The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!
From the Wiki University
What evidence can you provide to prove your understanding of each of the following citeria?
Establish the organisational context
|
|
Legislative and regulatory requirements for the organisation are identified and documented in accordance with organisational policy and procedures. Completed |
Evidence:
|
Legislation is analysed for any security implications for information management, and the outcomes are documented. Completed |
Evidence:
|
The organisation's purpose and function are reviewed for compliance requirements. Completed |
Evidence:
|
The broad social context in which the organisation operates is analysed to determine community expectations. Completed |
Evidence:
|
Determine the principal areas of risk requiring information strategy
|
|
Existing risk analyses for organisation's functions are reviewed and updated. Completed |
Evidence:
|
Regulatory requirements and legal liabilities are reviewed and documented for their impact on the information systems framework. Completed |
Evidence:
|
Risks and liabilities to be managed by information systems are determined and documented informing the development of the framework. Completed |
Evidence:
|
Determine the information system requirements for each business function
|
|
Risks, liabilities and regulatory requirements are determined and analysed against each business function. Completed |
Evidence:
|
The determined requirements for each business function are documented and communicated as evidence to be captured as records. Completed |
Evidence:
|
Information system specifications are formulated from the evidence requirements in accordance with the organisation's technologies, standards and protocols. Completed |
Evidence:
|
Information security requirements are determined for each business function. Completed |
Evidence:
|
Specifications for information systems security measures are determined consistent with government guidelines and standards. Completed |
Evidence:
|
Establish information systems framework for organisation
|
|
Overview of responsibilities for information management within the organisation is developed and communicated. Completed |
Evidence:
|
Responsibilities and authorities in relation to regulatory requirements are defined in accordance with jurisdictional and organisational standards. Completed |
Evidence:
|
Information management responsibilities and rights for each business function are defined. Completed |
Evidence:
|
Identified risks and liabilities managed by information systems are integrated with the definition of responsibilities for each function. Completed |
Evidence:
|
Levels of accountability and responsibility within the framework are defined, assigned and documented for each function. Completed |
Evidence:
|
Security procedures for information systems are formulated and documented. Completed |
Evidence:
|
Obtain approval for framework
|
|
The completed and documented framework of areas of risk, regulatory requirements, records specifications, security requirements and information management responsibilities are communicated to the appropriate person(s) for review and endorsement. Completed |
Evidence:
|
A review process is established and appropriate persons are charged with maintaining the currency of the organisation's information systems framework. Completed |
Evidence:
|