E.08 Information Security Management
Generic description:
Implements information security policy. Monitors and takes action against intrusion, fraud and security breaches or leaks. Ensures that security risks are analysed and managed with respect to enterprise data and information. Reviews security incidents, makes recommendations for security policy and strategy to ensure continuous improvement of security provision.
Competence area: e-CF area E. Manage
Proficiency levels:
e-CF level | Description | Profiles (CWA16458) |
---|---|---|
2 | Systematically scans the environment to identify and define vulnerabilities and threats. Records and escalates non-compliance. | Network specialist, Systems administrator |
3 | Evaluates security management measures and indicators and decides if compliant to information security policy. Investigates and instigates remedial measures to address any security breaches. | ICT operations manager, ICT security specialist |
4 | Provides leadership for the integrity, confidentiality and availability of data stored on information systems and complies with all legal requirements. | ICT security manager, ICT security specialist |
Knowledge examples (Knows /aware of/ Familiar with:)
- K1 the organisation's security management policy and its implications for engagement with customers, suppliers and subcontractors
- K2 the best practices and standards in information security management
- K3 the critical risks for information security management
- K4 the ICT internal audit approach
- K5 security detection techniques, including mobile and digital
- K6 cyber attack techniques and counter measures for avoidance
- K7 computer forensics
Skill examples (Able to:)
- S1 document the information security management policy, linking it to business strategy
- S2 analyse the company critical assets and identify weaknesses and vulnerability to intrusion or attack
- S3 establish a risk management plan to feed and produce preventative action plans
- S4 perform security audits
- S5 apply monitoring and testing techniques
- S6 establish the recovery plan
- S7 implement the recovery plan in case of crisis
The backlinks below usually do not include the child and sibling items, nor the pages in the breadcrumbs.
- Application Documentation Enablers
- Application Mediation Enablers
- Application Security Enablers
- European e-Competence Framework
- ICT operations manager
- ICT security manager
- ICT security specialist
- Infrastructure Financial Transaction Enablers
- Infrastructure Privacy Enablers
- Infrastructure Security Enablers
- Infrastructure Technology Governance Enablers
- Network specialist
- Systems administrator
#tagcoding tags for goods, services and bads
10yfp
abaca
abrasive-materials-#cpc163
academic-tutor-#cpc9291
access
access-and-network-capacity
access-to-ict
access-to-internet
access-to-land
access-to-market-information
accidental-death-insurance-#cpc7132
accident-and-fire-insurance-#cpc7142
accommodation-#cpc632
accommodation-#cpc8552
accordions
accountable-institutions
accounting
accounting-#cpc822
accounting-methods-design-#cpc8311
accounts
accounts-examination
accumulators
accuracy-certification
achieve-income-growth
acids-and-sulphurs
acorns
acoustics-and-vibration-testing
acrylics
action-figures
activities-auxiliary-to-financial-service-#cpc715
actors-#cpc9631
actuarial-services-#cpc7163
acupuncture-#cpc9319
adaptation
adaptation-to-climate-change
adaptive
adding-machines-#cpc4514
additifs-for-cements
address-bar-coding
adequate-housing