^

 
 

Unit of competency details

ICTNWK549 - Design ICT security frameworks (Release 1)

Summary

Usage recommendation:
Current
Mapping:
MappingNotesDate
Supersedes and is equivalent to ICTNWK519 - Design an ICT security framework 20/Jul/2020

Release Status:
Current
Releases:
ReleaseRelease date
1 1 (this release) 21/Jul/2020


Classifications

SchemeCodeClassification value
ASCED Module/Unit of Competency Field of Education Identifier 020305 Systems Analysis And Design  

Classification history

SchemeCodeClassification valueStart dateEnd date
ASCED Module/Unit of Competency Field of Education Identifier 020305 Systems Analysis And Design  21/Jul/2020 
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form

Unit Of competency

Modification History

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 6.0.

Application

This unit describes the skills and knowledge required to evaluate Information and Communications Technology (ICT) security requirements for a new system and to plan for controls and contingencies.

It applies to individuals working in senior roles in the networking area who are required to design security for new ICT systems or similar.

No licensing, legislative or certification requirements apply to this unit at the time of publication.

Unit Sector

Networking

Elements and Performance Criteria

ELEMENT 

PERFORMANCE CRITERIA 

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Research ICT security requirements

1.1 Analyse and determine statutory, commercial and application security requirements

1.2 Assess impact on the existing ICT system

1.3 Identify additional ICT security requirements

1.4 Document security requirements and submit for approval from required personnel

2. Conduct risk analysis

2.1 Identify internal and external security threats according to organisational security requirements

2.2 Develop security alleviation controls and contingencies according to organisational security requirements

2.3 Determine costs and additional resource requirements associated with contingencies

2.4 Conduct and document risk assessment recommendations

2.5 Submit to required personnel for feedback

3. Develop ICT security policy and operational procedures

3.1 Develop security policies and align to organisational security strategy

3.2 Create and document work procedures and align to organisational security policies

3.3 Document operating procedures

3.4 Submit all documentation to required personnel for feedback

Foundation Skills

This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.

S KILL 

DESCRIPTION 

Learning

  • Demonstrate operation from a broad conceptual plan, developing the operational detail in stages and regularly reviewing priorities and performance

Numeracy

  • Interprets numerical data to develop a broad plan, budget and strategy

Oral communication

  • Uses listening and questioning skills to confirm knowledge for requirements and articulates information clearly and concisely

Reading

  • Demonstrates knowledge and knowledge of legislative, organisational and technical material to determine job requirements

Writing

  • Develops a broad range of procedural material for a specific audience, using clear and detailed language to convey explicit information, requirements and recommendations

Teamwork

  • Identifies the requirements of important communication exchanges, selecting required channels, format, tone and content to suit purpose and audience

Problem solving

  • Identifies and applies complex principles, concepts, language and practices associated with the digital world

Self-management

  • Identifies and applies complex own legal rights and responsibilities and understands general legal principles applicable across work contexts
  • Takes responsibility for high-impact decisions in complex situations involving many variables and constraints
  • Recognises complex anomalies and subtle deviations to normal expectations, focussing attention on critical issues and variables

Technology

  • Uses digital technologies and systems safely and legally when gathering, storing, accessing and sharing information, with a growing awareness of the permanence and transparency of all activities
  • Unit Mapping Information

    Supersedes and is equivalent to ICTNWK519 Design an ICT security framework.

    Links

    Companion Volume Implementation Guide is found on VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2

     

    Assessment requirements

    Modification History

    Release 

    Comments 

    Release 1

    This version first released with ICT Information and Communications Technology Training Package Version 6.0.

    Performance Evidence

    The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:

    • determine and develop security policies and operating procedures on at least one occasion.

    In the course of the above, the candidate must:

    • conduct risk analysis
    • analyse and identify organisation’s security requirements
    • research and assess security framework requirements with consideration of statutory and commercial requirements
    • identify associated costs.

    Knowledge Evidence

    The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:

    • industry standard design criteria for a security framework, including:
    • organisation’s business domain
    • legislation relating to Information and Communications Technology (ICT) security
    • current industry standard hardware
    • current industry standard software products
    • industry standard security features and capabilities
    • operating systems
    • risk relating to ICT security
    • industry standard security considerations for businesses, including:
    • typical environments
    • threats
    • policies and strategies.

    Assessment Conditions

    Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions are typical of those in a working environment in this industry.

    This includes access to:

    • information on the security environment
    • laws and legislation relevant to ICT security
    • existing organisational security policies
    • security environment, which also includes the threats to security that are, or are held to be, present in the environment
    • risk analysis tools.

    Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.

    Links

    Companion Volume Implementation Guide is found on VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2