, M., and Baskerville, R., "Future Directions for Behavioral Information Security Research", Computers and Security, Vol. 32, 2013, pp. 90-101.
DOI
|
81 |
D'Arcy, J., Hovav, A., and Galletta, D., "User Awareness of Security Countermeasures and its Impact on Information Systems Misuse : a Deterrence Perspective", Information Systems Research, Vol. 20, No. 1, 2009, pp. 79-98.
DOI
|
82 |
Doherty, N. F., Anastasakis, L., and Fulford, H., "The Information Security Policy Unpacked : A Critical Study of the Content of University Policies", International Journal of Information Management, Vol. 29, No. 6, 2009, pp. 449-457.
DOI
|
83 |
Feng, T. and Zhao, G., "Top Management Support, Inter-organizational Relationships and External Involvement", Industrial Management and Data Systems, Vol. 114, No. 4, 2014, pp. 526-549.
DOI
|
84 |
Fornell, C. and Larcker, D. F., "Structural Equation Models with Unobservable Variables and Measurement Error : Algebra and Statistics", Journal of Marketing Research, No. 18, No. 3, 1981, pp. 382-388.
DOI
|
85 |
Furnell, S. and Thomson, K.-L., "From Culture to Disobedience : Recognising the Varying User Acceptance of IT Security", Computer Fraud and Security, No. 2, 2009, pp. 5-10.
|
86 |
George, D. and Mallery, P., SPSS for Windows Step by Step : A Simple Guide and Reference. 11.0 update (4th ed.), 2003, Boston : Allyn and Bacon.
|
87 |
Goel, S. and Chengalur-Smith, I. N., "Metrics for Characterizing the Form of Security Policies", The Journal of Strategic Information Systems, Vol. 19, No. 4, 2010, pp. 281-295.
DOI
|
88 |
Haeussinger, F. J. and Kranz, J. J., "Information Security Awareness : Its Antecedents and Mediating Effects on Security Compliant Behavior", International Conference on Information Systems, 2013, pp. 1-16.
|
89 |
Gundu, T. and Flowerday, S. V., "Ignorance to Awareness : Towards an Information Security Awareness Process", SAIEE Africa Research Journal, Vol. 104, No. 2, 2013, pp. 69-79.
|
90 |
Guo, K. H., "Security-related Behavior in Using Information Systems in the Workplace : A Review and Synthesis", Computers and Security, Vol. 32, 2013, pp. 242-251.
DOI
|
91 |
Hagen, J. M., Albrechtsen, E., and Hovden, J., "Implementation and Effectiveness of Organizational Information Security Measures", Information Management and Computer Security, Vol. 16, No. 4, 2008, pp. 377-397.
DOI
|
92 |
Hansch, N. and Benenson, Z., "Specifying IT Security Awareness", 25th International Workshop on Database and Expert Systems Applications, 2014, pp. 326-330.
|
93 |
Herath, T. and Rao, H. R., "Encouraging Information Security Behaviors in Organizations : Role of Penalties, Pressures and Perceived Effectiveness", Decision Support Systems, Vol. 47, No. 2, 2009, pp. 154-165.
DOI
|
94 |
Hovav, A. and D'Arcy, J., "Applying an Extended Model of Deterrence Across Cultures : An Investigation of information Systems Misuse in the U.S. and South Korea", Information and Management, Vol. 49, No. 2, 2012, pp. 99-110.
DOI
|
95 |
Hu, Q., Dinev, T., Hart, P., and Cooke, D., "Managing Employee Compliance with Information Security Policies : The Critical Role of Top Management and Organizational Culture", Decision Sciences, Vol. 43, No. 4, 2012, pp. 615-659.
DOI
|