Google Links

Follow the links below to find material targeted to the unit's elements, performance criteria, required skills and knowledge

Elements and Performance Criteria

1. Implement security plan
   • Implement countermeasures and treat security risks.
   • Follow and meet timeframes and budgetary requirements.
   • Comply with legal, government and organisational policy requirements.
   • Document and monitor residual risks.
2. Monitor the risk environment
   • Determine and document strategies to monitor the risk environment.
   • Monitor security risks, types and sources of threats to detect changing circumstances that may alter risk management priorities.
   • Conduct monitoring on a regular basis.
   • Monitor organisational changes to identify circumstances where re-examination of the security environment becomes necessary.
   • Document and act upon results of monitoring.
3. Evaluate security plan
   • Monitor risk treatments to gauge extent and effectiveness of implementation.
   • Evaluate treatments against the objectives of the security plan.
   • Obtain feedback from stakeholders on the adequacy and need for current security measures affecting their work area.
   • Identify and address weaknesses in the security plan.
   • Review the plan on an ongoing basis, to detect exceptional incidents, breaches, and changes in circumstances.
   • Update the plan to reflect current circumstances.
4. Implement security plan
   • Implement countermeasures and treat security risks.
   • Follow and meet timeframes and budgetary requirements.
   • Comply with legal, government and organisational policy requirements.
   • Document and monitor residual risks.
5. Monitor the risk environment
   • Determine and document strategies to monitor the risk environment.
   • Monitor security risks, types and sources of threats to detect changing circumstances that may alter risk management priorities.
   • Conduct monitoring on a regular basis.
   • Monitor organisational changes to identify circumstances where re-examination of the security environment becomes necessary.
   • Document and act upon results of monitoring.
6. Evaluate security plan
   • Monitor risk treatments to gauge extent and effectiveness of implementation.
   • Evaluate treatments against the objectives of the security plan.
   • Obtain feedback from stakeholders on the adequacy and need for current security measures affecting their work area.
   • Identify and address weaknesses in the security plan.
   • Review the plan on an ongoing basis, to detect exceptional incidents, breaches, and changes in circumstances.
   • Update the plan to reflect current circumstances.

Performance Evidence

Evidence required to demonstrate competence must satisfy all of the requirements of the elements and performance criteria. If not otherwise specified the candidate must demonstrate evidence of performance of the following on at least two occasions.

applying legislation, regulations and policies relating to security risk management

auditing in the context of security risk management

communicating with diverse stakeholders involving presentation, listening, questioning, paraphrasing, clarifying, summarising

reading and analysing complex information in standards and security plans

writing reports requiring formal language and structure

representing numerical, graphical and statistical information in diverse formats

---

Knowledge Evidence

Evidence required to demonstrate competence must satisfy all of the requirements of the elements and performance criteria. If not otherwise specified the depth of knowledge demonstrated must be appropriate to the job context of the candidate.

Operational knowledge of:

public service Acts

Crimes Act 1914 and Criminal Code 1985

Freedom of Information Act 1982

Privacy Act 1988

fraud control policy

protective security policy

Complex knowledge of:

Australian Government Information Security Manual (ISM)

Protective Security Policy Framework

Australian standards, quality assurance and certification requirements

organisation’s strategic objectives and security plan

national strategic objectives

security constraints

equal employment opportunity, equity and diversity principles

public sector legislation, including WHS and environment, in the context of implementation and monitoring of security risk management plans

---