請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/36173
完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.advisor | 許瑋元(Wei-Yuan Hsu) | |
dc.contributor.author | Shih-Chi Pan | en |
dc.contributor.author | 潘似琪 | zh_TW |
dc.date.accessioned | 2021-06-13T07:52:59Z | - |
dc.date.available | 2011-07-27 | |
dc.date.copyright | 2011-07-27 | |
dc.date.issued | 2011 | |
dc.date.submitted | 2011-07-21 | |
dc.identifier.citation | Adams, R. and D. Ferreira (2007). 'A theory of friendly boards.' The Journal of Finance 62(1): 217-250.
Aldrich, H. E. and J. Pfeffer (1976). 'Environments of organizations.' Annual review of sociology 2: 79-105. Ashbaugh-Skaife, H., D. W. Collins, et al. (2007). 'The discovery and reporting of internal control deficiencies prior to SOX-mandated audits.' Journal of Accounting and Economics 44(1-2): 166-192. Badenhorst, K. and J. Eloff (1989). 'Framework of a methodology for the life cycle of computer security in an organization.' Computers & Security 8(5): 433-442. Bandyopadhyay, K., P. Mykytyn, et al. (1999). 'A framework for integrated risk management in information technology.' Management Decision 37(5): 437-445. Barney, J. (1991). 'Firm resources and sustained competitive advantage.' Journal of management 17(1): 99. Baskerville, R. and J. Stage (1996). 'Controlling prototype development through risk analysis.' Mis Quarterly 20(4): 481-504. Bathala, C. and R. Rao (1995). 'The determinants of board composition: An agency theory perspective.' Managerial and Decision Economics 16(1): 59-69. Baysinger, B. and R. E. Hoskisson (1990). 'The composition of boards of directors and strategic control: Effects on corporate strategy.' The Academy of Management Review 15(1): 72-87. Beasley, M. (1996). 'An empirical analysis of the relation between the board of director composition and financial statement fraud.' Accounting Review 71(4): 443-465. Becker, G. S. (1993). Human capital, The University of Chicago Press. Bhagat, S. and B. Black (2001). 'Non-Correlation between Board Independence and Long-Term Firm Performance, The.' J. CorP. l. 27: 231. Boyd, B. (1990). 'Corporate linkages and organizational environment: A test of the resource dependence model.' Strategic Management Journal 11(6): 419-430. Carr, N. (2004). 'IT doesn't matter.' IEEE Engineering Management Review 32(1): 24-32. Cavusoglu, H., B. Mishra, et al. (2004). 'A model for evaluating IT security investments.' Communications of the ACM 47(7): 87-92. Cavusoglu, H., B. Mishra, et al. (2005). 'The value of intrusion detection systems in information technology security architecture.' Information Systems Research 16(1): 28-46. Chaganti, R. S., V. Mahajan, et al. (1985). 'CORPORATE BOARD SIZE, COMPOSITION AND CORPORATE FAILURES IN RETAILING INDUSTRY [1].' Journal of Management Studies 22(4): 400-417. Cheswick, W. R., S. M. Bellovin, et al. (2003). Firewalls and Internet security: repelling the wily hacker, Addison-Wesley Longman Publishing Co., Inc. Boston, MA, USA. Ciborra, C. (2006). 'Imbrication of Representations: Risk and Digital Technologies*.' Journal of Management Studies 43(6): 1339-1356. Coase, R. H. (1937). 'The nature of the firm.' Economica 4(16): 386-405. D'Arcy, J., A. Hovav, et al. (2009). 'User awareness of security countermeasures and its impact on information systems misuse: a deterrence approach.' Information Systems Research 20(1): 79-98. Daily, C., D. Dalton, et al. (2003). 'Corporate governance: Decades of dialogue and data.' The Academy of Management Review 28(3): 371-382. Dalton, D., C. Daily, et al. (1999). 'Number of directors and financial performance: A meta-analysis.' Academy of Management journal 42(6): 674-686. Davis, J., F. Schoorman, et al. (1997). 'Toward a stewardship theory of management.' Academy of Management review 22(1): 20-47. Dhillon, G. and J. Backhouse (2000). 'Technical opinion: Information system security management in the new millennium.' Communications of the ACM 43(7): 125-128. Eisenhardt, K. (1989). 'Agency theory: An assessment and review.' Academy of Management review 14(1): 57-74. Farber, D. 'Restoring trust after fraud: does corporate governance matter?'. Fernandes, N. (2008). 'EC: Board compensation and firm performance: The role of.' Journal of Multinational Financial Management 18(1): 30-44. Gales, L. M. and I. F. Kesner (1994). 'An analysis of board of director size and composition in bankrupt organizations.' Journal of Business Research 30(3): 271-282. Goodhue, D. and D. Straub (1991). 'Security concerns of system users* 1:: A study of perceptions of the adequacy of security.' Information & Management 20(1): 13-27. Gordon, L. and M. Loeb (2002). 'The economics of information security investment.' ACM Transactions on Information and System Security (TISSEC) 5(4): 438-457. Gordon, L., M. Loeb, et al. (2006). '2006 csi/fbi computer crime and security survey.' Computer Security Journal 22(3): 1. Hamel, G. and C. Prahalad (1996). Competing for the Future, Harvard Business Press. Hillman, A. and T. Dalziel (2003). 'Boards of directors and firm performance: Integrating agency and resource dependence perspectives.' The Academy of Management Review 28(3): 383-396. Hoffer, J. and D. Straub (1989). 'The 9 to 5 underground: Are you policing computer crimes.' Sloan Management Review 30(4): 35-43. Hoffer, J. A. and D. W. Straub (1989). 'The 9 to 5 underground: are you policing computer crimes?' Sloan Management Review 30(4): 35-43. Holmstrom, B. R. and S. N. Kaplan (2001). Corporate Governance and Merger Activity in the US: Making Sense of the 1980s and 1990s, National Bureau of Economic Research Cambridge, Mass., USA. Hsu, C. (2009). 'Frame misalignment: interpreting the implementation of information systems security certification in an organization.' European Journal of Information Systems 18(2): 140-150. Hu, Q., P. Hart, et al. (2006). The role of external influences on organizational information security practices: an institutional perspective, IEEE. Jensen, M. (2010). 'The modern industrial revolution, exit, and the failure of internal control systems.' Journal of Applied Corporate Finance 22(1): 43-58. Jensen, M. and W. Meckling (1976). 'Theory of the firm: Managerial behavior, agency costs and ownership structure.' Journal of financial economics 3(4): 305-360. Jensen, M. C. and W. H. Meckling (1976). 'Theory of the firm: Managerial behavior, agency costs and ownership structure.' Journal of financial economics 3(4): 305-360. Johnson, R., R. Hoskisson, et al. (1993). 'Board of director involvement in restructuring: The effects of board versus managerial controls and characteristics.' Strategic Management Journal 14(S1): 33-50. Kankanhalli, A., H. Teo, et al. (2003). 'An integrative study of information systems security effectiveness.' International Journal of Information Management 23(2): 139-154. Kent, S. and R. Atkinson (1998). Security architecture for the internet protocol, RFC 2401, november. Kosnik, R. D. (1987). 'Greenmail: A study of board performance in corporate governance.' Administrative Science Quarterly 32(2): 163-185. Kumar, P. and K. Sivaramakrishnan (2008). 'Who monitors the monitor? The effect of board independence on executive compensation and firm value.' Review of Financial Studies 21(3): 1371. Liu, S. and M. Silverman (2001). 'A practical guide to biometric security technology.' IT Professional 3(1): 27-32. Masulis, R. W., C. Wang, et al. (2007). 'Corporate governance and acquirer returns.' The Journal of Finance 62(4): 1851-1889. Nahapiet, J. and S. Ghoshal (1998). 'Social capital, intellectual capital, and the organizational advantage.' The Academy of Management Review 23(2): 242-266. Pfeffer, J. (1985). A resource dependence perspective on intercorporate relations, Graduate School of Business, Stanford University. Pfeffer, J. and G. R. Salancik (1978). 'The external control of organizations.' New York 263. Raheja, C. (2005). 'Determinants of board size and composition: A theory of corporate boards.' Journal of Financial and Quantitative Analysis 40(02): 283-306. Raheja, C. G. (2005). 'Determinants of board size and composition: A theory of corporate boards.' Journal of Financial and Quantitative Analysis 40(02): 283-306. Richardson, R. and C. Director (2007). 'CSI computer crime and security survey.' Computer Security Institute: 2008-2008. Ryan, H. E. (2004). 'Who is in whose pocket? Director compensation, board independence, and barriers to effective monitoring* 1.' Journal of financial economics 73(3): 497-524. Sasse, M. A., S. Brostoff, et al. (2001). 'Transforming the !¥weakest link!|!Xa human/computer interaction approach to usable and effective security.' BT technology journal 19(3): 122-131. Sharpe, R. (2000). 'As leaders, women rule.' Business week: 104. Shleifer, A. and R. Vishny (1997). 'A survey of corporate governance.' Journal of finance 52(2): 737-783. Shleifer, A. and R. W. Vishny (1996). A survey of corporate governance, National Bureau of Economic Research Cambridge, Mass., USA. Siponen, M. (2000). 'A conceptual foundation for organizational information security awareness.' Information Management & Computer Security 8(1): 31-41. Siponen, M. T. (2000). 'A conceptual foundation for organizational information security awareness.' Information Management & Computer Security 8(1): 31-41. Stanton, J., K. Stam, et al. (2005). 'Analysis of end user security behaviors.' Computers & Security 24(2): 124-133. Stanton, J. M., K. R. Stam, et al. (2005). 'Analysis of end user security behaviors.' Computers & Security 24(2): 124-133. Straub, D. and W. Straub (1990). 'Effective IS security.' Information Systems Research 1(3): 255-276. Straub, D. and R. Welke (1998). 'Coping with systems risk: security planning models for management decision making.' Mis Quarterly 22(4): 441-469. Straub, D. W. and W. Straub (1990). 'Effective IS security.' Information Systems Research 1(3): 255-276. Venter, H. and J. H. P. Eloff (2003). 'A taxonomy for information security technologies.' Computers & Security 22(4): 299-307. Wang, T. and C. Hsu (2010). 'The Impact of Board Structure on Information Security Breaches.' PACIS 2010 Proceedings: 165. Wernerfelt, B. (1984). 'A Resource-based View of the Fiirm.' Strategic Management Journal 5: 171-180. Westphal, J. and J. Fredrickson (2001). 'Who directs strategic change? Director experience, the selection of new CEOs, and change in corporate strategy.' Strategic Management Journal 22(12): 1113-1137. Wiander, T. (2008). Implementing the ISO/IEC 17799 standard in practice: experiences on audit phases, Australian Computer Society, Inc. Williamson, O. (1984). 'Corporate governance.' Yale Law Journal 93(7): 1197-1230. Yermack, D. (1996). 'Higher market valuation of companies with a small board of directors.' Journal of financial economics 40(2): 185-211. 洪國興, 季延平, et al. (2003). '資訊安全評估準則層級結構之研究.' Journal of Library and Information Science 29(2): 22-44. | |
dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/36173 | - |
dc.description.abstract | 本研究主要目的係探討台灣上市櫃公司之資安事件管理成效性與企業董事會架構組成之關聯性。透過代理理論與資源依賴理論之討論,以手動方式搜尋網站資源以取得資安事件相關資料樣本,並結合從台灣經濟新報資料庫(TEJ)中之公司資料庫取得董事會結構之資料,探討企業董事會組成結構,如董事席次、獨立董事比例、董事之薪酬以及董事持股比例是否能影響資安事件發生與否以及事件次數。結果顯示,董事席次越高,則資安管理成效性越低;而獨立董事佔董事席次比例越高之企業,其資安管理成效性越低。以本研究結果推論,企業應根據自身需求及環境調整董事會組成,將董事席次與獨立董事比例納入考量因素,尤以獨立董事為外部人士,對於企業營運之熟悉度不高,易造成監督與決策上的困難,而不易發揮董事於資安管理之監督性及提供資源之貢獻,故企業於董事選任上應審慎考慮獨立董事之比例,以期提高企業資安管理之成效性。 | zh_TW |
dc.description.abstract | This thesis focuses on the association between the effectiveness of information security management and the board structure. We build our hypotheses on the agency theory and the resource dependence theory. After searching the samples of information security breaches manually in Information Security and UDN website and combining them with the data of board structure from Company DB of Taiwan Economic Journal, we investigate the how the composition of the board such as size of board, percentage of independent directors, compensation of board directors and percentage of stocks which is owned by board directors could affect the occurrence of information security breaches. Our result demonstrates that as the size of board and the percentage of independent directors increases, the effectiveness of information security management decreases. Our finding suggests that firm should consider the size of board and the percentage of independent board directors when hiring directors and supervisors. The firm needs to have a balanced composition of independent and inside directors in order to achieve a better effectiveness of information security management. | en |
dc.description.provenance | Made available in DSpace on 2021-06-13T07:52:59Z (GMT). No. of bitstreams: 1 ntu-100-R98725015-1.pdf: 1078104 bytes, checksum: 89a2bda10726bf2b9d7dede5d6dff857 (MD5) Previous issue date: 2011 | en |
dc.description.tableofcontents | 謝辭 iii
摘要 v Abstract vi 表目錄 viii 圖目錄 ix 第一章、導論 1 第一節、 研究背景與動機 1 第二節、 研究目的 7 第二章、文獻探討 8 第一節、 資訊安全管理觀點之探討 8 第二節、 公司治理觀點之探討 12 第三章、研究架構 17 第一節、 代理理論(Agency Theory) 17 第二節、 資源依賴理論(Resource Dependence Theory) 20 第三節、 研究假說 22 第四章、研究設計 29 第一節、 研究資料 29 第二節、 變數定義 33 (一) 應變數 33 (二) 研究變數 33 (三) 控制變數 34 (四) 敘述統計 35 第三節、 研究方法 37 第五章、實證結果與分析 40 第一節、 各模型之實證結果 40 (一) 模型一:探討資安事件發生之可能性與董事會架構之關聯性 40 (二) 模型二:探討依當年度資安事件發生次數分組後,資安事件發生次數之組別與董事會架構之關聯性 44 (三) 模型三:資安事件次數與董事會架構之關聯性 48 (四) 模型四:歷年資安事件發生次數與董事會架構之關聯性 51 第二節、 整體結果討論與分析 54 第六章、結論與建議 57 第一節、 研究結果及貢獻 57 第二節、 研究限制與建議 58 參考文獻 60 | |
dc.language.iso | zh-TW | |
dc.title | 資訊安全管理有效性與董事會架構關聯性探討 -以台灣上市櫃公司為例 | zh_TW |
dc.title | The Effective of Information Security Management and the Composition of the Board - Base on Firms of Taiwan | en |
dc.type | Thesis | |
dc.date.schoolyear | 99-2 | |
dc.description.degree | 碩士 | |
dc.contributor.oralexamcommittee | 王大維(Ta-Wei Wang),張欣綠(Hsin-Lu Chang) | |
dc.subject.keyword | 資訊安全管理,公司治理,董事會組成,代理理論,資源依賴理論, | zh_TW |
dc.subject.keyword | information security management,corporate governance,composition of boards of directors,agency theory,resource dependence theory, | en |
dc.relation.page | 66 | |
dc.rights.note | 有償授權 | |
dc.date.accepted | 2011-07-21 | |
dc.contributor.author-college | 管理學院 | zh_TW |
dc.contributor.author-dept | 資訊管理學研究所 | zh_TW |
顯示於系所單位: | 資訊管理學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-100-1.pdf 目前未授權公開取用 | 1.05 MB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。