| 期刊論文1. | 姚嘉文、林明洲、林旺賜(20050700)。企業營運持續管理規劃實務。工業安全科技,55,23-28。 延伸查詢 | 2. | Abarbanell, J.、Bushee, B.(1997)。Finance Analysis Futhre Earnings and Stock Prices。Journal of accounting research,1-24。 | 3. | Andrea, L.、Paul, A.(1994)。A Using factor analysis to identify industrial targets。Economic Development Review Park Ridge,12(2),74-78。 | 4. | Cui, C. C.、Lewis, B. R.、Won P.(2003)。Service quality measurement in the banking sector in south Korea。The International Journal of Bank Marketing,21(4/5),191-202。 | 5. | Dellecave, T. Jr.(1996)。Insecurity: is technology putting your company's primary asset-- it is information-- at risk?。Sales and marketing management,148(4),39-50。 | 6. | Halliday, S.(1996)。A business approach to effective information technology risk analysis and management。Information management and computer security,4,27-28。 | 7. | Khoshgoftaar, T. M.、Munson, J. C.(1990)。Predicting software development errors using software complexity metrics。IEEE J. SeL Areas Commun,253-261。 | 8. | Litteiman, R.、Scheinkman, J.(1991)。Common factors affecting bonk returns。Journal of fixed income,54-61。 | 9. | Singh, M. k.(1996)。Value at risk using principal component analysis。Journal of portfolio management,24(1),101-110。 | 10. | Khoshgoflaar, Taghi M.(1995)。Exploring the behavior of neural network software quality models。Software engineering journal,89-96。 | 11. | Gerber, M.、Von Solms, R.(2001)。From risk analysis to security requirements。Computer and security,20(7),557-584。 | 12. | Ward, S. C.(1998)。Assessing and managing important risks。International journal。 | 13. | Willner, R.(1996)。A new tool for portfolio managers: level, slope, and curvature duration。The journal of fixed income,6(1),48-59。 | 14. | Griffin, C. W.(1973)。Fault tree as a safety optimization design tool。IEEE transactions on electron devices,64-83。 | 15. | Pearson, K.(1901)。On lines and planes of closest fit to systems of points in spaces。Philosoghical Magazine,2,559-572。 | 16. | Hotelling, H.(1933)。Analysis of a Complex of Statistical Variables Into Principal Components。Journal of Educational Psychology,24(7),498-520。 | 17. | Carroll, J. M.(1983)。Decision support for risk analysis。Computers and Security,2(3),230-236。 | 18. | Frawley, W.、Piatetsky-Shapito, C.、Matheus, C.(1992)。Knowledge discovery in database: an overview。AI Magazine,13(3),57-70。 | 19. | Golub, B. W.、Tilman, L. M.(1997)。Measuring Yield Curve Risk Using Principal Components Analysis, Value at Risk, and Key Rate Durations。Journal of Portfolio Management,23(4),72-84。 | 20. | Von Solms, R.、Van der Haar, H.、Von Solms, S. H.、Caelli, W. J.(1994)。A Framework for Information Security Evaluation。Information and Management,26(3),143-153。 | 21. | Kruchten, P. B.(1995)。The 4+1 view model of architecture。IEEE Software,12(6),42-50。 | 22. | 洪祥洋(20000300)。網路銀行風險管理。存款保險資訊季刊,13(3),125-144。 延伸查詢 | 23. | Kaiser, H. F.(1958)。The varimax criterion for analytic rotation in factor analysis。Psychometrika,23(3),187-200。 | 24. | Cronbach, Lee J.(1951)。Coefficient alpha and the internal structure of tests。Psychometrika,16(3),297-334。 | 25. | Cattell, Raymond B.(1966)。The scree test for the number of factors。Multivariate Behavioral Research,1(2),245-276。 | 26. | Lee, W. S.、Grosh, D. L.、Tillman, F. A.、Lie, C. H.(1985)。Fault Tree Analysis, Methods, and Applications- A Review。IEEE Transactions on Reliability,34(3),194-203。 | 27. | Lichtenstein, S.(1996)。Factors in the Selection of a Risk Assessment Method。Information Management & Computer Security,4(4),20-25。 | 28. | Schultz, E. E.、Proctor, R. W.、Lien, M. C.(2001)。Usability and Security: An Appraisal of Usability Issues in Information Security Methods。Computers and Security,20(7),620-634。 | 29. | Wright, M.(1999)。Third Generation Risk Management Practices。Computer Fraud and Security,2,9-12。 | 會議論文1. | 李東峰、林子銘(2001)。風險評估觀點的資訊安全規劃架構。台灣大學資訊管理學系第12屆國際資訊管理學術研討會。 延伸查詢 | 2. | Guan, B. C.(2003)。Evaluation of information security related risks of an organization- The application of multi-criteria decision-making method。IEEE 37th International Carnahan Conference on Security Technology (ICCST)。 | 3. | Lo, C. C.、Wang, P.(2004)。Using Fuzzy Distance to Evaluate the Consensus of Group Decision-Making-An Entropy-based Approach。IEEE International Conference on Fuzzy Systems and International Joint Conference on Neural Networks。 | 4. | Munson, John C.、Khoshgoftaar, Taghi M.(1989)。The dimensionality of program complexity。11th int. Conf. on Software Engineering, Pittsburgh, Pennsyivania,245-253。 | 5. | Winther, Rune、Johnsen, Ole-Amt、Gran, Bjn Axel(2001)。Security Assessment of Safety Critical System Using HAZOP。The 20TH International Conference on Computer Safety, Reliability and Security, Lecture Notes In Computer Science。 | 6. | Agrawal, R.、Srikant, R.(1994)。Fast Algorithm for Mining Association Rule in Large Databases。The 20th International Conference on Very Large Data Bases,487-499。 | 研究報告1. | 國家資通安全會報技術服務中心(2001)。政府機關資訊安全問卷調查報告。 延伸查詢 | 2. | Shih, V.、Zhang, Q.、Liu, M.(2005)。Comparing the performance of Chinese banks: a principal component approach。Northwestern University。 | 學位論文1. | 彭仁賓(2005)。無線區域網路安全稽核模式之研究(碩士論文)。長庚大學。 延伸查詢 | 2. | 劉智敏(2004)。運用BS7799建構資訊安全風險管理指標(碩士論文)。國立臺北大學。 延伸查詢 | 3. | 王平(2004)。模糊群體決策環境下之風險評估(博士論文)。國立交通大學。 延伸查詢 | 4. | 洪國興(2003)。資訊安全「影響因素與評估模式」之研究(博士論文)。國立政治大學。 延伸查詢 | 5. | 李慶民(2001)。以BS7799爲基礎建構資訊安全評估模式之研究--虛擬私有網路系統 爲例(碩士論文)。國防大學。 延伸查詢 | 6. | 魏世驊(2007)。根據模糊數之相似度測量以作風險分析之新方法(碩士論文)。國立臺灣科技大學。 延伸查詢 | 7. | Moore, R. K.(1987)。Prediction of Bankruptcy Using Financial Ratios, Information Measures(博士論文)。University of North Texas。 | 8. | Shimerda, T. A.(1978)。Finance Ratios as Predictors of Profitability(博士論文)。University of Nebraska。 | 9. | 劉永禮(2002)。以BS7799資訊安全管理規範建構組織資訊安全風險管理模式之研究(碩士論文)。元智大學。 延伸查詢 | 10. | 施柏魁(2006)。從顧客RFM資料及交易資料庫挖掘資料庫行銷之模糊關聯法則(碩士論文)。南華大學。 延伸查詢 | 圖書1. | 張盛盛、許美玲(1995)。電腦安全的威脅與對策。台北:資訊工業策進會。 延伸查詢 | 2. | (2000)。Information Security Management-Part 1: Code of Practice for Information Security Management BS7799-1。London:British Standards Institution(BSI)。 | 3. | (2002)。Information Security Management-Part 2: Specification for Information Security Management System BS7799-2。London:British Standards Institution (BSI)。 | 4. | Caelli, W.、Longley, D.、Shain, M.(1989)。Information Security for Managers, Stockton Press。New York。 | 5. | COBIT(1998)。Governance, Control and Audit for Information and Related Technology。 | 6. | Lawrence A. G.(2004)。CSI/FBI Computer Crime and Security Survey。 | 7. | Russell, Deborah、Gangemi, G. T. Jr.(1991)。Computer security basics。Sebastopol, California:O'Reilly and associates Inc.。 | 8. | Simson, G.、Gene, S.(1991)。Practical Unix security。O'Reilly and associates。 | 9. | US Nuclear Regulatory Commission(1981)。Fault Tree Handbook。 | 10. | Saaty, T. L.(1998)。The Analytic Hierarchy Process: Planning, Priority Setting, Resource Allocation。New York:McGraw-Hill International Book Co.。 | 11. | 柯煇耀(2001)。預防性失效分析--FMECA & FTA之應用。臺北市:社團法人中華民國品質學會。 延伸查詢 | 12. | Gollmann, Dieter(1999)。Computer Security。John Wiley and Sons Ltd.。 | 13. | 張紹勳(2000)。研究方法。臺中市:滄海。 延伸查詢 | 14. | 吳萬益、林清河(2005)。企業研究方法。臺北市:華泰書局。 延伸查詢 | 15. | Tabachnick, Barbara G.、Fidell, Linda S.(2007)。Using multivariate statistics。Pearson/Allyn and Bacon。 | 16. | Jolliffe, Ian T.(2002)。Principal Component Analysis。Springer。 | 17. | 邱皓政(2006)。量化研究與計量分析:SPSS中文視窗版資料分析範例解析。五南。 延伸查詢 | 18. | Koller, Glenn R.(2000)。Risk Assessment and Decision Making in Business and Industry: A Practical Guide。New York:CRC press。 | 單篇論文1. | 王志峰(2003)。國泰人壽建置批次作業排程管理系統Control-M成效顯著。 延伸查詢 | 2. | 微軟公司(2004)。安全性風險管理指南。 延伸查詢 | 3. | 張慶隆(2007)。以失誤樹風險評鑑方法改善現有角色存取系統資訊安全政策,華梵大學資訊管理系。 延伸查詢 | 4. | 何怡華(2006)。以模式爲基礎的風險管理與量測指標,元智大學資訊工程系。 延伸查詢 | 5. | Raptis, Dimitris(2000)。The CORAS Approach for Model-based Risk Management applied to e-Commerce Domain。 | 6. | ISO(2001)。Information technology-guideline for the Management of IT Security (All Parts)。 | 7. | (2001)。Information Technology-Guidelines for the Management of IT Security-Part 1; Concepts and models for IT Security。 | 8. | (1980)。Procedures for performing a failure mode, effects, and critically analysis? Department of Defense,Washington DC。 | 9. | Schneider, E. C.,Gregory, W. T.(1990)。How secure are your system? avenues to automation。 | 10. | University of Virginia(1991)。Ranking of space shuttle FMEA/CIL item: the risk ranking and filtering method。 | 其他1. | 李三榮(2004)。Basel 2信用風險標準法。 延伸查詢 | 2. | (1999)。Risk Management,http://www.standard.com.au/。 | 3. | Basel Committee on Banking Supervision(2003)。Consultative Document Overview of the New Basel Capital Accord,http://www.bis.org_/bcbs/bcbscp3 .htm。 | 4. | OMG-UML(2001)。Unified Modeling Language Specification。 | 圖書論文1. | 樊國楨、楊晉寧(1996)。互連網電子信息交換安全--以電子公文交換作業安全爲。電腦稽核。 延伸查詢 | 2. | Chen, S. M.(2001)。Fozzy group decision making for evaluating the rate of aggregative risk in software development。Fuzzy set and systems。 | |