Application
This unit applies to IT personnel who are required to gather information to determine the organisation’s code of ethics, and protect and maintain privacy policies and system security.
Prerequisites
Not applicable.
Elements and Performance Criteria
1. Protect intellectual property | 1.1 Identify current legislation and standards relating to intellectual property and copyright 1.2 Investigate current organisational copyright policy 1.3 Adhere to organisational policy and current legislation in work practices |
2. Contribute to copyright policy | 2.1 Contribute to the creation or updating of the organisation’s copyright policy and procedures to align with legislation and industry standards 2.2 Distribute new or revised policy and procedures to stakeholders |
3. Protect rights of stakeholders | 3.1 Identify and document the relevance of legislation and standards to organisational outcomes 3.2 Investigate and review organisational privacy policy and procedures 3.3 Investigate and review organisational code of ethics 3.4 Determine the integrity, confidentiality, security and availability of information as required by organisational policy 3.5 Maintain confidentiality and proprietary rights of stakeholder interests |
4. Contribute to privacy policy | 4.1 Contribute to the creation or updating of the organisational privacy policy and procedures to align with privacy legislation 4.2 Distribute new or revised policy and procedures to stakeholders 4.3 Implement new work procedures and collect feedback from stakeholders 4.4 Ensure the integrity, confidentiality, security and availability of information as required by organisational policy |
5. Maintain privacy policy | 5.1 Review work practices to ensure application of privacy policy and procedures 5.2 Maintain the integrity, confidentiality, and availability of information as required by organisational privacy policy 5.3 Review work practices to ensure system security according to organisational privacy policy |
6. Contribute to creation of ethics code | 6.1 Assist in developing or updating a code of ethics to align with legislation and standards for the organisation 6.2 Distribute the new ethics code to stakeholders and collect feedback 6.3 Implement new ethical work procedures and collect feedback 6.4 Review ethical work practices and feedback to ensure application of the code |
7. Maintain ethics code | 7.1 Perform regular checks to ensure stakeholders understand and are continuing to apply the code of ethics in the workplace 7.2 Establish a review and grievance procedure to enable confidential reporting of any ethical issues 7.3 Interview and regularly follow up with stakeholders to ensure they are receiving consistent and appropriate service in dealing with the code of ethics |
Required Skills
Required skills
communication skills to liaise with internal and external personnel on ethical and privacy, operational and business-related matters
learning skills to update personal ethical and privacy knowledge through professional development
literacy skills to apply standards and legislation to policy and procedure development and monitoring
planning and organisational skills to plan, prioritise and monitor own work
research skills to gain and maintain current industry privacy and ethical information
technical skills to perform application and system security and storage management.
Required knowledge
Australian Computer Society Code of Ethics
federal and state or territory legislation and policy relevant to an IT environment relating to:
access and equity
copyright and intellectual property
OHS
privacy
organisational communication processes and procedures
organisational requirements for customer service
server operating systems
system security procedures.
Evidence Required
The evidence guide provides advice on assessment and must be read in conjunction with the performance criteria, required skills and knowledge, range statement and the Assessment Guidelines for the Training Package.
Overview of assessment | |
Critical aspects for assessment and evidence required to demonstrate competency in this unit | Evidence of the ability to: analyse legislation and standards relating to professional conduct and privacy in the IT industry contribute to the development of a code of ethics and monitor the workplace to ensure code of ethics is being applied and is appropriate contribute to the development of a privacy policy and monitor the workplace to ensure the policy is being applied and is appropriate. |
Context of and specific resources for assessment | Assessment must ensure access to: relevant organisational policies, legislation and standards documentation industry codes of practice appropriate learning and assessment support when required. Where applicable, physical resources should include equipment modified for people with special needs. |
Method of assessment | A range of assessment methods should be used to assess practical skills and knowledge. The following examples are appropriate for this unit: direct observation of candidate monitoring continuity of computing services and information flow to ensure the protection of stakeholder interests review of candidate’s documented code of ethics and privacy policy verbal or written questioning to assess candidate’s provision of some leadership and guidance to others in the implementation of ethical conduct in business relationships verbal or written questioning to assess candidate’s ability to provide guidance to others in the operation and management of privacy policies in business relationships. |
Guidance information for assessment | Holistic assessment with other units relevant to the industry sector, workplace and job role is recommended, where appropriate. Assessment processes and techniques must be culturally appropriate, and suitable to the communication skill level, language, literacy and numeracy capacity of the candidate and the work being performed. Indigenous people and other people from a non-English speaking background may need additional support. In cases where practical assessment is used it should be combined with targeted questioning to assess required knowledge. |
Range Statement
The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included.
Legislation and standards may include: | access and equity confidentiality requirements copyright laws defamation laws industry codes of practice, such as Australian Computer Society Code of Ethics industry standards intellectual property international standards International Organization for Standardization (ISO), International Electrotechnical Commission (IEC) and Australian Standards (AS) legal and regulatory policies affecting ebusiness OECD Guidelines for Consumer Protection in the Context of Electronic Commerce OHS organisational standards privacy legislation project standards. |
Privacy policy may include: | access of personal information disclosure of personal information gathering of personal information organisation standards and practices quality of personal information security of personal information sensitivity of personal information storage of personal information use of personal information. |
Stakeholders may include: | authorised business representative colleagues individuals internal departments internal employees external organisations clients project manager supervisor users. |
Sectors
General ICT
Employability Skills
This unit contains employability skills.
Licensing Information
No licensing, legislative, regulatory or certification requirements apply to this unit at the time of endorsement but users should confirm requirements with the relevant federal, state or territory authority.