Skip to content

Online Master’s in Information Security Policy and Governance Programs

A degree in information policy and governance prepares students to manage and coordinate the cybersecurity demands of businesses and other organizations that rely on complex computer systems to collect, process, store, and transmit vast stores of valuable and potentially damaging data. Training in information governance involves technical proficiency in computer programming, computer systems, and computer networks. Cultivating the critical thinking, problem solving, and communications skills associated with organizational leadership is another important aspect of training in this field. Colleges and universities have responded to the growing demand for this combination of technical expertise and leadership qualities with master’s degree programs that offer specific training in IT governance, systems compliance, and enterprise-wide cybersecurity policy.

What is Information Policy and Governance?

Information governance is the aspect of cybersecurity primarily concerned with evaluating and managing risks to digital data and infrastructures. This includes learning how data and computer systems are integrated into organizational goals, identifying IT solutions that meet cybersecurity needs, and ensuring that these solutions comply with industry standards and legal statutes. It also involves devising strategies for cyber incident response and for the overall defense of digital networks. In addition, information policy and governance has a personnel management aspect: professionals in this field are responsible for coordinating the actions of cybersecurity technicians and other IT staffers, and communicating IT security imperatives to key decision makers in an organization.

Online Master’s Degrees in Information Policy and Governance

Master’s degrees in information policy and governance are inherently interdisciplinary. In addition to learning about hardware, software, and other IT components, students develop an understanding of the legal and ethical issues surrounding the collection and protection of sensitive data, and cultivate a strategic perspective on cybersecurity issues. Master’s degree programs that are designed to address these core areas of expertise include the following:

  • Master of Science in Information Policy and Governance
  • Master of Science in Information Security Leadership
  • Master of Science in Cybersecurity Management
  • Master or Science in Security Management
  • Master of Science in Cybersecurity with a concentration in Governance and Risk Management
  • Master of Science in Computer Information Systems with a concentration in Information Governance

These degrees are often part of larger cybersecurity and information assurance graduate programs. They are typically housed in computer science and engineering departments. However, as the field of information governance has evolved, master’s degrees that address cybersecurity policy concerns are also offered by schools of public or global policy studies, and as part of business and data management and administration programs.

Identifying Master’s in Information Policy and Governance Programs

Currently, there is no standardized naming convention for master’s degrees in information policy and governance. This is partly due to the fact that there is no specific body that sets curricular standards for master’s degrees in information policy and governance. Therefore, identifying and comparing programs can be difficult and time consuming. The key is to identify master’s degrees that cover two broad areas: the technical training associated with cybersecurity and information assurance; and the policy and management coursework that addresses legal and ethical issues, IT business planning, and global cyber strategy.

How Categorizes Online Information Policy and Governance Programs

Through independent research of universities offering information policy and governance degrees, has established criteria for distinguishing these programs from other types of degrees. Our goal is to help prospective students identify relevant online master’s degree training in information governance, regardless of program names and/or departmental affiliations. The online Master’s in Information Policy and Governance programs featured on this page were evaluated based on the following requirements:

  • They must offer a coherent plan of study clearly focused on information policy and governance, rather than just one or two electives in the subject area.
  • They must feature 3-4 classes that specifically target aspects of cybersecurity policy and information governance, including information privacy, ethical and legal issues, and managing cyber risk.

While does its best to ensure online degree listings are up-to-date, this is an evolving field and programs can and do change. Students considering a Master’s in Information Policy and Governance should visit prospective schools’ websites for the most current information.

Readers can also visit’s program pages on Information Assurance and Cybersecurity, and Digital Forensics to learn more about other online master’s degree programs in cybersecurity.

What Information Policy and Governance Programs Teach

Information policy and governance master’s programs provide students with an in-depth understanding of the technical aspects of IT hardware and software, and the security strategies that are commonly used to protect data and information systems. Where these degrees differ from other cybersecurity programs is in the stress they place on policy and management issues. Information governance coursework includes learning about the legal and regulatory issues pertaining to data privacy, judicial discovery, and security standards. These degrees also provide students with analytical tools to assess value and risk, diagnose system weaknesses, and devise solutions to fix those problems. And, they offer training in the written and verbal skills necessary to effectively communicate cybersecurity issues and concerns to executives, board members, and other members of an organization.

Common Information Policy and Governance Courses

The following courses are sampled from existing online master’s degree programs in information policy and governance.

Course TitleCourse Description
Foundations of Information SecurityCovers the building blocks of information assurance and cybersecurity, including network, system, and software vulnerabilities; types of cyber attacks and defense strategies; access controls and authentication protocols; and cryptography and encryptions processes.
IT ManagementFocuses on analyzing and addressing organizational issues in IT management, from allocating IT resources and maintaining computer systems, to defining the roles and coordinating the efforts of various IT and cybersecurity technicians, engineers, and consultants.
Principles of Computer Incident Response and InvestigationA methodology for identifying risk factors and attack vectors, designing countermeasures and data protection strategies, and creating a organization plan for reacting to, recovering from, and identifying the source of a cybersecurity breach.
IT Governance Compliance and Legal Issues Examines the privacy and compliance environments facing U.S. companies, as well as international regulations regarding data protection and usage.
Human Organizational Aspects of CybersecurityOrganizational and individual behaviors in relation to IT security and cyber crime are explored, with a focus on risk management practices and policies that support information assurance and security.
Managing Enterprise Resource Planning (ERP) SystemsThe design, evaluation, and implementation of ERP systems, which are enterprise-wide applications commonly used to track payroll, budgeting, human resources, inventory, sales, and other vital resources, including databases and other digital assets.

Admissions Requirements for Online Information Policy and Governance Programs

Admissions requirements for online master’s degree programs in information policy and governance vary from institution to institution. A bachelor’s degree from a regionally accredited four-year college or university is generally a prerequisite. Some programs may also require a minimum grade point average. A background in computers and digital technology is often not required, but may be recommended. In addition, it is common for programs to ask for up to three recommendations, as well as a personal statement in the form of an essay that details the applicant’s interest and/or prior experience in the field of cybersecurity policy and information governance. In some cases, schools may also require the submission of scores from the GRE test.

Online Information Policy and Governance Program Format Options

Online master’s programs in information policy and governance are not all structured the same. Some may offer more latitude in terms of course load and class scheduling than others. But, most online curricula are designed with convenience and flexibility in mind. This can be an important factor for students who have to balance school commitments with career, military, and/or family obligations.

Course load and length of study: Generally, information policy and governance master’s programs can be completed in three to four traditional 14-16 week semesters of coursework. However, many online schools offer more flexible formatting that breaks the traditional academic calendar down into smaller six-eight week sessions. A typical degree will include 10-12 classes that comprise a 30-36 credit-hour program. Some programs may also include or require a 3-6 credit capstone or master’s thesis project. Online students who wish to attend a program full-time may have the option of finishing in as few as 12 months. Students who wish to attend part-time can typically complete a program in 24 months or more. The following table presents real enrollment options and credit requirements from three different online Master in Information Policy and Governance programs.

SchoolEnrollmentAvg. Courses Per SemesterTime to Completion*
University A
(30 credits)
2 courses/8-week term
1 course/8-week term
12 months
24 months
University B
(36 credits)
1-2 courses/6-week term
1 courses/6-week term
12 months
24 months
University C
(30 credits)
Variable1-3 courses/semester12-36 months
* Schools’ estimated time-to-completion for students who maintain suggested course load throughout their programs.

Synchronous vs. Asynchronous Instruction: Depending on individual scheduling needs, how the courses are taught can be a crucial factor in choosing an online master’s degree. Asynchronous instruction offers optimum convenience: students can access and view pre-recorded lectures, communicate with teachers and classmates online, and remotely download and submit assignments as required. Synchronous instruction more closely resembles traditional campus-based classes: it requires students to be present online in order to participate in live lectures and discussions groups at designated times.

Internships and Campus Visits: Online master’s degrees in information policy and governance usually do not require students to complete an internship for graduation. Instead, they may include one or more campus visits, or immersion sessions. These sessions offer students an opportunity to meet directly with faculty and classmates, as well as to introduce them to professionals working in the field of information policy and governance. Not all schools have an immersion component, but it is yet another variable that should be considered when comparing online programs. classifies online in information policy and governance programs as those that require no more than two campus visits per year. Programs that require more than two visits per year are classified as hybrid programs and are not included on the site.