NTISthis.com

Evidence Guide: ICTCYS606 - Evaluate an organisation's compliance with cyber security standards and law

Student: __________________________________________________

Signature: _________________________________________________

Tips for gathering evidence to demonstrate your skills

The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!

From the Wiki University

 

ICTCYS606 - Evaluate an organisation's compliance with cyber security standards and law

What evidence can you provide to prove your understanding of each of the following citeria?

Research existing security standards and laws

  1. Identify standards and laws required for organisations cyber security operations and summarise findings
  2. Analyse and align required laws and standards to organisational cyber operations
  3. Obtain and analyse organisation’s existing cyber security compliance strategies and document outcomes according to organisational policies and procedures
  4. Determine time periods and benchmarking of compliance evaluation requirements
Identify standards and laws required for organisations cyber security operations and summarise findings

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Analyse and align required laws and standards to organisational cyber operations

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Obtain and analyse organisation’s existing cyber security compliance strategies and document outcomes according to organisational policies and procedures

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Determine time periods and benchmarking of compliance evaluation requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Analyse compliance activities

  1. Conduct compliance assessment according to organisational and legislative requirements
  2. Document assessment findings according to organisational policies and procedures
  3. Identify and document areas of non-compliance and near misses
Conduct compliance assessment according to organisational and legislative requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Document assessment findings according to organisational policies and procedures

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Identify and document areas of non-compliance and near misses

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Align organisation’s activities to required standards

  1. Develop and document all compliance requirements
  2. Distribute requirements to required personnel in preparation to realign business activities to requirements
  3. Develop an evaluation strategy according to organisational policies and procedures
  4. Submit all documents to required personnel and seek and respond to feedback
Develop and document all compliance requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Distribute requirements to required personnel in preparation to realign business activities to requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Develop an evaluation strategy according to organisational policies and procedures

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Submit all documents to required personnel and seek and respond to feedback

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assessed

Teacher: ___________________________________ Date: _________

Signature: ________________________________________________

Comments:

 

 

 

 

 

 

 

 

Instructions to Assessors

Required Skills and Knowledge

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:

identify cyber security standards and laws and analyse an organisation’s operations and compliance to required laws and standards on at least one occasion.

In the course of the above, the candidate must:

document processes and summarise findings.

The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:

security risks, and tolerance of risk in an organisation

cyber security standards, regulations and laws applicable to the organisation

organisational business processes and applicable cyber security requirements in each area

principles of cyber security

methods of identifying cyber security incidents

different types of cyber security incidents including security vulnerabilities and malware.