M.S. in Information Security Management

M.S. in Information Security Management

The Master of Science Degree in Information Security Management

The MSISM (Management) Program is designed to help a candidate become the highest-ranking management employee in an IT Security organization. In the government this is often called the Designated Approving Authority, or Information Assurance Manager (IAM). In the industry, titles such as Chief Security Officer or Chief Information Security Officer are often used. In addition to the strong writing skills the program produces through the GIAC Gold program or the Writing Assignments for all courses, the community project requirements training includes teamwork and oral presentation practice. More information about GIAC Gold can be found at http://www.giac.org/gold

MSISM Core, mandatory courses

Version 1.6 September 15, 2008

Previous Mandatory Course: 1.5 May 22, 2008 - September 14, 2008
Previous Mandatory Course: 1.4 August 10, 2007 - May 21, 2008
Previous Mandatory Course: 1.3 February 29, 2007 - August 9, 2007
Previous Mandatory Course: 1.2 October 4, 2006 - February 28, 2007
Previous Mandatory Course: 1.1 March 20, 2006 - October 3, 2006
Previous Mandatory Course: 1.0 December 2005 - March 19, 2006

Course Descriptions: Conference course descriptions are available at https://www.sans.org/training/courses.php. If students wish to take some courses in other than a conference setting, they should click on the tab above called "Course Delivery Options" to see which course delivery options are acceptable for master's students.

Course Credits
MGT 512: SANS Security Leadership Essentials For Managers with Knowledge Compression™, GIAC GSLC Gold 3
SEC 504: Hacker Techniques, Exploits, and Incident Handling, GIAC GCIH Gold 4
MGT 524: Security Policy and Awareness, GIAC STAR Gold or Written Assignment
- MGT 524 may become two courses: SEC 351 Computer & Network Security Awareness, MGT 404 Fundamentals of Info Security Policy;
and substitute exams/assignments may be given if GIAC Silvers/STARs are not available.
MGT 421: SANS Leadership and Management Competencies, GIAC STAR Gold or Written Assignment 1
MGT 525: Project Management and Effective Communications for Security Professionals and Managers, GIAC GCPM Gold or Written Assignment 4
- Project Management Institute Certification can be substituted for GCPM
- It is recommended that MGT 525 be completed before the Joint Written Project is started.
LEG 523: Legal Issues in Information Technology & Information Security, GIAC Gold or Written Assignment 3
MGT 411: SANS 17799 Security & Audit Framework, GIAC G7799 Gold 4
SEC Software Security Training* 3
- SEC 422 Web Application Security Essentials (formerly SEC 522 Defending Web Applications)
- MGT 431 Secure Web Services for Managers
- Special Project to be Assigned
- Applicable Exam(s) for the above courses. Substitute exams/assignments may be given if GIAC Silver/STAR is not available.
- Reading Component with Essay
- Research and Writing Component
* This rapidly evolving field affects course development. Before starting, check with college for the latest requirement.
AUDIT Requirement: one of Audit 410 IT Security Audit & Control Essentials, GIAC GSAE Gold; Audit 507 Auditing Networks, Perimeters, & Systems, GIAC GSNA Gold; or successful completion of CISA exam and the Written Assignment 4
Community Project Requirements must be completed. See www.sans.edu/programs/community.php 3
Total: 31 credit hours

Each exam score must be at least 80 (or 80 average if applicable) including STARs.

The final course grade will be based on the latest recert scores just before graduation requirements are met. See the tab above titled "Recertification Policy" that discusses whether or not recertification is required.

When a GIAC Gold Paper/Written Assignment is required, the student must also pass the GIAC Gold/Written Assignment before the grade can be assigned.