Google Links

Follow the links below to find material targeted to the unit's elements, performance criteria, required skills and knowledge

Elements and Performance Criteria

  1. Plan security audit
  2. Conduct security audit
  3. Report on security findings
  4. Plan security audit
  5. Conduct security audit
  6. Report on security findings

Performance Evidence

Evidence required to demonstrate competence must satisfy all of the requirements of the elements and performance criteria. If not otherwise specified the candidate must demonstrate evidence of performance of the following on at least two occasions.

applying legislation, regulations and policies relating to information technology security audits and government security management

gathering, analysing and recording data

using computer applications to undertake security audits

managing risk in the context of government security management

engaging in discussion involving exchanges of complex information

responding to diversity


Knowledge Evidence

Evidence required to demonstrate competence must satisfy all of the requirements of the elements and performance criteria. If not otherwise specified the depth of knowledge demonstrated must be appropriate to the job context of the candidate.

legislation, regulations, policies, procedures and guidelines relating to information technology security audits

operational knowledge of policies and procedures in regard to use of information technology systems

organisation’s security plan

information technology systems and architecture

use and maintenance of hardware and software systems

Australian Audit Standards

aspects of criminal law and administrative law relating to the outcomes of compliance audits

protocols for reporting fraud, corruption, maladministration and security breaches

fundamental ethical principles in the handling of documents and information, natural justice, procedural fairness, respect for persons and responsible care