| 期刊論文| 1. | Beasley, Mark S.、Clune, Richard、Hermanson, Dana R.(2005)。Enterprise risk management: an empirical analysis of factors associated with the extent of implementation。Journal of Accounting and Public Policy,24(6),521-531。   | | 2. | Novak, J. D.(2002)。Meaningful Learning: The Essential Factor for Conceptual Change in Limited or Inappropriate Prepositional Hierarchies Leading to Empowerment of Learners。Science Education,86(4),548-571。 | | 3. | Hill, Kim Quaile、Fowles, Jib(1975)。The methodological worth of the Delphi forecasting technique。Technological Forecasting and Social Change,7(2),179-192。 | | 4. | Xue, Y.、Liang, H.、Boulton, W. R.(2008)。Information technology governance in information technology investment decision processes: The impact of investment characteristics, external environment, and internal context。MIS Quarterly,32(1),67-96。 | | 5. | Spira, L. F.、Page, M.(2003)。Risk management: the reinvention of internal control and the changing role of internal audit。Accounting, Auditing and Accountability Journal,16(4),640-661。 | | 6. | Seawright, Jason、Gerring, John(2008)。Case Selection Techniques in Case Study Research: A Menu of Qualitative and Quantitative Options。Political Research Quarterly,61(2),294-308。 | | 7. | Pathak, J.(2005)。Risk management, internal controls and organizational vulnerabilities。Managerial Auditing Journal,20(6),569-577。 | | 8. | Fox, R.(2007)。Gowin's knowledge vee and the integration of philosophy and methodology: A case study。Journal of Geography in Higher Education,31(2),269-284。 | | 9. | Baxter, P.、Jack, S.(2008)。Qualitative case study methodology: Study design and implementation for novice researchers。The Qualitative Report,13(4),544-559。 | | 10. | Gubbi, Jayavardhana、Buyya, R.、Marusic, S.、Palaniswami, M.(2013)。Internet of Things (IoT): A vision, architectural elements, and future directions。Future Generation Computer Systems,29(7),1645-1660。 | | 11. | Domingo, M. C.(2012)。An overview of the Internet of Things for people with disabilities。Journal of Network and Computer Applications,35(2),584-596。 | | 12. | Everett, C.(2011)。A risky business: ISO 31000 and 27005 unwrapped。Computer Fraud & Security,2011(2),5-7。 | | 13. | Madakam, Somayya、Ramaswamy, R.、Tripathi, Siddharth(2015)。Internet of Things (IoT): A Literature Review。Journal of Computer and Communications,3(5),164-173。 | | 14. | Yoo, Y.(2010)。Computing in everyday life: A call for research on experiential computing。MIS Quarterly,34(2),213-231。 | | 15. | Weber, Rolf H.(2010)。Internet of Things: New security and privacy challenges。Computer Law & Security Report,26(1),23-30。 | | 16. | 李科逸(20131200)。國際因應智慧聯網環境重要法制研析--歐盟新近個人資料修法與我國建議。科技法律透析,25(12),41-62。 延伸查詢 | | 17. | De Haes, S.、Van Grembergen, W.、Debreceny, R. S.(2013)。COBIT 5 and enterprise governance of information technology: Building blocks and research opportunities。Journal of Information Systems,27(1),307-324。 | | 18. | Sutton, S. G.、Khazanchi, D.、Hampton, C.、Arnold, V.(2008)。Risk analysis in extended enterprise environments: Identification of critical risk factors in B2B e-commerce relationships。Journal of the Association for Information Systems,9(3/4),151-174。 | | 19. | Ayre, C.、Scally, A. J.(2014)。Critical values for Lawshe's content validity ratio: Revisiting the original methods of calculation。Measurement and Evaluation in Counseling and Development,47(1),79-86。 | | 20. | 林育震(20101000)。掌控風險 發揮雲端效益。資訊安全通訊,16(4),138-149。 延伸查詢 | | 21. | 莊祐軒、羅乃維(20131000)。物聯網安全的現況與挑戰。資訊安全通訊,19(4),16-29。 延伸查詢 | | 22. | Akhtaruddin, M.、Ohn, J.(2016)。Internal control deficiencies, investment opportunities, and audit fees。International Journal of Accounting and Finance,6(2),127-144。 | | 23. | Amid, A.、Moradi, S.(2013)。A Hybrid Evaluation Framework of CMM and COBIT for Improving the Software Development Quality。Journal of Software Engineering and Applications,6(5),280-288。 | | 24. | Barnaghi, P.、Sheth, A.、Henson, C.(2013)。From data to actionable knowledge: big data challenges in the web of things。IEEE Intelligent Systems,28(6),6-11。 | | 25. | Bohli, J. M.、Gruschka, N.、Jensen, M.、Iacono, L. L.、Marnau, N.(2013)。Security and privacy-enhancing multicloud architectures。IEEE Transactions on Dependable and Secure Computing,10(4),212-224。 | | 26. | Brender, N.、Markov, I.(2013)。Risk perception and risk management in cloud computing: Results from a case study of Swiss companies。International Journal of Information Management,33(5),726-733。 | | 27. | Chen, S.、Xu, H.、Liu, D.、Hu, B.、Wang, H.(2014)。A vision of IoT: Applications, challenges, and opportunities with China perspective。IEEE Internet of Things Journal,1(4),349-359。 | | 28. | Chen, X. Y.、Jin, Z. G.(2012)。Research on key technology and applications for internet of things。Physics Procedia,33(2012),561-566。 | | 29. | De Cremer, D.、Nguyen, B.、Simkin, L.(2016)。The integrity challenge of the Internet-of-Things (IoT): On understanding its dark side。Journal of Marketing Management,33(1/2),145-158。 | | 30. | Debreceny, R. S.、Gray, G. L.(2013)。IT governance and process maturity: A multinational field study。Journal of Information Systems,27(1),157-188。 | | 31. | De Oliveira, S. B.、Valle, R.、Mahler, C. F.(2010)。A comparative analysis of CMMI software project management by Brazilian, Indian and Chinese companies。Software Quality Journal,18(2),177-194。 | | 32. | Del Giudice, M.(2016)。Discovering the Internet of Things (IoT) within the business process management: A literature review on technological revitalization。Business Process Management Journal,22(2),263-270。 | | 33. | Domingo, M. C.(2011)。Securing underwater wireless communication networks。IEEE Wireless Communications,18(1),22-28。 | | 34. | Domingo, M. C.(2012)。An overview of the internet of underwater things。Journal of Network and Computer Applications,35(6),1879-1890。 | | 35. | Dos Santos, R. P.、De Oliveira, K. M.、Da Silva, W. P.(2009)。Evaluating the service quality of software providers appraised in CMM/CMMI。Software Quality Journal,17(3),283-301。 | | 36. | Skinner, R.、Nelson, R. R.、Chin, W. W.、Land, L.(2015)。The Delphi method research strategy in studies of information systems。Communications of the Association for Information Systems,37(2),31-63。 | | 37. | Roche, N.、Reddel, H.、Martin, R.、Brusselle, G.、Papi, A.、Thomas, M.、Postma, D.、Thomas, V.、Rand, C.、Chisholm, A.、Price, D.(2014)。Quality standards for real-world research: Focus on observational database studies of comparative effectiveness。Annals of the American Thoracic Society,11(2),99-104。 | | 38. | Rahimian, F.、Bajaj, A.、Bradley, W.(2016)。Estimation of deficiency risk and prioritization of information security controls: A data-centric approach。International Journal of Accounting Information Systems,20,38-64。 | | 39. | Parry, V. K. A.、Lind, M. L.(2016)。Alignment of Business Strategy and Information Technology Considering Information Technology Governance, Project Portfolio Control, and Risk Management。International Journal of Information Technology Project Management,7(4),21-37。 | | 40. | Ordanini, A.、Rubera, G.(2010)。How does the application of an IT service innovation affect firm performance? A theoretical framework and empirical analysis on ecommerce。Information & Management,47(1),60-67。 | | 41. | Nelson, K.、Clarke, J.、Stoodley, I.、Creagh, T.(2015)。Using a capability maturity model to build on the generational approach to student engagement practices。Higher Education Research & Development,34(2),351-367。 | | 42. | Mihaela, D.、Iulian, S.(2012)。Internal control and the impact on corporate governance, in Romanian listed companies。Journal of Eastern Europe Research in Business & Economics,2012,1-10。 | | 43. | McGregor, C.、Schiefer, J.(2004)。A Web-service based framework for analyzing and measuring business performance。Information Systems and E-Business Management,2(1),89-110。 | | 44. | Ledesma, R. D.、Valero-Mora, P.(2007)。Determining the number of factors to retain in EFA: An easy-to-use computer program for carrying out parallel analysis。Practical Assessment, Research & Evaluation,12(2),1-11。 | | 45. | Kaufmann, P. R.(2016)。Integrating factor analysis and the Delphi method in scenario development: A case study of Dalmatia, Croatia。Applied Geography,71,56-68。 | | 46. | Kabir, M.、Rusu, L.(2016)。IT project development using capability maturity model。Information Resources Management Journal,29(4),35-48。 | | 47. | Kaplan, R. S.、Mikes, A.(2012)。Managing risks: A new framework。Harvard Business Review,90(6),48-60。 | | 48. | Gordon, K. O.、Czekanski, W. A.、DeMeo, J. A.(2016)。Assessing the influence of sport security operations on the guest experience: Using the Delphi method to understand practitioner perspectives。Journal of Sport Safety and Security,1(1),(2)1-(2)13。 | | 49. | Feng, Mei、Li, Chan、McVay, Sarah(2009)。Internal Control and Management Guidance。Journal of Accounting and Economics,48(2/3),190-209。 | | 50. | Krishnan, J.(2005)。Audit committee quality and internal control: an empirical analysis。The Accounting Review,80(2),649-675。 | | 51. | Dalkey, Norman C.、Helmer, Olaf(1963)。An Experimental Application of the Delphi Method to the Use of Experts。Management Science,9(3),458-467。 | | 52. | Holden, Michael C.、Wedman, John F.(1993)。Future issues of computer-mediated communication: The results of a Delphi study。Educational Technology Research and Development,41(4),5-24。 | | 53. | Lawshe, C. H.(1975)。A quantitative approach to content validity。Personnel Psychology,28(4),563-575。 | | 54. | Eisenhardt, Kathleen M.(1989)。Building Theories from Case Study Research。Academy of Management Review,14(4),532-550。 | | 55. | Chang, She-I(2006)。An Alternative Methodology for Delphi-type Research in IS Key Issues Studies。International Journal of Management and Enterprise Development,3(1/2),147-168。 | 會議論文| 1. | Saripalli, Prasad、Walters, Ben(2010)。Quirc: A quantitative impact and risk assessment framework for cloud security。The 2010 IEEE 3rd international conference on cloud computing。Miami, Florida。280-288。 | | 2. | Pereira, R.、Almeida, R.、Da Silva, M. M.(2013)。How to generalize an information technology case study。The 8th International Conference on Design Science at the Intersection of Physical and Virtual Design。Helsinki。 | | 3. | Babar, S.、Mahalle, P.、Stango, A.、Prasad, N.、Prasad, R.(2010)。Proposed security model and threat taxonomy for the internet of things (IoT)。International Conference on Network Security and Applications In Recent Trends in Network Security and Applications。Springer。420-429。 | | 4. | Kranz, M.、Roalter, L.、Michahelles, F.(2010)。Things that twitter: Social networks and the internet of things。The Internet of Things do for the Citizen (CIoT) Workshop at The Eighth International Conference on Pervasive Computing。Helsinki:Auto-ID Labs。1-10。 | 圖書| 1. | Gowin, D. Bob(1981)。Educating。Ithaca, New York:Cornell University Press。 | | 2. | Weill, P.、Ross, J. W.(2004)。IT Governance, How Top Performers Manage IT Decision Rights for Superior Results。Harvard Business School Press。 | | 3. | Novak, J. D.(1998)。Learning, creating, and using knowledge: Concept maps as facilitative tools in schools and corporations。Mahwah, New Jersey:Lawrence Erbium Associates。 | | 4. | Cooper, D. R.、Schindler, P. S.(2001)。Business Research Methods。McGraw Hill。 | | 5. | Hanafin, S.(2004)。Review of Literature on the Delphi Technique。Dublin:The National Children's Office。 | | 6. | Feagin, J. R.、Orum, A. M.、Sjoberg, G.(1991)。A Case for the Case Study。The University of North Carolina Press。 | | 7. | Galliers, R. D.、Leidner, D. E.(2014)。Strategic information management: challenges and strategies in managing information systems。New York:Routledge。 | | 8. | Zhou, H.(2012)。The internet of things in the cloud: A middleware perspective。Boca Raton:CRC press。 | | 9. | Van Grembergen, W.、De Haes, S.(2009)。Enterprise governance of information technology: Achieving strategic alignment and value。New York:Springer Science & Business Media。 | | 10. | ISACA(2015)。Global status report on the governance of enterprise IT (GEIT)-2011。Rolling Meadows, IL:ISACA。 | | 11. | Hardy, K.(2014)。Enterprise risk management: A guide for government professionals。CA:John Wiley & Sons。 | | 12. | ISACA(2015)。COBIT mapping: Overview of international IT guidance。Rolling Meadows, IL:ISACA。 | | 13. | Hair, J. F. Jr.、Black, W. C.、Babin, B. J.、Anderson, R. E.、Tatham, R. L.(2006)。Multivariate data analysis。Pearson Prentice Hall。 | | 14. | Gerry, John(2006)。Case study research: Principles and practices。Cambridge University Press。 | | 15. | Novak, Joseph D.、Gowin, D. Bob(1984)。Learning How to Learn。Cambridge University Press。 | 其他| 1. | Cloud Security Alliance(2013)。The Notorious Nine Cloud Computing Top Threats in 2013,https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf。 | | 2. | 江榮倫,廖柏侖(2014)。新興科技風險管控系列--淺談物聯網的安全隱憂與挑戰,http://www2.deloitte.com/tw/tc/pages/risk/articles/newsletter-11-43.html/。 延伸查詢 | | 3. | 科技新報(2015)。Gartner:2016年使用中的物聯網件數量將達64億,http://technews.tw/2015/11/17/gartner-2016-iot/#more-121673。 延伸查詢 | | 4. | 花俊傑(2012)。雲端運算安全入門(一):了解雲端之上的安全風險,https://www.netadmin.com.tw/article_content.aspx?sn=1112150006。 延伸查詢 | | 5. | Anderson, D. J.,Eubanks, G.(2015)。Governance and internal control: lLeveraging COSO across the three lines of defense,https://na.theiia.org/standards-guidance/Public%20Documents/2015-Leveraging-COSO-3LOD.pdf。 | | 6. | Doughty, K.(2011)。The Three Lines of Defence Related to Risk Governance,http://www.isaca.org/Journal/archives/2011/Volume-5/Documents/11v5-The-Three-Lines-of-Defence-Related-to-Risk-Governance.pdf。 | | 7. | The Institute of Internal Auditors(2013)。The three lines of defense in effective risk management and control: Is your organization positioned for success?,https://na.theiia.org/news/Pages/The-Three-Lines-of-Defensein-Effective-Risk-Management-and-Control-Is-Your-Organization-Positioned-for-Success.aspx。 | | 8. | Mell, P.,Grance, T.(2011)。The NIST definition of cloud computing,https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-145.pdf。 | 圖書論文| 1. | Baldini, G.、Peirce, T.、Handte, M.、Rotondi, D.、Gusmeroli, S.、Piccione, S.、Copigneaux, B.、Le Gall, F.、Melakessou, F.、Smadja, P.、Serbanati, A.、Stefa, J.(2013)。Internet of Things Privacy, Security, and Governance。Internet of things: Converging technologies for smart environments and integrated ecosystems。Aalborg:River Publishers。 | | 2. | Barnaghi, P.、Cousin, P.、Malo, P.、Serrano, M.、Viho, C.(2013)。Simpler IoT word(s) of tomorrow, more interoperability challenges to cope today。Internet of things: Converging technologies for smart environments and integrated ecosystems。Aalborg:River Publishers。 | |
| |