Unit of competency
Modification History
Release |
Comments |
Release 1 |
This version first released with ICT Information and Communications Technology Training Package Version 6.0. |
Application
This unit describes the skills and knowledge required to develop, implement and evaluate information security in an Information and Communications Technology (ICT) system or application during the system development life cycle (SDLC) and prior to the operations and maintenance phase.
It applies to individuals who work as network managers and required to handle system and application security from the development phase through implementation to evaluation.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Unit Sector
Networking
Elements and Performance Criteria
ELEMENT |
PERFORMANCE CRITERIA |
Elements describe the essential outcomes. |
Performance criteria describe the performance needed to demonstrate achievement of the element. |
1. Develop system and application security |
1.1 Identify organisational ICT system and application security requirements 1.2 Determine and document ICT system and application security plan according to organisational requirements 1.3 Identify risk-based audit performance criteria against the ICT system or application 1.4 Develop and document required mitigation of vulnerabilities processes and procedures 1.5 Integrate information security requirements, controls, processes and procedures into ICT system and application design specifications |
2. Implement system and application security |
2.1 Execute and verify operational compliance according to technical and organisational requirements 2.2 Perform required configuration management practices and mitigate introduction of vulnerabilities 2.3 Validate and re-engineer ICT system and application security controls and operations phase vulnerabilities 2.4 Document ICT system and application security controls according to organisational policies and procedures |
3. Evaluate system and application security |
3.1 Assess effectiveness of information system controls against required risk management practices and procedures 3.2 Assess and evaluate system compliance against organisational requirements 3.3 Assess system maturation and readiness for promotion to production stage according to organisational requirements 3.4 Document assessment findings and submit to required personnel |
Foundation Skills
This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.
S KILL |
D ESCRIPTION |
Reading |
|
Writing |
|
Planning and organising |
|
Problem solving |
|
Self-management |
|
Technology |
|
Unit Mapping Information
Supersedes and is equivalent to ICTNWK510 Develop, implement and evaluate system and application security.
Links
Companion Volume Implementation Guide is found on VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2