UNIT
3 | PSP12V1 | Unit descriptor edited. |
2 | PSP04V4.2. | Layout adjusted. No changes to content. |
1 | PSP04V4.1 | Primary release. |
.
This unit covers planning to treat security risks through the development of a security risk management plan. It includes identifying security countermeasures and developing a formal security plan.
In practice, development of a security risk management plan may overlap with other generalist or specialist public sector work activities such as acting ethically, promoting compliance with legislation, developing client services, undertaking research and analysis.
No licensing, legislative, regulatory or certification requirements apply to this unit at the time of endorsement.
Not applicable.
Not applicable.
Not applicable.
This unit contains employability skills.
Elements are the essential outcomes of the unit of competency. | Together, performance criteria specify the requirements for competent performance. Text in |
The Evidence Guide specifies the evidence required to demonstrate achievement in the unit of competency as a whole. It must be read in conjunction with the Unit descriptor, Performance Criteria, the Range Statement and the Assessment Guidelines for the Public Sector Training Package. | |
PSPETHC501B Promote the values and ethos of public service PSPGOV502B Develop client services PSPGOV504B Undertake research and analysis PSPLEGN501B Promote compliance with legislation in the public sector PSPSEC501A Assess security risks PSPSEC503A Implement and monitor security risk management plans | |
In addition to integrated demonstration of the elements and their related performance criteria, look for evidence that confirms: the knowledge requirements of this unit the skill requirements of this unit application of the Employability Skills as they relate to this unit (see Employability Summaries in Qualifications Framework) security risk management plans developed in a range of (2 or more) contexts (or occasions, over time) | |
These resources include: legislation, policy, procedures and protocols relating to security risk management plans Australian Government Information Manual (ISM) Protective Security Policy Framework case studies and workplace scenarios to capture the range of situations likely to be encountered when developing security risk management plans | |
Valid assessment of this unit requires: a workplace environment or one that closely resembles normal work practice and replicates the range of conditions likely to be encountered when developing security risk management plans, including coping with difficulties, irregularities and breakdowns in routine security risk management plans developed in a range of (2 or more) contexts (or occasions, over time) Assessment methods should reflect workplace demands, such as literacy, and the needs of particular groups, such as: people with disabilities people from culturally and linguistically diverse backgrounds Aboriginal and Torres Strait Islander people women young people older people people in rural and remote locations Assessment methods suitable for valid and reliable assessment of this competency may include, but are not limited to, a combination of 2 or more of: case studies portfolios questioning scenarios simulation or role plays authenticated evidence from the workplace and/or training courses, such as security risk management plan | |
Evidence must be gathered over time in a range of contexts to ensure the person can achieve the unit outcome and apply the competency in different situations or environments | |
The Range Statement provides information about the context in which the unit of competency is carried out. The variables cater for differences between States and Territories and the Commonwealth, and between organisations and workplaces. They allow for different work requirements, work practices and knowledge. The Range Statement also provides a focus for assessment. It relates to the unit as a whole. Text in | |
internal external national international real perceived to: people property information reputation criminal terrorist from foreign intelligence services from commercial/industrial competitors from malicious people | |
consideration of current and historical information | |
those which an organisation has determined have the least potential for harm | |
those which an organisation has determined have the most potential for harm | |
addition of security measures reduction of security measures avoiding the risk through change of practice acceptance of residual risk minimisation of harm through response mechanisms accepting the risk | |
revision of agency security plan upgrade of existing security installation of new security measures technical controls training personnel-oriented information-oriented property-oriented reputation-oriented | |
current controls to deter, detect or prevent harm effectiveness of current controls level of exposure threat assessment determination of threat source/s competence/capability of threat source/s opportunity for threat to occur | |
degree of harm who would be affected and how how much disruption would occur damage to: the organisation other organisations government third parties critical lead time for recovery: the period of time a function is compromised critical if the function is vital to the organisation | |
may lessen the adverse consequences of risk provide a set of planned procedures that enable organisations to continue or recover services to the government and the public with minimal disruption over a given period, irrespective of the source of the disruption | |
severe high major significant moderate low trivial | |
existing requirements future requirements forecast requirements | |
supervisors managers other areas within the organisation other organisations government third parties workgroup | |
is used to provide information about people and events that may pose a threat to a particular resource or function evaluates and discusses the likelihood of a threat being realised determines the potential of a threat to actually cause harm | |
a measure of how open a resource is to harm, or the potential of a resource to attract harm | |
Not applicable.
Government Security Management.
Not sure where to start? Sign up to download unit details or start mapping in Michi's help.
Effortlessly sync unit data from training.gov.au
Create mapping groups from one or more units, for streamlined unit & cluster mapping.
Easily download your maps stylised to your taste as Excel, Word, or PDF documents
Receive an alert whenever training.gov.au updates or supersedes a unit you have mapped. Choose to apply the update, or migrate your map
Experience the efficiency of our AI-driven tools that make importing and organising your mapping content effortless.