13.3.4 Master of Information System Security Management
In all sectors of the economy, there is an increasing demand for skilled professionals with expertise in information security. The Master of Information Systems Security Management (MISSM) meets these needs by providing in-depth education in security protocols, design, software, and management. Students explore protection strategies, including the planning, design, implementation, and management of complete network security solutions in multiple operating-system environments and configurations. Graduates will be able to assess and implement necessary safeguards to ensure the security of information systems. Program content includes network security policies, standards, and management; building and maintaining security firewalls; cryptography; information security laws and ethics; disaster and recovery planning; risk management and analysis; and digital forensics.
The MISSM program is a 33-credit 2-year program normally completed in 4 terms (Fall, Winter, Fall, Winter) of 9, 9, 9, and 6 credits including a research or capstone component, consisting of 10 courses. The capstone track is suitable for students who are gearing themselves for professional careers in information security management. The research track is suitable for students who are gearing themselves for a research career in information security management, including students who may consider pursuing PhD programs in the field. The program is normally completed over four semesters (2 years). The MISSM program (a) allows students to meet their educational goals in an efficient and timely manner and (b) enables students who possess a more general IT or business-relateddegree to focus on the specific knowledge and skills required in the emerging field of information systems security. The program is open to both full- and part-time students.
A. Educational Objectives
The central educational objective of the program is consistent with the mission of Concordia University of Edmonton: preparing students to be independent thinkers, ethical leaders and citizens for the common good.
Upon completion of the MISSM program, graduates will be able to:
- Analyze and identify sources of risk for the loss of enterprise information. Understand methods of minimizing the identified risks based on the priorities established by senior management and the resources available to mitigate these risks in a way which contributes to enterprise value. Understand the recent ERM best practices (post 2008), based on COSO and COBIT frameworks. (RISK)
- Understand the role of information systems security in relation to the other business processes in an enterprise and how this adds to enterprise value. Understand how to align business to IT (BITA) and the need to understand how business goals drive IT and information security goals. (SECURITY-BUSINESS).
- Understand the phases of disaster recovery planning. Understand the various considerations, risk factors and challenges related to the successful planning, implementation and maintenance of an effective organizational disaster recovery and business continuity plan. (DRP)
- Investigate information systems security incidents. Including methods of analysis employed in incident response digital forensics, including forensic duplication, and file system, memory, and network forensic analysis. (INVESTIGATIONS)
- Apply operation level security including security to information in processing, at rest and in transition. Know the main types of encryption including symmetric, asymmetric, public key, block, and stream ciphers. (OPERATIONS)
- Create an appropriate information security framework for an enterprise, including IT security related plans and policies. Comprehend the theory and practice of project management and demonstrate knowledge of project management terms and techniques. (FRAMEWORK)
For the research-based stream, in addition to the aforementioned learning outcomes, upon completion of the MISSM program, graduates will be able to:
- Conduct advanced research.
B. Admission Requirements
To be considered for admission, applicants must present the following requirements:
- An undergraduate degree from a recognized educational institution: normally a four-year Bachelor’s degree (computing science, IT or MIS). Students with a relevant three-year undergraduate degree may be admissible but may be required to take qualifying courses. Space is limited and admission is competitive; as such meeting the minimum admission requirements does not guarantee admission.
- An admission grade point average (AGPA) of at least 3.0 (on Concordia University of Edmonton’s 4-point scale) or equivalent on the most recently completed 60 credits. The complete admission criteria is covered in section 13.1.1.A of this Academic Calendar.
- A resume.
- A security clearance.
- Demonstrated fulfilment of Concordia University of Edmonton’s English Language Requirement, section 13.1.1.D.
All grades used in calculating the AGPA are adjusted according to Concordia University of Edmonton’s grade conversion scale.
C. General Academic Requirements
- Students must successfully complete 24 course credits in the program, in addition to 9 research or capstone credits.
- Students must maintain a minimum grade point average of 3.0 with no course grade less than “C+”. Students who do not maintain satisfactory standing may be placed on academic probation, or required to withdraw from the program.
D. Program Requirements
33 credits, to include:
- ISSM523 (Network Security) (3 Cr.)
- ISSM525 (Application and Cloud Security) (3 Cr.)
- ISSM533 (Cryptology and Secure Network Communications) (3 Cr.)
- ISSM505 (System and Virtualization Security) (3 Cr.)
- ISSM536 (Incident Response and Digital Forensics) (3 Cr.)
- ISSM538 (Research Methods & Communications) (3 Cr.)
- ISSM551 (Disaster Recovery and Business Continuity) (3 Cr.)
- ISSM553 (Governance, Risk and Compliance (GRC)) (3 Cr.), and
- one of
E. Graduation Requirements
Students graduate on one of the three degree-conferral dates following successful completion of their program requirements as well as the general program requirements of The Faculty of Graduate Studies, section 13.1.4. For further information about graduation requirements, see Graduation Requirements, section 13.1.5.