NTISthis.com

Evidence Guide: PSPSEC002 - Respond to government security incidents

Student: __________________________________________________

Signature: _________________________________________________

Tips for gathering evidence to demonstrate your skills

The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!

From the Wiki University

 

PSPSEC002 - Respond to government security incidents

What evidence can you provide to prove your understanding of each of the following citeria?

Assess and advise on security incidents

  1. Identify security incident and respond, according to seriousness of the incident.
  2. Conduct preliminary assessment that considers the nature of the breach, level of risk and likely consequences.
  3. Determine limitations of own expertise and refer to more specialised personnel as required.
  4. Maintain records relating to the incident.
Identify security incident and respond, according to seriousness of the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Conduct preliminary assessment that considers the nature of the breach, level of risk and likely consequences.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Determine limitations of own expertise and refer to more specialised personnel as required.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Maintain records relating to the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Plan incident response

  1. Identify, collect and assess evidence to determine risk factor.
  2. Recommend action appropriate to the level of seriousness of the incident.
  3. Identify and document changes required in security policy as a result of the incident.
  4. Advise relevant agencies of the incident.
  5. Prepare a final report incorporating background to the incident, action taken, interview statements, outcomes, summary of findings and recommended actions.
Identify, collect and assess evidence to determine risk factor.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Recommend action appropriate to the level of seriousness of the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Identify and document changes required in security policy as a result of the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Advise relevant agencies of the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Prepare a final report incorporating background to the incident, action taken, interview statements, outcomes, summary of findings and recommended actions.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Assess and advise on security incidents

  1. Identify security incident and respond, according to seriousness of the incident.
  2. Conduct preliminary assessment that considers the nature of the breach, level of risk and likely consequences.
  3. Determine limitations of own expertise and refer to more specialised personnel as required.
  4. Maintain records relating to the incident.
Identify security incident and respond, according to seriousness of the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Conduct preliminary assessment that considers the nature of the breach, level of risk and likely consequences.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Determine limitations of own expertise and refer to more specialised personnel as required.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Maintain records relating to the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Plan incident response

  1. Identify, collect and assess evidence to determine risk factor.
  2. Recommend action appropriate to the level of seriousness of the incident.
  3. Identify and document changes required in security policy as a result of the incident.
  4. Advise relevant agencies of the incident.
  5. Prepare a final report incorporating background to the incident, action taken, interview statements, outcomes, summary of findings and recommended actions.
Identify, collect and assess evidence to determine risk factor.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Recommend action appropriate to the level of seriousness of the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Identify and document changes required in security policy as a result of the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Advise relevant agencies of the incident.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Prepare a final report incorporating background to the incident, action taken, interview statements, outcomes, summary of findings and recommended actions.

Completed
Date:

Teacher:
Evidence:

 

 

 

 

 

 

 

Assessed

Teacher: ___________________________________ Date: _________

Signature: ________________________________________________

Comments:

 

 

 

 

 

 

 

 

Instructions to Assessors

Evidence Guide

ELEMENTS

PERFORMANCE CRITERIA

Elements describe the essential outcomes

Performance criteria describe the performance needed to demonstrate achievement of the element. Where bold italicised text is used, further information is detailed in the range of conditions section.

1. Assess and advise on security incidents

1.1 Identify security incident and respond, according to seriousness of the incident.

1.2 Conduct preliminary assessment that considers the nature of the breach, level of risk and likely consequences.

1.3 Determine limitations of own expertise and refer to more specialised personnel as required.

1.4 Maintain records relating to the incident.

2. Plan incident response

2.1 Identify, collect and assess evidence to determine risk factor.

2.2 Recommend action appropriate to the level of seriousness of the incident.

2.3 Identify and document changes required in security policy as a result of the incident.

2.4 Advise relevant agencies of the incident.

2.5 Prepare a final report incorporating background to the incident, action taken, interview statements, outcomes, summary of findings and recommended actions.

Required Skills and Knowledge

ELEMENTS

PERFORMANCE CRITERIA

Elements describe the essential outcomes

Performance criteria describe the performance needed to demonstrate achievement of the element. Where bold italicised text is used, further information is detailed in the range of conditions section.

1. Assess and advise on security incidents

1.1 Identify security incident and respond, according to seriousness of the incident.

1.2 Conduct preliminary assessment that considers the nature of the breach, level of risk and likely consequences.

1.3 Determine limitations of own expertise and refer to more specialised personnel as required.

1.4 Maintain records relating to the incident.

2. Plan incident response

2.1 Identify, collect and assess evidence to determine risk factor.

2.2 Recommend action appropriate to the level of seriousness of the incident.

2.3 Identify and document changes required in security policy as a result of the incident.

2.4 Advise relevant agencies of the incident.

2.5 Prepare a final report incorporating background to the incident, action taken, interview statements, outcomes, summary of findings and recommended actions.

Evidence required to demonstrate competence must satisfy all of the requirements of the elements and performance criteria. If not otherwise specified the candidate must demonstrate evidence of performance of the following on at least two occasions.

applying legislation, regulations and policies relating to government security management

undertaking research, analysis, including trend analysis, and problem-solving

using communication techniques including interviewing, tailored to diverse stakeholder groups

planning, carrying out and guiding an investigation

recording evidence

writing reports and recommendations

maintaining expedited, complete and accurate records

Evidence required to demonstrate competence must satisfy all of the requirements of the elements and performance criteria. If not otherwise specified the depth of knowledge demonstrated must be appropriate to the job context of the candidate.

legislation, regulations, policies, procedures and guidelines relating to government security management

organisation’s security plan

Crimes Act 1914 and Criminal Code 1985

powers inferred to investigate security incidents, including limitations

referral procedures and appropriate agencies

intelligence and analytical processes

conduct of administrative, security or criminal investigations