Formats and tools
- Unit Description
- Reconstruct the unit from the xml and display it as an HTML page.
- Assessment Tool
- an assessor resource that builds a framework for writing an assessment tool
- Assessment Template
- generate a spreadsheet for marking this unit in a classroom environment. Put student names in the top row and check them off as they demonstrate competenece for each of the unit's elements and performance criteria.
- Assessment Matrix
- a slightly different format than the assessment template. A spreadsheet with unit names, elements and performance criteria in separate columns. Put assessment names in column headings to track which performance criteria each one covers. Good for ensuring that you've covered every one of the performance criteria with your assessment instrument (all assessement tools together).
- Wiki Markup
- mark up the unit in a wiki markup codes, ready to copy and paste into a wiki page. The output will work in most wikis but is designed to work particularly well as a Wikiversity learning project.
- Evidence Guide
- create an evidence guide for workplace assessment and RPL applicants
- Competency Mapping Template
- Unit of Competency Mapping – Information for Teachers/Assessors – Information for Learners. A template for developing assessments for a unit, which will help you to create valid, fair and reliable assessments for the unit, ready to give to trainers and students
- Observation Checklist
- create an observation checklist for workplace assessment and RPL applicants. This is similar to the evidence guide above, but a little shorter and friendlier on your printer. You will also need to create a seperate Assessor Marking Guide for guidelines on gathering evidence and a list of key points for each activity observed using the unit's range statement, required skills and evidence required (see the unit's html page for details)
- Self Assessment Survey
- A form for students to assess thier current skill levels against each of the unit's performance criteria. Cut and paste into a web document or print and distribute in hard copy.
- Moodle Outcomes
- Create a csv file of the unit's performance criteria to import into a moodle course as outcomes, ready to associate with each of your assignments. Here's a quick 'how to' for importing these into moodle 2.x
- Registered Training Organisations
- Trying to find someone to train or assess you? This link lists all the RTOs that are currently registered to deliver CPPSEC5004A, 'Prepare security risk management plan'.
- Google Links
- links to google searches, with filtering in place to maximise the usefulness of the returned results
- Books
- Reference books for 'Prepare security risk management plan' on fishpond.com.au. This online store has a huge range of books, pretty reasonable prices, free delivery in Australia *and* they give a small commission to ntisthis.com for every purchase, so go nuts :)
Elements and Performance Criteria
ELEMENT | PERFORMANCE CRITERIA |
1Evaluate security risks. | 1.1 Security risks are identified and consequences interpreted in accordance with client, organisational and legislative requirements and relevant standards. 1.2 Acceptable and unacceptable risks are clearly distinguished and confirmed. 1.3 High priority risks are emphasised and specified to ensure the development of appropriate controls. 1.4 Existing controls are evaluated to determine impact on risk occurrence and required modifications identified. |
2Develop action plans. | 2.1 Action plans are developed identifying key tasks, activities and resources to achieve security risk management objectives. 2.2 Type of risk associated with security context is identified and appropriate controls incorporated into planning processes. 2.3 Communication and reporting arrangements for maintaining currency of action plans are established. 2.4 Contingency arrangements for actions are developed and incorporated into plans. |
3Design treatment options. | 3.1 Operating environment monitored to confirm potential and real risks, threats and required treatments. 3.2 Treatment options are selected in line with available organisational practices, and implications researched, clarified and approved by relevant persons. 3.3 Feasible treatment options are documented and costed to ensure compatibility with nature of risk and client requirements. 3.4 Treatment options are linked to whole or part of security risks and verified with clients for suitability to security context. 3.5 Tests on treatment options are conducted to determine applicability in the field, and results statistically analysed to confirm effectiveness of treatments. |
4Develop security risk management plan. | 4.1 Management requirements are identified and accounted for in development of security risk management plan. 4.2 Procedures for monitoring and review of security risk management activities are developed to ensure continuous improvement. 4.3 Security risk management plan is developed incorporating all relevant information in line with appropriate format and relevant standards. 4.4 Plan is finalised and presented to client for review and approval in accordance with organisational procedures. |