NTISthis.com

Evidence Guide: ICTNWK614 - Manage ICT security

Student: __________________________________________________

Signature: _________________________________________________

Tips for gathering evidence to demonstrate your skills

The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!

From the Wiki University

 

ICTNWK614 - Manage ICT security

What evidence can you provide to prove your understanding of each of the following citeria?

Manage enterprise security parameters

  1. Determine and evaluate parameters that affect enterprise security to establish benchmark
  2. Review security classification and data management policies and procedures for relevance, and update if required
  3. Plan and coordinate an effective enterprise continuity of operations (COOP) program and organisational structure for critical business continuity
  4. Develop a plan to address factors to manage the risks of the enterprise
  5. Integrate and evaluate risk management concepts into operational activities with related contingency planning activities, using an enterprise COOP performance measurement program
  6. Evaluate and assess security incidents to establish an effective incident management program for the enterprise
  7. Manage the coordination between related security teams for effective incident management processes and procedures
Determine and evaluate parameters that affect enterprise security to establish benchmark

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Review security classification and data management policies and procedures for relevance, and update if required

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Plan and coordinate an effective enterprise continuity of operations (COOP) program and organisational structure for critical business continuity

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Develop a plan to address factors to manage the risks of the enterprise

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Integrate and evaluate risk management concepts into operational activities with related contingency planning activities, using an enterprise COOP performance measurement program

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Evaluate and assess security incidents to establish an effective incident management program for the enterprise

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Manage the coordination between related security teams for effective incident management processes and procedures

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Manage networks and telecommunications security

  1. Develop a network security and telecommunications program in line with enterprise policy and security goals
  2. Manage the necessary resources to integrate network security and telecommunications program activities with technical support, security administration and incident response activities in a secure network
  3. Establish effective communications protocols between the network security and telecommunications team and related security teams to manage the risks
  4. Establish a performance measurement program to evaluate the security effectiveness of the integrated network security and telecommunications network
  5. Ensure enterprise compliance with applicable networkbased documents, and that network-based audits and management reviews are conducted to implement process improvement
Develop a network security and telecommunications program in line with enterprise policy and security goals

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Manage the necessary resources to integrate network security and telecommunications program activities with technical support, security administration and incident response activities in a secure network

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Establish effective communications protocols between the network security and telecommunications team and related security teams to manage the risks

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Establish a performance measurement program to evaluate the security effectiveness of the integrated network security and telecommunications network

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Ensure enterprise compliance with applicable networkbased documents, and that network-based audits and management reviews are conducted to implement process improvement

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Implement and document enhancements

  1. Implement appropriate changes and improvement actions as required, and evaluate effectiveness of enhancements
  2. Produce and table documentation for audit tracking
Implement appropriate changes and improvement actions as required, and evaluate effectiveness of enhancements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Produce and table documentation for audit tracking

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assessed

Teacher: ___________________________________ Date: _________

Signature: ________________________________________________

Comments:

 

 

 

 

 

 

 

 

Instructions to Assessors

Evidence Guide

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Manage enterprise security parameters

1.1 Determine and evaluate parameters that affect enterprise security to establish benchmark

1.2 Review security classification and data management policies and procedures for relevance, and update if required

1.3 Plan and coordinate an effective enterprise continuity of operations (COOP) program and organisational structure for critical business continuity

1.4 Develop a plan to address factors to manage the risks of the enterprise

1.5 Integrate and evaluate risk management concepts into operational activities with related contingency planning activities, using an enterprise COOP performance measurement program

1.6 Evaluate and assess security incidents to establish an effective incident management program for the enterprise

1.7 Manage the coordination between related security teams for effective incident management processes and procedures

2. Manage networks and telecommunications security

2.1 Develop a network security and telecommunications program in line with enterprise policy and security goals

2.2 Manage the necessary resources to integrate network security and telecommunications program activities with technical support, security administration and incident response activities in a secure network

2.3 Establish effective communications protocols between the network security and telecommunications team and related security teams to manage the risks

2.4 Establish a performance measurement program to evaluate the security effectiveness of the integrated network security and telecommunications network

2.5 Ensure enterprise compliance with applicable networkbased documents, and that network-based audits and management reviews are conducted to implement process improvement

3. Implement and document enhancements

3.1 Implement appropriate changes and improvement actions as required, and evaluate effectiveness of enhancements

3.2 Produce and table documentation for audit tracking

Required Skills and Knowledge

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Manage enterprise security parameters

1.1 Determine and evaluate parameters that affect enterprise security to establish benchmark

1.2 Review security classification and data management policies and procedures for relevance, and update if required

1.3 Plan and coordinate an effective enterprise continuity of operations (COOP) program and organisational structure for critical business continuity

1.4 Develop a plan to address factors to manage the risks of the enterprise

1.5 Integrate and evaluate risk management concepts into operational activities with related contingency planning activities, using an enterprise COOP performance measurement program

1.6 Evaluate and assess security incidents to establish an effective incident management program for the enterprise

1.7 Manage the coordination between related security teams for effective incident management processes and procedures

2. Manage networks and telecommunications security

2.1 Develop a network security and telecommunications program in line with enterprise policy and security goals

2.2 Manage the necessary resources to integrate network security and telecommunications program activities with technical support, security administration and incident response activities in a secure network

2.3 Establish effective communications protocols between the network security and telecommunications team and related security teams to manage the risks

2.4 Establish a performance measurement program to evaluate the security effectiveness of the integrated network security and telecommunications network

2.5 Ensure enterprise compliance with applicable networkbased documents, and that network-based audits and management reviews are conducted to implement process improvement

3. Implement and document enhancements

3.1 Implement appropriate changes and improvement actions as required, and evaluate effectiveness of enhancements

3.2 Produce and table documentation for audit tracking

Evidence of the ability to:

direct contingency planning, operations and programs to manage risk

establish the information and communications technology (ICT) system and application security engineering program

manage the necessary resources to establish and maintain an effective network security and telecommunications program

specify policy and coordinate review.

Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.

To complete the unit requirements safely and effectively, the individual must:

explain business and commercial issues related to the management of ICT security

explain continuity of operations (COOP)

clarify critical analysis in a management context

outline management specifications and objectives

describe different management styles and systems

explain systems development life cycle (SDLC).