Is MSISPM Right For Me?

The Master of Science in Information Security Policy & Management (MSISPM) program is the ideal fit for bold, creative students who want to make governments, organizations, and private citizens safer in a connected world.

While other programs emphasize an engineering approach to information security and assurance, Heinz College blends technical skills with a breadth of coursework in policy, strategy, and management. This approach enables the assembly of diverse cohorts of students who can apply their unique strengths to cyber challenges—in fact, while some MSISPM students come from STEM backgrounds, many others come from non-technical fields such as economics, finance, social science, and liberal arts.

Students with professional experience often include specialists in information systems, corporate managers, and military staff. The diversity of thought and perspectives represented in our classes is truly one of the MSISPM program’s greatest assets. Additionally, MSISPM cohorts are small in size, sparking tight connections among classmates.

Through our comprehensive curriculum—which covers the cybersecurity spectrum from privacy to risk and resilience—and our association with the renowned CERT Division of the Software Engineering Institute, we teach students to go a step beyond technical thinking in cybersecurity. Our graduates enter the workforce prepared to lead change and implementation of cyber solutions, to manage cyber technologies and projects, to understand the complex risk landscape of today’s world, and to fortify the cyber posture of organizations and governments against 21^st century threats.

_{MSISPM not what you’re looking for? Return to the Program Finder.}

Curriculum & Courses

MSISPM Core
- Intro to Information Security Management (95-752)
- Intro to Programming with Python (90-812)
- Information Security Risk Management (95-755)
- Managing Disruptive Technologies (95-723)
- Cryptography (95-749)
- Network and Internet Security (95-758)
- Decision Making Under Uncertainty (95-760)
- Privacy in the Digital Age (94-806)
- Organizational Design and Implementation (94-700)
- Economic Analysis (95-710)
- Financial Statements and Analysis of Companies (90-723)
- Software and Security (95-748)
- Statistical Reasoning with R (90-711)
- Writing for Information Systems Management (95-717)
- Professional Speaking (95-718)
- Cybersecurity Policy and Governance (95-744)
- Information Security Capstone Project OR Thesis
PLUS
- Required Summer Internship
For class, syllabi, and faculty information, please visit the Heinz College course catalog.
MSISPM Sample Electives*
- Cybersecurity for Artificial Intelligence & Machine Learning (95-767)
- Network Defenses (95-884)
- Engineering Privacy in Software (95-878)
- Malicious Code Analysis (95-759)
- Applied Threat Analysis (95-889)
- Ethical Penetration Testing (95-883)
- Introduction to Artificial Intelligence (95-891)
- Blockchain Fundamentals (95-810)
- Introduction to Database Management (90-728)
- NoSQL Database Management (95-737)
- Advanced Relational Database Management (95-736)
- Introduction to Cyber Intelligence (95-844)
- Cloud Security (95-746)
- Privacy, Policy, Law, and Technology (95-818)
- Policies of Wireless Systems (95-824)
- Internet of Things (95-733)
- Information Security Policy & Management (95-757)
- Security Data Analytics (95-747)
- IT Project Management (95-808)
- Data Warehousing (95-797)
- Strategy Development (94-811)
- Object-Oriented Programming for Managers (95-807)
*Students may also enroll in graduate-level courses from other Heinz College programs as well as other departments across Carnegie Mellon University’s campus, with approval. Many MSISPM students enroll in courses offered by CMU's Information Networking Institute (INI), including:
- Applied Information Assurance
- Cyber Risk Modeling
- Network Forensics
- Host Based Forensics
For class, syllabi, and faculty information, please visit the Heinz College course catalog.

For detailed curriculum information, please visit the MSISPM Student Handbook.

SAMPLE SCHEDULE: MSISPM

Below is one possible schedule for the two-year MSISPM program. Actual schedules will vary depending on electives.

Class titles in bold are core courses. Heinz College offers a mix of full-semester (14 weeks) and half-semester courses (7 weeks) for core and elective courses.

Year 1 - Fall SEMESTER

Intro to Programming with Python*
Intro to Information Security Management
Decision Making Under Uncertainty*
Statistical Reasoning with R
Organizational Design and Implementation*
Economic Analysis*
Writing for Information Systems Management*

Year 1 - Spring SEMESTER

Ethical Penetration Testing*
Software and Security*
Network and Internet Security
Privacy in the Digital Age*
Managing Disruptive Technologies*
Financial Statements and Analysis of Companies*
Professional Speaking*

--REQUIRED SUMMER INTERNSHIP--

Year 2 - Fall SEMESTER

Cybersecurity Policy and Governance
Cybersecurity for Artificial Intelligence & Machine Learning*
Introduction to Cyber Intelligence*
Cloud Security*
Network Defenses*
Advanced Relational Database Management*

Year 2 - Spring SEMESTER

Information Security Capstone Project OR Thesis
Cryptography*
Information Security Risk Management*
Security Data Analytics*
Malicious Code Analysis*
IT Project Management*

*Half-semester courses

Who are MSISPM's Students?

The average MSISPM class is diverse, both in terms of demographics and experience/education. Data shown reflects the last three years.

See the Admissions page for detailed admissions requirements for the MSISPM program.

MSISPM Class Profile

*GMAT score data does not include GMAT Focus results. Applicants who have taken (or plan to take) the GMAT Focus are encouraged to use GMAC’s concordance table.

Related programs to consider

MISM

Master of Information Systems Management

The Master of Information Systems Management (MISM) is our flagship information systems program, with a focus on technology leadership

Learn More

MSIT

Master of Science in Information Technology

The Master of Science in Information Technology (MSIT) is our part-time "anytime, anywhere" online IT program, ideal for current IT professionals and offering a concentration in Information Security & Assurance

Learn More

MSPPM

Master of Science in Public Policy & Management

The Master of Science in Public Policy & Management (MSPPM) is our renowned public policy program, which offers students the opportunity to specialize in Cybersecurity & Management

Learn More

Executive Education

Certificates in technology leadership and management

Our Executive Education certificate programs cover business technology skills and best practices relevant to current and future CIOs, CISOs, CROs, leaders in data and digital transformation, and others with IT oversight

Learn More