NWCET
Critical Work Functions and Key Activities: Cyber-Security Skill Standards
Draft: July 2002


Cyber-Security Skill Standards (Template A)
Critical Work Functions Key Activities
A
Provide Data/Information Assurance
A1
Gather and document data/information assurance requirements
A2
Develop data/information assurance plans and implementation strategies
A3
Review and test plans and strategies for compliance with applicable regulations and standards
A4
Implement data/information assurance plans and strategies
A5
Monitor peformance to ensure integrity and confidentiality
A6
Maintain and update data/information assurance plans and strategies as appropriate
B
Ensure Infrastructure and Network Security
B1
Gather data and analyze security requirements
B2
Identify, interpret, and evaluate infrastructure and network vulnerabilities
B3
Develop critical situation contigency plans and disaster recovery plan
B4
Implement and test contingency and backup plans
B5
Monitor, report, and resolve security problems
B6
Coordinate contingency and recovery plans with internal and external stakeholders
C
Develop, Manage, and Enforce Security Policies
C1
Perform research and analyze requirements
C2
Develop, assess, and document security policies, practices, and procedures
C3
Disseminate policies and implementation practices and procedures
C4
Implement and enforce security policies, practices, and procedures
C5
Monitor, maintain, and revise security policies, practices, and procedures as required
D
Perform Security Education and Training
D1
Identify and assess education and training requirements for all constituents
D2
Identify resources and support materials
D3
Design and develop education and training plans and strategies
D4
Determine appropriate methods and models for relevant stakeholders
D5
Deliver education and training
D6
Assess results and determine follow up requirements
E
Develop and Implement Physical Security, Deterrence, and Detection
E1
Identify and assess current and anticipated security risks and vulnerabilities
E2
Research and evaluate alternative current and emerging practices, tools, and technologies
E3
Select and apply relevant tools to meet security goals and requirements
E4
Monitor and evaluate security conditions and environment
E5
Develop and test physical security, deterrence, and detection systems and plans
E6
Implement, extend, and refine physical security plans and practices
F
Perform System Design and Analysis
F1
Define current systems-level requirements, and forecast future needs and trends
F2
Evaluate current and emerging tools and technologies
F3
Evaluate organization's security strategies
F4
Make recommendations regarding organization's investment in security
F5
Define metrics and audit systems performance
F6
Coordinate systems testing and integration
F7
Maintain systems performance and ensure future readiness


Copyright NWCET and BCC. All rights reserved. Copyright 2002.


Download Cyber Security Skill Standards in Microsoft Word format.

Back to Intro.