Copy and paste from the following data to produce each assessment task. Write these in plain English and spell out how, when and where the task is to be carried out, under what conditions, and what resources are needed. Include guidelines about how well the candidate has to perform a task for it to be judged satisfactory.
Required skills
communication skills to:
negotiate with stakeholders and team members using a range of communication styles to suit different audiences and purposes
respond to diversity, including gender and disability
literacy skills to:
access and prepare information electronically or in hard copy
write recommendations and prepare reports requiring precision of expression
numeracy skills to manage finances
planning and organisational skills to:
lead and mentor people to achieve project outcomes
maintain commitment of stakeholders and project teams
problem-solving skills to apply ethical decision making when problem solving
safety awareness skills to apply workplace safety procedures in line with requirements
technical skills to:
apply risk management techniques, including risk sharing and transfer
use management tools applicable to complex activities.
Required knowledge
business and commercial issues related to the management of IT security
COOP
cost schedule control systems to handle potential budget blow-outs
critical analysis in a management context
legislation, organisational or jurisdictional policy and procedures that may impact on management:
budgetary framework
codes of ethics and conduct
equal employment opportunity, equity and diversity principles
financial management requirements
governance requirements
human resources
OHS and environment requirements
procurement guidelines
public relations
quality standards
risk management
management specifications and objectives
management systems
management tools and techniques suited to a range of complex projects activities
organisational and political context
systems development life cycle (SDLC).
The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included.
Parameters may include: | applications security data security enterprise continuity incidents system security. |
Continuity of operations may include: | COOP plan execution COOP plan revision and updating COOP program implementation identification of functional requirements: mission impact analysis mitigation strategies and plan risk assessment plan design and development project initiation training, testing and drills. |
Factors may include: | business continuity and recovery contingency planning contingency planning and programs disaster recovery emergency delegations of authority orders of succession for key positions scope of the enterprise COOP program security incidence staffing model. |
Security incidents may include: | event causing interruption to reduction in quality of service failure or error in IT infrastructure illegal data harvesting illegal downloads malware: adware computer viruses phishing spyware trojans worms security breach service not available system down tampering. |
Incident-management program may include: | ensuring that the best possible levels of service quality and availability are maintained establishing effective and responsive response team evaluation of security incidents improvement of incident management processes and procedures minimisation of the impact on business operations restoration of normal service operation as quickly as possible sourcing effective security tools. |
Related security teams may include: | incident response team security administration: external stakeholders: law enforcement agencies public relations professionals vendors internal stakeholders: finance HR legal department procurement technical support. |
Resources may include: | equipment financial network security and telecommunications personnel training. |
Applicable network-based documents may include: | directives laws policies procedures regulations standards. |
Documentation may include: | applicable network-based documents audits and management reviews communications protocols contingency plans and activities evaluation reports incident management program, processes and procedures management reports network security and telecommunications program performance measurement program reviews and improvements records security classification and data management policies security incidence records. |
Copy and paste from the following performance criteria to create an observation checklist for each task. When you have finished writing your assessment tool every one of these must have been addressed, preferably several times in a variety of contexts. To ensure this occurs download the assessment matrix for the unit; enter each assessment task as a column header and place check marks against each performance criteria that task addresses.
Observation Checklist