Formats and tools
- Unit Description
- Reconstruct the unit from the xml and display it as an HTML page.
- Assessment Tool
- an assessor resource that builds a framework for writing an assessment tool
- Assessment Template
- generate a spreadsheet for marking this unit in a classroom environment. Put student names in the top row and check them off as they demonstrate competenece for each of the unit's elements and performance criteria.
- Assessment Matrix
- a slightly different format than the assessment template. A spreadsheet with unit names, elements and performance criteria in separate columns. Put assessment names in column headings to track which performance criteria each one covers. Good for ensuring that you've covered every one of the performance criteria with your assessment instrument (all assessement tools together).
- Wiki Markup
- mark up the unit in a wiki markup codes, ready to copy and paste into a wiki page. The output will work in most wikis but is designed to work particularly well as a Wikiversity learning project.
- Evidence Guide
- create an evidence guide for workplace assessment and RPL applicants
- Competency Mapping Template
- Unit of Competency Mapping – Information for Teachers/Assessors – Information for Learners. A template for developing assessments for a unit, which will help you to create valid, fair and reliable assessments for the unit, ready to give to trainers and students
- Observation Checklist
- create an observation checklist for workplace assessment and RPL applicants. This is similar to the evidence guide above, but a little shorter and friendlier on your printer. You will also need to create a seperate Assessor Marking Guide for guidelines on gathering evidence and a list of key points for each activity observed using the unit's range statement, required skills and evidence required (see the unit's html page for details)
- Self Assessment Survey
- A form for students to assess thier current skill levels against each of the unit's performance criteria. Cut and paste into a web document or print and distribute in hard copy.
- Moodle Outcomes
- Create a csv file of the unit's performance criteria to import into a moodle course as outcomes, ready to associate with each of your assignments. Here's a quick 'how to' for importing these into moodle 2.x
- Registered Training Organisations
- Trying to find someone to train or assess you? This link lists all the RTOs that are currently registered to deliver ICAS6254A, 'Manage IT security'.
- Google Links
- links to google searches, with filtering in place to maximise the usefulness of the returned results
- Books
- Reference books for 'Manage IT security' on fishpond.com.au. This online store has a huge range of books, pretty reasonable prices, free delivery in Australia *and* they give a small commission to ntisthis.com for every purchase, so go nuts :)
Elements and Performance Criteria
ELEMENT | PERFORMANCE CRITERIA |
1. Manage data security | 1.1. Ensure that security classification and data management policies and guidance are issued and updated 1.2. Specify policy and coordinate review and approval 1.3. Report compliance of data security policies to management 1.4. Implement appropriate changes and improvement actions as required |
2. Manage enterprise continuity | 2.1. Coordinate with corporate stakeholders to establish the enterprise continuity of operations program 2.2. Acquire the necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program 2.3. Define the enterprise continuity of operations organizational structure and staffing model 2.4. Define emergency delegations of authority and orders of succession for key positions 2.5. Direct contingency planning, operations, and programs to manage risk 2.6. Define the scope of the enterprise continuity of operations program to address business continuity, business recovery, contingency planning, and disaster recovery and related activities 2.7. Integrate enterprise concept of operations activities with related contingency planning activities 2.8. Establish an enterprise continuity of operations performance measurement program 2.9. Identify and prioritize critical business functions 2.10. Implement appropriate changes and improvement actions as required |
3. Manage incidents | 3.1. Coordinate with stakeholders to establish the incident management program 3.2. Establish relationships between the incident response team and other groups 3.3. Acquire and manage the resources, including financial resources, for the incident management functions 3.4. Ensure the coordination between the incident response team and the security administration and technical support teams 3.5. Apply lessons learned from information security incidents to improve incident management processes and procedures 3.6. Implement appropriate changes and improvement actions as required |
4. Manage networks and telecommunications security | 4.1. Establish a network security and telecommunications program in line with enterprise policy and security goals 4.2. Manage the necessary resources, including financial resources, to establish and maintain an effective network security and telecommunications program 4.3. Direct network security and telecommunications personnel 4.4. Establish communications between the network security and telecommunications team and related security teams 4.5. Integrate network security and telecommunications program activities with technical support, security administration, and incident response activities 4.6. Establish a network security and telecommunications performance measurement program 4.7. Ensure enterprise compliance with applicable network-based documents 4.8. Ensure that network-based audits and management reviews are conducted to implement process improvement 4.9. Implement appropriate improvement actions, as required |
5. Manage system and application security | 5.1. Establish the IT system and application security engineering program 5.2. Acquire the necessary resources, including financial resources, to support the integration of security in the SDLC 5.3. Guide IT security personnel through the SDLC phases 5.4. Define the scope of the IT security program as it applies to the application of SDLC 5.5. Plan the IT security program components into the SDLC |