Andrew B. Morrow, M.B.A, M.S.I.S.

Lecturer in Information Sciences and Technology, School of Business Administration
Office Phone: +1 717 948 6160
Mailing Address:
E335 Olmsted Bldg
Middletown, PA 17057-4898

Bottom Fields


Andrew Morrow is a Lecturer of Information Science and Technology (IST) and a faculty member of the Penn State Harrisburg School of Business Administration (SBA). Mr. Morrow holds B.S. degrees in Information Systems and Management, a M.B.A and a M.S. in Information Systems from Penn State Harrisburg. He holds numerous industry certifications including a CISSP, CCSP, CISA, and PMP.

Mr. Morrow has over 25 years of experience and has served in a variety of technical, senior management and consulting positions. He has held positions in applications development, database administration, network administration, systems administration, cybersecurity, auditing, IT governance and business continuity. He also has numerous years of experience in senior management positions including Vice President of IT, Chief Information Officer and Chief Technology Officer for both public and private sector organizations. At Penn State, Mr. Morrow is responsible for developing and conducting undergraduate-level business and IST classes focusing on cybersecurity, computer forensics, incident handling and response, information security, networking and telecommunications, decision theory and analysis, risk management, and project management. He has lectured on topics related to cybersecurity, networking, management, leadership and a variety of issues involving the use of information technology in business.

Mr. Morrow also manages his own consulting company providing IT consulting and training services in topics including security, governance, business continuity and auditing.

Professional Affiliations

  • (ISC)² - International Information System Security Certification Consortium
  • EC-Council
  • ISACA - Information Systems Audit and Control Association
  • PMI - Project Management Institute

Professional Certifications

  • (ISC)² Certified Cloud Security Professional (CCSP)
  • (ISC)² Certified Information Systems Security Professional (CISSP)
  • (ISC)² Information Systems Security Architecture Professional (CISSP-ISSAP)
  • (ISC)² Information Systems Security Engineering Professional (CISSP-ISSEP)
  • (ISC)² Information Systems Security Management Professional (CISSP-ISSMP)
  • (ISC)² Systems Security Certified Practitioner (SSCP)
  • EC-Council Certified Chief Information Security Officer (C|CISO)
  • ISACA Certified Information Systems Auditor (CISA)
  • ISACA Certified Information Security Manager (CISM)
  • ISACA Certified in the Governance of Enterprise IT (CGEIT)
  • ISACA Certified in Risk and Information Systems Control (CRISC)
  • PMI Project Management Professional (PMP)
  • PMI Agile Certified Practitioner (PMI-ACP)
Research Interests
Risk Analysis and Management
Network Security
Information Security
Computer and Cyber Forensics