The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!
From the Wiki University
What evidence can you provide to prove your understanding of each of the following citeria?
Confirm risk decisions
|
|
Confirm management decisions determining acceptable and unacceptable levels of risks. Completed |
Evidence:
|
Note and monitor low level risks accepted by the organisation, to detect changed circumstances. Completed |
Evidence:
|
Refer unacceptable high-level risks for development of formal management plans. Completed |
Evidence:
|
Note for treatment all major or significant risks determined as unacceptable. Completed |
Evidence:
|
Identify risk treatments
|
|
Ensure treatments are consistent with the security plan, are cost effective and address levels and types of risk and the importance of the function or resource at risk. Completed |
Evidence:
|
Select treatments to reduce the likelihood and/or consequences of the risk. Completed |
Evidence:
|
Include continuity plans in treatments where appropriate. Completed |
Evidence:
|
Document treatments and submit for approval. Completed |
Evidence:
|
Implement countermeasures
|
|
Develop and implement a treatment plan. Completed |
Evidence:
|
Apply countermeasures in accordance with the implementation strategy detailed in the security plan. Completed |
Evidence:
|
Implement countermeasures in accordance with timeframe, budgetary requirements and legal requirements. Completed |
Evidence:
|
Monitor and review security risk management process
|
|
Implement strategies to monitor risk environment. Completed |
Evidence:
|
Evaluate risk treatments against the objectives of the security plan. Completed |
Evidence:
|
Obtain feedback from stakeholders on the adequacy and need for current security measures affecting their work/area. Completed |
Evidence:
|
Convey recommendations for re-examination of security risk or improved risk treatments to the appropriate personnel. Completed |
Evidence:
|
Confirm risk decisions
|
|
Confirm management decisions determining acceptable and unacceptable levels of risks. Completed |
Evidence:
|
Note and monitor low level risks accepted by the organisation, to detect changed circumstances. Completed |
Evidence:
|
Refer unacceptable high-level risks for development of formal management plans. Completed |
Evidence:
|
Note for treatment all major or significant risks determined as unacceptable. Completed |
Evidence:
|
Identify risk treatments
|
|
Ensure treatments are consistent with the security plan, are cost effective and address levels and types of risk and the importance of the function or resource at risk. Completed |
Evidence:
|
Select treatments to reduce the likelihood and/or consequences of the risk. Completed |
Evidence:
|
Include continuity plans in treatments where appropriate. Completed |
Evidence:
|
Document treatments and submit for approval. Completed |
Evidence:
|
Implement countermeasures
|
|
Develop and implement a treatment plan. Completed |
Evidence:
|
Apply countermeasures in accordance with the implementation strategy detailed in the security plan. Completed |
Evidence:
|
Implement countermeasures in accordance with timeframe, budgetary requirements and legal requirements. Completed |
Evidence:
|
Monitor and review security risk management process
|
|
Implement strategies to monitor risk environment. Completed |
Evidence:
|
Evaluate risk treatments against the objectives of the security plan. Completed |
Evidence:
|
Obtain feedback from stakeholders on the adequacy and need for current security measures affecting their work/area. Completed |
Evidence:
|
Convey recommendations for re-examination of security risk or improved risk treatments to the appropriate personnel. Completed |
Evidence:
|