112年科技管理學刊第28卷第3期
Volume 28, Number 3 December 2023 (若需下載全文請登入會員)
金融創新服務之風險管理分析
邱安安 An-Yuan Chang / 黃劭彥 Shaio-Yan Huang/ 劉福運Fu-Yun Liu /
鄭嫆琄 Jung-Chuan Cheng
近年來各項科技瞬息萬變,讓各產業發生巨大變化,金融創新服務在數位化與商業模式改變中所帶來的影響,各種金融交易都能在行動APP 完成,但同時也存在風險,本研究目的係探討金融業APP 所面臨的風險,以提供管理團隊建構降低相關風險的管控機制,研究中依據NIST 發布網路安全框架( 為核心的設計框架,彙整金融業APP
風險項目並對應至各構面下的控管要項,並經由業界專家的問巻結果排序APP 風險重要性。本研究得出全體專家都認為重要程度最高之共同項目為「敏感性資料保護」、「傳輸敏感性資料時未加密傳輸」,這個結果顯示出機密資料防護的重要性。
本研究共找出51 個金融業APP 所面臨的相關風險與威脅,使其在開發APP 時能了解潛在與容易發生的風險,並透過專家問巻的分析結果得出風險項目重要性的排名,俾使金融業開發APP 時能妥適規劃面對風險的因應流程,強化資安機制並有效降低資安事故的發生,並作為落實資通安全檢查機制和內控的參考依據。
In recent years, the rapid changes in various technologies have led to breakthrough
growth in the development of information in various industries. Mobile APPs have
a strong impact on business digitalization and the changes in the business model.
Various banking transactions can be completed in mobile APPs, but it also comes
with risks. The purpose of this research is to discuss th e risks faced by financial
APPs which can assist the management team to construct a control mechanism to
reduce related risks. The paper uses the Cyber Security Framework (CSF) released
by NIST as the control element of the design structure and summarizes a list of
financial APP risk items. Each risk item corresponds to the control and
management mechanism under each aspect. Subsequently, the importance of risk
items is ranked through expert questionnaires. This study shows that all experts
consider "sensit ive data protection" and "unencrypted transmission during
transmission of sensitive data" to be the two most important risk items. This result
shows the importance of confidential data protection.
This research suggests that there are 51 relevant risks and threats faced by
financial APPs. Banks can understand the potential and easy to occur risks when
developing APP by obtaining the rank of the importance of risk items through the
analysis results o f the expert questionnaire. This enables the banks to properly
plan the response process to risks when developing APPs, strengthen the
information security mechanism and effectively reduce the occurrence of
information security accidents. The results can s erve as a reference for the
implementation of the information security inspection mechanism and internal
control.
完成台灣科技廊帶最後一哩路: 以多準則分析探討屏東科學園區發展之政策工具
王仁聖 Shu-Mei Wang / 潘怡君 Pei-Chang Wen / 鄧鈺霖 Yu-lin Teng / 魏大雅Dah-Yee Wei
屏東科學園區位於台灣科技廊帶的最南端,且與高雄、屏東周邊產業園區之在地產業相輔相成,預期形塑產業群聚效應。然而科學園區的成功發展取決於其向利益相關者提供政策工具所創造的價值主張,因此科學園區發展必須考慮哪些政策工具會導致產業環境發生變化,以及這些政策工具如何影響科學園區發展。據此,本文以Rothwell and Zegveld 政策工具理論為研究架構,運用決策實驗室分析法(decision making trial and evaluation laboratory laboratory,DEMATEL) 結合網絡分析法(analyti c network process process,ANP) 成為DANP 多準則分析,並藉由屏東科學園區四大主軸產業比較分析,探討屏東科學園區發展。
DEMATEL
分析結果首先顯示供給面政策工具與需求面政策工具的影響性相對重要。其次,DANP 分析結果指出前六個最重要的政策工具分別為「公共服務」、「公營事業」、「教育與訓練」、「貿易管制」、「政府採購」及「海外機構」,最後本研究依據分析結果說明其意涵與相關建議。
PingTung Science Park is located at the southernmost tip of Taiwan’s Science and
Technology Corridor, and complements the local industries in Kaohsiung and
Pingtung’s surrounding industrial parks. It is expected to shape the industrial
cluster effect. Howe ver, the successful development of a science park depends on
the value proposition created by providing policy instruments to stakeholders, so
the development of a science park must consider which policy instruments would
lead to changes in the industrial environment, and how these policy instruments
affect the development of a science park. Accordingly, this paper takes Rothwell
and Zegveld policy instrument theory as the research framework and uses the
decision making trial and evaluation laboratory (DEMA TEL) combined with the
network analysis method (analytic network process, ANP) to become DANP
multivariate analysis to explore the development of Pingtung Science Park per the
comparasion analysis of the four main industries of the Pingtung Science Park.
The DEMATEL analysis results first show that the influence of supply
side policy
and demand side policy instruments are relatively important. Secondly, the DANP
analysis results indicate that the top six most important policy instruments are
‘public servic es’, ‘public enterprises’, ‘education’, ‘commmercial’, ‘government
procurement’ and ‘overseas agent’. Finally, according to the analysis results, this
study explains management implications and related suggestions.
臺灣資通訊科技產業中研發密度、技術產出與公司財務績效的關聯性探究
蔡佩庭 Pei-Ting Tsai / 董蕙茹 Huei-Ru Dong
自90 年代開始,臺灣即以資通訊科技產業為發展重心,且具有全球優勢與市場競爭力,因此資通訊科技產業界對於維持市場佔有率、提高銷售量、提升競爭力與技術領導地位等議題相當重視。本研究欲以專利的角度出發,針對臺灣ICT 整體及ICT 八類產業,探究研究發展、專利與公司的績效間的關聯,分別採用臺灣ICT
產業公司的研究發展密度、專利數量、專利被引用次數及專利技術布局等研究發展指標,探討其與公司財務績效關聯。研究結果臺灣ICT 產業公司之整體產業與八個產業的研究發展密度、專利數、專利被引用次數及專利數技術布局與財務績效之關係不盡相同,不同產業公司之研發倚賴有不同看法。
Since the 1990s, Taiwan has focused on the development of the
information and
communication technology (ICT) industry, which has gained global advantages
and market competitiveness. Therefore, the ICT industry attaches great
importance to issues such as maintaining market share, increasing sales volume,
enhancing com petitiveness, and achieving technological leadership. This study
explores the relationship between research and development (R&D), patents, and
firm performance in the overall ICT industry and its eight sub industries in Taiwan
from a patent perspective. V arious indicators, including research and development
density, patent quantity, patent citations, and patent technology layout of
Taiwanese ICT industry companies, are analyzed to investigate their associations
with firm financial performance. The research findings reveal that the relationship
between the overall ICT industry and its eight sub industries differs in terms of
research and development density, patent quantity, patent citations, and patent
technology layout, indicating varying perspectives on t he reliance on R&D among
companies in different industries.