1 |
M. Simonsson, P. Johnson, and M. Ekstedt, "The effect of IT governance maturity on IT governance performance", Information Systems Management, Vol.27, pp.10-24, 2010.
DOI
|
2 |
NIST SP 800-39, "Managing Information Security Risk: Organization, Mission and Information System View", available at http://csrc.nist.gov/publications, 2011.
|
3 |
ISO/IEC TR 13335-2, "Information technology -Guidelines for the management of IT Security- Part 2 : Managing and planning IT Security", 1997.
|
4 |
J. H. Hall, S. Sarkani, and T. A. Mazzuchi, "Impacts of organizational capabilities in information security", Information Management & Computer Security", Vol.19, Issue.3, pp.155-176, 2011.
DOI
|
5 |
NIST SP 800-30, "Guide for Conducting Risk Assessment", available at http://csrc.nist.gov/publications/, 2012.
|
6 |
ENISA(European Network and Information Security Agency), "Regulation No 460/2004 of the european parliament and of the council", 2004.
|
7 |
OCTAVE, "Method Implementation Guide Version 2.0", Carnegie Mellon University, 2001.
|
8 |
J. Jenkins, "Organisational IT security theory and practices: and never the twain shall meet?", available at www.sans.org/rr/securitybasics/ITsec2.php, 2003.
|
9 |
R. Sommer, "How to buy information security", available at www.virtualcity.co.uk.hottobuy.htm, 2003.
|
10 |
R. Baskerville, "Designing Information System Security", Wiley, Chichester, 1998.
|
11 |
Suhazimah Dzazali and Ali Hussein Zolait, "Assessment of information security maturity: An exploration study of Malaysian public service organizations", Journal of Systems and Information Technology, Vol.14, Issue.1, pp.23-57, 2013.
|
12 |
ISO/IEC 27001-2005(E), "Information Technology-Security Techniques-Information Security Management Systems- Requirements", 2005.
|
13 |
B. Schneier, "Secret and Lies-Digital Security in a Networked World", Wiley Computer Publishing, New York, NY, 2002.
|
14 |
S. Berinato, "After the storm, reform", CIO Magazine, available at www.cio.com/archive/121503/securityfuture.html, 2003.
|
15 |
K. N. Bhaskar, "Computer Security: Threat and Countermeasures", NCC-Blackwell, Oxford, 1993.
|
16 |
M. B. Chrissis, M. Konrad, and S. Shrum, "CMMI- Guidelines for Process Integration and Product Improvement", United States : SEI, 2005.
|
17 |
IT Governance Institute (ITGI), "Cobit 4.1", Estados Unidos:ITGI, 2007.
|
18 |
Project Management Institute (PMI), "PMI Fact Sheet", USA: PMI, 2006.
|
19 |
Project Management Institute (PMI), "A guide to the project management body of knowledge (PMBOK Guide)", Upper Darby, PA, 2000.
|
20 |
K. K. Kim, H. K. Shin, S. S. Park, and B.S. Kim, "A Study on impact information assets protection accomplish affecting organizational performance", Information Management Research, Vol.40, No.3, pp.61-77, 2009.
DOI
|
21 |
G. H. Hong, "A Study on Impact on Information Security control and activities affecting information security performance", a doctoral thesis department of Kookmin University Graduate School, Information management department, 2003.
|
22 |
J. M. Hagen, E. Albrechtsen, and J. Hovden, "Implementation and effectiveness of organizational information security measures", Information Management & Computer Security, Vol.16, Issue.4, pp.377-397, 2008.
DOI
ScienceOn
|
23 |
S. Smith, G. Stephen, and W. Malampy, "A financial Management Approach for Selecting Optimal, Cost-Effective Safeguards Upgrades for Computer and Information Security Risk Management." Computer and Security, Vol.14, No.1, pp.28-29, 1995.
|
24 |
M. J. Baek and S. H. Shon, "A Study on information security awareness and behavior affecting information security effectiveness in smaller member organization", Small Business Research, Vol.33, No.2, pp.113-132, 2011.
|
25 |
Korea Financial Telecommunications & Clearings Institute, "The financial IT and information security trend prediction", Payment and information technology, No.55 pp.90-126, 2014.
|
26 |
Financial Supervisory Commission, "The financial institutions information technology security duties standard", 2012.
|
27 |
B. B. Yeol, "Structural equation model for understanding and use", Publishing Daegyeong, 2006.
|
28 |
X. Koufteros and G. Marcoulides, "Product development Practices and performance: A structural equation modelingbased multi-group analysis", International Journal of Production Economics, pp.286-307, 2006.
|
29 |
C. Fornell and D. Larcker, "Evaluating structural equation models with unobservable variables and measurement error", Journal of Marketing Research, pp.39-50, 1981.
|
30 |
Financial Supervisory Commission, "Electronic financial supervisory regulation", 2014.
|