Public Sector - Draft 2

PSPSEC006 Implement security risk treatments_validation

Please scroll down to review the various sections of this document. You can leave a comment by clicking on .
You can choose to be notified when someone else comments by clicking on
You can unsubscribe from notifications by clicking on

Unit application and prerequisites

UNIT CODE

PSPSEC006

UNIT TITLE

Implement security risk treatments

APPLICATION

This unit describes the performance outcomes, skills and knowledge required to confirm risk decisions, identify risk treatments, implement countermeasures and monitor and review the security risk management process.

 

This unit applies to those working in a security role where they will be required to confirm, identify, implement and review risk.

 

Those undertaking this unit would work independently and as part of a team using support resources and performing complex tasks in a range of familiar and unfamiliar contexts.

 

The skills in this unit must be applied in accordance with Commonwealth and State or Territory legislation, Australian standards and industry codes of practice.

 

No occupational licensing, certification or specific legislative or certificate requirements apply to this unit at the time of publication.

PREREQUISITE UNIT

Nil

COMPETENCY FIELD

Security

UNIT SECTOR

 

0 Comments

This section doesn't have any comments.

Elements and performance criteria

ELEMENTS

PERFORMANCE CRITERIA

Elements describe the essential outcomes

Performance criteria describe the performance needed to demonstrate achievement of the element.

  1. Confirm risk decisions
    1. Confirm management decisions determining acceptable and unacceptable levels of risks.
    2. Note and monitor low level risks accepted by the organisation, to detect changed circumstances.
    3. Refer unacceptable high-level risks for development of formal management plans.
    4. Note all major or significant risks determined as unacceptable.
  1. Identify risk treatments
    1. Ensure treatments are consistent with the security plan.
    2. Select treatments to reduce the likelihood and consequences of the risk.
    3. Include continuity plans in treatments where appropriate.
    4. Document treatments and submit for approval.
  1. Implement countermeasures
    1. Develop and implement a treatment plan.
    2. Apply countermeasures in accordance with the implementation strategy detailed in the security plan.
    3. Implement countermeasures in accordance with timeframe, budgetary requirements and legal requirements.
  1. Monitor and review security risk management process
    1. Implement strategies to monitor risk environment.
    2. Evaluate risk treatments against the objectives of the security plan.
    3. Obtain feedback from stakeholders on the adequacy and need for current security measures affecting their work/area.
    4. Convey recommendations for re-examination of security risk or improved risk treatments to the appropriate personnel.

0 Comments

This section doesn't have any comments.

Foundation skills

FOUNDATION SKILLS

Foundation skills essential to performance in this unit, but not explicit in the performance criteria are listed here, along with a brief context statement.

SKILLS

DESCRIPTION

Reading skills to:

  • apply legislation, regulations and policies relating to government security management.
  •  

Oral communication skills to:

  • communicate with diverse stakeholders.

 

Numeracy skills to:

  • represent mathematical information in format to suit a variety of audiences.

UNIT MAPPING INFORMATION

Release 1: Supersedes and is equivalent to PSPSEC006 Implement security risk treatments.

LINKS

Companion Volume Implementation Guide

0 Comments

This section doesn't have any comments.

Performance evidence

TITLE

Assessment Requirements for PSPSEC006 Implement security risk treatments

PERFORMANCE EVIDENCE

Evidence of the ability to complete tasks outlined in elements and performance criteria of this unit in the context of the job role, and on at least one occasion:

  • read and analyse an organisation’s security plan
  • use computer technology to gather and analyse information, and prepare a formal report.

0 Comments

This section doesn't have any comments.

Knowledge evidence

KNOWLEDGE EVIDENCE

Demonstrated knowledge required to complete the tasks outlined in elements and performance criteria of this unit:

  • legislation, regulations, policies, procedures and guidelines relating to government security management including WHS
  • fraud control and protective security policies
  • Australian Government Information Security Manual (ISM)
  • Protective Security Policy Framework
  • risk analysis terminology and techniques
  • the organisation’s security plan
  • the organisation’s assets and security environment
  • risk management: principles and guidelines.

0 Comments

This section doesn't have any comments.

Assessment conditions

ASSESSMENT CONDITIONS

Skills must be demonstrated in either a:

  • workplace environment or
  • simulated environment.

 

Simulated assessment environments must simulate the real-life working environment where the skills and knowledge within this unit would be utilised, with all the relevant equipment and resources of that working environment.

 

Assessment must ensure access to:

  • legislation, policy, procedures and protocols relating to the implementation of security risk treatments
  • organisational standards and documentation
  • case studies and workplace scenarios to capture the range of situations likely to be encountered when implementing security risk treatments.

 

Assessors must satisfy the Standards for Registered Training Organisations’ requirements for assessors.

LINKS

Companion Volume Implementation Guide

0 Comments

This section doesn't have any comments.