Modification History
Not Applicable
Unit Descriptor
Unit descriptor |
This unit of competency specifies the outcomes required to determine effective security policies and controls. It requires the ability to identify key systems and assets, and the likelihood of threat against each asset. It also requires an ability to calculate the current risk for each asset. This unit may form part of the licensing requirements for persons engaged in risk assessment operations in those states and territories where these are regulated activities. |
Application of the Unit
Application of the unit |
This unit of competency has application in those work roles involving the assessment of risk in a security environment. Competency requires legal and operational knowledge applicable to relevant sectors of the security industry. The knowledge and skills described in this unit are to be applied within relevant legislative and organisational guidelines. |
Licensing/Regulatory Information
Refer to Unit Descriptor
Pre-Requisites
Not Applicable
Employability Skills Information
Employability skills |
This unit contains employability skills. |
Elements and Performance Criteria Pre-Content
Elements describe the essential outcomes of a unit of competency. |
Performance criteria describe the required performance needed to demonstrate achievement of the element. Where bold italicised text is used, further information is detailed in the required skills and knowledge section and/or the range statement. Assessment of performance is to be consistent with the evidence guide. |
Elements and Performance Criteria
ELEMENT |
PERFORMANCE CRITERIA |
1 Identify risks . |
1.1 Applicable provisions of legislative and organisational requirements , and relevant standards for assessment activities are identified and complied with. 1.2 Client operations, goals and objectives are discussed and confirmed in consultation with the client. 1.3 Context for identifying risk is based on an understanding of the operating environment and core business operations of the client. 1.4 Information is collected and assessed for currency, accuracy and relevance. 1.5 Terms of reference are identified in consultation with relevant persons and other sources of information and are updated, modified and maintained. 1.6 A structured plan for identifying and assessing risks is developed based on the terms of reference, the type and scale of the assessment task and the timeframe given for the assessment task. 1.7 Threat, consequence and vulnerability for each asset is compared in accordance with terms of reference. |
2 Analyse risks . |
2.1 Assessment criteria for measuring level of potential or existing risk together with an assessment of consequences are developed in accordance with terms of reference. 2.2 Gaps in the predetermined methodology are identified and reported to relevant persons, and where appropriate, options to meet these gaps are proposed. 2.3 Impacts of possible change in organisational business are allowed for during conduct of risk assessment. 2.4 Relevant information and data is assessed for validity and reliability and organised in a format suitable for review. 2.5 Risk potential is determined by assessment of valid and relevant data. |
3 Review and present findings . |
3.1 Analysis and options to overcome identified obstacles are supported by gathered and verifiable information. 3.2 Presented information uses clear and concise language, is free of inconsistencies and meets organisational standards of style, format and accuracy. 3.3 Feedback is sought and all additional information and queries are responded to promptly, courteously and accurately. 3.4 Countermeasures are broadly identified for future management decision-making purposes. 3.5 Relevant documentation is completed and securely maintained with due regard to client confidentiality. |
Required Skills and Knowledge
REQUIRED SKILLS AND KNOWLEDGE |
This section describes the skills and knowledge and their level required for this unit. |
Required skills |
|
Required knowledge |
|
Evidence Guide
EVIDENCE GUIDE |
||
The evidence guide provides advice on assessment and must be read in conjunction with the performance criteria, required skills and knowledge, range statement and the Assessment Guidelines for the Training Package. |
||
Critical aspects for assessment and evidence required to demonstrate competency in this unit |
A person who demonstrates competency in this unit must be able to provide evidence of:
|
|
Context of and specific resources for assessment |
Context of assessment includes:
Resource implications for assessment include:
Reasonable adjustments must be made to assessment processes where required for people with disabilities. This could include access to modified equipment and other physical resources, and the provision of appropriate assessment support. |
|
Method of assessment |
This unit of competency could be assessed using the following methods of assessment:
|
|
Guidance information for assessment |
Assessment processes and techniques must be culturally appropriate and suitable to the language, literacy and numeracy capacity of the candidate and the competency being assessed. In all cases where practical assessment is used, it should be combined with targeted questioning to assess the underpinning knowledge. Oral questioning or written assessment may be used to assess underpinning knowledge. In assessment situations where the candidate is offered a choice between oral questioning and written assessment, questions are to be identical. Supplementary evidence may be obtained from relevant authenticated correspondence from existing supervisors, team leaders or specialist training staff. |
Range Statement
RANGE STATEMENT |
|
The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included. |
|
Legislative requirements may relate to : |
|
Organisational requirements may relate to : |
|
Relevant standards : |
|
Clients may include : |
|
Risk relates to : |
|
Security risks may relate to : |
|
Information may include : |
|
Terms of reference may include : |
|
Relevant persons may include : |
|
Sources of information may include : |
|
A structured plan can be constructed by using : |
|
Assets may include : |
|
Assessment criteria may be based on : |
|
Relevant information and data may include : |
|
Countermeasures may relate to : |
|
Unit Sector(s)
Unit sector |
Security |
Competency field
Competency field |
Security and risk management |