Google Links

Follow the links below to find material targeted to the unit's elements, performance criteria, required skills and knowledge

Elements and Performance Criteria

  1. Establish security risk context
  2. Gather and analyse information
  3. Identify security risks
  4. Analyse security risks
  5. Assess and prioritise security risks
  6. Establish security risk context
  7. Gather and analyse information
  8. Identify security risks
  9. Analyse security risks
  10. Assess and prioritise security risks

Performance Evidence

Evidence required to demonstrate competence must satisfy all of the requirements of the elements and performance criteria. If not otherwise specified the candidate must demonstrate evidence of performance of the following on at least two occasions.

applying legislation, regulations and policies relating to security risk management

undertaking risk assessment

reading and analysing the complex information in standards and security plans

researching and analysing the operational environment and drawing accurate conclusions

applying critical analysis, evaluation and deductive reasoning

using problem solving and creative thinking in decision making

communicating with diverse stakeholders: interviewing, listening, questioning, paraphrasing, clarifying, summarising

writing reports requiring formal language and structure

using computer technology and modelling to gather and analyse information and prepare reports

representing numerical, graphical and statistical information in diverse formats


Knowledge Evidence

Operational knowledge of:

public service Acts

Crimes Act 1914 and Criminal Code 1985

Freedom of Information Act 1982

Privacy Act 1988

fraud control policy

protective security policy

Australian Government Information Security Manual (ISM)

Protective Security Policy Framework

Australian standards, quality assurance and certification requirements

Complex knowledge of:

risk assessment techniques/processes

information handling

qualitative and quantitative analysis techniques

incident reports and statistics

asset holdings and recording mechanisms

international treaties and protocols

cross-jurisdictional protocols

organisation’s strategic objectives

national strategic objectives

requirements of user groups