Program Overview

The Information Assurance (IA) and Technology (IT) Security Graduate Certificate program is designed to meet the fast-moving needs of security professionals from a managerial perspective, addressing national standards for this area. Several high profile data breaches highlight how information technologies that enable us to share information across town, across the country, or around the world faster are vulnerable. The need for organizations to manage the security needed to make these technologies safe and useful is crucial.

The National Security Agency's (NSA) Information Assurance Directorate is dedicated to providing information assurance solutions that keep our information systems safe from harm, thus protecting national security. Metropolitan State University is committed to enhancing its initiative in information assurance by offering this Graduate Certificate Program through the College of Management. Metropolitan State University has been designated as a Center of Excellence in Information Assurance and Cyber Security by the National Security agency (NSA).

Program Outcomes

This program:

  • exams the role management plays in creating an infrastructure that enables data security
  • exams the issues for organizations in developing policies and procedures to protect information, detect unauthorized access and respond to threats
  • provides students and organizations with education, information, and training which focuses on how to identify and respond to cyber threats or cyber criminals
  • helps students and organizations develop and deploy policies and other safeguards of information assets.

Fully accredited:

The Committee on National Security Systems (CNSS) and The National Security Agency (NSA) certify that Metropolitan State University offers a set of courseware that has been reviewed by National Level IA Subject Matter Experts and determined to meet National Training Standards for Information Systems Security (INFOSEC) Professionals, CNSS National Standards 4011, 4013, and 4016. These include:

  • NSTISSI-4011, National Training Standard for Information Systems Security (INFOSEC) Professionals
  • CNSSI-4016, National Information Assurance Training
  • CNSSI-4016, National Information Assurance Training Standard for Risk Analysts (RA)

If the MIS Coordinator determines that you have full prior competence in a certificate course, you may be given credit for the competency and allowed to take sufficient alternate credits to meet the total credit requirement of the certificate. (E.g., if you have completed a graduate 4 credit Management Information Systems course that is accepted, you would be allowed to consider that function completed within the Certificate, and can then take an alternate 4 credits, with approval of the Coordinator.)

More information about this program

Gainful Employment Disclosure

Gainful employment programs are those "that prepare students for gainful employment in a recognized occupation." Public institutions are required to report this information for all undergraduate and graduate programs that are Title IV eligible and that lead to certificates, diplomas, graduate certificates or specialist awards. Degree programs at all levels are not considered to be gainful employment programs.

Gainful Employement Disclosure

Admission Criteria

Admission Decisions/Categories

The College of Management Graduate Admissions Committee evaluates your application for evidence of undergraduate scholarship, professional experience and demonstrated aptitude for successful graduate business study. If you meet all application requirements, you are given full admission to the program. If you have one or more prerequisite courses to complete and your application otherwise supports the conclusion that you can successfully undertake graduate study, you may be granted conditional admission to a program. As a conditionally-admitted student, you must complete these prerequisites prior to completing any graduate course work. Applicants denied admission may not take graduate level courses in the program.

Registration by Undergraduate Students

With permission of the MMIS Director, you may register for "special" graduate level prerequisite courses during your last semester of undergraduate studies.

Reapplication for Denied Applicants

If your application for admission to the program is denied, you may reapply for admission only after a minimum of six months has passed after the denial. You will need to demonstrate a substantive difference in the reapplication to be considered for admission.

If your application to the program is denied, you may apply for another College of Management graduate program. A new application form must be accompanied by the application fee, a new goals essay, updated resume, two new references and GMAT scores and/or assessment test scores appropriate to the degree for which you are applying.

English and Quantitative Competence Assessment

All College of Management students, except those in special international cohort programs, are expected to demonstrate English and quantitative competence at a level to support success in graduate studies. If your abilities are assessed to be inadequate for graduate study, you may be required to enroll in appropriate undergraduate courses until your skills have been brought to a satisfactory level. These undergraduate courses must be successfully completed prior to taking any graduate level courses.

COM Graduate Student Orientation

Once you are fully admitted to a College of Management graduate program you will be required to attend a graduate student orientation session before or during your first semester of course work. If you do not attend an orientation session, a hold will be placed on your records preventing you from registering for further graduate classes until you attend orientation.

Application Requirements

Applicants should allow 7-10 business days for review once all required application materials are received and sent to the College of Management Graduate Admissions Committee.

To be considered for admission you must submit:

  • Application
  • Non-refundable application fee
  • Official transcripts
  • Test scores
  • Current resume
  • Goals essay
  • References

See Applying to the Program for application packets, details on the requirements, deadlines and International Student application requirements.

Transfer Credits

Once fully admitted, you may transfer up to 8 credits into your graduate program. A course is accepted in transfer only if it has been completed within the last five years from an accredited institution, no degree was granted, and a letter grade of B or better was earned in the course. Courses are accepted in transfer only upon the approval of the Graduate Programs Director in consultation with discipline coordinators.

Course List


Requirements ( 20 total credits)

  • MIS 600 Management Information Systems
    4 credits

    Management Information Systems (MIS) evolved from essentially an organization's support operation to a strategic element of an organization's life and survival. This course explores information systems' new and expanding roles in the enterprise. Models examined showing how new technologies are assimilated into the organization, how to plan for systems within the overall strategic management process, assess the risk in system development projects, and become a "sophisticated user" of information systems. Traditional and new technologies are utilized. The course also includes a solid review of the strategic and tactical impact of computers, networks and new technologies. . This course broadens understanding of the design and implementation of various computerized information systems to support management decision making and evaluation, and prepares the student to integrate new technologies and configurations into the management process.

    Course Outline Class Schedule <<<<<<< HEAD ======= >>>>>>> 35179410ff55d83bece68cc1d84aadaa0fa744b8
  • MIS 683 Process Analysis and Design
    2 credits

    This course was created to give students a thorough look at the discipline of process analysis and design, workflow analysis and process reengineering. It uses a highly visual approach to both designing and communicating process analysis. Students will learn to properly analyze, design and build the main visualizations for process analysis including flowcharts, data flow diagrams, entity relationship diagrams and others as tools for communicating management designs.

    Course Outline Class Schedule <<<<<<< HEAD ======= >>>>>>> 35179410ff55d83bece68cc1d84aadaa0fa744b8
  • MIS 675 Risk Analysis in Information Technology
    2 credits

    Any IT development project contains significant risks. However, keeping the status quo is also risky in rapidly changing technological and competitive environments. This course is designed to familiarize the student with risk analysis concepts derived from many sources including financial, actuarial and statistical studies, insurance and risk analysis, software quality assurance methodologies, management and audit trails and many others. Student will learn to assess the risk in an information systems portfolio and develop strategies for managing the many risk types discussed: Prerequisites: MIS 600.

    Course Outline Class Schedule <<<<<<< HEAD ======= >>>>>>> 35179410ff55d83bece68cc1d84aadaa0fa744b8
  • MIS 680 Introduction to Information Assurance
    4 credits

    Modern organizations operate in a net-centric world. New information technologies arrive at lightning speed, allowing us to share information across town, across the country, and around the world faster than ever before. Organizations in both the public and private sectors organizations suffer from not realizing the value of the information assets they manage. This class will present and provide an introduction to information assurance (IA) and explore a wide range of business services and how they are impacted by IA issues. Topics covered include: How to assess risks and develop a security policy for operational integrity. Learning outcomes for this course include: Defining the roles and responsibilities of technical and non-technical participants in Enterprise systems development and utilization; The applications of information technology in business organizations and managerial decision making; Knowing associated ethical and societal implications; Understanding how emerging technologies pose risks to organizations; and Defining how providing information assurance solutions will keep our information systems safe from harm. At the macro level, the course will also address national security considerations.

    Course Outline Class Schedule <<<<<<< HEAD ======= >>>>>>> 35179410ff55d83bece68cc1d84aadaa0fa744b8
  • MIS 681 Enterprise Security Management
    4 credits

    Organizations with computer networks, Web sites, and employees carrying laptops and mobile devices face an array of security challenges. Among other things, they need to keep unauthorized people out of the network, thwart Web site hackers, and keep data safe from prying eyes or criminal hands. This course provides a high-level overview of these challenges. This course is not for the hard-core IT security engineer who works full time on networks. Instead, it is aimed at the nontechnical executive with responsibility for ensuring that information and assets stay safe and private. The course presents a guide to Thwarting Data Thieves and Hackers and covers the following technical issues in a nontechnical manner: -The concept of "defense in depth" -Network design -Business-continuity planning -Authentication and authorization -Providing security for your mobile work force -Hackers and the challenges they can present -Viruses, Trojans, and worms But it doesn't stop there. The course goes beyond the technical and covers highly important topics related to data security like outsourcing, contractual considerations with vendors, data privacy laws, and hiring practices.

    Course Outline Class Schedule <<<<<<< HEAD ======= >>>>>>> 35179410ff55d83bece68cc1d84aadaa0fa744b8
  • MIS 682 Analysis of Strategic and Tactical Security IT Planning
    4 credits

    This course is designed to provide students and practitioners a framework to build and implement an IT security strategy that is aligned with their business needs. A key element of Security is developing and implementing these strategies. In the course, you will learn about: 1. Advanced concepts and principles of strategic planning for IT Security. 2. Applications of risk principles, security policies to improve operational integrity are learning outcomes for this course. 3. Roles and responsibilities of technical and non-technical participants in Enterprise systems development and utilization. 4. Applications of information technology in business organizations and managerial decision making, and associated ethical and societal implications. 5. Emerging technologies and the risks they pose to organizations.

    Course Outline Class Schedule <<<<<<< HEAD ======= >>>>>>> 35179410ff55d83bece68cc1d84aadaa0fa744b8