Skip to main content
Metropolitan State University (Home)

Information Assurance and Information Security Graduate Certificate

College of Management / Management Information Systems
Graduate certificate

About The Program

Program accreditation

The Committee on National Security Systems (CNSS) and The National Security Agency (NSA) certify that Metropolitan State University offers a set of courseware that has been reviewed by National Level IA Subject Matter Experts and determined to meet National Training Standards for Information Systems Security (INFOSEC) Professionals, CNSS National Standards 4011, 4013, and 4016.

These include:

  • NSTISSI-4011, National Training Standard for Information Systems Security (INFOSEC) Professionals
  • CNSSI-4016, National Information Assurance Training
  • CNSSI-4016, National Information Assurance Training Standard for Risk Analysts (RA)

The Information Assurance (IA) and Technology (IT) Security Graduate Certificate program is designed to meet the fast-moving needs of security professionals from a managerial perspective, addressing national standards for this area. Several high profile data breaches highlight how information technologies that enable us to share information across town, across the country, or around the world faster are vulnerable. The need for organizations to manage the security needed to make these technologies safe and useful is crucial.

The National Security Agency's (NSA) Information Assurance Directorate is dedicated to providing information assurance solutions that keep our information systems safe from harm, thus protecting national security. Metropolitan State University is committed to enhancing its initiative in information assurance by offering this Graduate Certificate Program through the College of Management. Metropolitan State University has been designated as a Center of Excellence in Information Assurance and Cyber Security by the National Security agency (NSA).

This program:

  • examines the role management plays in creating an infrastructure that enables data security
  • examines the issues for organizations in developing policies and procedures to protect information, detect unauthorized access and respond to threats
  • provides students and organizations with education, information, and training which focuses on how to identify and respond to cyber threats or cyber criminals
  • helps students and organizations develop and deploy policies and other safeguards of information assets.

Student outcomes

Gainful Employment Disclosure

Gainful employment programs are those "that prepare students for gainful employment in a recognized occupation." Public institutions are required to report this information for all undergraduate and graduate programs that are Title IV eligible and that lead to certificates, diplomas, graduate certificates or specialist awards. Degree programs at all levels are not considered to be gainful employment programs.

Potential Career Opportunities

  • Cyber Security Analysis
  • Forensic Computer Analysis
  • Information Security Analysis
  • Penetration Testing
  • IT Security Consulting
  • Security Engineering
  • Malware Analysis
  • IT Security Management
  • IT Security Architect
  • Security Director
  • Chief Information Security Officer

How to enroll

Program eligibility requirements

Must have earned a baccalaureate degree.

International Students

This is not a degree-granting program, therefore applications from international students studying on an F-1 student visa cannot be accepted into this program.

Application instructions

Metro State University is participating in the common application for graduate programs (BusinessCAS). Applications are only accepted via the CAS website.

CAS steps

  1. Select the term for which you are seeking admission (below), and navigate to the CAS website. Open applications include:
  2. Create or log in to your account and select the Information Assurance and Information Security Graduate Certificate program.
  3. Carefully review all instructions and complete all four sections of the application.

Specific application requirements for individual programs can be found on each program page in CAS. Carefully read the instructions that appear throughout the application pages. You can only submit your application once. If you need to update information you have submitted, please notify graduate.studies@metrostate.edu

Application fee

A nonrefundable $58 fee is required for each application.
Applications will not be processed until this fee is received.

Active-duty military, veterans, and Metro State alumni can receive an application fee waiver. Contact graduate.studies@metrostate.edu.

Courses and Requirements

SKIP TO COURSE REQUIREMENTS

If the Director of the MIS Graduate Program determines that you have full prior competence in a certificate course, you may be given credit for the competency and allowed to take sufficient alternate credits to meet the total credit requirement of the certificate. (E.g., if you have completed a graduate 4 credit Management Information Systems course that is accepted, you would be allowed to consider that function completed within the Certificate, and can then take an alternate 4 credits, with approval of the Coordinator.)

Requirements (20 credits)

Management Information Systems (MIS) evolved from essentially an organization's support operation to a strategic element of an organization's life and survival. This course explores information systems' new and expanding roles in the enterprise. Models examined showing how new technologies are assimilated into the organization, how to plan for systems within the overall strategic management process, assess the risk in system development projects, and become a "sophisticated user" of information systems. Traditional and new technologies are utilized. The course also includes a solid review of the strategic and tactical impact of computers, networks and new technologies. . This course broadens understanding of the design and implementation of various computerized information systems to support management decision making and evaluation, and prepares the student to integrate new technologies and configurations into the management process.

Full course description for Management Information Systems

This course was created to give students a thorough look at the discipline of process analysis and design, workflow analysis and process reengineering. It uses a highly visual approach to both designing and communicating process analysis. Students will learn to properly analyze, design and build the main visualizations for process analysis including flowcharts, data flow diagrams, entity relationship diagrams and others as tools for communicating management designs.

Full course description for Process Analysis and Design

Any IT development project contains significant risks. However, keeping the status quo is also risky in rapidly changing technological and competitive environments. This course is designed to familiarize the student with risk analysis concepts derived from many sources including financial, actuarial and statistical studies, insurance and risk analysis, software quality assurance methodologies, management and audit trails and many others. Student will learn to assess the risk in an information systems portfolio and develop strategies for managing the many risk types discussed: Prerequisites: MIS 600.

Full course description for Risk Analysis in Information Technology

Modern organizations operate in a net-centric world. New information technologies arrive at lightning speed, allowing us to share information across town, across the country, and around the world faster than ever before. Organizations in both the public and private sectors organizations suffer from not realizing the value of the information assets they manage. This class will present and provide an introduction to information assurance (IA) and explore a wide range of business services and how they are impacted by IA issues. Topics covered include: How to assess risks and develop a security policy for operational integrity. Learning outcomes for this course include: Defining the roles and responsibilities of technical and non-technical participants in Enterprise systems development and utilization; The applications of information technology in business organizations and managerial decision making; Knowing associated ethical and societal implications; Understanding how emerging…

Full course description for Introduction to Information Assurance

Organizations with computer networks, Web sites, and employees carrying laptops and mobile devices face an array of security challenges. Among other things, they need to keep unauthorized people out of the network, thwart Web site hackers, and keep data safe from prying eyes or criminal hands. This course provides a high-level overview of these challenges. This course is not for the hard-core IT security engineer who works full time on networks. Instead, it is aimed at the nontechnical executive with responsibility for ensuring that information and assets stay safe and private. The course presents a guide to Thwarting Data Thieves and Hackers and covers the following technical issues in a nontechnical manner: -The concept of "defense in depth" -Network design -Business-continuity planning -Authentication and authorization -Providing security for your mobile work force -Hackers and the challenges they can present -Viruses, Trojans, and worms But it doesn't stop there. The course goes…

Full course description for Enterprise Security Management

This course is designed to provide students and practitioners a framework to build and implement an IT security strategy that is aligned with their business needs. A key element of Security is developing and implementing these strategies. In the course, you will learn about: 1. Advanced concepts and principles of strategic planning for IT Security. 2. Applications of risk principles, security policies to improve operational integrity are learning outcomes for this course. 3. Roles and responsibilities of technical and non-technical participants in Enterprise systems development and utilization. 4. Applications of information technology in business organizations and managerial decision making, and associated ethical and societal implications. 5. Emerging technologies and the risks they pose to organizations.

Full course description for Analysis of Strategic and Tactical Security IT Planning