13.3.3 Master of Information Systems Assurance Management
In all sectors of the economy, there is an increasing demand for skilled professionals with expertise in information security, assurance, auditing and governance. The Master of Information Systems Assurance Management (MISAM) meets these needs by providing an in-depth educational format. Students learn both the theory and practice of information systems auditing and assurance and the role this plays in enterprise and information technology governance. Students are well prepared to enter information systems assurance, audit and governance roles immediately upon graduation as well as write industry-based certification exams in these areas. The MISAM program is delivered in a continuous learning format.
The MISAM program is a 33-credit 2-year program normally completed in 4 terms (Fall, Winter, Fall, Winter) of 9, 9, 9, and 6 credits including a research or capstone component, consisting of 10 courses including a research or capstone component. The capstone track is suitable for students who are gearing themselves for professional careers in information security management. The research track is suitable for students who are gearing themselves for a research career in information security management, including students who may consider pursuing PhD programs in the field. The program is normally completed over four semesters (2 years). The MISAM program:
- allows students to meet their educational goals in an efficient and timely manner; and,
- enables students who possess a more general IT or business-related degree to focus on the specific knowledge and skills required in the emerging field of information systems assurance.
The program is open to both full- and part-time students.
A. Educational Objectives
The central educational objective of the program is consistent with the mission of Concordia University of Edmonton: preparing students to be independent thinkers, ethical leaders and citizens for the common good. This first objective is the foundation for the more specific objectives of MISAM, which is designed to enable students to do the following:
MISAM Graduates will be able to —
- Analyze and evaluate the IT strategy, including IT direction, and the processes for the strategy’s development, approval, implementation and maintenance for alignment with the organization’s strategies and outcomes.
- Analyze and apply the principles and theoretical concepts and frameworks related to information systems auditing.
- Identify and assess various operationally-related risks affecting information systems within an enterprise.
- Evaluate an organization’s IT policies, standards and procedures, and the processes for their development, approval, release/publishing, implementation and maintenance.
- Evaluate an organization’s IT portfolio and resource management for alignment with the organization’s strategies and outcomes.
- Evaluate all phases of enterprise incident response, disaster recovery planning, and business continuity (DR/BC) in order to serve as a member of a DR/BC team.
- Explain various organizational and occupational fraud-related theories, schemes, risks, red flags and prevention/mitigation controls.
- Analyze various accounting cycles, such as revenue, expenditures and cash conversion cycles within an enterprise, in order to be able to correctly identify control gaps.
- Evaluate IT resource management, including investment, prioritization, allocation and use, for alignment with the organization’s strategies and outcomes.
- Apply appropriate Computer-Assisted Audit Technology Tools (CAATTs) tests to identify fraud and information systems security issues.
- Function as part of an internal or external team to develop a risk-based information security framework for an enterprise, including plans and policies in congruence with applicable compliance standards and well-recognized frameworks such as COSO and COBIT.
For the research-based stream, in addition to the aforementioned learning outcomes, upon completion of the MISAM program, graduates will be able to:
- Conduct advanced research.
B. Admission Requirements
Applications are encouraged from those individuals who possess an undergraduate baccalaureate degree. A four-year degree in business or accounting is preferred but a computing science degree is also accepted. All other degrees may be given consideration since there may be industry certifications or work experience which may also be considered during the application process. Space is limited and admission is competitive. Meeting the minimum admission requirements does not guarantee admission. To be considered for admission, applications must present the following requirements:
- Four-year Bachelor’s degree from a recognized educational institution, preferably in Business/Management, Accounting, Management of Information Systems or Computing Science. Students entering the program require a minimum grade point average of 3.0 on the 4 point scale, or its equivalent during the last 60 credits of undergraduate (or graduate) study. Students with a three-year degree (for example, Concordia University of Edmonton’s three-year BSc) may be admissible but may be required to take qualifying courses.
- A 3.0 GPA on at least two courses in financial accounting (one introductory and one intermediate) and one course in management accounting.
- A resume.
- A security clearance.
- Demonstrated fulfillment of Concordia University of Edmonton’s English Language Requirement (refer to section 13.1.1 D).
C. General Academic Requirements
- Students must successfully complete 24 course credits in the program, in addition to 9 research or capstone credits.
- Students must maintain a minimum grade point average of 3.0 with no course grade less than 2.3 (C+). Students who do not maintain satisfactory standing may be placed on academic probation or required to withdraw from the program.
D. Program Requirements
33 credits required, to include:
- ISAM512 (Financial Accounting and Analysis for Information Systems Auditors) (3 Cr.)
- ISAM521 (Information Systems Audit I) (3 Cr.)
- ISAM522 (Information Systems Audit II) (3 Cr.)
- ISSM538 (Research Methods & Communication) (3 Cr.)
- ISAM542 (Forensic Accounting and Fraud Examination) (3 Cr.)
- ISAM549 (Auditing Theory and Application) (3 Cr.)
- ISSM551 (Disaster Recovery and Planning) (3 Cr.)
- ISSM553 (Governance, Risk and Compliance (GRC)) (3 Cr.), and
- one of
E. Graduation Requirements
Students graduate on one of the three degree-conferral dates following successful completion of their program requirements as well as the general program requirements of The Faculty of Graduate Studies, section 13.1.4. For further information about graduation requirements, see Graduation Requirements, section 13.1.5.