Division of IT: Security

Application Security Education Program (ASEP)


To ensure that the principles and practice of application security are an integral part of the University's teaching and research functions.


To research and develop processes, technologies, and curriculum for educating application developers, software engineers, managers, executives, security professionals and auditors on the proper application of security principals throughout the software development lifecycle.

University of Missouri — NSA Center for Academic Excellence in Information Assurance Education

Beginning in 1999, the National Security Agency founded the Centers for Academic Excellence in Information Assurance Education certification program (CAE-IAE). This program is designed to set a standard for Information Assurance education and research at the collegiate level. Attaining certification at this level makes an institution eligible for NSA funding targeted at both curriculum enhancement and hard research in the area of Information Assurance. Additionally, public-private funding opportunities exist through the NSA which allows vendors to gain incentives through the federal government for funding research related to Information Assurance.

The University of Missouri-Columbia campus was designated as a Center for Academic Excellence in Information Assurance Education in April 2008. This certification was made possible by participation from the College of Engineering Computer Science Program, the College of Business and the School of Medicine. Within these programs, the Bachelor of Science in Information Technology, Masters in Health Informatics Program and the Masters in Accountancy Program Systems Track have all been certified to NSA standards for Information Assurance Education.

Certification as a Center for Excellence in Information Assurance includes the following major criteria:

  • Partnerships in IA Education: Provide evidence of partnerships in IA education with minority colleges and universities, or 2-year community colleges, or technical schools.
  • IA Treated as a Multidisciplinary Science: The academic program demonstrates IA is not treated as a separate discipline, but as a multidisciplinary science with the body of IA knowledge incorporated into various disciplines.
  • University Encourages the Practice of IA: The academic program demonstrates how the university encourages the practice of IA, not merely that IA is taught.
  • Academic Program Encourages Research in IA: The academic program encourages research in IA. Provide examples. This criteria focuses on STUDENT-based research and is important because research fuels the relevancy and currency of IA curricula.
  • IA Curriculum Reaches Beyond Geographic Borders: The IA curriculum reaches beyond the normal geographic borders of the university.
  • Faculty Active in IA Practice and Research and Contribute to IA Literature: It is clearly demonstrated that the faculty is active in current IA practice and research, and contributes to IA literature. Substantiate depth and length of faculty expertise through submission of biographies.
  • State-of-the-Art IA Resources: The university library and reference systems/materials and/or the IA Center maintain state-of-the art IA resources.
  • Focus area or area of study in IA: Academic program, within a nationally or regionally accredited 4-year college or graduate-level university, has declared concentrations in IA.
  • Declared Center for IA Education or Research: The university has a declared center for IA education or a center for IA research from which IA curriculum is emerging.
  • Full-time IA Faculty: University IA faculty consists of more than one individual devoted full time to IA. Includes shared and cross-departmental appointments for part-time and adjunct faculty.

As of April, 2008, there were 86 institutions with this certification across 34 states and the District of Columbia.

The emphasis for funding regarding Information Assurance is being driven by the National Strategy to Secure Cyberspace. Specifically the certification program addresses Priority III of the strategy, "A National Cyberspace Security Awareness and Training Program." Research in IA also touches on Priority II, "A National Cyberspace Security Threat and Vulnerability Reduction Program."

Campus Partners

Letters of Support

Questions about this program should be directed to isam@missouri.edu.