The Master of Information Systems Assurance Management (MISAM) is 33 Credits (8 x 3-credit courses, plus 1 x 3-credit and 1 x 6-credit in either the research or capstone track) and is considered a two-year program.
Courses for the MISAM degree (33 credits)
This course provides aspiring information systems auditors with a rigorous discussion of core concepts of financial accounting, how accounting information is used in the organizational decision making and governance process, the importance of financial statements, as well as how to analyze and interpret financial statements using ratio and variance analysis.
This course provides a comprehensive discussion of the processes involved in conducting an information systems audit using a risk-based approach. This course is a prerequisite for ISAM522 as it lays the foundation for further discussion of information systems audits.
This course examines the use of various standards, guidelines, laws and methods, which are used in information systems audits. The discussion serves both to set the governance framework, the information systems audit works within and the choices for specific courses of action to meet the requirements of the audit.
This course will cover the principles and methodology of fraud detection and deterrence, an integral component to effective corporate compliance. The course includes such topics as: fraud theories, skimming, cash larceny, check tampering, register disbursement schemes, billing schemes, payroll and expense reimbursement schemes, non-cash misappropriation, corruption, accounting principles and fraud, fraudulent financial statements, and interviewing witnesses.
The course presents an overview of the audit framework, as well as the external audit functions and procedures related to business operating cycles. Auditing standards, planning, internal controls testing, performing the audit, and completing an audit file are addressed. The course also discusses the new professional developments that are taking place: adoption of new Canadian Audit Standards ‘CASs’, further development of public accountability boards, and increasing emphasis on corporate governance, internal controls, risk-based auditing, independence and quality controls. The audit case requires students to design audit procedures, prepare working papers, and exercise professional judgment in completing an audit file.
An in-depth coverage of disaster recovery planning including, techniques to prevent, detect, and recover from loss of information availability. Students are instructed in ways to formulate a disaster and recovery plan, and test and implement the plan in a simulated lab environment.
This course covers the principles, concepts and techniques applied in designing an effective IT enterprise governance structure. In addition, IT risk management methodologies, and best practices, as well as the development and implementation of various administrative IT controls – such as policies and procedures are also discussed. The compliance component of this course focuses on an overview of pertinent information security and privacy laws, standards, and regulations, in addition to information security and assurance ethical considerations.
In this course students develop a literature review paper and a supporting PPT-based oral presentation based on an assigned ‘capstone track’ topic or a topic of interest ‘RM track’ in information security or assurance which will later be used as the basis to register in ISSM 590 or ISSM 575.
For the Research track (Participation in the research component requires Department approval)
In this course, students develop a research proposal which will be used, if approved by Concordia’s ISSAM Master’s Program Committee, to register in ISSM 591 Research Methods III.
The ISSM 591 Research Methods III is the last and often the most challenging part of the MISSM/MISAM graduate studies. Each ISSM 591 registered student performs his or her research in compliance with the approved research proposal and under the supervision of a research supervisor. The registered student is required to regularly report on his or her research progress. It is the student’s responsibility to manage the research project and communication with his or her supervisor about the project progress and challenges. ISSM 591 culminates in production of a formal research paper.
For the Capstone track
This course expands students’ knowledge and research skillset in the area of information systems security and/or assurance, such as systems and application security, access control, security operations and administration, IT risk management, incident response, disaster recovery, cryptography, network security or information systems auditing. With the knowledge and research skillsets, students develop an executable research proposal in the assigned project that will later be used as a basis for registering ISSM 576 Capstone II.
This capstone course will require students who have successfully completed ISSM 575 ‘Capstone I’ to utilize their acquired knowledge and skillsets to complete a comprehensive, assigned term project under the supervision of a core MISSM/MISAM faculty member.
For more information, please see the Academic Calendar.