Page 313 - 捷運技術 第28期
P. 313

28         92    2                       307




               21.Bonoma, T.V. (1985),   Case Research in Marketing: Opportunities, Problems, and a Process  ,
                 Journal of Marketing Research, Vol.22, May 1985, PP.199-208.
               22.BS7799-1 (1999), Information Security Management-Part 1: Code of Practice for Information
                 Security Management, BS 7799-1:1999, British Standards Institution (BSI), London.

               23.BS7799-1 (1999), Information Security Management-Part 2: Specification for Information Security
                 Management System, BS 7799-2: 1999, British Standards Institution (BSI), London.
               24.COBIT (1998), Governance, Control and Audit for Information and Related Technology, 3rd Ed.,
                 Control Objectives.

               25.David, C. & Rivett, B.H.P. (1978),   A Structural Mapping Approach to Complex Decision
                 Making   , Journal of Operational Society, Vol.29, No.2, PP.113-128.
               26.Drazin, R. & Van de Ven, A.H. (1985),   Alternative Forms of Fit in Contingency Theory  ,
                 Administrative Science Quarterly, 30, PP.514-539.

               27.Eloff, M.M. & Von Solms, S.H. (2000),   Information Security Management: An Approach to
                 Combine Process Certification and Product Evaluation  , Computers & Security, Vol.19, No.8,
                 PP.698-709.
               28.Flynn, N.L. (2001), The e Policy handbook: Designing and Implementing Effective E-Mail,
                 Internet, and Software Policies, American Management Association, New York, USA.

               29.Gollmann, D. (1999), Computer Security, John Wiley & Sons Ltd., 1999.

               30.Gupta, M., Chaturvedi, A.R., Mehta, S. & Valeri, L. (2001), The Experimental Analysis of
                 Information Security Management Issues for Online Financial Services.
               31.ISO/IEC 17799: (2000), Information technology-code of practice for information security manage-
                 ment, ISO.

               32.Kabay, M.E. (1996), The NCSA Guide to Enterprise Security, McGraw-Hill, 1996.
               33.Lee, S.M., Luthans, F. & Olson, D.L. (1982),   A Management Science Approach to Contingency
                 Models of Organizational Structure  , Academy of Management Journal, Vol. 25, No.3, PP.553-
                 566.

               34.Leonard-Barton, D. (1990),   Implementing Structured Software Method-Logies: A Case of
                 Innovation in Process Technology  , Interface, 17, May-June, 1990: 6-17.
               35.Luthans, F. (1976), Introduction to Management: A Contingency Approach, NY: McGraw-Hill,
                 1976.

               36.March, J.G., Sproull, L.S. & Tamuz, M. (1991),   Learning from Samples of One or Fewer
                 Organization Science, 2  1  PP.1-13.
               37.Moulton, R. (1991),    A Strategic Framework for Information Security Management        ,
                 Proceedings of the 14th Computer Security Conference, October 1991, Washington D.C.

               38.Pfleeger, C.P. (1996), Security in Computing, 2nd Ed., Prentice Hall PTR: NJ, USA.
   308   309   310   311   312   313   314   315   316   317   318