List the assessment methods to be used and the context and resources required for assessment. Copy and paste the relevant sections from the evidence guide below and then re-write these in plain English.
The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:
contribute to developing and implementing risk management strategies that control two different identified cyber security risks and document the response option applied to each risk
support evaluation of effectiveness of each implemented strategy.
The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:
legislative and regulatory requirements relating to contributing to cyber security risk management, including:
data protection legislation
notifiable data breach legislation
Australian privacy laws
established international legislation
key risk management strategies, including:
regular organisational training
regular threat assessment
cyber security incident response plan
clear escalation routes
organisational policies and procedures, including for:
analysing and reviewing risk management methodologies
developing communications plans
evaluating effectiveness of risk management strategies
monitoring cyber risk
reviewing currency of risk register
industry-specific knowledge of suitable procedures for applying risk management strategy
guidelines required for updating technology
business process design principles in relation to risk management
reporting mechanisms for tracking organisational cyber security maturity.
Skills must be assessed in a workplace or simulated environment where conditions are typical of a work environment requiring cyber secure practices, processes and procedures.
Access is required to:
information and data sources relating to cyber security
device with active internet connection
internet browser
industry standards, organisational procedures, and legislative requirements required to demonstrate the performance evidence.
Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.