Online Master's Information Systems

Students will master analytical and integrative tools to perform in-depth analyses of industries, firms, and competitors. Course material includes methods to predict competitive behavior and develop and implement strategic plans to achieve and sustain a competitive profile in the emerging global marketplace.

This course includes writing, negotiating and adhering to contracts, as well as legal and ethical considerations. Procurement, including writing, clarifying and communicating specifications, is covered. There is an emphasis on Contract Administration and dealing with subcontractors. Topics include bidding, types of bids (e.g., RFQs, IFBs, and RFPs), types of contracts (e.g., fixed price, cost plus, and time and materials), and their respective purposes and impact on risk and project contract negotiations. Changes in contracts, methods to resolve disputes, and writing clear statements of work (SOW) are discussed.

As the Capstone course in the Project Management program, this course requires students to demonstrate how to synthesize and apply the concepts, knowledge, skills, tools, and to a real world scenario project. Students will be required to demonstrate the ability to produce a complete project plan, understand project integration and management of projects within a program, use project management software to manage cost, time, and resources, and manage project stakeholder expectations.

This course introduces the overall foundations required for the understanding of, and further study in, information systems security. It reviews the history of security and computer systems security in particular to develop a set of models to guide the approach to realizing computer systems security. An overview of current security technologies is presented. A research project and formal paper are required.

Students are provided with a brief overview of the basic elements of networking concepts, topologies, protocols and threats necessary to understand network security issues and make security relevant decisions. An in-depth analysis of the Open Systems Interconnection (OSI) model and layered network security mechanisms needed to provide Confidentiality, Integrity, Availability, Authorization, Authentication and Non-repudiation within a network environment is included. This course includes a thorough treatment of cryptography and cryptographic services. An implementation plan and formal paper are required.

This course covers a variety of issues relating to the management of information systems security. The topics covered include development of policies, standards and procedures, risk analysis methodologies, contingency planning and disaster recovery. Additional topics covered include legal and ethical issues, incident reporting, security auditing, computer crime, and security awareness and training. Implementation issues, potential conflicts and tradeoffs are also discussed. A project is required.

Attacks on enterprise level systems can be focused on many targets. Some of the targets, such as WEB servers are at the perimeter of the network. Others occur at the applications running on various operating systems. This course examines vulnerabilities caused by both scripting errors or poor scripting techniques on WEB based applications. Further, vulnerabilities created in custom developed applications written in high level programming languages are examined. SQL problems and architecture design flaws in relational database systems that contribute to vulnerabilities are also analyzed. A whole new set of intrusion risks present themselves with the newer emerging media and application environments such as cloud computing, social media venues, and mobile computing. Students will also conduct research into these areas. The need for security driven life cycle development models and security standards for programming and scripting languages are presented.

A system that performs mission-sensitive operations requires access to sensitive resources. The owners of these resources require a measure of the risk assumed in allowing access in the intended manner as well as an assessment of how well the system implements its requirements. The DOD was first in evolving strategies and methods to formally address these tasks, most recently by the DITSCAP and its civilian counterpart, NIACAP. This course addresses each of these topics and standards and how they may lead to a higher level of assurance systems development.