27 jun 2017

E.8 Information Security Management

door | geplaatst in: Bedrijven, e-CF competenties | 0

Description

Implements information Security Management. Monitors and takes action against intrusion, fraud and security breaches or leaks.

Ensures that security risks are analysed and managed with respect to enterprise data and information. Reviews security incidents, makes recommendations for security policy and strategy to ensure continuous improvement of security provision.

Levels of Information Security Management

Level 2

Systematically scans the environment to identify and define vulnerabilities and threats.

Records and escalates non-compliance.

Level 3

Evaluates security management measures and indicators and decides if compliant to information security policy.

Investigates and instigates remedial measures to address any security breaches.

Level 4

Provides leadership for the integrity, confidentiality and availability of data stored on information systems and complies with all legal requirements.

Knoweledge

  • The organisation’s security management policy and its implications for engagement with customers, suppliers and subcontractors.
  • The best practices and standards in information security management
  • The critical risks for information security management
  • The ICT internal audit approach
  • Security detection techniques, including mobile and digital
  • Cyber attack techniques and counter measures for avoidance
  • Computer forensics

Skills

  • Document the information security management policy, linking it to business strategy
  • Analyse the company critical assets and identify weaknesses and vulnerability to intrusion or attack
  • Establish a risk management plan to feed and produce preventative action plans
  • Perform security audits
  • Apply monitoring and testing techniques
  • Establish the recovery plan
  • Implement the recovery plan in case of crisis

E-CF

This competency is based on the European e-Competence Framework (e-CF) 

The e-CF provides a reference of 41 competences as required and applied in an IT professional work context, using a common language for competences, skills, knowledge and proficiency levels that is applied and understood across Europe.

Functies met E.8. Information Security Management competentie

These competencies are based on the European e-Competence Framework (e-CF) 

The e-CF provides a reference of 41 competences as required and applied in an IT professional work context, using a common language for competences, skills, knowledge and proficiency levels that is applied and understood across Europe.