Unit of competency
Modification History
Release 1 |
This version first released with CPP Property Services Training Package Release 9.0. Supersedes and is equivalent to CPPSEC4007A Assess threat. Updated to meet the Standards for Training Packages. |
Application
This unit specifies the skills and knowledge required to identify security threats and assess their impact on client operations. It includes analysing client operations and existing security arrangements, assessing assets and activities to determine their criticality to client operations, and conducting a consequence analysis to measure the impact of identified threats.
This unit is suitable for those using specialised knowledge to complete routine and non-routine tasks and using their own judgement to deal with predictable and sometimes unpredictable problems.
Legislative, regulatory or certification requirements apply in some states and territories to the provision of advice on security solutions, strategies, protocols and procedures. For further information, check with the relevant regulatory authority.
Pre-requisite Unit
None.
Unit Sector
Security/Risk management
Elements and Performance Criteria
Elements describe the essential outcomes. |
Performance criteria describe what needs to be done to demonstrate achievement of the element. |
||
1 |
Analyse client operations and security arrangements. |
1.1 |
Access and interpret key requirements of legislation, regulations and workplace policies and procedures and apply to work instructions to ensure compliance. |
1.2 |
Consult with relevant persons to confirm threat assessment terms of reference, costs and timeframes. |
||
1.3 |
Consult with client to confirm their core business, operating environment, goals and objectives. |
||
1.4 |
Source valid and reliable information to clarify client assets and analyse existing security arrangements. |
||
1.5 |
Recognise own limitations in assessing security threats and access specialist resources or advice to meet client requirements. |
||
2 |
Identify, assess and monitor security threats. |
2.1 |
Develop threat assessment criteria comprising qualitative and quantitative measures. |
2.2 |
Evaluate gathered information and source additional required intelligence or information to ensure all relevant information is included in threat assessment. |
||
2.3 |
Apply threat assessment criteria to identify possible causes and sources of potential and existing security threats to client operations. |
||
2.4 |
Assess likelihood and realisation of identified threats to client operations. |
||
2.5 |
Systematically monitor identified threats and modify threat assessment to respond to changing roles, locations and operational stability. |
||
3 |
Undertake threat consequence analysis. |
3.1 |
Assess assets and activities to determine criticality to client operations. |
3.2 |
Assess reliability, availability and capacity of operational back-up systems for assets and activities. |
||
3.3 |
Assess threat impact on client operations to measure and analyse consequences. |
||
3.4 |
Confirm potential consequences of security threats in consultation with relevant persons. |
||
4 |
Finalise threat assessment and present findings. |
4.1 |
Identify contingency arrangements to protect client operations and incorporate recommended strategies into final threat assessment. |
4.2 |
Finalise security threat assessment and check to ensure findings and recommendations are supported by verifiable information. |
||
4.3 |
Use information technologies to document and present security threat assessment in a format and style to meet workplace requirements. |
||
4.4 |
Present final security threat assessment to relevant persons for feedback within agreed timeframes. |
||
4.5 |
Use questioning and active listening to explain identified security threats and consequences and recommended contingency arrangements. |
||
4.6 |
Complete and secure threat assessment documentation in a manner that facilitates future retrieval and maintains confidentiality. |
Foundation Skills
As well as the foundation skills explicit in the performance criteria of this unit, candidates require:
- oral communication skills to use clear explanations, active listening and questioning skills to convey and clarify information when assessing client operations
- writing skills to document succinct and logically structured security threat assessments.
Unit Mapping Information
Supersedes and equivalent to CPPSEC4007A Assess threat.
Links
Companion volumes to this training package are available at the VETNet website - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=6f3f9672-30e8-4835-b348-205dfcf13d9b