Elements and Performance Criteria
- Research critical infrastructure need for an organisation
- Research organisation’s need for critical infrastructure protection and document findings according to organisational requirements
- Analyse organisation’s existing critical infrastructure protection plan
- Determine effectiveness and alignment of existing plan to organisational requirements
- Identify operational systems, critical assets, segmentation and legislative requirements
- Determine level of protection, vulnerability, risk and mitigation according to organisational requirements
- Develop protection strategy
- Implement protection strategy
- Backup data according to organisational policies and procedures
- Secure devices according to protection plan and technical requirements
- Implement network segmentation according to protection plan and technical requirements
- Apply software patches according to technical requirements
- Implement additional protection plan requirements and asset management processes
- Test implementation outcomes
- Test deployment of protection plan according to organisational policies and procedures
- Obtain and analyse results according to organisational policies and procedures
- Determine and document additional protection methods for critical infrastructure protection
- Submit documentation to required personnel and seek and respond to feedback