Google Links

Follow the links below to find material targeted to the unit's elements, performance criteria, required skills and knowledge

Elements and Performance Criteria

1. Identify digital supply chain risks
   • Risks, including vulnerabilities in the digital supply chain, are identified and mapped
2. Cyber security risks related to third parties in the digital supply chain are identified
3. Digital supply chain risks are prioritised for severity of impact
4. Responsibility and level of authority for monitoring risk management practices in the digital supply chain is confirmed
5. Develop digital supply chain risk management plan
   • Digital supply chain risk management plan is developed and communicated to stakeholders
6. Digital supply chain risk management system is developed, in accordance with the risk management plan
7. Digital supply chain risk management policies, procedures, processes and practices are developed, in consultation with stakeholders
8. Reporting mechanisms are established, in accordance with the risk management plan
9. Implement digital supply chain risk managementpractices
   • Risk mitigation is undertaken, in accordance with risk management procedures
10. Digital supply chain dashboard metrics are used to assess risks, identify causes and inform stakeholders
11. Risks to the technical integrity of the digital supply chain are reported, in accordance with risk management procedures
12. Responses to unplanned digital supply chain events are managed, in accordance with risk management procedures
13. Review and report ondigital supply chain risk management practices
    • Digital supply chain risk outcomes, including cyber security, are assessed and the effectiveness of risk mitigation is reviewed, in consultation with stakeholders
14. Continuous monitoring and assessment of digital supply chain data related to risk management practices is reviewed
15. Report on digital supply chain risk management practices is prepared and presented to approved stakeholders
16. Continuous improvement actions that support risk management practices are documented

Range Statement

Range is restricted to essential operating conditions and any other variables essential to the work environment. Non-essential conditions may be found in the Companion Volume Implementation Guide.

---

Performance Evidence

Evidence required to demonstrate competence in this unit must be relevant to and satisfy all requirements of the elements and performance criteria on at least one occasion and includes

analysing data assessing risk outcomes communicating with stakeholders determining third party cyber security risks developing a risk management system and risk management plan for digital supply chains documenting continuous improvement actions establishing digital supply chain risk management reporting mechanisms identifying risks and vulnerabilities in the digital supply chain implementing digital supply chain risk management practices managing responses to unplanned events monitoring and assessing digital supply chain data related to risk management practices preparing reports reporting risks to the technological integrity of the digital supply chain undertaking risk mitigation and reviewing its effectiveness using digital supply chain dashboard metrics to assess risks, identify causes and inform stakeholders working with risk management policies and procedures.

---

Knowledge Evidence

Evidence required to demonstrate competence in this unit must be relevant to and satisfy all requirements of the elements and performance criteria and includes knowledge of

communication methods and techniques continuous improvement principles data analysis digital supply chain policies and procedures digital supply chain stakeholders digital supply chain technology principles of risk management practice report requirements responses to unplanned digital supply chain events risk management plans and risk mitigation tools, methods and techniques used for digital supply chain risk management practice types of digital supply chain risks including cyber threats.

---