Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

SECURITY MANAGEMENT Produce security risk assessments

advertisement 
19754
28-Jun-16
1 of 6
SECURITY MANAGEMENT
Produce security risk assessments
level:
6
credit:
20
planned review date:
March 2007
sub-field:
Security
purpose:
This unit standard is for people who work, or intend to work,
as security managers or security consultants, and who need
to produce security risk assessments.
People credited with unit standard are able to:
establish the context for the security risk assessment;
identify security risks;
analyse security risks;
evaluate security risks;
document and present security risk assessment.
entry information:
Open.
accreditation option:
Evaluation of documentation and visit by NZQA, industry and
teaching professional in the same field from another
provider.
moderation option:
A centrally established and directed national moderation
system has been set up by the ElectroTechnology Industry
Training Organisation.
special notes:
1
This unit standard is based on the principles and
processes identified in AS/NZS 4360:1999, Risk
Management, applied in the context of security risks.
2
Legislation relevant to this unit standard includes:
Building Act 1991;
Companies Act 1991;
Employment Relations Act 2000;
Fire Service Act 1975;
Health and Safety in Employment Act 1992;
Privacy Act 1993;
Private Investigators and Security Guards Act 1974;
Resource Management Act 1991.
For assessment in countries other than New Zealand,
the equivalent legislation in force in that country may be
used.
 New Zealand Qualifications Authority 2016
19754
28-Jun-16
2 of 6
SECURITY MANAGEMENT
Produce security risk assessments
3
Definitions
Analysis - the systematic examination and organisation
of information.
Assessment - the analysis and evaluation of data to
establish facts, value, and credibility.
Client - the person(s), or entity who contracts the task.
Evaluation - the examination and comparison of
information against accepted or required standards
and/or other criteria to determine its value and
relevance.
Organisation - a company, firm, enterprise or
association, or other legal entity or part thereof, whether
incorporated or not, public or private, that has its own
function(s) and administration.
Procedure - a way of acting or progressing, especially
an established method.
Risk - the chance of something happening that will have
an impact upon objectives, measured in terms of
consequences and likelihood.
Risk assessment - the overall process of risk analysis
and risk evaluation.
Risk evaluation - the process used to determine risk
management priorities by comparing the level of risk
against predetermined standards, target risk levels, or
other criteria.
Risk management - the systematic application of policy,
practice and procedure to the task of identifying,
analysing, assessing, treating and monitoring risk.
Security - the protection of people, activities, and assets
including information, from loss, damage, or harm.
Security consultant - a person providing independent
professional security advice.
Security investigation - a planned and directed process
used to establish facts relevant to security.
Security manager - a person appointed to manage
security in an organisation.
Security measures - strategies, systems and resources
used to ensure security.
4
Range:
evidence of two fully documented risk
assessments is required.
 New Zealand Qualifications Authority 2016
19754
28-Jun-16
3 of 6
SECURITY MANAGEMENT
Produce security risk assessments
Elements and Performance Criteria
element 1
Establish the context for the security risk assessment.
performance criteria
1.1
The strategic environment in which the organisation operates and key
stakeholders are identified.
1.2
The organisational capabilities, goals and objectives, and strategies to achieve
them are identified.
1.3
The scope and boundaries for the project are identified.
Range:
scope and boundaries - project objectives, time, resources,
special studies, extent and comprehensiveness, relationship to
other projects.
1.4
The criteria against which the security risks are to be evaluated are specified.
1.5
A logical framework to facilitate subsequent identification and analysis of
security risks is defined.
1.6
Key contacts in the organisation for the purpose of the project are identified.
element 2
Identify security risks.
performance criteria
2.1
Identification includes a comprehensive list of events and potential threats
relevant to the risk assessment.
2.2
Identification includes possible causes and scenarios for each of the identified
events.
2.3
Identification demonstrates use of relevant tools and techniques.
 New Zealand Qualifications Authority 2016
19754
28-Jun-16
4 of 6
SECURITY MANAGEMENT
Produce security risk assessments
Range:
typical tools and techniques - checklists, records of past events,
flow charts, system analysis, scenario analysis, interviews,
consultation, past surveys and assessments, security
investigations.
element 3
Analyse security risks.
performance criteria
3.1
Analysis identifies and evaluates existing security measures.
Range:
examples of measures - management, technical systems,
procedures.
3.2
Analysis establishes the likelihood of occurrence, and the consequences of
each event in the context of the identified measures.
3.3
Analysis combines consequences and likelihood to produce a level of risk.
Range:
3.4
analysis may involve calculations and statistical analysis, and/or
subjective estimates reflecting the belief that particular events or
outcomes may occur.
Analysis includes consideration of the effect of changes in assumptions and
data.
element 4
Evaluate security risks.
performance criteria
4.1
Evaluation prioritises the risks in accordance with pre-established evaluation
criteria, and where appropriate, identifies low risk categories requiring no further
treatment.
element 5
Document and present security risk assessment.
 New Zealand Qualifications Authority 2016
19754
28-Jun-16
5 of 6
SECURITY MANAGEMENT
Produce security risk assessments
performance criteria
5.1
Documentation and presentation are appropriate to the nature of the project and
meet client expectations.
Range:
5.2
Content meets professional standards.
Range:
5.3
documentation and presentation - evidence of care in
presentation; substance, credibility, and clarity are not
compromised by deficient spelling, punctuation or grammar; the
meaning of technical terms is clear to recipients or is explained;
client expectations may include - timeliness, content, clarity,
conciseness, complexity, level, medium.
standards include - content is structured in a logical and coherent
sequence;
there are no substantive omissions or errors of fact;
assumptions,
comment,
inferences,
conclusions
and
recommendations are distinguished from fact;
conclusions and recommendations are unbiased;
conclusions and recommendations are consistent with the brief or
objectives, facts, analysis, and evaluation;
relevant legal and regulatory requirements are satisfied.
Measures to ensure the security of the documentation and presentation are
consistent with their content and client needs.
Comments on this unit standard
Please contact the ElectroTechnology Industry Training Organisation marilynb@etito.co.nz
if you wish to suggest changes to the content of this unit standard.
Please Note
Providers must be accredited by the Qualifications Authority or a delegated interinstitutional body before they can register credits from assessment against unit standards
or deliver courses of study leading to that assessment.
Industry Training Organisations must be accredited by the Qualifications Authority before
they can register credits from assessment against unit standards.
Accredited providers and Industry Training Organisations assessing against unit standards
must engage with the moderation system that applies to those standards.
 New Zealand Qualifications Authority 2016
19754
28-Jun-16
6 of 6
SECURITY MANAGEMENT
Produce security risk assessments
Accreditation requirements and an outline of the moderation system that applies to this
standard are outlined in the Accreditation and Moderation Action Plan (AMAP). The
AMAP also includes useful information about special requirements for providers wishing to
develop education and training programmes, such as minimum qualifications for tutors and
assessors, and special resource requirements.
This unit standard is covered by AMAP 0003
http://www.nzqa.govt.nz/framework/search/index.do.
which can
be
accessed at
 New Zealand Qualifications Authority 2016
Related documents
Achievement Standard
Achievement Standard
Achievement Standard
Achievement Standard
SECURITY MANAGEMENT Provide advice on special security risks
SECURITY MANAGEMENT Provide advice on special security risks
SECURITY MANAGEMENT Develop operational security plans
SECURITY MANAGEMENT Develop operational security plans
Demonstrate knowledge of contract management in the road transport industry
Demonstrate knowledge of contract management in the road transport industry
Supervise security operations
Supervise security operations
Provide technical advice on complex compliance issues and negotiate
Provide technical advice on complex compliance issues and negotiate
SECURITY STAFF SERVICES Demonstrate knowledge of and operate officer
SECURITY STAFF SERVICES Demonstrate knowledge of and operate officer
Demonstrate knowledge of security operations
Demonstrate knowledge of security operations
Download
advertisement