e-Competence: Title + generic description
D.1 Information Security Strategy Development
Defines and makes applicable a formal organisational strategy, scope and culture to maintain safety and security of information. Provides the foundation for Information Security Management, including role identification and accountability (ref D.2). Uses defined standards to create objectives for information integrity, availability, and data privacy.
e-Competence proficiency levels (on e-CF levels e-1 to e-5, related to EQF levels 3 to 8
Exploits depth of expertise and leverages external standards and best practices.
Provides strategic leadership to embed information security into the culture of the organisation.
|Knowledge examples||Knows/ Aware of/ Familiar with:
- K1 the potential and opportunities of relevant standards and best practices
- K2 the impact of legal requirements on information security
- K3 the information strategy of the organisation
- K4 possible security threats
|Skills examples||Able to:
- S1 develop and critically analyse the company strategy for information security
- S2 define, present and promote an information security policy for approval by the senior management of the organisation
- S3 apply relevant standards, best practices and legal requirements for information security
- S4 anticipate required changes to the organisations information security strategy and formulate new plans
- S5 propose effective contingency measures
Back to list