本研究旨在了解非營利組織資訊科技能力、資訊安全認知的現況，以探討非營利組織資訊科技能力對資安認知之影響，並希望從更全面的資訊科技能力探討其對非營利組織的資安認知影響，以對非營利組織提供實務層面建議。

經彙整過去研究，設計資訊科技能力與資訊安全認知量表，採用問卷調查法，針對臺灣公益中心所登錄非營利組織發放問卷，資料分析採用SPSS的相關及迴歸分析，結果顯示非營利組織資訊科技能力與資安認知有顯著正向相關影響存在。

研究結果發現，非營利組織如需加強員工資訊安全認知，除了從教育訓練著手，還可結合組織的系統面、操作面、制度面等，從資訊科技能力來加強員工資安認知；在資訊安全認知部份，非營利組織可從法律規範與風險管理改善資訊安全認知薄弱面；而在有限資源下，從最具影響及預測力的人力資源著手擬定資訊安全防護策略。

This study aimed to investigate the influences of the IT ability of non-profit organizations and their cognition about information security. Besides, through understanding the IT ability of the NPOs and their cognition about information security, this research analyzed the effects of the more comprehensive IT ability on the NPOs’ cognition about information security in order to provide the practical suggestions to the NPOs.
 
By reviewing the past literature, the scale of IT ability and the scale of cognition about information security were designed in this research. The questionnaire survey method was adopted and the questionnaires were delivered to those NPOs registering at Taiwan NPO information platform. The relation analysis and the regression analysis in SPSS were used, and the results showed there was positive relation between the IT ability of the NPOs and their cognition about information security.

Confronted with the lack of the fund, the human resources, the hardware, and the software, the NPOs have to start from the employees’ cognition about information security so that they could manage the information security effectively in information revolution. In addition, when the NPOs strengthen their tangible and intangible assets as well as the IT ability of their human resources, they would also increase the inner cognition about information security and consolidate the whole information security of the organization.

目次	IV
表目錄	VI
圖目錄	VIII

第一章	緒論	1
第一節	研究背景	1
第二節	研究動機與目的	6
第三節	研究流程	7
第二章	文獻探討	11
第一節	非營利組織	11
第二節	資訊科技能力	20
第三節	資訊安全認知	25
第三章	研究架構與設計	31
第一節	研究架構	31
第二節	研究設計	33
第四章	資料分析	41
第一節	樣本分析	41
第二節	敘述性統計分析	49
第三節	研究構面信、效度分析	64
第四節	資訊科技能力與資訊安全認知關係分析	82
第五節	不同非營利組織類型對資訊安全認知之差異	87
第五章	討論	89
第六章	結論	94
第一節	研究結論	94
第二節	研究限制與未來研究建議	102
參考文獻	104
附    錄：問卷	110

表2-1 資訊科技能力構成維度	22
表2-2 資訊安全基礎知識與素養課程架構整理對照表	29
表3-1 問卷設計參考來源	34
表3-2 前測問卷信度檢測	36
表3-3 臺灣公益中心網站之非營利組織數量	38
表4-1 問卷回收統計	41
表4-2 非營利組織類型問卷回收比例	42
表4-3 樣本組織類型人數分配統計表	43
表4-4 樣本個人基本資料統計表	45
表4-5 上班使用電腦時間統計表	46
表4-6 非營利組織基本資料	48
表4-7 有形資源能力之統計結果	51
表4-8 無形資源能力之統計結果	54
表4-9 人力資源能力之統計結果	57
表4-10 資訊科技能力之統計結果	59
表4-11 資訊科技能力排序	60
表4-12 資訊安全認知之統計結果	62
表4-13 非營利組織員工人數與資訊科技能力、資安認知統計	63
表4-14 問卷信度檢測	64
表4-15 有形資源能力構面─效度及變數與信度之檢定	68
表4-16 無形資源能力構面─效度及變數與信度之檢定	71
表4-17 人力資源能力構面─效度及變數與信度之檢定	74
表4-18 資訊安全認知構面─效度及變數與信度之檢定	80
表4-19 資訊科技能力與資訊安全認知積差相關分析表	83
表4-20 有形資源能力與資訊安全認知相關係數	85
表4-21 無形資源能力與資訊安全認知相關係數	85
表4-22 人力資源能力與資訊安全認知相關係數	86
表4-23 資訊科技能力與資訊安全認知相關係數	86
表4-24 非營利組織類型與資安認知單因子變異數分析摘要表	87
表4-25 本研究假說驗證	88
表6-1 非營利組織資訊科技資源規劃建議	95
 
圖1-1 研究流程圖	8
圖2-1 法人分類表	13
圖2-2 資訊安全學習歷程	27
圖3-1 研究架構	32

一、中文文獻
1.王振軒、趙忠傑（2006）。非營利組織資訊化能力建構。非營利組織管理學刊，4，27-51。
2.司徒達賢 (1999)。非營利組織的經營管理。台北：天下遠見出版股份有限公司。
3.吳思華（2000）。策略九說－策略思考的本質。台北：臉譜文化。
4.李長貴（1998）。組織行為。台北：華泰文化。
5.況志軍、鄭淑娟、宋夏云（2007）。IT資源、IT能力與持續競爭優勢。科技管理研究，27(1)，101-103。
6.張秘（1991）。台灣地區基金會名錄。台北：喜瑪拉研究發展基金會。
7.曹明玉（2006）。資訊安全認知評量表之研究。淡江大學資訊管理學系碩士論文，台北縣。
8.陳美伶（1993）。統一財團法人主管機關可行性之研究。台北：法務部。
9.喜瑪拉雅基金會（1997）。基金會在臺灣。台北：喜瑪拉雅研究發展基金會。
10.喜瑪拉雅研究發展基金會（1999）。臺灣300家主要基金會名錄。台北：喜瑪拉雅研究發展基金會。
11.黃芳銘（2004）。社會科學統計方法學：結構方程模式。台北：五南。
12.蔣麗君、蕭乃沂（2008）。政府資訊人力與資訊預算之研究：現況、挑戰與因應策略。行政院研究發展考核委員會委託電子治理研究中心執行之研究報告（報告編號：09640D00503）。
13.蔡達智（2006）。非營利組織維護國家機密的理論與實際－以國家實驗研究院為例。科技發展政策報導，SR9512，1512-1532。
14.蕭新煌(1999)。非營利部門：組織與運作。台北：巨流圖書。
15.謝凱孫、林舒柔譯(2003)。現代策略管理：觀念、技巧、應用。台北：科大文化。
16.聯合勸募協會、臺灣微軟公司（2000）。NPO-2000 Report for Giving Program Research。

二、英文文獻
17.Avgerou, C. (1995).Transferablity of information system and organisation practices, The Proceedings of the Int. Federation for Information Processing Int. Conference, Cairo, Egypt, Jauary. 3-5.
18.Bakos, J. Y. & Treacy, M. E. (1986). Information Technology and Corporate Strategy: A Research Perspective. MIS Quarterly, 10(2), 106-119.
19.Barney, J. B. (1991). Firm Resources and Sustained Competitive Advantage. Journal of Management, 17(1), 99-120.
20.Bharadwaj, A. (2000). A Resource-Based Perspective on Information Technology Capability and Firm Performance: An Empirical Investigation. MIS Quarterly, 24(1), 169-196.
21.Bryman, A. & Cramer, D. (1997). Quantitative Datat Analysis with SPSS for Windows. London: Routledge.
22.Brynjolfsson, E. & Hitt, L. (1997, September 22). Breaking Boundaries. Information Week, Special Issue, 34-36.
23.Burt, E. & Taylor, J. (2000). Information and communication technologies reshaping voluntary organizations?. Nonprofit Management and Leadership, 11(2),131-143.
24.Burt, E. & Taylor, J. (2002). Advanced networked technologies in the U.K. voluntary sector. Voluntas: International Journal of Voluntary and Nonprofit Organizations, 12(4), 313-326.
25.Burt, E. & Taylor, J. (2003). New technologies, embedded values, and strategic change: Evidence from the U.K. voluntary sector. Non-profit and Voluntary Sector Quarterly, 32(1), 115-127.
26.Byrd, T. & Turner, D. (2000). An Exploratory Analysis of the Value of the Skills of IT Personnel: Their Relationship to IS Infrastructure and Competitive Advantage. Decision Science, 32(1), 22-24.
27.Capon, N. & Glazer, R. (1987). Marketing and Technology: A Strategic Coalignment. Journal of Marketing ,51(3), 1-14.
28.Copeland, D. G. & McKenney, J. L. (1988). Airline Reservation Systems: Lessons from History. MIS Quarterly, 12(3), 353-370.
29.Donohue, M. (2008). States push to encrypt personal data. Retrieved June 13, 2011, from the Non-profit news website: http://www.thenonprofittimes.com/article/detail/states-push-to-encrypt-personal-data-2245l.
30.Fornell, C. & Larcker, D.F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1), 39-50.
31.Gordon, L. A., & Loeb, M. P., & Lucyshyn, W. & Richardson, R. (2004). CSI/FBI computer crime and security survey. Manhasset, NY: CMP Media.
32.Grant, R. M. (1991). The Resoure-Based Theory of Competitive Advantage: Implications for Strategy Formulation. California Management Review, 33, 114-135.
33.Grant, R. M. (1995). Contemporary Strategy Analysis. Oxford, UK: Blackwell Publishers Inc.
34.Hoskisson, R. E., & Hitt, M. A., & Wan, W. P., & Yiu, D. (1999). Swings of a pendulum: Theory and research in strategic management. Journal of Management, 25(3), 417-456.
35.John, L. (2003). Improving user security behavior. Computers & Security, 22(8), 685-692.
36.Keen, P. G. W. (1991). Shaping the Future: Business Design Through Information Technology. Cambridge, MA: Harvard Business Press.
37.Lawry, R. P. (1995). Accountability and nonprofit organizations: an ethical perspective. Nonprofit Management and Leadership, (Winter), 171-180.
38.Lee, D., & Trauth, E. & Farwell, D. (1995). Critical Skills and Knowledge Requirements of IS Professionals: A Joint Academic/Industry Investigation. MIS Quarterly, 19(3), 313-340.
39.Levine, K. (1986). The social context of literacy. London: Routledge & Kegan Paul.
40.Lord, R. G. (1985). An information processing approach to social perceptions,leadership perceptions and behavior measurement on organizational settings. In B. M. Staw & L. L. Cummings (Eds.), Research in organizational behavior, 7, 87-128, Greenwich, CT: JAI Press.
41.Mata, F., Fuerst, W. & Barney, J. (1995). Information technology and sustained competitive advantage: A resource-based analysis. MIS Quarterly, 19(4), 487-505.
42.Matusik, S. F. & Hill, C.W. (1998) The Utilization of Contingent Work, Knowledge Creation, and Competitive Advantage. The Academy of Management Review, 23(4),  680-697.
43.McKenney, J. L. (1995). Waves of Change: Business Evolution Through Information Technology. Cambridge, MA: Harvard Business School Press.
44.Mueller, R. O. (1997). Structural Equation Modeling: Back to Basics. Structural Equation Modeling, 4 , 353-369.
45.Nancy Kolb & Faisal Abdullah (2009). Developing an Information Security Awareness Program for a Non-Profit Organization. International Management Review, 5(2), 103-107.
46.National Institute of Standards and Technology (NIST). (1998). Information Technology Security Training Requirements: A Role- and Performance-Based Model. NIST Special Publication 800-16. Washington: U.S. Government Printing Office. 
47.Niederman, F., & Brancheau, J. C., & Wetherbe, J. C. (1991). Information Systems Management Issues for the 1990s. MIS Quarterly, 15(4), 474-500.
48.Reed, R. & DeFillippi, R. J. (1990). Casual Ambiguity, Barriers to Imitation and Sustainable Competitive Advantage. Academy of Management Review. 15(1), 88-102.
49.Ross, J. W., Beath, C. M., & Goodhue, D. L. (1996). Develop Long-term Competitiveness Through IT Assets. Sloan Management Review, 38(1), 31-45.
50.Salamon, Lester M. & Helmut, K. Anheier. (1997). Defining the nonprofit sector: a cross-national analysis. Manchester University Press, Inc. 
51.Salamon, Lester M., (1995). Partners in public service: government-nonprofit relations in the modern welfare stat. Baltimore and London: The Johns Hopkins University Press, Inc.
52.Sambamurthy, V. & Zmud, R. W. (1992). Managing IT for Success: The Empowering Business Partnership. Working Paper, Financial Executives Research Foundation.
53.Schwarz, A. & Hirschheim, R., (2003). An extended platform logic perspective of IT governance managing perceptions and activities of IT, The Journal of Strategic Information Systems, 12(2), 129-166.
54.Weill, P., Broadbent, M., & Butler, C. (1996). Exploring How Firms View IT Infrastructure. Working Paper, The University of Melbourne.
55.Wernerfelt, B. (1984). The Resource-Based View of the Firm. Strategic Management Journal, 5(2), 171-180.
56.Wilson, M. & Dorothea E. de Zafra, Sadie I. Pitcher, John D. Tressler, John B. Ippolito. (1988). Information Technology Security Training and Performance-Based Model. NIST SP 800-16, Washington: U.S. Government printing office. 
57.Wolf, T. (1990). Managing a Nonprofit Organization. New York: Fireside .
58.Wright, P. M. & McMahan, G. C. (1992). Theoretical Perspectives for Strategic Human Resource Management. Journal of Management, 18, 295-320.
59.Yenisey, M., Ozok, A., & Salvendy G., (2005). Perceived Security Determinants in E-Commerce among Turkish University Students. Behaviour & Information Technology, 24(4), 259-274.