The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!
From the Wiki University
What evidence can you provide to prove your understanding of each of the following citeria?
Plan security audit
|
|
Identify the scope and objectives of the audit and prepare an audit plan to meet the objectives. Completed |
Evidence:
|
Identify the organisation’s information systems to be included in the audit plan. Completed |
Evidence:
|
Advise appropriate personnel of the audit plan and its requirements. Completed |
Evidence:
|
Identify and prioritise possible sources of security risk and prepare an audit checklist. Completed |
Evidence:
|
Conduct security audit
|
|
Identify and analyse systems, procedures, records and documents. Completed |
Evidence:
|
Conduct audit in accordance with the audit plan. Completed |
Evidence:
|
Record audit activities. Completed |
Evidence:
|
Identify situations requiring specialist input or referral to other areas and act on referral. Completed |
Evidence:
|
Report on security findings
|
|
Maintain audit records and prepare audit reports. Completed |
Evidence:
|
Produce report including background, scope, outcomes and recommendations. Completed |
Evidence:
|
Use language and style to suit the audience and in line with organisational requirements for accuracy and timeliness. Completed |
Evidence:
|
Support recommendations with evidence and highlight actions identifying person/s responsible for implementation. Completed |
Evidence:
|
Plan security audit
|
|
Identify the scope and objectives of the audit and prepare an audit plan to meet the objectives. Completed |
Evidence:
|
Identify the organisation’s information systems to be included in the audit plan. Completed |
Evidence:
|
Advise appropriate personnel of the audit plan and its requirements. Completed |
Evidence:
|
Identify and prioritise possible sources of security risk and prepare an audit checklist. Completed |
Evidence:
|
Conduct security audit
|
|
Identify and analyse systems, procedures, records and documents. Completed |
Evidence:
|
Conduct audit in accordance with the audit plan. Completed |
Evidence:
|
Record audit activities. Completed |
Evidence:
|
Identify situations requiring specialist input or referral to other areas and act on referral. Completed |
Evidence:
|
Report on security findings
|
|
Maintain audit records and prepare audit reports. Completed |
Evidence:
|
Produce report including background, scope, outcomes and recommendations. Completed |
Evidence:
|
Use language and style to suit the audience and in line with organisational requirements for accuracy and timeliness. Completed |
Evidence:
|
Support recommendations with evidence and highlight actions identifying person/s responsible for implementation. Completed |
Evidence:
|