Application
This unit describes the skills and knowledge required to direct the strategic planning, risk management, and security of emerging, and converging, information and communications technology (ICT) services, internal and external, of medium to large organisations.
It applies to individuals in senior management roles who lead the management of business process to support organisational strategic goals of organisations.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Elements and Performance Criteria
ELEMENT | PERFORMANCE CRITERIA |
Elements describe the essential outcomes. | Performance criteria describe the performance needed to demonstrate achievement of the element. |
1. Direct the strategic planning for ICT resources | 1.1 Critically analyse the organisational environment 1.2 Ensure compliance with legislative and social requirements 1.3 Establish priorities, based on organisational needs 1.4 Establish the ICT infrastructure 1.5 Lead the development and implementation of a strategic plan for ICT resourcing |
2. Lead the risk management of ICT resources and processes | 2.1 Lead the development of a strategy for risk assessment 2.2 Ensure that the risk assessment complies with organisational policy 2.3 Ensure that risk mitigation is based on identified risks |
3. Direct the quality assurance processes for ICT services | 3.1 Lead the development of a quality assurance strategic plan 3.2 Monitor the quality processes 3.3 Oversee the implementation of quality assurance strategies 3.4 Ensure that continuous improvement is undertaken |
Evidence of Performance
Evidence of the ability to:
lead the development of a strategy to align information and communications technology (ICT) services, with organisational goals
lead and monitor a risk analysis, including security for ICT assets
implement procedures that identify where risk occurs, and what measures need to be taken
produce contingency plans for business continuity
establish warning systems, and an ongoing process, that includes regular or programmed reviews of the risk profile
lead the development of a strategy and the implementation of a quality assurance process.
Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.
Evidence of Knowledge
To complete the unit requirements safely and effectively, the individual must:
summarise the security products, and organisational security policies, that affect ICT services
research and then outline, the standards that relate to risk management principles and guidelines
discuss business continuity issues for the organisation
examine the organisation’s industry and current functionality, including the existing data and information systems
review and describe, the organisation’s internal and external dependencies and interdependencies
describe the organisational policies and procedures, including the risk-management strategy
review and analyse, past and current internal, external and industry disruptions
outline the relevant legislation and regulations that impact on business continuity including:
workplace health and safety (WHS)
environment
duty of care
contracts
business and company law
freedom of information
industrial relations
privacy and confidentiality
due diligence
records management.
Assessment Conditions
Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions and time variances must be typical of those experienced in the general ICT industry, and include access to:
relevant strategic level enterprise documentation, including:
planning
financial
ICT infrastructure
codes of practice, legislation and regulations
organisational policies and procedures.
Assessors must satisfy NVR/AQTF assessor requirements.
Foundation Skills
This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.
Skill | Performance Criteria | Description |
Reading | 1.1, 1.2, 1.3, 1.4, 1.5, 2.2, 3.2 | Identifies, analyses and evaluates complex information from a range of sources, to obtain the information relevant to ICT strategic planning Interprets complex ideas, concepts and unfamiliar information |
Writing | 1.3, 1.4, 1.5, 2.1, 3.1 | Integrates information and ideas from a number of sources, utilising the appropriate modelling tools, specialised and cohesive language, and formal document structures, to meet the requirements of the audience and the task |
Oral Communication | 1.1-1.5, 2.1-2.3, 3.1-3.4 | Uses effective listening and probing, open questioning techniques to elicit the views and opinions of others, and to obtain information Participates in a verbal exchange of ideas and solutions, and uses detailed and clear language to clarify and present information, according to the requirements and the audience Articulates requirements and strategies clearly, using the appropriate pitch, tone, body language and reflective responses |
Numeracy | 1.1, 1.5, 2.1, 2.2, 2.3, 3.1, 3.2, 3.3 | Uses a range of statistical, mathematical and financial calculations and functions, and relevant software tools, to interpret data relating to the development of the strategic plan, and to develop cost benefit analyses, and operational budgets |
Navigate the world of work | 1.2, 2.2 | Monitors adherence to legal and regulatory rights, and responsibilities, in order to direct strategic planning Recognises that workplace protocols that must be respected, and maintained, during risk management |
Get the work done | 1.1, 1.3, 1.4, 1.5, 2.1, 2.3, 3.1 | Develops plans for complex, high-impact activities with strategic implications May use formal decision-making processes as scaffolding for thinking, moving iteratively between phases as required May use formal analytical and lateral thinking techniques for identifying issues, generating and evaluating possible solutions Explores, and incubates, ideas that have the potential to lead to radical departures from the current situation Demonstrates a sophisticated understanding of the principles, concepts, language and practices associated with the digital world, and uses these to troubleshoot, and understand, the uses of potential and new technology |
Sectors
General ICT