|
一、中文部分 王秋慶(2002)。員工的溝通滿足與組織氣候對其工作壓力、組織承諾與離職傾向的影響之研究 - 以嘉義縣市地政事務所為例。國立南華大學管理研究所碩士論文,未出版,嘉義縣。 任金剛(1996)。組織文化、組織氣候及員工效能:一項微觀探討。國立台灣大學商學研究所博士論文,未出版,台北市。 行政院國家資通安全會報(2010)。資通安全政策白皮書。取自: http://www.nicst.ey.gov.tw/ 行政院國家資通安全會報(2016)。國家資通訊安全發展方案。取自: http://www.nicst.ey.gov.tw/ 行政院資通安全辦公室(1999)。行政院及所屬各機關資訊安全管理規範。取自:http://www.nicst.ey.gov.tw/News_Content.aspx?n=626B7A2643794AB0&sms=C43ECA251722A365&s=BEC8EAEEB88E986E 吳萬益、林清河(2001)。企業研究方法。台北市:華泰書局。 李東峰(2003)。企業資訊安全控管決策之研究 - 從組織決策理論觀點探討。國立中央大學資訊管理學系,未出版,桃園縣。 林玫玫(1996)。領導風格對組織承諾之影響 - 以組織氣候及內外控為中介變項。國立中正大學企業管理研究所碩士論文,未出版,嘉義縣。 林營松(1993)。組織承諾及其影響因素對組織後果之研究 - 以楠梓加工出口區員工為例。國立中山大學企業管理研究所碩士論文,未出版,高雄市。 邱台生(2002)。組織氣候與工作投入關係之研究 - 以某醫學中心暨委託經營管理醫院為例。台北醫學院護理學研究所碩士論文,未出版,台北市。 邱皓政(2003)。量化研究與統計分析。台北市:五南圖書出版股份有限公司。 邱皓政(2006)。量化研究法:SPSS中文視窗版操作實務詳析,統計原理與分析技術。台北市:雙葉書廊。 洪祥洋(2000)。網路銀行風險管理。存款保險資訊季刊,第13卷,第3期。 張春興(1993)。現代心理學(二版)。台北市:東華。 張國銘(2004)。薪酬制度、組織氣候對工作績效影響之研究 - 以傳統紡織企業為例。國立中山大學人力資源管理研究所碩士論文,未出版,高雄市。 張瑞春(1998)。組織變革中組織氣候對工作投入、組織承諾及工作滿足影響之研究 - 以中國石油公司高雄營業處為例。國立中山大學人力資源管理研究所碩士論文,未出版,高雄市。
許士軍(1972)。有關黎、史二氏「組織氣候」尺度在我國企業機構之適用性之探討。政治大學學報,6:103-138。 許士軍(1984)。管理學。台北市:東華書局。 郭和杰(2012)。美國網路詐騙投訴案例連續三年超過30 萬件。取自: http://www.ithome.com.tw/itadm/article.php?c=73673 陳世賢、陳恆鈞(2001)。公共政策。台北市:高鼎文化出版社。 陳順宇(2005)。多變量分析。台北市:華泰文化事業股份有限公司。 陳靜怡(2002)。組織氣候認知、員工自我導向學習與工作投入之關係研究 - 以某國際快遞公司為例。國立中山大學人力資源管理研究所碩士論文,未出版,高雄市。 葉盈君(2012)。淺談計畫行為理論。國家教育研究院電子報,第51期。 曾兆堂(2001)。中小企業主管領導型態、組織氣候對員工創造力之研究。國立台北大學企業管理研究所碩士論文,未出版,新北市。 黃承聖(2000)。企業資訊安全的起點-資訊安全政策。網路通訊,第109期,100-103。 黃曬麗、李茂興合譯(1990)。組織行為:管理心理學理論與實務。台北市:揚智出版公司。 彭台光、高月慈、林鉦棽(2006)。管理研究中的共同方法變異:問題本質、影響、測試和補救。管理學報,23(1):77-98。 楊蓉昌(1989)。企業組織與管理。台北市:五南圖書出版公司。 楊樹昌(1994)。省市立醫院組織氣候員工工作滿意度及士氣之研究。國立台灣大學公共衛生研究所碩士論文,未出版,台北市。 資安人科技網編輯部(2012)。駭客入侵各國銀行帳戶至少已竊取7,500萬美元。資安人科技網。取自:https://www.informationsecurity.com.tw/ article/ article_detail.aspx?aid=6898 劉榮欽(2004)。領導行為、組織氣候及工作投入關係之研究 - 以某地區軍醫院為例。國立中山大學人力資源管理研究所碩士論文,未出版,高雄市。 潘文章(1996)。企業管理。台北市:三民書局。 蔡立旭(2000)。組織氣候、組織學習與自我效能之關係。大葉大學事業經營研究所碩士論文,未出版,彰化縣。 蔣景清(2002)。組織氣候、組織承諾與組織公民行為關係之研究-以C工廠為例。國立中山大學人力資源研究所碩士在職專班論文,未出版,高雄市。 謝安田(1991)。人事管理。台北市:曉園圖書。 欒志宏(2002)。How to develop InformationSecurity Policy講義。 二、英文部分 Allen, B. (1968). Danger Ahead! Safeguard Your Computer. Harvard Business Review 46(6), 97-101. Al-Shammari, M. M. (1992). Organization climate. Leadership and Organizational Development Journal, 13(6), 30-32. Ajzen, I. (1985). From intention to actions: A theory of planned behavior. In J. Kuhl & J. Beckman (Eds.), Action control: From cognition to behavior. Berlin; New York: Springer-Verlag. 11-39. Ajzen, I. (1989). Attitude structure and behavior. In A. R. Pratkanis, S. J. Breckler, & A. G. Greenwald (Eds.), Attitude structure and function . Hillsdale, N.J.: L. Erlbaum Associates. 241-274. BS 7799-1 (2000). Information Security Management - Part 1: Code of Practice for Information Security Management. British Standards Institution, London. BS 7799-2 (2002). Information Security Management - Part 2: Specification for Information Security Management. British Standards Institution, London. Carter, D. L. and A. J. Katz (1996). Computer Crime and Security: the Perceptions and Experiences of Corporate Security Directors. Security Journal, 7, 101-108. Chadha, N. K. (1989). School organizational climate and teacher job satisfaction, Social ScienceInternational. 5(1), 1-20. Chapman, D.B. and E.D. Zwichy (1995). Building Internet Firewall. California, CA:O’reilly & Associates. Churchill, J. G. A., Ford, N. M., & Walker, J. O. C. (1976). The psychological consequences of role conflict and ambiguity in the industrial sales force In K.L. Bernhardt (Ed.), Marketing (pp.1776-1976). Chicago: American Marketing Association. Davidson, M. C. G. (2003). Does organizational climate add to service quality in hotels? International Journal of Contemporary Hospitality Management. 15(4/5): 206-214. Davis, F. D., Bagozzi, R. P., & Warshaw, P. R. (1989). User acceptance of computer technology: A comparison of two theoretical models. Management Science, 35(8), 982-1003. Dessler, G. (1976). Organizational and Management: A contingency approach. Englewood Geiffs, N.Y., Prentice-Hall, 63-69. Fishbein, M., & Ajzen, I. (1975). Belief, attitude, intentions and behavior: an introduction to theory and research. Boston: Addison-Wesley. Flynn, N. L. (2001). The E-Policy Handbook: Designing and Implementing Effective E-Mail, Internet, and Software Policies. American Management Association, New York. Ford, R. C., and Richardson, W. D. (1994). Ethical Decision Making: A Review of the Empirical Literature. Journal of business ethics (13:3), 205-221. Fornell, C., and Larcker, D. F. (1981). Evaluating structural equation models withunobservable variables andmeasurement error. Journal of Marketing Research, 18(1), 39-50. Fung, A. R. W., K. J. Farn, and A. C. Lin (2003). Paper: a study on the certification of the information security management systems. Computer Standards and Interfaces, 25, 447-461. Gaunt, N. (1998). Installing an Appropriate Information Security Policy. International Journal of Medical Informatics (49:1), 131-134. Glendon, A. I., and Litherland, D. K. (2001). Safety Climate Factors, Group Differences and Safety Behavior in Road Construction. Safety Science (39:3), 157-188. Glendon, A. I., and Stanton, N. A. (2000). Perspectives on Safety Culture. Safety Science (34:13), 193-214. Gupta, Y. P. (1991). The Chief Executive Officer and the Chief Information Officer: The Strategic Partnership. Journal of Information Technology (6:3-4), 128-139. Hair, J. F., Jr., Anderson, R. E., Thatam, R. L,. and Black, W. C. (1998). Multivariate Data Analysis, 5th ed. Prentice-Hall International, Inc. Hair, J. F. Jr., Black, W. C., Babin, B. J. and Anderson, R. E. (2010). Multivariate Data Analysis (7th Ed.). Prentice-Hall, Upper Saddle River, NJ. Halpin, A. W., & Croft, D. B. (1973). The organizational climate of school. Washington D.C.: U.S. Office of Education. Harrington, S. J. (1996). The Effects of Codes of Ethics and Personal Denials ofResponsibility on Computer Abuse Judgments and Intentions. MIS Quarterly, 20(3), 257-278. Hoffer, J. A., & Straub, D.W.Jr. (1989). The 9 to 5 Underground: Are You Policing Computer Crimes?. Sloan Management Review, 35-43. Höne, K., and Eloff, J. H. P. (2002). Information Security Policy - What Do International Information Security Standards Say?. Computers & Security (21:5), 402-409. Höne, K. & Eloff, J.H.P. (2002a). Information Security Policy - What do International Information Security Standards Say? . Computers & Security (21:5), 402-409. Hong, K. S., Y. P. Chi, L. R. Chao, and J. H. Tang (2003). An integrated system theory of information security management. Information Management and Computer Security, 11(5), 243-248. Hong, K.S., Chi, Y.P., Chao, L.R., and Tang, J.H. (2006). An Empirical Study of Information Security Policy on Information Security Elevation in Taiwan. Information Management& Computer Security (14:2), 104-115. Horrocks, I. (2001). Security Training: Education for an Emerging Profession? Computers &Security (20:3), 219-226. Hu, L. T. and Bentler, P. M. (1999). Cutoff criteria for fit indexes in covariance structure analysis: Conventional criteria versus new alternatives. Structural Equation Modeling: A Multidisciplinary Journal, 6(1), 1-55. ISO/IEC 17799 (2000). Information technology - Code of practice for information security management. First edition 2000/12/01. ISO/IEC 27001 (2005). International Organization for Standardization. Switzerland. Karyda, M., Kiountouzis, E., and Kokolakis, S. (2005). Information Systems Security Policies: A Contextual Perspective. Computers & Security (24:3), 246-260. Knapp, K. J. (2005). A Model of Managerial Effectiveness in Information Security: From Grounded Theory to Empirical Test. Doctoral Dissertation, Auburn University. Knapp, K. J., Marshall, T. E., Rainer, R. K., and Ford, F. N. (2006). Information Security: Management's Effect on Culture and Policy. Information Management & Computer Security (14:1), 24-36. Lee, J., & Lee, Y. (2002). A holistic model of computer abuse within organizations. Information Management & Computer Security, 10(2), 57-63. Lewin, K. (1951). Field theory in social science. New York: Harper and Bros. Co. Litwin, G. H., & Stringer, R. A. (1968). Motivation and organization climate. Boston: Harvard University Press.Word-of-mouth: The Adoption of Online Opinions in Online Customer Communities. Internet Research, 18(3), 229-247. Loe, T. W., Ferrell, L., and Mansfield, P. (2000). A Review of Empirical Studies Assessing Ethical Decision Making in Business. Journal of business ethics (25:3), 185-204. Masterson, S. S., & Stamper, C. L. (2003). Perceived organizational membership: An aggregate framework representing the employee organization relationship. Journal of Organizational Behavior, 24(5), 473-490. McDonald, R. P. and Ho, M. R. (2002). Principles and practice in reporting structural equation analysis. Psychological Methods, 7(1), 64-82. McMillan, D. W., & Chavis, D. M. (1986). Sense of community-A definition and a theory. Journal of Community Psychology, 14:6-23. Neter, J., Kutner, M.H., Nachtsheim, C.J. and Wasserman, W. (1996). Applied Linear Statistical Models. 4th Edition, WCB McGraw-Hill, New York. Neumann, P. G. (1995). Computer Related Risks. New York: ACM Press. Palvia, P. C. (1996). A model and instrument for measuring small business user satisfaction with information technology. Information & Management, 31, 151-163. Pfleeger C. P. (1996). Security in Computing, 2nd Eds. New Jersey: Prentice Hall PTR. Rees, J. Bandyopadhyay, S., and Spafford, E. H. (2003). PFIRES: A Policy Framework for Information Security. Communications of the ACM (46:7), 101-106. Robbins, S. P. (2001). Management (9th ed.). Englewood Cliffs, NJ:Prentice-Hall. Robinson, J. P., & Shaver, P. R. (1973). Measures of Social Psychological Attitudes (Rev. ed.). Ann Arbor, MI: Institute for Social Research. Simson, G. and Gene, S. (1991). Practical UNIX Security. O’Reilly & Associates, California. Siponen, M. T. (2000). A Conceptual Foundation for Organizational Information Security Awareness. Information Management & Computer Security (8:1), 31-41. Starling, G. (1998). Strategies for Policy Marking. Homewood. IL: The Dorsey Press. Straub, D. W. (1990). Effective IS Security: An Empirical Study. Information Systems Research(1:3) , 255-276. Thomson, K. L., and Von Solms, R. (2005). Information Security Obedience: A Definition. Computer & Security (24:1), 69-75. Tudor, J. K. (2001). Information Security Architecture: An Integrated Approach to Security in the Organization. CRC Press, Boca Raton. Wood, C. C. (1995). Writing InfoSec Policies. Computers & Security (14:8), 667-674. |