Unit of Competency Mapping – Information for Teachers/Assessors – Information for Learners

ICTSAS505 Mapping and Delivery Guide
Review and update disaster recovery and contingency plans

Version 1.0
Issue Date: May 2024


Qualification -
Unit of Competency ICTSAS505 - Review and update disaster recovery and contingency plans
Description
Employability Skills
Learning Outcomes and Application This unit describes the skills and knowledge required to analyse the impact of the system on the organisation and carry out risk analysis, disaster recovery and contingency planning.It applies to individuals who apply a wide range of higher level technical skills and systematic problem solving approaches in information and communications technology (ICT) related areas.No licensing, legislative or certification requirements apply to this unit at the time of publication.
Duration and Setting X weeks, nominally xx hours, delivered in a classroom/online/blended learning setting.

Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions and time variances must be typical of those experienced in the systems administration and support field of work, and include access to:

vulnerability assessment and general definition of requirements

acceptance test plan

business impact analysis

information technology security assurance specifications

relevant statutory documentation.

Assessors must satisfy NVR/AQTF assessor requirements.
Prerequisites/co-requisites
Competency Field
Development and validation strategy and guide for assessors and learners Student Learning Resources Handouts
Activities 		Slides
PPT 		Assessment 1 Assessment 2 Assessment 3 Assessment 4
Elements of Competency Performance Criteria              
Element: Evaluate impact of system on business continuity
  • Identify business critical functions and the security environment from documentation and from discussion with business area and project team
  • Identify critical data and software from documentation
  • Assess potential impact of business risk and threats on ICT systems
  • Identify and evaluate statutory requirements, commercial requirements and contingency possibilities according to specifications and cost constraints
       
Element: Evaluate threats to system
  • Identify threats to the system, considering security analysis and internal and external business environment
  • Evaluate risk minimisation alternatives against specifications and cost constraints
       
Element: Formulate prevention and recovery strategy
  • Evaluate prevention and recovery options to support critical business functions against business specifications and cost constraints
  • Review current operational procedures to ensure adequate risk safeguards and contingency plans are in place
  • Submit disaster recovery and prevention strategy to appropriate person for approval
       
Element: Develop disaster recovery plan to support strategy
  • Identify and document resources required for disaster recovery according to specifications and cost constraints
  • Identify and document processes required for disaster strategy according to project standards
  • Identify cut-over criteria before initiating disaster plan
  • Document disaster recovery plan and submit to appropriate person for review and sign-off
       


Evidence Required

List the assessment methods to be used and the context and resources required for assessment. Copy and paste the relevant sections from the evidence guide below and then re-write these in plain English.

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Evaluate impact of system on business continuity

1.1 Identify business critical functions and the security environment from documentation and from discussion with business area and project team

1.2 Identify critical data and software from documentation

1.3 Assess potential impact of business risk and threats on ICT systems

1.4 Identify and evaluate statutory requirements, commercial requirements and contingency possibilities according to specifications and cost constraints

2. Evaluate threats to system

2.1 Identify threats to the system, considering security analysis and internal and external business environment

2.2 Evaluate risk minimisation alternatives against specifications and cost constraints

3. Formulate prevention and recovery strategy

3.1 Evaluate prevention and recovery options to support critical business functions against business specifications and cost constraints

3.2 Review current operational procedures to ensure adequate risk safeguards and contingency plans are in place

3.3 Submit disaster recovery and prevention strategy to appropriate person for approval

4. Develop disaster recovery plan to support strategy

4.1 Identify and document resources required for disaster recovery according to specifications and cost constraints

4.2 Identify and document processes required for disaster strategy according to project standards

4.3 Identify cut-over criteria before initiating disaster plan

4.4 Document disaster recovery plan and submit to appropriate person for review and sign-off

Evidence of the ability to:

develop a contingency plan that identifies threats and minimises down time for business critical functions

develop clear and specific directions on how to handle serious down time

coordinate, plan and articulate flexible logistics requirements.

Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.

To complete the unit requirements safely and effectively, the individual must:

compare and contrast backup methodologies

explain the business planning process relevant to the development of information and communication technology (ICT) business solutions

analyse the client business domain

evaluate disaster recovery plan strategies and components, including:

physical security

system failure, accident or sabotage (hackers)

denial of service

virus attack

cyber attack

telecommunications failure

contingency arrangements

interpret and analyse key workplace health and safety, legislative and organisational requirements relevant to the task

evaluate the organisation’s current systems functionality and systems engineering.

Submission Requirements

List each assessment task's title, type (eg project, observation/demonstration, essay, assignment, checklist) and due date here

Assessment task 1: [title]      Due date:

(add new lines for each of the assessment tasks)

Assessment Tasks

Copy and paste from the following data to produce each assessment task. Write these in plain English and spell out how, when and where the task is to be carried out, under what conditions, and what resources are needed. Include guidelines about how well the candidate has to perform a task for it to be judged satisfactory.

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Evaluate impact of system on business continuity

1.1 Identify business critical functions and the security environment from documentation and from discussion with business area and project team

1.2 Identify critical data and software from documentation

1.3 Assess potential impact of business risk and threats on ICT systems

1.4 Identify and evaluate statutory requirements, commercial requirements and contingency possibilities according to specifications and cost constraints

2. Evaluate threats to system

2.1 Identify threats to the system, considering security analysis and internal and external business environment

2.2 Evaluate risk minimisation alternatives against specifications and cost constraints

3. Formulate prevention and recovery strategy

3.1 Evaluate prevention and recovery options to support critical business functions against business specifications and cost constraints

3.2 Review current operational procedures to ensure adequate risk safeguards and contingency plans are in place

3.3 Submit disaster recovery and prevention strategy to appropriate person for approval

4. Develop disaster recovery plan to support strategy

4.1 Identify and document resources required for disaster recovery according to specifications and cost constraints

4.2 Identify and document processes required for disaster strategy according to project standards

4.3 Identify cut-over criteria before initiating disaster plan

4.4 Document disaster recovery plan and submit to appropriate person for review and sign-off

Copy and paste from the following performance criteria to create an observation checklist for each task. When you have finished writing your assessment tool every one of these must have been addressed, preferably several times in a variety of contexts. To ensure this occurs download the assessment matrix for the unit; enter each assessment task as a column header and place check marks against each performance criteria that task addresses.

Observation Checklist

Tasks to be observed according to workplace/college/TAFE policy and procedures, relevant legislation and Codes of Practice Yes No Comments/feedback
Identify business critical functions and the security environment from documentation and from discussion with business area and project team 
Identify critical data and software from documentation 
Assess potential impact of business risk and threats on ICT systems 
Identify and evaluate statutory requirements, commercial requirements and contingency possibilities according to specifications and cost constraints 
Identify threats to the system, considering security analysis and internal and external business environment 
Evaluate risk minimisation alternatives against specifications and cost constraints 
Evaluate prevention and recovery options to support critical business functions against business specifications and cost constraints 
Review current operational procedures to ensure adequate risk safeguards and contingency plans are in place 
Submit disaster recovery and prevention strategy to appropriate person for approval 
Identify and document resources required for disaster recovery according to specifications and cost constraints 
Identify and document processes required for disaster strategy according to project standards 
Identify cut-over criteria before initiating disaster plan 
Document disaster recovery plan and submit to appropriate person for review and sign-off 

Forms

Assessment Cover Sheet

ICTSAS505 - Review and update disaster recovery and contingency plans
Assessment task 1: [title]

Student name:

Student ID:

I declare that the assessment tasks submitted for this unit are my own work.

Student signature:

Result: Competent Not yet competent

Feedback to student

 

 

 

 

 

 

 

 

Assessor name:

Signature:

Date:

Assessment Record Sheet

ICTSAS505 - Review and update disaster recovery and contingency plans

Student name:

Student ID:

Assessment task 1: [title] Result: Competent Not yet competent

(add lines for each task)

Feedback to student:

 

 

 

 

 

 

 

 

Overall assessment result: Competent Not yet competent

Assessor name:

Signature:

Date:

Student signature:

Date: