Pearson BTEC Level 4 Diploma in Information Security ...€¦ · Pearson BTEC Level 4 Diploma in...
Transcript of Pearson BTEC Level 4 Diploma in Information Security ...€¦ · Pearson BTEC Level 4 Diploma in...
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification
Competence-based qualification First registration August 2014
Edexcel, BTEC and LCCI qualifications
Edexcel, BTEC and LCCI qualifications are awarded by Pearson, the UK’s largest awarding body offering academic and vocational qualifications that are globally recognised and benchmarked. For further information, please visit our qualification websites at www.edexcel.com, www.btec.co.uk or www.lcci.org.uk. Alternatively, you can get in touch with us using the details on our contact us page at www.edexcel.com/contactus
About Pearson
Pearson is the world's leading learning company, with 40,000 employees in more than 70 countries working to help people of all ages to make measurable progress in their lives through learning. We put the learner at the centre of everything we do, because wherever learning flourishes, so do people. Find out more about how we can help you and your learners at: www.pearson.com/uk
References to third party material made in this specification are made in good faith. Pearson does not endorse, approve or accept responsibility for the content of materials, which may be subject to change, or any opinions expressed therein. (Material may include textbooks, journals, magazines and other publications and websites.)
All information in this specification is correct at time of publication.
Authorised by Dave Evans Prepared by Maria Adu
ISBN 978 1 446 9 11877
All the material in this publication is copyright © Pearson Education Limited 2014
Contents
Purpose of this specification 1
1 Introducing Pearson BTEC Competence-based qualifications 2
What are Competence-based qualifications? 2
2 Qualification summary and key information 3
QCF qualification number and qualification title 4
Qualification objectives 4
Relationship with previous qualifications 4
Apprenticeships 4
Progression opportunities 5
Industry support and recognition 5
Relationship with National Occupational Standards 5
3 Qualification structure 6
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) 6
4 Assessment 9
Assessment requirements 10
Types of evidence 10
Credit transfer 11
5 Centre resource requirements 12
General resource requirements 12
6 Centre recognition and approval centre recognition 13
Approvals agreement 13
7 Quality assurance of centres 14
7 Quality assurance of centres 14
8 Programme delivery 15
9 Access and recruitment 16
10 Access to qualifications for learners with disabilities or specific needs 17
11 Unit format 18
Unit title 18
Unit reference number 18
QCF level 18
Credit value 18
Guided learning hours 18
Unit aim 18
Essential resources 18
Unit assessment requirements/evidence requirements 18
Learning outcomes 19
Assessment criteria 19
Unit 101: Health and Safety in ICT 20
Unit 303: Testing the Security of Information Systems 22
Unit 304: Carrying Out Information Security Risk Assessment 25
Unit 305: Investigating Information Security Incidents 28
Unit 306: Carrying Out Information Security Incident Management Activities 30
Unit 307: Carrying Out Information Security Forensic Examinations 33
Unit 308: Carrying Out Information Security Audits 35
Unit 309: System Operation 37
Unit 310: System Management 40
Unit 311: Creating an Event-Driven Computer Program 42
Unit 312: Creating an Object-Oriented Computer Program 45
Unit 313: Creating a Procedural Computer Program 48
Unit 314: Investigating and Defining Customer Requirements for ICT Systems 51
Unit 315: User Profile Administration 54
Unit 401: Develop Own Effectiveness and Professionalism 57
Unit 403: Testing the Security of Information Systems 61
Unit 404: Carrying Out Information Security Risk Assessment 64
Unit 405: Investigating Information Security Incidents 67
Unit 407: Carrying Out Information Security Forensic Examinations 69
Unit 408: Carrying Out Information Security Audits 71
Unit 409: IT and Telecoms System Operation 74
Unit 410: IT and Telecoms System Management 78
Unit 411: Designing and Developing Event-Driven Computer Program 81
Unit 412: Designing and Developing Object-Oriented Computer Program 84
Unit 413: Designing and Developing Procedural Computer Program 87
Unit 414: Investigating and Defining Customer Requirements for ICT Systems 90
Unit 415: Carrying out Information Security Risk Management 93
12 Further information and useful publications 96
13 Professional development and training 97
BTEC training and support for the lifetime of the qualifications 97
Online forum 97
14 Contact us 98
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
1
Purpose of this specification
The purpose of a specification as defined by Ofqual is to set out:
● the qualification’s objective
● any other qualification that a learner must have completed before taking the qualification
● any prior knowledge, skills or understanding that the learner is required to have before taking the qualification
● units that a learner must have completed before the qualification will be awarded and any optional routes
● any other requirements that a learner must have satisfied before they will be assessed or before the qualification will be awarded
● the knowledge, skills and understanding that will be assessed as part of the qualification (giving a clear indication of their coverage and depth)
● the method of any assessment and any associated requirements relating to it
● the criteria against which the learner’s level of attainment will be measured (such as assessment criteria)
● any specimen materials
● any specified levels of attainment
● the Apprenticeship Framework in which the qualification is included, where appropriate.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
2
1 Introducing Pearson BTEC Competence-based qualifications
What are Competence-based qualifications?
Competence-based qualifications reflect the skills and knowledge needed to do a job effectively. They are work-based qualifications that give learners the opportunity to demonstrate their competence in the area of work or job role to which the qualification relates.
Competence-based qualifications are outcomes-based with no fixed learning programme, allowing flexibility in their delivery to meet the individual learner’s needs. The qualifications are based on the National Occupational Standards (NOS) for the sector, which define what employees, or potential employees, must be able to do and know, and how well they should undertake work tasks and work roles.
Most Competence-based qualifications form the competence component of Apprenticeship Frameworks. They are suitable for those in employment or those who are studying at college and have a part-time job or access to a substantial work placement.
Most learners will work towards their qualification in the workplace or in settings that replicate the working environment. Colleges, training centres and/or employers can offer these qualifications provided they have access to appropriate physical and human resources.
There are three sizes of Competence-based qualification in the QCF:
● Award (1 to 12 credits)
● Certificate (13 to 36 credits)
● Diploma (37 credits and above).
Every unit and qualification in the QCF has a credit value.
The credit value of a unit specifies the number of credits that will be awarded to a learner who has met the learning outcomes of the unit.
The credit value of a unit is based on:
● one credit for those learning outcomes achievable in 10 hours of learning
● learning time – defined as the time taken by learners at the level of the unit, on average, to complete the learning outcomes of the unit to the standard determined by the assessment criteria.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
3
2 Qualification summary and key information
Qualification title Pearson BTEC Level 4 Diploma in Information Security Professional Competence(QCF)
QCF Qualification Number (QN) 601/3783/6
Qualification framework Qualifications and Credit Framework (QCF)
Accreditation start date August 2014
Certification end date December 2017
Approved age ranges 16–18
19+
Please note that sector-specific requirements or regulations may prevent learners of a particular age from embarking on this qualification.
Credit value 78
Assessment Portfolio of Evidence (internal assessment)
Guided learning hours 325–395
Grading information The qualification and units are at Pass grade
Entry requirements No prior knowledge, understanding, skills or qualifications are required before learners register for this qualification. However, centres must follow the Pearson Access and Recruitment policy (see Section 9, Access and recruitment).
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
4
QCF qualification number and qualification title
Centres will need to use the QCF Qualification Number (QN) when they seek public funding for their learners. Every unit in a qualification has a QCF unit reference number (URN).
The qualification title, unit titles and QN are given on each learner’s final certificate. You should tell your learners this when your centre recruits them and registers them with us. There is more information about certification in our UK Information Manual, available on our website at: www.edexcel.com/iwantto/Pages/uk-information-manual
Qualification objectives
The Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) is for learners who work in, or want to work in the information security sector.
It gives learners the opportunity to:
● demonstrate competence in relevant job roles within the information security sector
● develop knowledge and skills related to the specified job roles in the information security sector
● have existing skills recognised
● achieve a nationally recognised Level 4 qualification
● personally develop and engage in learning.
Relationship with previous qualifications
This is a new qualification.
Apprenticeships
E-skills UK includes the Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) as the competence component for the Higher Apprenticeship in Information Security.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
5
Progression opportunities
Learners who have achieved the Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) may progress to the Pearson BTEC Level 5 HND Diploma in Computing and Systems Development (QCF).
Industry support and recognition
This qualification is supported by e-skills UK, the Sector Skills Council for Information Technology.
Relationship with National Occupational Standards
This qualification is based on the e-skills UK National Occupational Standards (NOS) and the IISP (Information Security and Information Assurance Professionals) skills framework in Information Technology.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
6
3 Qualification structure
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF)
The learner will need to meet the requirements outlined in the table below before the qualification can be awarded.
Minimum number of credits that must be achieved 78
Minimum number of credits that must be achieved at Level 4 48
Number of mandatory credits that must be achieved 15
Number of optional credits that must be achieved from Option Group 1 36
The remaining 27 credits may be achieved from:
a combination of Option Group 1 and Option Group 2 OR
Option Group 2 only
27
Unit Unit reference number
Mandatory units
All 15 credits MUST be achieved from this group
Level Credit Guided learning hours
101 Y/500/7183 Health and Safety in ICT 1 3 15
401 K/601/3502 Develop own Effectiveness and Professionalism
4 12 60
Unit Unit reference number
Option Group 1 units
A minimum of 36 credits MUST be achieved from this group
Level Credit Guided learning hours
TS – Testing Security
No more than one unit to be completed from this section
303 T/505/5788 Testing the Security of Information Systems
3 12 40
403 A/505/5789 Testing the Security of Information Systems
4 15 60
RA – Risk Assessment
No more than one unit to be completed from this section
304 T/505/5791 Carrying Out Information Security Risk Assessment
3 9 30
404 A/505/5792 Carrying Out Information Security Risk Assessment
4 12 40
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
7
Unit Unit reference number
Option Group 1 units
A minimum of 36 credits MUST be achieved from this group
Level Credit Guided learning hours
II – Investigating Information Security Incidents
No more than one unit to be completed from this section
305 F/505/5793 Investigating Information Security Incidents
3 9 23
405 D/505/5798 Investigating Information Security Incidents
4 12 35
FE – Forensic Examinations
No more than one unit to be completed from this section
307 R/505/580 Carrying Out Information Security Forensic Examinations
3 6 10
407 M/505/5806 Carrying Out Information Security Forensic Examinations
4 9 20
SA – Security Audits
No more than one unit to be completed from this section
308 A/505/580 Carrying Out Information Security Audits
3 6 10
408 A/505/5811 Carrying Out Information Security Audits
4 12 30
RM – Risk Management
This single unit may be attempted
415 L/505/5814 Carrying Out Information Security Risk Management
4 12 40
Unit Unit reference number
Option Group 2 units.
A maximum of 27 credits may be taken from this group.
Level Credit Guided learning hours
MA – Management Activities
This single unit may be attempted
306 F/505/5812 Carrying Out Information Security Incident Management Activities
3 9 25
SO – System Operation
No more than one unit to be completed from this section
309 A/500/7340 System Operation 3 12 100
409 R/504/5513 IT and Telecoms System Operation 4 15 90
SM – System Management
No more than one unit to be completed from this section
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
8
Unit Unit reference number
Option Group 2 units.
A maximum of 27 credits may be taken from this group.
Level Credit Guided learning hours
310 D/500/7332 System Management 3 12 100
410 M/504/5504 IT and Telecoms System Management
4 15 90
ED – Event-Driven Computer Program
No more than one unit to be completed from this section
311 F/601/3179 Creating an Event-Driven Computer Program
3 12 90
411 J/601/3300 Designing and Developing Event-Driven Computer Program
4 15 90
OO – Object-Oriented Computer Program
No more than one unit to be completed from this section
312 L/601/3184 Creating an Object-Oriented Computer Program
3 12 90
412 T/601/3308 Designing and Developing Object-Oriented Computer Program
4 15 90
CP – Creating a Procedural Computer Program
No more than one unit to be completed from this section
313 R/601/3171 Creating a Procedural Computer Program
3 12 90
413 T/601/3311 Designing and Developing Procedural Computer Program
4 15 90
ID – Investigating and Defining
No more than one unit to be completed from this section
314 R/601/3249 Investigating and Defining Customer Requirements for ICT Systems
3 12 75
414 R/602/1772 Investigating and Defining Customer Requirements for ICT Systems
4 15 90
UP – User Profile Administration
This single unit may be attempted
315 K/500/7379 User Profile Administration 3 9 80
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
9
4 Assessment
This qualification is assessed through an externally verified Portfolio of Evidence that consists of evidence gathered during the course of the learner’s work.
To achieve a Pass for the full qualification, the learner must achieve all the required units in the stated qualification structure. Each unit has specified learning outcomes and assessment criteria. To pass each unit the learner must:
● achieve all the specified learning outcomes
● satisfy all the assessment criteria by providing sufficient and valid evidence for each criterion
● prove that the evidence is their own.
The learner must have an assessment record that identifies the assessment criteria that have been met, and it should be cross-referenced to the evidence provided. The assessment record should include details of the type of evidence and the date of assessment. The unit specification or suitable centre documentation can be used to form an assessment record.
It is important that the evidence provided to meet the assessment criteria of the unit and learning outcomes is:
Valid relevant to the standards for which competence is claimed
Authentic produced by the learner
Current sufficiently recent to create confidence that the same skill, understanding or knowledge persist at the time of the claim
Reliable indicates that the learner can consistently perform at this level
Sufficient fully meets the requirements of the standards.
Learners can provide evidence of occupational competence from:
● current practice where evidence is generated from a current job role
● a programme of development where evidence comes from assessment opportunities built into a learning programme.
● the Recognition of Prior Learning (RPL) where a learner can demonstrate that they can meet the assessment criteria within a unit through knowledge, understanding or skills they already possess without undertaking a course of development. They must submit sufficient, reliable, authentic and valid evidence for assessment. Evidence submitted based on RPL should provide confidence that the same level of skill/understanding/knowledge exists at the time of claim as existed at the time the evidence was produced. RPL is acceptable for accrediting a unit, several units, or a whole qualification.
● Further guidance is available in the policy document Recognition of Prior Learning Policy and process, available on our website: www.edexce.com/polices
● a combination of these.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
10
Assessment requirements
Learners must provide evidence according to the requirements stated in the unit.
Types of evidence
To achieve a unit, the learner must gather evidence that shows that they have met the required standard specified in the assessment criteria. The evidence for this qualification can take a variety of forms as indicated below:
● direct observation of the learner’s performance by their assessor (O)
● outcomes from oral or written questioning (Q&A)
● products of the learner’s work (P)
● personal statements and/or reflective accounts (RA)
● outcomes from simulation (S)
● professional discussion (PD)
● assignment, project/case studies (A)
● authentic statements/witness testimony (WT)
● expert witness testimony (EWT)
● evidence of Recognition of Prior Learning (RPL).
Learners can use the abbreviations for cross-referencing purposes in their portfolios.
Learners can also use one piece of evidence to prove their knowledge, skills and understanding across different assessment criteria and/or across different units. It is not necessary for learners to have each assessment criterion assessed separately. They should be encouraged to reference evidence to the relevant assessment criteria. Evidence must be available to the assessor, internal verifier and Pearson standards verifier.
Any specific evidence requirements for individual units are stated in the unit introductions to the units.
There is further guidance about assessment on our website. Please see Section 10 for details.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
11
Credit transfer
Credit transfer describes the process of using a credit or credits awarded in the context of a different qualification or awarded by a different awarding organisation towards the achievement requirements of another qualification. All awarding organisations recognise the credits awarded by all other awarding organisations that operate within the QCF.
If learners achieve credits with other awarding organisations, they do not need to retake any assessment for the same units. The centre must keep evidence of credit achievement.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
12
5 Centre resource requirements
As part of the approval process, centres must make sure that the resource requirements below are in place before offering the Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF).
General resource requirements
● Centres must have the appropriate physical resources to support both the delivery and assessment of the qualification (for example, a workplace in line with industry standards, equipment, IT, learning materials and teaching rooms).
● Where permitted, a Realistic Working Environment (RWE) must offer the same conditions as the normal day-to-day working environment, with a similar range of demands, pressures and requirements for cost-effective working.
● Centres must meet any specific human and physical resource requirements. Staff assessing learners must meet the occupational competence requirements.
● There must be systems in place to ensure the continuing professional development for staff delivering the qualification.
● Centres must have appropriate health and safety policies, procedures and practices in place for the delivery of the qualification.
● Centres must deliver the qualifications in accordance with current equality legislation. For further details on Pearson’s commitment to the Equality Act 2010, please see Section 9 Access and recruitment and Section 10 Access to qualifications for learners with disabilities or specific needs. For full details of the Equality Act 2010, please go to www.legislation.gov.uk
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
13
6 Centre recognition and approval centre recognition
Centres that have not previously offered this Pearson qualification need to apply for, and be granted, centre recognition as part of the process for approval to offer this individual qualification.
Guidance on seeking approval to deliver BTEC qualifications is given on our website, www.edexcel.com
Approvals agreement
All centres are required to enter into an approval agreement that is a formal commitment by the head or principal of a centre to meet all the requirements of the specification and any associated codes, conditions or regulations.
Pearson will act to protect the integrity of the awarding of qualifications. If centres do not comply with the agreement, this could result in the suspension of certification or withdrawal of approval.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
14
7 Quality assurance of centres
Quality assurance is at the heart of vocational qualifications. Centres will internally assess Competence-based qualifications using internal quality assurance procedures to ensure standardisation of assessment across all learners. Pearson uses external quality assurance procedures to check that all centres are working to national standards. It gives us the opportunity to identify and provide support, if needed, to safeguard certification. It also allows us to recognise and support good practice.
For the qualifications in this specification, the Pearson quality assurance model is as described below.
Centres offering Pearson BTEC Competence-based qualifications will at least receive two standards verification visits per year. The exact frequency and duration of standards verifier visits must reflect the centre’s performance, taking account of the number:
● of assessment sites
● and throughput of learners
● and turnover of assessors
● and turnover of internal verifiers.
For centres offering a full Pearson Apprenticeship (i.e. all elements of the Apprenticeship are delivered with Pearson through registration of learners on a Pearson Apprenticeship framework) a single standards verifier will be allocated to verify all elements of the Pearson Apprenticeship programme. If a centre is also offering stand-alone Competence-based qualifications in the same sector as a full Pearson Apprenticeship, the same standards verifier will be allocated.
In order for certification to be released, confirmation is required that the National Occupational Standards (NOS) for assessment, for internal verification and for the specific occupational sector are being consistently met.
Centres are required to declare their commitment to ensuring quality and to providing appropriate opportunities for learners that lead to valid and accurate assessment outcomes.
For further details, please go to the UK NVQ Quality Assurance Centre Handbook and the Edexcel NVQs, SVQs and Competence-based qualifications – Delivery Requirements and Quality Assurance Guidance on our website, at www.pearsonwbl.edexcel.com/NVQ-competence-based.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
15
8 Programme delivery
Centres are free to offer the qualifications using any mode of delivery (for example full-time, part-time, evening only, distance learning) that meets learners’ needs. Centres must have due regard to Pearson’s policies that may apply to different modes of delivery.
Those planning the programme should aim to address the occupational nature of the qualification by:
● engaging with learners, initially, through planned induction, and subsequently through the involvement of learners in planning for assessment opportunities
● using naturally occurring workplace activities and products to present evidence for assessment against the requirements of the qualification
● developing a holistic approach to assessment by matching evidence to different assessment criteria, learning outcomes and units, as appropriate, thereby reducing the assessment burden on learners and assessors
● taking advantage of suitable digital methods to capture evidence.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
16
9 Access and recruitment
Pearson’s policy regarding access to its qualifications is that:
● they should be available to everyone who is capable of reaching the required standards
● they should be free from any barriers that restrict access and progression
● there should be equal opportunities for all wishing to access the qualifications.
Centres must ensure that their learner recruitment process is conducted with integrity. This includes ensuring that applicants have appropriate information and advice about the qualification to ensure that it will meet their needs.
Centres should review applicants’ prior qualifications and/or experience, considering whether this profile shows that they have the potential to achieve the qualification.
For learners with disabilities and specific needs, this review will need to take account of the support available to the learner during teaching and assessment of the qualification. The review must take account of the information and guidance in Section 10 Access to qualifications for learners with disabilities or specific needs.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
17
10 Access to qualifications for learners with disabilities or specific needs
Equality and fairness are central to our work. Pearson’s Equality Policy requires all learners to have equal opportunity to access our qualifications and assessments. It also requires our qualifications to be awarded in a way that is fair to every learner.
We are committed to making sure that:
● learners with a protected characteristic (as defined by the Equality Act 2010) are not, when they are undertaking one of our qualifications, disadvantaged in comparison to learners who do not share that characteristic
● all learners achieve the recognition they deserve from undertaking a qualification and that this achievement can be compared fairly to the achievement of their peers.
Learners taking a qualification may be assessed in British Sign Language or Irish Sign Language where it is permitted for the purpose of reasonable adjustments.
Further information on access arrangements can be found in the Joint Council for Qualifications (JCQ) document Access Arrangements, Reasonable Adjustments and Special Consideration for General and Vocational qualifications.
Details on how to make adjustments for learners with protected characteristics are given in the document Pearson Supplementary Guidance for Reasonable Adjustment and Special Consideration in Vocational Internally Assessed Units.
Both documents are on our website at: www.edexcel.com/policies
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
18
11 Unit format
Units have the following sections.
Unit title
The unit title is on the QCF and this form of words will appear on the learner’s Notification of Performance (NOP).
Unit reference number
Each unit is assigned a unit reference number that appears with the unit title on the Register of Regulated Qualifications.
QCF level
All units and qualifications within the QCF have a level assigned to them. There are nine levels of achievement, from Entry to Level 8. The QCF Level Descriptors inform the allocation of the level.
Credit value
When a learner achieves a unit, they gain the specified number of credits.
Guided learning hours
Guided learning hours are the times when a tutor, trainer or facilitator is present to give specific guidance towards the learning aim for a programme. This definition covers lectures, tutorials and supervised study in, for example, open learning centres and learning workshops. It also includes assessment by staff where learners are present. It does not include time spent by staff marking assignments or homework where the learner is not present.
Unit aim
This gives a summary of what the unit aims to do.
Essential resources
This section lists any specialist resources needed to deliver the unit. The centre will be asked to make sure that these resources are in place when it seeks approval from Pearson to offer the qualification.
Unit assessment requirements/evidence requirements
Learners must provide evidence according to each of the requirements stated in this section.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
19
Learning outcomes
The learning outcomes of a unit set out what a learner knows, understands or is able to do as the result of a process of learning.
Assessment criteria
Assessment criteria specify the standard required by the learner to achieve each learning outcome.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
20
Unit 101: Health and Safety in ICT
Unit reference number: Y/500/7183
QCF level: 1
Credit value: 3
Guided learning hours: 15
Unit aim This unit explores compliance with health and safety legislation when working in ICT.
The basis of health and safety law is the Health and Safety at Work Act 1974. The act sets out the general duties that employers have towards employees and members of the public, and employees have to themselves and to each other.
What the law requires here is what good management and common sense would lead individuals and organisations to do anyway: that is, identify risks and take sensible measures to tackle them.
Health and safety legislation impacts not only on those who are employed at work, but on visitors, bystanders and customers who may be affected by actions of those engaged in work activities.
Health and safety legislation is subject to constant review, and new legislation is introduced on a regular basis. This constant change must be monitored by organisations and individuals to identify actions required to remain compliant. Interpretation of the legislation may also be modified as a result of case law or other legal guidance.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
21
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Id
entify
rel
evan
t org
anis
atio
nal
hea
lth a
nd s
afet
y pro
cedure
s
1.2
Id
entify
ava
ilable
sourc
es o
f hea
lth a
nd s
afet
y in
form
atio
n
1
Be
able
to c
om
ply
w
ith r
elev
ant
hea
lth a
nd s
afet
y pro
cedure
s 1.3
D
emonst
rate
how
rel
evan
t hea
lth a
nd s
afet
y pro
cedure
s hav
e bee
n
follo
wed
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
22
Unit 303: Testing the Security of Information Systems
Unit reference number: T/505/5788
QCF level: 3
Credit value: 12
Guided learning hours: 40
Unit aim On completion of this unit, learners will be able to conduct security tests and be able to report the results of tests using standard documents.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
23
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
D
evel
op t
est
scripts
for
spec
ifie
d info
rmat
ion a
ssura
nce
req
uirem
ents
te
stin
g
1.2
Cre
ate
pla
ns
that
ensu
re t
hat
spec
ifie
d info
rmat
ion a
ssura
nce
re
quirem
ents
are
tes
ted
1.3
Im
ple
men
t sp
ecifie
d p
repar
atio
ns
prior
to c
arry
ing o
ut
test
s
1.4
Apply
spec
ifie
d t
est
met
hods,
tools
and t
echniq
ues
follo
win
g
org
anis
atio
nal
pro
cedure
s
1.5
Rec
ord
the
resu
lts
of
test
s usi
ng s
tandar
d d
ocu
men
tation
1
Be
able
to c
onduct
se
curity
tes
ting
1.6
Im
ple
men
t sp
ecifie
d a
ctiv
itie
s fo
llow
ing t
he
com
ple
tion o
f te
stin
g
2.1
Exa
min
e th
e re
sults
of te
stin
g t
o id
entify
sec
urity
vuln
erab
ilities
2.2
Prioritise
iden
tified
vuln
erab
ilities
agai
nst
spec
ifie
d info
rmat
ion
assu
rance
req
uirem
ent
2.3
Rep
ort
any
hig
h p
riority
vuln
erab
ilities
to t
he
rele
vant
per
sons
follo
win
g o
rgan
isat
ional
pro
cedure
s
2.4
Id
entify
the
type
of a
ctio
ns
required
to m
itig
ate
iden
tified
vu
lner
abili
ties
2
Be
able
to r
eport
on t
est
resu
lts
2.5
Rep
ort
the
resu
lts
of te
st a
ctiv
itie
s usi
ng s
tandar
d d
ocu
men
tation
follo
win
g o
rgan
isat
ional
pro
cedure
s
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
24
Lear
ner
nam
e:________________________________________________
Dat
e:_____________________________
Lear
ner
sig
nat
ure
:_____________________________________________
Dat
e:_____________________________
Ass
esso
r si
gnat
ure
:____________________________________________
Dat
e:_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:_______________________________________
(if
sam
ple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
25
Unit 304: Carrying Out Information Security Risk Assessment
Unit reference number: T/505/5791
QCF level: 3
Credit value: 9
Guided learning hours: 30
Unit aim On completion of this unit, learners will be able to gather information, assess and report on the risks to information security.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
26
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Ver
ify
the
scope
of
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts t
o be
asse
ssed
with r
elev
ant
per
sons
1.2
U
se s
pec
ifie
d inve
stig
ativ
e m
ethods
follo
win
g o
rgan
isat
ional
pro
cedure
s
1.3
G
ather
info
rmat
ion t
o e
nab
le t
he
secu
rity
of sp
ecifie
d info
rmat
ion
asse
ts a
nd s
yste
m c
om
ponen
ts t
o b
e as
sess
ed
1
Be
able
to g
ather
in
form
atio
n o
n
info
rmat
ion
secu
rity
ris
ks
1.4
Rec
ord
all
gat
her
ed info
rmat
ion u
sing s
tandar
d d
ocu
men
tation
2.1
Exa
min
e gat
her
ed info
rmat
ion t
o iden
tify
ris
ks t
o t
he
secu
rity
of
spec
ifie
d info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts
2.2
Cat
egorise
the
priority
of
iden
tified
ris
ks b
y det
erm
inin
g t
hei
r pro
bab
ility
of
occ
urr
ence
and p
ote
ntial
im
pac
t
2.3
Rep
ort
hig
h p
riority
ris
ks t
o t
he
rele
vant
per
sons
follo
win
g
org
anis
atio
nal
pro
cedure
s
2.4
D
eter
min
e th
e ty
pes
of ac
tions
required
to m
itig
ate
iden
tified
ris
ks
2
Be
able
to a
sses
s an
d r
eport
on
info
rmat
ion
secu
rity
ris
ks
2.5
Rep
ort
the
resu
lts
of
risk
ass
essm
ent
activi
ties
usi
ng s
tandar
d
docu
men
tation f
ollo
win
g o
rgan
isat
ional
pro
cedure
s
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
27
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
28
Unit 305: Investigating Information Security Incidents
Unit reference number: F/505/5793
QCF level: 3
Credit value: 9
Guided learning hours: 23
Unit aim On completion of this unit, learners will be able to gather information to investigate, identify and report information security incidents.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
29
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Id
entify
the
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts t
hat
may
be
impac
ted b
y det
ecte
d inci
den
ts
1.2
Ver
ify
the
scope
of
det
ecte
d inci
den
ts w
ith r
elev
ant
per
sons
1
Be
able
to g
ather
in
form
atio
n t
o
inve
stig
ate
info
rmat
ion
secu
rity
inci
den
ts
1.3
O
bta
in a
nd p
rese
rve
evid
ence
rel
atin
g t
o d
etec
ted inci
den
ts
2.1
U
nder
take
agre
ed inve
stig
ativ
e ac
tions
2.2
Exa
min
e how
acc
ess
to t
he
affe
cted
info
rmat
ion a
sset
s an
d s
yste
m
com
ponen
ts w
as o
bta
ined
2.3
Rep
ort
to t
he
rele
vant
per
sons
any
inci
den
ts for
whic
h t
he
mode
of
acce
ss c
annot
be
iden
tified
2.4
M
ake
reco
mm
endat
ions
on t
he
nee
d f
or
det
aile
d f
ore
nsi
c ex
amin
atio
ns
2.5
Rep
ort
on inci
den
t in
vest
igat
ion a
ctiv
itie
s usi
ng s
tandar
d
docu
men
tation
2
Be
able
to
inve
stig
ate
info
rmat
ion
secu
rity
inci
den
ts
2.6
Fo
llow
org
anis
atio
nal
pro
cedure
s fo
r in
vest
igat
ion a
ctiv
itie
s
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
30
Unit 306: Carrying Out Information Security Incident Management Activities
Unit reference number: F/505/5812
QCF level: 3
Credit value: 9
Guided learning hours: 25
Unit aim On completion of this unit, learners will be able to carry out information security incident management activities and be able to gather information to manage incidents in information security.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
31
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Fo
llow
org
anis
atio
nal
pro
cedure
s fo
r th
e det
ection a
nd c
lass
ific
atio
n o
f in
ciden
ts
1.2
Id
entify
the
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts t
hat
may
be
impac
ted b
y det
ecte
d inci
den
ts
1.3
Ver
ify
the
scope
of
det
ecte
d inci
den
ts w
ith r
elev
ant
per
sons
1
Be
able
to g
ather
in
form
atio
n t
o
man
age
info
rmat
ion
secu
rity
inci
den
ts
1.4
O
bta
in info
rmat
ion a
nd d
ata
on inci
den
ts t
o a
sses
s th
eir
impac
t on
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts
2.1
Id
entify
typ
es o
f ac
tions
required
to r
esolv
e in
ciden
ts o
r m
itig
ate
thei
r im
pac
t
2.2
Rep
ort
any
inci
den
ts t
hat
can
not
be
reso
lved
or
mitig
ated
to t
he
rele
vant
per
sons
follo
win
g o
rgan
isat
ional
pro
cedure
s
2.3
M
ake
reco
mm
endat
ions
for
spec
ific
act
ions
to b
e ta
ken t
o r
espond t
o in
ciden
ts
2.4
Rep
ort
on inci
den
t m
anag
emen
t ac
tivi
ties
usi
ng s
tandar
d
docu
men
tation f
ollo
win
g o
rgan
isat
ional
pro
cedure
s
2
Be
able
to c
arry
ou
t in
form
atio
n
secu
rity
inci
den
t m
anag
emen
t ac
tivi
ties
2.5
Fo
llow
org
anis
atio
nal
pro
cedure
s fo
r th
e cl
osu
re o
f in
ciden
ts
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
32
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
33
Unit 307: Carrying Out Information Security Forensic Examinations
Unit reference number: R/505/5801
QCF level: 3
Credit value: 6
Guided learning hours: 10
Unit aim This unit provides the relevant skills and methods for applying forensic examinations. On completion of this unit, learners will be able to report and undertake specific actions to secure relevant information in information security.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
34
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Fo
llow
org
anis
atio
nal
pro
cedure
s fo
r fo
rensi
c ex
amin
atio
ns
1.2
U
nder
take
spec
ifie
d a
ctio
ns
to s
ecure
info
rmat
ion a
sset
s an
d s
yste
m
com
ponen
ts s
ubje
ct t
o a
ctual
or
atte
mpte
d b
reac
hes
of
secu
rity
1.3
Apply
fore
nsi
c m
ethods
to e
xam
ine
spec
ifie
d s
yste
m info
rmat
ion f
or
evid
ence
of ac
tual
or
atte
mpte
d b
reac
hes
of
secu
rity
polic
y or
legis
lation
1.4
Rep
ort
any
iden
tified
sourc
es o
f ac
tual
or
atte
mpte
d b
reac
hes
of
secu
rity
to t
he
rele
vant
per
sons
1.5
U
se s
pec
ifie
d t
ools
to a
nal
yse
the
inte
grity
of so
ftw
are
1
Be
able
to c
arry
ou
t in
form
atio
n
secu
rity
fore
nsi
c ex
amin
atio
ns
1.6
Rep
ort
on fore
nsi
c ex
amin
atio
n a
ctiv
itie
s usi
ng s
tandar
d
docu
men
tation
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
35
Unit 308: Carrying Out Information Security Audits
Unit reference number: A/505/5808
QCF level: 3
Credit value: 6
Guided learning hours: 10
Unit aim On completion of this unit, learners will be able to report, examine and follow organisational procedures on audit activities in information security.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
36
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Ver
ify
the
scope
of
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts t
o be
audited
with r
elev
ant
per
sons
1.2
U
se s
pec
ifie
d a
udit m
ethods
to o
bta
in info
rmat
ion a
nd d
ata
rela
ting t
o
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts t
o a
sses
s se
curity
co
mplia
nce
1.3
Exa
min
e in
form
atio
n a
nd d
ata
rela
ting t
o in
form
atio
n a
sset
s an
d
syst
em c
om
ponen
ts t
o a
sses
s se
curity
com
plia
nce
1.4
Rep
ort
any
secu
rity
non
-com
plia
nce
to t
he
rele
vant
per
sons
1.5
Rep
ort
on a
udit a
ctiv
itie
s usi
ng s
tandar
d d
ocu
men
tation
1
Be
able
to c
arry
ou
t in
form
atio
n
secu
rity
audit
activi
ties
1.6
Fo
llow
org
anis
atio
nal
pro
cedure
s fo
r in
form
atio
n s
ecurity
audits
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
37
Unit 309: System Operation
Unit reference number: A/500/7340
QCF level: 3
Credit value: 12
Guided learning hours: 100
Unit aim System operation is the ability to operate and monitor a system, which can be any combination of equipment, hardware and software. This may include:
● using data backup and restore routines
● handling of incidents
● controlling and monitoring availability and performance of system components
● start-up/close-down routines
● scheduling routine or preventative maintenance
● maintenance of operating plans and schedules.
Examples of ‘operational activities’ are:
● replenishment of consumables
● routine or preventative maintenance
● data backups.
A competent person at Level 3 can maintain and implement system operating procedures.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
38
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Exp
lain
the
oper
atin
g p
roce
dure
s th
at a
re a
pplic
able
to t
he
syst
em,
such
as:
●
required
ser
vice
lev
els
(e.g
. av
aila
bili
ty,
qual
ity)
●
routine
mai
nte
nan
ce
●
monitoring
●
dat
a in
tegrity
(e.
g.
bac
kups,
antivi
rus)
●
consu
mab
les
use
, st
ora
ge
and d
isposa
l
●
hea
lth a
nd s
afet
y
●
esca
lation
●
info
rmat
ion r
ecord
ing a
nd r
eport
ing
●
obta
inin
g w
ork
per
mis
sions
●
secu
rity
and c
onfiden
tial
ity
1.2
D
escr
ibe
syst
em f
unct
ional
ity
during n
orm
al o
per
atio
n
1
Know
how
to
oper
ate
the
syst
em
1.3
D
escr
ibe
the
effe
cts
of o
per
atio
nal
act
ivitie
s on s
yste
m funct
ional
ity
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
39
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
2.1
U
se a
nd o
per
ate
the
syst
em f
ollo
win
g a
ppro
priat
e pro
cedure
s
2.2
Id
entify
sys
tem
fau
lts
and r
esol
ve o
r es
cala
te s
yste
m f
aults
as
appro
priat
e
2.3
G
ather
and r
ecord
spec
ifie
d o
per
atio
nal
info
rmat
ion
2
Be
able
to o
per
ate
syst
ems
2.4
Ass
ess
and m
inim
ise
risk
s su
ch a
s:
●
loss
or
corr
uption o
f dat
a
●
loss
of
serv
ice
●
dam
age
to e
quip
men
t
●
effe
cts
on c
ust
om
er o
per
atio
ns
3.1
Pro
vide
advi
ce a
nd g
uid
ance
on s
yste
m o
per
atio
n t
o im
med
iate
co
lleag
ues
3.2
Sel
ect
the
pro
cedure
s to
be
follo
wed
3.3
Sch
edule
oper
atio
nal
act
ivitie
s to
min
imis
e dis
ruption t
o sy
stem
fu
nct
ional
ity
3
Be
able
to m
ainta
in
and im
ple
men
t sy
stem
oper
atin
g
pro
cedure
s
3.4
Colla
te o
per
atio
nal
info
rmat
ion
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
40
Unit 310: System Management
Unit reference number: D/500/7332
QCF level: 3
Credit value: 12
Guided learning hours: 100
Unit aim System management is the ability to manage ICT systems to ensure that they deliver the required functionality and capacity. A system can be any combination of equipment, hardware and software.
System management could involve changing system configuration to meet short-term fluctuations in demand (for example, high numbers of calls to specific telephone numbers).
It could also involve longer-term changes such as increasing resources (for example, processing or storage capacity) to meet anticipated needs and taking account of advances in technology.
A competent person at Level 3 can administer a system.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
41
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
D
escr
ibe
how
to
configure
the
syst
em
1.2
D
escr
ibe
ICT a
sset
and c
onfigura
tion info
rmat
ion a
pplic
able
to t
he
syst
em s
uch
as:
●
phys
ical
att
ribute
s (e
.g.
man
ufa
cture
r, t
ype,
rev
isio
n,
serial
num
ber
, lo
cation,
valu
e)
●
configura
tion (
e.g.
phys
ical
and logic
al a
ddre
sses
, options
set,
co
nnec
tions)
1
Under
stan
d h
ow
to
adm
inis
ter
a sy
stem
1.3
D
escr
ibe
how
ava
ilable
options
for
syst
em c
onfigura
tion a
ffec
t fu
nct
ional
ity
and c
apac
ity
2.1
Sel
ect
configura
tion o
ptions
to o
ptim
ise
syst
em f
unct
ional
ity
and
capac
ity
2.2
M
ake
chan
ges
to s
yste
m c
onfigura
tion
2
Be
able
to
adm
inis
ter
a sy
stem
and c
han
ge
syst
em
configura
tions
2.3
Spec
ify
item
s fo
r w
hic
h I
CT a
sset
and c
onfigura
tion info
rmat
ion is
to
be
reco
rded
Lear
ner
nam
e:________________________________________________
Dat
e:_____________________________
Lear
ner
sig
nat
ure
:_____________________________________________
Dat
e:_____________________________
Ass
esso
r si
gnat
ure
:____________________________________________
Dat
e:_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:_______________________________________
(if
sam
ple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
42
Unit 311: Creating an Event-Driven Computer Program
Unit reference number: F/601/3179
QCF level: 3
Credit value: 12
Guided learning hours: 90
Unit aim This unit covers the more advanced concepts of event-driven computer languages and their use to implement, refine and test computer programs.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
43
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Id
entify
the
scre
en c
om
ponen
ts a
nd d
ata
and file
str
uct
ure
s re
quired
to
im
ple
men
t a
giv
en d
esig
n
1.2
Sel
ect,
dec
lare
and initia
lise
variab
le a
nd d
ata
stru
cture
typ
es a
nd
size
s to
im
ple
men
t des
ign r
equirem
ents
1.3
Sel
ect
and a
ssig
n p
roper
ties
to s
cree
n c
om
ponen
ts t
o im
ple
men
t des
ign r
equirem
ents
1.4
Sel
ect
and a
ssoci
ate
even
ts (
incl
udin
g p
aram
eter
pas
sing)
to s
cree
n
com
ponen
ts t
o im
ple
men
t des
ign r
equirem
ents
1.5
Im
ple
men
t ev
ent
han
dlin
g u
sing c
ontr
ol st
ruct
ure
s to
mee
t th
e des
ign
algorith
ms
1.6
Sel
ect
and d
ecla
re f
ile s
truct
ure
s to
mee
t des
ign file
sto
rage
requirem
ents
1.7
Sel
ect
and u
se s
tandar
d input/
outp
ut
com
man
ds
to im
ple
men
t des
ign
requirem
ents
1.8
M
ake
effe
ctiv
e use
of
oper
ators
and p
redef
ined
funct
ions
1
Be
able
to
imple
men
t a
soft
war
e des
ign
usi
ng e
vent-
drive
n
pro
gra
mm
ing
1.9
M
ake
effe
ctiv
e use
of
an inte
gra
ted d
evel
opm
ent
envi
ronm
ent
(ID
E)
incl
udin
g c
ode
and s
cree
n t
empla
tes
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
44
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
2.1
U
se a
n a
gre
ed s
tandar
d f
or
nam
ing,
com
men
ts a
nd c
ode
layo
ut
2.2
D
efin
e use
r fu
nct
ions
to r
epla
ce r
epea
ting c
ode
sequen
ces
2.3
Im
ple
men
t dat
a va
lidat
ion f
or
inputs
2
Be
able
to r
efin
e an
ev
ent-
drive
n
pro
gra
m t
o
impro
ve q
ual
ity
2.4
Id
entify
and im
ple
men
t opport
unitie
s fo
r er
ror
han
dlin
g a
nd r
eport
ing
3.1
M
ake
effe
ctiv
e use
of
the
deb
uggin
g f
acili
ties
ava
ilable
in t
he
IDE
3.2
Pr
epar
e a
test
str
ateg
y
3.3
Sel
ect
suitab
le t
est
dat
a an
d d
eter
min
e ex
pec
ted t
est
resu
lts
3.4
Rec
ord
act
ual
tes
t re
sults
to e
nab
le c
om
par
ison w
ith e
xpec
ted r
esults
3.5
Anal
yse
actu
al t
est
resu
lts
agai
nst
exp
ecte
d r
esults
to iden
tify
dis
crep
anci
es
3
Be
able
to t
est
the
oper
atio
n o
f an
ev
ent-
drive
n
pro
gra
m
3.6
In
vest
igat
e te
st d
iscr
epan
cies
to iden
tify
and r
ectify
thei
r ca
use
s
4.1
Cre
ate
on-s
cree
n h
elp t
o a
ssis
t th
e use
rs o
f a
com
pute
r pro
gra
m
4
Be
able
to
docu
men
t an
ev
ent-
drive
n
pro
gra
m
4.2
Cre
ate
docu
men
tation for
the
support
and m
ainte
nan
ce o
f a
com
pute
r pro
gra
m
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
45
Unit 312: Creating an Object-Oriented Computer Program
Unit reference number: L/601/3184
QCF level: 3
Credit value: 12
Guided learning hours: 90
Unit aim This unit covers the more advanced concepts of object-oriented computer languages and their use to implement, refine and test computer programs.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
46
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Id
entify
the
obje
cts
and d
ata
and file
str
uct
ure
s re
quired
to
imple
men
t a
giv
en d
esig
n
1.2
Sel
ect,
dec
lare
and initia
lise
variab
le a
nd d
ata
stru
cture
typ
es a
nd
size
s to
im
ple
men
t des
ign r
equirem
ents
1.3
D
efin
e re
lationsh
ips
bet
wee
n o
bje
cts
to im
ple
men
t des
ign
requirem
ents
1.4
Im
ple
men
t m
essa
ge
pas
sing b
etw
een o
bje
cts
to im
ple
men
t des
ign
requirem
ents
1.5
Im
ple
men
t obje
ct b
ehav
iours
usi
ng c
ontr
ol st
ruct
ure
s to
mee
t th
e des
ign a
lgorith
ms
1.6
Sel
ect
and d
ecla
re f
ile s
truct
ure
s to
mee
t des
ign file
sto
rage
requirem
ents
1.7
Sel
ect
and u
se s
tandar
d input/
outp
ut
com
man
ds
to im
ple
men
t des
ign
requirem
ents
1.8
M
ake
effe
ctiv
e use
of
oper
ators
and p
redef
ined
funct
ions
1
Be
able
to
imple
men
t a
soft
war
e des
ign
usi
ng o
bje
ct-
orien
ted
pro
gra
mm
ing
1.9
M
ake
effe
ctiv
e use
of
an inte
gra
ted d
evel
opm
ent
envi
ronm
ent
(ID
E)
incl
udin
g c
ode
and s
cree
n t
empla
tes
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
47
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
2.1
U
se a
n a
gre
ed s
tandar
d f
or
nam
ing,
com
men
ts a
nd c
ode
layo
ut
2.2
M
ake
effe
ctiv
e use
of
enca
psu
lation,
poly
morp
his
m a
nd inher
itan
ce
2.3
Im
ple
men
t dat
a va
lidat
ion f
or
inputs
2
Be
able
to r
efin
e an
obje
ct-o
rien
ted
pro
gra
m t
o
impro
ve q
ual
ity
2.4
Id
entify
and im
ple
men
t opport
unitie
s fo
r er
ror
han
dlin
g a
nd r
eport
ing
3.1
M
ake
effe
ctiv
e use
of
the
deb
uggin
g f
acili
ties
ava
ilable
in t
he
IDE
3.2
Pr
epar
e a
test
str
ateg
y
3.3
Sel
ect
suitab
le t
est
dat
a an
d d
eter
min
e ex
pec
ted t
est
resu
lts
3.4
Rec
ord
act
ual
tes
t re
sults
to e
nab
le c
om
par
ison w
ith e
xpec
ted r
esults
3.5
Anal
yse
actu
al t
est
resu
lts
agai
nst
exp
ecte
d r
esults
to iden
tify
dis
crep
anci
es
3
Be
able
to t
est
the
oper
atio
n o
f an
obje
ct-o
rien
ted
drive
n p
rogra
m
3.6
In
vest
igat
e te
st d
iscr
epan
cies
to iden
tify
and r
ectify
thei
r ca
use
s
4.1
Cre
ate
on-s
cree
n h
elp t
o a
ssis
t th
e use
rs o
f a
com
pute
r pro
gra
m
4
Be
able
to
docu
men
t an
obje
ct-o
rien
ted
drive
n p
rogra
m
4.2
Cre
ate
docu
men
tation for
the
support
and m
ainte
nan
ce o
f a
com
pute
r pro
gra
m
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
48
Unit 313: Creating a Procedural Computer Program
Unit reference number: R/601/3171
QCF level: 3
Credit value: 12
Guided learning hours: 90
Unit aim This unit covers the more advanced concepts of procedural computer languages and their use to implement, refine and test computer programs.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
49
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Id
entify
the
pro
gra
m m
odule
s an
d d
ata
and f
ile s
truct
ure
s re
quired
to
imple
men
t a
giv
en d
esig
n
1.2
Sel
ect,
dec
lare
and initia
lise
variab
le a
nd d
ata
stru
cture
typ
es a
nd
size
s to
im
ple
men
t des
ign r
equirem
ents
1.3
Sel
ect
and im
ple
men
t co
ntr
ol st
ruct
ure
s to
mee
t th
e des
ign
algorith
ms
1.4
Sel
ect
and d
ecla
re f
ile s
truct
ure
s to
mee
t des
ign file
sto
rage
requirem
ents
1.5
Sel
ect
and u
se s
tandar
d input/
outp
ut
com
man
ds
to im
ple
men
t des
ign
requirem
ents
1.6
M
ake
effe
ctiv
e use
of
oper
ators
and p
redef
ined
funct
ions
1
Be
able
to
imple
men
t a
soft
war
e des
ign
usi
ng p
roce
dura
l pro
gra
mm
ing
1.7
Corr
ectly
use
par
amet
er p
assi
ng m
echan
ism
s
2.1
U
se a
n a
gre
ed s
tandar
d f
or
nam
ing,
com
men
ts a
nd c
ode
layo
ut
2.2
D
efin
e use
r fu
nct
ions
to r
epla
ce r
epea
ting c
ode
sequen
ces
2.3
Im
ple
men
t dat
a va
lidat
ion f
or
inputs
2
Be
able
to r
efin
e a
pro
cedura
l pro
gra
m t
o
impro
ve q
ual
ity
2.4
Id
entify
and im
ple
men
t opport
unitie
s fo
r er
ror
han
dlin
g a
nd r
eport
ing
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
50
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
3.1
M
ake
effe
ctiv
e use
of
avai
lable
deb
uggin
g t
ools
3.2
Pr
epar
e a
test
str
ateg
y
3.3
Sel
ect
suitab
le t
est
dat
a an
d d
eter
min
e ex
pec
ted t
est
resu
lts
3.4
Rec
ord
act
ual
tes
t re
sults
to e
nab
le c
om
par
ison w
ith e
xpec
ted r
esults
3.5
Anal
yse
actu
al t
est
resu
lts
agai
nst
exp
ecte
d r
esults
to iden
tify
dis
crep
anci
es
3
Be
able
to t
est
the
oper
atio
n o
f a
pro
cedura
l pro
gra
m
3.6
In
vest
igat
e te
st d
iscr
epan
cies
to iden
tify
and r
ectify
thei
r ca
use
s
4.1
Cre
ate
docu
men
tation t
o a
ssis
t th
e use
rs o
f a
com
pute
r pro
gra
m
4
Be
able
to
docu
men
t a
com
pute
r pro
gra
m
4.2
Cre
ate
docu
men
tation for
the
support
and m
ainte
nan
ce o
f a
com
pute
r pro
gra
m
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
51
Unit 314: Investigating and Defining Customer Requirements for ICT Systems
Unit reference number: R/601/3249
QCF level: 3
Credit value: 12
Guided learning hours: 75
Unit aim This unit covers the investigation of existing systems and processes and the analysis of information to identify needs and constraints.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
52
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
U
se t
hre
e of
the
follo
win
g inve
stig
ativ
e m
ethods:
●
obse
rvat
ions
●
exam
inat
ion o
f ex
isting d
ocu
men
ts,
reco
rds
or s
oft
war
e
●
ques
tionnai
res
●
site
surv
eys
1.2
Rec
ord
the
resu
lts
of
inve
stig
atio
ns
usi
ng s
tandar
d d
ocu
men
tation
1
Be
able
to
inve
stig
ate
exis
ting
syst
ems
and
pro
cess
es
1.3
Exp
lain
the
import
ance
of
pre
serv
ing t
he
confiden
tial
ity
of cu
stom
er
info
rmat
ion
2.1
D
escr
ibe
the
type
of
def
ect,
incl
udin
g inac
cura
cy,
duplic
atio
n a
nd
om
issi
on,
whic
h c
an a
rise
in info
rmat
ion
2.2
D
escr
ibe
the
types
of
cust
om
er n
eeds
and c
onst
rain
ts t
hat
can
affec
t th
e des
ign o
f an
ICT s
yste
m
2.3
Anal
yse
info
rmat
ion t
o iden
tify
cust
om
er n
eeds
for:
●
dat
a to
be
store
d a
nd p
roce
ssed
●
funct
ional
ity
in t
erm
s of
inputs
, pro
cess
es a
nd o
utp
uts
●
capac
ity
incl
udin
g n
um
ber
s of use
rs,
thro
ughput,
and d
ata
stora
ge
2.4
Anal
yse
info
rmat
ion t
o iden
tify
cust
om
er c
onst
rain
ts
2
Be
able
to a
nal
yse
info
rmat
ion t
o
iden
tify
nee
ds
and
const
rain
ts
2.5
Rec
ord
the
resu
lts
of
anal
yses
usi
ng s
tandar
d d
ocu
men
tation
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
53
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
54
Unit 315: User Profile Administration
Unit reference number: K/500/7379
QCF level: 3
Credit value: 9
Guided learning hours: 80
Unit aim On completion of this unit learners will be able to administer user profiles.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
55
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
D
escr
ibe
the
org
anis
atio
nal
pol
icy
on u
ser
pro
file
s su
ch a
s:
use
r id
entifier
(e.
g.
use
rnam
e)
●
pas
sword
and r
elat
ed info
rmat
ion (
e.g.
chan
ge
freq
uen
cy)
●
allo
wed
sys
tem
acc
ess
(e.g
. tim
es,
loca
tions)
●
allo
wed
acc
ess
to f
acili
ties
(e.
g.
dat
a, s
oft
war
e)
1.2
D
escr
ibe
how
to
crea
te a
nd e
dit u
ser
and s
tandar
d p
rofile
s
1
Know
how
to
adm
inis
ter
use
r pro
file
s
1.3
D
escr
ibe
how
use
r pro
file
s af
fect
acc
ess
to s
yste
m f
acili
ties
such
as:
●
shar
ed r
esourc
es (
e.g.
dat
a st
ora
ge,
printe
rs)
●
soft
war
e
●
dat
a.
2.1
M
ake
spec
ifie
d c
han
ges
to u
ser
pro
file
s
2.2
Spec
ify
use
r pro
file
s to
mee
t in
div
idual
req
uirem
ents
2.3
Cre
ate
stan
dar
d p
rofile
s fo
r gro
ups
of use
rs
2
Be
able
to
adm
inis
ter
use
r pro
file
2.4
Pro
vide
guid
ance
on u
ser
pro
file
s to
im
med
iate
colle
agues
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
56
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
57
Unit 401: Develop Own Effectiveness and Professionalism
Unit reference number: K/601/3502
QCF level: 4
Credit value: 12
Guided learning hours: 60
Unit aim In this unit, learners will develop their own personal and professional IT security skills. They will understand professional practice and the legislative environment in an IT security context. Finally, learners will evaluate potential improvements to organisational effectiveness in a security context.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
58
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Id
entify
ow
n d
evel
opm
ent
nee
ds
and t
he
activi
ties
nee
ded
to m
eet
them
1.2
O
bta
in a
nd inte
rpre
t fe
edbac
k fr
om o
ther
s on
per
form
ance
1.3
Set
and a
gre
e per
sonal
goal
s an
d p
artici
pat
e in
dev
elopm
ent
activi
ties
to
mee
t th
em
1.4
M
anag
e ow
n p
erso
nal
/pro
fess
ional
dev
elopm
ent
in o
rder
to a
chie
ve
care
er a
nd p
erso
nal
goal
s
1
Be
able
to d
evel
op
ow
n p
erso
nal
and
pro
fess
ional
ski
lls
1.5
Ref
lect
critica
lly o
n o
wn lea
rnin
g
2.1
Effec
tive
ly p
lan a
nd m
anag
e ow
n a
nd o
ther
s’ t
ime
2.2
Rec
ognis
e an
d r
espec
t div
ersi
ty,
indiv
idual
diffe
rence
s an
d
per
spec
tive
s
2.3
Acc
ept
and p
rovi
de
feed
bac
k in
a c
onst
ruct
ive
and c
onsi
der
ate
man
ner
2.4
U
nder
stan
d t
he
resp
onsi
bili
ties
, in
tere
sts
and c
once
rns
of c
olle
agues
2.5
U
nder
stan
d t
he
role
of th
e in
div
idual
and t
eam
s in
an I
T o
rgan
isat
ion
2
Be
able
to w
ork
as
a m
ember
of
a te
am t
o a
chie
ve
def
ined
goal
s an
d
imple
men
t ag
reed
pla
ns
2.6
Id
entify
and r
esolv
e obst
acle
s to
effec
tive
tea
mw
ork
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
59
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
3.1
In
terp
ret
the
implic
atio
ns,
and a
pplic
abili
ty f
or
IT p
rofe
ssio
nal
s of:
●
Dat
a Pr
ote
ctio
n A
ct
●
Com
pute
r M
isuse
Act
3.2
D
escr
ibe
the
role
of
pro
fess
ional
bodie
s fo
r IT
, an
d t
he
ben
efits
of
mem
ber
ship
to indiv
idual
s an
d o
rgan
isat
ions
3
Under
stan
d w
hat
is
mea
nt
by
pro
fess
ional
pra
ctic
e
3.3
Exp
lain
the
import
ance
of
qual
ity
man
agem
ent
syst
ems
and s
tandar
ds
for
syst
ems
dev
elopm
ent
4.1
D
escr
ibe
the
types
of
conflic
ts o
f in
tere
st w
hic
h c
an a
rise
for
IT
pro
fess
ional
s
4
Under
stan
d t
he
ethic
al a
nd
legis
lative
en
viro
nm
ent
rela
ting t
o I
T
activi
ties
4.2
Eva
luat
e th
e im
pac
t on a
n I
T o
rgan
isat
ion o
f le
gis
lation c
ove
ring:
●
pro
cess
ing o
f finan
cial
tra
nsa
ctio
ns
●
hea
lth a
nd s
afet
y
●
priva
cy,
confiden
tial
ity
and s
ecurity
●
copyr
ight
and inte
llect
ual
pro
per
ty r
ights
5.1
In
terp
ret
the
aim
s an
d o
bje
ctiv
es o
f th
e org
anis
atio
n
5.2
D
escr
ibe
the
org
anis
atio
n’s
bra
nd o
r im
age
and h
ow it
can b
e pro
mote
d
5.3
D
escr
ibe
the
org
anis
atio
n’s
str
uct
ure
, ro
les
and r
esponsi
bili
ties
5
Be
able
to im
pro
ve
org
anis
atio
nal
ef
fect
iven
ess
5.4
Id
entify
and e
valu
ate
pote
ntial
im
pro
vem
ents
to o
rgan
isat
ional
ef
fect
iven
ess
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
60
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
61
Unit 403: Testing the Security of Information Systems
Unit reference number: A/505/5789
QCF level: 4
Credit value: 15
Guided learning hours: 60
Unit aim On completion of this unit, learners will be able to plan and carry out security testing in relation to information security.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
62
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
D
evel
op a
conte
xt-d
rive
n t
est
appro
ach t
o s
yste
mat
ical
ly t
est
spec
ifie
d p
arts
of
a sy
stem
in o
rder
to a
sses
s th
eir
info
rmat
ion
secu
rity
sta
tus
1.2
Anal
yse
giv
en info
rmat
ion a
ssura
nce
req
uirem
ents
to p
roduce
in
form
atio
n s
ecurity
tes
t ac
cepta
nce
crite
ria
1.3
D
evel
op t
est
scripts
and p
lans
to e
nsu
re t
hat
all
info
rmat
ion
assu
rance
req
uirem
ents
are
tes
ted
1.4
Pr
ioritise
tes
ting a
ctiv
ity
to t
arget
the
most
sig
nific
ant
thre
ats
and
vuln
erab
ilities
first
1.5
Sel
ect,
and w
her
e nec
essa
ry a
dap
t, m
ethods,
tools
and t
echniq
ues
to
conduct
pen
etra
tion t
esting
1
Be
able
to p
lan
secu
rity
tes
ting
1.6
D
efin
e al
l re
quired
tes
t pre
par
atio
n a
nd c
oncl
usi
on a
ctiv
itie
s
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
63
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
2.1
Ensu
re t
hat
all
required
pre
par
atio
ns
are
imple
men
ted,
in lin
e w
ith
test
pla
ns,
prior
to c
arry
ing o
ut
test
s
2.2
Apply
tes
t m
ethods,
too
ls a
nd t
echniq
ues
follo
win
g o
rgan
isat
ional
pro
cedure
s
2.3
Rec
ord
the
resu
lts
of
test
s usi
ng o
rgan
isat
ional
docu
men
tation
2.4
Ensu
re t
hat
all
required
act
ivitie
s hav
e bee
n c
orre
ctly
im
ple
men
ted
follo
win
g t
he
com
ple
tion o
f te
stin
g in lin
e w
ith t
est
pla
ns
2.5
Critica
lly e
valu
ate
the
resu
lts
of te
stin
g t
o a
ccura
tely
iden
tify
spec
ific
vu
lner
abili
ties
2.6
Prioritise
iden
tified
vuln
erab
ilities
agai
nst
info
rmat
ion a
ssura
nce
re
quirem
ents
2.7
D
eter
min
e an
d just
ify
actions
to m
itig
ate
iden
tified
vuln
erab
ilities
2.8
Rep
ort
the
resu
lts
of te
st a
ctiv
itie
s fo
llow
ing o
rgan
isat
ional
pro
cedure
s
2.9
Com
munic
ate
the
resu
lts
and im
plic
atio
ns
of te
st a
ctiv
itie
s to
rel
evan
t per
sons
usi
ng m
edia
, fo
rmat
and s
truct
ure
s w
hic
h m
eet
the
nee
ds
of
the
inte
nded
audie
nce
2
Be
able
to c
arry
out
secu
rity
tes
ting
2.1
0
Eva
luat
e org
anis
atio
nal
pro
cedure
s fo
r ca
rryi
ng o
ut
secu
rity
tes
ting
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
64
Unit 404: Carrying Out Information Security Risk Assessment
Unit reference number: A/505/5792
QCF level: 4
Credit value: 12
Guided learning hours: 40
Unit aim On completion of this unit, learners will be able to prepare and carry out information security risk assessment.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
65
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
In
terp
ret
giv
en r
isk
asse
ssm
ent
brief
s to
iden
tify
the
info
rmat
ion
asse
ts a
nd s
yste
m c
om
ponen
ts t
o b
e as
sess
ed
1.2
Ver
ify
the
scope
of
iden
tified
info
rmat
ion a
sset
s an
d s
yste
m
com
ponen
ts w
ith r
elev
ant
per
sons
1
Be
able
to p
repar
e fo
r in
form
atio
n
secu
rity
ris
k as
sess
men
ts
1.3
Eva
luat
e so
urc
es o
f in
form
atio
n r
elat
ing t
o p
ote
ntial
ris
ks t
hat
may
im
pac
t on t
he
secu
rity
of
iden
tified
info
rmat
ion a
sset
s an
d s
yste
m
com
ponen
ts
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
66
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
2.1
U
se a
ran
ge
of
inve
stig
ativ
e m
ethods
to g
ather
info
rmat
ion r
elat
ing t
o
pote
ntial
ris
ks t
hat
may
im
pac
t on t
he
secu
rity
of
iden
tified
in
form
atio
n a
sset
s an
d s
yste
m c
om
ponen
ts
2.2
Rec
ord
all g
ather
ed in
form
atio
n in
line
with o
rgan
isat
ional
req
uirem
ents
2.3
Anal
yse
gat
her
ed info
rmat
ion t
o iden
tify
ris
ks t
o t
he
secu
rity
of
iden
tified
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts
2.4
Ass
ess
iden
tified
ris
ks t
o d
eter
min
e th
eir
pro
bab
ility
of
occ
urr
ence
and
pote
ntial
im
pac
t
2.5
Eva
luat
e risk
s ag
ainst
org
anis
atio
nal
ris
k to
lera
nce
lev
els
2.6
Rep
ort
any
risk
s w
hic
h e
xcee
d o
rgan
isat
ional
ris
k to
lera
nce
lev
els
to
the
rele
vant
per
sons
follo
win
g o
rgan
isat
ional
pro
cedure
s an
d t
imel
ines
2.7
Fo
rmula
te a
ctio
ns
to m
itig
ate
risk
s
2.8
Rep
ort
the
resu
lts
of
risk
ass
essm
ent
in lin
e w
ith o
rgan
isat
ional
pro
cedure
s
2.9
Com
munic
ate
the
resu
lts
and im
plic
atio
ns
of
risk
ass
essm
ents
to
rele
vant
per
sons
usi
ng m
edia
, fo
rmat
and s
truct
ure
s w
hic
h m
eet
the
nee
ds
of th
e in
tended
audie
nce
2
Be
able
to c
arry
ou
t in
form
atio
n
secu
rity
ris
k as
sess
men
ts
2.1
0
Eva
luat
e org
anis
atio
nal
pro
cedure
s fo
r risk
ass
essm
ent
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
67
Unit 405: Investigating Information Security Incidents
Unit reference number: D/505/5798
QCF level: 4
Credit value: 12
Guided learning hours: 35
Unit aim On completion of this unit, learners will be able to prepare for information security incident investigations and manage information security incidents.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
68
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
In
terp
ret
giv
en inci
den
t in
vest
igat
ion b
rief
s to
iden
tify
the
scope
of
the
inci
den
ts t
o b
e m
anag
ed
1.2
Ver
ify
the
scope
of
iden
tified
inci
den
ts w
ith r
elev
ant
per
sons
1
Be
able
to p
repar
e fo
r in
form
atio
n
secu
rity
inci
den
t in
vest
igat
ions
1.3
Eva
luat
e so
urc
es o
f ev
iden
ce r
elat
ing t
o id
entified
inci
den
ts
2.1
O
bta
in e
viden
ce r
elat
ing t
o iden
tified
inci
den
ts,
follo
win
g
org
anis
atio
nal
pro
cedure
s
2.2
Critica
lly r
evie
w e
viden
ce t
o d
eter
min
e ap
pro
priat
e in
vest
igat
ive
actions
2.3
M
ake
just
ifie
d r
ecom
men
dat
ions
for
inve
stig
ativ
e ac
tions
to r
elev
ant
per
sons
usi
ng m
edia
, fo
rmat
and s
truct
ure
s th
at m
eet
the
nee
ds
of
the
inte
nded
audie
nce
2.4
Rep
ort
on inci
den
t in
vest
igat
ion f
ollo
win
g o
rgan
isat
ional
pro
cedure
s
2
Be
able
to m
anag
e in
form
atio
n
secu
rity
inci
den
ts
2.5
Critica
lly e
valu
ate
org
anis
atio
nal
pro
cedure
s fo
r in
ciden
t in
vest
igat
ion
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
69
Unit 407: Carrying Out Information Security Forensic Examinations
Unit reference number: M/505/5806
QCF level: 4
Credit value: 9
Guided learning hours: 20
Unit aim On completion of this unit, learners will be able to carry out forensic examinations in information security.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
70
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Car
ry o
ut
fore
nsi
c ex
amin
atio
ns
follo
win
g o
rgan
isat
ional
pro
cedure
s
1.2
Anal
yse
syst
em info
rmat
ion f
or
evid
ence
of
actu
al o
r at
tem
pte
d
bre
aches
of se
curity
polic
y or
legis
lation
1.3
Rep
ort
any
iden
tified
act
ual
or
atte
mpte
d b
reac
hes
of se
curity
to t
he
rele
vant
per
sons
follo
win
g o
rgan
isat
ional
pro
cedure
s an
d t
imel
ines
1.4
U
se s
ecurity
tools
to a
nal
yse
the
inte
grity
of so
ftw
are
1.5
Tak
e ac
tions
to s
ecure
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts
subje
ct t
o ac
tual
or
atte
mpte
d b
reac
hes
of se
curity
in lin
e w
ith
org
anis
atio
nal
tim
elin
es
1.6
W
ith t
he
auth
orisa
tion o
f re
leva
nt
per
sons,
sei
ze e
viden
ce in
acco
rdan
ce w
ith leg
isla
tion a
nd f
ollo
win
g o
rgan
isat
ional
pro
cedure
s
1
Be
able
to c
arry
ou
t in
form
atio
n
secu
rity
fore
nsi
c ex
amin
atio
ns
1.7
Sei
ze e
viden
ce,
min
imis
ing d
isru
ption t
o t
he
org
anis
atio
n a
nd
mai
nta
inin
g e
viden
tial
inte
grity
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
71
Unit 408: Carrying Out Information Security Audits
Unit reference number: A/505/5811
QCF level: 4
Credit value: 12
Guided learning hours: 30
Unit aim On completion of this unit, learners will be able to prepare for and carry out audit activities for information security.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
72Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
In
terp
ret
giv
en info
rmat
ion s
ecurity
audit b
rief
s to
iden
tify
the
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts t
o b
e au
dited
1.2
Id
entify
sou
rces
of
info
rmat
ion r
elat
ing t
o t
he
info
rmat
ion a
sset
s an
d
syst
em c
om
ponen
ts in s
cope
1.3
D
evel
op a
udit p
lans,
fol
low
ing o
rgan
isat
ional
pro
cedure
s, w
hic
h w
ill
ensu
re a
thoro
ugh a
sses
smen
t of se
curity
com
plia
nce
acr
oss
the
whole
sco
pe
of
the
audit
1
Be
able
to p
repar
e fo
r in
form
atio
n
secu
rity
audit
activi
ties
1.4
Ver
ify
audit s
cope
and p
lans
with r
elev
ant
per
sons
2.1
Car
ry o
ut
info
rmat
ion s
ecurity
audits
follo
win
g o
rgan
isat
ional
pro
cedure
s
2.2
Critica
lly r
evie
w info
rmat
ion a
nd d
ata
rela
ting t
o info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts t
o a
sses
s se
curity
com
plia
nce
2.3
Rep
ort
any
secu
rity
non
-com
plia
nce
to t
he
rele
vant
per
sons
in lin
e w
ith o
rgan
isat
ional
pro
cedure
s an
d t
imel
ines
2.4
Rep
ort
on a
udit a
ctiv
itie
s fo
llow
ing o
rgan
isat
ional
pro
cedure
s
2
Be
able
to c
arry
ou
t in
form
atio
n
secu
rity
audit
activi
ties
2.5
M
ake
just
ifie
d r
ecom
men
dat
ions
for
actions
to b
e ta
ken t
o im
pro
ve
secu
rity
com
plia
nce
to
rele
vant
per
sons
usi
ng m
edia
, fo
rmat
and
stru
cture
s w
hic
h m
eet
the
nee
ds
of t
he
inte
nded
audie
nce
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
73
Lear
ner
nam
e:________________________________________________
D
ate:
______________________________
Lear
ner
sig
nat
ure
:_____________________________________________
D
ate:
______________________________
Ass
esso
r si
gnat
ure
:____________________________________________
D
ate:
______________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:______________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
74
Unit 409: IT and Telecoms System Operation
Unit reference number: R/504/5513
QCF level: 4
Credit value: 15
Guided learning hours: 90
Unit aim This unit enables learners to operate IT and telecoms systems. Learners will initially develop understanding of the technical architecture of either IT or telecoms systems and how to specify system operation parameters, and will then have the opportunity to control the operation and maintenance of systems.
Unit assessment requirements/evidence requirements This unit must be assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
75
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Exp
lain
the
tech
nic
al a
rchitec
ture
of
a sy
stem
and d
escr
ibe
alte
rnat
ive
appro
aches
1.2
Exp
lain
the
contr
ibution t
o o
vera
ll sy
stem
funct
ional
ity
of
the
mai
n
phys
ical
and logic
al c
om
ponen
ts o
f th
e sy
stem
1.3
Exp
lain
how
sys
tem
com
ponen
ts c
an b
e phys
ical
ly a
nd logic
ally
in
terc
onnec
ted
1.4
D
escr
ibe
the
exte
rnal
connec
tions
of
the
syst
em a
nd h
ow
they
are
use
d
1
Under
stan
d t
he
tech
nic
al
arch
itec
ture
of
IT
or
tele
com
sys
tem
s
1.5
Exp
lain
the
faci
litie
s av
aila
ble
for
contr
olli
ng a
nd m
onitoring t
he
oper
atio
n o
f th
e sy
stem
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
76
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
2.1
Exp
lain
how
the
expec
ted f
unct
ional
ity
and c
apac
ity
of th
e sy
stem
has
bee
n s
pec
ifie
d
2.2
Exp
lain
how
qual
itat
ive
and q
uan
tita
tive
mea
sure
s of
syst
em
oper
atio
n h
ave
bee
n d
eriv
ed f
rom
funct
ional
ity
and c
apac
ity
spec
ific
atio
ns
2.3
Exp
lain
how
the
syst
em c
an b
e co
ntr
olle
d t
o o
ptim
ise
per
form
ance
2.4
Exp
lain
how
monitoring c
an b
e use
d t
o m
easu
re t
he
qual
itat
ive
and
quan
tita
tive
oper
atio
n o
f th
e sy
stem
2
Under
stan
d h
ow
to
spec
ify
syst
em
oper
atio
n
par
amet
ers
2.5
D
escr
ibe
the
routine
mai
nte
nan
ce o
r re
ple
nis
hm
ent
required
to
mai
nta
in n
orm
al s
yste
m o
per
atio
n
3.1
Sel
ect
the
contr
ol fa
cilit
ies
to b
e use
d a
nd d
ocu
men
t how
they
are
to
be
use
d t
o o
ptim
ise
syst
em o
per
atio
n
3.2
Sel
ect
the
monitoring f
acili
ties
to b
e use
d a
nd d
ocu
men
t how
they
are
to
be
use
d t
o iden
tify
act
ual
and p
ote
ntial
dev
iations
from
norm
al
syst
em o
per
atio
n
3.3
D
efin
e an
d im
ple
men
t pro
cedure
s to
chec
k th
e va
lidity
of
report
ed
dev
iations
from
norm
al s
yste
m o
per
atio
n
3.4
D
efin
e an
d im
ple
men
t pro
cedure
s to
inve
stig
ate
iden
tified
and
report
ed d
evia
tions
to iden
tify
req
uired
corr
ective
act
ions
3
Be
able
to c
ontr
ol
the
oper
atio
n o
f sy
stem
s
3.5
D
efin
e th
e sy
stem
per
form
ance
info
rmat
ion t
o b
e re
cord
ed
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
77
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
4.1
D
efin
e an
d im
ple
men
t pro
cedure
s to
sch
edule
mai
nte
nan
ce a
nd
reple
nis
hm
ent
activi
ties
to m
inim
ise
dis
ruption t
o sy
stem
oper
atio
n
4.2
D
efin
e an
d im
ple
men
t pro
cedure
s to
ensu
re t
hat
mai
nte
nan
ce
activi
ties
are
car
ried
out
safe
ly a
nd in a
ccord
ance
with r
elev
ant
regula
tions
4.3
D
efin
e an
d im
ple
men
t pro
cedure
s to
ensu
re t
hat
sys
tem
use
rs a
re
pro
mptly
info
rmed
of
chan
ges
to s
yste
m a
vaila
bili
ty o
r per
form
ance
during m
ainte
nan
ce a
ctiv
itie
s
4
Be
able
to c
ontr
ol
syst
em
mai
nte
nan
ce
4.4
D
efin
e th
e m
ainte
nan
ce a
nd r
eple
nis
hm
ent
info
rmat
ion t
o b
e re
cord
ed
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
78
Unit 410: IT and Telecoms System Management
Unit reference number: M/504/5504
QCF level: 4
Credit value: 15
Guided learning hours: 90
Unit aim This unit enables learners to manage IT and telecoms systems, including configuring systems to meet organisational objectives and customer needs, risk evaluation and contributing to the development of an organisation’s system management strategy.
Unit assessment requirements/evidence requirements This unit must be assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
79
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Exp
lain
how
to a
lign s
yste
m f
unct
ional
ity
with o
rgan
isat
ional
obje
ctiv
es a
nd c
ust
om
er n
eeds
1.2
Exp
lain
the
types
of co
nfigura
tion
and a
sset
info
rmat
ion a
ssoci
ated
w
ith s
yste
ms
1
Under
stan
d h
ow
to
man
age
syst
ems
1.3
Exp
lain
the
types
and a
pplic
atio
ns
of
syst
em m
anag
emen
t an
d
monitoring t
ools
2.1
Eva
luat
e th
e fu
nct
ional
ity
of
syst
ems
agai
nst
org
anis
atio
nal
obje
ctiv
es
and c
ust
om
er n
eeds
to iden
tify
poss
ible
im
pro
vem
ents
2.2
Eva
luat
e cu
rren
t sy
stem
configura
tion a
nd a
sset
info
rmat
ion t
o
iden
tify
poss
ible
enhan
cem
ents
to
per
form
ance
and c
apac
ity
2.3
Ass
ess
curr
ent
syst
em m
anag
emen
t an
d m
onitoring t
ools
, an
d t
hei
r use
, su
gges
ting p
oss
ible
im
pro
vem
ents
2.4
Rev
iew
, an
d w
her
e nec
essa
ry u
pdat
e, w
ork
ing p
roce
dure
s fo
r sy
stem
m
anag
emen
t
2
Be
able
to r
evie
w
the
funct
ional
ity
and m
anag
emen
t of
syst
ems
2.5
Eva
luat
e th
e im
pac
t of re
gula
tory
req
uirem
ents
on s
yste
m
man
agem
ent
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
80
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
3.1
Sel
ect
and im
ple
men
t co
nfigura
tion o
ptions
to o
ptim
ise
syst
em
per
form
ance
and c
apac
ity
3.2
Ensu
re t
hat
chan
ges
mad
e to
sys
tem
configura
tions
are
effe
ctiv
e
3.3
Rec
ognis
e an
d r
esolv
e an
y sy
stem
pro
ble
ms
aris
ing f
rom
co
nfigura
tion c
han
ges
3.4
Audit r
ecord
s of sy
stem
configura
tion a
nd a
sset
info
rmat
ion f
or
com
ple
tenes
s an
d a
ccura
cy
3.5
Eva
luat
e pote
ntial
ris
ks,
incl
udin
g s
ecurity
thre
ats,
to s
yste
ms
3
Be
able
to m
anag
e sy
stem
s
3.6
Contr
ibute
to t
he
dev
elopm
ent
of
the
org
anis
atio
n's
sys
tem
m
anag
emen
t st
rate
gy
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
81
Unit 411: Designing and Developing Event-Driven Computer Program
Unit reference number: J/601/3300
QCF level: 4
Credit value: 15
Guided learning hours: 90
Unit aim The aim of this unit is to provide the learner with the skills and competencies to carry out the development of an event-driven computer program from design to testing in a professional capacity, and to understand a range of issues concerned with software development activities.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
82
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Id
entify
and s
truct
ure
the
com
ponen
ts a
nd d
ata
required
to a
ddre
ss
pro
ble
ms
1.2
Sel
ect
and u
se p
redef
ined
com
pon
ents
, sp
ecia
lisin
g a
s re
quired
1.3
Id
entify
the
set
of ev
ents
that
invo
ke b
ehav
iour
of
com
ponen
ts a
nd
oth
er p
rogra
m e
lem
ents
1.4
Spec
ify
the
beh
avio
ur
of
com
ponen
ts a
nd o
ther
pro
gra
m e
lem
ents
to
allo
w e
ffic
ient
imple
men
tation,
sele
ctin
g a
ppro
priat
e dat
a ty
pes
, dat
a an
d f
ile s
truct
ure
s an
d a
lgorith
ms
1
Be
able
to d
esig
n
even
t-drive
n
pro
gra
ms
to
addre
ss loose
ly
def
ined
pro
ble
ms
1.5
Rec
ord
the
des
ign u
sing w
ell-
esta
blis
hed
nota
tions
2.1
M
ake
effe
ctiv
e use
of
bas
ic p
rogra
mm
ing lan
guag
e fe
ature
s an
d
pro
gra
mm
ing c
once
pts
to im
ple
men
t a
pro
gra
m t
hat
sat
isfies
the
des
ign s
pec
ific
atio
n
2.2
M
ake
effe
ctiv
e use
of
the
feat
ure
s of
the
pro
gra
mm
ing e
nvi
ronm
ent
2.3
M
ake
effe
ctiv
e use
of use
r in
terf
ace
com
ponen
ts in t
he
imple
men
tation o
f th
e pro
gra
m
2
Be
able
to p
roduce
a
work
ing e
vent-
drive
n p
rogra
m
whic
h m
eets
the
des
ign s
pec
ific
atio
n
2.4
M
ake
effe
ctiv
e use
of
a ra
nge
of
deb
uggin
g t
ools
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
83
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
3.1
Apply
sta
ndar
d n
amin
g,
layo
ut
and c
om
men
t co
nve
ntions
3
Be
able
to d
evel
op
even
t-drive
n
pro
gra
ms
that
re
flec
t es
tablis
hed
pro
gra
mm
ing a
nd
soft
war
e en
gin
eering
pra
ctic
e
3.2
Apply
appro
priat
e dat
a va
lidat
ion a
nd e
rror
han
dlin
g t
echniq
ues
4.1
D
evel
op a
nd a
pply
a t
est
stra
tegy
consi
sten
t w
ith t
he
des
ign
iden
tify
ing a
ppro
priat
e te
st d
ata
4.2
Apply
reg
ress
ion t
esting c
onsi
sten
t w
ith t
he
test
str
ateg
y
4
Be
able
to d
evel
op
test
str
ateg
ies
and
apply
thes
e to
ev
ent-
drive
n
pro
gra
ms
4.3
U
se a
ppro
priat
e to
ols
to e
stim
ate
the
per
form
ance
of
the
pro
gra
m
5.1
Rec
ord
the
final
sta
te o
f th
e pro
gra
m in a
form
suitab
le f
or
subse
quen
t m
ainte
nan
ce
5
Be
able
to d
evel
op
des
ign
docu
men
tation f
or
use
in p
rogra
m
mai
nte
nan
ce a
nd
end-u
ser
docu
men
tation
5.2
Pr
ovi
de
end-u
ser
docu
men
tation t
hat
mee
ts t
he
use
r's
nee
ds
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
84
Unit 412: Designing and Developing Object-Oriented Computer Program
Unit reference number: T/601/3308
QCF level: 4
Credit value: 15
Guided learning hours: 90
Unit aim The aim of this unit is to provide the learner with the skills and competencies to carry out the development of an object-oriented computer program from design to testing in a professional capacity and to understand a range of issues concerned with software development activities.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
85
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Id
entify
a s
et o
f cl
asse
s an
d t
hei
r in
terr
elat
ionsh
ips
to a
ddre
ss t
he
pro
ble
m
1.2
M
ake
effe
ctiv
e use
of
enca
psu
lation,
inher
itan
ce a
nd p
oly
morp
his
m
1.3
Sel
ect
and r
euse
pre
-exi
stin
g o
bje
cts
and t
empla
tes
spec
ialis
ing a
s re
quired
1.4
Str
uct
ure
the
des
ign s
o t
hat
obje
cts
com
munic
ate
effici
ently
1.5
Spec
ify
the
pro
per
ties
and b
ehav
iour
of cl
asse
s to
allo
w e
ffic
ient
imple
men
tation,
sele
ctin
g a
ppro
priat
e dat
a ty
pes
, dat
a an
d f
ile
stru
cture
s an
d a
lgorith
ms
1
Be
able
to d
esig
n
obje
ct-o
rien
ted
pro
gra
ms
to
addre
ss loose
ly
def
ined
pro
ble
ms
1.6
Rec
ord
the
des
ign u
sing w
ell-
esta
blis
hed
nota
tions
2.1
M
ake
effe
ctiv
e use
of
bas
ic p
rogra
mm
ing lan
guag
e fe
ature
s an
d
pro
gra
mm
ing c
once
pts
to im
ple
men
t a
pro
gra
m t
hat
sat
isfies
the
des
ign s
pec
ific
atio
n
2.2
M
ake
effe
ctiv
e use
of
the
feat
ure
s of
the
pro
gra
mm
ing e
nvi
ronm
ent
2.3
M
ake
effe
ctiv
e use
of use
r in
terf
ace
com
ponen
ts in t
he
imple
men
tation o
f th
e pro
gra
m
2
Be
able
to p
roduce
a
work
ing o
bje
ct-
orien
ted p
rogra
m
whic
h m
eets
the
des
ign s
pec
ific
atio
n
2.4
M
ake
effe
ctiv
e use
of
a ra
nge
of
deb
uggin
g t
ools
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
86
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
3.1
Apply
sta
ndar
d n
amin
g,
layo
ut
and c
om
men
t co
nve
ntions
3
Be
able
to d
evel
op
obje
ct-o
rien
ted
pro
gra
ms
that
re
flec
t es
tablis
hed
pro
gra
mm
ing a
nd
soft
war
e en
gin
eering
pra
ctic
e
3.2
Apply
appro
priat
e dat
a va
lidat
ion a
nd e
rror
han
dlin
g t
echniq
ues
4.1
D
evel
op a
nd a
pply
a t
est
stra
tegy
consi
sten
t w
ith t
he
des
ign
iden
tify
ing a
ppro
priat
e te
st d
ata
4.2
Apply
reg
ress
ion t
esting c
onsi
sten
t w
ith t
he
test
str
ateg
y
4
Be
able
to d
evel
op
test
str
ateg
ies
and
apply
thes
e to
obje
ct-o
rien
ted
pro
gra
ms
4.3
U
se a
ppro
priat
e to
ols
to e
stim
ate
the
per
form
ance
of
the
pro
gra
m
5.1
Rec
ord
the
final
sta
te o
f th
e pro
gra
m in a
form
suitab
le f
or
subse
quen
t m
ainte
nan
ce
5
Be
able
to d
evel
op
des
ign
docu
men
tation f
or
use
in p
rogra
m
mai
nte
nan
ce a
nd
end-u
ser
docu
men
tation
5.2
Pr
ovi
de
end-u
ser
docu
men
tation t
hat
mee
ts t
he
use
r’s
nee
ds
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
87
Unit 413: Designing and Developing Procedural Computer Program
Unit reference number: T/601/3311
QCF level: 4
Credit value: 15
Guided learning hours: 90
Unit aim The aim of this unit is to provide the learner with the skills and competencies to carry out the development of a procedural computer program from design to testing in a professional capacity, and to understand a range of issues concerned with software development activities.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
88
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Id
entify
and s
truct
ure
pro
cedure
s an
d funct
ions
to a
ddre
ss p
roble
ms
1.2
Sel
ect
and u
se lib
rary
funct
ions
and p
roce
dure
s
1.3
Str
uct
ure
the
des
ign w
ith r
egar
d t
o co
uplin
g a
nd c
ohes
ion
1.4
Spec
ify
the
beh
avio
ur
of
funct
ions
and p
roce
dure
s to
allo
w e
ffic
ient
imple
men
tation,
sele
ctin
g a
ppro
priat
e dat
a ty
pes
, dat
a an
d f
ile
stru
cture
s an
d a
lgorith
ms
1
Be
able
to d
esig
n
pro
cedura
l pro
gra
ms
to
addre
ss loose
ly
def
ined
pro
ble
ms
1.5
Rec
ord
the
des
ign u
sing w
ell-
esta
blis
hed
nota
tions
2.1
M
ake
effe
ctiv
e use
of
bas
ic p
rogra
mm
ing lan
guag
e fe
ature
s an
d
pro
gra
mm
ing c
once
pts
to im
ple
men
t a
pro
gra
m t
hat
sat
isfies
the
des
ign s
pec
ific
atio
n
2.2
M
ake
effe
ctiv
e use
of
the
feat
ure
s of
the
pro
gra
mm
ing e
nvi
ronm
ent
2.3
M
ake
effe
ctiv
e use
of use
r in
terf
ace
com
ponen
ts in t
he
imple
men
tation o
f th
e pro
gra
m
2
Be
able
to p
roduce
a
work
ing
pro
cedura
l pro
gra
m w
hic
h
mee
ts t
he
des
ign
spec
ific
atio
n
2.4
M
ake
effe
ctiv
e use
of
a ra
nge
of
deb
uggin
g t
ools
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
89
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
3.1
Apply
sta
ndar
d n
amin
g,
layo
ut
and c
om
men
t co
nve
ntions
3
Be
able
to d
evel
op
pro
cedura
l pro
gra
ms
that
re
flec
t es
tablis
hed
pro
gra
mm
ing a
nd
soft
war
e en
gin
eering
pra
ctic
e
3.2
Apply
appro
priat
e dat
a va
lidat
ion a
nd e
rror
han
dlin
g t
echniq
ues
4.1
D
evel
op a
nd a
pply
a t
est
stra
tegy
consi
sten
t w
ith t
he
des
ign
iden
tify
ing a
ppro
priat
e te
st d
ata
4.2
Apply
reg
ress
ion t
esting c
onsi
sten
t w
ith t
he
test
str
ateg
y
4
Be
able
to d
evel
op
test
str
ateg
ies
and
apply
thes
e to
pro
cedura
l pro
gra
ms
4.3
U
se a
ppro
priat
e to
ols
to e
stim
ate
the
per
form
ance
of
the
pro
gra
m
5.1
Rec
ord
the
final
sta
te o
f th
e pro
gra
m in a
form
suitab
le f
or
subse
quen
t m
ainte
nan
ce
5
Be
able
to d
evel
op
des
ign
docu
men
tation f
or
use
in p
rogra
m
mai
nte
nan
ce a
nd
end-u
ser
docu
men
tation
5.2
Pr
ovi
de
end-u
ser
docu
men
tation t
hat
mee
ts t
he
use
r’s
nee
ds
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
90
Unit 414: Investigating and Defining Customer Requirements for ICT Systems
Unit reference number: R/602/1772
QCF level: 4
Credit value: 15
Guided learning hours: 90
Unit aim This unit provides the skills, knowledge and understanding requirements to take a leading role in the investigation and definition of customer requirements for ICT systems and services.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
91
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
Sel
ect
and u
se t
he
inve
stig
ativ
e m
ethods
whic
h w
ill e
licit r
elev
ant
info
rmat
ion a
bout
exis
ting a
nd p
ropose
d s
yste
ms
and p
roce
sses
1.2
Cre
ate
the
docu
men
tation r
equired
to r
ecord
the
resu
lts
of
inve
stig
atio
ns
1.3
Ensu
re t
hat
inve
stig
ativ
e m
ethods
are
applie
d c
orr
ectly
and a
ll re
leva
nt
info
rmat
ion is
reco
rded
usi
ng s
tandar
d d
ocu
men
tation
1.4
Ensu
re t
hat
the
confiden
tial
ity
of
cust
om
er info
rmat
ion is
pre
serv
ed
1
Be
able
to c
ontr
ol
the
inve
stig
atio
n o
f ex
isting a
nd
pro
pose
d s
yste
ms
and p
roce
sses
1.5
Pro
vide
advi
ce a
nd g
uid
ance
to c
olle
agues
on inve
stig
atio
n a
nd
anal
ysis
of
info
rmat
ion
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
92
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
2.1
Exp
lain
the
types
of
def
ect,
and t
hei
r ca
use
s w
hic
h c
an a
rise
in
info
rmat
ion
2.2
D
escr
ibe
met
hods
of
min
imis
ing d
efec
ts in info
rmat
ion
2.3
Exp
lain
how
cust
om
er n
eeds
and c
onst
rain
ts c
an a
ffec
t th
e des
ign o
f an
ICT s
yste
m
2.4
Anal
yse
info
rmat
ion t
o iden
tify
cust
om
er n
eeds
and p
riorities
for:
●
dat
a to
be
store
d a
nd p
roce
ssed
●
funct
ional
ity
in t
erm
s of
inputs
, pro
cess
es a
nd o
utp
uts
●
capac
ity
incl
udin
g n
um
ber
s of use
rs,
thro
ughput,
and d
ata
stora
ge
2.5
Anal
yse
info
rmat
ion t
o iden
tify
cust
om
er c
onst
rain
ts
2
Be
able
to a
nal
yse
info
rmat
ion t
o
iden
tify
nee
ds
and
const
rain
ts
2.6
Ver
ify
that
iden
tified
nee
ds,
prior
itie
s an
d c
onst
rain
ts m
eet
cust
om
er
requirem
ents
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
93
Unit 415: Carrying out Information Security Risk Management
Unit reference number: L/505/5814
QCF level: 4
Credit value: 12
Guided learning hours: 40
Unit aim On completion of this unit, learners will be able to manage and develop risk contingency plans and use these to manage information security risks.
Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
94
Learn
ing
ou
tco
mes
an
d a
ssess
men
t cr
iteri
a
To p
ass
this
unit,
the
lear
ner
nee
ds
to d
emon
stra
te t
hat
they
can
mee
t al
l th
e le
arnin
g o
utc
omes
for
the
unit.
The
asse
ssm
ent
criter
ia
det
erm
ine
the
stan
dar
d r
equired
to a
chie
ve t
he
unit.
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
1.1
In
terp
ret
giv
en r
isk
man
agem
ent
brief
s to
iden
tify
the
info
rmat
ion
asse
ts a
nd s
yste
m c
om
ponen
ts t
o b
e co
vere
d b
y th
e risk
contingen
cy
pla
n
1.2
Ver
ify
the
scope
of
iden
tified
info
rmat
ion a
sset
s an
d s
yste
m
com
ponen
ts w
ith r
elev
ant
per
sons
1.3
D
evel
op r
isk
contingen
cy p
lans
on a
giv
en a
nal
ysis
of
the
pro
bab
ility
an
d im
pac
t of
all id
entified
ris
ks
1.4
Ju
stify
the
range
of
resp
onse
act
ions
that
may
be
use
d t
o m
itig
ate
risk
s
1.5
Eva
luat
e risk
contingen
cy p
lans
agai
nst
ext
ernal
sta
ndar
ds
and
legis
lation
1
Be
able
to d
evel
op
info
rmat
ion
secu
rity
ris
k co
ntingen
cy p
lans
1.6
Rec
ord
info
rmat
ion s
ecurity
ris
k co
ntingen
cy p
lans
in lin
e w
ith
org
anis
atio
nal
req
uirem
ents
Pear
son B
TEC L
evel
4 D
iplo
ma
in I
nfo
rmat
ion S
ecuri
ty P
rofe
ssio
nal
Com
pet
ence
(Q
CF)
Spec
ific
atio
n –
Iss
ue
1 –
July
2014 ©
Pea
rson E
duca
tion
Lim
ited
2014
95
Learn
ing
ou
tco
mes
Ass
ess
men
t cr
iteri
a
Evid
en
ce
typ
e
Po
rtfo
lio
re
fere
nce
D
ate
2.1
M
anag
e def
ined
res
ponse
act
ions
to r
isks
whic
h im
pac
t th
e in
tegrity
of
info
rmat
ion a
sset
s an
d s
yste
m c
om
ponen
ts f
ollo
win
g o
rgan
isat
ional
pro
cedure
s an
d t
imel
ines
2.2
Rep
ort
any
risk
s ar
isin
g f
or
whic
h n
o r
esponse
act
ions
hav
e bee
n
def
ined
to t
he
rele
vant
per
sons
follo
win
g o
rgan
isat
ional
pro
cedure
s an
d t
imel
ines
2.3
Rep
ort
on info
rmat
ion s
ecurity
ris
k m
anag
emen
t ac
tivi
ties
follo
win
g
org
anis
atio
nal
pro
cedure
s
2.4
Com
munic
ate
the
resu
lts
and im
plic
atio
ns
of
risk
man
agem
ent
activi
ties
to r
elev
ant
per
sons
usi
ng m
edia
, fo
rmat
and s
truct
ure
s w
hic
h m
eet
the
nee
ds
of t
he
inte
nded
audie
nce
2
Be
able
to m
anag
e in
form
atio
n
secu
rity
ris
ks
2.5
Eva
luat
e org
anis
atio
nal
pro
cedure
s fo
r risk
man
agem
ent
Lear
ner
nam
e:_______________________________________________
D
ate:
_____________________________
Lear
ner
sig
nat
ure
:____________________________________________
D
ate:
_____________________________
Ass
esso
r si
gnat
ure
:___________________________________________
D
ate:
_____________________________
Inte
rnal
ver
ifie
r si
gnat
ure
:______________________________________
(i
f sa
mple
d)
Dat
e:_____________________________
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
96
12 Further information and useful publications
To get in touch with us visit our ‘Contact us’ pages:
● Edexcel: www.edexcel.com/contactus
● BTEC: www.edexcel.com/btec/Pages/Contactus
● Pearson Work Based Learning and Colleges: www.edexcel.com/about.wbl/Pages/Contact-us
● books, software and online resources for UK schools and colleges: www.pearsonschoolsandfecolleges.co.uk
Key publications:
● Adjustments for candidates with disabilities and learning difficulties – Access and Arrangements and Reasonable Adjustments, General and Vocational qualifications (Joint Council for Qualifications (JCQ))
● Equality Policy (Pearson)
● Recognition of Prior Learning Policy and Process (Pearson)
● UK Information Manual (Pearson)
● UK Quality Vocational Assurance Handbook (Pearson).
All of these publications are available on our website.
Publications on the quality assurance of BTEC qualifications are available on our website at www.edexcel.com/btec/delivering-BTEC/quality/Pages
Our publications catalogue lists all the material available to support our qualifications. To access the catalogue and order publications, please go to www.edexcel.com/resources/publications/Pages
Additional resources
If you need further learning and teaching materials to support planning and delivery for your learners, there is a wide range of BTEC resources available.
Any publisher can seek endorsement for their resources, and, if they are successful, we will list their BTEC resources on our website at: www.edexcel.com/resources/publications/Pages
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
97
13 Professional development and training
Pearson supports UK and international customers with training related to BTEC qualifications. This support is available through a choice of training options offered on our website: www.edexcel.com/resources/Training.
The support we offer focuses on a range of issues, such as:
● planning for the delivery of a new programme
● planning for assessment and grading
● developing effective assignments
● building your team and teamwork skills
● developing learner-centred learning and teaching approaches
● building in effective and efficient quality assurance systems.
The national programme of training we offer is on our website at: www.edexcel.com/resources/Training. You can request centre-based training through the website or you can contact one of our advisers in the Training from Pearson UK team via Customer Services to discuss your training needs.
BTEC training and support for the lifetime of the qualifications
Training and networks: our training programme ranges from free introductory events through sector-specific opportunities to detailed training on all aspects of delivery, assignments and assessment. We also host some regional network events to allow you to share your experiences, ideas and best practice with other BTEC colleagues in your region.
Regional support: our team of Curriculum Development Managers and Curriculum Support Consultants, based around the country, are responsible for providing advice and support in centres. They can help you with planning and curriculum developments.
To get in touch with our dedicated support teams please visit: www.edexcel.com/contactus
Online forum
Pearson Work Based Learning Communities is an online forum where employers, further education colleges and workplace training providers are able to seek advice and clarification about any aspect of our qualifications and services, as well as share knowledge and information with others. The forums are sector specific and cover Business Administration, Customer Service, Health and Social Care, Hospitality and Catering and Retail. The online forum is available at www.pearsonwbl.edexcel.com/Our-support.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
98
14 Contact us
We have a dedicated Account Support team, based throughout the UK, to give you more personalised support and advice. To contact your Account Specialist you can use any of the following methods:
Email: [email protected] Telephone: 0844 576 0045
If you are new to Pearson and would like to become an approved centre, please contact us at:
Email: [email protected] Telephone: 0844 576 0045
Complaints and feedback We are working hard to provide you with excellent service. However, if any element of our service falls below your expectations, we want to understand why, so that we can prevent it from happening again. We will do all that we can to put things right.
If you would like to register a complaint with us, please email [email protected].
We will formally acknowledge your complaint within two working days of receipt and provide a full response within seven working days.
Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014
99
Db300714G:\WORDPROC\LT\PD\BTEC LEVEL\
9781446911877_BTEC_LVL_L4_ISPC\9781446911877_BTEC_LVL_L4_ISPC.DOC.1–106/0
July 2014 For more information on Edexcel and BTEC qualifications please visit our websites: www.edexcel.com and www.btec.co.uk BTEC is a registered trademark of Pearson Education Limited Pearson Education Limited. Registered in England and Wales No. 872828 Registered Office: Edinburgh Gate, Harlow, Essex CM20 2JE. VAT Reg No GB 278 537121