The Regulation, Compliance, & Audit Concentration focuses on the impact of Information Assurance legislation and IT security controls requirements on Enterprises. This concentration expends the information assurance aspects to IT and financial auditing and provide a sound foundations for students looking for a career in auditing, compliance and information security management.
Note: Some required courses in the Regulation, Compliance & Audit Concentration are not available via Online Learning.
Online Learning Learning opportunities are available for this concentration.
Master of Science 2016-2017


Governance, Risk Management and Compliance Concentration

Degree Requirements
Students in this degree program must meet the following requirements:
  • Complete a minimum of 52 graduate credit hours in addition to any required introductory courses of the designated degree program.
  • Complete all graduate courses and requirements listed in the designated degree program.
  • Earn a grade of C- or better in all courses of the designated degree program.
  • Achieve a GPA of 3.0 or better among the five foundation courses.
  • Maintain a cumulative GPA of 2.5 or higher.
  • Students pursuing a second (or more) graduate degree may not double count or retake any course that applied toward the completion of a prior graduate degree. If a required course in the second degree was already completed and applied toward a previous degree, the student must meet with a faculty advisor to discuss a new course to be completed and substituted in the new degree. This rule also applies to cross-listed courses, which are considered to be the same course but offered under different subjects.
  • Students pursuing a second master's degree must complete a minimum of 52 graduate credit hours beyond their first designated degree program in addition to any required introductory courses in their second designated degree program.

Students with a GPA of 3.9 or higher will graduate with distinction.

For DePaul's policy on repeat graduate courses and a complete list of academic policies see the DePaul Graduate Handbook in the Course Catalog.

Course Requirements
Introductory Courses
No Introductory course (a course numbered 400 through 419) may be substituted for any other course at any level.

Introductory courses may be waived for any of the following conditions:
  • The student has the appropriate course work to satisfy an Introductory Course.
  • The student has appropriate and verified professional experience to satisfy an Introductory Course.
  • The student passes a Graduate Assessment Examination (GAE) in the Introductory Course area.
IT 403 Statistics and Data Analysis
TDC 411 Introduction to Computer and Network Systems
CNS 418 Introduction to Host Security
Foundation Courses
Students must achieve an average GPA of 3.0 or better in the five Foundation Courses. Students who do not meet the Foundation Courses' GPA requirement must retake the course with the lowest grade. If a number of such courses exist, it is up to the student to choose which class to retake. Only the higher grade will count toward the average grade for the purpose of completing the GPA Requirement. Students who do not meet the GPA requirements are encouraged to talk to their faculty advisor to discuss their options. To progress to the Advanced Courses of the degree, a student must complete the Introductory and Foundation Courses.

Students must complete the following courses:
CNS 450 Digital Forensic Techniques
CNS 477 Governance Policies in Information Assurance
CNS 440 Information Security Management
IS 444 IT Auditing
IS 505 Business Continuity/Disaster Recovery Theories and Strategies
Advanced Courses
A maximum of four Advanced Courses can be taken before completing the Foundation Courses and fulfilling the GPA Requirement.

Students must complete the following 2 courses:
CNS 533 Enterprise Security Infrastructure Controls and Regulatory Compliance
IS 560 Enterprise Systems

Students must complete 1 of the following courses:
CNS 490 Information Security Risk Assessment for Non-Profit Organizations
IS 430 Fundamentals of IT Project Management
IS 483 Information Services and Operations
Major Elective Courses
Students must complete 2CNS courses in the range of 420 or higheror courses from the list of courses below. Those courses cannot be used to fulfill a student's CINS Concentration Area or Foundation Courses requirements.
CSC 423 Data Analysis and Regression
CSC 424 Advanced Data Analysis
CSC 433 Scripting for Data Analysis
CSC 436 Web Applications
CSC 438 Framework for Web Application Development
CSC 439 Computer Security
CSC 440 Cryptology
CSC 465 Data Visualization
CSC 478 Programming Machine Learning Applications
CSC 536 Distributed Systems II
CSC 557 Foundations of Computer Security
ECT 582 Secure Electronic Commerce
IS 444 IT Auditing
IS 467 Fundamentals of Data Science
IS 505 Business Continuity/Disaster Recovery Theories and Strategies
IS 506 Business Continuity/Disaster Recovery Management and Tactics
SE 433 Software Testing and Quality Assurance
SE 441 Continuous Delivery and Devops
SE 452 Object-Oriented Enterprise Computing
SE 482 Requirements Engineering
SE 525 Software Security Architecture
SE 526 Software Security Assessment
SE 529 Software Risk Management
TDC 460 Foundations of Network Technologies
TDC 511 Telecommunications Practicum
TDC 560 Advanced Network Technologies and Design
TDC 562 Computer-Communication Network Design and Analysis
TDC 563 Protocols and Techniques for Data Networks
TDC 567 Telecommunication Systems Design and Management
TDC 568 Network Management
TDC 577 Network Security II
CDM Open Elective Courses
Students must complete 2 CDM open electives. Elective courses are in the range of 421-699 and must be chosen among CSC, CNS, TDC, SE, IS, ECT, IT, PM, IPD, HIT, HCI, and GAM courses.
Capstone Requirement
CNS 587 Information Security Governance