The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!
From the Wiki University
What evidence can you provide to prove your understanding of each of the following citeria?
Implement security plan
|
|
Security risks are treated/countermeasures are implemented in accordance with the security plan Completed |
Evidence:
|
Security plan is implemented to meet timeframe and budgetary requirements Completed |
Evidence:
|
Countermeasures are implemented in compliance with legal requirements, government and organisational policy Completed |
Evidence:
|
Residual risks are documented and monitored Completed |
Evidence:
|
Monitor the risk environment
|
|
Strategies to monitor the risk environment are determined and documented Completed |
Evidence:
|
Security risks, and the type/s and source/s of threats are monitored to detect changing circumstances that may alter risk management priorities Completed |
Evidence:
|
Monitoring is conducted on a regular basis in accordance with organisational policy and procedures Completed |
Evidence:
|
Changes to the organisation are monitored to identify circumstances where re-examination of the security environment becomes necessary Completed |
Evidence:
|
Results of monitoring are documented and acted on Completed |
Evidence:
|
Evaluate security plan
|
|
Risk treatments are monitored to gauge whether they are being implemented properly and fully Completed |
Evidence:
|
Treatments are evaluated against the objectives of the security plan to ensure they remain effective and/or necessary Completed |
Evidence:
|
Feedback is obtained from stakeholders on the adequacy and need for current security measures affecting their work area Completed |
Evidence:
|
Weaknesses in the security plan are identified and addressed in accordance with organisational policy and procedures Completed |
Evidence:
|
Security plan is reviewed on an on-going basis, as a result of incidents, breaches, and changes in circumstances Completed |
Evidence:
|
Security plan is updated in accordance with organisational policies, procedures and guidelines to reflect current circumstances Completed |
Evidence:
|