^
 
 

Unit of competency details

ICTNWK550 - Design ICT system security controls (Release 1)

Summary

Usage recommendation:
Current
Mapping:
MappingNotesDate
Supersedes and is equivalent to ICTNWK520 - Design ICT system security controls 20/Jul/2020

Release Status:
Current
Releases:
ReleaseRelease date
1 1 (this release) 21/Jul/2020

Companion volumes:
Unit of competency Assessment requirements

Delivery:
Find RTOs approved to deliver this unit of competency.

Training packages that include this unit

Qualifications that include this unit

Classifications

SchemeCodeClassification value
ASCED Module/Unit of Competency Field of Education Identifier 020113 Networks And Communications  

Classification history

SchemeCodeClassification valueStart dateEnd date
ASCED Module/Unit of Competency Field of Education Identifier 020113 Networks And Communications  21/Jul/2020 
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form

Content

Compare:
Compare content of this unit of competency with other releases or training components
Download:

Unit of competency

Modification History

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 6.0.

Application

This unit describes the skills and knowledge required to design the security controls that confirm that an Information and Communications Technology (ICT) system is both physically and legally secure.

It applies to individuals in a range of ICT areas who are required to guarantee the security of ICT systems.

No licensing, legislative or certification requirements apply to this unit at the time of publication.

Unit Sector

Networking

Elements and Performance Criteria

ELEMENT 

PERFORMANCE CRITERIA 

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Review organisational security policy and procedures

1.1 Analyse business environment and identify organisational system security controls requirements

1.2 Determine legislative requirement for ICT security and impact on organisational requirements

1.3 Identify organisational ICT security threats

1.4 Document analysis findings and security requirements and submit to required personnel for approval

1.5 Seek and respond to feedback from required personnel as required

2. Develop security plan

2.1 Identify potential security attacks, threats and risks

2.2 Prioritise, categorise and document assessment results

2.3 Determine and document security plan according to organisational requirements

2.4 Submit plan to required personnel and seek feedback

2.5 Integrate approved changes into security plan and confirm compliance with statutory requirements

3. Implement system controls

3.1 Implement security controls according to security plan and confirm minimum risk of security breaches

3.2 Monitor each phase of implementation and determine organisational impact

3.3 Document implementation process according to organisational requirements

3.4 Plan risk assessment review process according to organisational requirements

Foundation Skills

This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.

S KILL 

DESCRIPTION 

Oral communication
  • Uses listening and questioning skills to confirm requirements, articulate and present complex concepts and matters using required terminology for intended audience

Reading
  • Interprets legislative, organisational and technical material to determine job requirements

Writing
  • Develops a broad range of business reports for a specific audience, using clear and detailed language to convey explicit information, requirements and recommendations

Planning and organising
  • Operates from a broad conceptual plan, developing the operational detail in stages, regularly reviewing priorities and performance during implementation and identifying and addressing issues

Problem solving
  • Monitors outcomes of decisions, considering results from a range of perspectives and identifying key concepts and principles that may be adaptable in the future

Self-management
  • Identifies and applies complex legislative or regulatory requirements required to own role and considers implications of any changes when planning and undertaking work

Technology
  • Identifies and applies complex principles, concepts, language and practices associated with the digital world
  • Monitors and controls access to digitally stored and transmitted information

Unit Mapping Information

Supersedes and is equivalent to ICTNWK520 Design ICT system security controls.

Links

Companion Volume Implementation Guide is found on VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2

 

Assessment requirements

Modification History

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 6.0.

Performance Evidence

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:

  • review organisations existing security policies and procedures and design and document security procedures and controls for a system on at least one occasion.

In the course of the above, the candidate must:

  • oversee the implementation and evaluation of the strategy.

Knowledge Evidence

The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:

  • communications security, including human organisational interactions
  • procedures for conducting information security risk assessments
  • internet security technologies and processes, including:
  • firewalls
  • physical security
  • security testing methods for performing security tests
  • wireless security
  • security threats
  • the impact of security policies, plans and strategies
  • general features of specific security technology
  • risk assessment
  • current industry standard security processes, including general features and capabilities of software and hardware solutions
  • legislative requirements and ethical standards expected when considering security controls, including:
  • ethics in Information and Communications Technology (ICT)
  • privacy issues.

Assessment Conditions

Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions are typical of those in a working environment in this industry.

This includes access to:

  • ICT security assurance specifications
  • probability, frequency and severity of direct and indirect harm, loss or misuse of the ICT system
  • risk analysis tools and methodologies
  • an ICT environment in which there are security risks
  • legislation, regulations and standards relating to security
  • existing organisational security policies.

Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.

Links

Companion Volume Implementation Guide is found on VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2

Back to top