ESKITP6026 IT Security Management Level 6 Role

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "ESKITP6026 IT Security Management Level 6 Role"

Transcription

1 Overview This sub-discipline is about the competencies required to ensure the security of all aspects of Information Technology services, systems and assets within an organisation. This includes the data, information, processes, people and other resources needed to ensure that Information Technology can operate. ESKITP6026 1

2 Performance criteria You must be able to: Implement the strategy for IT/Technology Security P1 P2 P3 Design, implement and maintain effective and appropriate standards relating to IT/technology security management activities Develop, implement and maintain effective business processes to ensure the security of data, knowledge, information and IT/technology systems, services and assets both with an organisation and also as it is exchanged between it and external bodies and individuals Manage the effective implementation and operation of IT/technology security controls and mechanisms for the organisation Direct the management of IT/Technology security You must be able to: P4 P5 P6 P7 P8 P9 Identify and manage all necessary actions required to mitigate against potential security threats and in the event of IT/technology breaches Verify IT/technology security controls and mechanisms for accuracy, currency, completeness, effectiveness and relevance Make timely decisions in the event of IT/technology security breaches, on actions to be taken to mitigate and contain their impact Make decisions as to the most effective IT/technology security controls and mechanisms to use in order to contain and mitigate against risks, threats and vulnerabilities, applying own judgement and experience Manage the planning and scheduling of regular testing of IT/technology security controls and mechanisms within the organisation Routinely identify opportunities to improve the effectiveness of IT/technology security within an organisation You must be able to: Provide direction to improve IT/technology security P10 Develop suitable and comprehensive communications, education and training for the organisation relating to the effective security of IT/technology systems, services and assets and/or information within them P11 Advise and guide others internally and externally as appropriate, on the security of IT/technology services, systems and assets and the information with them ESKITP6026 2

3 Knowledge and understanding You need to know and understand: Implement the strategy for IT/technology Security K1 Identify/select: K1.1 the actions that may be taken to mitigate against potential security threats K1.2 the actions that may be taken in the event of IT/technology breaches K1.3 the actions that may be taken in the event of IT/technology security activities not meeting the business needs K1.4 when and how to use external providers of IT/technology security services K1.5 which external providers of IT/technology security services to use K1.6 opportunities to improve the effectiveness of IT/technology security within an organisation K2 Verify IT and other technology security controls and mechanisms for accuracy, currency, completeness, effectiveness and relevance K3 Implement and maintain: K3.1 standards relating to IT and other technology security management activities K3.2 strategy and policies to ensure the alignment of IT and other technology security management activities and their deliverables with all relevant regulation and external standards K3.3 business processes and procedures to ensure the security of information data, knowledge and IT/technology systems, services and assets both within an organisation and also as it is exchanged between it and external bodies and individuals K4 Manage the effective implementation: K4.1 and operation of IT and other technology security controls and mechanisms K4.2 of processes and procedures to ensure the security of data, knowledge, information and IT/technology systems, services and assets as used both within an organisation and also as it is exchanged between it and external bodies and individuals K5 Design/develop: K5.1 standards relating to IT and other technology security management activities K5.2 strategy and policies to ensure the alignment of IT/technology security management activities and their deliverables with all relevant legislation, regulations and external standards K5.3 the processes, tools and techniques to monitor the alignment of IT/technology security management activities and their deliverables with all relevant legislation, regulations and external standards K5.4 the implementation and use of IT and other technology security controls, mechanisms and procedures to meet business needs K5.5 business processes and procedures to ensure the security of data, knowledge, information and IT/technology systems, services and assets both within an organisation and also as it is exchanged between it and external bodies and individuals K6 Negotiate with external providers of IT/technology security services ESKITP6026 3

4 K7 Authorise/agree/contract: K7.1 Actions K7.2 Approaches K7.3 Proposals K7.4 strategy, policies, plans, procedures, standards, methods, tools and techniques K8 authorise contractual arrangements with external providers of IT/technology security services Direct the management of IT/technology security You need to know and understand: K9 Manage: K9.1 the planning and scheduling of regular testing of IT/technology security controls and mechanisms K9.2 issues arising as a result of IT and other technology security management activities K9.3 issues arising in the event of a breach of IT/technology security controls and mechanisms K10 Review: K10.1 the effectiveness and quality of IT and other technology security management activities and their deliverables in supporting the business needs K10.2 the effectiveness of business processes, tools and techniques relevant to the management of the security of IT/technology K10.3 compliance with all IT/technology security strategy, policies, plans, procedures and standards within the organisation K11 Recommend proposals for IT/technology security that balance the need for security with the need for the business to operate efficiently and effectively K12 Review how to improve the effectiveness of IT/technology security within an organisation K13 Monitor the effectiveness and quality of external providers of IT/technology security services K14 Make decisions: K14.1 in the event of IT/technology security breaches, on actions to be taken to mitigate and contain their impact K14.2 on when and how to use external providers of IT and other technology security management services K14.3 on the external providers of IT/technology security management services to use K14.4 on how to apply internal and external criteria, business requirements and other information in order to design, develop and implement IT/technology security K14.5 as to the most effective IT/technology security controls and mechanisms to use in order to contain and mitigate against risks, threats and vulnerabilities Provide direction to improve IT/technology security K15 Design/develop communications, education and training to the organisation relating to the effective security of IT/technology systems, ESKITP6026 4

5 You need to know and understand: services and assets and /or information within them K16 Communicate/liaise with sponsors, stakeholders and external bodies and individuals in the event of a suspected or actual breach of IT/technology security both within an organisation and also as it is communicated to and from an organisation K17 Advise and guide others: K17.1 on all aspects of IT and other technology security management activities and their deliverables K17.2 on internally and externally as appropriate, on the security of IT/technology services, systems and assets and the information within them K17.3 on best practice in IT/technology security K17.4 on the appropriateness of the use of external providers of IT/technology security services K18 Advise on actions to be taken in the event of IT/technology security breaches ESKITP6026 5

6 Developed by e-skills UK Version number 1 Date approved September 2009 Indicative review date Validity Status Originating organisation March 2014 Current Original e-skills UK Original URN 6026 Relevant occupations Suite Key words Application Support; Systems Support; Information and Communication Technology; Database Administration IT and Telecoms System security; Data security; Data protection ESKITP6026 6

ESKITP6036 IT Disaster Recovery Level 5 Role

ESKITP6036 IT Disaster Recovery Level 5 Role Overview This sub-discipline is about the competencies required in order to manage all aspect of Disaster Recovery (DR), as it applies to IT within an organisation. ESKITP6036 1 Performance criteria You

More information

ESKITP6034 IT Disaster Recovery Level 4 Role

ESKITP6034 IT Disaster Recovery Level 4 Role Overview This sub-discipline is about the competencies required in order to manage all aspect of Disaster Recovery (DR), as it applies to IT within an organisation. ESKITP6034 1 Performance criteria You

More information

ESKITP6032 IT Disaster Recovery Level 2 Role

ESKITP6032 IT Disaster Recovery Level 2 Role Overview This sub-discipline is about the competencies required in order to manage all aspect of Disaster Recovery (DR), as it applies to IT within an. ESKITP6032 1 Performance criteria You must be able

More information

ESKISP6056.01 Direct security testing

ESKISP6056.01 Direct security testing Direct security testing Overview This standard covers the competencies concerning with directing security testing activities. It includes setting the strategy and policies for security testing, and being

More information

ESKITP2034.03 Assist in the preparation of change management plans and assignments for IT enabled systems 1

ESKITP2034.03 Assist in the preparation of change management plans and assignments for IT enabled systems 1 Assist in the preparation of change management plans and assignments for IT Overview This sub-discipline, Change Management (203) is concerned with the competencies required to manage the introduction

More information

ESKISP6046.02 Direct security architecture development

ESKISP6046.02 Direct security architecture development Overview This standard covers the competencies concerned with directing security architecture activities. It includes setting the strategy and policies for security architecture, and being fully accountable

More information

Contribute to IT architecture work

Contribute to IT architecture work Overview This sub-discipline is concerned with the competencies required to create, maintain and manage IT architecture models representing the operating model for an organisation and their lower level

More information

ESKITP7026 IT/Technology Service Help Desk and Incident Management Level 6 Role

ESKITP7026 IT/Technology Service Help Desk and Incident Management Level 6 Role IT/Technology Service Help Desk and Incident Management Level 6 Role Overview This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services

More information

ESKITP7025 IT/Technology Service Help Desk and Incident Management Level 5 Role

ESKITP7025 IT/Technology Service Help Desk and Incident Management Level 5 Role IT/Technology Service Help Desk and Incident Management Level 5 Role Overview This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services

More information

ESKITP2035.01 Identify change management opportunities and options for IT enabled systems 1

ESKITP2035.01 Identify change management opportunities and options for IT enabled systems 1 Identify change management opportunities and options for IT enabled Overview This sub-discipline, Change Management (203) is concerned with the competencies required to manage the introduction of business

More information

ESKITP714601 Authorise strategy, policies and standards relating to IT service delivery performance metrics management

ESKITP714601 Authorise strategy, policies and standards relating to IT service delivery performance metrics management service delivery performance metrics Overview This sub-discipline covers the competencies required to direct the monitoring, analysis and communication of IT service delivery performance metrics. Monitoring

More information

ESKITP714401 Implement procedures and standards relating to metrics for IT service delivery

ESKITP714401 Implement procedures and standards relating to metrics for IT service delivery Overview This sub-discipline covers the competencies required to perform performance metrics. Monitoring service level performance is a complex task requiring collection of data, detailed analysis, and

More information

702 IT/Technology Service Help Desk and Incident Management

702 IT/Technology Service Help Desk and Incident Management 702 IT/Technology Service Help Desk and Incident Management This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services and assets,

More information

ESKITP7102 IT/Technology Asset and Configuration Management Level 2 Role

ESKITP7102 IT/Technology Asset and Configuration Management Level 2 Role IT/Technology Asset and Configuration Management Level 2 Role Overview This sub-discipline is about the competencies required to maintain the integrity and consistency of the IT/technology configuration

More information

ESKITP2035.02 Design and implement change management plans for IT enabled systems 1

ESKITP2035.02 Design and implement change management plans for IT enabled systems 1 Design and implement change management plans for IT enabled systems Overview This sub-discipline, Change Management (203) is concerned with the competencies required to manage the introduction of business

More information

ESKITP5065 Software Development Process Improvement Level 5 Role

ESKITP5065 Software Development Process Improvement Level 5 Role Software Development Process Improvement Level 5 Role Overview This sub-discipline covers the competencies required by an information technology and/or telecoms organisation to ensure that appropriate

More information

ESKITP7072 IT/Technology Capacity Management Level 2 Role

ESKITP7072 IT/Technology Capacity Management Level 2 Role Overview This sub-discipline is about the competencies required to manage the capacity of IT/technology services, systems and assets that support an organisation. Capacity management covers a range of

More information

ESKISP6054.01 Conduct security testing, under supervision

ESKISP6054.01 Conduct security testing, under supervision Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to

More information

ESKITP6033 IT Disaster Recovery Level 3 Role

ESKITP6033 IT Disaster Recovery Level 3 Role Overview This sub-discipline is about the competencies required in order to manage all aspect of Disaster Recovery (DR), as it applies to IT within an. ESKITP6033 1 Performance criteria You must be able

More information

ESKISP6055.01 Manage security testing

ESKISP6055.01 Manage security testing Overview This standard covers the competencies concerning with managing security testing activities. Including managing resources activities and deliverables. This includes planning, conducting and reporting

More information

Overview TECHIS60851. Manage information security business resilience activities

Overview TECHIS60851. Manage information security business resilience activities Overview Information security business resilience encompasses business continuity and disaster recovery from information security threats. As well as addressing the consequences of a major security incident,

More information

ESKITP5064 Software Development Process Improvement Level 4 Role

ESKITP5064 Software Development Process Improvement Level 4 Role Software Development Process Improvement Level 4 Role Overview This sub-discipline covers the competencies required by an information technology and/or telecoms organisation to ensure that appropriate

More information

ESKITP4082 IT/Technology Infrastructure Design and Planning Level 2 Role

ESKITP4082 IT/Technology Infrastructure Design and Planning Level 2 Role IT/Technology Infrastructure Design and Planning Level 2 Role Overview This sub-discipline is part of overall service design. It concerns the design of, and planning for, resilient IT/ technology infrastructure

More information

Service Management. 702 IT/Technology Service Help Desk and Incident Management

Service Management. 702 IT/Technology Service Help Desk and Incident Management 702 IT/Technology Service Help Desk and Incident Management This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services and assets,

More information

ESKISP6064.03 Conducts vulnerability assessment under supervision

ESKISP6064.03 Conducts vulnerability assessment under supervision Conducts vulnerability assessment under supervision Overview This standard covers the competencies required to conduct vulnerability assessments under supervision. This includes following processes for

More information

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies IT Professional Standards Information Security Discipline Sub-discipline 605 Information Security Testing and Information Assurance Methodologies December 2012 Draft Version 0.6 DOCUMENT REVIEW Document

More information

ESKITP5023 Software Development Level 3 Role

ESKITP5023 Software Development Level 3 Role Overview This sub discipline covers the core competencies required to create software to address the needs of business problems and opportunities, resulting in a variety of software solutions, ranging

More information

ESKITP7145.01 Manage IT service delivery performance metrics

ESKITP7145.01 Manage IT service delivery performance metrics Overview This sub-discipline covers the competencies required to manage the monitoring, analysis and communication of IT service delivery performance metrics. Monitoring service level performance is a

More information

ESKISP6053.01 Assist security testing, under supervision

ESKISP6053.01 Assist security testing, under supervision Overview This standard covers the competencies required to assist security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to

More information

Overview TECHIS60241. Carry out risk assessment and management activities

Overview TECHIS60241. Carry out risk assessment and management activities Overview Information in all its forms is a vital component of the digital environment in which we live and work. The protection of information in its physical form is well understood but the protection

More information

ESKITP7052 IT/Technology Management and Support Level 2 Role

ESKITP7052 IT/Technology Management and Support Level 2 Role Overview This sub-discipline is about the competencies required to ensure that the infrastructure required to support the delivery of IT/technology systems, services and assets for an organisation remain

More information

ESKITP7022 IT/Technology Service Help Desk and Incident Management Level 2 Role

ESKITP7022 IT/Technology Service Help Desk and Incident Management Level 2 Role IT/Technology Service Help Desk and Incident Management Level 2 Role Overview This sub-discipline is about the competencies required to manage the contacts made by customers of IT/technology systems, services

More information

Overview TECHIS60441. Carry out security testing activities

Overview TECHIS60441. Carry out security testing activities Overview Information, services and systems can be attacked in various ways. Understanding the technical and social perspectives, how attacks work, the technologies and approaches used are key to being

More information

ESKITP7042 IT Application Management / Support Level 2 Role

ESKITP7042 IT Application Management / Support Level 2 Role Overview This sub-discipline is about the competencies required to ensure that application systems/services that support specific business functions and processes for an organisation remain available,

More information

ESKITP5022 Software Development Level 2 Role

ESKITP5022 Software Development Level 2 Role Overview This sub discipline covers the core competencies required to create software to address the needs of business problems and opportunities, resulting in a variety of software solutions, ranging

More information

ESKITP7082 Change and Release Management Level 2 role

ESKITP7082 Change and Release Management Level 2 role Overview This sub-discipline is about the competencies required for the management of changes required to the operational IT/technology configuration and environment in which it operates. The competencies

More information

Overview COSCSMO10. Implement, monitor and control strategic procurement systems in construction management

Overview COSCSMO10. Implement, monitor and control strategic procurement systems in construction management Overview This standard is about agreeing and implementing with stakeholders what systems are most effective for managing the project. The systems identified will need to be prioritised and formalised if

More information

{Add company name} {Add geographical location} {Add/edit as required} Enterprise Architect. {Add local information}

{Add company name} {Add geographical location} {Add/edit as required} Enterprise Architect. {Add local information} Job Description Business Analyst Organisation: Location: Reports to: Supervises: Working conditions: Last updated: {Add company name} {Add geographical location} {Add/edit as required} Enterprise Architect

More information

Overview TECHIS60341. Carry out security architecture and operations activities

Overview TECHIS60341. Carry out security architecture and operations activities Overview The protection of information, services and systems relies on a range of technical and procedural activities, often grouped in a framework. The framework will contain technical and logical, physical

More information

FSPBA8 SQA Unit Code H5FA 04 Process the transfer of foreign currency

FSPBA8 SQA Unit Code H5FA 04 Process the transfer of foreign currency Overview This unit is about your ability to process the transfer of all types of foreign currency in accordance with your organisation's requirements. You will need to operate currency accounts and arrange

More information

ESKICAS1 Computerised accounting software

ESKICAS1 Computerised accounting software Overview This is the ability to select and use a computerised accounting or bookkeeping software application to input and process data for orders and invoices, receipts and payments and prepare management

More information

COSCSMO10 - SQA Unit Code FM1W 04 Implement strategic sourcing partnerships

COSCSMO10 - SQA Unit Code FM1W 04 Implement strategic sourcing partnerships Overview This Unit is about identifying and agreeing with the stakeholders what systems are most effective for managing the project. The systems identified will need to be prioritised and formalised if

More information

ESKIDMS1 Database management software

ESKIDMS1 Database management software Overview This is the ability to use a software application designed to store and retrieve data needed for a variety of business functions. It also includes an understanding of the features and facilities

More information

ESKITP5022v2 Perform software development activities under direction

ESKITP5022v2 Perform software development activities under direction Perform development activities under direction Overview This sub discipline covers the core competencies required to create to address business problems and realise opportunities, resulting in a variety

More information

ESKIPU1 Improving productivity using IT

ESKIPU1 Improving productivity using IT Overview This is the ability to plan, evaluate and improve procedures involving the use of IT tools and systems in order to improve the productivity and efficiency of tasks and activities. ESKIPU1 1 Performance

More information

CFACC29 Develop and enhance performance management in a contact centre

CFACC29 Develop and enhance performance management in a contact centre Develop and enhance performance management in a contact centre Overview What this standard is about Efficiency and effectiveness in contact centres rely on close management of performance. With defined

More information

CCSAPAB2 Develop and agree objectives for archaeological projects

CCSAPAB2 Develop and agree objectives for archaeological projects Develop and agree objectives for archaeological projects Overview This standard is relevant to archaeologists responsible for the development of projects on behalf of clients and the agreement of contracts

More information

Information Security Management System (ISMS) Policy

Information Security Management System (ISMS) Policy Information Security Management System (ISMS) Policy April 2015 Version 1.0 Version History Version Date Detail Author 0.1 18/02/2015 First draft Andy Turton 0.2 20/02/2015 Updated following feedback from

More information

CFASAA231 - Sqa Unit Code H4RT 04 Use IT to support your role

CFASAA231 - Sqa Unit Code H4RT 04 Use IT to support your role CFASAA231 - Sqa Unit Code H4RT 04 Overview Handle files, edit, format and check information, search for and use email. This is based on the e-skills UK Areas of Competence export units: General Uses of

More information

Securing Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement.

Securing Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement. Securing Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement June 2011 DISCLAIMER: This document is intended as a general guide only.

More information

INFORMATION SECURITY POLICY

INFORMATION SECURITY POLICY INFORMATION SECURITY POLICY INFORMATION SECURITY POLICY ISO 27002 5.1 Author: Owner: Organisation: Chris Stone Ruskwig TruePersona Ltd Document No: SP- 5.1 Version No: 1.0 Date: 10 th January 2010 Copyright

More information

ESKITP7146.01 Authorise strategy, policies and standards relating to IT service delivery performance metrics management

ESKITP7146.01 Authorise strategy, policies and standards relating to IT service delivery performance metrics management service delivery performance metrics Overview This sub-discipline covers the competencies required to direct the monitoring, analysis and communication of IT service delivery performance metrics. Monitoring

More information

SFJIB11 Provide first line money and debt legal advice

SFJIB11 Provide first line money and debt legal advice Overview This standard is about providing clients with direct money management and debt information and advice at the point of initial contact with the service. You will establish their needs and expectations

More information

INFORMATION SECURITY POLICY

INFORMATION SECURITY POLICY Information Security Policy INFORMATION SECURITY POLICY Introduction Norwood UK recognises that information and information systems are valuable assets which play a major role in supporting the companies

More information

CFAM&LBB2 Develop, maintain and evaluate business continuity plans and arrangements

CFAM&LBB2 Develop, maintain and evaluate business continuity plans and arrangements Develop, maintain and evaluate business continuity plans and arrangements Overview This standard is about developing, maintaining and evaluating business continuity plans to ensure that organisations continue

More information

ESKIWP1 Word processing software

ESKIWP1 Word processing software Overview This is the ability to use a software application designed for the creation, editing and production of largely text-based documents ESKIWP1 1 Performance criteria You must be able to: Input and

More information

BENENDEN HOSPITAL TRUST JOB DESCRIPTION

BENENDEN HOSPITAL TRUST JOB DESCRIPTION BENENDEN HOSPITAL TRUST JOB DESCRIPTION Job Title and Band: Band 5 Procurement Manager Job Holder: Key Responsibilities Contributes to the delivery of the Benenden Group procurement strategy, including

More information

Harper Adams University College. Information Security Policy

Harper Adams University College. Information Security Policy Harper Adams University College Information Security Policy Introduction The University College recognises that information and information systems are valuable assets which play a major role in supporting

More information

QUALITY MANAGEMENT SYSTEM MONITORING (TAFE)

QUALITY MANAGEMENT SYSTEM MONITORING (TAFE) PROCEDURE QUALITY MANAGEMENT SYSTEM MONITORING (TAFE) Procedure Responsibilities Definitions Related Legislation and Documents Appendix 1: Quality System Documentation Flowchart Appendix 2: Quality Improvement

More information

NOS for Data Management (801) September 2014 V1.3

NOS for Data Management (801) September 2014 V1.3 NOS for Data Management (801) September 2014 V1.3 NOS Reference ESKITP801301 ESKITP801401 ESKITP801501 ESKITP801601 NOS Title Assist in Delivering the Data Management Infrastructure to Support Data Analysis

More information

Release: 1. BSBPMG509A Manage project procurement

Release: 1. BSBPMG509A Manage project procurement Release: 1 BSBPMG509A Manage project procurement BSBPMG509A Manage project procurement Modification History Not applicable. Unit Descriptor Unit descriptor This unit describes the performance outcomes,

More information

FSPFC04 SQA Unit Code H5H2 04 Appraise applications for business financing and credit facilities

FSPFC04 SQA Unit Code H5H2 04 Appraise applications for business financing and credit facilities Appraise applications for business financing and credit facilities Overview This unit is about appraising applications for financing and/or credit facilities made by business customers. You will need to

More information

ESKIDMS3 Database management software

ESKIDMS3 Database management software Overview This is the ability to use a software application designed to store and retrieve data needed for a variety of business functions. It also includes an understanding of the features and facilities

More information

Promote security system and service sales

Promote security system and service sales Page 1 of 5 Promote security system and service sales Level 3 Credits 2 Purpose This unit standard is for people who work, or intend to work, as security system or service sales representatives, or in

More information

Key Considerations for Information Technology Governance. 900 Monroe NW Grand Rapids, MI 49503 (616) 632-8000

Key Considerations for Information Technology Governance. 900 Monroe NW Grand Rapids, MI 49503 (616) 632-8000 Key Considerations for Information Technology Governance What is IT Governance? Big Picture approach to information and data management Sets priorities: Managing performance Delivering value Managing risk

More information

Risk Management Policy

Risk Management Policy 1 Purpose Risk management relates to the culture, processes and structures directed towards the effective management of potential opportunities and adverse effects within the University s environment.

More information

Information security policy

Information security policy Information security policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSARM001 S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review of IS Policy\Current

More information

NHS HDL (2006)41 abcdefghijklm. = eé~äíü=aéé~êíãéåí= = aáêéåíçê~íé=çñ=mêáã~êó=`~êé=~åç=`çããìåáíó=`~êé

NHS HDL (2006)41 abcdefghijklm. = eé~äíü=aéé~êíãéåí= = aáêéåíçê~íé=çñ=mêáã~êó=`~êé=~åç=`çããìåáíó=`~êé NHS HDL (2006)41 abcdefghijklm = eé~äíü=aéé~êíãéåí= = aáêéåíçê~íé=çñ=mêáã~êó=`~êé=~åç=`çããìåáíó=`~êé Dear Colleague NHSSCOTLAND INFORMATION SECURITY POLICY Summary 1. NHSScotland IT Security Policy was

More information

Guidelines. London School of Economics & Political Science. Remote Access and Mobile Working Guidelines. Information Management and Technology

Guidelines. London School of Economics & Political Science. Remote Access and Mobile Working Guidelines. Information Management and Technology London School of Economics & Political Science Information Management and Technology Guidelines Remote Access and Mobile Working Guidelines Jethro Perkins Information Security Manager Summary This document

More information

Unit: CPC 506 Secure financial resources for your organisation s plans (Commissioning, Procurement and Contracting)

Unit: CPC 506 Secure financial resources for your organisation s plans (Commissioning, Procurement and Contracting) Unit: CPC 506 Secure financial resources for your organisation s plans (Commissioning, Procurement and Contracting) Key Purpose The key purpose identified for those working in commissioning, procurement

More information

FSPGI16 Process complex mid-term insurance amendments

FSPGI16 Process complex mid-term insurance amendments Overview This unit may be suitable for you only if the firm in which you work is an intermediary and you deal with complex mid term amendments. The policy may be straightforward; it is the alteration that

More information

Council Policy Business Continuity Management

Council Policy Business Continuity Management Policy Name: Business Continuity Management Council Policy Business Continuity Management ADOPTED BY COUNCIL: 19 th April 2016 DATE OF NEXT REVIEW: 18 th April 2020 RESPONSIBLE OFFICER: REFERENCES: Chief

More information

COGLS313 Provide technical support for computer application software and equipment in life sciences and related industries

COGLS313 Provide technical support for computer application software and equipment in life sciences and related industries and equipment in life sciences and Overview This standard covers the skills you need to provide technical assistance for computer application software (does not include CAD) and equipment for scientific

More information

A Guide to the Cyber Essentials Scheme

A Guide to the Cyber Essentials Scheme A Guide to the Cyber Essentials Scheme Published by: CREST Tel: 0845 686-5542 Email: admin@crest-approved.org Web: http://www.crest-approved.org/ Principal Author Jane Frankland, Managing Director, Jane

More information

Risk Management. National Occupational Standards February 2014

Risk Management. National Occupational Standards February 2014 Risk Management National Occupational Standards February 2014 Skills CFA 6 Graphite Square, Vauxhall Walk, London, SE11 5EE T: 0207 0919620 F: 0207 0917340 E: info@skillscfa.org www.skillscfa.org Skills

More information

ASTFFL6 - SQA Unit Code H54H 04 Prepare for flood damage emergencies

ASTFFL6 - SQA Unit Code H54H 04 Prepare for flood damage emergencies Overview 1 2 3 ASTFFL6 1 Performance criteria P1 P2 P3 confirm that you have the correct tools and equipment for the type of flood emergency you are likely to encounter confirm that you are authorised

More information

FNS51511 Diploma of Credit Management

FNS51511 Diploma of Credit Management FNS51511 Diploma of Credit Management Release 2 FNS51511 Diploma of Credit Management Modification History Release Release 2 Release 1 Comments Advice relating to regulatory requirements removed from the

More information

B. An intermediate user can plan and review their use of

B. An intermediate user can plan and review their use of This is the ability to plan, evaluate and improve procedures involving the use of IT tools and systems to improve the productivity and efficiency of tasks and activities. A. A foundation user can plan

More information

Preliminary Draft JOB DESCRIPTIONS AND QUALIFICATIONS OF KEY PERSONNEL. XXXXX PPP Unit

Preliminary Draft JOB DESCRIPTIONS AND QUALIFICATIONS OF KEY PERSONNEL. XXXXX PPP Unit Preliminary Draft JOB DESCRIPTIONS AND QUALIFICATIONS OF KEY PERSONNEL XXXXX PPP Unit Chief Executive Officer Job Description: The CEO is tasked with the establishment of a PPP Unit for the Government

More information

Client information note Assessment process Management systems service outline

Client information note Assessment process Management systems service outline Client information note Assessment process Management systems service outline Overview The accreditation requirements define that there are four elements to the assessment process: assessment of the system

More information

SFHAD4 Develop and disseminate information and advice about substance use, health and social well-being

SFHAD4 Develop and disseminate information and advice about substance use, health and social well-being Develop and disseminate information and advice about substance use, Overview For this standard you need to develop a range of information and advice materials to promote substance misuse services, and

More information

Contact Centre. National Occupational Standards May 2011

Contact Centre. National Occupational Standards May 2011 Contact Centre National Occupational Standards May 2011 Skills CFA 6 Graphite Square, Vauxhall Walk, London SE11 5EE T: 0207 0919620 F: 0207 0917340 Info@skillscfa.org www.skillscfa.org 2012 Skills CFA

More information

FSPITS14 - SQA Unit Code H692 04 Negotiate and determine the conditions under which risk will be underwritten in complex insurance cases

FSPITS14 - SQA Unit Code H692 04 Negotiate and determine the conditions under which risk will be underwritten in complex insurance cases Negotiate and determine the conditions under which risk will be Overview This unit is about negotiating and determining the conditions under which complex risk will be underwritten. It therefore includes

More information

Corporate Information Security Management Policy

Corporate Information Security Management Policy Corporate Information Security Management Policy Signed: Chief Executive. 1. Definition of Information Security 1.1. Information security means safeguarding information from unauthorised access or modification

More information

SFJFRSFF2 SQA Unit Code (FA6J 04) Take responsibility for effective performance in fire and rescue

SFJFRSFF2 SQA Unit Code (FA6J 04) Take responsibility for effective performance in fire and rescue Overview The standard is recommended for firefighters, control room staff, and others with a remit for community safety within fire and. This standard is about making a positive contribution to the work

More information

March 2014. Guide to the regulation of workplace defined contribution pensions

March 2014. Guide to the regulation of workplace defined contribution pensions March 2014 Guide to the regulation of workplace defined contribution pensions The Financial Conduct Authority (FCA) and The Pensions Regulator have jointly developed this guide to provide an overview of

More information

Objectives of the Project Life Cycle

Objectives of the Project Life Cycle Objectives of the Project Life Cycle 1. Consider the Project Management Life Cycle: a) Inception b) Development c) Delivery d) Handover 2. Begin thinking about the Project Management Plan The Project Life

More information

KEELE UNIVERSITY IT INFORMATION SECURITY POLICY

KEELE UNIVERSITY IT INFORMATION SECURITY POLICY Contents 1. Introduction 2. Objectives 3. Scope 4. Policy Statement 5. Legal and Contractual Requirements 6. Responsibilities 7. Policy Awareness and Disciplinary Procedures 8. Maintenance 9. Physical

More information

SFS SYS 13 (SQA Unit Code - H4GR 04) Maintain the performance of electronic security systems

SFS SYS 13 (SQA Unit Code - H4GR 04) Maintain the performance of electronic security systems Maintain the performance of electronic security systems Overview This NOS sets out the skills, knowledge and understanding for you to maintain the operational performance of electronic security systems,

More information

Recognition of Prior Learning (RPL) Kit. BSB51407 Diploma of Project Management

Recognition of Prior Learning (RPL) Kit. BSB51407 Diploma of Project Management Recognition of Prior Learning (RPL) Kit BSB51407 Diploma of Project Management Applicant: Date: Diploma of Project Management RPL Kit 1 Applicant declaration: I have completed the following RPL application

More information

ASTFM517 Implement sustainable facilities management

ASTFM517 Implement sustainable facilities management Overview This standard is for senior managers in the facilities management environment. It is about monitoring, controlling and conserving energy for the organisation with the aim of reducing cost, and

More information

SFJPE1.3 Evaluate the effectiveness of the operational delivery business process

SFJPE1.3 Evaluate the effectiveness of the operational delivery business process Evaluate the effectiveness of the operational delivery business process Overview This standard concerns evaluating the effectiveness of new and adapted business processes. The scope of work needs to address

More information

SFSMHS1 Receive mail safely and securely

SFSMHS1 Receive mail safely and securely SFSMHS1 Receive mail safely and securely Overview This standard sets out the skills, knowledge and understanding for mail handlers receiving mail of all types, doing so safely and securely, following organisational

More information

GUIDELINE NO. 22 REGULATORY AUDITS OF ENERGY BUSINESSES

GUIDELINE NO. 22 REGULATORY AUDITS OF ENERGY BUSINESSES Level 37, 2 Lonsdale Street Melbourne 3000, Australia Telephone.+61 3 9302 1300 +61 1300 664 969 Facsimile +61 3 9302 1303 GUIDELINE NO. 22 REGULATORY AUDITS OF ENERGY BUSINESSES ENERGY INDUSTRIES JANUARY

More information

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction LEEDS BECKETT UNIVERSITY Information Security Policy 1.0 Introduction 1.1 Information in all of its forms is crucial to the effective functioning and good governance of our University. We are committed

More information

Programme Manager Relationship Management System

Programme Manager Relationship Management System Programme Manager Relationship Management System Russam Ref 4573 Job Profile This document is a generic description for the role. Any specific requirements in the published advert should also be taken

More information

IMPOM208K Principles of information management in a food business

IMPOM208K Principles of information management in a food business Principles of information management in a food Overview This standard is about the principles of information management in a food. Information management is the collection of information from one or more

More information

FSPITS10 - SQA Unit Code H68X 04 Negotiate and settle complex insurance claims

FSPITS10 - SQA Unit Code H68X 04 Negotiate and settle complex insurance claims Overview This unit is about negotiating the claim according to the facts and circumstances involved and agreeing a final settlement figure. It includes obtaining formal discharge of the claim from the

More information

Reputation, Brand & Communications

Reputation, Brand & Communications Group Standard Reputation, Brand & Communications Serco is committed to building a positive reputation with its stakeholders, wherever we operate SMS-GS-BC4 Reputation, Brand and Communication December

More information

FINRMFS9 Facilitate Business Continuity Planning and disaster recovery for a financial services organisation

FINRMFS9 Facilitate Business Continuity Planning and disaster recovery for a financial services organisation Facilitate Business Continuity Planning and disaster recovery for a Overview This unit is suitable for those working in risk management roles who have responsibility for facilitating business continuity

More information