| Library Item | Implementing Information Security Governance Using ISO 27000 | Effective Practices | 2008 | 159 |
| Library Item | Georgia State University's IT Procurement Review Process--Practical Approach to Assessing Risks of IT Projects | Effective Practices | 2008 | 142 |
| Library Item | Whole Disk Encryption Evaluation and Deployment | Effective Practices | 2008 | 82 |
| Blog entry | Security Task Force 2008–2009 Strategic Plan: "Safeguarding Our IT Assets, Protecting Our Community's Privacy" | Blogs | 2008 | 214 |
| Library Item | Security Task Force 2008–2009 Strategic Plan: Safeguarding Our IT Assets, Protecting Our Community’s Privacy | Plans and Guidelines | 2008 | 207 |
| Library Item | Information Security Governance: Standardizing the Practice of Information Security | Articles, Papers, and Reports | 2008 | 3285 |
| Blog entry | EDUCAUSE Summit: The Role of IT in Campus Security and Emergency Management | Blogs | 2008 | 159 |
| Library Item | Addressing Complex Security Threats Through Risk Management | Presentations/Speeches | 2008 | 226 |
| Blog entry | Podcast: The FTC as an Educational Partner in Improving Data Security and Privacy | Blogs | 2008 | 62 |
| Blog entry | Podcast: Addressing Complex Security Threats Through Risk Management | Blogs | 2008 | 229 |
| Library Item | Using Nontraditional Security Risk Assessments to Measure Risk, Request Budgets, and Illustrate Trends | Presentations/Speeches | 2008 | 128 |
| Library Item | A Web Tool to Assist Risk Assessment at the University of Florida | Presentations/Speeches | 2008 | 97 |
| Library Item | Dartmouth Cyber-Security Initiative and the New Achilles Vulnerability Assessment Console: A Case Study in Collaboration | Presentations/Speeches | 2008 | 59 |
| Library Item | Building a Risk-Based Information Security Program | Presentations/Speeches | 2008 | 113 |
| Library Item | PKI and LOA: It's Probably Not What You Think | Presentations/Speeches | 2008 | 71 |
| Library Item | IT Security Officer Survey | Surveys | 2008 | 1258 |
| Library Item | Managing IT Risk in Higher Education: A Methodology | Articles, Papers, and Reports | 2008 | 2702 |
| Library Item | Information Risk Management Policy Template | Plans and Guidelines | 2008 | 671 |
| Library Item | Information Security Risk Assessment Consultants List | Vendors | 2008 | 218 |
| Library Item | Risk Assessment Tools List | Tools | 2008 | 265 |
| Blog entry | New Risk Assessment Resources Available | Blogs | 2008 | 198 |
| Library Item | Appropriate Access: Levels of Assurance | Presentations/Speeches | 2008 | 240 |
| Library Item | Lassoing the Beast: How a Large, Diverse University Is Wrapping Its Arms Around Confidential Data | Presentations/Speeches | 2007 | 523 |
| Blog entry | E07 Podcast: An Interview with Cedric Bennett - Security Concerns and Risk Management | Blogs | 2007 | 811 |
| Blog entry | E07 Podcast: Bruce Schneier on Information Security: Ten Trends | Blogs | 2007 | 5055 |
| Library Item | GSU's Roadmap for a World-Class Information Security Management System: ISO 27001:2005 | Presentations/Speeches | 2007 | 772 |
| Library Item | Stop, Drop, and Roll: Prevent and Douse Cyber Incidents | Presentations/Speeches | 2007 | 312 |
| Library Item | Incident Management Capability Metrics | Certification, Education, Training and Tutorials | 2007 | 2335 |
| Library Item | Why File Sharing Networks Are Dangerous | Articles, Papers, and Reports | 2007 | 3163 |
| Library Item | Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI - Book Review | Articles, Papers, and Reports | 2007 | 4814 |
| Library Item | Committee Holds Hearing on Inadvertent File Sharing over Peer-to-Peer Networks | Government Documents, Laws, Testimonies or Reports | 2007 | 2533 |
| Library Item | Security Task Force Strategic Plan 2006-2007 : Making Progress on Data Protection, Risk Assessment, Incident Response and Business Continuity | Plans and Guidelines | 2007 | 3812 |
| Blog entry | 2007 Enterprise Conference: The Adaptable University | Blogs | 2007 | 3342 |
| Library Item | Developing a Risk-Based Information Security Program | Presentations/Speeches | 2007 | 2259 |
| Library Item | IT Risk Methodology & Incident Severity | Policies and Procedures | 2007 | 1438 |
| Library Item | Confidential Data Handling Blueprint | Plans and Guidelines | 2007 | 1806 |
| Library Item | Building an Information Security Practice | Effective Practices | 2007 | 1198 |
| Library Item | Conducting a Preliminary Risk Analysis and Creating an IT Security Group and Policy | Effective Practices | 2007 | 1179 |
| Library Item | Self-Service/Automated Security Vulnerability Assessment Program | Effective Practices | 2007 | 1174 |
| Library Item | Lessons Learned from RIT’s First Security Posture Assessment | Effective Practices | 2007 | 1225 |
| Library Item | Five-Year Rotating Audit Focus Based on Risk Assessment at Georgia Tech | Effective Practices | 2007 | 1130 |
| Library Item | HIPAA Security Assessment | Effective Practices | 2007 | 1213 |
| Library Item | E-Commerce and the Cardholder Information Security Program (CISP) | Effective Practices | 2007 | 2067 |
| Blog entry | EDUCAUSE Security Conference: Incident Tracking and Reporting | Blogs | 2007 | 4153 |
| Blog entry | EDUCAUSE Security Conference: Secrets of Superspies | Blogs | 2007 | 3545 |
| Library Item | Developing a University Systemwide Information Security Roadmap | Presentations/Speeches | 2007 | 2303 |
| Library Item | Incident Tracking and Reporting | Presentations/Speeches | 2007 | 2190 |
| Library Item | Security Risk Management Medley: Assessment Methodologies and Operational Perspectives | Presentations/Speeches | 2007 | 1905 |
| Library Item | Effective Security Metrics | Presentations/Speeches | 2007 | 2157 |
| Library Item | Making the Campus Web Safer, One Application at a Time | Presentations/Speeches | 2007 | 1488 |
