Elements and Performance Criteria
- Contribute to recommending risk management strategies that mitigate cyber security risk
- Consult with stakeholders to determine scope of risk management appropriate to organisation and industry
- Review relevant critical cyber risk management strategies appropriate to level of risk
- Assist in developing suitable cyber security response options according to organisational policies and procedures
- Present options for risk management strategies for approval within scope of own role
- Document approved risk management strategies
- Support implementation of approved risk management strategies in response to risk
- Support communication of approved risk management strategies to required personnel
- Contribute to monitoring cyber security risk according to selected risk management strategies
- Assist in determining compliance with implemented cyber risk mitigation strategies
- Address non-compliance within scope of own role and escalate where required according to organisational policies and procedures
- Assist in establishing feedback processes that provide warning of potential new risks according to organisational requirements
- Review and revise implemented risk management strategies