A. Datta, Information Technology Capability, Knowledge Assets and Firm Innovation, International Journal of Strategic Information Technology and Applications, vol.2, issue.3, pp.9-26, 2011.
DOI : 10.4018/jsita.2011070102

C. R. Raduan, U. Jegak, and A. Haslinda, Alimin, I.I.: A Conceptual Framework of the Relationship Between Organizational Resources, Capabilities, Systems, Competitive Advantage and Performance, Research Journal of International Studies, vol.12, pp.45-58, 2009.

J. A. Van-kleef and N. J. Roome, Developing capabilities and competence for sustainable business management as innovation: a research agenda, Journal of Cleaner Production, vol.15, issue.1, pp.38-51, 2007.
DOI : 10.1016/j.jclepro.2005.06.002

A. Bhatnagar and S. Ghose, Segmenting consumers based on the benefits and risks of Internet shopping, Journal of Business Research, vol.57, issue.12, pp.1352-1360, 2004.
DOI : 10.1016/S0148-2963(03)00067-5

M. Byeong-joon, Consumer adoption of the internet as an information search and product purchase channel: some research hypotheses, Int. J. Internet Marketing and Advertising, vol.1, pp.104-118, 2004.

J. Bumsuk, H. Ingoo, and L. Sangjae, Security threats to Internet: a Korean multi-industry investigation, Information & Management, vol.38, pp.487-498, 2001.

S. Posthumus and R. Solms, A framework for the governance of information security, Computers & Security, vol.23, issue.8, pp.638-646, 2004.
DOI : 10.1016/j.cose.2004.10.006

W. H. Baker and L. Wallace, Is Information Security Under Control?: Investigating Quality in Information Security Management, IEEE Security and Privacy Magazine, vol.5, issue.1, pp.36-44, 2007.
DOI : 10.1109/MSP.2007.11

Q. Yeh, A. Chang, and J. , Threats and countermeasures for information system security: A cross-industry study. Information & Management, pp.44-480, 2007.
DOI : 10.1016/j.im.2007.05.003

J. N. Ezingeard and S. M. Bowen, Triggers of Change in Information Security Management Practices, Journal of General Management, vol.15, issue.4, pp.53-72, 2007.
DOI : 10.1080/07421222.1999.11518226

M. E. Whitman and H. Mattord, Principles of Information Security, 2009.

D. Mellado, C. Blanco, L. E. Sánchez, and E. F. Medina, A systematic review of security requirements engineering, Computer Standards & Interfaces, vol.32, issue.4, pp.153-165, 2010.
DOI : 10.1016/j.csi.2010.01.006

E. Fray, I. Kurkowski, M. Pejas, J. Mackow, and W. , A New Mathematical Model for Analytical Risk Assessment and Prediction in IT Systems, Control and Cybernetics, pp.41-42, 2012.

N. Mayer and J. P. Humbert, La gestion des risques pour les systèmes d'information. MISC-Éditions Diamond, pp.1-7, 2006.

M. Harmonisée-d, Analyse de Risques (MEHARI): Club de la Sécurité de l, 2010.

R. Moeller, IT Audit, Control, and Security, 2010.
DOI : 10.1002/9781118269138

J. Dray, COMPUTER SECURITY AND CRIME: IMPLICATIONS FOR POLICY AND ACTION, Office Technology and People, vol.4, issue.3, pp.297-313, 1988.
DOI : 10.1108/eb022662

T. Fisher, ROI in social media: A look at the arguments, Journal of Database Marketing & Customer Strategy Management, vol.16, issue.3, pp.189-195, 2009.
DOI : 10.1057/dbm.2009.16

D. B. Parker, Computer Security Management, 1991.

R. K. Rainer, C. A. Snyder, and H. H. Carr, Risk Analysis for Information Technology, Journal of Management Information Systems, vol.6, issue.1, pp.129-147, 1991.
DOI : 10.1016/0167-4048(87)90032-0

R. Ferdous, F. I. Khan, B. Veitch, and P. R. Amyotte, Methodology for Computer-Aided Fault Tree Analysis, Process Safety and Environmental Protection, pp.85-70, 2007.
DOI : 10.1205/psep06002

J. D. Andrews and L. M. Ridley, Application of the cause?consequence diagram method to static systems, Reliability Engineering & System Safety, vol.75, issue.1, pp.75-122, 2002.
DOI : 10.1016/S0951-8320(01)00113-2

M. Bartlett, E. E. Hurdle, and E. M. Kelly, Integrated system fault diagnostics utilising digraph and fault tree-based approaches. Reliability Engineering & System Safety, pp.94-1107, 2009.
DOI : 10.1016/j.ress.2008.12.005

S. M. Jacoub and H. H. Ammar, A methodology for architectural-level reliability risk analysis, IEEE Transaction on Software Engineering, vol.28, pp.529-547, 2002.

G. Braun, Information Security Risk Analysis and Decision Modelling. BWI-paper Vrije, pp.1-27, 2002.