Abduljalil, S. & Abdulhamid, R. (2005 & 2007). ISMS Pilot Program Experiences: Benefits, Challenges & Recommendations. 2013, from http://cybersecurity. my/data/content_files/11/23.pdf.
Al-Awadi, M. & Renaud, K. (2007).
Success factors in information security implementation in organizations. Paper presented at the IADIS International Conference e-Society 2007, Available in:
http://www.dcs.gla.ac.uk /~karen/ Papers/sucessFactors2.pdf.
Bellone, J. (2008). A practiced approach to information security management system implementation. Information Management & Computer Security, 16 (1): 49-57.
Chau, J. (2005). Skimming the technical and legal aspects of BS7799 can give a false sense of security. Computer Fraud & Security, 9: 8-10.
Choi, N., Kim, D. & Goo, J. (2008). Knowing is doing: An empirical validation of the relationship between managerial information security awareness and action. Information Management & Computer Security, 16 (5): 484-485.
Dhillon, G. (2001). Information security management: global challenges in the new millennium, IGI Global, DOI: 10.4018/978-1-878289-78-0.
Ernest-Jones, T. (2006). Pinning down a security policy for mobile data, Network Security, 2006 (6): 8-13.
Fomin, V.,
DeVries, H., Barlette, Y. (2008).
ISO/IEC 27001 Information systems security management standards: Exploring the reasons for low adoption. RSM Erasmus University, Netherland.
Honan, B. (2006). IT security-commoditized, badly Infosecurity Today, 3 (5): 41.
ISO/IEC 27001: 2013: Information technology — Security techniques — Information security management systems—Requirements, http://www.iso. org/iso/iso_catalogue/catalogue_ics/catalogue_detail_ics.htm?csnumber=54534.
Kakkar, A., Punhani, R. & Madan, S. (2012). Implementation of ISMS and its Practical Shortcomings. International Refereed Research Journal ISSN 1839-6518,Vol. 02, No. 01, www.irj.iars.info.
Kazemi, M., Khajouei, H. & Nasrabadi, H. (2012). Evaluation of information security management system success factors: Case study of Municipal organization. African Journal of Business Management, 6(14): 4982-4989.
Khorasani Rad, A., Hossein Abadi, H. & Amirzadeh, R. (1996). Standard ISO / IEC 27001:2005. Partner company Tuff Iran (Member of TUV Nord), Tehran.
(in Persian)
Knapp, K. J., Marshall, T. E., Rainer, R. K. & Morrow, D. W. (2004). Top Ranked Information Security Issues: The 2004 International Information Systems Security Certification Consortium (ISC) Survey Results. Auburn University, Auburn, AL.
Kotonya, G. & Sommerville, I. (1998). Requirements Engineering Process and Techniques. Hardcover, ISBN: 978-0-471-97208-2, http://eu.wiley.com/ WileyCDA/WileyTitle/productCd-0471972088.html#instructor.
Kraemer, S.B. (2006). An adversarial viewpoint of human and organizational factors in computer and information security. A dissertation for the degree of Doctor Philosophy at the university of Wisconsin-Madison.
Kritzinger, E. & Smith, E. (2008). Information security management: An information security retrieval and awareness model for industry. Computers & Security, 27 (5): 224-231.
Ku, C., chang, Y., Yen, D. (2009). National information security policy and its implementation: A case study in Taiwan. Telecommunications Policy, 33 (7): 371-384.
Kwok, L. & Longley, D. (1999). Information security management and modeling. Information Management & Computer Security, 7 (1): 30-40.
Mivald, A. (2004). Computer network security, Translated by Seyyed Ahmad Safai, The first edition, Daneshparvar, Tehran. (in Persian)
Ryan, J. (2006). A comparison of information security trends between formal and informal environments. A Dissertation for the Degree of Doctor of Philosophy the Graduate, Faculty of Auburn University Alabama.
Sadr-Ameli, F., Tork Ladany, B. & Farahi, A. (2009).
Challenges and succes factors for implementation of Information Security Management System (ISMS) in Iran a by hierarchical analysis method (AHP). Sixth International Conference on Management of Information and Communication Technology, Tehran, Institute of Management Technology,
http://www.civilica.com/ Paper-ICTM06-ICTM06_142.html. (
in Persian)
Siponen, M. & Willison, R. (2009). Information security management standards: Problems and solutions. Information & Management, 46 (5): 267-270.
Taheri, M. (2009). Provide a framework for the role of human factors in information systems security. MA thesis, Tarbiat Modarres University, Faculty of Humanities. (in Persian)
Vermeulen, C. & Von Solms, R. (2002). The information security management toolbox-taking the pain out of security management. Information management & computer security, 10 (3): 119-125.
Zuccato, A. (2007). Holistic security management framework applied in electronic commerce. Computer and Security, 26 (3): 256-265.