The UA Eller College’s MIS Department is an elite program ranked in the top five MIS programs in the country (U.S. News and World Report) consistently for over 30 years, an achievement matched only by MIT and Carnegie-Mellon. Eller College is fully accredited by the AACSB. In addition to completing coursework in MIS, ECE, or CS and receiving a Master’s or Ph.D. degree, students in the AZSecure SFS Fellowship program are required to take a rigorous set of core and elective cybersecurity courses. The UA is designated by the NSA and the DHS as a CAE-IAE (first designated in 2009 and renewed in 2014).

Completion of MIS 515, MIS 516, and MIS 517 entitles students to receive an Enterprise Security Certificate from the UA. Students take these and several additional cybersecurity courses which, combined with their research, uniquely positions them to tackle the cutting edge cybersecurity challenges of today and tomorrow. The 33-credit core curriculum for the MIS program is shown in Table 1. Students take an additional 12-15 credits on average, including cybersecurity electives, research, or analytics.

Table 1 – Master’s in MIS Core Curriculum


The UA has a rich and growing base of cybersecurity courses students can take across multiple departments, shown in Table 2.

Table 2 – University of Arizona Security Specific Graduate Courses

Cybersecurity Specific Courses – Details

  • MIS 515: Information Security in Public and Private Sectors 
    • This course covers the confidentiality, availability, and integrity of information systems from hardware, software and network security to INFOSEC, OPSEC and NSTISS overviews.
  • MIS 516: Information Security, Risk Management, Disaster Recovery 
  • MIS 517: Systems Security Management 
    • This course focuses a working knowledge of safeguarding operating systems and related components such as operating systems, Active Directory and Group Policies.
  • MIS 514: Information Technology Audit 
    • This course covers auditing IT controls and audit analytics including internal audits, external audits, and auditing outsourced IT. Topics include desktop, server, network and process controls, information assurance, segregation of duties, audit software (ACL), the audit process, and audit management.
  • Cyber Threat Intelligence (MIS)
    • This course provides students with a hands-on introduction to the concepts and tools of cyber threat intelligence. Included is the cyber threat intelligence lifecycle, identifying, intelligence feeds, intelligence formats, and standard cyber threat intelligence technologies (e.g., CIF servers, TAXII servers, SIEM's).
  • Penetration Testing: Ethical Hacking and Social Engineering (MIS)
    • This course introduces penetration testing (pen testing), or ethical hacking, and the full pen test life cycle. Students learn exploits, exploit avoidance, tools, and methods used to compromise systems.
  • Cyber Warfare Capstone (MIS)
    • This course has students integrate skills in online defense and penetration in a virtual environment. At the end of this course, students will be able to recognize, describe, identify, discuss, and explain fundamentals of vulnerability discovery, penetration testing and the art of using these tools in a competitive environment.
  • Cyber Security - Concept, Theory, Practice (ECE)
    • This course introduces technical aspects of cyber security including threats and types of attacks against computers and networks, understanding and analyzing security requirements, and defining security policies.
  • Fundamentals of Information and Network Security (ECE)
    • This course covers Shannon's approach to cryptography, symmetric key cryptography, cryptographic hash functions, public key cryptosystems, authentication, key management and distribution, as well as wireless and network security.
  • Fundamental of Cloud Security (ECE)
    • This new course is currently under development by Dr. Salim Hariri and will address the emerging discipline of cloud security.
  • Computer Security (CS)
    • This introductory course covers security fundamentals, threat models, security policies, and shows how these concepts apply to communication security, software security, operating systems security, network security, web security, and hardware-based security.


Example Plan of Study

The following table lists an example plan of study. Each student will consult regularly with the SFS AZSecure Program Administrator Mark Patton, Ph.D., to determine their specific plan of study.  Additional information about the entire MIS curriculum can be found on the MIS Courses. 

Please note that other than the courses in the Enterprise Security Certificate (MIS 515, 516, and 517), and one or two other classes, all course work and research is conducted on campus.  The AZSecure program is currently not available online or through satellite campuses.

Year One

Semester One Semester Two
MIS 531 Enterprise Data Management* MIS 510 Web Computing and Mining
MIS 541 Information Systems Analysis and Design MIS 515 Information Security in Public and Private Sectors** 
MIS 543 Business Data Communications and Networking MIS 517 Systems Security Management** 
MIS 599 Independent Study (research) (2 credits) MIS 599 Independent Study (research) (2 credits)
Business requirements (if needed):
o    Introduction to Financial and Managerial Accounting
o    Introductory Statistics for Managers (if selecting the BIA concentration)

Summer One:

Service through qualified government Internship


Year Two

Semester Three Semester Four
MIS 507 Software Design and Integration MIS 545 Data Mining for Business Intelligence

MIS 516 Information Security, Risk Mgmt., Disaster Recovery** 
6 credits of Electives (+) to be approved by SFS Program Administrator
3 credits of Electives(+) to be approved by SFS Program Administrator Master's Project and Report - MIS696H
MIS 599 Independent Study (research) (2 credits)  

Summer Two and beyond

Post-graduation service through qualified government position

* All courses are 3 units unless otherwise noted, e.g.,(2) = 2 credits.

** Courses marked with a double asterisk are courses, usually online, that lead to earning the Enterprise Security Certificate.

+ Electives may selected from within the MIS program or outside of it, depending on the student's interests, career plan, etc.  Other schools and departments that may offer relevant electives may include, for example, the Department of Computer Science, the Department of Electrical and Computer Engineering, the College of Social and Behavioral Sciences (e.g., Department of Sociology) and the School of Information/ISTA.  Check the Schedule of Classes, UA Course Catalog for information, or departments' websites for information. Course availability is dependent on the department, school, or college offering the course.