NTISthis.com

Evidence Guide: ICTNWK616 - Manage security, privacy and compliance of cloud service deployment

Student: __________________________________________________

Signature: _________________________________________________

Tips for gathering evidence to demonstrate your skills

The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!

From the Wiki University

 

ICTNWK616 - Manage security, privacy and compliance of cloud service deployment

What evidence can you provide to prove your understanding of each of the following citeria?

Manage enterprise cloud security controls

  1. Identify the cloud security issues faced by different delivery and deployment models relevant to the enterprise
  2. Determine the specific enterprise areas of security responsibility
  3. Implement the most relevant security controls and measures, to protect identified areas of responsibility
Identify the cloud security issues faced by different delivery and deployment models relevant to the enterprise

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Determine the specific enterprise areas of security responsibility

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Implement the most relevant security controls and measures, to protect identified areas of responsibility

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Manage enterprise cloud privacy and compliance

  1. Identify the relevant compliance regulations relating to data storage
  2. Determine the most relevant business continuity and data recovery plans
  3. Identify, secure and maintain, the relevant logs and audit trails
  4. Investigate and review legal, privacy and contractual issues to ensure that they meet the enterprise policy
Identify the relevant compliance regulations relating to data storage

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Determine the most relevant business continuity and data recovery plans

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Identify, secure and maintain, the relevant logs and audit trails

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Investigate and review legal, privacy and contractual issues to ensure that they meet the enterprise policy

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Review, implement and document cloud security, privacy and compliance enhancements

  1. Implement the appropriate changes, and integrate them into the current enterprise’s continuity of operation program (COOP)
  2. Establish a performance measurement program, to evaluate the security effectiveness of implemented security controls
  3. Provide relevant documentation as part of COOP, for audit tracking purposes
Implement the appropriate changes, and integrate them into the current enterprise’s continuity of operation program (COOP)

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Establish a performance measurement program, to evaluate the security effectiveness of implemented security controls

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Provide relevant documentation as part of COOP, for audit tracking purposes

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assessed

Teacher: ___________________________________ Date: _________

Signature: ________________________________________________

Comments:

 

 

 

 

 

 

 

 

Instructions to Assessors

Evidence Guide

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Manage enterprise cloud security controls

1.1 Identify the cloud security issues faced by different delivery and deployment models relevant to the enterprise

1.2 Determine the specific enterprise areas of security responsibility

1.3 Implement the most relevant security controls and measures, to protect identified areas of responsibility

2. Manage enterprise cloud privacy and compliance

2.1 Identify the relevant compliance regulations relating to data storage

2.2 Determine the most relevant business continuity and data recovery plans

2.3 Identify, secure and maintain, the relevant logs and audit trails

2.4 Investigate and review legal, privacy and contractual issues to ensure that they meet the enterprise policy

3. Review, implement and document cloud security, privacy and compliance enhancements

3.1 Implement the appropriate changes, and integrate them into the current enterprise’s continuity of operation program (COOP)

3.2 Establish a performance measurement program, to evaluate the security effectiveness of implemented security controls

3.3 Provide relevant documentation as part of COOP, for audit tracking purposes

Required Skills and Knowledge

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Manage enterprise cloud security controls

1.1 Identify the cloud security issues faced by different delivery and deployment models relevant to the enterprise

1.2 Determine the specific enterprise areas of security responsibility

1.3 Implement the most relevant security controls and measures, to protect identified areas of responsibility

2. Manage enterprise cloud privacy and compliance

2.1 Identify the relevant compliance regulations relating to data storage

2.2 Determine the most relevant business continuity and data recovery plans

2.3 Identify, secure and maintain, the relevant logs and audit trails

2.4 Investigate and review legal, privacy and contractual issues to ensure that they meet the enterprise policy

3. Review, implement and document cloud security, privacy and compliance enhancements

3.1 Implement the appropriate changes, and integrate them into the current enterprise’s continuity of operation program (COOP)

3.2 Establish a performance measurement program, to evaluate the security effectiveness of implemented security controls

3.3 Provide relevant documentation as part of COOP, for audit tracking purposes

Evidence of the ability to:

identify, manage and implement cloud security controls, according to legal and privacy requirements

integrate the cloud security plans into the enterprise’s existing security plans

develop an ongoing performance measurement and evaluation review process.

Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.

To complete the unit requirements safely and effectively, the individual must:

review the business and commercial issues relating to the management of cloud security

research the legislation, organisational and jurisdictional policy and procedures that may impact on management areas including:

cloud-related privacy issues

codes of ethics and conduct

equal employment opportunity, equity and diversity principles

financial management requirements

governance requirements

determine management specifications and objectives

identify the management tools and techniques suited to a range of complex project activities

describe the organisational and political context

evaluate the systems development life cycle (SDLC)

determine the techniques for critical analysis in a management context.