Graduate Course Catalog 2009-2011

General Information

Faculty/Staff Directory





Total Credit Hours: 35-41


The Master of Science in Information Security (MSIS) program provides students with background and insights into the key managerial and technical issues of information security. It is an interdisciplinary program administered by the Management Information Systems Department in the College of Business and the Mathematics and Computer Science Department in the College of Arts and Sciences.

The managerial concentration focuses on the impact of information security on individual lives and personal privacy, the growing information security risks facing business and government, strategies for securing information, and the influence of laws and public policy on how information is secured. The technical concentration examines how information systems can be made secure. It discusses information processing systems, secure operating systems and applications, network security, cryptography, security protocols, and other issues that confront those charged with securing information networks.

The managerial concentration is an attractive option for IT analysts, managers and directors who are responsible for, and interested in, defining, auditing, or examining IT security policies and procedures. The technical concentration is a hands-on option that is attractive to IT professionals who are interested in identifying security breaches, implementing security policies and procedures, and resolving security problems when and where they arise.

To accommodate the needs of working professionals, the program is structured for part-time students with courses offered in the evenings. All courses are offered in an eight-week format. Additionally, the program is fully offered online.


To be accepted for admission into the program, a student must present the following credentials:

  1. A baccalaureate degree from an accredited institution of higher education.

  2. A minimum undergraduate GPA of 3.0 on a 4.0 scale.

  3. An application for graduate admission, including a $40 application fee.

  4. Professional resumé.

  5. Official transcripts from all educational institutions attended.

  6. Two-page statement of purpose.

  7. Two recommendation forms. 8. International students are required to have a TOEFL test score greater than 550 (computer based 213; internet based 79).


Under certain circumstances, students who do not meet one or more of the requirements for full admission may be admitted to the program with conditional status. These include:

  1. Students with an undergraduate GPA less than 3.0.

  2. Students who lack prior coursework in computer science or management information systems from an accredited collegiate institution.

Students admitted with conditional status will be considered for full admission after they have earned nine credit hours in the program with a GPA of 3.0 out of 4.0. Additionally, students who lack prior coursework in computer science or management information systems are required to take two foundation courses in the major to gain background in computer programming, organization, and applications.


A student with a baccalaureate degree who wants to take certain graduate courses with the intention of becoming a degree candidate may be admitted as a student-at-large by meeting the following requirements:

  1. Submit official documentation of a baccalaureate degree from a regionally accredited institution of higher education; and

  2. Complete an application form, accompanied by a non-refundable application fee.

Should a student-at-large seek full admission status, he or she must have attained a minimum GPA of 3.0 in his/her at-large coursework. Nine semester hours completed as a student-at-large is the maximum credit toward an advanced degree that can be granted.

A student with a baccalaureate degree who wants to take certain courses but does not seek a full degree endorsement may likewise be admitted as a student-at-large and is subject to the same admission requirements.


A student entering the MSIS program with appropriate prior graduate coursework in information security may have a maximum of nine credit hours beyond the foundation level applied to MSIS degree requirements.

Course credits eligible for transfer consideration must meet the following criteria:

  1. All transfer credit must have been earned prior to matriculation in the MSIS program.

  2. The coursework must have been completed at an accredited graduate school.

  3. A minimum grade of B must have been earned for the course.

  4. The coursework must have an equivalent in the MSIS curriculum.


A student must complete all requirements within seven years from the completion of his or her first graduate course at Lewis University.


Any student admitted to the MSIS program whose cumulative GPA falls below 3.0 will be placed on academic probation. The student must achieve a GPA of 3.0 or better during the subsequent semester to remain a student in the MSIS program. If a student does not meet this requirement, he or she may petition the Program Director in writing to resume studies after a one-semester hiatus. The Program Director, in consultation with the appropriate Graduate Degrees Council, will make the final decision on whether to allow the student to resume studies. If the right to resume studies in the MSIS program is granted, the student will resume studies with probationary status.

Only grades attained in Lewis University graduate courses will be used to determine the GPA. A grade of D will not count toward degree requirements. A 3.0 cumulative GPA is required for graduation.


Students must complete at least 35 graduate credits in the program beyond the two foundation courses to complete the MSIS degree. Students must choose one of two tracks of specialization: the Management Concentration or the Technical Concentration. Each student is required to complete eighteen credit hours of core coursework, nine credit hours of track-specific coursework, three credit hours of elective coursework which may or not be in their chosen track, two credit hours of seminar coursework, and a three-credithour capstone course. The total number of credits to fulfill the requirements ranges from 35 to 41 credit hours, depending on whether the student was required to take two three-hour foundation courses because of insufficient academic background in computer science or management information systems.


Credit for the capstone experience (68-595) will be deferred until the project has been completed to the satisfaction of both the student and the mentor. Until the project has been completed, a grade of I will appear on the student’s record for that course. For all other courses in which the student receives a grade of I, he or she has until the sixth week of the following semester to complete the requirements for the course. If the student fails to complete the requirements of the course before the six-week cutoff, the incomplete grade will be converted to a grade of “IF”, which is equivalent to a failing grade.

I. Foundation Courses (6)
68-500 Computer Organization (3)
68-501 Principles of Programming (3)

II. Core Courses (18)
68-505 Introduction to Information Security (3)

OR the following three one credit hour seminar courses:
68-506 Introduction to Information Security Seminars (1)
68-507 Introduction to Information Security Seminars (1)
68-508 Introduction to Information Security Seminars (1)
68-510 Data Networking (3)
68-515 Operating Systems and Distributed Systems (3)
68-520 Intrusion Detection, Response and Recovery (3)
68-525 Encryption and Authentication Systems (3)
68-530 Legal and Ethical Issues in Information Security (3)

III. Concentrations (9)

Three courses from one of the following two concentrations:

Management Concentration (College of Business)
68-523 Computer Forensics (3)
68-550 Operational and Organizational Security (3)
68-551 Information Security Strategies and Risk Management (3)
68-552 IT Governance and Compliance (3)
68-555 Security Assurance Principles (3)
68-557 Project Management and Information Security (3)
68-563 Database Management and Security (3)

Technical Concentration (College of Arts and Sciences) (3)
68-523 Computer Forensics (3)
68-560 Securing Windows (3)
68-561 Securing Linux (3)
68-563 Database Management and Security (3)
68-564 Wireless Security (3)
68-565 Secure Programming (3)

IV. Electives (3)

Choose an additional elective from either track.

V. Seminar Courses (2) and Capstone (3)

Seminars are designed to present specific topics that are more appropriate for short workshop-style courses than for full-length courses. Seminars:
68-595 Information Security Project (3)
68-596 Information Security Certification Prep I (1)
68-597 Information Security Certification Prep II (1)

The capstone experience may involve a project in which the student applies what he or she has learned during the program, or an original research effort in which the student explores a topic in information security to greater depth. A faculty member in the MSIS program will mentor the student as he or she completes the work. The final outcome of the project is a publication-ready original paper with appropriate citations in any of the standard formats. The student is also required to personally present his or her work to faculty and students of the MSIS program before credit will be awarded.