Developing key Performance Indicators for Financial IT Security
|
|
Jang, Sung Ok
(CIST(Center for Information Security and Technologies), Korea University)
Lim, Jong In (CIST(Center for Information Security and Technologies), Korea University) |
| 1 | Von Solms, S. H., "Information security governance-compliance management vs operational management," Computers and Security, Vol. 24, No. 6, pp. 443-447, 2005. DOI ScienceOn |
| 2 | Kaplan, R. and Norton D., "Using the balanced scorecard as a strategic management system," Harvard Business Review, Jan-Feb, 1996. |
| 3 | KISA(Korea Internet and Security Agency), 2013 National Information Security White Paper, 2013. |
| 4 | NIST, Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP800-53 Rev. 4, Aprl 2013. |
| 5 | Park, S. H., Research on the impact on the outcome of the software project : Change management and improvement of processes, Korea University of Foreign Studies, Graduate School of Management Information Systems, Master Thesis, 2004. |
| 6 | Posthumus, S. and Von Solms, R., "A framework for the governance of information security," Computers and Security, Vol. 23, No. 8, pp. 638-646, Dec 2004. DOI ScienceOn |
| 7 | Steven, D. H. and Grembergen, W. V., "An Exploratory Study into IT Governance Implementations and its Impact on Business/IT Alignment," Information Systems Management, Vol. 26, No. 2, pp. 123-137, 2009. |
| 8 | Tayler, B., "The Balanced Scorecard As A Strategy-Evaluation Tool:The Effects of Responsibility and CausalChain Focus," Working Paper, Cornell University, 2009. |
| 9 | The Bank of Korea, "The usage of Internet banking services in Korea," 2013. |
| 10 | Wikipedia, "factor analysis," 2013, http:// en.wikipedia.org/wiki/Factor_analysis. |
| 11 | Kim, A. C., Lee, S. M., and Lee, D. H., "Compliance Risk Assessment Measures of Financial Information Security using System Dynamics," International Journal of Security and Its Applications(IJSIA), Vol. 6, No. 4, pp. 191-200, 2012. |
| 12 | Niven, P. R., Balanced scorecard stepby- step: maximizing performance and maintaining results, John Wiley and Sons, Hoboken, NJ. 2002. |
| 13 | Kaplan, R. and Norton, D., "The strategy focused organization," Harvard Business Press, 2001. |
| 14 | Kaplan, R. and Norton, P., "Transforming the Balanced Scorecard from Performance Measurement to Strategic Management: Part I," Accounting Horizons, Vol. 15, No. 1, pp. 87-104, 2001. DOI ScienceOn |
| 15 | Kim, H. J. and Ahn, J. H., "An Empirical Study of Employee's Deviant Behavior for Improving Efficiency of Information Security Governance," The Journal of Society for e-Business Studies, Vol. 18, No. 1, pp. 147-164, 2013. |
| 16 | Kraut, R. E. and Streeter, L. A., "Coordination in software development," Communications of the ACM, Vol. 38, No. 3, pp. 69-81, 1995. |
| 17 | Lee, H. M. and Lim, J. I., "A Study on the Development of Corporate Information Security Level Assessment Models," Journal of the Korea Institute of Information Security and Cryptology, Vol. 18, No. 5, pp. 161-170. 2008. 과학기술학회마을 |
| 18 | Martin, C. and Refai, M., "A Policy- Based Metrics Framework for Information Security Performance Measurement," 2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management, Munich, pp. 94-101, May, 2007. |
| 19 | Lee, U. K., Kim, K. K., Ryoo, S. Y., and Yoo, Y. S., "An Evaluation Method for R&D Projects in Telecommunication and Broadcasting," The Journal of Society for e-Business Studies, Vol. 17, No. 2, pp. 165-187, 2012. DOI ScienceOn |
| 20 | Maconachy, W. V., Schou, C. D., Ragsdale, D., and Welch, D., "A model for information assurance:An integrated approach," Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, pp. 301-310, 2001. |
| 21 | NIST, Performance Measurement Guide for Information Security, NIST SP800- 55 Rev.1, Jul 2008. |
| 22 | Barua, A., Kriebel, C. H., and Mukhopadhyay, T., "Information Technology and Business Value: An Analytic and Empirical Investigation," Information Systems Research, Vol. 6, No. 1, pp. 3-23, 1995. DOI |
| 23 | Financial Services Commission, "Comprehensive Security Countermeasures for Financial IT Security," 2013. |
| 24 | Grembergen, W. V. and Steven, D. H., "Measuring and Improving IT Governance Through the Balanced Scorecard," Information Systems Control Journal, Vol. 2, No. 1, pp. 35-49, 2005. |
| 25 | Gurbaxani, V. and Lee, S. A., "Integrating Positivist and Interpretive Approaches to Organizational Research," Organization Science, Vol. 2, No. 4, pp. 342-365, 1991. DOI ScienceOn |
| 26 | ISO/IEC 27014, ITU-T Recommendation X.1054 and ISO/IEC 27014:2013 Information technology - Security techniques - Governance of information security, http://www.iso27001security.com/ html/27014.html. |
| 27 | Haley, T. J., "Software process improvement at Raytheon," IEEE Software, Vol. 13, No. 6, pp. 33-41, 1996. |
| 28 | Humphreys, E., "Information security management standards:Compliance, governance and risk management," Information Security Technical Report, Vol. 13, No. 4, pp. 247-255, 2008. DOI ScienceOn |
| 29 | ISACA, COBIT 5:A Business Framework for the Governance and Management of Enterprise IT, 2013, http:// www.isaca.org/COBIT/Pages/default.aspx. |
| 30 | Jang, I. J. and Yoo, H. S., "Dynamic Sensitivity Level Measurement for Privacy Protection," The Journal of Society for e-Business Studies, Vol. 17, No. 1, pp. 137-150, 2012. |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
