- 學位論文
ISO27001對組織市場價值之影響-以台灣市場為例
The impact of ISO27001 on organizations’ market value - - An empirical research in Taiwan
摘要
ISO27001是一個近年來十分受到矚目的資訊安全管理制度(ISMS)標準,但實務上還很欠缺關於其效益的相關研究。因此,為了填補這個研究缺口,本研究採用事件研究法為主要研究方法,以財務指標探討ISO27001在取得認證的事件發生後,是否會帶來異常報酬。透過456家在台通過認證的組織,我們篩選出23家公開上市公司,並以統計方法驗證他們的股價和總資產報酬率(ROA) 在短期與長期上的表現。實驗結果指出,ISO27001的認證並無法帶來任何異常的財務表現,因此我們建議組織應重新評估導入認證的必要性,以找出更有效率的資訊安全管理方法,同時建議未來研究可更深入瞭解ISO27001對內部流程改善的效益,並擴展研究標的至其他層面的指標。
並列摘要
ISO27001 is a popular certification on Information Security Management System (ISMS). However, there are very few empirical studies investigating the market impact of ISO27001. In this research, we employed event study to analyze the financial impact of organizations after obtaining ISO 27001 certification in Taiwan. Among 456 certified organizations, we selected 23 public firms as samples and tested their stock price as well as ROA performance in both short-term and long-term. The results indicate that ISO27001 certification did not lead to significant abnormal performance. Hence, we argue that the necessity of certification should be reconsidered and future research can pay more attention on ISO27001 certification’s value in other dimensions and its contribution on internal improvement.
參考文獻
延伸閱讀
- 葉如育(2015)。企業通過ISO14001認證對其財務績效的影響-以台灣上市櫃公司為例〔碩士論文,國立中正大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0033-2110201614034247
- 林政偉(2004)。證券評價模式之應用-以台灣市場為例〔碩士論文,元智大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0009-0112200611321625
- 黃俊凱(2014)。企業實施品質管理系統ISO 9001:2008對整體營運績效影響之研究-以臺南及高雄地區螺絲螺帽業為例〔碩士論文,長榮大學〕。華藝線上圖書館。https://doi.org/10.6833/CJCU.2014.00087
- 黃清吟(2004)。台灣林產工業ISO認證現況之調查分析。林產工業,23(1),1-11。https://www.airitilibrary.com/Article/Detail?DocID=02546523-200403-201508120002-201508120002-1-11
- 顏秀玲(2008)。An Empirical Study on the Organizational Innovation of Banking Industry in Taiwan〔碩士論文,長榮大學〕。華藝線上圖書館。https://doi.org/10.6833/CJCU.2008.00132