Cyber Security Capability Framework & Mapping of ISM Roles - agimo

Information SecurityAnalyses and Evaluates1. Conducts security risk assessments for business applications and computerinstallations; provides authoritative advice and guidance on security strategies tomanage the identified risk.2. Investigates major breaches of security, and recommends appropriate controlimprovements.3. Writes and publishes reports on incident outcomes and distributes to appropriatestakeholders.4. Analyses information security incidents and patterns to determine remedial actionsto correct vulnerabilities.5. Monitors and evaluates the effectiveness of the organisation’s information securityprocedures and safeguards for the infrastructure.6. Develops and implements the necessary security plans and proceduraldocumentation, including disaster recovery plans, to ensure that informationsecurity incidents are avoided during shutdown and long term protection ofarchived resources is achieved.7. Reports unresolved network security exposures, misuse of resources or noncompliancesituations to an ITSM.Technology Audit1. Evaluates functional operation and performance in light of test results and makesrecommendations regarding certification or accreditation.2. Examines vulnerabilities and determines actions to mitigate them. Develops andapplies effective vulnerability countermeasures.3. Analyses information security vulnerability bulletins for their potential impact on thecomputing or network environment, and takes or recommends appropriate action.Emerging Technology Monitoring1. Monitors the market to gain knowledge and understanding of currently emergingtechnologies.2. Identifies new and emerging hardware and software technologies and productsbased on own area of expertise, assesses their relevance and potential value to theorganisation, contributes to briefings of staff and management.Applies Technical Proficiency1. Ensures that any system changes required to maintain security are implemented.2. Recommends and schedules information security related repairs, upgrades or projecttasks within the organisation’s environment.3. Writes and maintains scripts required to ensure security of the infrastructure’s environment.4. Plans and schedules the installation of new or modified hardware, operating systems, andsoftware applications ensuring integration with information security requirements for theinfrastructure.5. Schedules and performs regular and special backups on all infrastructure systems.4. Performs risk assessment, business impact analysis and accreditation for all major informationsystems within the organisation.5. Interprets patterns of non-compliance to determine their impact on levels of risk and/or overalleffectiveness of the organisation’s information technology security program.6. Oversees the development of organisational logging standards to comply with auditrequirements.7. Manages and audits system event logs.3. Formulates or provides input to the organisation’s information security budget.4. Develops network security requirements specific to an acquisition for inclusion inprocurement documentsProduced for AGIMO by Workplace Research Associates Pty Ltd 2010 Page 20