Title

ISO27001認證之關鍵成功因素評估

Translated Titles

Assessing the Critical Success Factors of ISO 27001 Certification

DOI

10.6459/JCM.201303_10(1).0003

Authors

韓慧林(H. L. Hai);王貴民(K. M. Wang);劉佩葶(P. T. Liu);蔡齡葦(J. Tsai);劉姵吟(P. Y. Liu);方鄒如(T. R. Fang)

Key Words

關鍵成功因素 ; 資訊安全管理系統 ; 投票式權重評選模式 ; Critical success factor (CSF) ; ISO27001 ; Vote-ranking model

PublicationName

危機管理學刊

Volume or Term/Year and Month of Publication

10卷1期(2013 / 03 / 01)

Page #

21 - 32

Content Language

繁體中文

Chinese Abstract

在資訊科技爆炸時代,資訊安全管理系統已成為各組織營運之最優先考量因素;資訊安全漏洞將造成企業之危機,風險發生原因及其影響也將帶來革命性的變化,為求組織永續發展及營運安全,不斷資訊安全管理系統評估、預防管理及立即應變計畫乃必然之防範作為。本研究以實踐大學高雄校區ISO27001系統認證為例,透過資管系受過ISO27001稽核員訓練課程54小時之同學為對象,進行問卷調查,運用投票式權重評選模式,評選「政策與規劃、執行與管理、檢查與矯正、管理審查」之ISO27001認證關鍵成功因素,排列優先順序,做為企業或大學導入ISO27001認證之參考。

English Abstract

In this era of information technology explosion, the information security management system (ISMS) assessment has become a top consideration of the organization operations considerations. The ISMS vulnerabilities will cause the enterprise crisis, the causes and impact of ISMS will also bring revolutionary change. This study is to use the ISO27001 certification to assess Shih Chien University Kaohsiung Campus. All students who attend the survey are the information management students with 54 hours in ISO27001 auditor course the voting-ranking model is used to evaluate and calculate the weights of critical success factors (CSF) for ISO27001 certification. Who study concludes with the rank so ”policy and planning, execution and management, checking and correction, management reviews”.

Topic Category 社會科學 > 管理學
Reference
  1. Belassi, W.,Tukel, O. I.(1996).A new framework for determining critical success/failure factors in projects.International Journal of Project Management,14(3),141-151.
  2. Bhuasiri, W.,Xaymoungkhoun, O.,Zo, H.,Rho, J. J.,Ciganek, A. P.(2012).Critical success factors for e-learning in developing countries: A comparative analysis between ICT experts and faculty.Computers & Education,58,843-855.
  3. Brown, C. V.,Vessey, I.(2003).Managing the Next Wave of Enterprise Systems: Leveraging Lessons from ERP.MIS Quarterly Executive,2(1),45-57.
  4. Charnes, A.,Cooper, W. W.,Rhodes, E.(1978).Measuring The Efficiency of Decision-Making Units.European Journal of Operational Research,2,429-444.
  5. Cook, W. D.,Kress, M.(1990).A Data Envelopment Model for Aggregating Preference Rankings.Management Science,36(11),1302-1310.
  6. Foroughi, A. A.,Tamiz, T.(2005).An Effective Total Ranking Model for A Ranked Voting System.OMEGA,33,491-496.
  7. Green, R. H.,Doyle, J. R.,Cook, W. D.(1996).Preference Voting and Project Ranking Using DEA and Cross-Evaluation.European Journal of Operational Research,90,461-472.
  8. Guynes, C. S.,Vanecek, M. T.(1996).Critical success factors in data management.Information & Management,30,201-209.
  9. Hashimoto, A.(1997).A Ranked Voting System Using A DEA/AR Exclusion Model: A Note.Journal of the Operational Research,97,600-604.
  10. Hashimoto, A.,Ishikawa(1993).Using DEA to Evaluate The State of Society As Measured by Multiple Social Indicators.Socio-Economic Planning Sciences,27(4),257-268.
  11. Hoffmann, W. H.,Schlosser, R.(2001).Success Factors of strategic alliances in small and medium-sized enterprises-An empirical survey.Long Range Planning,34,357-381.
  12. Holis, O. R.(1969).Content Analysis for the Social Sciences and Humanities.Reading Mass.:Addison-Wesley Publishing Co..
  13. King, W.(1988).How effective is your information systems planning?.Long Range Planning,21(5),103-112.
  14. Liu, F. H. F.,Hai, H. L.(2005).The Voting Analytic Hierarchy Process Method for Selecting Suppliers.The International Journal of Production Economics,97,308-317.
  15. Noguchi, H.,Ogawa, M.,Ishii, H.(2002).The Appropriate Total Ranking Method Using DEA for Multiple Categorized Purposes.Journal of Computational and Applied Mathematics,146,155-166.
  16. Obata, T.,Ishii, H.(2003).A Method for Discriminating Efficient Candidates With Ranked Voting Data.European Journal of Operational Research,151,233-237.
  17. Salmeron, J. L.,Herrero, I.(2005).An AHP-based methodology to rank critical success factors of executive information systems.Computer Standards & Interfaces,28,1-12.
  18. Sambasivan, M.,Fei, N. Y.(2008).Evaluation of critical success factors of implementation of ISO 14001 using analytic hierarchy process (AHP): a case study from Malaysia.Journal of Cleaner Production,16,1424-1433.
  19. Selim, H. M.(2007).Critical success factors for e-learning acceptance: Confirmatory factor models.Computers & Education,49,396-413.
  20. Soong, M. H. B.,Chan, H. C.,Chua, B. C.,Loh, K. F.(2001).Critical success factors for on-line course resources.Computers & Education,36,101-120.
  21. Stocka, G. N.,McFaddena, K. L.,Gowen, C. R., III(2007).Organizational culture, critical success factors, and the reduction of hospital errors.Int. J. Production Economics,106,368-392.
  22. Sung, T. K.(2006).E-commerce critical success factors: East vs. West.Technological Forecasting & Social Change,73,1161-1177.
  23. Tabrizi, R. S.,Ebrahimi, N.,Delpisheh, M.(2011).KM criteria and success of KM Programs: an assessment on criteria from importance and effectiveness perspectives.Procedia Computer Science,3,691-697.
  24. 王石番(1991)。傳播內容分析法─理論與實證。台北:幼獅出版。
  25. 朱惠中、王增良(2010)。中小企業導入資訊安全管理的關鍵成功因素。2010 數位科技與創新管理研討會
  26. 邱和源(2010)。實踐大學企業管理研究所。
  27. 翁文南(2008)。實踐大學企業管理研究所。
  28. 許伯年(2003)。中央大學人力資源管理研究所。
Times Cited
  1. 韓慧林(2014)。應用QFD探討資訊安全服務品質─以實踐大學高雄校區為例。危機管理學刊,11(1),49-60。
  2. 韓慧林、黃聖凱、林芙郁、林全偉、周韋仁、王貴民(2014)。以AHP評估麥當勞之行銷管理關鍵成功因素-高雄旗山區為例。管理資訊計算,3(2),375-386。