April 2015 Issue No:1.0. Application Guidance - CCP Security and Information Risk Advisor Role, Practitioner Level

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "April 2015 Issue No:1.0. Application Guidance - CCP Security and Information Risk Advisor Role, Practitioner Level"

Transcription

1 April 2015 Issue No:1.0 Application Guidance - CCP Security and Information Risk Advisor Role, Practitioner Level

2 Application Guidance CCP Security and Information Risk Advisor Role, Practitioner Level Issue No: 1.0 April 2015 This document is for the purposes of issuing advice to UK Government, public sector organisations and/or related organisations. The copying and use of this document for any other purpose, such as for training purposes, is not permitted without the prior approval of CESG. The copyright of this document is reserved and vested in the Crown. Document History Version Date Comment 1.0 April 2015 First issue

3 Purpose & Intended Readership This document is intended as a guide on how to structure evidence when applying for certification under the CESG Guidance for IA Professionals (CCP) scheme as a Security & Information Risk Advisor (S&IRA) at Practitioner level. It includes suggestions of what you need to learn and know before applying. It complements the CESG Certification for IA Professionals (reference [a]) and Guidance to CESG Certification for IA Professionals (reference [b]) publications, to be found at awarenesstraining/certified professionals/pages/index.aspx Executive Summary CESG has developed a framework for certifying Information Assurance (IA) Professionals who meet competency and skill requirements for specified IA roles. The purpose of certification is to enable better matching between requirements for IA Professionals and the competence and skills of those undertaking common IA roles. The framework was developed in consultation with Government departments, academia, industry, the certification bodies and members of the CESG Listed Advisor Scheme (CLAS). The framework includes a set of IA role definitions and a certification process. This document provides guidance for applicants for certification as a CCP Security & Information Risk Advisor (S&IRA) at Practitioner level. Feedback CESG Information Assurance Standards and Guidance welcomes feedback and encourage readers to inform CESG of their opinions, positive or otherwise, in respect to this document. Please Page 1

4 Contents: Overall Requirements for the S&IRA Role at Practitioner level... 3 Key Principles... 3 Security and information risk advice... 3 Headline statement for the S&IRA role at Practitioner Level, SFIA Responsibility Level Applying for CCP Scheme Certification... 4 Further information on the requirements for the S&IRA Role at Practitioner Level... 8 Knowledge... 8 Skills... 9 Experience The Certification Process Next Steps The CCP Scheme Certification Learning Cycle References Page 2

5 Overall Requirements for the S&IRA Role at Practitioner level Key Principles This document is intended as a guide on how to structure evidence when applying for certification as a Security and Information Risk Advisor (S&IRA) at Practitioner level in the CESG Certification for IA Professionals (CCP) scheme. It includes suggestions of what you need to learn and know before applying and complements the CESG Certification for IA Professionals and Guidance to CESG Certification for IA Professionals publications, for which see professionals/pages/index.aspx. Learning comes through acquiring skills and knowledge (from training, experience and learning from others doing the same job) and then putting these into practice. Most people will need a few years to acquire these, although in some cases this period may be longer or shorter. The section on skills provides prompts for the type of evidence which could demonstrate that you meet the required standards. You are encouraged to follow the advice in this section when completing your written submission of evidence. Security and information risk advice The S&IRA role is to provide business driven advice on the management of security and information risk consistent with HMG IA policy or other sector specific guidance. In particular a S&IRA should: provide a focal point for resolution of security and information risk matters identify, analyse and evaluate information risks explain to risk owners and other stakeholders the causes, likelihood and potential business impacts of information risks throughout the information system lifecycle assist checking compliance with applicable regulations, standards, policies and guidance on information risk management present risk management options to the business support the development of appropriate and proportionate documentation to inform risk management decisions, ensuring these are expressed in terms meaningful to the business Page 3

6 investigate security incidents promote security awareness provide threat guidance Headline statement for the S&IRA role at Practitioner Level, SFIA Responsibility Level 2 Assists customers in the routine application and interpretation of security or IA policies and practices Applying for CCP Scheme Certification If you don t feel that you can demonstrate all of the following required skills, knowledge and experience, agree a plan with your manager so that you can address any gaps e.g. through placements, projects, training, mentoring before you apply for CCP certification. You also need to check the website of the Certification Body (CB) 1 you wish to use, to see if it specifies any additional requirements, for example an exam qualification. The following are examples consistent with the standards required to meet the role headline statement above. Other examples might also meet the same standard. Your evidence should show that you: use a repeatable and consistent risk assessment technique to identify emerging information risks throughout the lifecycle of assigned information systems, services or business solutions co ordinate the identification of suitable risk treatment options in the context of the business and ensure these are traceable to risks develop security evidence as required and specified by the business to enable the effective and consistent application of an organisation s risk management process: ensuring these are necessary, proportionate and match the business requirement. Avoid producing unnecessary documentation 1 The three Certification Bodies are APM Group - BCS, The Chartered Institute for IT Professionals and IISP, RHUL & CREST consortium Page 4

7 liaise with an Accreditor 2 and/or Risk Owner to gain timely accreditation undertake preliminary or fact finding enquiries into security incidents check or report compliance with applicable security standards and procedures present security briefings to users and/or local management contribute to security communications draft requirements for IT Health Checks or audits can provide examples showing that you are competent in the required skill levels from the Institute of Information Security Professionals (IISP) Skills Framework (see skills section). For skills at level 1 (awareness), this could be your contributions to teamwork. For level 2 (application) skills, wherever possible you should show personal ownership in your work demonstrate all of the attributes of responsibility (autonomy, influence, complexity and business skills) from the Skills Framework for the Information Age (SFIA) 3 at level 2. Alternatively you can show evidence of least level 1.5 for the IISP J skills (see the publication Guidance to CESG Certification for IA Professionals at ). 2 Accreditor is a term which is mostly used within government organisations, for example if operating within an HMG accreditation framework. It denotes the person who impartially and independently assesses that the risks associated with an information system are acceptable to the organisation and who accredits that system on behalf of a Board. 3 See Guidance to CESG Certification for IA Professionals and the SFIA Foundation at Page 5

8 This diagram gives an overall picture of the different elements of Information Assurance and their interdependence. Within the overall context of Information Assurance, the S&IRA s focus is to obtain the necessary information from others (e.g. architects, accreditors etc.) of how systems work, the organisation s environment and risk appetite and to then present advice in a way that clients can understand, in order to achieve a proportionate level of information risk management. Page 6

9 You need to understand the organisation s business objectives, strategy and risk appetite. You will also need information from knowledgeable technical specialists who can explain at an appropriate level what the information systems do. You need people skills to ensure that you can explain security options in a way that non specialists understand so that they implement your advice with the outcome that risks are managed appropriately and proportionately. In no priority order, you need: Skills in: Negotiating Influencing Communication able to talk to non specialists and specialists alike Business writing (all the information needed for a decision, on 1 side of A4) Working within business areas to personally build and then give tailored presentations Stakeholder management Familiarity with: Risk assessment and risk management methodologies Security and information risk advice standards and policies The CESG Certification for IA Professionals and Guidance to CESG Certification for IA Professionals publications, for which see professionals/pages/index.aspx Technical IA controls And understanding of: Business risk appetite and how to apply proportionate risk management controls Business strategy and the local business environment How security incidents can occur How to perform Protective Monitoring (PM), understand PM reports and carry out incident management Page 7

10 Further information on the requirements for the S&IRA Role at Practitioner Level Knowledge The following gives more detail of the knowledge you need to acquire. You need evidence that you understand and have appropriately applied your knowledge of, for example: if carrying out IA work for Government or Government suppliers the relevant elements of the HMG Security Policy Framework (SPF) and CESG guidance the information security policies and standards relevant to your industry sector your organisation s information security policies and standards best practice in producing appropriate and proportionate risk management controls relevant legal issues e.g. protection of personal and financial data what information governance is, why it matters, who is responsible for it locally and how it works in practice the strategic goals, threats and opportunities of the businesses you work in what good and bad security in IA architecture looks like e.g. protecting one layer but leaving an interface with another system vulnerable how to develop IT systems with good IA e.g. how to advise on the appropriate level of controls, taking into account governance and risk appetite Page 8

11 Skills When presenting your skills evidence, you are advised to use the STAR format: Situation, Task, Action, Result Use a narrative form, e.g. I produced...my decision was... Explain what security and information risk advice you gave and why, and how it was proportionate and effective You must meet the required levels for 4 core skills from the following: A2, A3, A4, A6, B1, B2, F1, F2. The inclusion of at least one of the B Group skills is compulsory. In addition, you must meet 75% of the non core skills A single piece of work may be used for several skills, but a variety of examples gives better evidence of being able to work in more than one environment The following table provides suggestions for starting points in evidence. SKILL A1 Governance Understands local arrangements for Information Governance (IG) A2 Policy & Standards Level 2 core skill With supervision and aligned with business objectives, authors or provides advice on Information Security (IS) policy or standards Technical Skills EVIDENCE OF SKILL Give examples of work you ve done which took into account local information governance. What did your work achieve? Give examples of how you ve applied IS policies or standards. What impact did your work have? Were there occasions when you influenced policies/standards, e.g. by providing feedback? Page 9

12 SKILL A3 IS Strategy core skill Understands the purpose of IS strategy to realise business benefits A4 Innovation & Business Improvement core skill Is aware of the business benefits of good IS A5 IS Awareness and Training Understands the role of security awareness and training in maintaining IS A6 Legal & Regulatory Environment, core skill Is aware of major pieces of legislation relevant to IS and of regulatory bodies relevant to the sector in which they work A7 Third Party Management 4 EVIDENCE OF SKILL Give examples of how you ve applied your organisation s IS strategy to your work in a way which enabled business benefit (e.g. by saving time, improving quality, reducing costs etc). Give examples of innovative security and information risk advice and how that enabled a significant business improvement (e.g. by reducing reputational risk). Give examples which show how you used your understanding of the importance of IS awareness and training. Explain how your advice on information risk complied with relevant statutes or regulations. Give examples of how the scope of your information risk advice has included 3 rd party information systems. Is aware of the need for organisations to manage the information security of third parties 4 Skill only required if information systems or services are provided by a third party, for example if a design or development of an information system, or part of an information system is outsourced to a 3 rd party. Page 10

13 SKILL B1 Risk Assessment Level 2 core skill Understands how to produce information risk assessments B2 Risk Management Level 2 core skill Contributes to management of risks to information systems with supervision C1 Security Architecture Is aware of the concept of architecture to reduce information risk C2 Secure Development Is aware of the benefits of addressing security during system development D1 IA Methodologies EVIDENCE OF SKILL Give examples from different environments of risk assessments you ve written. How did you decide which assets and threats were significant and what the threat levels were? How did you communicate your reports and what were the results of your work? Give examples of advising organisations on how to manage risks. How did you address organisational requirements and risk appetite? What were the results of your work? Give examples of how you ve taken a system architecture into account in your information risk advice. Give examples of advice you ve given on secure development in building IT systems. What were the results? Give examples of how you ve applied your understanding of IA methodologies. Is aware of the existence of methodologies, processes and standards for providing IA Page 11

14 SKILL D2 Security Testing Is aware of the role of testing to support IA E1 Secure Operations Management Is aware of the need for secure management of information systems E2 Secure Ops & Service Delivery Is aware of the need for information systems and services to be operated securely E3 Vulnerability Assessment Is aware of the need for vulnerability assessments to maintain IS F1 Incident Management Level 2 core skill EVIDENCE OF SKILL How has your advice influenced the scope of security testing? Give examples of advice you ve given on secure operations management. What were the results? How have you used your understanding of secure information system management in your advice on service delivery? Give examples from different work environments of advice you ve given which has influenced the scope of vulnerability assessments or the interpretation of their results. Provide examples of reports or advice you ve provided after a security incident, to enable a proportionate and effective response. What impact has your work made? Contributes to security incident management Page 12

15 SKILL F2 Investigation Level 2 core skill Contributes to investigations into security incidents F3 Forensics Is aware of the capability of forensics to support investigations G1 Audit and Review Understands basic techniques for testing compliance with security criteria (policies, standards, legal and regulatory requirements) H1 Business Continuity Planning and H2 Business Continuity Management Understands how Business Continuity Planning & Management contributes to Information Security I1 Research EVIDENCE OF SKILL Give examples of how your advice has taken into account the requirements for investigations, or give examples of investigations you ve influenced, carried out or contributed to. Give examples of information risk advice you ve given which has taken into account the requirements for forensic evidence. Give examples to show how you ve used your understanding of techniques for testing compliance with security criteria in your information risk advice. Give examples from different work environments of how you considered business continuity in your information risk advice. How did your advice on information risk contribute to business continuity management? What were the outcomes of your work? Give examples of research you ve used in the information risk advice you ve provided or how you ve researched whether your advice would be appropriate for an information system. Page 13

16 SKILL J1 Teamwork and Leadership, Level 2 Is encouraging and supportive and provides a lead within the local area. Task based team working J2 Delivering Level 2 Responsibility for an element of delivery against one or more business objectives, balancing priorities to achieve this J3 Managing Customer Relationships Level 2 Negotiates with customers to improve the service to them and to manage their expectations J4 Corporate Behaviour Level 2 Understands the aims of own and related areas across an organisation J5 Change and Innovation Level 2 Generates creative ideas and demonstrates sensitivity in implementing local change J6 Analysis and Decision Making Level 2 Makes effective decisions in consultation with others and/or solves complex problems in immediate area EVIDENCE OF SKILL PEOPLE SKILLS J skills (instead of SFIA levels) Give examples of ways in which you ve encouraged others to develop their own competence and abilities. Give examples of prioritising tasks to ensure that local and organisational objectives were met. Describe occasions when you ve negotiated different solutions from those originally requested. Give examples of information risk advice which saved money or other resources and met the security requirements for a system. Give examples of changes you ve introduced what did you do? How did you consider the impact on other people and processes? Give examples of breaking down (complex) problems. What was the outcome? Page 14

17 SKILL J7 Communication and Knowledge Sharing Level 2 Encourages and contributes to discussion. Is proactive in sharing information in own work area EVIDENCE OF SKILL Give examples of how you ve adapted your communication to suit different media, e.g. face to face, over the phone, s, presentations and meetings. What outcomes have you achieved? Page 15

18 Experience Agree a plan with your manager to ensure that you cover the necessary ground, as suggested below. If you are successful in your application, your CCP certification will assure employers that you are competent to advise on information risk. In order to provide sufficient evidence for your assessment, you will need to demonstrate experience of information risk advice, typically for at least 12 months or longer. You may also have had previous experience in related areas, e.g. work in an Information Technology support team or IT Help Desk. Your evidence should show that you have some experience of and can give examples of some of the following: providing a focal point for resolution of security and information risk matters identifying, analysing and evaluating information risks explaining to risk owners and other stakeholders the causes, likelihood and potential business impacts of information risks throughout the information system lifecycle assisting and checking compliance with applicable regulations, standards, policies and guidance on information risk management presenting risk management options to the business supporting the development of appropriate and proportionate documentation to inform risk management decisions, ensuring that these are expressed in terms that are meaningful to the business investigating security incidents promoting security awareness providing threat guidance Page 16

19 The Certification Process Next Steps This Application Guidance contains material designed to help individuals applying for CCP S&IRA at Practitioner level. The CB certification processes for the Practitioner level follow below. Note: 1. If you are considering applying for CCP S&IRA at Senior level, you will need to show wider experience of more complex systems and satisfy the requirement for higher skill levels as detailed in the CESG Certification for IA Professionals publication for which see Supervisory experience to show evidence of coaching and developing other S&IRAs would also be helpful. 2. If you are applying for CCP S&IRA at Lead level, you will need to show that you influence and direct security and information risk advice strategy at an organisational or inter organisational level and satisfy the requirement for higher skill levels. For example, you directly and regularly brief or advise the Board with regard to security and information risk advice. Page 17

20 3. There are 3 CBs: the APM Group ( ia.com ), BCS ( ) and the IISP, RHUL and CREST Consortium ( ). Certification is for 3 years and requires evidence of continuing professional development throughout the period of certification. Page 18

21 The CCP Scheme Certification Learning Cycle If there is a gap against CCP requirements, make a time-bounded plan to develop skills and knowledge and how to make or find suitable opportunities to apply these. Page 19

22 References [a] CESG CESG Certification for IA Specialists Standard awarenesstraining/certified professionals/pages/index.aspx [b] CESG Guidance to Certification for IA Specialists awarenesstraining/certified professionals/pages/index.aspx Page 20

23 Application Guidance CCP S&IRA Role, Practitioner level Page 21

24 IA CESG A2i Hubble Road Cheltenham Gloucestershire GL51 0EX Tel: +44 (0) Fax: +44 (0) Crown Copyright Communications on CESG telecommunications systems may be monitored or recorded to secure the effective operation of the system and for other lawful purposes.

Application Guidance CCP Penetration Tester Role, Practitioner Level

Application Guidance CCP Penetration Tester Role, Practitioner Level August 2014 Issue No: 1.0 Application Guidance CCP Penetration Tester Role, Practitioner Level Application Guidance CCP Penetration Tester Role, Practitioner Level Issue No: 1.0 August 2014 This document

More information

February 2015 Issue No: 5.2. CESG Certification for IA Professionals

February 2015 Issue No: 5.2. CESG Certification for IA Professionals February 2015 Issue No: 5.2 CESG Certification for IA Professionals Issue No: 5.2 February 2015 The copyright of this document is reserved and vested in the Crown. This document may not be reproduced or

More information

January 2015 Issue No: 2.1. Guidance to CESG Certification for IA Professionals

January 2015 Issue No: 2.1. Guidance to CESG Certification for IA Professionals January 2015 Issue No: 2.1 Guidance to Issue No: 2.1 January 2015 The copyright of this document is reserved and vested in the Crown. This document may not be reproduced or copied without specific permission

More information

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13 Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...

More information

Practitioner Certificate in Information Assurance Architecture (PCiIAA)

Practitioner Certificate in Information Assurance Architecture (PCiIAA) Practitioner Certificate in Information Assurance Architecture (PCiIAA) 15 th August, 2015 v2.1 Course Introduction 1.1. Overview A Security Architect (SA) is a senior-level enterprise architect role,

More information

National Approach to Information Assurance 2014-2017

National Approach to Information Assurance 2014-2017 Document Name File Name National Approach to Information Assurance 2014-2017 National Approach to Information Assurance v1.doc Author David Critchley, Dave Jamieson Authorisation PIAB and IMBA Signed version

More information

CESG ASSURED SERVICE CAS SERVICE REQUIREMENT TELECOMMUNICATIONS

CESG ASSURED SERVICE CAS SERVICE REQUIREMENT TELECOMMUNICATIONS CESG ASSURED SERVICE CAS SERVICE REQUIREMENT TELECOMMUNICATIONS Issue 1.1 Crown Copyright 2015 All Rights Reserved 1 of 9 Document History Version Date Description 0.1 November 2012 Initial Draft Version

More information

CESG Certified Professional

CESG Certified Professional CESG Certified Professional Verify your skills and competence in information assurance Now open to cyber security professionals working in UK industry CONTENTS 1. Introduction 2. IA in Context: Why Professionalism

More information

Sub-section Content. 3 General Description. 4 Specific Duties and Responsibilities

Sub-section Content. 3 General Description. 4 Specific Duties and Responsibilities Sub-section Content 1 Preliminaries - Post title: Audit and Risk Advisor - Reports to: Business Assurance Manager - Direct reports: none - Directorate: xxx 2 Contacts - All staff within the Society, Board

More information

Good Practice Guide Security Incident Management

Good Practice Guide Security Incident Management October 2015 Issue No: 1.2 Good Practice Guide Security Incident Management Customers can continue to use this guidance. The content remains current, although may contain references to legacy SPF policy

More information

UNCLASSIFIED CESG ASSURED SERVICE CAS SERVICE REQUIREMENT DESTRUCTION. Version 1.0. Crown Copyright 2012 All Rights Reserved.

UNCLASSIFIED CESG ASSURED SERVICE CAS SERVICE REQUIREMENT DESTRUCTION. Version 1.0. Crown Copyright 2012 All Rights Reserved. CESG ASSURED SERVICE CAS SERVICE REQUIREMENT DESTRUCTION Version 1.0 Crown Copyright 2012 All Rights Reserved Page 1 Document History Version Date Description 0.1 June 2012 Initial Draft Version 1.0 July

More information

Sub-section Content. 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx

Sub-section Content. 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx Sub-section Content 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx 2 Job Purpose - To support the implementation of an Enterprise Risk Management

More information

ESKISP6046.02 Direct security architecture development

ESKISP6046.02 Direct security architecture development Overview This standard covers the competencies concerned with directing security architecture activities. It includes setting the strategy and policies for security architecture, and being fully accountable

More information

GPG13 Protective Monitoring. Service Definition

GPG13 Protective Monitoring. Service Definition GPG13 Protective Monitoring Service Definition Issue Number V1.3 Document Date 27 November 2014 Author: D.M.Woodcock Classification UNCLASSIFIED Version G-Cloud 6 2014 Copyright Assuria Limited. All rights

More information

Choosing Ascentor as your cyber security partner. Secure your information Strengthen your business

Choosing Ascentor as your cyber security partner. Secure your information Strengthen your business Secure your information Strengthen your business Choosing Ascentor as your cyber security partner www.ascentor.co.uk Ascentor Ltd 5 Wheatstone Court, Davy Way Waterwells Business Park Quedgeley, Gloucester

More information

Growth Through Excellence

Growth Through Excellence Growth Through Excellence Public/Private Cloud Services Service Definition Document G- Cloud 5 REFERENCE NUMBER RM1557v Table of Contents Table of Contents... 3 Executive Summary... 4 About the Company...

More information

Service Definition Document

Service Definition Document Service Definition Document QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE)

More information

Specialist Cloud Services. Acumin Cloud Security Resourcing

Specialist Cloud Services. Acumin Cloud Security Resourcing Specialist Cloud Services Acumin Cloud Security Resourcing DOCUMENT: FRAMEWORK: STATUS Cloud Security Resourcing Service Definition G-Cloud Released VERSION: 1.0 CLASSIFICATION: CloudStore Acumin Consulting

More information

Information governance strategy 2014-16

Information governance strategy 2014-16 Information Commissioner s Office Information governance strategy 2014-16 Page 1 of 16 Contents 1.0 Executive summary 2.0 Introduction 3.0 ICO s corporate plan 2014-17 4.0 Regulatory environment 5.0 Scope

More information

POSITION DESCRIPTION. Role Purpose. Key Challenges. Key Result Areas

POSITION DESCRIPTION. Role Purpose. Key Challenges. Key Result Areas POSITION DESCRIPTION Position Title Manager, Technical Services Support Position Number Reports to Manager Technology Services Functional Auth HRM Auth Region IT Services Centre Head Office Date Feb 2011

More information

PSN Protective Monitoring. Service Definition

PSN Protective Monitoring. Service Definition PSN Protective Monitoring Service Definition Issue Number V3.0 Document Date 29 September 2015 Author: R.N. Connor Classification UNCLASSIFIED Version G-Cloud 7 2015 Copyright Tenian Limited. All rights

More information

ICT and Information Security Resources

ICT and Information Security Resources Methods GCloud Service Definition ICT and Information Security Resources HEAD OFFICE: 125 Shaftesbury Avenue, London WC2H 8AD Scottish Office: Exchange Place 2, 5 Semple Street, Edinburgh, EH3 8BL t: +44

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

BCS Specialist Certificate in Service Desk & Incident Management Syllabus

BCS Specialist Certificate in Service Desk & Incident Management Syllabus BCS Specialist Certificate in Service Desk & Incident Management Syllabus Version 1.8 March 2015 BCS Specialist Certificate in Service Desk & Incident Management Syllabus Contents Change History... 2 Rationale...

More information

SCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services

SCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services SCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services Contents 1 Introduction...2 2 IA, CLAS Consulting and CHECK Testing...3 3 Information Assurance...4 4 Accreditation...5

More information

ISO 27001 Information Security Management Services (Lot 4)

ISO 27001 Information Security Management Services (Lot 4) ISO 27001 Information Security Management Services (Lot 4) CONTENTS 1. WHY LEICESTERSHIRE HEALTH INFORMATICS SERVICE?... 3 2. LHIS TECHNICAL ASSURANCE SERVICES... 3 3. SERVICE OVERVIEW... 4 4. EXPERIENCE...

More information

Informatics: The future. An organisational summary

Informatics: The future. An organisational summary Informatics: The future An organisational summary DH INFORMATION READER BOX Policy HR/Workforce Management Planning/Performance Clinical Document Purpose Commissioner Development Provider Development Improvement

More information

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis An analogue approach to a digital world What foundations is CDCAT built on?

More information

Procurement Capability Standards

Procurement Capability Standards IPAA PROFESSIONAL CAPABILITIES PROJECT Procurement Capability Standards Definition Professional Role Procurement is the process of acquiring goods and/or services. It can include: identifying a procurement

More information

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 1.0, Issue Date: 05/02/201405/02/2014. Classification: Open

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 1.0, Issue Date: 05/02/201405/02/2014. Classification: Open Protective Monitoring as a Service Version: 1.0, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this

More information

Role Profile. Leasehold Co-ordinator (LSE) - Career Ladder: Customer Services. - Level: Level 4. - Function: Leasehold

Role Profile. Leasehold Co-ordinator (LSE) - Career Ladder: Customer Services. - Level: Level 4. - Function: Leasehold Role Profile Role Title: Directorate: Department: Team: Leasehold Co-ordinator (LSE) Resident Services Local Services Regional Role Identifiers: - Career Ladder: Customer Services - Level: Level 4 - Function:

More information

POSITION DESCRIPTION, PERFORMANCE MEASURES AND TARGETS

POSITION DESCRIPTION, PERFORMANCE MEASURES AND TARGETS POSITION DESCRIPTION, PERFORMANCE MEASURES AND TARGETS Attachment 1 Position Title: Programs & Client Relations Manager Responsible to: Chief Executive Officer Responsibility: Programs Management and Client

More information

Top Tips for Every Government Security Lead By Paddy Keating

Top Tips for Every Government Security Lead By Paddy Keating www.ascentor.co.uk Top Tips for Every Government Security Lead By Paddy Keating The growing importance of the security lead role In light of the UK Cyber Security Strategy and increasing cyber threat,

More information

Kevin Holland Public Sector Service Management Consultant @ITILspecialist. All copyrights acknowledged

Kevin Holland Public Sector Service Management Consultant @ITILspecialist. All copyrights acknowledged Kevin Holland Public Sector Service Management Consultant @ITILspecialist All copyrights acknowledged My credentials 9.5 years as a Service Management Specialist for the in house Service Integrator of

More information

{Add company name} {Add geographical location} {Add/edit as required} Enterprise Architect. {Add local information}

{Add company name} {Add geographical location} {Add/edit as required} Enterprise Architect. {Add local information} Job Description Business Analyst Organisation: Location: Reports to: Supervises: Working conditions: Last updated: {Add company name} {Add geographical location} {Add/edit as required} Enterprise Architect

More information

DIGITAL FORENSICS AND CYBER INCIDENT RESPONSE SERVICES

DIGITAL FORENSICS AND CYBER INCIDENT RESPONSE SERVICES G Cloud IV Framework Lot 4 DIGITAL FORENSICS AND CYBER INCIDENT RESPONSE SERVICES Service Description - ANSEC IA Limited CONTENTS 1 Company Profile. 2 The ANSEC Effect 3 Qualifications 4 Service Description..

More information

Chief Information Officer

Chief Information Officer Security manager Job description Job title Security manager Location Wellington Group Organisation Development Business unit / team IT Solutions Grade and salary range Pay Group 1, Pay Band 6 Reports to

More information

How to gain accreditation for a G-Cloud Service

How to gain accreditation for a G-Cloud Service www.ascentor.co.uk How to gain accreditation for a G-Cloud Service Demystify the process As a registered supplier of G-Cloud services you will be keenly aware that getting onto the G-Cloud framework does

More information

Security Consultants / Security Managed Services

Security Consultants / Security Managed Services Security Consultants / Security Managed Services Service Definition Document for G-Cloudv7 Services October 2015 Table of Contents Service Overview...3 Our Approach... 3 Features... 3 Benefits... 4 ON-BOARDING

More information

CPA SECURITY CHARACTERISTIC DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES

CPA SECURITY CHARACTERISTIC DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES CPA SECURITY CHARACTERISTIC DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Version 1.1 Crown Copyright 2016 All Rights Reserved 44335885 Page 1 of 6 About this document This document describes the features,

More information

CESG ASSURED SERVICE CAS SERVICE REQUIREMENT SANITISATION

CESG ASSURED SERVICE CAS SERVICE REQUIREMENT SANITISATION CESG ASSURED SERVICE CAS SERVICE REQUIREMENT SANITISATION Version 2.0 Crown Copyright 2014 All Rights Reserved Page 1 Document History Version Date Description 0.1 June 2012 Initial Draft Version (CAS

More information

Certificate IV in Business Administration

Certificate IV in Business Administration Skilling Victorian Guarantee Certificate IV in Business Administration (BSB40507) accredited online training Accredited Online Training Pty Ltd > ABN 84 105 938 476 > RTO #131102 > 283-289 Draper St >

More information

StepChange Debt Charity response to the Money Advice Service consultation:

StepChange Debt Charity response to the Money Advice Service consultation: StepChange Debt Charity response to the Money Advice Service consultation: Achieving consistent and high quality Debt Advice. An approach to Standards and Quality Assurance for the debt advice sector March

More information

CESG Certification of Cyber Security Training Courses

CESG Certification of Cyber Security Training Courses CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security

More information

CREST EXAMINATIONS. CREST (GB) Ltd 2016 All Rights Reserved

CREST EXAMINATIONS. CREST (GB) Ltd 2016 All Rights Reserved CREST EXAMINATIONS This document and any information therein are the property of CREST and without infringement neither the whole nor any extract may be disclosed, loaned, copied or used for manufacturing,

More information

Job No. (Office Use) Directorate Corporate Services Department Programme Management Office Reports to (Job Title) If No state reason

Job No. (Office Use) Directorate Corporate Services Department Programme Management Office Reports to (Job Title) If No state reason ROLE PROFILE Transformation Programmes Manager Role Profile Job Title Transformation Programme Manager Job No. (Office Use) C6074 Grade (Office Use) Directorate Corporate Services Department Programme

More information

ESKISP6054.01 Conduct security testing, under supervision

ESKISP6054.01 Conduct security testing, under supervision Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to

More information

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review The security threat landscape is constantly changing and it is important to periodically review a business

More information

A Guide to the Cyber Essentials Scheme

A Guide to the Cyber Essentials Scheme A Guide to the Cyber Essentials Scheme Published by: CREST Tel: 0845 686-5542 Email: admin@crest-approved.org Web: http://www.crest-approved.org/ Principal Author Jane Frankland, Managing Director, Jane

More information

Suite Overview...2. Glossary...8. Functional Map.11. List of Standards..15. Youth Work Standards 16. Signposting to other Standards...

Suite Overview...2. Glossary...8. Functional Map.11. List of Standards..15. Youth Work Standards 16. Signposting to other Standards... LSI YW00 Youth Work National Occupational Standards Introduction Youth Work National Occupational Standards Introduction Contents: Suite Overview...2 Glossary......8 Functional Map.11 List of Standards..15

More information

Job Title: Business Continuity and Emergency Planning Support Officer

Job Title: Business Continuity and Emergency Planning Support Officer Date completed: 02.01.2014 Job Title: Business Continuity and Emergency Planning Support Officer Job Reference Number: P02368 Job Band: Band 4 Functional Area: Adult Operations Accountable to: Senior Operational

More information

Salary Range: Hours Per Week: 37 Flexi Monday to Friday Reference No: S136-15 Closing Date: 4.00pm on Friday 19 June 2015

Salary Range: Hours Per Week: 37 Flexi Monday to Friday Reference No: S136-15 Closing Date: 4.00pm on Friday 19 June 2015 Job Title: Salary Range: Location: Department: Permanent / Temporary: Police Forensic Specialist 18,933 to 34,098 per annum (LC5-9) Progression arrangements apply Lancashire Constabulary Headquarters Scientific

More information

The Proposed Quality Competency Framework for the Future Quality Professional

The Proposed Quality Competency Framework for the Future Quality Professional The Proposed Quality Competency Framework for the Future Quality Professional Ian R McKay FCQI CQP CQI Competency Project Lead 1 The CQI Definition of Quality 2 The CQI Competency Project 2012 The CQI

More information

Specialist Certificate in Business Relationship Management Syllabus. Version 1.2

Specialist Certificate in Business Relationship Management Syllabus. Version 1.2 Specialist Certificate in Business Relationship Management Syllabus Version 1.2 August 2010 Specialist Certificate in Business Relationship Management Syllabus Contents Rationale...2 Aims and Objectives...2

More information

Role Activity Grade 5 PAS Professional Officer

Role Activity Grade 5 PAS Professional Officer Role Activity Grade 5 PAS Generic Post Job Title: Market Insight Officer Title: Reporting to: Head of Market Insight School/ External & Community Relations Department: Job Family: Professional and Administrative

More information

Head of Procurement and Contracting Contracts Managers x 8

Head of Procurement and Contracting Contracts Managers x 8 JOB DESCRIPTION FINAL Job Title Position Number(s) Department Section or Service Category Manager Adult Social Care and Health ASC and Health Commissioning DESIGNATION: Responsible to: Employees directly

More information

Best Interests Assessor Senior Practitioner

Best Interests Assessor Senior Practitioner Job Title: Best Interests Assessor Senior Practitioner Job Grade: Band 5 Directorate: Adults, Health and Community Wellbeing The Role Job Reference Number: P02163 To assist with the quality checking and

More information

BCS Specialist Certificate in Business Relationship Management Syllabus. Version 1.9 March 2015

BCS Specialist Certificate in Business Relationship Management Syllabus. Version 1.9 March 2015 BCS Specialist Certificate in Business Relationship Management Syllabus Version 1.9 March 2015 BCS Specialist Certificate in Business Relationship Management Syllabus Contents Change History... 2 Rationale...

More information

Protecting Malaysia in the Connected world

Protecting Malaysia in the Connected world Protecting Malaysia in the Connected world cyber Security Company of the Year (Cybersecurity Malaysia, 2014) Most innovative information security company in Malaysia (Cybersecurity Malaysia, 2012) BAE

More information

Confident in our Future, Risk Management Policy Statement and Strategy

Confident in our Future, Risk Management Policy Statement and Strategy Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents

More information

Procuring Penetration Testing Services

Procuring Penetration Testing Services Procuring Penetration Testing Services Introduction Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat

More information

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies IT Professional Standards Information Security Discipline Sub-discipline 605 Information Security Testing and Information Assurance Methodologies December 2012 Draft Version 0.6 DOCUMENT REVIEW Document

More information

Thales Pricing Schedule for Vulnerability Assessment and Penetration Testing

Thales Pricing Schedule for Vulnerability Assessment and Penetration Testing Thales Pricing Schedule for Vulnerability Assessment and Penetration Testing Thales Pricing Schedule for Vulnerability Assessment and Penetration Testing April 2014 Page 1 of 8 Thales Pricing Schedule

More information

JOB DESCRIPTION Facilities Manager Soft Services. RESPONSIBLE FOR: Team Leaders and Contract Support staff

JOB DESCRIPTION Facilities Manager Soft Services. RESPONSIBLE FOR: Team Leaders and Contract Support staff JOB DESCRIPTION Facilities Manager Soft Services DIRECTORATE: Merlin Works DEPARTMENT: Facilities Management SALARY: 44,880 RESPONSIBLE TO: Head of Facilities Management RESPONSIBLE FOR: Team Leaders and

More information

Thales Service Definition for Cyber Incident Response - Critical 48 for Cloud Services

Thales Service Definition for Cyber Incident Response - Critical 48 for Cloud Services Thales Service Definition for Cyber Incident Response - Critical Thales Service Definition for Cyber Incident Response - Critical for Cloud Services April 2014 Page 1 of 7 Thales Service Definition for

More information

Check. They re Chartered. Chartered Project Managers

Check. They re Chartered. Chartered Project Managers Check. They re Chartered. Chartered Project Managers The Society of Chartered Surveyors Ireland is the leading organisation of its kind in Ireland for professionals working in the property, land and construction

More information

Internal Audit Division

Internal Audit Division Internal Audit Division at the Financial Conduct Authority Information Pack April 2013 Contents of Information Pack A. Introduction B. Internal Audit Terms of Reference C. Organisation D. Skills and Competencies

More information

FNS40310 Certificate IV in Personal Injury Management (Claims Management)

FNS40310 Certificate IV in Personal Injury Management (Claims Management) FNS40310 Certificate IV in Personal Injury Management (Claims Management) Release 2 FNS40310 Certificate IV in Personal Injury Management (Claims Management) Modification History Release Release 2 Release

More information

Works closely with all members of the Training and Consultancy team, and the wider Operations, Fundraising and Marketing directorate.

Works closely with all members of the Training and Consultancy team, and the wider Operations, Fundraising and Marketing directorate. Job description Training Officer Main purpose of job The main purpose of this role is to co-ordinate the department s training and marketing activities provide market intelligence to the Training team

More information

CPA SECURITY CHARACTERISTIC DATA SANITISATION - FLASH BASED STORAGE

CPA SECURITY CHARACTERISTIC DATA SANITISATION - FLASH BASED STORAGE 12040940 CPA SECURITY CHARACTERISTIC DATA SANITISATION - FLASH BASED STORAGE Version 0.3 Crown Copyright 2012 All Rights Reserved CPA Security Characteristics for Data Sanitisation - Flash Based Storage

More information

Relationship Manager (Banking) Assessment Plan

Relationship Manager (Banking) Assessment Plan 1. Introduction and Overview Relationship Manager (Banking) Assessment Plan The Relationship Manager (Banking) is an apprenticeship that takes 3-4 years to complete and is at a Level 6. It forms a key

More information

UK Government IA Recent Changes and Update

UK Government IA Recent Changes and Update UK Government IA Recent Changes and Update INTRODUCTION Agenda Part 1 Government IA and Cyber Security Background Quick Threat Update UK Government Cyber Security Initiative Government Asset Control in

More information

PROJECT MANAGER POSITION DESCRIPTION

PROJECT MANAGER POSITION DESCRIPTION Position Title: Project Manager Position Number: Faculty/Division: Services & Resources Classification: HE09 No. Direct Reports & Highest Classified Position: N/A School/Branch: Technology Services FTE:

More information

G-Cloud III Services Service Definition Accenture Cloud Security Services

G-Cloud III Services Service Definition Accenture Cloud Security Services G-Cloud III Services Service Definition Accenture Cloud Security Services 1 Table of contents 1. Scope of our services... 3 2. Approach... 3 3. Assets and tools... 4 4. Outcomes... 5 5. Pricing... 5 6.

More information

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open Protective Monitoring as a Service Version: 2.1, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201416/12/2014. Other than for the sole purpose of evaluating

More information

Release 2. FNS51312 Diploma of Life Insurance

Release 2. FNS51312 Diploma of Life Insurance Release 2 FNS51312 Diploma of Life Insurance FNS51312 Diploma of Life Insurance Modification History Release Release 2 Release 1 Comments This version released with FNS10 Financial Services Training Package

More information

Guide to Developing a Quality Improvement Plan

Guide to Developing a Quality Improvement Plan 4 Guide to Developing a Quality Improvement Plan September 2013 Copyright The details of the relevant licence conditions are available on the Creative Commons website (accessible using the links provided)

More information

Release: 1. FNS51312 Diploma of Life Insurance

Release: 1. FNS51312 Diploma of Life Insurance Release: 1 FNS51312 Diploma of Life Insurance FNS51312 Diploma of Life Insurance Modification History Version Release 1 Comments This Qualification first released with FNS10 Financial Services Training

More information

Information Governance Management Framework

Information Governance Management Framework Information Governance Management Framework Responsible Officer Author Business Planning & Resources Director Governance Manager Date effective from October 2015 Date last amended October 2015 Review date

More information

Job Title: Service Desk Manager Location: To be based on any site on which Leeds City College operates Vacancy Ref No:

Job Title: Service Desk Manager Location: To be based on any site on which Leeds City College operates Vacancy Ref No: Job Description Job Title: Service Desk Manager Location: To be based on any site on which Leeds City College operates Vacancy Ref No: ER035 Salary: Grade LM1(Points 32-35) Commencing 31,006 with progression

More information

POSITION PROFILE. Classification: PM4 Date of evaluation: February 2010 Date Reviewed: March 2012

POSITION PROFILE. Classification: PM4 Date of evaluation: February 2010 Date Reviewed: March 2012 POSITION PROFILE Position Title: Infrastructure Position Number: 125692 / Leader: Service Delivery Business Unit: Location: Service Delivery Brisbane Classification: PM4 Date of evaluation: February 2010

More information

BSB40812 Certificate IV in Frontline Management

BSB40812 Certificate IV in Frontline Management BSB40812 Certificate IV in Frontline Management Course information and vocational outcomes This nationally accredited qualification reflects the role of individuals who take the first line of management

More information

BCS Specialist Certificate in Change Management Syllabus

BCS Specialist Certificate in Change Management Syllabus BCS Specialist Certificate in Change Management Syllabus Version 1.9 March 2015 BCS Specialist Certificate in Change Management Syllabus Contents Change History... 2 Rationale... 3 Aims and Objectives...

More information

Enterprise Security Architecture

Enterprise Security Architecture Enterprise Architecture -driven security April 2012 Agenda Facilities and safety information Introduction Overview of the problem Introducing security architecture The SABSA approach A worked example architecture

More information

Inquilab Housing Association. Job Profile

Inquilab Housing Association. Job Profile Inquilab Housing Association Job Profile Post: Salary Scale: Reporting to: Governance and Research Officer c 32,640, pa plus up to 10% PRP Head of Governance JOB PURPOSE: To oversee and support the governance

More information

Derbyshire Trading Standards Service Quality Manual

Derbyshire Trading Standards Service Quality Manual Derbyshire Trading Standards Service Quality Manual This Quality Manual has been developed to give a broad outline of how the Trading Standards Division s range of services comply with the requirements

More information

NOS. Supply Chain Management Occupational Standards

NOS. Supply Chain Management Occupational Standards NOS National Supply Chain Management Occupational Standards Contents Unit Supply Chain Management National Occupational Standards - Technical T1 Maintain operational relationships within the supply chain

More information

HMG Security Policy Framework

HMG Security Policy Framework HMG Security Policy Framework Security Policy Framework 3 Foreword Sir Jeremy Heywood, Cabinet Secretary Chair of the Official Committee on Security (SO) As Cabinet Secretary, I have a good overview of

More information

CESG CIR SCHEME AND CREST CSIR SCHEME FREQUENTLY ASKED QUESTIONS

CESG CIR SCHEME AND CREST CSIR SCHEME FREQUENTLY ASKED QUESTIONS CESG CIR SCHEME AND CREST CSIR SCHEME FREQUENTLY ASKED QUESTIONS QUESTION General What is the Cyber Security Incident Response (CSIR) Scheme? What is the Cyber Incident Response (CIR) scheme? Why have

More information

Corporate Governance and Risk Management Agenda

Corporate Governance and Risk Management Agenda Policy Paper Corporate Governance and Risk Management Agenda Introduction This Agenda sets out the corporate governance and risk management principles and aims which inform and guide the work of ACCA s

More information

Corporate Services Directorate Number of staff responsible for 7 Budget responsibility ( )

Corporate Services Directorate Number of staff responsible for 7 Budget responsibility ( ) Role Profile template Job Title Service Desk Manager Barnet Band and scale range BBB 47-50 Reports to Head of IS Service area Corporate Services Directorate Number of staff responsible for 7 Budget responsibility

More information

Statement of Procurement Conduct

Statement of Procurement Conduct Statement of Procurement Conduct December 2014 Copyright of Western Power Any use of this material except in accordance with a written agreement with Western Power is prohibited. Introduction Western Power

More information

Using PRINCE2 and MSP Together

Using PRINCE2 and MSP Together Using PRINCE2 and MSP Together Andy Murray, Director, Outperform White Paper October 2010 2 Using PRINCE2 and MSP Together Contents 1 Purpose of this White Paper 3 2 Project and programme management context

More information

Gateway review guidebook. for project owners and review teams

Gateway review guidebook. for project owners and review teams Gateway review guidebook for project owners and review teams The State of Queensland (Queensland Treasury and Trade) 2013. First published by the Queensland Government, Department of Infrastructure and

More information

Mapping the Technical Dependencies of Information Assets

Mapping the Technical Dependencies of Information Assets Mapping the Technical Dependencies of Information Assets This guidance relates to: Stage 1: Plan for action Stage 2: Define your digital continuity requirements Stage 3: Assess and manage risks to digital

More information

MSS40111 Certificate IV in Sustainable Operations

MSS40111 Certificate IV in Sustainable Operations MSS40111 Certificate IV in Sustainable Operations Release: 2 MSS40111 Certificate IV in Sustainable Operations Modification History Release 2: Imported competitive manufacturing units replaced with competitive

More information

Derbyshire Constabulary

Derbyshire Constabulary h Derbyshire Constabulary Job Description Closing Date Wednesday 28 October 205 at midday HR Service Centre Contact Rachael Stone Tel int 733 00 Extl 0300 330 330 Role Title Technical Support Manager Grade

More information

CPS SECURITY & INFORMATION RISK MANAGEMENT POLICY CPS SECURITY & INFORMATION RISK MANAGEMENT POLICY 2013-2014

CPS SECURITY & INFORMATION RISK MANAGEMENT POLICY CPS SECURITY & INFORMATION RISK MANAGEMENT POLICY 2013-2014 CPS SECURITY & INFORMATION RISK MANAGEMENT POLICY 2013-2014 1 Version 1.0 CONTENTS Security Risks 3 Information Assurance Risk 3 Spreading Best Practice 3 Reporting Risks Upwards 4 Typical Risk Escalation

More information

PA Consulting Group SFIA Rate_Card G-Cloud IV - Business Intelligence and Advanced Analytics. Business Intelligence and Advanced Analytics

PA Consulting Group SFIA Rate_Card G-Cloud IV - Business Intelligence and Advanced Analytics. Business Intelligence and Advanced Analytics PA Consulting Group SFIA Rate_Card G-Cloud IV - Business Intelligence and Advanced Analytics Business Intelligence and Advanced Analytics 1. Follow N/A 2. Assist 650-850 3. Apply 850 950 4. Enable 950-1,150

More information

Attribute 1: COMMUNICATION

Attribute 1: COMMUNICATION The positive are intended for use as a guide only and are not exhaustive. Not ALL will be applicable to ALL roles within a grade and in some cases may be appropriate to a Attribute 1: COMMUNICATION Level

More information