The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!
From the Wiki University
What evidence can you provide to prove your understanding of each of the following citeria?
Plan incident response plans
|
|
Identify and gather information on organisational environment, procedures and processes and cyber security threats Completed |
Evidence:
|
Discuss and confirm ideas and plans with management and gain approval in developing response plans Completed |
Evidence:
|
Establish response committee and roles and responsibilities of each individual according to organisational procedures Completed |
Evidence:
|
Identify required services and assets in developing test plans Completed |
Evidence:
|
Develop and confirm incident response plans
|
|
Establish and confirm recovery time objective (RTO) and recovery point objective (RPO) in disaster recovery according to organisational requirements Completed |
Evidence:
|
Discuss and establish test scenarios Completed |
Evidence:
|
Establish and confirm test frequency according to organisational requirements Completed |
Evidence:
|
Develop test baselines and metrics according to organisational procedures Completed |
Evidence:
|
Confirm and document draft test plans with required personnel and respond to feedback accordingly Completed |
Evidence:
|
Test cyber security incident response plan according to testing procedures Completed |
Evidence:
|
Identify, address and report errors noted in testing phase, within scope of own role Completed |
Evidence:
|
Finalise incident response plans
|
|
Discuss lessons learnt in testing response plans and adjust test plans accordingly Completed |
Evidence:
|
Obtain sign-off with required personnel according to organisational policies and procedures Completed |
Evidence:
|
Record, document and store test plans according to organisational procedures Completed |
Evidence:
|