| 期刊論文| 1. | Baccarini, D.、Salm, G. S.、Love, P. E. D.(2004)。Management of risks in information technology projects。Industrial Management and Data Systems,104(4),286-295。   | | 2. | Wright, S.、Wright, A. M.(2002)。Information System Assurance for Enterprise Resource Planning Systems: Unique Risk Considerations。Journal of Information Systems,16(S-1),99-113。 | | 3. | Huang, S. M.、Hung, W. H.、Yen, D. C.、Chang, I. C.、Jiang, D.(2011)。Building the evaluation model of the IT general control for CPAs under enterprise risk management。Decision Support Systems,50(4),692-701。 | | 4. | McKenna, H. P.(1994)。The Delphi technique: a worthwhile approach for nursing?。Journal of Advanced Nursing,19,1221-1225。 | | 5. | 陳錦烽(20060100)。整合性企業風險管理。內部稽核,53,19-24。 延伸查詢 | | 6. | Bin-Abbas, H.、Bakry, S. H.(2014)。Assessment of IT governance in organizations: A simple integrated approach。Computers in Human Behavior,32,261-267。 | | 7. | Aloini, D.、Dulmin, R.、Mininno, V.(2007)。Risk management in ERP project introduction: Review of the literature。Information and Management,44,547-567。 | | 8. | Alfantookh, A.、Bakry, S. H.(2009)。IT governance practices: ITIL。Saudi Computer Journal: Applied Computing and Informatics,7,56-65。 | | 9. | 羅玳珊(2010)。數據加速成長腳步。哈佛商業評論,46,72-76。 延伸查詢 | | 10. | Aloini, D.、Dulmin, R.、Mininno, V.(2012)。Risk assessment in ERP projects。Information Systems,37,183-199。 | | 11. | Aloini, D.、Dulmin, R.、Mininno, V.(2012)。Modelling and assessing ERP project risks: A Petri Net approach。European Journal of Operational Research,220,484-495。 | | 12. | Bakry, S. H.、Alfantookh, A.(2006)。IT governance practices: COBIT。Saudi Computer Journal: Applied Computing and Informatics,5,53-61。 | | 13. | Boockholdt, J. L.(1987)。Security and integrity controls for microcomputers: A summary analysis。Information and Management,13,33-41。 | | 14. | Baskerville, R.(1991)。Risk analysis: An interpretive feasibility tool in justifying information systems security。European Journal of Information Systems,1,121-130。 | | 15. | Bannerman, P. L.(2008)。Risk and risk management in software projects: A reassessment。Journal of Systems and Software,81,2118-2133。 | | 16. | Dalkey, N.、Helmer, O.(1963)。Delphi technique: Characteristics and sequence model to the use of experts。Management Science,9,458-467。 | | 17. | Coe, M. J.(2005)。Trust services: A better way to evaluate I.T. controls。Journal of Accountancy,199,69-75。 | | 18. | Dezdar, S.、Sulaiman, A.(2009)。Successful enterprise resource planning implementation: Taxonomy of critical factors。Industrial Management and Data Systems,109,1037-1052。 | | 19. | De Haes, S.、Debreceny, R. S.(2013)。COBIT 5 and enterprise governance of information technology: Building blocks and research opportunities。Journal of Information Systems,27,307-324。 | | 20. | Huang, S. M.、Chang, I. C.、Li, S. H.、Lin, M. T.(2004)。Assessing risk in ERP projects: Identify and prioritize the factors。Industrial Management and Data Systems,104,681-688。 | | 21. | Hakim, A.、Hakim, H.(2010)。A practical model on controlling the ERP implementation risks。Information Systems,35,204-214。 | | 22. | Ketikidis, P. H.、Koh, S. C. L.、Dimitradis, N.、Gunsekaran, A.、Kehajova, M.(2008)。The use of information systems for logistics and supply chain management in south east Europe: Current status and future direction。Omega,36(4),592-599。 | | 23. | Noudoostbeni, A.、Ismail, N. A.、Jenatabadi, H. S.、Yasin, N. M.(2010)。An effective end-user knowledge concern training method in enterprise resource planning (ERP) based on critical factors (CFs) in Malaysian SMEs。International Journal of Business and Management,5,63-76。 | | 24. | Poba-Nzaou, P.、Raymond, L.、Fabi, B.(2008)。Adoption and risk of ERP systems in manufacturing SMEs: A positivist case study。Business Process Management Journal,14,530-550。 | | 25. | Reghavan, K. R.(2006)。Internal control and operational risk: FDICIA, Sarbanes-Oxley and Basel。Bank Accounting and Finance,19,3-9。 | | 26. | Sherer, S. A.、Alter, S.(2004)。Information system risks and risks factors: Are they mostly about information systems?。Communications of Association for Information Systems,14,29-64。 | | 27. | Tuttle, B.、Vandervelde, S. D.(2007)。An empirical examination of CobiT as an internal control。International Journal of Accounting Information Systems,8,240-263。 | | 28. | Wilkin, C. L.、Chenhall, R. H.(2010)。A review of IT governance: A taxonomy to inform accounting information systems。Journal of Information Systems,24,107-146。 | | 29. | 林寶珠、王敏馨(20030500)。21世紀的企業風險管理制度--掌握變化規劃預防 化險為夷從中獲利。會計研究月刊,210,51-58。 延伸查詢 | | 30. | Gurbaxani, Vijay、Kraemer, Kenneth、Melville, Nigel(2004)。Review: Information Technology and Organizational Performance: An Integrative Model of IT Business Value。MIS Quarterly,28(2),283-322。 | | 31. | Davenport, Thomas H.(1998)。Putting the enterprise into the enterprise system。Harvard Business Review,76(4),121-131。 | | 32. | Holden, Michael C.、Wedman, John F.(1993)。Future issues of computer-mediated communication: The results of a Delphi study。Educational Technology Research and Development,41(4),5-24。 | | 33. | Lawshe, C. H.(1975)。A quantitative approach to content validity。Personnel Psychology,28(4),563-575。 | 會議論文| 1. | Al-Shehab, A. J.、Hughes, R. T.、Winstanley, G.(2004)。Using causal mapping methods to identify and analyse risk in information system projects as a postevaluation process。The 11th European Conference on Information Technology Evaluation。 | | 2. | Kaarst-Brown, M. L.、Kelly, S.(2005)。IT governance and Sarbanes-Oxley: The latest sales pitch or real challenges for the IT Function?。The 38th Annual Hawaii International Conference on System Sciences。Hawaii。 | | 3. | Oliver, D.、Romm, C.(2000)。Enterprise resource planning systems: An outline model of adoption。The GITM World Conference。Memphis。 | | 4. | Stefanou, C. J.(1999)。Supply chain management (SCM) and organisational key factors for successful implementation of enterprise resource planning (ERP) systems。The annual Americas Conference on Information Systems。Milwaukee。 | 圖書| 1. | 張碩毅、黃士銘、阮金聲、洪育忠、洪新原(2005)。企業資源規劃。台北:全華科技圖書股份有限公司。 延伸查詢 | | 2. | Van Grembergen, W.、De Haes, S.(2009)。Enterprise Governance of Information Technology: Achieving Strategic Alignment and Value。Springer。 | | 3. | Weill, Peter D.、Ross, Jeanne W.(2004)。IT Governance: How Top Performers Manage IT Decision Rights for Superior Results。Harvard Business School Press。 | | 4. | 張碩毅、吳承志(2008)。企業資源規劃系統建置與管理。台北:碁峰資訊股份有限公司。 延伸查詢 | | 5. | 鄭燦堂(2012)。風險管理:理論與實務。臺北:五南圖書出版股份有限公司。 延伸查詢 | | 6. | Cabinet Office(2011)。ITIL Lifecycle Suite。London:The Stationery Office。 | | 7. | Committee of Sponsoring Organizations of the Treadway Commission(2004)。Enterprise Risk Management--Integrated Framework。Committee of Sponsoring Organizations of the Treadway Commission, AICPA。 | | 8. | Committee of Sponsoring Organizations of the Treadway Commission(1992)。Internal Control--Integrated Framework。New York, NY:Committee of Sponsoring Organizations of the Treadway Commission。 | | 9. | Gallegos, F.、Richardson, D. R.、Borthick, A. F.(1987)。Audit and Control of Information Systems。Cincinnati, OH:Thomson Corporation-South-Western Publishers。 | | 10. | Gowin, D. B.(1981)。Educating。New York, NY:Cornell University Press。 | | 11. | International Standards Organization、International Electrotechnical Commission(2008)。ISO/IEC 38500 Corporate Governance of Information Technology。Geneva:International Organization for Standardization。 | | 12. | International Standards Organization、International Electrotechnical Commission(2005)。ISO/IEC 27001 Information Technology--Security Techniques-Information Security Management Systems-Requirements。Geneva:International Organization for Standardization。 | | 13. | International Standards Organization、International Electrotechnical Commission(2005)。ISO/IEC 20000 Information Technology--Service Management。Geneva:International Organization for Standardization。 | | 14. | ISACA(2012)。COBIT 5: A Business Framework for the Governance and Management of Enterprise IT。Rolling Meadows, IL:ISACA。 | | 15. | International Standards Organization、International Electrotechnical Commission(2011)。ISO/IEC 27005 Information Technology-Security Techniques--Information Security Risk Management。Geneva:International Organization for Standardization。 | | 16. | Musaji, Y. F.(2002)。Integrated Auditing of ERP Systems。New York, NY:John Wiley and Sons Incorporation。 | | 17. | Linstone, Harold A.、Turoff, Murray(1975)。The Delphi Method: Techniques and Applications。Addison-Wesley Publishing Company。 | | 18. | Standards Australia(2004)。AS/NZS 4360: 2004 Risk Management。Sydney:Standards Australia。 | | 19. | 鄧家駒(2005)。風險管理。華泰文化事業股份有限公司。 延伸查詢 | | 20. | 行政院研究發展考核委員會(2009)。風險管理及危機處理作業手冊。臺北市:行政院研究發展考核委員會。 延伸查詢 | | 21. | Novak, Joseph D.、Gowin, D. Bob(1984)。Learning How to Learn。Cambridge University Press。 | | 22. | Delbecq, Andre L.、Van de Ven, Andrew H.、Gustafson, David H.(1975)。Group Techniques for Program Planning: A Guide to Nominal Groups and Delphi Process。Scott Foresman & Company。 | 其他| 1. | Drobik, A.,Rayner, N.(2013)。Develop a strategic road map for postmodern ERP in 2013 and beyond,https://www.gartner.com/doc/2566015/develop-strategic-road-map-postmodern.。 | | 2. | Gibson, C. F.(2004)。IT-enabled business change: An approach to understanding and managing risk,ftp://public.dhe.ibm.com/la/documents/imc/la/pe/news/events/mit_2010/6a_mit_cisrwp346_itenabledbuschange.pdf.。 | | 3. | Institute of Internal Auditors(2011)。Risk management,https://www.iia.org.uk/resources/risk-management/.。 | | 4. | ISACA(2008)。Top business/technology issues survey results,http://www.isaca.org/Template.cfm?Section=Home &template=/ContentManagement/Content Display.cfm&ContentID=43978.。 | | 5. | Wailgum, T.(2009)。ERP investments still top the list for corporate IT spending,https://www.cio.com/article/2422838/enterprise-software/erp-investments-still-top-the-list-for-corporate-it-spending.html。 | |
| |