List the assessment methods to be used and the context and resources required for assessment. Copy and paste the relevant sections from the evidence guide below and then re-write these in plain English.
ELEMENT | PERFORMANCE CRITERIA |
Elements describe the essential outcomes. | Performance criteria describe the performance needed to demonstrate achievement of the element. |
1. Identify assets and threats | 1.1 Identify types of information assets in the organisation 1.2 Identify mechanisms by which information assets are accessed, transmitted and stored 1.3 Establish nature of threats to information assets and determine effect that loss or damage may have to the organisation |
2. Secure assets | 2.1 Identify actions, mechanisms and strategies to protect information assets 2.2 Secure assets within scope of authority 2.3 Report issues to appropriate person and other issues where they are outside scope of authority |
3. Mitigate or prevent damage to assets | 3.1 Identify signs and evidence that information assets are threatened or undergoing loss or damage 3.2 Provide first level response to reduce effects, mitigate damage and protect evidence 3.3 Report incident, effects and actions to appropriate person |
Evidence of the ability to:
identify the organisation's information assets and the ways in which these assets are used
establish potential threats to information assets and analyse the effects these threats would have on the organisation
implement measures to secure assets, and mitigate or prevent damage, according to organisational requirements
discuss details of security threats and issues relating to information assets with appropriate persons
report issues or incidents according to organisational requirements.
Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.
To complete the unit requirements safely and effectively, the individual must:
identify information assets and key sources of information assets
identify the types of security responses available to secure assets
identify assets supported by the organisation
describe general information and communications technology (ICT) hardware and security implications
identify the organisation’s security procedures.
Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions and time variances must be typical of those experienced in the systems administration and support field of work and include access to:
a site with computer hardware and office environments representing a range of workplaces
appropriate software systems
organisational information assets
technical records, documentation and enterprise procedures.
Assessors must satisfy NVR/AQTF assessor requirements.