^

 
 

Unit of competency details

ICTNWK616 - Manage security, privacy and compliance of cloud service deployment (Release 1)

Summary

Usage recommendation:
Superseded
Mapping:
MappingNotesDate
Supersedes and is equivalent to ICANWK616A - Manage security, privacy and compliance of cloud service deploymentUpdated to meet Standards for Training Packages. 24/Mar/2015
Is superseded by and equivalent to ICTCLD602 - Manage information security compliance of cloud service deployment 20/Jul/2020

Release Status:
Current
Releases:
ReleaseRelease date
1 1 (this release) 25/Mar/2015


Classifications

SchemeCodeClassification value
ASCED Module/Unit of Competency Field of Education Identifier 029901 Security Science  

Classification history

SchemeCodeClassification valueStart dateEnd date
ASCED Module/Unit of Competency Field of Education Identifier 029901 Security Science  30/Jul/2015 
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form

Unit Of competency

Modification History

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 1.0.

Application

This unit describes the skills and knowledge required to manage cloud security controls, and privacy and legal compliance, when implementing cloud services for an enterprise.

It applies to those with managerial responsibility, such as experienced security technical specialists, security analysts and security consultants.

No licensing, legislative or certification requirements apply to this unit at the time of publication.

Unit Sector

Networking

Elements and Performance Criteria

ELEMENT 

PERFORMANCE CRITERIA 

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Manage enterprise cloud security controls

1.1 Identify the cloud security issues faced by different delivery and deployment models relevant to the enterprise

1.2 Determine the specific enterprise areas of security responsibility

1.3 Implement the most relevant security controls and measures, to protect identified areas of responsibility

2. Manage enterprise cloud privacy and compliance

2.1 Identify the relevant compliance regulations relating to data storage

2.2 Determine the most relevant business continuity and data recovery plans

2.3 Identify, secure and maintain, the relevant logs and audit trails

2.4 Investigate and review legal, privacy and contractual issues to ensure that they meet the enterprise policy

3. Review, implement and document cloud security, privacy and compliance enhancements

3.1 Implement the appropriate changes, and integrate them into the current enterprise’s continuity of operation program (COOP)

3.2 Establish a performance measurement program, to evaluate the security effectiveness of implemented security controls

3.3 Provide relevant documentation as part of COOP, for audit tracking purposes

Foundation Skills

This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.

Skill 

Performance Criteria 

Description 

Reading

1.1, 1.2, 2.1, 2.3, 2.4

  • Organises, evaluates and critiques ideas, and information, from a wide range of complex texts

Writing

2.3, 3.3

  • Demonstrates sophisticated writing skills by selecting the appropriate conventions and stylistic devices, to express precise meaning

Navigate the world of work

1.1

  • Works autonomously making high-level decisions to achieve, and improve, organisational goals
  • Develops and implements strategies, that ensure that organisational policies, procedures and regulatory requirements are being met

Get the work done

1.2, 1.3, 2.1-2.4, 3.1-3.3

  • Plans strategic priorities and outcomes within a flexible, efficient and effective context, in a diverse environment, exposed to competing demands
  • Gathers and analyses data, and seeks feedback to improve plans and processes
  • Makes high-impact decisions in a complex and diverse environment, using input from a range of sources
  • Identifies the key factors that impact on decisions and their outcomes, drawing on experience, competing priorities, and decision- making strategies, where appropriate
  • Explores and incubates, new and innovative ideas, through unconstrained analysis and critical thinking, to develop and improve the organisation’s goals

Unit Mapping Information

Code and title 

current version 

Code and title 

previous version 

Comments 

Equivalence status 

ICTNWK616 Manage security, privacy and compliance of cloud service deployment

ICANWK616A Manage security, privacy and compliance of cloud service deployment

Updated to meet Standards for Training Packages.

Equivalent unit

Links

Companion Volume implementation guides are found in VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2

 

Assessment requirements

Modification History

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 1.0.

Performance Evidence

Evidence of the ability to:

  • identify, manage and implement cloud security controls, according to legal and privacy requirements
  • integrate the cloud security plans into the enterprise’s existing security plans
  • develop an ongoing performance measurement and evaluation review process.

Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.

Knowledge Evidence

To complete the unit requirements safely and effectively, the individual must:

  • review the business and commercial issues relating to the management of cloud security
  • research the legislation, organisational and jurisdictional policy and procedures that may impact on management areas including:
  • cloud-related privacy issues
  • codes of ethics and conduct
  • equal employment opportunity, equity and diversity principles
  • financial management requirements
  • governance requirements
  • determine management specifications and objectives
  • identify the management tools and techniques suited to a range of complex project activities
  • describe the organisational and political context
  • evaluate the systems development life cycle (SDLC)
  • determine the techniques for critical analysis in a management context.

Assessment Conditions

Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions and time variances must be typical of those experienced in the network industry, and include access to:

  • the cloud information and communications technology (ICT) business specifications
  • the cloud ICT security assurance specifications
  • management-related scenarios
  • a cloud-focused security environment, including threats to security that are, or are held to be, present in the environment
  • information on the security environment, including:
  • laws or legislation
  • existing enterprise security policies
  • enterprise expertise
  • risk analysis tools and methodologies currently used in industry.

Assessors must satisfy NVR/AQTF assessor requirements.

Links

Companion Volume implementation guides are found in VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2