1 |
미래포럼, "정보보호의 다음 단계는?", 전자신문, 2011.
|
2 |
중소기업청, "보안 컨설턴트용 실무가이드북", 중소기업기술정보진흥원, 2007.
|
3 |
한국인터넷진흥원, "2011년 정보보호 실태조사 : 기업편", 2012.
|
4 |
한국정보보호진흥원, "정보보호 관리체계 관리과정 가이드", 2004.
|
5 |
Anderson E. E. and C. Joobin, "Enterprise information security strategies", Computers and Security, Vol.27, No.1/2,(2008), pp.22-29.
DOI
ScienceOn
|
6 |
Barnea, A. and A, Rubin, "Corporate Social Responsibility as a Conflict Between Shareholders", Journal of Business Ethics, Vol. 97, No.1(2010), pp.71-86.
DOI
|
7 |
Baron, R. M. and D. A. Kenny, "The moderator variable distintion in social psychological research : Conceptual, strategic, and statistical considerations", Journal of Personality and Social Psychology, Vol.51(1986), pp.1173-1182.
DOI
|
8 |
Baskerville and R. M. Siponen, "An information security meta-policy for emergent organizations", Journal of Enterprise Information Management, Vol.15, No.5/6(2002), pp.337-346.
|
9 |
Bharadwaj, A. and M. Keil, "The Effect of Information Technology Failures on the Market Value of Firms : An Empirical Examination", The Journal of Strategic Information Systems, Vol.18, No.2(2001).
|
10 |
Boehmer, W., "Appraisal of the eectiveness and eciency of an Information Security Management System based on ISO 27001", Emerging Security Information, Systems and Technologies, SECURWARE, Second International Conference on, (2008), pp.224-231.
|
11 |
Bostrom, R. P. and J. S. Heinen, "MIS Problems and Failures : A Socio-Technical Perspective", MIS Quarterly, Vol.1, No.4(1977), pp.11-28.
|
12 |
Bowen, H., Social Responsibilities of the Businessman, New York, Haper and Row, 1953.
|
13 |
Caralli, R. A., "Managing for Enterprise Security", Carnegie Mellon Software Engineering Institute, 2004.
|
14 |
Caylor, J., M. E. Withman, P. Fendler, and D. Baker, "Rebuilding Human Firewall", ACM, InfoSecCD Proceedings of the 2nd annual conference on Information security curriculum development, (2005), p.1.
|
15 |
Clegg, C. W., "Sociotechnical Principles for Systems Design", Applied Ergonomics, Vol.31(2000), pp.463-477.
DOI
ScienceOn
|
16 |
CONsortium of CERT, "CONCERT SECURITY FORECAST 2012", 2012.
|
17 |
Cyert, R. M. and J. G. March, "A behavioral theory of organizational objectives", Modern Organization Theory, (1996), pp.138-148.
|
18 |
Dhillon, G. and J. Backhouse, "Current directions in IS security research : towards socio-organizational perspectives", Information Systems Journal, Vol.11, No.2(2001), pp.127-153.
DOI
ScienceOn
|
19 |
Deloitte, "Global Security Survey", 2008.
|
20 |
Department of the Army, "Information Security Program", Vol.1, No.5200.01(2012).
|
21 |
Dyne, L. V., J. W. Graham, and R. M. Dienesch, "Organizational Citizenship Behavior : Construct Redefinition, Measurement, and Validation", The Academy of Management Journal, Vol.37, No.4(1994), pp.765-802.
DOI
ScienceOn
|
22 |
Ettredge, M. and V. Richardson, "Assessing the Risk of in E‐commerce", System Sciences, HICSS. Proceedings of the 35th Annual Hawaii International Conference on, (2002), p.11.
|
23 |
Fred, C., "Managing network security-Part 5 : Risk management or risk analysis", Network Security, Vol.1997, No.4(1997), pp.15-19.
|
24 |
Gerber, M. and V. R. Solms, "From risk analysis to security requirements", Computers and Security, Vol.20, No.7(2001), pp. 577-584.
DOI
ScienceOn
|
25 |
Goel, S. and S. I. N. Chengalur, "Metrics for Characterizing the Form of Security Policies", Journal of Strategic Information Systems, Vol.19(2010), pp.281-295.
DOI
ScienceOn
|
26 |
Goh, R., The Importance of the Human Element, Doctorial Dissertation, 2003.
|
27 |
Gordon, L. A. and M. P. Loeb, "The economics of information security investment", ACM Transactions on Information and System Security, Vol.5, No.4(2002), pp.438-457.
DOI
|
28 |
Hagen, J. M. and E. Albrechtsen, "Implementation and effectiveness of organizational information security measures", Information Management and Computer Security, Vol. 16, No.4(2008).
|
29 |
IDC, "2007 Global Security Survey", 2008.
|
30 |
Hair, J. F., C. B. William, B. J. Babin, and R. E. Anderson, Multivariate Data Analysis (7th Edition), PEARSON, 2009.
|
31 |
Karyda, M., E. Kiountouzis, and S. Kokolakis, "Information systems security policies : acontextual perspective", Computers and Security, Vol.24, No.3(2005), pp.246-260.
DOI
ScienceOn
|
32 |
Kotulic, A. G. and J. G. Clark, "Why there aren't more information security research studies", Information and Management, Vol. 41, No.5(2004), pp.597-607.
DOI
ScienceOn
|
33 |
Land, F. F., Evaluation in a Socio-Technical Context, in Basskerville, R., Stage, J., and DeGross, J. I., Organizational and Social Perspectives on Information Technology, Boston, Kluwer Academic Publishers, (2000), pp.115-126.
|
34 |
Leavitt, H. J., Applied Organisational Change in industry : Structural, Technological and Humanistic Approaches, Carnegie Institute of Technology, Graduate School of Industrial Administration, 1965.
|
35 |
Maignan, I. and O. C. Ferrell, "Corporate Social Responsibility and Marketing : An Integrative Framework", Journal of the Academy of Marketing Science, Vol.32(2004), pp.3-19.
DOI
ScienceOn
|
36 |
Mattord, H. and M. Whitman, "Regulatory Compliance in Information Technology and Information Security", AMCIS Proceedings, (2007), p.357.
|
37 |
Michael, R., Grimaila, and L. W. Fortson, "Towards an Information Asset-Based Defensive Cyber Damage Assessment Process", Computational Intelligence in Security and Defense Applications, CISDA IEE, (2007), pp.203-212.
|
38 |
Mumford, E., "A socio-technical approach to systems design", Requirements Engineering, (2000), pp.59-77.
|
39 |
NIST, Information Security Handbook : A Guide for Managers, 2006.
|
40 |
Nosworthy, J. D., "Implementing information security in the 21 super(st) Century-do you have the balancing factors?", Computers and Security, Vol.19, No.4(2000), pp. 337-347.
DOI
ScienceOn
|
41 |
Nunnally. J. C., Psychometric Theory 2th Edition, Mcgraw Hill, NewYork, 1978.
|
42 |
Porter, M. E. and M. R. Kramer, "Creating Shared Value", Harvard Business Review, 2011.
|
43 |
Post, G. and A. Kagan, "Management tradeoffs in anti-virus strategies", Information and Management, Vol.37(2000), pp.13-24.
DOI
ScienceOn
|
44 |
Pugh, D. S. and D. J. Hickson, Writers on Organizations, Beverly Hills, Cal. : SAGE, 2007.
|
45 |
Shin, S. C. and H. J. Wen, "Building E-enterprise security : a business view", Information Systems Security, Vol.13, No.4(2003), pp.44-56.
|
46 |
Simon, H. A., "Rationality as Process and as Product of Thought", The American Economic Review, apers and Proceedings of the Ninetieth Annual Meeting of the American Economic Association, Vol.68, No.2 (1978), pp.1-16.
|
47 |
Solms, B., "Corporate Governance and Information Security", Computers and Security, Vol.20(2001), pp.215-218.
DOI
ScienceOn
|
48 |
Solms, B., "Information Security-The Fourth Wave?", Computers and Security, Vol.25 (2006), pp.165-168.
DOI
ScienceOn
|
49 |
Stoneburner, G., A. Goguen, and A. Feringa, "Risk Management Guide for Information Technology Systems", NIST special publication, 2002.
|
50 |
Trist, E., "The evolution of socio-technical systems", a conceptual framework and an action research program, Occasional paper, No.2(1981).
|
51 |
Yeh, Q. J. and A. J. T. Chang, "Threats and countermeasures for information system security : a cross-industry study", Information and Management, Vol.44, No.5(2007), pp.480-491.
DOI
ScienceOn
|