Application
This unit describes the skills and knowledge required to identify, confirm and implement best practices for identity management in the cyber environment to minimise threats, risks and cybercrime attacks.
It applies to those who work as network security specialists or administrators and are responsible for overseeing and implementing an organisation’s best practices to confirm safe cyber security management of personal and identifiable information.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Elements and Performance Criteria
1. Analyse organisation’s identity management best practices | 1.1 Identify and summarise organisation’s identity management practices 1.2 Analyse organisation’s identity management environment, processes and requirements 1.3 Identify legislation and industry requirements required to implementing best practices for identity management |
2. Design and implement best practices | 2.1 Develop and document strategy for identity management best practices plan 2.2 Develop and document implementation strategy in consideration of technical, personnel, performance benchmarks and timeline requirements, according to organisational policies and procedures 2.3 Distribute documents to required personnel in preparation for implementation 2.4 Conduct implementation of best practices strategy according to organisational requirements and implementation plan |
3. Finalise implementation of strategy | 3.1 Analyse organisation’s performance against best practices benchmark 3.2 Summarise outcomes of analysis and identify areas risk and high vulnerability 3.3 Update plan with suggested remediation strategy for identified areas of risk and vulnerability 3.4 Submit finalised documentation to required personnel and seek and respond to feedback 3.5 Lodge all documentation according to organisational policies and procedures |
Evidence of Performance
The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:
design, implement and analyse best practices for identity management in an organisation on at least one occasion.
In the course of the above, the candidate must:
identify an organisation’s operating environment
document processes and outcomes.
Evidence of Knowledge
The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:
organisation’s operating and cyber environment applicable to identity management
identity management methodologies required in the cyber environment
best practices and legislation required to implement best practices for identity management
organisational procedures applicable to implementing best practices for identity management including:
documentation processes
designing secure network infrastructure
establishing requirements and features of information security strategies
establishing baselines and metrics
testing methodologies.
Assessment Conditions
Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions are typical of those in a working environment in this industry.
This includes access to:
hardware, software and digital devices required to undertake identity management tasks
software that identifies data categorise and access privilege
legislation and policies and procedures required to identity management best practices.
Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.
Foundation Skills
Learning | Obtains information applicable to organisational procedures and identity management standards and principles Monitors outcomes of decisions, considering results and identifying key concepts and principles that may be adaptable in the future |
Reading | Interprets information from different sources in a range of formats when identifying best practices and interpreting how these standards apply to the organisation |
Writing | Prepares complex workplace documentation detailing processes and outcomes using required structure, layout and required language |
Planning and organising | Uses problem solving skills to identify anomalies and subtle deviations to normal expectations, focusing attention and remedying problems as they arise |
Sectors
Cyber security