E.8 Information Security Management

geplaatst in: Bedrijven, e-CF competenties, e-CF functies | 0


Implements information security policy.

Monitors and takes action against intrusion, fraud and security breaches or leaks.

Ensures that security risks are analysed and managed with respect to enterprise data and information.

Reviews security incidents, makes recommendations for security policy and strategy to ensure continuous improvement of security provision.



Level 2

Systematically scans the environment to identify and define vulnerabilities and threats.

Records and escalates non-compliance.


Level 3

Evaluates security management measures and indicators and decides if compliant to information security policy.

Investigates and instigates remedial measures to address any security breaches.


Level 4

Provides leadership for the integrity, confidentiality and availability of data stored on information systems and complies with all legal requirements.



The organisation’s security management policy and its implications for engagement with customers, suppliers and subcontractors

The best practices and standards in information security management

The critical risks for information security management

The ICT internal audit approach

Security detection techniques, including mobile and digital

Cyber attack techniques and counter measures for avoidance

Computer forensics



Document the information security management policy, linking it to business strategy

Analyse the company critical assets and identify weaknesses and vulnerability to intrusion or attack

Establish a risk management plan to feed and produce preventative action plans

Perform security audits

Apply monitoring and testing techniques

Establish the recovery plan

Implement the recovery plan in case of crisis


Functies met E.8. Information Security Management competentie

Network Specialist

Systems Administrator

ICT Security Specialist

ICT Operation Manager

ICT Security Manager