The Master of Science Degree in Information Security Management
The MSISM (Management) Program is designed to help a candidate become the highest-ranking management employee in an IT Security organization. In the government this is often called the Designated Approving Authority, or Information Assurance Manager (IAM). In the industry, titles such as Chief Security Officer or Chief Information Security Officer are often used. In addition to the strong writing skills the program produces through the GIAC Gold program or the Writing Assignments for all courses, the community project requirements training includes teamwork and oral presentation practice. More information about GIAC Gold can be found at http://www.giac.org/gold
MSISM Core, mandatory courses
Version 1.8 November 20, 2009
Previous Mandatory Course: 1.7 May 1, 2009 - Nov. 19, 2009
Previous Mandatory Course: 1.6 September 15, 2008 - February 25, 2009
Previous Mandatory Course: 1.5 May 22, 2008 - September 14, 2008
Previous Mandatory Course: 1.4 August 10, 2007 - May 21, 2008
Previous Mandatory Course: 1.3 February 29, 2007 - August 9, 2007
Previous Mandatory Course: 1.2 October 4, 2006 - February 28, 2007
Previous Mandatory Course: 1.1 March 20, 2006 - October 3, 2006
Previous Mandatory Course: 1.0 December 2005 - March 19, 2006
| Course | Credits |
|---|---|
| MGT 512: SANS Security Leadership Essentials For Managers with Knowledge Compression™, GIAC GSLC Gold | 3 |
| SEC 504: Hacker Techniques, Exploits, and Incident Handling, GIAC GCIH Gold | 4 |
| MGT 404: Fundamentals of Info Sec Policy, Exam/Substitute |
1 |
| MGT 438: How to Establish a Sec Awareness Program, Exam/Substitute (formerly the above 2 courses were called MGT 524 Sec Policy & Awareness-GSPA) |
1 |
| MGT 421: SANS Leadership and Management Competencies, Exam/Substitute | 1 | MGT 525: Project Management and Effective Communications for Security Professionals and Managers, GIAC GCPM Gold | 4 |
| - Project Management Institute Certification can be substituted for GCPM - It is recommended that MGT 525 be completed before the Joint Written Project is started. |
|
| LEG 523: Legal Issues in Information Technology & Information Security, Exam/Substitute | 3 |
| MGT 411: SANS 27000 Implementation & Management, GIAC G7799 Gold | 4 |
| AUDIT REQUIREMENT: one of Audit 507 Auditing Networks, Perimeters, & Systems, GIAC GSNA Gold; or successful completion of CISA exam and the Written Assignment | 4 |
| SOFTWARE SECURITY TRAINING* | 3 |
| * This rapidly evolving field affects course development. Before starting, check with college for latest requirement. |
(A) At least "six-days" of course(s) from the following: Example: If a student is interested in a particular three-day course below, then such student also will need to take another: three-day course OR a two-day course and a one-day course OR three one-day courses. - DEV 422: Web Application Security Essentials (B) Exams for each chosen course (but not for the DEV - - - Software Security Project). If GIAC exam(s) is not available, substitute exam(s) / assignment(s) will be given. (C) Except for DEV --- Software Security Project, a Written Assignment is NOT required [unless written assignment(s) are required as "substitute assignment(s)" when GIAC exam(s) are not available.] |
| COMMUNITY PROJECT REQUIREMENTS must be completed. See www.sans.edu/programs/community.php | 3 |
| Total: 31 credit hours | |
Each exam score must be at least 80 (or 80 average if applicable).
The final course grade will be based on the latest recert scores just before graduation requirements are met. See the tab above titled Recertification Policy that discusses whether or not recertification is required.
When a GIAC Gold Paper/Written Assignment is required, the student must also pass the GIAC Gold/Written Assignment before the grade can be assigned.
If a GIAC exam is a requirement but is not available, then the college provides a substitute exam/assignment.