Curriculum and Courses

ITACS Program courses are organized in Preparatory, Core, IT Audit and Cyber Security groups.  The Preparatory courses are for students interested in the program but who are missing some background in either information technology or business.  These 2 preparatory courses do not count towards the total credits required for the degree. The 3 core courses are mandatory for students of both IT Audit and Cyber Security tracts. There are 8 IT Audit track courses and 8 Cyber Security courses. The course offerings are as follows:

Fall

5121 Enterprise Resource Planning Systems (“Auditing Controls in ERP Systems”)

5122 Enterprise Architecture for IT Auditors

5202 IT Governance

5205 IT Service Delivery and Support

5206 Protection of Information Assets

5209 Securing Digital Infrastructure

5211 Introduction to Ethical Hacking

5287 Business Essentials for IT Audits – first half (“Business Skills for IT Auditors”)

Spring

5170 Special Topics – Information Security Regulations

5170 Special Topics – Operating System Security

5170 Special Topics – Forensics

5201 IT Audit Process

5202 IT Governance

5203 Systems and Infrastructure Lifecycle Management 1

5208 Data Analytics for IT Auditors

5212 Advanced Penetration Testing

5214 Security Architecture

5287 Business Skills for IT Auditors – second half

Summer

5213 Intrusion Detection & Response

5902 IT Auditing Capstone

5903 Cyber Security Capstone

 Preparatory Courses (do not count as credit toward the degree)  
ID Name Description
MIS 5122  Enterprise  Architecture  for IT  Auditors This course surveys the technology concepts and components that are critical for the IT auditor to understand. It uses an enterprise architecture framework to explore issues of business process, business data, applications and the infrastructure that are necessary to run those applications
 MIS 5123  Business  Essentials  for IT  Audits This course gives incoming students from technical disciplines the basic business background that they will need throughout the ITACS curriculum. Students will learn how to read basic financial statements, the components that makeup a business model, how applications support both revenue generation and operations, and the role of a control environment.  Topics include the income statement, balance sheet, cash flow statement, business model, value proposition, market segmentation, the sales process, business processes and controls.
 Core Courses 
 MIS 5202  IT  Governance Understanding how IT organizations are structured and managed is essential to effective IT auditing. In this course students will learn how IT organizations are managed and the issues which make IT management so challenging. Students will learn how strategic planning is performed within IT organizations. A number of tools, techniques, and frameworks such as COBIT will be discussed which will help make the auditor effective in this environment.
MIS 5206  Protection of  Information  Assets Information is an organization’s most precious asset. Inadvertent disclosure of sensitive information can have significant operational and financial impact on the organization. Loss of information or access to it can also have serious adverse impacts on the organization. In this course students learn the importance of managing the information assets of the organization including logical IT security, physical, and environmental security. Disaster recovery and mitigating risk through insurance are also discussed.
 MIS 5214  Security  Architecture Examines the methodology by which an organization aligns its business strategy with its security operations. Both the current and desired future states of the business’ security efforts are described so that resources can be directed to the security efforts most needed to support the business.
IT Audit Courses    
MIS 5170 Special Topics – Information Security Regulations This course teaches students about the commonalities and differences in information security requirements of US cyber security regulations including executive branch directives and congressional legislation intended to safeguard information, computer systems and information technology from cyber-attacks. The course will examine and students will discuss recently proposed cyber security legislation and their implications for internal and external auditors and cyber security professionals.
 MIS 5121  Enterprise  Resource  Planning  Systems This course introduces students to the essential concepts of an Enterprise Resource Planning (ERP) system, e.g. SAP. The course looks at how a business’ key transactions are executed and accounted for in an ERP. Information system and accounting controls to assure confidentiality, integrity and authenticity are examined. Finally, the course looks at how transaction processing data is transformed into data for management analysis and legal entity reporting.
 MIS 5201  IT Audit  Process This course introduces students to the essential concepts of IT auditing. Students will learn standards and guidelines for performing an IT audit. Topics will include concepts of internal controls. Students will learn to plan and manage an audit as well has how to report on evidence collected during the audit.
 MIS 5203 Systems and Infrastructure Lifecycle Management 1 Examines how an organization builds an enterprise architecture within an environment of internal control. Topics cover include information system planning, management and usage, the development, acquisition and maintenance of these technologies and their impact on the organization’s business processes.
 MIS 5205  IT Service  Delivery and  Support Examines the operational aspects of an IT organization and how it delivers on its value proposition. Learn about the technical infrastructure of organizations and how to assure infrastructure provides a reliable and secure platform for applications. Learn about service center management and how teams are utilized to deliver value to the organization.
 MIS 5208  Data  Analytics for  IT Auditors Examines the emerging approach of continuous-audit. This approach relies heavily on data analytics to examine datasets produced by audit and security controls (for instance, network log files).  Basic data analysis concepts are presented and then applied to security or audit problems. Audit specific tools like ACL will be used in addition to general tools like Excel.
 MIS 5287  Business  Skills for the  IT Auditor In this course students practice a variety of business skills that are necessary to be effective as an IT auditor. These skills include managerial communications and public speaking skills, interviewing skills, negotiation and personal selling skills, business writing, industrial psychology/behavioral science skills, project/time management and team building skills. The course is delivered through a series of workshops and simulations and include observations of business practices at host IT companies. The practicum will be scheduled for fall (1.5 credits) and spring (1.5 credits) semester to allow for optimal development of business skills.
 MIS 5902  IT Auditing  Capstone In this course students are given the opportunity to demonstrate the capabilities they have developed in other portions of the program. This course makes extensive use of case studies and role playing exercises. Students will explore a comprehensive case study which exposes them to each of the CISA domains covered in the curriculum.
Cyber Security Courses  
MIS 5170 Special Topics – Operating System Security This course introduces students to operating system security and tools to secure operating systems. Methods of securing operating systems will be explored in theory and in hands on exercises. The course will require simple programming using operating system specific and Open Source scripting languages. For that reason some knowledge of and experience with computer programming is required. General operating system usability with Microsoft Windows and/or Linux is required.
MIS 5170 Special Topics – Forensics This course introduces students to the field of cyber forensics and how technology and law interact to form this forensic science. Students will learn about the investigation of digital data and gathering evidence relating to criminal or other legal incidents and events and preserving evidence and documenting findings which may be used in court.
MIS 5170 Special Topics – Information Security Regulations This course teaches students about the commonalities and differences in information security requirements of US cyber security regulations including executive branch directives and congressional legislation intended to safeguard information, computer systems and information technology from cyber-attacks. The course will examine and students will discuss recently proposed cyber security legislation and their implications for internal and external auditors and cyber security professionals.
 MIS 5209  Securing  Digital  Infrastructure This course examines issues related to securing the components of an organization’s computer infrastructure. It reviews network, firewall, and basic operating system security issues. It presents the material theoretically and practically through in-class and homework exercises.
 MIS 5211  Introduction to Ethical  Hacking This course introduces student to the hacking strategies and tactics used by ethical or “White Hat” hackers. Methods of vulnerability exploitation to be used primarily in the process of Security Penetration will be explored in theory and in hands on exercises. The course will require simple programming using Open Source scripting languages and hacking tool kits. For that reason knowledge of and experience with computer programming is required
 MIS 5212 Advanced Penetration Testing This course introduces student to Penetration Testing. Methods of vulnerability assessment and exploitation are examines as a means of identifying areas requiring improved security and recommendation of recommended changes.  The ethical, business governance and legal implication of penetration testing are examines.  Specific techniques are examined in detail with the intent of giving the students a practical understanding of how Penetration Tests are conducted and laboratory-based experience in their actual conduct.
 MIS 5213 Intrusion Detection & Response While all businesses work to be as secure as possible, it is agreed that no organization can be completely secure.  Preventing attacks, quickly identifying successful attacks, detecting advanced persistent threats and monitoring systems activity in order to deter intrusions can result in significant business benefit   This course examines the variety of tools and techniques used to do this work.
 MIS 5903  Cyber  Security  Capstone This is the final course in the ITACS cyber security track. The course has two purposes. First, it reviews all of the topics covered in earlier courses and further prepares the students for the CISSP exam. Second, it requires students to integrate what they have learned and research an emerging topic in the field of IT assurance.
Skip to toolbar