Advanced
Information Security and Organizational Performance: Empirical Study of Korean Securities Industry
Information Security and Organizational Performance: Empirical Study of Korean Securities Industry
ETRI Journal. 2015. Apr, 37(2): 428-437
Copyright © 2015, Electronics and Telecommunications Research Institute(ETRI)
  • Received : September 22, 2014
  • Accepted : November 04, 2014
  • Published : April 01, 2015
Download
PDF
e-PUB
PubReader
PPT
Export by style
Share
Article
Author
Metrics
Cited by
TagCloud
About the Authors
Heekyung Kong
Suhyun Jung
Insung Lee
Seung-Jun Yeon

Abstract
This study was conducted to analyze the effect of information security activities on organizational performance. With this in mind and with the aim of resolving transaction stability in the securities industry, using an organization’s security activities as a tool for carrying out information security activities, the effect of security activities on organizational performance was analyzed. Under the assumption that the effectiveness of information security activities can be bolstered to enhance organizational performance, such effects were analyzed based on Herzberg’s motivation theory, which is one of the motivation theories that may influence information protection activities. To measure the actual attributes of the theoretical model, an empirical survey of the securities industry was conducted. In this explorative study, the proposed model was verified using partial least squares as a structural equation model consisting of IT service, information security, information sharing, transaction stability, and organizational performance.
Keywords
I. Introduction
In recent years, the financial industry, including securities businesses, has seen a rapid rise in the number of electronic finance crimes that use pharming and smishing involving Internet browsers and mobile devices to steal personal financial information [1] . As such, with the recent increase in the number of new types of serious electronic financial fraud, the importance of information security activities has grown significantly [2] . It should be noted, however, that information security activities are regarded by corporations and organizations as passive additional work procedures that unnecessarily increase the workload of their employees; thus, the necessity of information security activities has been accorded insufficient importance. Despite the spread of awareness of the importance of information protection, little investment in information security is made even now, thereby making it difficult to execute effective information protection activities. Moreover, in a corporation or organization, security activities are regarded as a factor that leads employees to complain about their jobs, thereby hampering the derivation of a direction for improving information security activities [3] . To address these problems, using Herzberg’s two-factor theory, a comparative study was conducted on information security activities and organizational performance, with a view to analyzing the motivational effect of information security investment on information security activities. To that end, this study, which targets the securities business, used information security technologies and security activities; ensured business management stability; promoted service transaction management; and analyzed the consequent enhancement of management performance; thus, it verified the aforementioned effect. The following are the objectives of this study:
  • ■ Recognize the importance of information protection activities in the financial industries, such as securities business, and to indicate information security activities as a motivational factor for an organization.
  • ■ Use the structural equation model and verify an organization’s security activities as a motivational factor through an analysis of the effect of such activities on organizational performance.
II. Theoretical Background
- 1. Previous Researches Related to Information Security Investment
With the development of networks and the ever-increasing use of the Internet, the securities industry is increasing the ratio of its network-based services. With such an increase, corporations are also grasping the importance of information security activities. Moreover, organizations — including public agencies and corporations — are adopting diverse information protection solutions and devising systematic measures aimed at protecting their information assets against threats and dangers in an effort to invest in their information security activities [4] . This suggests that investment in information security by corporations and other organizations is now well established as a key to the success of their activities. This is because, as the biggest barrier to the efficiency of information security, an organization regards information security activities not as an investment but as a cost. The members of an organization have neither the proper awareness nor share the necessity of information security activities, instead regarding information security activities as little more than troublesome, inconvenient procedures, thereby failing to be motivated to conduct information protection activities [5] . Regarding the goal and necessity of the adoption and management of information technologies, the members of an organization have a high awareness of such necessity and performance, but a low awareness of the necessity of the corresponding investment, thereby they fail to facilitate such activities. Thus, information security activities are perceived as an obstacle. In the financial industry, including securities and banks, information security activities are becoming increasingly important [4] . In financial businesses, which operate based on information systems, information security activities are essential for managing transactions and perpetuating business [6] . In particular, in the field of service transaction management, the confidentiality, integrity, and availability of information security must be ensured [6] .
Security refers to the process by which all assets are protected against dangers or losses [4] . Specifically, information security pertains to the process by which information is protected against internal or external threats or dangers; thus, information security continues to be deployed [4] . Targets of information security include not only the information itself but also the technologies involved in the processing and storing of information; organizational structures and procedures for processing information; human resources engaged in the processing of information; and the activities of processing, maintaining, and managing information [4] . In particular, financial businesses experience many intrusions and security accidents due to the mismanagement of personal information and information relative to transaction processing and work. Given the particularity of financial businesses, which is closely related to personal assets, the degree of awareness and management of such information security has a huge effect on customer trust [7] .
- 2. Herzberg’s Two-Factor Theory Overview and Considerations for Analysis on Information Security Investment
According to Herzberg’s two-factor theory, job satisfaction is referred to as a motivational factor, and a complaint-causing factor is referred to as a hygiene factor; indeed, the theory was developed based on these assumptions. Other motivational factors include sense of achievement, sense of stability, the job itself, and sense of responsibility; whereas, other hygiene factors include management of policy, supervision, interpersonal relations, work conditions, and salaries [8] [9] . Motivational factors are related to a person’s desire for growth and to the processes that people use within their jobs and to the actual jobs themselves. On the other hand, hygiene factors are related to a person’s desire to avoid inconvenience and to the methods people use to handle their work. They are made up of the external factors of peoples’ jobs. Thus, hygiene factors are the main factors of job dissatisfaction, whereas motivational factors are the main factors of job satisfaction [8] [9] . These two categories of factors are not mutually opposing concepts but rather two different perspectives. Thus, they should be appropriately met. If the validity of this theory is accepted, then a manager should give due attention to improving and enhancing job contents to manage the organization. The elimination of dissatisfaction factors reduces dissatisfaction, thereby producing only passive effects, which are deemed to be only for the short term. On the other hand, the expansion of satisfaction factors stimulates a person’s desire for self-realization and brings about positive satisfaction.
However, other studies have pointed out the limitations of Herzberg’s two-factor theory by presenting various cases that show that motivational and hygiene factors are not permanently fixed and that they can change according to the person, job, time, or surrounding environment [10] . This study intends to test whether information security can act as a motivational factor, through an empirical analysis of investment in information security and organizational performance. Generally, this is in contrast with the ambiguous argument that information security is a hygiene factor. It is expected that this paper can provide objective evidence for a new perspective, which is that information security–related activities and investment can be a means of improving organizational performance. Figure 1 shows a conceptualized diagram of information technology and information sharing, including information security activities aimed at enhancing organizational performance, based on Herzberg’s motivation factors.
PPT Slide
Lager Image
Relationship between information security activities, motivation factors, and enhancement of an organization’s performance.
To facilitate motivation for information security activities, transaction management, transaction stability, and transaction convenience on stock exchange should be ensured for each organizational member of a security company, and the capability of utilizing them should be fostered as well [11] . Thus, the proposed research model can lead the way in helping to secure service transaction stability in information security and information sharing activities relating to the use of information technology, and can analyze the corresponding effects on financial performance.
III. Research Model
- 1. Research Design
IT infrastructure, which provides a foundation for IT services, refers to the composite hardware, software, network resources, and services required for the existence, operation, and management of an enterprise IT environment [12] . Bowersox and Daugherty argued that information technology would motivate enterprises to develop a wide range of external relations in the future [13] . In their study of more than 2,000 manufacturers, Derocher and Kilpatrick suggested that the capability to implement an integrated information system was the key success factor of supply chain management [14] . Son and others argued that active support of IT service implementation by a CEO would enable the overall planning and control of the system [15] . Patnayakuni and others studied the impact of IT services on the strategic, tactical, and operational level of the management system [16] .
Information sharing, which helps build trust among enterprises, can be defined as how to communicate clear and valuable information with one’s partners in the chain [17] . Sengputa and others studied the service industry to verify the correlation between information sharing and operational and financial performance according to strategies found in the service and manufacturing industries [18] . Spekman and others mentioned information and transaction stability as factors that positively affect customer satisfaction and performance improvement [19] .
Buyers and sellers of financial products conduct their trade over information technology media such as the Internet [6] . The reasons why security company employees are reluctant to trade online include the insufficiency of information, the timeliness of product delivery, and the possibility of return in addition to information security [6] . The information needed for trade — product specifications; price; inventory; delivery time and reliability; review; customer recommendation; guarantee of return; and so on — must be complete and accurate [6] . Urban, Sultan, and Qualls argued that the implementation of measures designed to ensure trade safety is very important for Internet shopping malls [6] .
Security is the condition of being protected from risk or loss. In information systems, security ensures the reliability of the information system. It is also one of the most important factors in creating a successful environment for the enterprise utilizing the information. Information security means the protection of information from internal or external risks or threats to continuously operate the information. The targets of information security include not only the information itself but also the technologies related to information processing and security; the organizational structures and procedures for processing information; the personnel involved in personal information processing; and the activities of information processing and maintenance [4] .
In [4] , Wood stated that information security performance greatly affected customer trust. In his study of the security and control activities of financial institutions, Lee argued that internal security activities (including enterprise-wide security activities) significantly influenced enterprise resource planning performance [4] , [20] . Scott presented productivity decline, profit decline, corporate image deterioration, and monetary loss as the main losses that can occur when security maintenance activities are insufficient [21] . As shown, the construct of each measurement question and reference within it is presented in Table 1 .
Operational definition and measurement of variables.
Construct Measurement question Reference
IT service - Information system and information resource infrastructure needed for securities transaction.Application service constructionPlatform service constructionData service construction Patnayakuni and others (2006),Derocher & Kilpatrick (2000),Bowersox and Daugherty (1995),Son and others (2005)
Information security - Information security is the condition of being protected from risk or loss. In information systems, security ensures the reliability of the information system.Personal information protectionInformation security management systemSecurity maintenance activitiesEnterprise security management Wood (1997),Lee (2010),Scott (2002)
Information sharing - Information sharing is the communication of reliable and valuable information between the transaction partners.Sales information sharingDemand information sharingBusiness information sharing Sengputa and others (2006),Monzka and others (1998)
Transaction stability - Transaction stability is the degree of stability and error rate reduction during the business process including the financial and securities transaction.Stability of parties on transactionError rate reduction of business processError rate reduction of operation programError rate reduction of communications Urban, Sultan, and Qualls (2000)
Organizational performance - Financial/non-financial performance of an enterprise.Increased rate of transaction feeIncreased rate of operating profitIncreased rate of turnover of capitalIncreased rate of salesIncreased rate of market shareIncreased rate of customer maintenance Wood (1997),Spekman and others (1998)
- 2. Hypotheses
The preceding studies emphasized that IT services, information security, and information sharing were important to ensure the success of enterprises. However, there have been few studies that empirically analyzed the relationship between information security and organizational performance compared to that between IT service infrastructure/information sharing and organizational performance. There have been almost no studies offering an analysis from an integrated perspective. As such, this study intends to empirically analyze how IT service infrastructure development, information sharing, and information security are related to the organized nature of enterprises.
Based on the reference in Table 1 , a research model is presented in Fig. 2 wherein IT service, information security activities, and information sharing activities secure transaction stability, thus leading to organizational performance. This study is based on the following hypotheses:
  • ■ H1-1: IT service influences service transaction stability.
  • ■ H1-2: Information security activities influence service transaction stability.
  • ■ H1-3: Information sharing influences service transaction stability.
  • ■ H2: Transaction stability influences organizational performance.
PPT Slide
Lager Image
Research model.
IV. Empirical Analysis
- 1. Data Collection
The parent population of this study comprises a group of employees of domestic branch offices of 16 out of 62 securities firms that are members of the Korea Financial Investment Association and that are operating in the Rep. of Korea. The questionnaire items of the survey were prepared from existing study literatures and data were collected. To measure the questionnaire items, a 7-point Likert scale was used, and the survey was conducted both online and offline. Four hundred surveys were distributed from October 1 to 26, 2012, and 153 responses were collected through the post at local branch offices, while 62 responses were collected online via our homepage, amounting to 215 responses in total. To ensure the reliability of the study, 11 insincere responses and 62 responses by junior personnel with less than five years’ experience in the securities trading industry were excluded. Moreover, 21 responses from those without any work experience related to information and security services were also excluded, leaving a total of 121 responses for use in the analysis.
Table 2 shows the characteristics of the 121 respondents used for the study. In terms of age, 51% were in their 30s. In terms of position, 46% were managers and 54% were either deputy general managers or general managers, including branch office managers. In terms of job, 61% were in private banking while others were in investment banking or a combination of investment banking and private banking.
Characteristics of respondents.
Subject Type Persons Percentage
Age 30–39 62 51%
40–49 39 32%
50–59 20 17%
Subtotal 121 100%
Position Manager 56 46%
Deputy general managers 48 40%
General managers (branch office managers) 17 14%
Subtotal 121 100%
Job Private banking 74 61%
Investment banking 13 11%
Private banking + investment banking 34 28%
Subtotal 121 100%
- 2. Reliability and Validity
This research model, which was verified using partial least square (PLS), is a structural equation model involving a path by which IT, information security, information sharing, and transaction stability lead to organizational performance [22] . The PLS analysis requires the verification of the internal consistency, convergent validity, and discriminant validity of the survey questions and their constructs [23] [25] . As shown in Tables 1 3 , the internal consistency of the survey questions was verified in terms of the composite reliability of Fornell and Larcker and reliability [26] . The verification revealed composite reliability to be over 0.7 (the reference value proposed by Nunnally and others), whereas Cronbach’s alpha, a widely-used verification measure, was also over 0.7 (the reference value proposed by Nunnally) [27] [28] . Convergent validity was verified in terms of average variance extracted (AVE) and the factor loading value of the construct. AVE was found to be over 0.5; that is, the reference value proposed by Fornell and Larcker, Chin, and so on; whereas, the factor loading value of the construct of transaction stability measurement questions, excluding information reliability (0.680), was verified [24] , [26] . AVE was found to be over 0.569, as shown in Table 3 . In Table 4 , the factor loading value of the constructs of all transaction stability questions, except information reliability, was found to be over 0.7; that is, the reference value proposed by Fornell and Larcker [24] [26] . Discriminant validity was verified by determining whether the value of the square root of the AVE of the correlation coefficient of the research model in Fig. 2 — expressed at the diagonal axis — was greater than the correlation coefficient of the other research models [26] .
Verification of internal consistency, convergent validity, and discriminant validity.
AVE Composite reliability Cronbach’s alpha Transaction stability Information sharing Organizational performance IT service Information security
Transaction stability 0.569 0.839 0.747 0.754
Information sharing 0.745 0.898 0.829 0.490 0.863
Organizational performance 0.717 0.938 0.921 0.344 0.213 0.847
IT service 0.773 0.911 0.853 0.465 0.413 0.077 0.879
Information security 0.799 0.941 0.916 0.475 0.417 0.216 0.388 0.894
Results of confirmatory factor analysis.
Construct Measurement questions Organizational performance Transaction stability Information sharing IT service Information security
Organizational performance Increased rates of transaction fee 0.739 0.212 0.166 0.147 0.180
Increased rates of operating profit 0.835 0.355 0.211 0.067 0.194
Increased rates of turnover of capital 0.857 0.228 0.210 0.071 0.261
Increased rates of sales 0.894 0.318 0.208 0.011 0.154
Increased rates of market share 0.859 0.297 0.166 0.108 0.162
Increased rates of customer maintenance 0.887 0.290 0.120 0.017 0.169
Transaction stability Stability of parties on transactions 0.294 0.781 0.356 0.393 0.465
Error rate reduction of business process 0.146 0.709 0.334 0.115 0.290
Error rate reduction of operation program 0.274 0.849 0.428 0.432 0.423
Error rate reduction of communications 0.290 0.662 0.353 0.381 0.210
Information sharing Sale information sharing 0.125 0.429 0.847 0.387 0.426
Demand information sharing 0.172 0.379 0.886 0.264 0.315
Business information sharing 0.250 0.453 0.856 0.404 0.333
IT service Application service construction 0.094 0.453 0.394 0.857 0.400
Platform service construction 0.014 0.362 0.370 0.875 0.278
Data service construction 0.087 0.401 0.320 0.904 0.331
Information security Personal information protection 0.199 0.418 0.457 0.369 0.873
Information security management system 0.183 0.424 0.327 0.396 0.915
Security maintenance activities 0.225 0.460 0.355 0.306 0.889
Enterprise security management 0.161 0.388 0.351 0.318 0.897
The analysis revealed that the smallest of the AVE square root values (0.754) was greater than the greatest correlation coefficient value (0.490). The confirmatory factor analysis also verified the discriminatory validity, requiring that the factor loading value of the construct be greater than the factor loading value of the other constructs. The analysis revealed that all the survey questions met this requirement. As such, the constructs and survey questions used in this research model were examined to verify their internal consistency, convergent validity, and discriminant validity, thus meeting most of the criteria requirements and indicating their suitability for the structural model analysis [24] [27] .
- 3. Model Fitness
The PLS analysis of this research model is shown in Fig. 3 . The path model explanation power of the PLS analysis is expressed as explained variance, R 2 [23] . Figure 3 shows the results of the PLS R 2 analysis, with IT service, information security, information sharing, and inter-departmental interaction having a transaction stability explanation power of 37.7%, and transaction stability having a non-financial performance explanation power of 11.8%. These all met the criteria of Fornell and Larcker [26] . The goodness of fit (GoF) of the research model exceeded the appropriate verification power of 10% proposed by Falk and Miller using the commonality average and geometric average of the R 2 average [25] . The GoF of the research model was executed using both the commonality average and the geometric average of the R 2 average [29] .
PPT Slide
Lager Image
Path analysis.
The analysis revealed that GoF was 0.422, larger than that proposed by Wetzels and others, indicating the high GoF impact of the model [30] . Moreover, as shown in Table 3 , PLS analysis verified the path coefficient and its significance. To that end, using the entire sampling, the path coefficient of the structural model was evaluated; and, using the bootstrap method provided by PLS, the path coefficient, t , was calculated. The results of the analysis were examined in the order of the research hypotheses. First, IT ( β = 0.249, t = 2.848), information security ( β = 0.262, t = 2.351), and information sharing ( β = 0.278, t = 2.571) all had a significant effect on transaction stability, so hypotheses 1-1, 1-2, and 1-3 were adopted. Second, to verify the hypothesis; namely, that transaction stability influences organizational performance, the path was analyzed. The results revealed path coefficient β to be 0.344 and t to be 4.435, making them significant. Thus, hypothesis 2 was adopted, as shown in Table 5 .
PLS path analysis.
Research hypotheses Path Correlation coefficient t R2 value Result
H1-1 Effect of information sharing on transaction stability Information sharing > transaction stability 0.278 2.571 0.337 Adopted
H1-2 Effect of information security on transaction stability Information security > transaction stability 0.262 0.351 Adopted
H1-3 Effect of IT service on transaction stability IT service > transaction stability 0.249 2.848 Adopted
H2 Effect of transaction stability on organizational performance Transaction stability > organizational performance 0.344 4.435 0.118 Adopted
V. Conclusion
- 1. Implications
This study proposed a model by which, in the securities industry, information security activities bolster transaction stability, ultimately leading to improved organizational performance, and these information security activities were used in the structural equation model to perform an empirical analysis. Therefore, investment and activities related to IT service infrastructure, information sharing, and information security were confirmed not as hygiene factors but as motivational factors under Herzbeg’s two-factor theory. The findings of this study can be used as data to support the objectivity and validity of existing information security investments, and they are seen as part of the method of defining information protection investment, not as a cost but as an effective investment, and of offering investment performance. This model can analyze the effect of information security activities; evaluate their validity in corporations and organizations; and effectively contribute to the further development of business performance and goals. This study empirically verified that information security activities contribute to transaction stability, eventually improving organizational performance. By doing so, the validity and effect of information security activities can be analyzed, and corporations and organizations can devise a policy for information protection investment and activities, thus enhancing their business performance.
The implications of this study based on the deduced result can be described as follows. First, the analysis of the model, indicates that investment in information security in the security industry results in strengthened transaction stability, will help improve the outcome of investment in information security in the security and financial industries. Second, security firms can use the model and factors presented in this study as a model for evaluating the feasibility of investment strategies for IT services, information security, and information sharing established to cope with the changing IT environment and measure the investment outcome. Third, this study confirmed that information security activities result in service transaction stability in the financial industry, including the securities business, and that such activities are motivational factors for improving organizational performance, by analyzing their impact on the financial performance of an organization. The result of this study does not directly mean that information security is not a hygiene factor. However, it showed that the nature of the factor can differ according to the characteristics, environment, and timing of each industry — just as in the case of the securities industry, which was the subject of this study. One can acknowledge this to mean that strategic investment must be different according to the investment situation.
- 2. Limitations and Further Research
Despite the significance of this study, it should be noted that this study is more of an exploratory research for the analysis of actual proof in the future. This is because the investment strategy for IT services, information security, and information sharing was established based on existing studies, and its feasibility was measured using subjects who may have a limited understanding of the information security investment strategy. Moreover, the proposed strategy may not be realistic, since the strategy was based on existing studies. In addition, the survey questionnaire that was given to the sampled companies may also not be realistic, because the variables were extracted from previous studies and the survey items were structured to measure those factors.
In future studies, it will be necessary to present a more realistic and concrete strategy based on interviews with IT service and information security performance assessors and investment strategy professionals, as well as on case studies. Moreover, more practical indices for the analysis of actual corporate activities need to be developed, as that will enable accurate measurement of investment performance concerning IT services and information security and study of various causal relationships through indices.
BIO
konghk1@naver.com
Heekyung Kong received her PhD degree in management information systems from the Graduate School of Business, Chungbuk National University, Cheongju, Rep. of Korea. She has worked for the Technical Strategy Research Division, Electronics and Telecommunications Research Institute, Daejeon, Rep. of Korea, from 2009 to 2012. She is currently a research professor of information & communication engineering at Chungbuk National University. Her research interests include information security management, information security policy, information security economics, and management of technology.
jshgs@naver.com
Suhyun Jung received his PhD degree in production management from the Graduate School of Business, Chungbuk National University, Cheongju, Rep. of Korea, in 2012. He is currently a senior researcher of the Chungbuk Regional Human Resource Development Council, Cheongju, Rep. of Korea. His research interests include service operations management, service quality, service supply chain management, 6-sigma, and management of technology.
insulee@cbnu.ac.kr
Insung Lee received his BS and MS degrees in electronics engineering from Yonsei University, Seoul, Rep. of Korea and his PhD degree in electrical engineering from Texas A&M University, College Station, TX, USA. From 1993 to 1995, he worked at the Electronics and Telecommunications Research Institute, Daejeon, Rep. of Korea, where he was involved in the development project of CDMA mobile communication systems. Since 1995, he has been with the Department of Information & Communication Engineering, Chungbuk National University, Cheongju, Rep. of Korea. He has been involved in research on speech and audio coding; voice over IP; and signal processing for communication. He is a member of the IEEE, IEICE, IEEK, and Acoustic Society of Korea.
Corresponding Author sjyeon@etri.re.kr
Seung-Jun Yeon received his PhD degree in management information systems from Chungbuk National University, Cheongju, Rep. of Korea. He is currently a senior researcher at the Electronics and Telecommunications Research Institute, Daejeon, Rep. of Korea and is participating in the development of the national ICT R&D strategy. His research interests include information resource management, R&D policy, information strategy planning, technological forecasting methodologies, technology assessment (from a social perspective), and system dynamics modeling.
References
Kim K. “[Proper Knowledge of the ICT Act] The Crisis of Electronic Financial Transactions: Phishing, Pharming, and Smishing.” http://www.ddaily.co.kr/news/news_view.php?uid=102313
Parke D.B. “The Strategic Values of Information Security in Business,” Comput. Security 16 (7) 572 - 582    DOI : 10.1016/S0167-4048(97)80793-6
Kim J.D. , Park J.E. “A Study on ROSI of TCO-Based Information Protection,” Collection Papers Digit. Policy Soc. Inauguration Symp. Seoul, Rep. of Korea Dec. 12, 2003 251 - 261
Wood C.C. 1997 “Part of the Foundation for Secure Systems: Separation of Duties Policy,” Inf. Manag. Comput. Security 5 (1) 18 - 19    DOI : 10.1108/09685229710167999
Kong H. , Kim T.S. , Kim J.D. 2012 “An Analysis on Effects of Information Security Investments: A BSC Perspective,” J. Intell. Manuf. 23 (4) 941 - 953    DOI : 10.1007/s10845-010-0402-7
Urban G.L. , Sultan F. , Qualls W.J. 2000 “Placing Trust at the Center of Your Internet Strategy,” Sloan Manag. Rev. 42 (1) 39 - 48
Jeong S. 2012 “A Study on the Effect of Organizational Support and Service Activities on Corporate Performance in the Securities Industry,” Service Manag. Soc. J. 13 (3) 275 - 292
Herzberg F. , Mauner B. , Snyderman B.B. 1959 “The Motivation to Work,” John Wiley & Sons New York, NY, USA
Herzberg F. 1966 “Work and the Nature of Man,” World Publishing Co. New York, NY, USA
Amabile T.M. 1994 “The Work Preference Inventory: Assessing Intrinsic and Extrinsic Motivational Orientations,” J. Pers. Soc. Psychology 66 (5) 950 - 967    DOI : 10.1037/0022-3514.66.5.950
Tampoe M. 1993 “Motivating Knowledge Workers — the Challenge for the 1990s,” Long Range Planning 26 (3) 49 - 55
Janssen C. “IT Infrastructure,” Techopedia TM Janalta Interactive Inc. http://www.techopedia.com/definition/29199/it-infrastructure
Bowersox D.J. , Daugherty P.J. 1995 “Logistics Paradigms: The Impact of Information Technology,” J. Business Logistics 16 (1) 65 - 80
Derocher R.P. , Kilpatrick J. 2000 “Six Supply Chain Lessons for the Millennium,” Supply Chain Manag. Rev. 3 (4) 34 - 40
Son J.Y. , Narasimhan S. , Riggins F.J. 2005 “Effects of Relational Factors and Channel Climate on EDI Usage in the Customer-Supplier Relationship,” J. Manag. Inf. Syst. 22 (1) 321 - 353
Patnayakuni R. , Rai A. , Seth N. 2006 “Relational Antecedents of Information Flow Integration for Supply Chain Coordination,” J. Manag. Inf. Syst. 23 13 - 49
Monczka R.M. 2007 “Success Factors in Strategic Supplier Alliances: The Buying Company Perspective,” Decision Sci. 29 (3) 533 - 577
Sengupta K. , Heiser D.R. , Cook L.S. 2006 “Manufacturing and Service Supply Chain Performance: A Comparative Analysis,” J. Supply Chain Manag. 42 (4) 4 - 15
Spekman R.E. , Kamauff Jr J.W. , Myhr N. 1998 “An Empirical Investigation into Supply Chain Management: A Perspective on Partnership,” Supply Chain Management: Int. J. 3 (2) 53 - 67    DOI : 10.1108/13598549810215379
Lee J.H. 2010 “The Impact of Security and the Control of Financial Institutions on ERP System Performance,” J. Korean Academic Soc. Accounting 15 (1) 309 - 329
Scott D. 2002 “Best Practice and Trends in Business Continuity Planning,” Gartner, Inc. the U.S. Symposium/ITxpo Orlando, FL, USA
Fornell C. , Bookstein F.L. 1982 “Two Structural Equation Models: LISREL and PLS Applied to Consumer Exit-Voice Theory,” J. Marketing Res. 19 (4) 440 - 452    DOI : 10.2307/3151718
Chin W.W. , Gopal A. 1995 “Adoption Intention in GSS: Relative Importance of Beliefs,” ACM SIGMIS Database 26 (2) 42 - 64    DOI : 10.1145/217278.217285
Chin W.W. 1998 “Issues and Opinion on Structural Equation Modeling,” MIS Quarterly 22 (1) 7 - 16
Falk R.F. , Miller N.B. 1992 “A Primer on Soft Modeling,” The University of Akron Press Akron, OH, USA
Fornell C. , Larcker D.F. 1981 “Evaluating Structural Equation Models with Unobservable Variables and Measurement Error,” J. Marketing Res. 18 (1) 39 - 50    DOI : 10.2307/3151312
Nunnally J.C. , Bernstein I.H. 1987 “Psychometric Theory,” McGraw-Hill New York, NY, USA
Barclay D. , Higgins C. , Thompson R. 1995 “The Partial Least Squares Approach to Causal Modeling: Personal Computer Adoption and Use as an Illustration,” Technol. Studies 2 (2) 285 - 309
Tenenhaus M. 2005 “PLS Path Modeling,” Comput. Statistics Data Anal. 48 (1) 159 - 205    DOI : 10.1016/j.csda.2004.03.005
Wetzels M. , Odekerken-Schröder G. , Oppen C. 2009 “Using PLS Path Modeling for Assessing Hierarchical Construct Models: Guidelines and Empirical Illustration,” MIS Quarterly 33 (1) 177 - 195