Cyber Security Capability Framework & Mapping of ISM Roles - agimo

More documents

Recommendations

Info

INFORMATION SECURITY The management of, and provision of expert advice on, the selection, design, justification,implementation and operation of information security controls and management strategies to maintain the confidentiality, integrity,availability, accountability and relevant compliance of information systemsAPS 3/4 APS 5 APS 6Applies Technical Proficiency1. Implements response actions in reaction tosecurity incidents.2. Applies organisation’s established informationsecurity procedures and safeguards and complieswith responsibilities of assignment.3. Adheres to information security laws andregulations in order to support functionaloperations of the network environment.4. Configures, optimises and tests network fileservers, hubs, routers and switches to ensurethey comply with the organisation’s securitypolicy, procedures, government legislation andguidelines, and the organisation’s technicalrequirements prior to deployment.5. Recommends information security related repairsor changes in the network environment.6. Supports security tests and evaluations.7. Understands and implements basic technicalvulnerability corrections.8. Conducts tests of information security safeguardsfor the organisation’s computer environment, inaccordance with implementation plans, standardoperating environment procedures, and securitysection directives.Analyses and Evaluates1. Understands, applies and maintains specificsecurity controls as required by organisationalpolicy and local risk assessments to maintainconfidentiality, integrity and availability of businessinformation systems and to enhance resilience tounauthorised access.2. Diagnoses and resolves information securityproblems in response to reported incidents.Applies Technical Proficiency1. Recognises when an IT network/system has beenattacked, and takes immediate action to limitdamage assesses the impact and if appropriatepreserves evidence.2. Installs and operates IT systems in theorganisation’s computer environment in a testconfiguration manner that does not alter theprogram code or compromise security safeguards.3. Assesses the performance of information securitycontrols within the network.4. Supports, monitors, tests and troubleshootshardware and software information securityproblems pertaining to the organisation’s computingenvironment.5. Implements applicable patches for theorganisation’s computing environment.Analyses and Evaluates1. Conducts security risk assessments for definedbusiness applications or IT installations in definedareas, and provides advice and guidance on theapplication and operation of elementary physical,procedural and technical security controls2. Monitors and evaluates the effectiveness of theorganisation’s information security proceduresand safeguards for the infrastructure.Applies Technical Proficiency1. Assists in the gathering and preservation ofevidence, maintaining evidentiary integrity.3. Directs the implementation of appropriateoperational structures and processes to ensure aneffective information security program for theinfrastructure, including boundary defence,incident detection and response, and keymanagement.5. Designs and installs perimeter defence systemsincluding IDS, firewalls, grid sensors, etc and,under direction, enhances the rule sets to blocksources of malicious traffic.6. Installs, tests, maintains, and upgrades networkoperating systems software and hardware toensure they comply with information securityrequirements.7. Notifies and schedules information securityrelated repairs within the organisation’s networkenvironment.8. Writes and maintains scripts required to ensuresecurity of the organisation’s infrastructure.Produced for AGIMO by Workplace Research Associates Pty Ltd 2010 Page 10
INFORMATION SECURITY The management of, and provision of expert advice on, the selection, design, justification,implementation and operation of information security controls and management strategies to maintain the confidentiality,integrity, availability, accountability and relevant compliance of information systemsEL 1 EL 2Analyses and Evaluates1. Conducts security risk assessments for business applications and computerinstallations; provides authoritative advice and guidance on security strategies tomanage the identified risk.2. Investigates major breaches of security, and recommends appropriate controlimprovements.3. Writes and publishes reports on incident outcomes and distributes to appropriatestakeholders.4. Analyses information security incidents and patterns to determine remedial actionsto correct vulnerabilities.5. Monitors and evaluates the effectiveness of the organisation’s information securityprocedures and safeguards for the infrastructure.6. Develops and implements the necessary security plans and proceduraldocumentation to ensure that information security incidents are avoided duringshutdown and long term protection of archived resources is achieved.7. Formulates or provides input to the organisation’s information security budget.Applies Technical Proficiency1. Ensures that any system changes required to maintain security areimplemented.2. Recommends and schedules information security related repairs, upgrades orproject tasks within the organisation’s environment.3. Writes and maintains scripts required to ensure security of the infrastructure’senvironment.4. Provides direction to system developers regarding correction of security problemsidentified during testing.5. Plans and schedules the installation of new or modified hardware, operatingsystems, and software applications ensuring integration with information securityrequirements for the infrastructure.6. Schedules and performs regular and special backups on all infrastructure systems.Analyses and Evaluates1. Specifies organisational procedures for the assessment of an activity,process, product or service, against recognised criteria, such as ISO27001.2. Provides leadership and guidelines on information assurance securityexpertise for the organisation, working effectively with strategicorganisational functions such as legal experts and technical support toprovide authoritative advice and guidance on the requirements for securitycontrols.3. Reviews security plans and procedural documentation to ensure thatinformation security incidents are avoided during shutdown and long termprotection of archived resources is achieved.4. Formulates the organisation’s information security budgetApplies Technical Proficiency1. Evaluates and approves development efforts to ensure that baselinesecurity safeguards are appropriately installed.2. Provides for restoration of information systems by ensuring that protection,detection, and reaction capabilities are incorporated.3. Recommends and schedules more complex repairs, upgrades or projecttasks.4. Validates the planning and scheduling of the installation of new or modifiedhardware, operating systems, and software applications ensuringintegration with information security requirements for the infrastructure.Produced for AGIMO by Workplace Research Associates Pty Ltd 2010 Page 11
Page 1 and 2: AUSTRALIAN GOVERNMENT INFORMATION M
Page 3 and 4: Introduction and BackgroundIn May 2
Page 5 and 6: WorkshopOnce the documents had been
Page 7 and 8: CYBER SECURITY CAPABILITY FRAMEWORK
Page 9: SERVICE DELIVERY The authorisation
Page 13 and 14: TECHNOLOGY AUDIT The independent, r
Page 15 and 16: EMERGING TECHNOLOGY MONITORING The
Page 17 and 18: INFORMATION TECHNOLOGY SECURITY MAN
Page 19 and 20: INFORMATION TECHNOLOGY SECURITY OFF

Cyber Security Capability Framework & Mapping of ISM Roles - agimo

Create successful ePaper yourself

Delete template?

Save as template?