ESKISP Direct security testing

Size: px
Start display at page:

Download "ESKISP6056.01 Direct security testing"

Transcription

1 Direct security testing Overview This standard covers the competencies concerning with directing security testing activities. It includes setting the strategy and policies for security testing, and being fully accountable for successful security testing activities and deliverables. This includes developing and implementing methodologies for assessing the level of assurance of information systems and the correct implementation of mitigation measures. ESKISP Direct security testing 1

2 Performance criteria You must be able to: P1 be fully accountable for all penetration and information security testing activities, results and recommendations for mitigation P2 P3 P4 P5 P6 P7 P8 P9 design, develop, implement and maintain the policy and standards to provide a detailed information security testing framework for use within the organisation review, improve and update penetration testing methods and tools to continue to provide effective testing services ensure penetration testing activities and reports are clearly documented design, develop, implement and maintain resourcing and training strategy and plans to retain and develop appropriate penetration and information security testing expertise within the organisation continually monitor information security threat trends and keep aware of the latest information providing informed guidance to penetration testing activities monitor the quality and effectiveness of penetration testing activities, critically reviewing the approach and process and making recommendations for improvement where appropriate provide timely and objective advice and guidance to others on all aspects of information security testing activities including penetration testing best practice and the application of lessons learned maintain an authoritative position on proactive information security testing to identify and disseminate new threats to contribute to the body of knowledge P10 develop communication processes for internal and external parties (e.g. customers) relating to penetration testing activities and results P11 authorise the issue of formal reports to management on the effectiveness and efficiency of security testing, in appropriate ESKISP

3 language for the audience P12 provide thought leadership on the discipline of information security testing, contributing to internal best practice and to externally recognised publications, white papers etc P13 take timely and decisive action in the event of information security testing activities and their deliverables not complying with relevant legislation, regulations, and internal and external standards ESKISP

4 Knowledge and understanding You need to know and understand: K1 K2 K3 K4 K5 K6 K7 K8 K9 who are the executive sponsors and stakeholders of information security testing activities within the organisation the need to advise and guide others on all aspects of information security testing activities how to manage the implications and consequences: K3.1 of failure to identify and mitigate/control risks that arise K3.2 of information security testing activities failing to meet the expectations of the business sources of best practice in information security testing activities the importance of analysing the results gained from monitoring the alignment of information security testing activities and their deliverables with all relevant legislation, regulation, internal and external standards, in line with organisational strategy, policies and standards the scope of information assurance governance within the organisation the importance of establishing effective capabilities for the assurance of information assets with the organisation the need to have effective and coordinated governance of a range of activities, including risk management, information security, vulnerability assessments, security education and awareness training the need to ensure that timely and effective independent review of information security testing activities takes place K10 how to objectively analyse the findings from independent review of information security testing activities and report recommendations to sponsors and stakeholders ESKISP

5 K11 how to design and develop strategy, policies plans and standards to ensure the alignment with all relevant legislation, regulations and external standards K12 the importance of using lessons learned in order to inform future information security testing ESKISP

6 Direct security testing Developed by e-skills UK Version number 1 Date approved February 2013 Indicative review date Validity Status Originating organisation Original URN Relevant occupations Suite Key words December 2015 Current Original e-skills UK ESKISP Information and Communication Technology; Information and Communication Technology Professionals; Information and Communication Technology Officer; IT Service Delivery Occupations; Software Development Information Security Cyber Security; Information Security ESKISP Direct security testing 6

ESKISP6046.02 Direct security architecture development

ESKISP6046.02 Direct security architecture development Overview This standard covers the competencies concerned with directing security architecture activities. It includes setting the strategy and policies for security architecture, and being fully accountable

More information

ESKISP6054.01 Conduct security testing, under supervision

ESKISP6054.01 Conduct security testing, under supervision Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to

More information

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies IT Professional Standards Information Security Discipline Sub-discipline 605 Information Security Testing and Information Assurance Methodologies December 2012 Draft Version 0.6 DOCUMENT REVIEW Document

More information

ESKISP6055.01 Manage security testing

ESKISP6055.01 Manage security testing Overview This standard covers the competencies concerning with managing security testing activities. Including managing resources activities and deliverables. This includes planning, conducting and reporting

More information

ESKITP6026 IT Security Management Level 6 Role

ESKITP6026 IT Security Management Level 6 Role Overview This sub-discipline is about the competencies required to ensure the security of all aspects of Information Technology services, systems and assets within an organisation. This includes the data,

More information

Overview TECHIS60441. Carry out security testing activities

Overview TECHIS60441. Carry out security testing activities Overview Information, services and systems can be attacked in various ways. Understanding the technical and social perspectives, how attacks work, the technologies and approaches used are key to being

More information

ESKISP6064.03 Conducts vulnerability assessment under supervision

ESKISP6064.03 Conducts vulnerability assessment under supervision Conducts vulnerability assessment under supervision Overview This standard covers the competencies required to conduct vulnerability assessments under supervision. This includes following processes for

More information

Overview TECHIS60241. Carry out risk assessment and management activities

Overview TECHIS60241. Carry out risk assessment and management activities Overview Information in all its forms is a vital component of the digital environment in which we live and work. The protection of information in its physical form is well understood but the protection

More information

ESKISP6053.01 Assist security testing, under supervision

ESKISP6053.01 Assist security testing, under supervision Overview This standard covers the competencies required to assist security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to

More information

ESKITP6036 IT Disaster Recovery Level 5 Role

ESKITP6036 IT Disaster Recovery Level 5 Role Overview This sub-discipline is about the competencies required in order to manage all aspect of Disaster Recovery (DR), as it applies to IT within an organisation. ESKITP6036 1 Performance criteria You

More information

ESKITP714401 Implement procedures and standards relating to metrics for IT service delivery

ESKITP714401 Implement procedures and standards relating to metrics for IT service delivery Overview This sub-discipline covers the competencies required to perform performance metrics. Monitoring service level performance is a complex task requiring collection of data, detailed analysis, and

More information

ESKITP714601 Authorise strategy, policies and standards relating to IT service delivery performance metrics management

ESKITP714601 Authorise strategy, policies and standards relating to IT service delivery performance metrics management service delivery performance metrics Overview This sub-discipline covers the competencies required to direct the monitoring, analysis and communication of IT service delivery performance metrics. Monitoring

More information

ESKITP2034.03 Assist in the preparation of change management plans and assignments for IT enabled systems 1

ESKITP2034.03 Assist in the preparation of change management plans and assignments for IT enabled systems 1 Assist in the preparation of change management plans and assignments for IT Overview This sub-discipline, Change Management (203) is concerned with the competencies required to manage the introduction

More information

ESKITP2035.01 Identify change management opportunities and options for IT enabled systems 1

ESKITP2035.01 Identify change management opportunities and options for IT enabled systems 1 Identify change management opportunities and options for IT enabled Overview This sub-discipline, Change Management (203) is concerned with the competencies required to manage the introduction of business

More information

Overview TECHIS60851. Manage information security business resilience activities

Overview TECHIS60851. Manage information security business resilience activities Overview Information security business resilience encompasses business continuity and disaster recovery from information security threats. As well as addressing the consequences of a major security incident,

More information

ESKITP6034 IT Disaster Recovery Level 4 Role

ESKITP6034 IT Disaster Recovery Level 4 Role Overview This sub-discipline is about the competencies required in order to manage all aspect of Disaster Recovery (DR), as it applies to IT within an organisation. ESKITP6034 1 Performance criteria You

More information

ESKITP7145.01 Manage IT service delivery performance metrics

ESKITP7145.01 Manage IT service delivery performance metrics Overview This sub-discipline covers the competencies required to manage the monitoring, analysis and communication of IT service delivery performance metrics. Monitoring service level performance is a

More information

ESKITP7025 IT/Technology Service Help Desk and Incident Management Level 5 Role

ESKITP7025 IT/Technology Service Help Desk and Incident Management Level 5 Role IT/Technology Service Help Desk and Incident Management Level 5 Role Overview This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services

More information

ESKITP5065 Software Development Process Improvement Level 5 Role

ESKITP5065 Software Development Process Improvement Level 5 Role Software Development Process Improvement Level 5 Role Overview This sub-discipline covers the competencies required by an information technology and/or telecoms organisation to ensure that appropriate

More information

Overview TECHIS60341. Carry out security architecture and operations activities

Overview TECHIS60341. Carry out security architecture and operations activities Overview The protection of information, services and systems relies on a range of technical and procedural activities, often grouped in a framework. The framework will contain technical and logical, physical

More information

ESKITP7102 IT/Technology Asset and Configuration Management Level 2 Role

ESKITP7102 IT/Technology Asset and Configuration Management Level 2 Role IT/Technology Asset and Configuration Management Level 2 Role Overview This sub-discipline is about the competencies required to maintain the integrity and consistency of the IT/technology configuration

More information

ESKITP2035.02 Design and implement change management plans for IT enabled systems 1

ESKITP2035.02 Design and implement change management plans for IT enabled systems 1 Design and implement change management plans for IT enabled systems Overview This sub-discipline, Change Management (203) is concerned with the competencies required to manage the introduction of business

More information

ESKITP6032 IT Disaster Recovery Level 2 Role

ESKITP6032 IT Disaster Recovery Level 2 Role Overview This sub-discipline is about the competencies required in order to manage all aspect of Disaster Recovery (DR), as it applies to IT within an. ESKITP6032 1 Performance criteria You must be able

More information

ESKITP5022 Software Development Level 2 Role

ESKITP5022 Software Development Level 2 Role Overview This sub discipline covers the core competencies required to create software to address the needs of business problems and opportunities, resulting in a variety of software solutions, ranging

More information

ESKITP7072 IT/Technology Capacity Management Level 2 Role

ESKITP7072 IT/Technology Capacity Management Level 2 Role Overview This sub-discipline is about the competencies required to manage the capacity of IT/technology services, systems and assets that support an organisation. Capacity management covers a range of

More information

Service Management. 702 IT/Technology Service Help Desk and Incident Management

Service Management. 702 IT/Technology Service Help Desk and Incident Management 702 IT/Technology Service Help Desk and Incident Management This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services and assets,

More information

ESKITP5023 Software Development Level 3 Role

ESKITP5023 Software Development Level 3 Role Overview This sub discipline covers the core competencies required to create software to address the needs of business problems and opportunities, resulting in a variety of software solutions, ranging

More information

702 IT/Technology Service Help Desk and Incident Management

702 IT/Technology Service Help Desk and Incident Management 702 IT/Technology Service Help Desk and Incident Management This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services and assets,

More information

ESKITP4082 IT/Technology Infrastructure Design and Planning Level 2 Role

ESKITP4082 IT/Technology Infrastructure Design and Planning Level 2 Role IT/Technology Infrastructure Design and Planning Level 2 Role Overview This sub-discipline is part of overall service design. It concerns the design of, and planning for, resilient IT/ technology infrastructure

More information

SFJCCAD2 Promote business continuity management

SFJCCAD2 Promote business continuity management Overview This unit is about providing advice and assistance on business continuity management, including general advice for the business and voluntary sectors, and specific advice and assistance to individual

More information

ESKITP7026 IT/Technology Service Help Desk and Incident Management Level 6 Role

ESKITP7026 IT/Technology Service Help Desk and Incident Management Level 6 Role IT/Technology Service Help Desk and Incident Management Level 6 Role Overview This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services

More information

CFAM&LBB2 Develop, maintain and evaluate business continuity plans and arrangements

CFAM&LBB2 Develop, maintain and evaluate business continuity plans and arrangements Develop, maintain and evaluate business continuity plans and arrangements Overview This standard is about developing, maintaining and evaluating business continuity plans to ensure that organisations continue

More information

ESKITP7074 IT/Technology Capacity Management Level 4 Role

ESKITP7074 IT/Technology Capacity Management Level 4 Role Overview This sub-discipline is about the competencies required to manage the capacity of IT/technology services, systems and assets that support an organisation. Capacity management covers a range of

More information

FSPFCC04(SQA Unit Code-F88P 04) Ensure you comply with regulations in your financial services environment

FSPFCC04(SQA Unit Code-F88P 04) Ensure you comply with regulations in your financial services environment Ensure you comply with regulations in your financial services Overview This Standard is about working within the regulatory of the financial services industry. Most organisations within financial services

More information

Contribute to IT architecture work

Contribute to IT architecture work Overview This sub-discipline is concerned with the competencies required to create, maintain and manage IT architecture models representing the operating model for an organisation and their lower level

More information

Risk Management Policy

Risk Management Policy 1 Purpose Risk management relates to the culture, processes and structures directed towards the effective management of potential opportunities and adverse effects within the University s environment.

More information

SFJPE1.3 Evaluate the effectiveness of the operational delivery business process

SFJPE1.3 Evaluate the effectiveness of the operational delivery business process Evaluate the effectiveness of the operational delivery business process Overview This standard concerns evaluating the effectiveness of new and adapted business processes. The scope of work needs to address

More information

Position Description. Technical Lead, Computer Network Defence. GCSB mission and values. Our mission. Our values UNCLASSIFIED

Position Description. Technical Lead, Computer Network Defence. GCSB mission and values. Our mission. Our values UNCLASSIFIED Position Description Technical Lead, Computer Network Defence Business unit: Responsible to: Position purpose: Directorate overview: Information Assurance and Cyber Security Directorate Manager, Cyber

More information

ESKITP5064 Software Development Process Improvement Level 4 Role

ESKITP5064 Software Development Process Improvement Level 4 Role Software Development Process Improvement Level 4 Role Overview This sub-discipline covers the competencies required by an information technology and/or telecoms organisation to ensure that appropriate

More information

ESKITP7052 IT/Technology Management and Support Level 2 Role

ESKITP7052 IT/Technology Management and Support Level 2 Role Overview This sub-discipline is about the competencies required to ensure that the infrastructure required to support the delivery of IT/technology systems, services and assets for an organisation remain

More information

ESKITP6033 IT Disaster Recovery Level 3 Role

ESKITP6033 IT Disaster Recovery Level 3 Role Overview This sub-discipline is about the competencies required in order to manage all aspect of Disaster Recovery (DR), as it applies to IT within an. ESKITP6033 1 Performance criteria You must be able

More information

SFHAD4 Develop and disseminate information and advice about substance use, health and social well-being

SFHAD4 Develop and disseminate information and advice about substance use, health and social well-being Develop and disseminate information and advice about substance use, Overview For this standard you need to develop a range of information and advice materials to promote substance misuse services, and

More information

ESKITP5022v2 Perform software development activities under direction

ESKITP5022v2 Perform software development activities under direction Perform development activities under direction Overview This sub discipline covers the core competencies required to create to address business problems and realise opportunities, resulting in a variety

More information

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13 Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...

More information

A Guide to the Cyber Essentials Scheme

A Guide to the Cyber Essentials Scheme A Guide to the Cyber Essentials Scheme Published by: CREST Tel: 0845 686-5542 Email: admin@crest-approved.org Web: http://www.crest-approved.org/ Principal Author Jane Frankland, Managing Director, Jane

More information

National Approach to Information Assurance 2014-2017

National Approach to Information Assurance 2014-2017 Document Name File Name National Approach to Information Assurance 2014-2017 National Approach to Information Assurance v1.doc Author David Critchley, Dave Jamieson Authorisation PIAB and IMBA Signed version

More information

ACMP Certification Committee. Methods for Demonstrating Competency

ACMP Certification Committee. Methods for Demonstrating Competency ACMP Certification Committee Methods for Demonstrating Competency 6 February 2014 CCMP Assessment of Competency ACMP s Certification Committee recommended a two-part assessment through which CCMP applicants

More information

FSPBA1 Set up bank accounts for customers

FSPBA1 Set up bank accounts for customers Overview This unit is about the process of setting up bank accounts for both new and existing customers. You will need to complete the process of setting up individual accounts from initial enquiry, establishing

More information

Risk Management. National Occupational Standards February 2014

Risk Management. National Occupational Standards February 2014 Risk Management National Occupational Standards February 2014 Skills CFA 6 Graphite Square, Vauxhall Walk, London, SE11 5EE T: 0207 0919620 F: 0207 0917340 E: info@skillscfa.org www.skillscfa.org Skills

More information

Process Improvement Plan

Process Improvement Plan Doc ID: Date: Revision: Status: Abstract This document describes the process improvement plan for Company XXX. Approvals Approvals. Signed. Date. Author Page 2 of 19 Sample Process Improvement Plan.doc

More information

JOB PROFILE. Collaborate and work effectively with team members within the section and the rest of the Transformation Service.

JOB PROFILE. Collaborate and work effectively with team members within the section and the rest of the Transformation Service. JOB PROFILE Job Title: Principal Commissioning Officer Consultant 3 Department: Corporate Resources Ref: DCC/14/0344 Section: Transformation Service Job Family: Transformation Job grade: 12 Purpose of

More information

CFACC29 Develop and enhance performance management in a contact centre

CFACC29 Develop and enhance performance management in a contact centre Develop and enhance performance management in a contact centre Overview What this standard is about Efficiency and effectiveness in contact centres rely on close management of performance. With defined

More information

Government Communication Professional Competency Framework

Government Communication Professional Competency Framework Government Communication Professional Competency Framework April 2013 Introduction Every day, government communicators deliver great work which supports communities and helps citizens understand their

More information

Chief Operating Officer Vice-Chancellor

Chief Operating Officer Vice-Chancellor Project Management Policy Responsible Officer Approved by Chief Operating Officer Vice-Chancellor Approved and commenced December, 2013 Review by November, 2016 Relevant Legislation, Ordinance, Rule and/or

More information

Application Guidance CCP Penetration Tester Role, Practitioner Level

Application Guidance CCP Penetration Tester Role, Practitioner Level August 2014 Issue No: 1.0 Application Guidance CCP Penetration Tester Role, Practitioner Level Application Guidance CCP Penetration Tester Role, Practitioner Level Issue No: 1.0 August 2014 This document

More information

White Paper. PPP Governance

White Paper. PPP Governance PPP Governance The Governance of Projects, Programs and Portfolios (PPP) (sometimes called project governance for convenience) is the sub-set of corporate and organisational governance 1 focused on assisting

More information

ESKITP7042 IT Application Management / Support Level 2 Role

ESKITP7042 IT Application Management / Support Level 2 Role Overview This sub-discipline is about the competencies required to ensure that application systems/services that support specific business functions and processes for an organisation remain available,

More information

National Cybersecurity Assessment and Technical Services: Capability Brief. Presented by: Sean McAfee Updated: May 5, 2014

National Cybersecurity Assessment and Technical Services: Capability Brief. Presented by: Sean McAfee Updated: May 5, 2014 National Cybersecurity Assessment and Technical Services: Capability Brief Presented by: Sean McAfee Updated: May 5, 2014 Program Overview Offer Full-Scope Red Team/Penetration Testing Capabilities Services

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Risk Management Policy Record Number D14/79827 Responsible Manager Manager Strategy and Governance Last reviewed 10 March 2015 Adoption reference Council Resolution number 90.5 Previous

More information

Course Information Handbook. BSB51415 Diploma of Project Management

Course Information Handbook. BSB51415 Diploma of Project Management Course Information Handbook 2015 BSB51415 Diploma of Project Management Detailed Course Information Description of Qualification This qualification reflects the role of individuals who apply project management

More information

FSPAMFPI06 Complete reports for mortgage and/or financial planning clients

FSPAMFPI06 Complete reports for mortgage and/or financial planning clients Complete reports for mortgage and/or financial planning clients Overview You must be able to accurately complete reports of a complex nature, and take a proactive approach to the preparation of valuations

More information

Health and Safety Strategy

Health and Safety Strategy SH HS 01 Summary: Keywords (minimum of 5): (To assist policy search engine) Target Audience: The vision and intent of health and safety for Southern Health NHS Foundation Trust over the coming year. Health

More information

Page 7. Area Served: Borough Wide Chair of the Committee: Cllr Tim Crowley

Page 7. Area Served: Borough Wide Chair of the Committee: Cllr Tim Crowley Report to: Date: Report of: Audit Committee Page 7 27 th September Executive Head Policy and Customer Services Agenda Item 4 Ward Location: Not Applicable Author(s) and Contact Phone Number(s): Gill Bull,

More information

CENTRAL LINCOLNSHIRE LOCAL PLAN HIGHLIGHT REPORT

CENTRAL LINCOLNSHIRE LOCAL PLAN HIGHLIGHT REPORT Public Sector Auditing.. Private Sector Thinking CENTRAL LINCOLNSHIRE LOCAL PLAN HIGHLIGHT REPORT Date: 7 th November 2014 Author: Rachel Abbott Principal Auditor Introduction & Scope The National Planning

More information

ESKITP7082 Change and Release Management Level 2 role

ESKITP7082 Change and Release Management Level 2 role Overview This sub-discipline is about the competencies required for the management of changes required to the operational IT/technology configuration and environment in which it operates. The competencies

More information

PPLHSL14 Manage the receipt, storage or dispatch of goods

PPLHSL14 Manage the receipt, storage or dispatch of goods Overview This standard is about managing the receipt, storage, or dispatch of goods. This standard is for hospitality team leaders, first line managers or supervisors. The logistic chain from goods arriving,

More information

INFORMATION MANAGEMENT STRATEGIC FRAMEWORK GENERAL NAT 11852-08.2004 OVERVIEW

INFORMATION MANAGEMENT STRATEGIC FRAMEWORK GENERAL NAT 11852-08.2004 OVERVIEW GENERAL OVERVIEW NAT 11852-08.2004 SEGMENT FORMAT PRODUCT ID INFORMATION MANAGEMENT STRATEGIC FRAMEWORK In the context of the Information Management Strategic Framework, information is defined as: information

More information

Overview COSCSMO10. Implement, monitor and control strategic procurement systems in construction management

Overview COSCSMO10. Implement, monitor and control strategic procurement systems in construction management Overview This standard is about agreeing and implementing with stakeholders what systems are most effective for managing the project. The systems identified will need to be prioritised and formalised if

More information

Position Description

Position Description Position Description Wesley Disability Services Quality Risk & Compliance Specialist Agreement Signed Quality Risk and Compliance Specialist Signed Executive Manager, Wesley Disability Services Date Date

More information

National Cybersecurity Assessment and Technical Services

National Cybersecurity Assessment and Technical Services National Cybersecurity Assessment and Technical Services Updated: September 9, 2015 NCATS Program Overview Offer Full-Scope Red Team/Penetration Testing Capabilities through two primary programs: Risk

More information

NSPCC JOB DESCRIPTION. Database Training and Support Manager. (Grade 5 - Senior Business Support Officer)

NSPCC JOB DESCRIPTION. Database Training and Support Manager. (Grade 5 - Senior Business Support Officer) NSPCC JOB DESCRIPTION Job Title: Database Training and Support Manager (Grade 5 - Senior Business Support Officer) Function: Department: Supporter Services and Database Administration Supporter Experience

More information

Information Sharing Lessons Learned from Gateway Reviews: Gate 3 Investment Decision Review

Information Sharing Lessons Learned from Gateway Reviews: Gate 3 Investment Decision Review Information Sharing Lessons Learned from Gateway Reviews: Gate 3 Investment Decision Review October 2013 The purpose of this document is to share lessons learned to support agencies to better identify

More information

Promote security system and service sales

Promote security system and service sales Page 1 of 5 Promote security system and service sales Level 3 Credits 2 Purpose This unit standard is for people who work, or intend to work, as security system or service sales representatives, or in

More information

All organisational units

All organisational units Project Management Policy Responsible Officer Chief Operating Officer Approved by Vice-Chancellor Approved and commenced March, 2014 Review by March, 2017 Relevant Legislation, Ordinance, Rule and/or Governance

More information

Thales Pricing Schedule for Vulnerability Assessment and Penetration Testing

Thales Pricing Schedule for Vulnerability Assessment and Penetration Testing Thales Pricing Schedule for Vulnerability Assessment and Penetration Testing Thales Pricing Schedule for Vulnerability Assessment and Penetration Testing April 2014 Page 1 of 8 Thales Pricing Schedule

More information

Overview PPLHSL14. Manage the receipt, storage or dispatch of goods

Overview PPLHSL14. Manage the receipt, storage or dispatch of goods Overview This standard is about managing the receipt, storage or dispatch of goods. This standard is for hospitality team leaders, first line managers or supervisors. The logistics chain from goods arriving,

More information

AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES

AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES Final Report Prepared by Dr Janet Tweedie & Dr Julie West June 2010 Produced for AGIMO by

More information

ESKITP7022 IT/Technology Service Help Desk and Incident Management Level 2 Role

ESKITP7022 IT/Technology Service Help Desk and Incident Management Level 2 Role IT/Technology Service Help Desk and Incident Management Level 2 Role Overview This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services

More information

Role Description Technical Manager

Role Description Technical Manager Role Description Technical Manager Cluster Transport Agency Transport for NSW Division/Branch/Unit Freight, Strategy and Planning / Transport Networks Location Sydney Classification/Grade/Band Award Grade

More information

Middlesbrough Manager Competency Framework. Behaviours Business Skills Middlesbrough Manager

Middlesbrough Manager Competency Framework. Behaviours Business Skills Middlesbrough Manager Middlesbrough Manager Competency Framework + = Behaviours Business Skills Middlesbrough Manager Middlesbrough Manager Competency Framework Background Middlesbrough Council is going through significant

More information

ESKIPU1 Improving productivity using IT

ESKIPU1 Improving productivity using IT Overview This is the ability to plan, evaluate and improve procedures involving the use of IT tools and systems in order to improve the productivity and efficiency of tasks and activities. ESKIPU1 1 Performance

More information

Council Policy Business Continuity Management

Council Policy Business Continuity Management Policy Name: Business Continuity Management Council Policy Business Continuity Management ADOPTED BY COUNCIL: 19 th April 2016 DATE OF NEXT REVIEW: 18 th April 2020 RESPONSIBLE OFFICER: REFERENCES: Chief

More information

DWP INFORMATION SECURITY POLICY

DWP INFORMATION SECURITY POLICY DWP INFORMATION SECURITY POLICY Contents Background... 1 Scope... 1 Accountabilities... 2 Policy Statements... 2 Responsibilities... 3 Background 1.1 DWP is committed to ensuring that effective security

More information

APPLICABLE TO: Flow Systems Group and all employees. Risk Management

APPLICABLE TO: Flow Systems Group and all employees. Risk Management PURPOSE: Flow Systems is committed to managing its risks and ensuring compliance with all relevant laws and regulations in a proactive, on-going and positive manner. This document outlines Flow s Risk

More information

CFAMLE6 Ensure health and safety requirements are met in your area of responsibility

CFAMLE6 Ensure health and safety requirements are met in your area of responsibility Ensure health and safety requirements are met in your area of Overview This unit is concerned with managing the overall health and safety process in your area of. It is intended to go beyond meeting health

More information

SFS SYS 13 (SQA Unit Code - H4GR 04) Maintain the performance of electronic security systems

SFS SYS 13 (SQA Unit Code - H4GR 04) Maintain the performance of electronic security systems Maintain the performance of electronic security systems Overview This NOS sets out the skills, knowledge and understanding for you to maintain the operational performance of electronic security systems,

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

Reputation, Brand & Communications

Reputation, Brand & Communications Group Standard Reputation, Brand & Communications Serco is committed to building a positive reputation with its stakeholders, wherever we operate SMS-GS-BC4 Reputation, Brand and Communication December

More information

CFAM&LAA2 Develop your knowledge, skills and competence

CFAM&LAA2 Develop your knowledge, skills and competence Overview This standard is about taking responsibility for developing your own knowledge, skills and competence to meet the current and future requirements of your work and to support your personal and

More information

Role Description Director, Risk Management

Role Description Director, Risk Management Role Description Director, Risk Management Classification/Grade/Band Band 1 Senior Executive Work Level Standards ANZSCO Code PCAT Code Date of Approval Work Contribution Stream: Professional/Technical/Specialist

More information

Manage Compliance with External Requirements

Manage Compliance with External Requirements Manage Compliance with External Requirements Description IT is subject to requirements that are highly complex and constantly changing. The school jurisdiction s senior leadership is ultimately accountable

More information

NSW Government ICT Benefits Realisation and Project Management Guidance

NSW Government ICT Benefits Realisation and Project Management Guidance NSW Government ICT Benefits Realisation and Project Management Guidance November 2014 CONTENTS 1. Introduction 1 2. Document purpose 1 3. Benefits realisation 1 4. Project management 4 5. Document control

More information

Information governance strategy 2014-16

Information governance strategy 2014-16 Information Commissioner s Office Information governance strategy 2014-16 Page 1 of 16 Contents 1.0 Executive summary 2.0 Introduction 3.0 ICO s corporate plan 2014-17 4.0 Regulatory environment 5.0 Scope

More information

Assess Occupational Competence in the Work Environment

Assess Occupational Competence in the Work Environment Title: Level: 3 Credit value: 6 General Guidance This unit assesses a candidate assessor s competence in assessing the of others. Primary evidence for the learning outcomes and assessment criteria must

More information

Powerhouse Ventures Limited (PVL) ROLE OF THE MANAGING DIRECTOR/CHIEF EXECUTIVE OFFICER (CEO)

Powerhouse Ventures Limited (PVL) ROLE OF THE MANAGING DIRECTOR/CHIEF EXECUTIVE OFFICER (CEO) Powerhouse Ventures Limited (PVL) ROLE OF THE MANAGING DIRECTOR/CHIEF EXECUTIVE OFFICER (CEO) Page 1 of 5 THE ROLE OF THE MANAGING DIRECTOR/CHIEF EXECUTIVE OFFICER (CEO) For the purposes of this Policy,

More information

Head of Engineering Job Description

Head of Engineering Job Description Head of Engineering Job Description (Job Code and Level: E006) Definition: Overall responsibility and accountability for the Engineering function across the UK which will include people and budgetary management.

More information

Department of Health & Human Services

Department of Health & Human Services Department of Health & Human Services Position Description Senior Project Officer Data, Quality and Funding (Clinical Supervision / Simulation portfolio) The Senior Project Officer, Data, Quality and Funding

More information

CRM Co-Ordinator Role

CRM Co-Ordinator Role Service Area: Team: Grade: 7 Customer Customer Experience Hours of Duty: 36.15 hours per week in accordance with RBH s Worklife Balance Scheme and service requirements. The role may require occasional

More information

Committees Date: Subject: Public Report of: For Information Summary

Committees Date: Subject: Public Report of: For Information Summary Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security

More information

Network Rail Infrastructure Projects Joint Relationship Management Plan

Network Rail Infrastructure Projects Joint Relationship Management Plan Network Rail Infrastructure Projects Joint Relationship Management Plan Project Title Project Number [ ] [ ] Revision: Date: Description: Author [ ] Approved on behalf of Network Rail Approved on behalf

More information