Occupational Standard - SSC/N0902 | SSC

Occupational Standard - SSC/N0902

Occupational Standard - SSC/N0902
Code SSC/N0902
Version 0.1
Industry Sub-Sector IT-ITeS/IT Services
Title Co-ordinate responses to information security inci
Description This unit is about playing a co-ordinating role in responding to information security incidents, liaising with members of the security team who carry out investigations and other stakeholders or business users.
Scope

Scope

This unit/task covers the following:

Information security incidents may cover:

·     Identify and Access Management (IdAM)

·     physical security

·     networks (wired and wireless)

·     devices

·     endpoints/edge devices

·     storage devices

·     servers

·     software

·     applications security

·     content management

·     messaging

·     web security

·     security of infrastructure

·     infrastructure devices (eg routers, firewall services)

·     computer assets, server s and storage networks

·     messaging

·     intrusion detection/prevention

·     security incident management

·     third party security management

·     personnel security requirements

Information security incidents:

·     automatically by tools and systems

·     manually by employees or business users

Appropriate people:

·     line manager

·     members of the security team

·     incident management group

·     subject matter experts

Performance Criteria

Performance Criteria (PC) w.r.t. the Scope

 

To be competent, you  must be able to:

PC1.     Establish your role and responsibilities in co-ordinating responses to information security incidents

PC2.     record, classify and prioritize information security incidents using standard templates and tools

PC3.     Access your organization’s knowledge base for information on previous information security incidents and how these were managed

PC4.     Assign information security incidents promptly to appropriate people for investigation/action

PC5.     Liaise with stakeholders to gather, validate and provide information related to information security incidents, where required

PC6.     Track progress of investigations into information security incidents and escalate to appropriate people where progress does not comply with standards or service level agreements (SLAs)

PC7.     Prepare accurate preliminary reports on information security incidents using standard templates and tools

PC8.     Submit preliminary reports promptly to appropriate people for action

PC9.     update the status of information security incidents following investigation/action using standard templates and tools

PC10.    Obtain advice and guidance on co-ordinating information security incidents from appropriate people, where required

PC11.    Update your organization’s knowledge base promptly and accurately with information security incidents and how they were managed

PC12.    Comply with your organization’s policies, standards, procedures, guidelines and service level agreements (SLAs) when co-ordinating responses to information security incidents

Knowledge

Knowledge and Understanding (K)

A.      Organizational

Context (Knowledge of the company/  organization and  its processes)

You need to know and understand:

KA1.    Your organization’s policies, procedures, standards, guidelines and service level agreements for responding to information security incidents

KA2.    The day-to-day operations, procedures and tasks relating to your area of work

KA3.    Your organization’s knowledge base and how to access and update this

KA4.    Limits of your role and responsibilities and who to seek guidance from where required

KA5.    The purpose of managing information security incident s

KA6.    Who to involve when investigating and co-ordinating responses to information security incidents and how to contact them

KA7.    The importance of tracking progress and corrective and preventative actions for information security incidents

KA8.    The importance of keeping records and evidence relating to information security incidents

KA9.    The impact information security incidents can have on your organization

KA10.    Different types of information security incidents and how to deal with these

KA11.    How to assign and escalate information on information security incidents

KA12.    Different methods and techniques used when working with others

KA13.    Standard tools and templates available and how to use these

KA14.    Your organization’s policies and procedures for sharing information on security incidents and the importance of complying with these

KA15.    How to classify and priorities information security incidents

B. Technical  

     Knowledge

You need to know and understand:

KB1.    Fundamentals of information security and how to apply these, including:

·         networks

·         communication

·         application security

KB2.    Routine operational procedures and tasks required to co-ordinate and respond to information security incidents

KB3.    Different stages of incident management and your role in relation to these, including:

·         identify

·         contain

·         cleanse

·         recover

·         close

KB4.    How to identify and resolve information security vulnerabilities and incidents

KB5.    Common issues and incidents of information security that may require action and who to report these to

KB6.    How to obtain and validate information related to information security issues

KB7.    How to prepare and submit information security reports and who to share these with

Skills

A.      Core Skills/ Generic Skills

 Writing Skills

You need to know and understand how to:

SA1.    Complete accurate well written work with attention to detail

SA2.    Communicate with others in writing

Reading Skills

You need to know and understand how to:

SA3.     Follow guidelines, procedures, rules and service level agreements

Oral Communication (Listening and Speaking skills)

You need to know and understand how to:

SA4.     Listen effectively and orally communicate information accurately

SA5.     Ask for clarification and advice from others

B.      Professional Skills

 

 

Decision Making 

You need to know and understand how to:

SB1.    Follow rule-based decision-making processes

SB2.    Make decisions on suitable courses of action

Plan and Organize

You need to know and understand how to:

SB3.     Plan and organize your work to achieve targets and deadlines

CustomerCentricity

You need to know and understand how to:

SB4.     Build and maintain positive and effective relationships with customers

SB5.     Check your own work meets customer requirements

Problem Solving

You need to know and understand how to:

SB6.     Apply problem solving approaches in different situations

SB7.     Seek clarification on problems from others

SB8.     Refer anomalies to the line manager

Analytical Thinking

You need to know and understand how to:

SB9.     Analyze data and activities

SB10.    Configure data and disseminate relevant information to others

SB11.    Pass on relevant information to others

Critical Thinking

You need to know and understand how to:

SB12.    provide opinions on work in a detailed and constructive way

SB13.    apply balanced judgments to different situations

Attention to Detail

You need to know and understand how to:

SB14.    apply good attention to details

SB15.    check your work is complete and free from errors

Team Working

You need to know and understand how to:

SB16.    work effectively in a team environment

SB17.    contribute to the quality of team working

SB18.    work independently and collaboratively

C.      Technical Skills

You need to know and understand how to:

SC1.    Use information technology effectively to input and/or extract data accurately

SC2.    Identify and refer anomalies in data

SC3.    Store and retrieve information

SC4.    Agree objectives and work requirements

SC5.    Keep up to date with changes, procedures and practices in your role

Attachment os_attachments/SSC_N0902_V0.1.pdf
Last Review On June 23, 2015, 2:49 p.m.
Next Review On

Connect with us

Recent News

   Adobe partners with SSC NASSCOM in Skill Development
Post date: Sept. 13, 2017, 8:17 p.m.
   CANADIAN EMBASSY
Post date: April 29, 2017, 11:32 p.m.
   Gramoday Mela - Chitrakoot
Post date: March 1, 2017, 10:37 a.m.
View All

Student Readiness

Training Providers Employability Assessments

Training Providers

Training Providers

IT-BPM Industry Members

Companies

Academic Institutions

Acedmia
Go to top