Master Courses in Information Security and Governance


The “Dipartimento di Informatica” at Università degli studi di Roma “La Sapienza” offers the following three programs as a continuing education option for professionals from industry and government organizations.

  1. Master in System and Network Security – This program mainly emphasizes on the technical skill-set required for system and network security. Along with the technological know-how, it also involves the managerial and legal aspects related to the security process.
  2. Master in IT Security and Management – Security is a process and needs continuous evolution in accordance with evolving threats and there is a strong need to manage it effectively. The main emphasis of this course is to enhance/introduce the management practices involved in security process. The program is especially intended for management personnel of an organization. The practices and standards taught under this program help in effectively coordinating and managing the security process.
  3. Master in Governance and Audit of Information Systems – This program emphasizes on two key competencies needed today to manage and control the information systems within a complex organization: IT Governance and IT Audit methodologies, standard and practices. The program is especially intended for training of management personnel of an organization on topics as Project Management, Risk Management, strategic alignment, legal and compliance, performance measurement and so on. Some of the standards and best practices covered by the program are Cobit, PMBOK, CISA, CGEIT.

Successful completion of programs (theoretical concepts and on-hand laboratory experience) empowers a professional to understand, implement and take corrective measures for securing and managing IT infrastructures. Such professionals will form a good humanware that will contribute and coordinate effectively an organization.

As the initiative is directed towards working professionals who want to build an expertise without taking a break from work, the programs are part-time (Friday – afternoon, Saturday – morning) and run for a duration of one year. This arrangement also allows roping in experts from industry willing to share their expertise and case studies, on a part-time basis.



Perspective candidates should be under-graduates in any of the following - Computer Science, Physics, Engineering, Mathematics, Statistics; or an under-graduate in other disciplines with competence in information systems having more than one year of work experience. Candidates are expected to have the knowledge/experience of computer programming, database systems, and operating systems. One might acquire it through under-graduate university level courses or through the professional work experience. Candidates seeking admission to “Master in IT Security and Management” should have a graduate degree in above mentioned disciplines.

Organization of programs

Each course involves 300 hours of teaching by professors from the Dipartimento di Informatica and experts from industry. Application of the expertise acquired by students in the classroom forms another half of the program and assessment will be done through a project work. In the course of these programs one may have a flexible combination of the following – class-room teaching, analysis of significant case-studies with the help of professors, attending relevant seminars/conferences, and presentation of professional experiences in managing humanware and legal aspects involved in security and management process. Students will be regularly adjudged through examinations.

These programs will be carried out in the premises of the Dipartimento di Informatica and students have to maintain at least 80% attendance. Certain modules of these programs are also availed under our e-learning initiative.

Project Work

Students are required to undertake a project to utilize their security expertise. The theme of project work should be discussed with the experts conducting the course and will be subsequently summarized into a report – Master’s thesis. Students will be encouraged to undertake a project theme that is relevant to its employer’s security requirements and shall seek active participation of its employer in the program.


Past editions of these programs have actively helped students to qualify the following professional certificate examinations:
1.    Course Completion CCNA Discovery/Exploration
2.    CCE: Clavister Certified Engineer
3.    Auditor/Lead Auditor ISO 27001:2005
4.    CISA (Certified Information Systems Auditor)
5.    CGEIT (Certified in the Governance of Enterprise IT)

Furthermore, the syllabus covered under these programs is considered sufficient for the preparation to the following certificate examination:
1.    CISSP (Certified Information Systems Security Professional) Certification
2.    CISM (Certified Information Security Manager) Certification