隨著資訊科技日新月異地進步，新技術快速更迭與推陳出新，電腦科技越加複雜，使用者也暴露在相對於以往來說更加危險的資訊使用環境之中。而資訊安全的所涉及的範圍，小至民間個人，大至國家層級，相對於其他人而言，政府機關更是有責任要制定出一套資訊安全的防護措施，然而以往單純地從電腦技術的觀點來做為出發點的防護策略，很顯然已無法完全解決現下的資訊安全問題。
　　社交工程乃是一種利用人性的弱點來對使用者進行攻擊的資訊行為，其手法難以被電腦技術完全防禦；自民國90年1月起，政府相關機構便開始推動資訊安全環境的建置計畫，然而在推動過程中，我們仍然發現並非所有機關的資訊安全防護能力皆如預期般地成長，因社交工程攻擊手法的特殊性，顯然相關的防護措施已不是能單純地從技術的觀點來解決的問題了！故我們期待能夠從管理的層面來著手相關的研究探討。
　　本研究以質化研究中的個案研究法來做為研究方法，並輔以紮根理論以及系統思考之方式來分析個案的運作模式，以此研究基礎來瞭解過程當中，影響電子郵件社交工程演練的因素，並分析此一過程當中，整體環境因素、組織，乃至於個人對於整體系統的影響模式。而於研究結果當中，我們發現影響整體計畫最重要的關鍵因素在於「相關高層的支持」與「社交工程培訓演練的設計與落實」此兩個部分，而在計畫進行的過程當中，員工產生的「抗拒行為」亦是非常需要克服的因素，詳細的分析過程將於本文當中予以說明。

　　With the evolvement of information techonlogy on a daily basis, new techniques become eminent and computer technologies become much complicated as well. The computer user is exposed to a relatively dangerous information-using environment than before. From daily personal usage to national security level, the coverage of information security differs. The governmental facility has the responsibilities to set fourth a set of protection measures in the field of information security. However, setting the protection measures based on the perspective of computer technology simply is not enough to completely resolve issues of information security.
　　Social Engineering is a kind of information behavior that utilizes the weakness of humanity to attack the user. Its measures are hard to be completely defended by computer technology. Ever since the January of 2011, related governmental facilities have begun the process of pushing the realization and establishment of information security environment. However, during the process, it is still evident that not all facilities’ information security protection grow as previously presumed. Due to the specialty of the attacking approach of social engineering, it is clear that related protection measures cannot merely be conceived with the perspective of technology in mind. Therefore we hope to provide the discussion of related researches from the management aspect.
　　This research qualified case study methods as the measure to this research. To supplement with it, grounded theory and methods of system thinking was utilized to analyze the way each case study operates. With this basis, we aimed to understand the factor that affected the implementation of E-mail social engineering during the process. With this information, we analyzed the way overall environment, organizations, and individual factors affected the overall system during the process. As for the research results, we found out that the key factor to affect the overall plan is within both of “the support of related superiors” and “the design and implementation of the training exercises of social engineering.” And during the process whereas the plan was being implemented, the “resisting behavior” displayed in employees’ behaviors was a factor which very much needed overcoming. Detailed process of analysis was further disclosed in the following context.

中文部份
1.行政院研考會（2008），政府資訊作業委外安全參考指引實務導入報告
2.行政院國家資通安全會報（2009），行政院國家資通安全會報設置要點
3.行政院國家資通安全會報（2009），國家資通訊安全發展方案（98-101年）
4.行政院國家資通安全會報（2013），國家資通訊安全發展方案（102-105年）
5.徐宗國（民85），紮根理論研究法，載於胡幼慧主編，質性研究。台北：巨流，47-73。
6.黃政傑（民 87），質的教育研究：方法與實例。台北：漢文。
7.吳美美（1996），資訊時代人人需要資訊素養 社教雙月刊，73，4-5。
8.李勻等（2008），網路滲透測試，松崗
9.陳昺麟(2008)，社會科學質化研究之紮根理論實施程序及實例之介紹
10.郭進隆(譯)(2003)，第五項修練(原作者：Peter Senge) ，天下文化。
11.李世珍(2001) ，以系統思考研究組織啟動變革之歷程：以北高戶政事務所為例，國立中山大學碩士論文
12.游千慧（2010），以制度理論探討郵件社交工程演練之行為模式，國立台灣科技大學碩士論文
　
英文部分
1.American Library Association. (1989). American Library Association presidential committee on information literacy: Final report.
2.Brod , C. (1984)“Technostress: The Human Cost of The Computer Revolution” Readings, MA: Addison-Wesley .
3.Bruce Schneier, (2000)“Secrets and Lies: Digital Security in a Networked World” John Wiley & Sons
4.Charles R. McClure(1994)“Network Literacy: A Role for Libraries?” Information Technology and Libraries :118-119
5.Lorenzo, G., Oblinger, D., & Dziuban, C. (2006). “How choice, co-creation, and culture are changing what it means to be net savvy.” Educause.
6.Kahn, R. L., Wolfe, D. M., Quinn, R., Snoek, J. D., and Rosenthal, R. A.(1964) “Organizational Stress: Studies in Role Conflict and Ambiguity” New York: Wiley.
7.K. E. McHenry, J. T. Stewart, and J. L. Wu(1992) “Teaching Resource-Based Learning and Diversity,” Information Literacy: Developing Students as Independent Learners, ed. By D. W. Farmer, T. F. Mech, (San Francisco, CA: Jossey-Bass Pub.): 55-56.
8.Kevin D. Mitnick, William L. Simon,Steve Wozniak(2002)” The Art of Deception” John Wiley & Sons
9.P. Zurkowski(1974)” The Information Service Environment: Relationships and Priorities” Washington, D.C.: NCLIS, 1974 (ED 100391).
10.R. S. Taylor(1979) “Reminiscing about the Future,” Library Journal 104): 1871-1875.
11.Strauss, A & Corbin, J.(1990). “Basics of Qualitative Research：Grounded Theory Procedures and Techniques.” Newbury Park,CA:Sage.
12.Strauss, A & Corbin, J.(1998). “Basics of Qualitative Research： Techniques and Procedures for Developing Grounded Theory.” Newbury Park,CA:Sage.
13.Singh, J.(1998)“Striking a balance in boundary-spanning positions: an investigation of some unconventional influences of role stressors and job characteristics on job outcomes of salespeople” The Journal of Marketing(62:3) , pp:69-86.
14.Sherwood, D. (2002). “Seeing the Forest for the Trees-A Manager's Guide to Applying Systems Thinking.” Nicholas Brealey Publishing.
15.Tesch, R. C.(1990).”Qualitative Research：Analysis types & software tools.” NY:Falmer.
16.Tarafdar, M., Tu, Q., Ragu-Nathan, B. S., and Ragu-Nathan, T. S.(2007) “The impact of technostress on role stress and productivity” Journal of Management Information Systems(24:1), pp:301–328.
17.Wolcott, H. F.(1992). Posturing in qualitative inquiry in M.D. Lecomyste. W.L. Millroy & J.Presissle(eds.) The handbook of qualitative research in edu(3-52) NT:Academic.
18.Weil, M. M., & Rosen, L. D.(1997) “Technostress: Coping with technology @WORK@HOME @PLAY” New York: John Wiley & Sons.
19.Yin. R. (1994), “Case Study Research: Design and Methods (2nd ed.)”, Sage publication.
　
網站部份
1.行政院國家資通安全會報技術服務中心： http://www.icst.org.tw/index.aspx
2.行政院科技顧問組：http://www.stag.gov.tw/index.php
3.資安人科技網「公務員避開郵件社交工程演練 引來新的危險」：http://www.informationsecurity.com.tw/article/article_detail.aspx?aid=4987