Google Links

Follow the links below to find material targeted to the unit's elements, performance criteria, required skills and knowledge

Elements and Performance Criteria

1. Confirm cyber security incident and contribute to its containment
   • Confirm nature and location of cyber security incident according to organisational policies and procedures
   • Estimate risk, likelihood and potential consequence of incident according to organisational response procedures
   • Assist in ensuring that cyber incident is contained according to legislative requirements and organisational cyber security incident response plan
   • Assist in confirming no further risks according to legislative requirements and organisational response procedures
2. Communicate information on cyber security incident
   • Escalate cyber security incident with required workplace personnel according to organisational policies and procedures
   • Consult with required internal and external stakeholders on communication needs relating to cyber security incident
   • Assist in alerting required external parties according to legislative requirements and organisational procedures
3. Contribute to post-incident activities
   • Support post-breach review and reporting
   • Assist in identifying lessons learnt from incident response and recommended changes to cyber security response plan
   • Assist in updating cyber security response plan to reflect review outcomes according to organisational policies and procedures
   • Communicate lessons learnt and recommendations to required personnel

Performance Evidence

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to assist in:

responding to two different cyber security incidents in a work area

conducting one post-breach review.

---

Knowledge Evidence

The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:

legislative requirements relating to contributing to cyber security incident responses, including:

data protection

implications of notifiable data breach legislation on an organisation and other associated Australian privacy laws

established international legislation

procedures for developing communications plans

organisational policies and procedures relating to cyber security incident response, including procedures for:

confirming nature and location of incidents

determining risk, likelihood, and consequence of incidents

containing incidents

notifying internal and external stakeholders of incident

internal and external communications

conducting post-breach reviews

reporting methods for cyber security incidents, including official government channels

key features of cyber security incident response plan

risk mitigation strategies and procedures relating to cyber security

internal and external stakeholders involved in responding to cyber security incidents.

---