• 초록
• I. 서론
• II. 이론적 배경
• III. 연구모형 및 가설설정
• IV. 실증분석
• V. 결론 및 시사점
• 참고문헌
• ABSTRACT

1 Kreps, D.M., "Why Interaction between Norms and Economic Incentives" 87 (87): 359-364, 1997

2 Venkatesh, V., "User Acceptance of Information Technology: Toward a Unified View" 27 (27): 425-478, 2000

3 Willison, R., "Understanding the Perpetration of Employee Computer Crime in the Organizational Context" 16 (16): 304-324, 2006

4 Sasse, M.A., "Transforming the ‘Weakest Link: A Human-Computer Interaction Approach to Usable and Effective Security" 19 (19): 122-131, 2001

5 Lee, Y., "Threat or Coping Appraisal: Determinants of SMB Executives' Decision to Adopt Anti Malware Software" 18 (18): 177-187, 2009

6 Boss, S.R., "The Last Line of Defense: Motivating Employees to Follow Corporate Security Guidelines" 1-18, 2007

7 Jayanti, R.K., "The Antecedents of Preventive Health Care Behavior: An Empirical Study" 26 (26): 6-15, 1998

8 Ng, B-Y, "Studying Users' Computer Security Behavior: A Health Belief Perspective" 46 (46): 815-825, 2009

9 Peace, A.G., "Software Piracy in the Workplace: A model and Empirical Test" 20 (20): 153-177, 2003

10 Siponen, M.T., "Six Design Theories for IS Security Policies and Guidelines" 7 (7): 445-472, 2006

11 Workman, M., "Security Lapses and the Omission of Information Security Measures: An Empirical Test of the Threat Control Model" 24 (24): 2799-2816, 2008

12 Villarroel, R., "Secure Information Systmes Development - A Survey and Comparison" 24 (24): 308-321, 2005

13 Neumann, P. G., "Risks of Insiders" 42 (42): 160-, 1999

14 Carmines, E.G., "Reliability and Validity Assessment" Sage Publications 1979

15 Nunnally, J.C., "Psychometric theory" McGraw Hill 1978

16 Chan, M., "Perceptions of Information Security at the Workplace: Linking Information Security Climate to Compliant Behavior" 1 (1): 18-41, 2005

17 Ernst & Young, "Moving Beyond Compliance: Ernst & Young’'s 2008 Global Information Security Survey"

18 Vroblefski, M., "Managing User Relationships in Hierarchies for Information System Security" 43 (43): 408-419, 2007

19 Wen , H., "Internet Computer Virus Protection Policy" 6 (6): 66-71, 1998

20 Karahanna, E., "Information Technology Adiption Across Time: A Cross-Sectional Comparison of Pre-Adoption and Post-Adoption Beliefs" 23 (23): 183-213, 1999

21 Cavusoglu, H., "Information Security Control Resources in Organizations: A Multidimensional View and Their Key Drivers" Sauder School of Business, University of British Columbia 2009

22 Thompson, R.L., "Influence of Experience on Personal Computer Utilization: Testing a Conceptual Model" 11 (11): 167-187, 1994

23 김청택, "I am fine but you are not: Optimistic bias and illusion of control on information security" Association for Information Systems 381-395, 2005

24 Limayem, M, "Force of Habit and Information Systems Usage: Theory and Initial Validation" 4 (4): 65-95, 2003

25 Siponen, M.T., "Factors Influencing Protection Motivation and IS Security Policy Compliance" Innovations in Information Technology 1-5, 2006

26 Fornell, C., "Evaluating Structural Equation Models with Unobservable Variables and Measurement Error" 18 (18): 39-50, 1981

27 Hamill, T., "Evaluating Information Assurance Strategies" 39 (39): 463-484, 2005

28 Herath, T., "Encouraging Information Security Behaviors in Organizations: Role of Penalties, Pressures and Perceived Effectiveness" 47 (47): 154-165, 2009

29 Pahnila, S., "Employees' Behavior towards IS Security Policy Compliance" 2007

30 Straub, D.W., "Effective IS Security: An Empirical Study" 1 (1): 255-276, 1990

31 Straub, D.W., "Discovering and Disciplining Computer Abuse in Organizations: A Field Study" 14 (14): 45-60, 1990

32 Dhillon, G., "Current Directions in IS Security Research: Towards Socio-Organizational Perspectives" 11 (11): 127-153, 2001

33 Straub, D.W., "Coping with Systems Risks: Security Planning Models for Management Decision Making" 22 (22): 441-469, 1998

34 Lehtinen, R, "Computer Security Basics" O'Reilly Media, Inc 2006

35 Ransbotham, S., "Choice and Chance: A Conceptual Model of Paths to Information Security Compromise" 20 (20): 121-139, 2009

36 Walker, L.R., "Beyond Expectancy Theory: An Integrative Motivational Model from Health Care" 7 (7): 187-194, 1982

37 Fishbein, M., "Belief, Attitude, Intention and Behavior: An Introduction to Theory and Research" Addison-Wesley 1975

38 Sheeran, P., "Augmenting the Theory of Planned Behavior: Roles for Anticipated Regret and Descriptive Norms" 29 (29): 2107-2142, 1999

39 AIRC, "Attack Intelligence Research Center Annual Threat Report: 2008 Overview and 2009 Predictions" Attack Intelligence Research Center

40 Siponen, M.T., "Analysis of Modern IS Security Development Approaches: Towards the Next Generation of Social And Adaptable ISS Methods" 15 (15): 339-375, 2005

41 Kankanhalli, A., "An Integrative Study of Information Systems Security Effectiveness" 23 (23): 139-154, 2003

42 Lee, S.M., "An Integrative Model of Computer Abuse based on Social Control and General Deterrence Theories" 41 (41): 707-718, 2003

43 Wixom, B, "An Empirical investigation of the factors affecting data warehousing success" 21 (21): 17-41, 2001

44 Galletta, D.F., "An Empirical Investigation of Antecedents of Internet Abuse in the Workplace" 47-51, 2003

45 Higgins, G.E., "An Application of Deterrence Theory to Software Piracy" 12 (12): 166-184, 2005

46 Stanton, J.M., "An Analysis of End User Cecurity Behaviors" 24 (24): 124-133, 2005

47 Doherty, N. F., "Aligning the Information Security Policy with the Strategic Information Systems Plan" 25 (25): 55-63, 2006

48 Fernandez-Medina, E., "Access Control and Audit Model for the Multidimensional Modeling of Data Warehouses" 42 (42): 1270-1289, 2006

49 Venkatesh, V., "A Theoretical Extension of the Technology Acceptance Model: Four Longitudinal Field Studies" 45 (45): 186-203, 2003

50 Lau, V.C.S., "A Qualitative and Quantitative Review of antecedents of Counterproductive Behavior in Organizations" 18 (18): 73-99, 2003

51 Rogers, R., "A Protection Motivation Theory of Fear Appeals and Attitude Change" 91 : 93-114, 1975

52 Woon, I.M.Y., "A Protection Motivation Theory Approach to Home Wireless Security" 367-380, 2005

53 Cavusoglu, H., "A Model for Evaluating IT Security Investments" 47 (47): 87-92, 2004

54 Lee, J., "A Holistic Model of Computer Abuse Within Organizations" 10 (10): 57-63, 2002

55 Cialdini, R.B., "A Focus Theory of Normative Conduct: Recycling the Concept of Norms to Reduce Littering in Public Places" 58 (58): 1015-1026, 1990

56 Whitman, M. E., ""Information Systems Security and the Need for Policy," in Information Security Management - Global Challenges in the Next Millennium" Idea Group 9-18, 2001

57 Whitman, M. E., ""Chapter 6: Security Policy: From Design to Maintenance," in Information Security: Policy, Processes, and Practices" M. E. Sharpe 123-151, 2008