^
 
 

Unit of competency details

BSBRKG604 - Determine security and access rules and procedures (Release 1)

Summary

Usage recommendation:
Superseded
Mapping:
MappingNotesDate
Is superseded by BSBINS512 - Monitor business records systems 18/Oct/2020
Supersedes and is equivalent to BSBRKG604B - Determine security and access rules and proceduresUpdated to meet Standards for Training Packages 24/Mar/2015

Releases:
ReleaseRelease date
1 1 (this release) 25/Mar/2015

Companion volumes:
Unit of competency Assessment requirements

Delivery:
Find RTOs approved to deliver this unit of competency.

Training packages that include this unit

Qualifications that include this unit

Classifications

SchemeCodeClassification value
ASCED Module/Unit of Competency Field of Education Identifier 080307 Organisation Management  

Classification history

SchemeCodeClassification valueStart dateEnd date
ASCED Module/Unit of Competency Field of Education Identifier 080307 Organisation Management  30/Jul/2015 
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form

Content

Compare:
Compare content of this unit of competency with other releases or training components
Download:

Unit of competency

Modification History

Release 

Comments 

Release 1

This version first released with BSB Business Services Training Package Version 1.0.

Application

This unit describes the skills and knowledge required to determine and establish the rules for access and use of records in an organisation, including classifications and procedures for managing access over time.

It applies to experienced individuals who use specialist knowledge of business and record-keeping operations and apply analytical and problem- solving skills relevant to organisational risk. The individual may have responsibility for a team or sole responsibility for their work within the business system.

No licensing, legislative or certification requirements apply to this unit at the time of publication.

Unit Sector

Knowledge Management – Recordkeeping

Elements and Performance Criteria

ELEMENT 

PERFORMANCE CRITERIA 

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Analyse access risks, rules and responsibilities

1.1 Establish, analyse and describe the impact of the legal and regulatory framework on access to records for the unit or the entire organisation

1.2 Analyse organisational documentation and information, copies of appraisal reports and access conditions for records of comparable organisations

1.3 Review risk analyses and existing access rules for currency, and determine and document any necessary modifications

1.4 Analyse usage patterns of records taking into account identified risks and existing access rules

1.5 Determine specific restrictions and other responses to regulatory obligations for records and activities

1.6 Determine responsibility for reviewing access decisions from collected organisational documentation and information

2. Develop access strategy, classifications and rules

2.1 Consider factors impacting on access rights in developing an access strategy from collected information, based on established responsibilities for access to records, and in response to identified difficulties and risks

2.2 Determine broad access classifications and reasons for access restrictions from regulatory requirements, identified risks and usage patterns of records within the jurisdiction

2.3 Compile criteria for applying access classifications to records, based on collected information and performed analyses

2.4 Develop rules for applying classifications

2.5 Circulate access classifications and draft rules to users of the business or records system for comment, identifying and analysing exceptions, and modifying classifications where appropriate

2.6 Determine compliance regime and jurisdictional access regime

2.7 Seek authorisation from appropriate body for access classifications and procedures

3. Develop procedures to integrate into business or records system

3.1 Determine access permissions and restrictions for records by applying access rules

3.2 Establish and document categories of users using analyses of access rules and records usage

3.3 Document access permissions and restrictions in relation to categories of users

3.4 Establish mechanisms to control user access applying to records and to users

3.5 Develop and document specifications for recording authorised use of records

3.6 Integrate authorised access procedures into business or records system rules and procedures, and document changes

4. Review and amend access classifications and rules

4.1 Develop procedures for reviewing access decisions and for responding to exceptions

4.2 Identify a hierarchy of responsibility for reviewing access decisions to comply with jurisdictional access regime

4.3 Communicate changes to access rules and procedures to all users

Foundation Skills

This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.

Skill 

Performance 

Criteria 

Description 

Reading

1.1-1.6, 2.1-2.3, 2.6, 3.2, 3.6, 4.2
  • Critically analyses documentation from a variety of sources to identify specific criteria and consolidates information to determine requirements

Writing

1.3,2.3-2.5, 2.7, 3.1-3.3, 3.5, 3.6, 4.1, 4.3
  • Produces accurate and logically structured documents using grammatical structures, language, terminology and concepts appropriate for audience

Oral Communication

2.5, 2.7, 4.3
  • Participates effectively in verbal exchanges using active listening and questioning to obtain feedback and to clarify information

Numeracy

1.4
  • Performs mathematical calculations to analyse usage data and to interpret trends

Navigate the world of work

1.1, 1.2, 1.5, 1.6, 2.2, 2.4, 2.6, 3.1, 3.2, 3.6, 4.1, 4.2
  • Determines and monitors adherence to organisational policies and procedures
  • Monitors adherence to legal and regulatory rights and responsibilities

Interact with others

2.5, 2.7, 4.3
  • Actively identifies the requirements of important communication exchanges, selecting appropriate channels, format and content to suit purpose and audience

Get the work done

1.1-1.6, 2.1-2.3, 2.6, 3.1, 3.2, 3.4, 4.1, 4.2
  • Develops plans to manage relatively complex, non-routine tasks with an awareness of how they contribute to longer term operational and strategic goals
  • Makes a range of critical and non-critical decisions in relatively complex situations, taking a range of factors and constraints into account
  • Recognises and addresses some unfamiliar problems of increasing complexity within own scope

Unit Mapping Information

Code and title  

current version 

Code and title 

previous version 

Comments 

Equivalence status 

BSBRKG604 Determine security and access rules and procedures

BSBRKG604B Determine security and access rules and procedures

Updated to meet Standards for Training Packages

Equivalent unit

Links

Companion Volume implementation guides are found in VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=11ef6853-ceed-4ba7-9d87-4da407e23c10

 

Assessment requirements

Modification History

Release 

Comments 

Release 1

This version first released with BSB Business Services Training Package Version 1.0.

Performance Evidence

Evidence of the ability to:

  • document usage and conduct a risk analysis of policies and procedures for implementing security and access rules
  • report on a recordkeeping access strategy, classifications and rules
  • document policies and procedures for recordkeeping in an organisation including access permissions, restrictions, and control mechanisms
  • report on success of implementation and amendments made in response to monitoring the implementation of the recordkeeping system.

Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.

Knowledge Evidence

To complete the unit requirements safely and effectively, the individual must:

  • outline the key provisions of relevant legislation, regulations, standards and documentation that affect recordkeeping systems
  • explain general principles and processes of records management and records management systems, such as:
  • systems of control
  • records continuum theory
  • mandate and ownership of business process
  • explain the reasons for access restrictions
  • describe the mechanisms to control user access
  • describe key features of organisational policies, strategies and procedures, particularly those relating to sensitive information.

Assessment Conditions

Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the knowledge management – recordkeeping field of work and include access to:

  • relevant legislation, regulations, standards and codes
  • relevant workplace documentation and resources
  • case studies and, where possible, real situations
  • interaction with others.

Assessors must satisfy NVR/AQTF assessor requirements.

Links

Companion Volume implementation guides are found in VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=11ef6853-ceed-4ba7-9d87-4da407e23c10

Back to top