The UA Eller College’s MIS Department is an elite program ranked in the top five MIS programs in the country (U.S. News and World Report) consistently for over 28 years, an achievement matched only by MIT and Carnegie-Mellon. Eller College is fully accredited by the AACSB. In addition to completing their coursework in MIS, ECE, or CS and receiving their master’s or Ph.D. degree, students in the AZSecure SFS Fellowship program are required to take a rigorous set of core and elective cybersecurity courses. The UA is designated by the NSA and the DHS as a CAE-IAE (first designated in 2009 and renewed in 2014). In line with this designation, the MIS Department developed courses that students take to receive the NSA Committee on National Security Systems (CNSS) certificates including:

  • CNSS 4011 – Information Systems Security Professionals
  • CNSS 4012 – Senior Systems Managers
  • CNSS 4016 – Risk Analyst
  • CNSS 4013 – Systems Administration

These certificates are available through a set of three courses, and completion of these courses entitles students to receive an Enterprise Security Certificate from the UA. Students take these and several additional cybersecurity courses which, combined with their research, uniquely positions them to tackle the cutting edge cybersecurity challenges of today and tomorrow. The 33 credit core curriculum for the MIS program is shown in Table 1. Students take an additional 12-15 credits on average including cybersecurity electives, research, or analytics.

Table 1 – Master’s in MIS Core Curriculum


The UA has a rich and growing base of cybersecurity courses students can take across multiple departments, shown in Table 2.

Table 2 – University of Arizona Security Specific Graduate Courses

Cybersecurity Specific Courses – Details

  • Information Security in Public and Private Sectors (MIS)
    • This course covers the confidentiality, availability, and integrity of information systems from hardware, software and network security to INFOSEC, OPSEC and NSTISS overviews.
      • CNSS Certificates: CNSS 4011 – Information Systems Security Professionals
      • CNSS 4012 – Senior Systems Managers.
  • Information Security, Risk Management, Disaster Recovery (MIS)
    • This course has been directly "mapped" against the NSA certification requirements for National Training Standard for Information System Security for risk analyst professionals.
      • CNSS Certificate: CNSS 4016 – Risk Analyst.
  • Systems Security Management (MIS)
    • This course focuses a working knowledge of safeguarding operating systems and related components such as operating systems, Active Directory and Group Policies. 
      • CNSS Certificate: CNSS 4013 - System Administrators.
  • Information Technology Audit (MIS)
    • This course covers auditing IT controls and audit analytics including internal audits, external audits, and auditing outsourced IT. Topics include desktop, server, network and process controls, information assurance, segregation of duties, audit software (ACL), the audit process, and audit management.
  • Cyber Threat Intelligence (MIS)
    • This course provides students with a hands-on introduction to the concepts and tools of cyber threat intelligence. Included is the cyber threat intelligence lifecycle, identifying, intelligence feeds, intelligence formats, and standard cyber threat intelligence technologies (e.g., CIF servers, TAXII servers, SIEM's).
  • Penetration Testing: Ethical Hacking and Social Engineering (MIS)
    • This course introduces penetration testing (pen testing), or ethical hacking, and the full pen test life cycle. Students learn exploits, exploit avoidance, tools, and methods used to compromise systems.
  • Cyber Warfare Capstone (MIS)
    • This course has students integrate skills in online defense and penetration in a virtual environment. At the end of this course, students will be able to recognize, describe, identify, discuss, and explain fundamentals of vulnerability discovery, penetration testing and the art of using these tools in a competitive environment.
  • Cyber Security - Concept, Theory, Practice (ECE)
    • This course introduces technical aspects of cyber security including threats and types of attacks against computers and networks, understanding and analyzing security requirements, and defining security policies.
  • Fundamentals of Information and Network Security (ECE)
    • This course covers Shannon's approach to cryptography, symmetric key cryptography, cryptographic hash functions, public key cryptosystems, authentication, key management and distribution, as well as wireless and network security.
  • Fundamental of Cloud Security (ECE)
    • This new course is currently under development by Dr. Salim Hariri and will address the emerging discipline of cloud security.
  • Computer Security (CS)
    • This introductory course covers security fundamentals, threat models, security policies, and shows how these concepts apply to communication security, software security, operating systems security, network security, web security, and hardware-based security.


Example Plan of Study

The following table lists an example plan of study. Each student will consult regularly with the SFS AZSecure Program Administrator Mark Patton, Ph.D., to determine their specific plan of study.  Additional information about the entire MIS curriculum can be found on the MIS Courses. 

Please note that other than the courses in the Enterprise Security Certificate (MIS 515, 516, and 517), and one or two other classes, all course work and research is conducted on campus.  The AZSecure program is currently not available online or through satellite campuses.

Year One

Semester One Semester Two
MIS 531 Enterprise Data Management* MIS 510 Web Computing and Mining
MIS 541 Information Systems Analysis and Design MIS 515 Information Security in Public and Private Sectors** (CNSS 4011 and 4012)
MIS 543 Business Data Communications and Networking MIS 517 Systems Security Management** (CNSS 4013)
MIS 599 Independent Study (research) (2 credits) MIS 599 Independent Study (research) (2 credits)
Business requirements (if needed):
o    Financial Accounting (required) (first 8 weeks of semester) (2 credits)
o    Marketing or Operations Management (second 8 weeks of semester) (2 credits)

Summer One:

Service through qualified government Internship


Year Two

Semester Three Semester Four
MIS 507 Software Design and Integration MIS 545 Data Mining for Business Intelligence

MIS 516 Information Security, Risk Mgmt., Disaster Recovery** (CNSS 4016)
6 credits of Electives (+) to be approved by SFS Program Administrator
3 credits of Electives(+) to be approved by SFS Program Administrator Master's Project and Report - MIS696H
MIS 599 Independent Study (research) (2 credits)  

Summer Two and beyond

Post-graduation service through qualified government position

* All courses are 3 units unless otherwise noted, e.g.,(2) = 2 credits.

** Courses marked with a double asterisk are courses, usually online, that lead to earning the Enterprise Security Certificate, designated by the CNSS number following the course name

+ Electives may selected from within the MIS program or outside of it, depending on the student's interests, career plan, etc.  Other schools and departments that may offer relevant electives may include, for example, the Department of Computer Science, the Department of Electrical and Computer Engineering, the College of Social and Behavioral Sciences (e.g., Department of Sociology) and the School of Information/ISTA.  Check the Schedule of Classes, UA Course Catalog for information, or departments' websites for information. Course availability is dependent on the department, school, or college offering the course.