^
 
 

Unit of competency details

CPPSEC5004 - Develop security risk management plans (Release 1)

Summary

Usage recommendation:
Current
Mapping:
MappingNotesDate
Supersedes and is equivalent to CPPSEC5004A - Prepare security risk management planSupersedes and equivalent to CPPSEC5004A Prepare security risk management plan. 29/Sep/2019

Release Status:
Current
Releases:
ReleaseRelease date
1 1 (this release) 30/Sep/2019

Companion volumes:
Unit of competency Assessment requirements

Delivery:
Find RTOs approved to deliver this unit of competency.

Training packages that include this unit

Qualifications that include this unit

Classifications

SchemeCodeClassification value
ASCED Module/Unit of Competency Field of Education Identifier 099905 Security Services  

Classification history

SchemeCodeClassification valueStart dateEnd date
ASCED Module/Unit of Competency Field of Education Identifier 099905 Security Services  30/Sep/2019 
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form

Content

Compare:
Compare content of this unit of competency with other releases or training components
Download:

Unit of competency

Modification History

Release 1

This version first released with CPP Property Services Training Package Release 9.0.

Supersedes and is equivalent to CPPSEC5004A Prepare security risk management plan. Updated to meet the Standards for Training Packages.

Application

This unit specifies the skills and knowledge required to develop comprehensive security risk management plans based on the principles of ISO 31000:2018 Risk management – Guidelines (ISO 31000). It includes identifying and evaluating security risks and existing control measures, developing action plans to identify and manage risks, designing risk treatment options and testing them in the field as part of a security risk management strategy.

This unit is suitable for those using a broad range of cognitive, technical and communication skills to select and apply methods and technologies to analyse information and provide solutions to sometimes complex problems.

Legislative, regulatory or certification requirements apply in some states and territories to the provision of advice on security solutions, strategies, protocols and procedures. For further information, check with the relevant regulatory authority.

Pre-requisite Unit

None.

Unit Sector

Security/Risk management

Elements and Performance Criteria

Elements describe the essential outcomes.

Performance criteria describe what needs to be done to demonstrate achievement of the element.

1

Evaluate security risks and controls.

1.1

Access and interpret key requirements of legislation, regulations and Australian standard ISO 31000 to understand and comply with requirements for developing security risk management plans.

1.2

Clarify client security requirements and operating environment in consultation with relevant persons.

1.3

Source and review information to identify security risks.

1.4

Clearly distinguish and confirm acceptable and unacceptable security risks.

1.5

Set priorities for risk treatment and assurance of controls.

1.6

Highlight and specify risks that are high priority to ensure appropriate controls are developed.

1.7

Evaluate existing controls to determine impact on risk occurrence and implement required modifications.

2

Plan risk management strategies.

2.1

Develop and document action plans that identify tasks, activities and resources required to achieve security risk management objectives.

2.2

Select security risk control measures based on assessed type, nature, cause and degree of risk associated with identified security risks.

2.3

Incorporate actions to respond to contingencies when planning risk management strategies.

2.4

Establish communication and reporting arrangements to maintain currency of action plans in consultation with relevant persons.

3

Design security risk treatment options.

3.1

Assess client’s operating environment to confirm potential and real security risks.

3.2

Select feasible risk treatment options and conduct research to confirm implications for controlling whole or part of security risks.

3.3

Document and cost recommended risk treatment options to ensure compatibility with nature of risk and client requirements.

3.4

Consult with relevant persons to verify suitability of recommended risk treatment options and obtain required approvals.

3.5

Test risk treatment options in the field and analyse results to verify effectiveness of treatments in the security context.

4

Finalise and present security risk management plan.

4.1

Finalise and document comprehensive security risk management plan in the required format according to workplace requirements.

4.2

Check security risk management plan to ensure analysis and recommendations are clear, coherent and consistent with client requirements, and based on the principles of ISO 31000.

4.3

Present risk management plan to relevant persons within agreed timeframes and explain identified security risks and treatments to enhance understanding and acceptance of recommendations.

4.4

Implement procedures to monitor and review security risk management activities to ensure continuous improvement.

4.5

Complete and secure risk management plan in a manner that facilitates future retrieval and maintains client confidentiality according to workplace and regulatory requirements.

Foundation Skills

As well as the foundation skills explicit in the performance criteria of this unit, candidates require:

  • oral communication skills to negotiate client agreement
  • writing skills to prepare succinct and logically structured security risk management plans
  • numeracy skills to apply statistical methods and present statistical data.

Unit Mapping Information

Supersedes and equivalent to CPPSEC5004A Prepare security risk management plan.

Links

Companion volumes to this training package are available at the VETNet website - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=6f3f9672-30e8-4835-b348-205dfcf13d9b

 

Assessment requirements

Modification History

Release 1

This version first released with CPP Property Services Training Package Release 9.0.

Supersedes and is equivalent to CPPSEC5004A Prepare security risk management plan. Updated to meet the Standards for Training Packages.

Performance Evidence

To demonstrate competency, a candidate must meet the performance criteria of this unit by developing and documenting two security risk management plans that meet the requirements of clients with different risk management requirements.

Knowledge Evidence

To be competent in this unit, a candidate must demonstrate knowledge of:

  • legislative and regulatory requirements that apply when developing security risk management plans:
  • key requirements of legislation, regulations and codes of conduct for security risk management in the jurisdiction of operation
  • legal rights and responsibilities of employers, supervisors and employees associated with work health and safety and duty of care
  • licensing requirements in the security industry
  • trespass and removal of persons
  • use of force
  • application of integrated security measures including physical security, manpower, security technologies and security of personnel and information
  • distinction between information and intelligence and methods for validating information sources
  • activities to be included in action plans for security risk management
  • implications for security risk management arising from:
  • National Guidelines for the Protection of Places of Mass gathering from Terrorism
  • Active Armed Offender Guidelines for Crowded Places
  • Improvised Explosive Device Guidelines for Crowded Places
  • Chemical Weapon Guidelines for Crowded Places
  • Hostile Vehicle Guidelines for Crowded Places
  • methods for determining the type, nature and causes of potential and actual security risks
  • methods for distinguishing between acceptable and unacceptable security risks
  • methods for prioritising security risks and treatment options based on degree of risk
  • methods for testing treatment options in the field
  • process and application of dynamic risk assessment and risk management methods
  • purpose of Australia’sStrategy for Protecting Crowded Places from Terrorism and understanding of:
  • definition of crowded places
  • key security issues for crowded places
  • objectives, characteristics and identification of active armed offenders
  • definition of hostile vehicles and methods of attack
  • signs of chemical weapons attack and recommend response
  • general features of improvised explosive devices and recommended incident response
  • recognised industry practice and application of ISO 31000:2018 Risk management – Guidelines (ISO 31000) when designing security risk management strategies and treatment options
  • types of treatment options appropriate to the range of security risks and threats to various client operating environments:
  • assets
  • buildings
  • crowded places
  • mass gatherings.

Assessment Conditions

Assessors must meet the requirements for assessors contained in the Standards for Registered Training Organisations.

All individuals engaged by a licensed RTO for security licensing purposes must hold both a security trainers licence (where such a licence exists within the relevant jurisdiction) and the licence for performing the security activities for which the individual is providing training or assessment. Regulators may impose other assessor conditions to meet jurisdictional assessment requirements.

Assessment must be conducted in the workplace or in a simulated workplace environment. Candidates must have access to:

  • legislation, regulations and codes of practice that apply to developing security risk management plans in the jurisdiction of operation
  • client instructions and operating environment information, resources and information technologies required to achieve the performance evidence
  • ISO 31000
  • National Guidelines for the Protection of Places of Mass gathering from Terrorism
  • Australia’s Strategy for Protecting Crowded Places from Terrorism
  • National Guidelines for the Protection of Places of Mass gathering from Terrorism
  • Active Armed Offender Guidelines for Crowded Places
  • Improvised Explosive Device Guidelines for Crowded Places
  • Chemical Weapon Guidelines for Crowded Places
  • Hostile Vehicle Guidelines for Crowded Places.

Links

Companion volumes to this training package are available at the VETNet website - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=6f3f9672-30e8-4835-b348-205dfcf13d9b

Back to top