Pearson BTEC Level 4 Diploma in Information Security ...€¦ · Pearson BTEC Level 4 Diploma in...

Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification

Competence-based qualification First registration August 2014

Edexcel, BTEC and LCCI qualifications

Edexcel, BTEC and LCCI qualifications are awarded by Pearson, the UK’s largest awarding body offering academic and vocational qualifications that are globally recognised and benchmarked. For further information, please visit our qualification websites at www.edexcel.com, www.btec.co.uk or www.lcci.org.uk. Alternatively, you can get in touch with us using the details on our contact us page at www.edexcel.com/contactus

About Pearson

Pearson is the world's leading learning company, with 40,000 employees in more than 70 countries working to help people of all ages to make measurable progress in their lives through learning. We put the learner at the centre of everything we do, because wherever learning flourishes, so do people. Find out more about how we can help you and your learners at: www.pearson.com/uk

References to third party material made in this specification are made in good faith. Pearson does not endorse, approve or accept responsibility for the content of materials, which may be subject to change, or any opinions expressed therein. (Material may include textbooks, journals, magazines and other publications and websites.)

All information in this specification is correct at time of publication.

Authorised by Dave Evans Prepared by Maria Adu

ISBN 978 1 446 9 11877

All the material in this publication is copyright © Pearson Education Limited 2014

Contents

Purpose of this specification 1

1 Introducing Pearson BTEC Competence-based qualifications 2

What are Competence-based qualifications? 2

2 Qualification summary and key information 3

QCF qualification number and qualification title 4

Qualification objectives 4

Relationship with previous qualifications 4

Apprenticeships 4

Progression opportunities 5

Industry support and recognition 5

Relationship with National Occupational Standards 5

3 Qualification structure 6

Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) 6

4 Assessment 9

Assessment requirements 10

Types of evidence 10

Credit transfer 11

5 Centre resource requirements 12

General resource requirements 12

6 Centre recognition and approval centre recognition 13

Approvals agreement 13

7 Quality assurance of centres 14

7 Quality assurance of centres 14

8 Programme delivery 15

9 Access and recruitment 16

10 Access to qualifications for learners with disabilities or specific needs 17

11 Unit format 18

Unit title 18

Unit reference number 18

QCF level 18

Credit value 18

Guided learning hours 18

Unit aim 18

Essential resources 18

Unit assessment requirements/evidence requirements 18

Learning outcomes 19

Assessment criteria 19

Unit 101: Health and Safety in ICT 20

Unit 303: Testing the Security of Information Systems 22

Unit 304: Carrying Out Information Security Risk Assessment 25

Unit 305: Investigating Information Security Incidents 28

Unit 306: Carrying Out Information Security Incident Management Activities 30

Unit 307: Carrying Out Information Security Forensic Examinations 33

Unit 308: Carrying Out Information Security Audits 35

Unit 309: System Operation 37

Unit 310: System Management 40

Unit 311: Creating an Event-Driven Computer Program 42

Unit 312: Creating an Object-Oriented Computer Program 45

Unit 313: Creating a Procedural Computer Program 48

Unit 314: Investigating and Defining Customer Requirements for ICT Systems 51

Unit 315: User Profile Administration 54

Unit 401: Develop Own Effectiveness and Professionalism 57

Unit 403: Testing the Security of Information Systems 61

Unit 404: Carrying Out Information Security Risk Assessment 64

Unit 405: Investigating Information Security Incidents 67

Unit 407: Carrying Out Information Security Forensic Examinations 69

Unit 408: Carrying Out Information Security Audits 71

Unit 409: IT and Telecoms System Operation 74

Unit 410: IT and Telecoms System Management 78

Unit 411: Designing and Developing Event-Driven Computer Program 81

Unit 412: Designing and Developing Object-Oriented Computer Program 84

Unit 413: Designing and Developing Procedural Computer Program 87

Unit 414: Investigating and Defining Customer Requirements for ICT Systems 90

Unit 415: Carrying out Information Security Risk Management 93

12 Further information and useful publications 96

13 Professional development and training 97

BTEC training and support for the lifetime of the qualifications 97

Online forum 97

14 Contact us 98

Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) Specification – Issue 1 – July 2014 © Pearson Education Limited 2014

1

Purpose of this specification

The purpose of a specification as defined by Ofqual is to set out:

● the qualification’s objective

● any other qualification that a learner must have completed before taking the qualification

● any prior knowledge, skills or understanding that the learner is required to have before taking the qualification

● units that a learner must have completed before the qualification will be awarded and any optional routes

● any other requirements that a learner must have satisfied before they will be assessed or before the qualification will be awarded

● the knowledge, skills and understanding that will be assessed as part of the qualification (giving a clear indication of their coverage and depth)

● the method of any assessment and any associated requirements relating to it

● the criteria against which the learner’s level of attainment will be measured (such as assessment criteria)

● any specimen materials

● any specified levels of attainment

● the Apprenticeship Framework in which the qualification is included, where appropriate.


2

1 Introducing Pearson BTEC Competence-based qualifications

What are Competence-based qualifications?

Competence-based qualifications reflect the skills and knowledge needed to do a job effectively. They are work-based qualifications that give learners the opportunity to demonstrate their competence in the area of work or job role to which the qualification relates.

Competence-based qualifications are outcomes-based with no fixed learning programme, allowing flexibility in their delivery to meet the individual learner’s needs. The qualifications are based on the National Occupational Standards (NOS) for the sector, which define what employees, or potential employees, must be able to do and know, and how well they should undertake work tasks and work roles.

Most Competence-based qualifications form the competence component of Apprenticeship Frameworks. They are suitable for those in employment or those who are studying at college and have a part-time job or access to a substantial work placement.

Most learners will work towards their qualification in the workplace or in settings that replicate the working environment. Colleges, training centres and/or employers can offer these qualifications provided they have access to appropriate physical and human resources.

There are three sizes of Competence-based qualification in the QCF:

● Award (1 to 12 credits)

● Certificate (13 to 36 credits)

● Diploma (37 credits and above).

Every unit and qualification in the QCF has a credit value.

The credit value of a unit specifies the number of credits that will be awarded to a learner who has met the learning outcomes of the unit.

The credit value of a unit is based on:

● one credit for those learning outcomes achievable in 10 hours of learning

● learning time – defined as the time taken by learners at the level of the unit, on average, to complete the learning outcomes of the unit to the standard determined by the assessment criteria.


3

2 Qualification summary and key information

Qualification title Pearson BTEC Level 4 Diploma in Information Security Professional Competence(QCF)

QCF Qualification Number (QN) 601/3783/6

Qualification framework Qualifications and Credit Framework (QCF)

Accreditation start date August 2014

Certification end date December 2017

Approved age ranges 16–18

19+

Please note that sector-specific requirements or regulations may prevent learners of a particular age from embarking on this qualification.

Credit value 78

Assessment Portfolio of Evidence (internal assessment)

Guided learning hours 325–395

Grading information The qualification and units are at Pass grade

Entry requirements No prior knowledge, understanding, skills or qualifications are required before learners register for this qualification. However, centres must follow the Pearson Access and Recruitment policy (see Section 9, Access and recruitment).


4

QCF qualification number and qualification title

Centres will need to use the QCF Qualification Number (QN) when they seek public funding for their learners. Every unit in a qualification has a QCF unit reference number (URN).

The qualification title, unit titles and QN are given on each learner’s final certificate. You should tell your learners this when your centre recruits them and registers them with us. There is more information about certification in our UK Information Manual, available on our website at: www.edexcel.com/iwantto/Pages/uk-information-manual

Qualification objectives

The Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) is for learners who work in, or want to work in the information security sector.

It gives learners the opportunity to:

● demonstrate competence in relevant job roles within the information security sector

● develop knowledge and skills related to the specified job roles in the information security sector

● have existing skills recognised

● achieve a nationally recognised Level 4 qualification

● personally develop and engage in learning.

Relationship with previous qualifications

This is a new qualification.

Apprenticeships

E-skills UK includes the Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) as the competence component for the Higher Apprenticeship in Information Security.


5

Progression opportunities

Learners who have achieved the Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF) may progress to the Pearson BTEC Level 5 HND Diploma in Computing and Systems Development (QCF).

Industry support and recognition

This qualification is supported by e-skills UK, the Sector Skills Council for Information Technology.

Relationship with National Occupational Standards

This qualification is based on the e-skills UK National Occupational Standards (NOS) and the IISP (Information Security and Information Assurance Professionals) skills framework in Information Technology.


6

3 Qualification structure

Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF)

The learner will need to meet the requirements outlined in the table below before the qualification can be awarded.

Minimum number of credits that must be achieved 78

Minimum number of credits that must be achieved at Level 4 48

Number of mandatory credits that must be achieved 15

Number of optional credits that must be achieved from Option Group 1 36

The remaining 27 credits may be achieved from:

a combination of Option Group 1 and Option Group 2 OR

Option Group 2 only

27

Unit Unit reference number

Mandatory units

All 15 credits MUST be achieved from this group

Level Credit Guided learning hours

101 Y/500/7183 Health and Safety in ICT 1 3 15

401 K/601/3502 Develop own Effectiveness and Professionalism

4 12 60


Option Group 1 units

A minimum of 36 credits MUST be achieved from this group


TS – Testing Security

No more than one unit to be completed from this section

303 T/505/5788 Testing the Security of Information Systems

3 12 40

403 A/505/5789 Testing the Security of Information Systems

4 15 60

RA – Risk Assessment


304 T/505/5791 Carrying Out Information Security Risk Assessment

3 9 30

404 A/505/5792 Carrying Out Information Security Risk Assessment

4 12 40


7


Option Group 1 units

A minimum of 36 credits MUST be achieved from this group


II – Investigating Information Security Incidents


305 F/505/5793 Investigating Information Security Incidents

3 9 23

405 D/505/5798 Investigating Information Security Incidents

4 12 35

FE – Forensic Examinations


307 R/505/580 Carrying Out Information Security Forensic Examinations

3 6 10

407 M/505/5806 Carrying Out Information Security Forensic Examinations

4 9 20

SA – Security Audits


308 A/505/580 Carrying Out Information Security Audits

3 6 10

408 A/505/5811 Carrying Out Information Security Audits

4 12 30

RM – Risk Management

This single unit may be attempted

415 L/505/5814 Carrying Out Information Security Risk Management

4 12 40


Option Group 2 units.

A maximum of 27 credits may be taken from this group.


MA – Management Activities


306 F/505/5812 Carrying Out Information Security Incident Management Activities

3 9 25

SO – System Operation


309 A/500/7340 System Operation 3 12 100

409 R/504/5513 IT and Telecoms System Operation 4 15 90

SM – System Management



8


Option Group 2 units.

A maximum of 27 credits may be taken from this group.


310 D/500/7332 System Management 3 12 100

410 M/504/5504 IT and Telecoms System Management

4 15 90

ED – Event-Driven Computer Program


311 F/601/3179 Creating an Event-Driven Computer Program

3 12 90

411 J/601/3300 Designing and Developing Event-Driven Computer Program

4 15 90

OO – Object-Oriented Computer Program


312 L/601/3184 Creating an Object-Oriented Computer Program

3 12 90

412 T/601/3308 Designing and Developing Object-Oriented Computer Program

4 15 90

CP – Creating a Procedural Computer Program


313 R/601/3171 Creating a Procedural Computer Program

3 12 90

413 T/601/3311 Designing and Developing Procedural Computer Program

4 15 90

ID – Investigating and Defining


314 R/601/3249 Investigating and Defining Customer Requirements for ICT Systems

3 12 75

414 R/602/1772 Investigating and Defining Customer Requirements for ICT Systems

4 15 90

UP – User Profile Administration


315 K/500/7379 User Profile Administration 3 9 80


9

4 Assessment

This qualification is assessed through an externally verified Portfolio of Evidence that consists of evidence gathered during the course of the learner’s work.

To achieve a Pass for the full qualification, the learner must achieve all the required units in the stated qualification structure. Each unit has specified learning outcomes and assessment criteria. To pass each unit the learner must:

● achieve all the specified learning outcomes

● satisfy all the assessment criteria by providing sufficient and valid evidence for each criterion

● prove that the evidence is their own.

The learner must have an assessment record that identifies the assessment criteria that have been met, and it should be cross-referenced to the evidence provided. The assessment record should include details of the type of evidence and the date of assessment. The unit specification or suitable centre documentation can be used to form an assessment record.

It is important that the evidence provided to meet the assessment criteria of the unit and learning outcomes is:

Valid relevant to the standards for which competence is claimed

Authentic produced by the learner

Current sufficiently recent to create confidence that the same skill, understanding or knowledge persist at the time of the claim

Reliable indicates that the learner can consistently perform at this level

Sufficient fully meets the requirements of the standards.

Learners can provide evidence of occupational competence from:

● current practice where evidence is generated from a current job role

● a programme of development where evidence comes from assessment opportunities built into a learning programme.

● the Recognition of Prior Learning (RPL) where a learner can demonstrate that they can meet the assessment criteria within a unit through knowledge, understanding or skills they already possess without undertaking a course of development. They must submit sufficient, reliable, authentic and valid evidence for assessment. Evidence submitted based on RPL should provide confidence that the same level of skill/understanding/knowledge exists at the time of claim as existed at the time the evidence was produced. RPL is acceptable for accrediting a unit, several units, or a whole qualification.

● Further guidance is available in the policy document Recognition of Prior Learning Policy and process, available on our website: www.edexce.com/polices

● a combination of these.


10

Assessment requirements

Learners must provide evidence according to the requirements stated in the unit.

Types of evidence

To achieve a unit, the learner must gather evidence that shows that they have met the required standard specified in the assessment criteria. The evidence for this qualification can take a variety of forms as indicated below:

● direct observation of the learner’s performance by their assessor (O)

● outcomes from oral or written questioning (Q&A)

● products of the learner’s work (P)

● personal statements and/or reflective accounts (RA)

● outcomes from simulation (S)

● professional discussion (PD)

● assignment, project/case studies (A)

● authentic statements/witness testimony (WT)

● expert witness testimony (EWT)

● evidence of Recognition of Prior Learning (RPL).

Learners can use the abbreviations for cross-referencing purposes in their portfolios.

Learners can also use one piece of evidence to prove their knowledge, skills and understanding across different assessment criteria and/or across different units. It is not necessary for learners to have each assessment criterion assessed separately. They should be encouraged to reference evidence to the relevant assessment criteria. Evidence must be available to the assessor, internal verifier and Pearson standards verifier.

Any specific evidence requirements for individual units are stated in the unit introductions to the units.

There is further guidance about assessment on our website. Please see Section 10 for details.


11

Credit transfer

Credit transfer describes the process of using a credit or credits awarded in the context of a different qualification or awarded by a different awarding organisation towards the achievement requirements of another qualification. All awarding organisations recognise the credits awarded by all other awarding organisations that operate within the QCF.

If learners achieve credits with other awarding organisations, they do not need to retake any assessment for the same units. The centre must keep evidence of credit achievement.


12

5 Centre resource requirements

As part of the approval process, centres must make sure that the resource requirements below are in place before offering the Pearson BTEC Level 4 Diploma in Information Security Professional Competence (QCF).

General resource requirements

● Centres must have the appropriate physical resources to support both the delivery and assessment of the qualification (for example, a workplace in line with industry standards, equipment, IT, learning materials and teaching rooms).

● Where permitted, a Realistic Working Environment (RWE) must offer the same conditions as the normal day-to-day working environment, with a similar range of demands, pressures and requirements for cost-effective working.

● Centres must meet any specific human and physical resource requirements. Staff assessing learners must meet the occupational competence requirements.

● There must be systems in place to ensure the continuing professional development for staff delivering the qualification.

● Centres must have appropriate health and safety policies, procedures and practices in place for the delivery of the qualification.

● Centres must deliver the qualifications in accordance with current equality legislation. For further details on Pearson’s commitment to the Equality Act 2010, please see Section 9 Access and recruitment and Section 10 Access to qualifications for learners with disabilities or specific needs. For full details of the Equality Act 2010, please go to www.legislation.gov.uk


13

6 Centre recognition and approval centre recognition

Centres that have not previously offered this Pearson qualification need to apply for, and be granted, centre recognition as part of the process for approval to offer this individual qualification.

Guidance on seeking approval to deliver BTEC qualifications is given on our website, www.edexcel.com

Approvals agreement

All centres are required to enter into an approval agreement that is a formal commitment by the head or principal of a centre to meet all the requirements of the specification and any associated codes, conditions or regulations.

Pearson will act to protect the integrity of the awarding of qualifications. If centres do not comply with the agreement, this could result in the suspension of certification or withdrawal of approval.

http://www.edexcel.com/�


14

7 Quality assurance of centres

Quality assurance is at the heart of vocational qualifications. Centres will internally assess Competence-based qualifications using internal quality assurance procedures to ensure standardisation of assessment across all learners. Pearson uses external quality assurance procedures to check that all centres are working to national standards. It gives us the opportunity to identify and provide support, if needed, to safeguard certification. It also allows us to recognise and support good practice.

For the qualifications in this specification, the Pearson quality assurance model is as described below.

Centres offering Pearson BTEC Competence-based qualifications will at least receive two standards verification visits per year. The exact frequency and duration of standards verifier visits must reflect the centre’s performance, taking account of the number:

● of assessment sites

● and throughput of learners

● and turnover of assessors

● and turnover of internal verifiers.

For centres offering a full Pearson Apprenticeship (i.e. all elements of the Apprenticeship are delivered with Pearson through registration of learners on a Pearson Apprenticeship framework) a single standards verifier will be allocated to verify all elements of the Pearson Apprenticeship programme. If a centre is also offering stand-alone Competence-based qualifications in the same sector as a full Pearson Apprenticeship, the same standards verifier will be allocated.

In order for certification to be released, confirmation is required that the National Occupational Standards (NOS) for assessment, for internal verification and for the specific occupational sector are being consistently met.

Centres are required to declare their commitment to ensuring quality and to providing appropriate opportunities for learners that lead to valid and accurate assessment outcomes.

For further details, please go to the UK NVQ Quality Assurance Centre Handbook and the Edexcel NVQs, SVQs and Competence-based qualifications – Delivery Requirements and Quality Assurance Guidance on our website, at www.pearsonwbl.edexcel.com/NVQ-competence-based.

http://www.edexcel.com/quals/BTEC/quality/Pages/documents.aspx�

http://pearsonwbl.edexcel.com/quals/NVQ-competence-based-qcf/Pages/default.aspx�


15

8 Programme delivery

Centres are free to offer the qualifications using any mode of delivery (for example full-time, part-time, evening only, distance learning) that meets learners’ needs. Centres must have due regard to Pearson’s policies that may apply to different modes of delivery.

Those planning the programme should aim to address the occupational nature of the qualification by:

● engaging with learners, initially, through planned induction, and subsequently through the involvement of learners in planning for assessment opportunities

● using naturally occurring workplace activities and products to present evidence for assessment against the requirements of the qualification

● developing a holistic approach to assessment by matching evidence to different assessment criteria, learning outcomes and units, as appropriate, thereby reducing the assessment burden on learners and assessors

● taking advantage of suitable digital methods to capture evidence.


16

9 Access and recruitment

Pearson’s policy regarding access to its qualifications is that:

● they should be available to everyone who is capable of reaching the required standards

● they should be free from any barriers that restrict access and progression

● there should be equal opportunities for all wishing to access the qualifications.

Centres must ensure that their learner recruitment process is conducted with integrity. This includes ensuring that applicants have appropriate information and advice about the qualification to ensure that it will meet their needs.

Centres should review applicants’ prior qualifications and/or experience, considering whether this profile shows that they have the potential to achieve the qualification.

For learners with disabilities and specific needs, this review will need to take account of the support available to the learner during teaching and assessment of the qualification. The review must take account of the information and guidance in Section 10 Access to qualifications for learners with disabilities or specific needs.


17

10 Access to qualifications for learners with disabilities or specific needs

Equality and fairness are central to our work. Pearson’s Equality Policy requires all learners to have equal opportunity to access our qualifications and assessments. It also requires our qualifications to be awarded in a way that is fair to every learner.

We are committed to making sure that:

● learners with a protected characteristic (as defined by the Equality Act 2010) are not, when they are undertaking one of our qualifications, disadvantaged in comparison to learners who do not share that characteristic

● all learners achieve the recognition they deserve from undertaking a qualification and that this achievement can be compared fairly to the achievement of their peers.

Learners taking a qualification may be assessed in British Sign Language or Irish Sign Language where it is permitted for the purpose of reasonable adjustments.

Further information on access arrangements can be found in the Joint Council for Qualifications (JCQ) document Access Arrangements, Reasonable Adjustments and Special Consideration for General and Vocational qualifications.

Details on how to make adjustments for learners with protected characteristics are given in the document Pearson Supplementary Guidance for Reasonable Adjustment and Special Consideration in Vocational Internally Assessed Units.

Both documents are on our website at: www.edexcel.com/policies

http://www.edexcel.com/policies�


18

11 Unit format

Units have the following sections.

Unit title

The unit title is on the QCF and this form of words will appear on the learner’s Notification of Performance (NOP).

Unit reference number

Each unit is assigned a unit reference number that appears with the unit title on the Register of Regulated Qualifications.

QCF level

All units and qualifications within the QCF have a level assigned to them. There are nine levels of achievement, from Entry to Level 8. The QCF Level Descriptors inform the allocation of the level.

Credit value

When a learner achieves a unit, they gain the specified number of credits.

Guided learning hours

Guided learning hours are the times when a tutor, trainer or facilitator is present to give specific guidance towards the learning aim for a programme. This definition covers lectures, tutorials and supervised study in, for example, open learning centres and learning workshops. It also includes assessment by staff where learners are present. It does not include time spent by staff marking assignments or homework where the learner is not present.

Unit aim

This gives a summary of what the unit aims to do.

Essential resources

This section lists any specialist resources needed to deliver the unit. The centre will be asked to make sure that these resources are in place when it seeks approval from Pearson to offer the qualification.

Unit assessment requirements/evidence requirements

Learners must provide evidence according to each of the requirements stated in this section.


19

Learning outcomes

The learning outcomes of a unit set out what a learner knows, understands or is able to do as the result of a process of learning.

Assessment criteria

Assessment criteria specify the standard required by the learner to achieve each learning outcome.


20

Unit 101: Health and Safety in ICT

Unit reference number: Y/500/7183

QCF level: 1

Credit value: 3

Guided learning hours: 15

Unit aim This unit explores compliance with health and safety legislation when working in ICT.

The basis of health and safety law is the Health and Safety at Work Act 1974. The act sets out the general duties that employers have towards employees and members of the public, and employees have to themselves and to each other.

What the law requires here is what good management and common sense would lead individuals and organisations to do anyway: that is, identify risks and take sensible measures to tackle them.

Health and safety legislation impacts not only on those who are employed at work, but on visitors, bystanders and customers who may be affected by actions of those engaged in work activities.

Health and safety legislation is subject to constant review, and new legislation is introduced on a regular basis. This constant change must be monitored by organisations and individuals to identify actions required to remain compliant. Interpretation of the legislation may also be modified as a result of case law or other legal guidance.

Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

21

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Id

entify

rel

evan

t org

anis

atio

nal

hea

lth a

nd s

afet

y pro

cedure

s

1.2

Id

entify

ava

ilable

sourc

es o

f hea

lth a

nd s

afet

y in

form

atio

n

1

Be

able

to c

om

ply

w

ith r

elev

ant

hea

lth a

nd s

afet

y pro

cedure

s 1.3

D

emonst

rate

how

rel

evan

t hea

lth a

nd s

afet

y pro

cedure

s hav

e bee

n

follo

wed

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


22

Unit 303: Testing the Security of Information Systems

Unit reference number: T/505/5788

QCF level: 3

Credit value: 12


Unit aim On completion of this unit, learners will be able to conduct security tests and be able to report the results of tests using standard documents.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

23

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

D

evel

op t

est

scripts

for

spec

ifie

d info

rmat

ion a

ssura

nce

req

uirem

ents

te

stin

g

1.2

Cre

ate

pla

ns

that

ensu

re t

hat

spec

ifie

d info

rmat

ion a

ssura

nce

re

quirem

ents

are

tes

ted

1.3

Im

ple

men

t sp

ecifie

d p

repar

atio

ns

prior

to c

arry

ing o

ut

test

s

1.4

Apply

spec

ifie

d t

est

met

hods,

tools

and t

echniq

ues

follo

win

g

org

anis

atio

nal

pro

cedure

s

1.5

Rec

ord

the

resu

lts

of

test

s usi

ng s

tandar

d d

ocu

men

tation

1

Be

able

to c

onduct

se

curity

tes

ting

1.6

Im

ple

men

t sp

ecifie

d a

ctiv

itie

s fo

llow

ing t

he

com

ple

tion o

f te

stin

g

2.1

Exa

min

e th

e re

sults

of te

stin

g t

o id

entify

sec

urity

vuln

erab

ilities

2.2

Prioritise

iden

tified

vuln

erab

ilities

agai

nst

spec

ifie

d info

rmat

ion

assu

rance

req

uirem

ent

2.3

Rep

ort

any

hig

h p

riority

vuln

erab

ilities

to t

he

rele

vant

per

sons

follo

win

g o

rgan

isat

ional

pro

cedure

s

2.4

Id

entify

the

type

of a

ctio

ns

required

to m

itig

ate

iden

tified

vu

lner

abili

ties

2

Be

able

to r

eport

on t

est

resu

lts

2.5

Rep

ort

the

resu

lts

of te

st a

ctiv

itie

s usi

ng s

tandar

d d

ocu

men

tation

follo

win

g o

rgan

isat

ional

pro

cedure

s

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

24

Lear

ner

nam

e:________________________________________________

Dat

e:_____________________________

Lear

ner

sig

nat

ure

:_____________________________________________

Dat

e:_____________________________

Ass

esso

r si

gnat

ure

:____________________________________________

Dat

e:_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:_______________________________________

(if

sam

ple

d)

Dat

e:_____________________________


25

Unit 304: Carrying Out Information Security Risk Assessment


QCF level: 3

Credit value: 9


Unit aim On completion of this unit, learners will be able to gather information, assess and report on the risks to information security.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

26

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Ver

ify

the

scope

of

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts t

o be

asse

ssed

with r

elev

ant

per

sons

1.2

U

se s

pec

ifie

d inve

stig

ativ

e m

ethods

follo

win

g o

rgan

isat

ional

pro

cedure

s

1.3

G

ather

info

rmat

ion t

o e

nab

le t

he

secu

rity

of sp

ecifie

d info

rmat

ion

asse

ts a

nd s

yste

m c

om

ponen

ts t

o b

e as

sess

ed

1

Be

able

to g

ather

in

form

atio

n o

n

info

rmat

ion

secu

rity

ris

ks

1.4

Rec

ord

all

gat

her

ed info

rmat

ion u

sing s

tandar

d d

ocu

men

tation

2.1

Exa

min

e gat

her

ed info

rmat

ion t

o iden

tify

ris

ks t

o t

he

secu

rity

of

spec

ifie

d info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts

2.2

Cat

egorise

the

priority

of

iden

tified

ris

ks b

y det

erm

inin

g t

hei

r pro

bab

ility

of

occ

urr

ence

and p

ote

ntial

im

pac

t

2.3

Rep

ort

hig

h p

riority

ris

ks t

o t

he

rele

vant

per

sons

follo

win

g

org

anis

atio

nal

pro

cedure

s

2.4

D

eter

min

e th

e ty

pes

of ac

tions

required

to m

itig

ate

iden

tified

ris

ks

2

Be

able

to a

sses

s an

d r

eport

on

info

rmat

ion

secu

rity

ris

ks

2.5

Rep

ort

the

resu

lts

of

risk

ass

essm

ent

activi

ties

usi

ng s

tandar

d

docu

men

tation f

ollo

win

g o

rgan

isat

ional

pro

cedure

s

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

27

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


28

Unit 305: Investigating Information Security Incidents

Unit reference number: F/505/5793

QCF level: 3

Credit value: 9


Unit aim On completion of this unit, learners will be able to gather information to investigate, identify and report information security incidents.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

29

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Id

entify

the

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts t

hat

may

be

impac

ted b

y det

ecte

d inci

den

ts

1.2

Ver

ify

the

scope

of

det

ecte

d inci

den

ts w

ith r

elev

ant

per

sons

1

Be

able

to g

ather

in

form

atio

n t

o

inve

stig

ate

info

rmat

ion

secu

rity

inci

den

ts

1.3

O

bta

in a

nd p

rese

rve

evid

ence

rel

atin

g t

o d

etec

ted inci

den

ts

2.1

U

nder

take

agre

ed inve

stig

ativ

e ac

tions

2.2

Exa

min

e how

acc

ess

to t

he

affe

cted

info

rmat

ion a

sset

s an

d s

yste

m

com

ponen

ts w

as o

bta

ined

2.3

Rep

ort

to t

he

rele

vant

per

sons

any

inci

den

ts for

whic

h t

he

mode

of

acce

ss c

annot

be

iden

tified

2.4

M

ake

reco

mm

endat

ions

on t

he

nee

d f

or

det

aile

d f

ore

nsi

c ex

amin

atio

ns

2.5

Rep

ort

on inci

den

t in

vest

igat

ion a

ctiv

itie

s usi

ng s

tandar

d

docu

men

tation

2

Be

able

to

inve

stig

ate

info

rmat

ion

secu

rity

inci

den

ts

2.6

Fo

llow

org

anis

atio

nal

pro

cedure

s fo

r in

vest

igat

ion a

ctiv

itie

s

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


30

Unit 306: Carrying Out Information Security Incident Management Activities


QCF level: 3

Credit value: 9


Unit aim On completion of this unit, learners will be able to carry out information security incident management activities and be able to gather information to manage incidents in information security.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

31

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Fo

llow

org

anis

atio

nal

pro

cedure

s fo

r th

e det

ection a

nd c

lass

ific

atio

n o

f in

ciden

ts

1.2

Id

entify

the

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts t

hat

may

be

impac

ted b

y det

ecte

d inci

den

ts

1.3

Ver

ify

the

scope

of

det

ecte

d inci

den

ts w

ith r

elev

ant

per

sons

1

Be

able

to g

ather

in

form

atio

n t

o

man

age

info

rmat

ion

secu

rity

inci

den

ts

1.4

O

bta

in info

rmat

ion a

nd d

ata

on inci

den

ts t

o a

sses

s th

eir

impac

t on

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts

2.1

Id

entify

typ

es o

f ac

tions

required

to r

esolv

e in

ciden

ts o

r m

itig

ate

thei

r im

pac

t

2.2

Rep

ort

any

inci

den

ts t

hat

can

not

be

reso

lved

or

mitig

ated

to t

he

rele

vant

per

sons

follo

win

g o

rgan

isat

ional

pro

cedure

s

2.3

M

ake

reco

mm

endat

ions

for

spec

ific

act

ions

to b

e ta

ken t

o r

espond t

o in

ciden

ts

2.4

Rep

ort

on inci

den

t m

anag

emen

t ac

tivi

ties

usi

ng s

tandar

d

docu

men

tation f

ollo

win

g o

rgan

isat

ional

pro

cedure

s

2

Be

able

to c

arry

ou

t in

form

atio

n

secu

rity

inci

den

t m

anag

emen

t ac

tivi

ties

2.5

Fo

llow

org

anis

atio

nal

pro

cedure

s fo

r th

e cl

osu

re o

f in

ciden

ts

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

32

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


33

Unit 307: Carrying Out Information Security Forensic Examinations

Unit reference number: R/505/5801

QCF level: 3

Credit value: 6


Unit aim This unit provides the relevant skills and methods for applying forensic examinations. On completion of this unit, learners will be able to report and undertake specific actions to secure relevant information in information security.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

34

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Fo

llow

org

anis

atio

nal

pro

cedure

s fo

r fo

rensi

c ex

amin

atio

ns

1.2

U

nder

take

spec

ifie

d a

ctio

ns

to s

ecure

info

rmat

ion a

sset

s an

d s

yste

m

com

ponen

ts s

ubje

ct t

o a

ctual

or

atte

mpte

d b

reac

hes

of

secu

rity

1.3

Apply

fore

nsi

c m

ethods

to e

xam

ine

spec

ifie

d s

yste

m info

rmat

ion f

or

evid

ence

of ac

tual

or

atte

mpte

d b

reac

hes

of

secu

rity

polic

y or

legis

lation

1.4

Rep

ort

any

iden

tified

sourc

es o

f ac

tual

or

atte

mpte

d b

reac

hes

of

secu

rity

to t

he

rele

vant

per

sons

1.5

U

se s

pec

ifie

d t

ools

to a

nal

yse

the

inte

grity

of so

ftw

are

1

Be

able

to c

arry

ou

t in

form

atio

n

secu

rity

fore

nsi

c ex

amin

atio

ns

1.6

Rep

ort

on fore

nsi

c ex

amin

atio

n a

ctiv

itie

s usi

ng s

tandar

d

docu

men

tation

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


35

Unit 308: Carrying Out Information Security Audits

Unit reference number: A/505/5808

QCF level: 3

Credit value: 6


Unit aim On completion of this unit, learners will be able to report, examine and follow organisational procedures on audit activities in information security.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

36

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Ver

ify

the

scope

of

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts t

o be

audited

with r

elev

ant

per

sons

1.2

U

se s

pec

ifie

d a

udit m

ethods

to o

bta

in info

rmat

ion a

nd d

ata

rela

ting t

o

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts t

o a

sses

s se

curity

co

mplia

nce

1.3

Exa

min

e in

form

atio

n a

nd d

ata

rela

ting t

o in

form

atio

n a

sset

s an

d

syst

em c

om

ponen

ts t

o a

sses

s se

curity

com

plia

nce

1.4

Rep

ort

any

secu

rity

non

-com

plia

nce

to t

he

rele

vant

per

sons

1.5

Rep

ort

on a

udit a

ctiv

itie

s usi

ng s

tandar

d d

ocu

men

tation

1

Be

able

to c

arry

ou

t in

form

atio

n

secu

rity

audit

activi

ties

1.6

Fo

llow

org

anis

atio

nal

pro

cedure

s fo

r in

form

atio

n s

ecurity

audits

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


37

Unit 309: System Operation


QCF level: 3

Credit value: 12


Unit aim System operation is the ability to operate and monitor a system, which can be any combination of equipment, hardware and software. This may include:

● using data backup and restore routines

● handling of incidents

● controlling and monitoring availability and performance of system components

● start-up/close-down routines

● scheduling routine or preventative maintenance

● maintenance of operating plans and schedules.

Examples of ‘operational activities’ are:

● replenishment of consumables

● routine or preventative maintenance

● data backups.

A competent person at Level 3 can maintain and implement system operating procedures.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

38

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Exp

lain

the

oper

atin

g p

roce

dure

s th

at a

re a

pplic

able

to t

he

syst

em,

such

as:

●

required

ser

vice

lev

els

(e.g

. av

aila

bili

ty,

qual

ity)

●

routine

mai

nte

nan

ce

●

monitoring

●

dat

a in

tegrity

(e.

g.

bac

kups,

antivi

rus)

●

consu

mab

les

use

, st

ora

ge

and d

isposa

l

●

hea

lth a

nd s

afet

y

●

esca

lation

●

info

rmat

ion r

ecord

ing a

nd r

eport

ing

●

obta

inin

g w

ork

per

mis

sions

●

secu

rity

and c

onfiden

tial

ity

1.2

D

escr

ibe

syst

em f

unct

ional

ity

during n

orm

al o

per

atio

n

1

Know

how

to

oper

ate

the

syst

em

1.3

D

escr

ibe

the

effe

cts

of o

per

atio

nal

act

ivitie

s on s

yste

m funct

ional

ity

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

39

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

2.1

U

se a

nd o

per

ate

the

syst

em f

ollo

win

g a

ppro

priat

e pro

cedure

s

2.2

Id

entify

sys

tem

fau

lts

and r

esol

ve o

r es

cala

te s

yste

m f

aults

as

appro

priat

e

2.3

G

ather

and r

ecord

spec

ifie

d o

per

atio

nal

info

rmat

ion

2

Be

able

to o

per

ate

syst

ems

2.4

Ass

ess

and m

inim

ise

risk

s su

ch a

s:

●

loss

or

corr

uption o

f dat

a

●

loss

of

serv

ice

●

dam

age

to e

quip

men

t

●

effe

cts

on c

ust

om

er o

per

atio

ns

3.1

Pro

vide

advi

ce a

nd g

uid

ance

on s

yste

m o

per

atio

n t

o im

med

iate

co

lleag

ues

3.2

Sel

ect

the

pro

cedure

s to

be

follo

wed

3.3

Sch

edule

oper

atio

nal

act

ivitie

s to

min

imis

e dis

ruption t

o sy

stem

fu

nct

ional

ity

3

Be

able

to m

ainta

in

and im

ple

men

t sy

stem

oper

atin

g

pro

cedure

s

3.4

Colla

te o

per

atio

nal

info

rmat

ion

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


40

Unit 310: System Management

Unit reference number: D/500/7332

QCF level: 3

Credit value: 12


Unit aim System management is the ability to manage ICT systems to ensure that they deliver the required functionality and capacity. A system can be any combination of equipment, hardware and software.

System management could involve changing system configuration to meet short-term fluctuations in demand (for example, high numbers of calls to specific telephone numbers).

It could also involve longer-term changes such as increasing resources (for example, processing or storage capacity) to meet anticipated needs and taking account of advances in technology.

A competent person at Level 3 can administer a system.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

41

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

D

escr

ibe

how

to

configure

the

syst

em

1.2

D

escr

ibe

ICT a

sset

and c

onfigura

tion info

rmat

ion a

pplic

able

to t

he

syst

em s

uch

as:

●

phys

ical

att

ribute

s (e

.g.

man

ufa

cture

r, t

ype,

rev

isio

n,

serial

num

ber

, lo

cation,

valu

e)

●

configura

tion (

e.g.

phys

ical

and logic

al a

ddre

sses

, options

set,

co

nnec

tions)

1

Under

stan

d h

ow

to

adm

inis

ter

a sy

stem

1.3

D

escr

ibe

how

ava

ilable

options

for

syst

em c

onfigura

tion a

ffec

t fu

nct

ional

ity

and c

apac

ity

2.1

Sel

ect

configura

tion o

ptions

to o

ptim

ise

syst

em f

unct

ional

ity

and

capac

ity

2.2

M

ake

chan

ges

to s

yste

m c

onfigura

tion

2

Be

able

to

adm

inis

ter

a sy

stem

and c

han

ge

syst

em

configura

tions

2.3

Spec

ify

item

s fo

r w

hic

h I

CT a

sset

and c

onfigura

tion info

rmat

ion is

to

be

reco

rded

Lear

ner

nam

e:________________________________________________

Dat

e:_____________________________

Lear

ner

sig

nat

ure

:_____________________________________________

Dat

e:_____________________________

Ass

esso

r si

gnat

ure

:____________________________________________

Dat

e:_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:_______________________________________

(if

sam

ple

d)

Dat

e:_____________________________


42

Unit 311: Creating an Event-Driven Computer Program


QCF level: 3

Credit value: 12


Unit aim This unit covers the more advanced concepts of event-driven computer languages and their use to implement, refine and test computer programs.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

43

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Id

entify

the

scre

en c

om

ponen

ts a

nd d

ata

and file

str

uct

ure

s re

quired

to

im

ple

men

t a

giv

en d

esig

n

1.2

Sel

ect,

dec

lare

and initia

lise

variab

le a

nd d

ata

stru

cture

typ

es a

nd

size

s to

im

ple

men

t des

ign r

equirem

ents

1.3

Sel

ect

and a

ssig

n p

roper

ties

to s

cree

n c

om

ponen

ts t

o im

ple

men

t des

ign r

equirem

ents

1.4

Sel

ect

and a

ssoci

ate

even

ts (

incl

udin

g p

aram

eter

pas

sing)

to s

cree

n

com

ponen

ts t

o im

ple

men

t des

ign r

equirem

ents

1.5

Im

ple

men

t ev

ent

han

dlin

g u

sing c

ontr

ol st

ruct

ure

s to

mee

t th

e des

ign

algorith

ms

1.6

Sel

ect

and d

ecla

re f

ile s

truct

ure

s to

mee

t des

ign file

sto

rage

requirem

ents

1.7

Sel

ect

and u

se s

tandar

d input/

outp

ut

com

man

ds

to im

ple

men

t des

ign

requirem

ents

1.8

M

ake

effe

ctiv

e use

of

oper

ators

and p

redef

ined

funct

ions

1

Be

able

to

imple

men

t a

soft

war

e des

ign

usi

ng e

vent-

drive

n

pro

gra

mm

ing

1.9

M

ake

effe

ctiv

e use

of

an inte

gra

ted d

evel

opm

ent

envi

ronm

ent

(ID

E)

incl

udin

g c

ode

and s

cree

n t

empla

tes

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

44

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

2.1

U

se a

n a

gre

ed s

tandar

d f

or

nam

ing,

com

men

ts a

nd c

ode

layo

ut

2.2

D

efin

e use

r fu

nct

ions

to r

epla

ce r

epea

ting c

ode

sequen

ces

2.3

Im

ple

men

t dat

a va

lidat

ion f

or

inputs

2

Be

able

to r

efin

e an

ev

ent-

drive

n

pro

gra

m t

o

impro

ve q

ual

ity

2.4

Id

entify

and im

ple

men

t opport

unitie

s fo

r er

ror

han

dlin

g a

nd r

eport

ing

3.1

M

ake

effe

ctiv

e use

of

the

deb

uggin

g f

acili

ties

ava

ilable

in t

he

IDE

3.2

Pr

epar

e a

test

str

ateg

y

3.3

Sel

ect

suitab

le t

est

dat

a an

d d

eter

min

e ex

pec

ted t

est

resu

lts

3.4

Rec

ord

act

ual

tes

t re

sults

to e

nab

le c

om

par

ison w

ith e

xpec

ted r

esults

3.5

Anal

yse

actu

al t

est

resu

lts

agai

nst

exp

ecte

d r

esults

to iden

tify

dis

crep

anci

es

3

Be

able

to t

est

the

oper

atio

n o

f an

ev

ent-

drive

n

pro

gra

m

3.6

In

vest

igat

e te

st d

iscr

epan

cies

to iden

tify

and r

ectify

thei

r ca

use

s

4.1

Cre

ate

on-s

cree

n h

elp t

o a

ssis

t th

e use

rs o

f a

com

pute

r pro

gra

m

4

Be

able

to

docu

men

t an

ev

ent-

drive

n

pro

gra

m

4.2

Cre

ate

docu

men

tation for

the

support

and m

ainte

nan

ce o

f a

com

pute

r pro

gra

m

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


45

Unit 312: Creating an Object-Oriented Computer Program

Unit reference number: L/601/3184

QCF level: 3

Credit value: 12


Unit aim This unit covers the more advanced concepts of object-oriented computer languages and their use to implement, refine and test computer programs.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

46

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Id

entify

the

obje

cts

and d

ata

and file

str

uct

ure

s re

quired

to

imple

men

t a

giv

en d

esig

n

1.2

Sel

ect,

dec

lare

and initia

lise

variab

le a

nd d

ata

stru

cture

typ

es a

nd

size

s to

im

ple

men

t des

ign r

equirem

ents

1.3

D

efin

e re

lationsh

ips

bet

wee

n o

bje

cts

to im

ple

men

t des

ign

requirem

ents

1.4

Im

ple

men

t m

essa

ge

pas

sing b

etw

een o

bje

cts

to im

ple

men

t des

ign

requirem

ents

1.5

Im

ple

men

t obje

ct b

ehav

iours

usi

ng c

ontr

ol st

ruct

ure

s to

mee

t th

e des

ign a

lgorith

ms

1.6

Sel

ect

and d

ecla

re f

ile s

truct

ure

s to

mee

t des

ign file

sto

rage

requirem

ents

1.7

Sel

ect

and u

se s

tandar

d input/

outp

ut

com

man

ds

to im

ple

men

t des

ign

requirem

ents

1.8

M

ake

effe

ctiv

e use

of

oper

ators

and p

redef

ined

funct

ions

1

Be

able

to

imple

men

t a

soft

war

e des

ign

usi

ng o

bje

ct-

orien

ted

pro

gra

mm

ing

1.9

M

ake

effe

ctiv

e use

of

an inte

gra

ted d

evel

opm

ent

envi

ronm

ent

(ID

E)

incl

udin

g c

ode

and s

cree

n t

empla

tes

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

47

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

2.1

U

se a

n a

gre

ed s

tandar

d f

or

nam

ing,

com

men

ts a

nd c

ode

layo

ut

2.2

M

ake

effe

ctiv

e use

of

enca

psu

lation,

poly

morp

his

m a

nd inher

itan

ce

2.3

Im

ple

men

t dat

a va

lidat

ion f

or

inputs

2

Be

able

to r

efin

e an

obje

ct-o

rien

ted

pro

gra

m t

o

impro

ve q

ual

ity

2.4

Id

entify

and im

ple

men

t opport

unitie

s fo

r er

ror

han

dlin

g a

nd r

eport

ing

3.1

M

ake

effe

ctiv

e use

of

the

deb

uggin

g f

acili

ties

ava

ilable

in t

he

IDE

3.2

Pr

epar

e a

test

str

ateg

y

3.3

Sel

ect

suitab

le t

est

dat

a an

d d

eter

min

e ex

pec

ted t

est

resu

lts

3.4

Rec

ord

act

ual

tes

t re

sults

to e

nab

le c

om

par

ison w

ith e

xpec

ted r

esults

3.5

Anal

yse

actu

al t

est

resu

lts

agai

nst

exp

ecte

d r

esults

to iden

tify

dis

crep

anci

es

3

Be

able

to t

est

the

oper

atio

n o

f an

obje

ct-o

rien

ted

drive

n p

rogra

m

3.6

In

vest

igat

e te

st d

iscr

epan

cies

to iden

tify

and r

ectify

thei

r ca

use

s

4.1

Cre

ate

on-s

cree

n h

elp t

o a

ssis

t th

e use

rs o

f a

com

pute

r pro

gra

m

4

Be

able

to

docu

men

t an

obje

ct-o

rien

ted

drive

n p

rogra

m

4.2

Cre

ate

docu

men

tation for

the

support

and m

ainte

nan

ce o

f a

com

pute

r pro

gra

m

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


48

Unit 313: Creating a Procedural Computer Program


QCF level: 3

Credit value: 12


Unit aim This unit covers the more advanced concepts of procedural computer languages and their use to implement, refine and test computer programs.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

49

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Id

entify

the

pro

gra

m m

odule

s an

d d

ata

and f

ile s

truct

ure

s re

quired

to

imple

men

t a

giv

en d

esig

n

1.2

Sel

ect,

dec

lare

and initia

lise

variab

le a

nd d

ata

stru

cture

typ

es a

nd

size

s to

im

ple

men

t des

ign r

equirem

ents

1.3

Sel

ect

and im

ple

men

t co

ntr

ol st

ruct

ure

s to

mee

t th

e des

ign

algorith

ms

1.4

Sel

ect

and d

ecla

re f

ile s

truct

ure

s to

mee

t des

ign file

sto

rage

requirem

ents

1.5

Sel

ect

and u

se s

tandar

d input/

outp

ut

com

man

ds

to im

ple

men

t des

ign

requirem

ents

1.6

M

ake

effe

ctiv

e use

of

oper

ators

and p

redef

ined

funct

ions

1

Be

able

to

imple

men

t a

soft

war

e des

ign

usi

ng p

roce

dura

l pro

gra

mm

ing

1.7

Corr

ectly

use

par

amet

er p

assi

ng m

echan

ism

s

2.1

U

se a

n a

gre

ed s

tandar

d f

or

nam

ing,

com

men

ts a

nd c

ode

layo

ut

2.2

D

efin

e use

r fu

nct

ions

to r

epla

ce r

epea

ting c

ode

sequen

ces

2.3

Im

ple

men

t dat

a va

lidat

ion f

or

inputs

2

Be

able

to r

efin

e a

pro

cedura

l pro

gra

m t

o

impro

ve q

ual

ity

2.4

Id

entify

and im

ple

men

t opport

unitie

s fo

r er

ror

han

dlin

g a

nd r

eport

ing

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

50

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

3.1

M

ake

effe

ctiv

e use

of

avai

lable

deb

uggin

g t

ools

3.2

Pr

epar

e a

test

str

ateg

y

3.3

Sel

ect

suitab

le t

est

dat

a an

d d

eter

min

e ex

pec

ted t

est

resu

lts

3.4

Rec

ord

act

ual

tes

t re

sults

to e

nab

le c

om

par

ison w

ith e

xpec

ted r

esults

3.5

Anal

yse

actu

al t

est

resu

lts

agai

nst

exp

ecte

d r

esults

to iden

tify

dis

crep

anci

es

3

Be

able

to t

est

the

oper

atio

n o

f a

pro

cedura

l pro

gra

m

3.6

In

vest

igat

e te

st d

iscr

epan

cies

to iden

tify

and r

ectify

thei

r ca

use

s

4.1

Cre

ate

docu

men

tation t

o a

ssis

t th

e use

rs o

f a

com

pute

r pro

gra

m

4

Be

able

to

docu

men

t a

com

pute

r pro

gra

m

4.2

Cre

ate

docu

men

tation for

the

support

and m

ainte

nan

ce o

f a

com

pute

r pro

gra

m

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


51

Unit 314: Investigating and Defining Customer Requirements for ICT Systems


QCF level: 3

Credit value: 12


Unit aim This unit covers the investigation of existing systems and processes and the analysis of information to identify needs and constraints.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

52

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

U

se t

hre

e of

the

follo

win

g inve

stig

ativ

e m

ethods:

●

obse

rvat

ions

●

exam

inat

ion o

f ex

isting d

ocu

men

ts,

reco

rds

or s

oft

war

e

●

ques

tionnai

res

●

site

surv

eys

1.2

Rec

ord

the

resu

lts

of

inve

stig

atio

ns

usi

ng s

tandar

d d

ocu

men

tation

1

Be

able

to

inve

stig

ate

exis

ting

syst

ems

and

pro

cess

es

1.3

Exp

lain

the

import

ance

of

pre

serv

ing t

he

confiden

tial

ity

of cu

stom

er

info

rmat

ion

2.1

D

escr

ibe

the

type

of

def

ect,

incl

udin

g inac

cura

cy,

duplic

atio

n a

nd

om

issi

on,

whic

h c

an a

rise

in info

rmat

ion

2.2

D

escr

ibe

the

types

of

cust

om

er n

eeds

and c

onst

rain

ts t

hat

can

affec

t th

e des

ign o

f an

ICT s

yste

m

2.3

Anal

yse

info

rmat

ion t

o iden

tify

cust

om

er n

eeds

for:

●

dat

a to

be

store

d a

nd p

roce

ssed

●

funct

ional

ity

in t

erm

s of

inputs

, pro

cess

es a

nd o

utp

uts

●

capac

ity

incl

udin

g n

um

ber

s of use

rs,

thro

ughput,

and d

ata

stora

ge

2.4

Anal

yse

info

rmat

ion t

o iden

tify

cust

om

er c

onst

rain

ts

2

Be

able

to a

nal

yse

info

rmat

ion t

o

iden

tify

nee

ds

and

const

rain

ts

2.5

Rec

ord

the

resu

lts

of

anal

yses

usi

ng s

tandar

d d

ocu

men

tation

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

53

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


54

Unit 315: User Profile Administration

Unit reference number: K/500/7379

QCF level: 3

Credit value: 9


Unit aim On completion of this unit learners will be able to administer user profiles.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

55

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

D

escr

ibe

the

org

anis

atio

nal

pol

icy

on u

ser

pro

file

s su

ch a

s:

use

r id

entifier

(e.

g.

use

rnam

e)

●

pas

sword

and r

elat

ed info

rmat

ion (

e.g.

chan

ge

freq

uen

cy)

●

allo

wed

sys

tem

acc

ess

(e.g

. tim

es,

loca

tions)

●

allo

wed

acc

ess

to f

acili

ties

(e.

g.

dat

a, s

oft

war

e)

1.2

D

escr

ibe

how

to

crea

te a

nd e

dit u

ser

and s

tandar

d p

rofile

s

1

Know

how

to

adm

inis

ter

use

r pro

file

s

1.3

D

escr

ibe

how

use

r pro

file

s af

fect

acc

ess

to s

yste

m f

acili

ties

such

as:

●

shar

ed r

esourc

es (

e.g.

dat

a st

ora

ge,

printe

rs)

●

soft

war

e

●

dat

a.

2.1

M

ake

spec

ifie

d c

han

ges

to u

ser

pro

file

s

2.2

Spec

ify

use

r pro

file

s to

mee

t in

div

idual

req

uirem

ents

2.3

Cre

ate

stan

dar

d p

rofile

s fo

r gro

ups

of use

rs

2

Be

able

to

adm

inis

ter

use

r pro

file

2.4

Pro

vide

guid

ance

on u

ser

pro

file

s to

im

med

iate

colle

agues

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

56

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


57

Unit 401: Develop Own Effectiveness and Professionalism

Unit reference number: K/601/3502

QCF level: 4

Credit value: 12


Unit aim In this unit, learners will develop their own personal and professional IT security skills. They will understand professional practice and the legislative environment in an IT security context. Finally, learners will evaluate potential improvements to organisational effectiveness in a security context.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

58

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Id

entify

ow

n d

evel

opm

ent

nee

ds

and t

he

activi

ties

nee

ded

to m

eet

them

1.2

O

bta

in a

nd inte

rpre

t fe

edbac

k fr

om o

ther

s on

per

form

ance

1.3

Set

and a

gre

e per

sonal

goal

s an

d p

artici

pat

e in

dev

elopm

ent

activi

ties

to

mee

t th

em

1.4

M

anag

e ow

n p

erso

nal

/pro

fess

ional

dev

elopm

ent

in o

rder

to a

chie

ve

care

er a

nd p

erso

nal

goal

s

1

Be

able

to d

evel

op

ow

n p

erso

nal

and

pro

fess

ional

ski

lls

1.5

Ref

lect

critica

lly o

n o

wn lea

rnin

g

2.1

Effec

tive

ly p

lan a

nd m

anag

e ow

n a

nd o

ther

s’ t

ime

2.2

Rec

ognis

e an

d r

espec

t div

ersi

ty,

indiv

idual

diffe

rence

s an

d

per

spec

tive

s

2.3

Acc

ept

and p

rovi

de

feed

bac

k in

a c

onst

ruct

ive

and c

onsi

der

ate

man

ner

2.4

U

nder

stan

d t

he

resp

onsi

bili

ties

, in

tere

sts

and c

once

rns

of c

olle

agues

2.5

U

nder

stan

d t

he

role

of th

e in

div

idual

and t

eam

s in

an I

T o

rgan

isat

ion

2

Be

able

to w

ork

as

a m

ember

of

a te

am t

o a

chie

ve

def

ined

goal

s an

d

imple

men

t ag

reed

pla

ns

2.6

Id

entify

and r

esolv

e obst

acle

s to

effec

tive

tea

mw

ork

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

59

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

3.1

In

terp

ret

the

implic

atio

ns,

and a

pplic

abili

ty f

or

IT p

rofe

ssio

nal

s of:

●

Dat

a Pr

ote

ctio

n A

ct

●

Com

pute

r M

isuse

Act

3.2

D

escr

ibe

the

role

of

pro

fess

ional

bodie

s fo

r IT

, an

d t

he

ben

efits

of

mem

ber

ship

to indiv

idual

s an

d o

rgan

isat

ions

3

Under

stan

d w

hat

is

mea

nt

by

pro

fess

ional

pra

ctic

e

3.3

Exp

lain

the

import

ance

of

qual

ity

man

agem

ent

syst

ems

and s

tandar

ds

for

syst

ems

dev

elopm

ent

4.1

D

escr

ibe

the

types

of

conflic

ts o

f in

tere

st w

hic

h c

an a

rise

for

IT

pro

fess

ional

s

4

Under

stan

d t

he

ethic

al a

nd

legis

lative

en

viro

nm

ent

rela

ting t

o I

T

activi

ties

4.2

Eva

luat

e th

e im

pac

t on a

n I

T o

rgan

isat

ion o

f le

gis

lation c

ove

ring:

●

pro

cess

ing o

f finan

cial

tra

nsa

ctio

ns

●

hea

lth a

nd s

afet

y

●

priva

cy,

confiden

tial

ity

and s

ecurity

●

copyr

ight

and inte

llect

ual

pro

per

ty r

ights

5.1

In

terp

ret

the

aim

s an

d o

bje

ctiv

es o

f th

e org

anis

atio

n

5.2

D

escr

ibe

the

org

anis

atio

n’s

bra

nd o

r im

age

and h

ow it

can b

e pro

mote

d

5.3

D

escr

ibe

the

org

anis

atio

n’s

str

uct

ure

, ro

les

and r

esponsi

bili

ties

5

Be

able

to im

pro

ve

org

anis

atio

nal

ef

fect

iven

ess

5.4

Id

entify

and e

valu

ate

pote

ntial

im

pro

vem

ents

to o

rgan

isat

ional

ef

fect

iven

ess

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

60

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


61

Unit 403: Testing the Security of Information Systems


QCF level: 4

Credit value: 15


Unit aim On completion of this unit, learners will be able to plan and carry out security testing in relation to information security.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

62

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

D

evel

op a

conte

xt-d

rive

n t

est

appro

ach t

o s

yste

mat

ical

ly t

est

spec

ifie

d p

arts

of

a sy

stem

in o

rder

to a

sses

s th

eir

info

rmat

ion

secu

rity

sta

tus

1.2

Anal

yse

giv

en info

rmat

ion a

ssura

nce

req

uirem

ents

to p

roduce

in

form

atio

n s

ecurity

tes

t ac

cepta

nce

crite

ria

1.3

D

evel

op t

est

scripts

and p

lans

to e

nsu

re t

hat

all

info

rmat

ion

assu

rance

req

uirem

ents

are

tes

ted

1.4

Pr

ioritise

tes

ting a

ctiv

ity

to t

arget

the

most

sig

nific

ant

thre

ats

and

vuln

erab

ilities

first

1.5

Sel

ect,

and w

her

e nec

essa

ry a

dap

t, m

ethods,

tools

and t

echniq

ues

to

conduct

pen

etra

tion t

esting

1

Be

able

to p

lan

secu

rity

tes

ting

1.6

D

efin

e al

l re

quired

tes

t pre

par

atio

n a

nd c

oncl

usi

on a

ctiv

itie

s

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

63

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

2.1

Ensu

re t

hat

all

required

pre

par

atio

ns

are

imple

men

ted,

in lin

e w

ith

test

pla

ns,

prior

to c

arry

ing o

ut

test

s

2.2

Apply

tes

t m

ethods,

too

ls a

nd t

echniq

ues

follo

win

g o

rgan

isat

ional

pro

cedure

s

2.3

Rec

ord

the

resu

lts

of

test

s usi

ng o

rgan

isat

ional

docu

men

tation

2.4

Ensu

re t

hat

all

required

act

ivitie

s hav

e bee

n c

orre

ctly

im

ple

men

ted

follo

win

g t

he

com

ple

tion o

f te

stin

g in lin

e w

ith t

est

pla

ns

2.5

Critica

lly e

valu

ate

the

resu

lts

of te

stin

g t

o a

ccura

tely

iden

tify

spec

ific

vu

lner

abili

ties

2.6

Prioritise

iden

tified

vuln

erab

ilities

agai

nst

info

rmat

ion a

ssura

nce

re

quirem

ents

2.7

D

eter

min

e an

d just

ify

actions

to m

itig

ate

iden

tified

vuln

erab

ilities

2.8

Rep

ort

the

resu

lts

of te

st a

ctiv

itie

s fo

llow

ing o

rgan

isat

ional

pro

cedure

s

2.9

Com

munic

ate

the

resu

lts

and im

plic

atio

ns

of te

st a

ctiv

itie

s to

rel

evan

t per

sons

usi

ng m

edia

, fo

rmat

and s

truct

ure

s w

hic

h m

eet

the

nee

ds

of

the

inte

nded

audie

nce

2

Be

able

to c

arry

out

secu

rity

tes

ting

2.1

0

Eva

luat

e org

anis

atio

nal

pro

cedure

s fo

r ca

rryi

ng o

ut

secu

rity

tes

ting

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


64

Unit 404: Carrying Out Information Security Risk Assessment


QCF level: 4

Credit value: 12


Unit aim On completion of this unit, learners will be able to prepare and carry out information security risk assessment.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

65

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

In

terp

ret

giv

en r

isk

asse

ssm

ent

brief

s to

iden

tify

the

info

rmat

ion

asse

ts a

nd s

yste

m c

om

ponen

ts t

o b

e as

sess

ed

1.2

Ver

ify

the

scope

of

iden

tified

info

rmat

ion a

sset

s an

d s

yste

m

com

ponen

ts w

ith r

elev

ant

per

sons

1

Be

able

to p

repar

e fo

r in

form

atio

n

secu

rity

ris

k as

sess

men

ts

1.3

Eva

luat

e so

urc

es o

f in

form

atio

n r

elat

ing t

o p

ote

ntial

ris

ks t

hat

may

im

pac

t on t

he

secu

rity

of

iden

tified

info

rmat

ion a

sset

s an

d s

yste

m

com

ponen

ts

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

66

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

2.1

U

se a

ran

ge

of

inve

stig

ativ

e m

ethods

to g

ather

info

rmat

ion r

elat

ing t

o

pote

ntial

ris

ks t

hat

may

im

pac

t on t

he

secu

rity

of

iden

tified

in

form

atio

n a

sset

s an

d s

yste

m c

om

ponen

ts

2.2

Rec

ord

all g

ather

ed in

form

atio

n in

line

with o

rgan

isat

ional

req

uirem

ents

2.3

Anal

yse

gat

her

ed info

rmat

ion t

o iden

tify

ris

ks t

o t

he

secu

rity

of

iden

tified

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts

2.4

Ass

ess

iden

tified

ris

ks t

o d

eter

min

e th

eir

pro

bab

ility

of

occ

urr

ence

and

pote

ntial

im

pac

t

2.5

Eva

luat

e risk

s ag

ainst

org

anis

atio

nal

ris

k to

lera

nce

lev

els

2.6

Rep

ort

any

risk

s w

hic

h e

xcee

d o

rgan

isat

ional

ris

k to

lera

nce

lev

els

to

the

rele

vant

per

sons

follo

win

g o

rgan

isat

ional

pro

cedure

s an

d t

imel

ines

2.7

Fo

rmula

te a

ctio

ns

to m

itig

ate

risk

s

2.8

Rep

ort

the

resu

lts

of

risk

ass

essm

ent

in lin

e w

ith o

rgan

isat

ional

pro

cedure

s

2.9

Com

munic

ate

the

resu

lts

and im

plic

atio

ns

of

risk

ass

essm

ents

to

rele

vant

per

sons

usi

ng m

edia

, fo

rmat

and s

truct

ure

s w

hic

h m

eet

the

nee

ds

of th

e in

tended

audie

nce

2

Be

able

to c

arry

ou

t in

form

atio

n

secu

rity

ris

k as

sess

men

ts

2.1

0

Eva

luat

e org

anis

atio

nal

pro

cedure

s fo

r risk

ass

essm

ent

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


67

Unit 405: Investigating Information Security Incidents

Unit reference number: D/505/5798

QCF level: 4

Credit value: 12


Unit aim On completion of this unit, learners will be able to prepare for information security incident investigations and manage information security incidents.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

68

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

In

terp

ret

giv

en inci

den

t in

vest

igat

ion b

rief

s to

iden

tify

the

scope

of

the

inci

den

ts t

o b

e m

anag

ed

1.2

Ver

ify

the

scope

of

iden

tified

inci

den

ts w

ith r

elev

ant

per

sons

1

Be

able

to p

repar

e fo

r in

form

atio

n

secu

rity

inci

den

t in

vest

igat

ions

1.3

Eva

luat

e so

urc

es o

f ev

iden

ce r

elat

ing t

o id

entified

inci

den

ts

2.1

O

bta

in e

viden

ce r

elat

ing t

o iden

tified

inci

den

ts,

follo

win

g

org

anis

atio

nal

pro

cedure

s

2.2

Critica

lly r

evie

w e

viden

ce t

o d

eter

min

e ap

pro

priat

e in

vest

igat

ive

actions

2.3

M

ake

just

ifie

d r

ecom

men

dat

ions

for

inve

stig

ativ

e ac

tions

to r

elev

ant

per

sons

usi

ng m

edia

, fo

rmat

and s

truct

ure

s th

at m

eet

the

nee

ds

of

the

inte

nded

audie

nce

2.4

Rep

ort

on inci

den

t in

vest

igat

ion f

ollo

win

g o

rgan

isat

ional

pro

cedure

s

2

Be

able

to m

anag

e in

form

atio

n

secu

rity

inci

den

ts

2.5

Critica

lly e

valu

ate

org

anis

atio

nal

pro

cedure

s fo

r in

ciden

t in

vest

igat

ion

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


69

Unit 407: Carrying Out Information Security Forensic Examinations

Unit reference number: M/505/5806

QCF level: 4

Credit value: 9


Unit aim On completion of this unit, learners will be able to carry out forensic examinations in information security.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

70

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Car

ry o

ut

fore

nsi

c ex

amin

atio

ns

follo

win

g o

rgan

isat

ional

pro

cedure

s

1.2

Anal

yse

syst

em info

rmat

ion f

or

evid

ence

of

actu

al o

r at

tem

pte

d

bre

aches

of se

curity

polic

y or

legis

lation

1.3

Rep

ort

any

iden

tified

act

ual

or

atte

mpte

d b

reac

hes

of se

curity

to t

he

rele

vant

per

sons

follo

win

g o

rgan

isat

ional

pro

cedure

s an

d t

imel

ines

1.4

U

se s

ecurity

tools

to a

nal

yse

the

inte

grity

of so

ftw

are

1.5

Tak

e ac

tions

to s

ecure

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts

subje

ct t

o ac

tual

or

atte

mpte

d b

reac

hes

of se

curity

in lin

e w

ith

org

anis

atio

nal

tim

elin

es

1.6

W

ith t

he

auth

orisa

tion o

f re

leva

nt

per

sons,

sei

ze e

viden

ce in

acco

rdan

ce w

ith leg

isla

tion a

nd f

ollo

win

g o

rgan

isat

ional

pro

cedure

s

1

Be

able

to c

arry

ou

t in

form

atio

n

secu

rity

fore

nsi

c ex

amin

atio

ns

1.7

Sei

ze e

viden

ce,

min

imis

ing d

isru

ption t

o t

he

org

anis

atio

n a

nd

mai

nta

inin

g e

viden

tial

inte

grity

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


71

Unit 408: Carrying Out Information Security Audits


QCF level: 4

Credit value: 12


Unit aim On completion of this unit, learners will be able to prepare for and carry out audit activities for information security.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

72Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

In

terp

ret

giv

en info

rmat

ion s

ecurity

audit b

rief

s to

iden

tify

the

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts t

o b

e au

dited

1.2

Id

entify

sou

rces

of

info

rmat

ion r

elat

ing t

o t

he

info

rmat

ion a

sset

s an

d

syst

em c

om

ponen

ts in s

cope

1.3

D

evel

op a

udit p

lans,

fol

low

ing o

rgan

isat

ional

pro

cedure

s, w

hic

h w

ill

ensu

re a

thoro

ugh a

sses

smen

t of se

curity

com

plia

nce

acr

oss

the

whole

sco

pe

of

the

audit

1

Be

able

to p

repar

e fo

r in

form

atio

n

secu

rity

audit

activi

ties

1.4

Ver

ify

audit s

cope

and p

lans

with r

elev

ant

per

sons

2.1

Car

ry o

ut

info

rmat

ion s

ecurity

audits

follo

win

g o

rgan

isat

ional

pro

cedure

s

2.2

Critica

lly r

evie

w info

rmat

ion a

nd d

ata

rela

ting t

o info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts t

o a

sses

s se

curity

com

plia

nce

2.3

Rep

ort

any

secu

rity

non

-com

plia

nce

to t

he

rele

vant

per

sons

in lin

e w

ith o

rgan

isat

ional

pro

cedure

s an

d t

imel

ines

2.4

Rep

ort

on a

udit a

ctiv

itie

s fo

llow

ing o

rgan

isat

ional

pro

cedure

s

2

Be

able

to c

arry

ou

t in

form

atio

n

secu

rity

audit

activi

ties

2.5

M

ake

just

ifie

d r

ecom

men

dat

ions

for

actions

to b

e ta

ken t

o im

pro

ve

secu

rity

com

plia

nce

to

rele

vant

per

sons

usi

ng m

edia

, fo

rmat

and

stru

cture

s w

hic

h m

eet

the

nee

ds

of t

he

inte

nded

audie

nce

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

73

Lear

ner

nam

e:________________________________________________

D

ate:

______________________________

Lear

ner

sig

nat

ure

:_____________________________________________

D

ate:

______________________________

Ass

esso

r si

gnat

ure

:____________________________________________

D

ate:

______________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:______________________________


74

Unit 409: IT and Telecoms System Operation


QCF level: 4

Credit value: 15


Unit aim This unit enables learners to operate IT and telecoms systems. Learners will initially develop understanding of the technical architecture of either IT or telecoms systems and how to specify system operation parameters, and will then have the opportunity to control the operation and maintenance of systems.

Unit assessment requirements/evidence requirements This unit must be assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

75

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Exp

lain

the

tech

nic

al a

rchitec

ture

of

a sy

stem

and d

escr

ibe

alte

rnat

ive

appro

aches

1.2

Exp

lain

the

contr

ibution t

o o

vera

ll sy

stem

funct

ional

ity

of

the

mai

n

phys

ical

and logic

al c

om

ponen

ts o

f th

e sy

stem

1.3

Exp

lain

how

sys

tem

com

ponen

ts c

an b

e phys

ical

ly a

nd logic

ally

in

terc

onnec

ted

1.4

D

escr

ibe

the

exte

rnal

connec

tions

of

the

syst

em a

nd h

ow

they

are

use

d

1

Under

stan

d t

he

tech

nic

al

arch

itec

ture

of

IT

or

tele

com

sys

tem

s

1.5

Exp

lain

the

faci

litie

s av

aila

ble

for

contr

olli

ng a

nd m

onitoring t

he

oper

atio

n o

f th

e sy

stem

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

76

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

2.1

Exp

lain

how

the

expec

ted f

unct

ional

ity

and c

apac

ity

of th

e sy

stem

has

bee

n s

pec

ifie

d

2.2

Exp

lain

how

qual

itat

ive

and q

uan

tita

tive

mea

sure

s of

syst

em

oper

atio

n h

ave

bee

n d

eriv

ed f

rom

funct

ional

ity

and c

apac

ity

spec

ific

atio

ns

2.3

Exp

lain

how

the

syst

em c

an b

e co

ntr

olle

d t

o o

ptim

ise

per

form

ance

2.4

Exp

lain

how

monitoring c

an b

e use

d t

o m

easu

re t

he

qual

itat

ive

and

quan

tita

tive

oper

atio

n o

f th

e sy

stem

2

Under

stan

d h

ow

to

spec

ify

syst

em

oper

atio

n

par

amet

ers

2.5

D

escr

ibe

the

routine

mai

nte

nan

ce o

r re

ple

nis

hm

ent

required

to

mai

nta

in n

orm

al s

yste

m o

per

atio

n

3.1

Sel

ect

the

contr

ol fa

cilit

ies

to b

e use

d a

nd d

ocu

men

t how

they

are

to

be

use

d t

o o

ptim

ise

syst

em o

per

atio

n

3.2

Sel

ect

the

monitoring f

acili

ties

to b

e use

d a

nd d

ocu

men

t how

they

are

to

be

use

d t

o iden

tify

act

ual

and p

ote

ntial

dev

iations

from

norm

al

syst

em o

per

atio

n

3.3

D

efin

e an

d im

ple

men

t pro

cedure

s to

chec

k th

e va

lidity

of

report

ed

dev

iations

from

norm

al s

yste

m o

per

atio

n

3.4

D

efin

e an

d im

ple

men

t pro

cedure

s to

inve

stig

ate

iden

tified

and

report

ed d

evia

tions

to iden

tify

req

uired

corr

ective

act

ions

3

Be

able

to c

ontr

ol

the

oper

atio

n o

f sy

stem

s

3.5

D

efin

e th

e sy

stem

per

form

ance

info

rmat

ion t

o b

e re

cord

ed

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

77

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

4.1

D

efin

e an

d im

ple

men

t pro

cedure

s to

sch

edule

mai

nte

nan

ce a

nd

reple

nis

hm

ent

activi

ties

to m

inim

ise

dis

ruption t

o sy

stem

oper

atio

n

4.2

D

efin

e an

d im

ple

men

t pro

cedure

s to

ensu

re t

hat

mai

nte

nan

ce

activi

ties

are

car

ried

out

safe

ly a

nd in a

ccord

ance

with r

elev

ant

regula

tions

4.3

D

efin

e an

d im

ple

men

t pro

cedure

s to

ensu

re t

hat

sys

tem

use

rs a

re

pro

mptly

info

rmed

of

chan

ges

to s

yste

m a

vaila

bili

ty o

r per

form

ance

during m

ainte

nan

ce a

ctiv

itie

s

4

Be

able

to c

ontr

ol

syst

em

mai

nte

nan

ce

4.4

D

efin

e th

e m

ainte

nan

ce a

nd r

eple

nis

hm

ent

info

rmat

ion t

o b

e re

cord

ed

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


78

Unit 410: IT and Telecoms System Management

Unit reference number: M/504/5504

QCF level: 4

Credit value: 15


Unit aim This unit enables learners to manage IT and telecoms systems, including configuring systems to meet organisational objectives and customer needs, risk evaluation and contributing to the development of an organisation’s system management strategy.

Unit assessment requirements/evidence requirements This unit must be assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information.

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

79

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Exp

lain

how

to a

lign s

yste

m f

unct

ional

ity

with o

rgan

isat

ional

obje

ctiv

es a

nd c

ust

om

er n

eeds

1.2

Exp

lain

the

types

of co

nfigura

tion

and a

sset

info

rmat

ion a

ssoci

ated

w

ith s

yste

ms

1

Under

stan

d h

ow

to

man

age

syst

ems

1.3

Exp

lain

the

types

and a

pplic

atio

ns

of

syst

em m

anag

emen

t an

d

monitoring t

ools

2.1

Eva

luat

e th

e fu

nct

ional

ity

of

syst

ems

agai

nst

org

anis

atio

nal

obje

ctiv

es

and c

ust

om

er n

eeds

to iden

tify

poss

ible

im

pro

vem

ents

2.2

Eva

luat

e cu

rren

t sy

stem

configura

tion a

nd a

sset

info

rmat

ion t

o

iden

tify

poss

ible

enhan

cem

ents

to

per

form

ance

and c

apac

ity

2.3

Ass

ess

curr

ent

syst

em m

anag

emen

t an

d m

onitoring t

ools

, an

d t

hei

r use

, su

gges

ting p

oss

ible

im

pro

vem

ents

2.4

Rev

iew

, an

d w

her

e nec

essa

ry u

pdat

e, w

ork

ing p

roce

dure

s fo

r sy

stem

m

anag

emen

t

2

Be

able

to r

evie

w

the

funct

ional

ity

and m

anag

emen

t of

syst

ems

2.5

Eva

luat

e th

e im

pac

t of re

gula

tory

req

uirem

ents

on s

yste

m

man

agem

ent

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

80

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

3.1

Sel

ect

and im

ple

men

t co

nfigura

tion o

ptions

to o

ptim

ise

syst

em

per

form

ance

and c

apac

ity

3.2

Ensu

re t

hat

chan

ges

mad

e to

sys

tem

configura

tions

are

effe

ctiv

e

3.3

Rec

ognis

e an

d r

esolv

e an

y sy

stem

pro

ble

ms

aris

ing f

rom

co

nfigura

tion c

han

ges

3.4

Audit r

ecord

s of sy

stem

configura

tion a

nd a

sset

info

rmat

ion f

or

com

ple

tenes

s an

d a

ccura

cy

3.5

Eva

luat

e pote

ntial

ris

ks,

incl

udin

g s

ecurity

thre

ats,

to s

yste

ms

3

Be

able

to m

anag

e sy

stem

s

3.6

Contr

ibute

to t

he

dev

elopm

ent

of

the

org

anis

atio

n's

sys

tem

m

anag

emen

t st

rate

gy

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


81

Unit 411: Designing and Developing Event-Driven Computer Program

Unit reference number: J/601/3300

QCF level: 4

Credit value: 15


Unit aim The aim of this unit is to provide the learner with the skills and competencies to carry out the development of an event-driven computer program from design to testing in a professional capacity, and to understand a range of issues concerned with software development activities.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

82

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Id

entify

and s

truct

ure

the

com

ponen

ts a

nd d

ata

required

to a

ddre

ss

pro

ble

ms

1.2

Sel

ect

and u

se p

redef

ined

com

pon

ents

, sp

ecia

lisin

g a

s re

quired

1.3

Id

entify

the

set

of ev

ents

that

invo

ke b

ehav

iour

of

com

ponen

ts a

nd

oth

er p

rogra

m e

lem

ents

1.4

Spec

ify

the

beh

avio

ur

of

com

ponen

ts a

nd o

ther

pro

gra

m e

lem

ents

to

allo

w e

ffic

ient

imple

men

tation,

sele

ctin

g a

ppro

priat

e dat

a ty

pes

, dat

a an

d f

ile s

truct

ure

s an

d a

lgorith

ms

1

Be

able

to d

esig

n

even

t-drive

n

pro

gra

ms

to

addre

ss loose

ly

def

ined

pro

ble

ms

1.5

Rec

ord

the

des

ign u

sing w

ell-

esta

blis

hed

nota

tions

2.1

M

ake

effe

ctiv

e use

of

bas

ic p

rogra

mm

ing lan

guag

e fe

ature

s an

d

pro

gra

mm

ing c

once

pts

to im

ple

men

t a

pro

gra

m t

hat

sat

isfies

the

des

ign s

pec

ific

atio

n

2.2

M

ake

effe

ctiv

e use

of

the

feat

ure

s of

the

pro

gra

mm

ing e

nvi

ronm

ent

2.3

M

ake

effe

ctiv

e use

of use

r in

terf

ace

com

ponen

ts in t

he

imple

men

tation o

f th

e pro

gra

m

2

Be

able

to p

roduce

a

work

ing e

vent-

drive

n p

rogra

m

whic

h m

eets

the

des

ign s

pec

ific

atio

n

2.4

M

ake

effe

ctiv

e use

of

a ra

nge

of

deb

uggin

g t

ools

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

83

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

3.1

Apply

sta

ndar

d n

amin

g,

layo

ut

and c

om

men

t co

nve

ntions

3

Be

able

to d

evel

op

even

t-drive

n

pro

gra

ms

that

re

flec

t es

tablis

hed

pro

gra

mm

ing a

nd

soft

war

e en

gin

eering

pra

ctic

e

3.2

Apply

appro

priat

e dat

a va

lidat

ion a

nd e

rror

han

dlin

g t

echniq

ues

4.1

D

evel

op a

nd a

pply

a t

est

stra

tegy

consi

sten

t w

ith t

he

des

ign

iden

tify

ing a

ppro

priat

e te

st d

ata

4.2

Apply

reg

ress

ion t

esting c

onsi

sten

t w

ith t

he

test

str

ateg

y

4

Be

able

to d

evel

op

test

str

ateg

ies

and

apply

thes

e to

ev

ent-

drive

n

pro

gra

ms

4.3

U

se a

ppro

priat

e to

ols

to e

stim

ate

the

per

form

ance

of

the

pro

gra

m

5.1

Rec

ord

the

final

sta

te o

f th

e pro

gra

m in a

form

suitab

le f

or

subse

quen

t m

ainte

nan

ce

5

Be

able

to d

evel

op

des

ign

docu

men

tation f

or

use

in p

rogra

m

mai

nte

nan

ce a

nd

end-u

ser

docu

men

tation

5.2

Pr

ovi

de

end-u

ser

docu

men

tation t

hat

mee

ts t

he

use

r's

nee

ds

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


84

Unit 412: Designing and Developing Object-Oriented Computer Program


QCF level: 4

Credit value: 15


Unit aim The aim of this unit is to provide the learner with the skills and competencies to carry out the development of an object-oriented computer program from design to testing in a professional capacity and to understand a range of issues concerned with software development activities.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

85

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Id

entify

a s

et o

f cl

asse

s an

d t

hei

r in

terr

elat

ionsh

ips

to a

ddre

ss t

he

pro

ble

m

1.2

M

ake

effe

ctiv

e use

of

enca

psu

lation,

inher

itan

ce a

nd p

oly

morp

his

m

1.3

Sel

ect

and r

euse

pre

-exi

stin

g o

bje

cts

and t

empla

tes

spec

ialis

ing a

s re

quired

1.4

Str

uct

ure

the

des

ign s

o t

hat

obje

cts

com

munic

ate

effici

ently

1.5

Spec

ify

the

pro

per

ties

and b

ehav

iour

of cl

asse

s to

allo

w e

ffic

ient

imple

men

tation,

sele

ctin

g a

ppro

priat

e dat

a ty

pes

, dat

a an

d f

ile

stru

cture

s an

d a

lgorith

ms

1

Be

able

to d

esig

n

obje

ct-o

rien

ted

pro

gra

ms

to

addre

ss loose

ly

def

ined

pro

ble

ms

1.6

Rec

ord

the

des

ign u

sing w

ell-

esta

blis

hed

nota

tions

2.1

M

ake

effe

ctiv

e use

of

bas

ic p

rogra

mm

ing lan

guag

e fe

ature

s an

d

pro

gra

mm

ing c

once

pts

to im

ple

men

t a

pro

gra

m t

hat

sat

isfies

the

des

ign s

pec

ific

atio

n

2.2

M

ake

effe

ctiv

e use

of

the

feat

ure

s of

the

pro

gra

mm

ing e

nvi

ronm

ent

2.3

M

ake

effe

ctiv

e use

of use

r in

terf

ace

com

ponen

ts in t

he

imple

men

tation o

f th

e pro

gra

m

2

Be

able

to p

roduce

a

work

ing o

bje

ct-

orien

ted p

rogra

m

whic

h m

eets

the

des

ign s

pec

ific

atio

n

2.4

M

ake

effe

ctiv

e use

of

a ra

nge

of

deb

uggin

g t

ools

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

86

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

3.1

Apply

sta

ndar

d n

amin

g,

layo

ut

and c

om

men

t co

nve

ntions

3

Be

able

to d

evel

op

obje

ct-o

rien

ted

pro

gra

ms

that

re

flec

t es

tablis

hed

pro

gra

mm

ing a

nd

soft

war

e en

gin

eering

pra

ctic

e

3.2

Apply

appro

priat

e dat

a va

lidat

ion a

nd e

rror

han

dlin

g t

echniq

ues

4.1

D

evel

op a

nd a

pply

a t

est

stra

tegy

consi

sten

t w

ith t

he

des

ign

iden

tify

ing a

ppro

priat

e te

st d

ata

4.2

Apply

reg

ress

ion t

esting c

onsi

sten

t w

ith t

he

test

str

ateg

y

4

Be

able

to d

evel

op

test

str

ateg

ies

and

apply

thes

e to

obje

ct-o

rien

ted

pro

gra

ms

4.3

U

se a

ppro

priat

e to

ols

to e

stim

ate

the

per

form

ance

of

the

pro

gra

m

5.1

Rec

ord

the

final

sta

te o

f th

e pro

gra

m in a

form

suitab

le f

or

subse

quen

t m

ainte

nan

ce

5

Be

able

to d

evel

op

des

ign

docu

men

tation f

or

use

in p

rogra

m

mai

nte

nan

ce a

nd

end-u

ser

docu

men

tation

5.2

Pr

ovi

de

end-u

ser

docu

men

tation t

hat

mee

ts t

he

use

r’s

nee

ds

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


87

Unit 413: Designing and Developing Procedural Computer Program


QCF level: 4

Credit value: 15


Unit aim The aim of this unit is to provide the learner with the skills and competencies to carry out the development of a procedural computer program from design to testing in a professional capacity, and to understand a range of issues concerned with software development activities.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

88

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Id

entify

and s

truct

ure

pro

cedure

s an

d funct

ions

to a

ddre

ss p

roble

ms

1.2

Sel

ect

and u

se lib

rary

funct

ions

and p

roce

dure

s

1.3

Str

uct

ure

the

des

ign w

ith r

egar

d t

o co

uplin

g a

nd c

ohes

ion

1.4

Spec

ify

the

beh

avio

ur

of

funct

ions

and p

roce

dure

s to

allo

w e

ffic

ient

imple

men

tation,

sele

ctin

g a

ppro

priat

e dat

a ty

pes

, dat

a an

d f

ile

stru

cture

s an

d a

lgorith

ms

1

Be

able

to d

esig

n

pro

cedura

l pro

gra

ms

to

addre

ss loose

ly

def

ined

pro

ble

ms

1.5

Rec

ord

the

des

ign u

sing w

ell-

esta

blis

hed

nota

tions

2.1

M

ake

effe

ctiv

e use

of

bas

ic p

rogra

mm

ing lan

guag

e fe

ature

s an

d

pro

gra

mm

ing c

once

pts

to im

ple

men

t a

pro

gra

m t

hat

sat

isfies

the

des

ign s

pec

ific

atio

n

2.2

M

ake

effe

ctiv

e use

of

the

feat

ure

s of

the

pro

gra

mm

ing e

nvi

ronm

ent

2.3

M

ake

effe

ctiv

e use

of use

r in

terf

ace

com

ponen

ts in t

he

imple

men

tation o

f th

e pro

gra

m

2

Be

able

to p

roduce

a

work

ing

pro

cedura

l pro

gra

m w

hic

h

mee

ts t

he

des

ign

spec

ific

atio

n

2.4

M

ake

effe

ctiv

e use

of

a ra

nge

of

deb

uggin

g t

ools

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

89

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

3.1

Apply

sta

ndar

d n

amin

g,

layo

ut

and c

om

men

t co

nve

ntions

3

Be

able

to d

evel

op

pro

cedura

l pro

gra

ms

that

re

flec

t es

tablis

hed

pro

gra

mm

ing a

nd

soft

war

e en

gin

eering

pra

ctic

e

3.2

Apply

appro

priat

e dat

a va

lidat

ion a

nd e

rror

han

dlin

g t

echniq

ues

4.1

D

evel

op a

nd a

pply

a t

est

stra

tegy

consi

sten

t w

ith t

he

des

ign

iden

tify

ing a

ppro

priat

e te

st d

ata

4.2

Apply

reg

ress

ion t

esting c

onsi

sten

t w

ith t

he

test

str

ateg

y

4

Be

able

to d

evel

op

test

str

ateg

ies

and

apply

thes

e to

pro

cedura

l pro

gra

ms

4.3

U

se a

ppro

priat

e to

ols

to e

stim

ate

the

per

form

ance

of

the

pro

gra

m

5.1

Rec

ord

the

final

sta

te o

f th

e pro

gra

m in a

form

suitab

le f

or

subse

quen

t m

ainte

nan

ce

5

Be

able

to d

evel

op

des

ign

docu

men

tation f

or

use

in p

rogra

m

mai

nte

nan

ce a

nd

end-u

ser

docu

men

tation

5.2

Pr

ovi

de

end-u

ser

docu

men

tation t

hat

mee

ts t

he

use

r’s

nee

ds

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


90

Unit 414: Investigating and Defining Customer Requirements for ICT Systems


QCF level: 4

Credit value: 15


Unit aim This unit provides the skills, knowledge and understanding requirements to take a leading role in the investigation and definition of customer requirements for ICT systems and services.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

91

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

Sel

ect

and u

se t

he

inve

stig

ativ

e m

ethods

whic

h w

ill e

licit r

elev

ant

info

rmat

ion a

bout

exis

ting a

nd p

ropose

d s

yste

ms

and p

roce

sses

1.2

Cre

ate

the

docu

men

tation r

equired

to r

ecord

the

resu

lts

of

inve

stig

atio

ns

1.3

Ensu

re t

hat

inve

stig

ativ

e m

ethods

are

applie

d c

orr

ectly

and a

ll re

leva

nt

info

rmat

ion is

reco

rded

usi

ng s

tandar

d d

ocu

men

tation

1.4

Ensu

re t

hat

the

confiden

tial

ity

of

cust

om

er info

rmat

ion is

pre

serv

ed

1

Be

able

to c

ontr

ol

the

inve

stig

atio

n o

f ex

isting a

nd

pro

pose

d s

yste

ms

and p

roce

sses

1.5

Pro

vide

advi

ce a

nd g

uid

ance

to c

olle

agues

on inve

stig

atio

n a

nd

anal

ysis

of

info

rmat

ion

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

92

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

2.1

Exp

lain

the

types

of

def

ect,

and t

hei

r ca

use

s w

hic

h c

an a

rise

in

info

rmat

ion

2.2

D

escr

ibe

met

hods

of

min

imis

ing d

efec

ts in info

rmat

ion

2.3

Exp

lain

how

cust

om

er n

eeds

and c

onst

rain

ts c

an a

ffec

t th

e des

ign o

f an

ICT s

yste

m

2.4

Anal

yse

info

rmat

ion t

o iden

tify

cust

om

er n

eeds

and p

riorities

for:

●

dat

a to

be

store

d a

nd p

roce

ssed

●

funct

ional

ity

in t

erm

s of

inputs

, pro

cess

es a

nd o

utp

uts

●

capac

ity

incl

udin

g n

um

ber

s of use

rs,

thro

ughput,

and d

ata

stora

ge

2.5

Anal

yse

info

rmat

ion t

o iden

tify

cust

om

er c

onst

rain

ts

2

Be

able

to a

nal

yse

info

rmat

ion t

o

iden

tify

nee

ds

and

const

rain

ts

2.6

Ver

ify

that

iden

tified

nee

ds,

prior

itie

s an

d c

onst

rain

ts m

eet

cust

om

er

requirem

ents

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


93

Unit 415: Carrying out Information Security Risk Management

Unit reference number: L/505/5814

QCF level: 4

Credit value: 12


Unit aim On completion of this unit, learners will be able to manage and develop risk contingency plans and use these to manage information security risks.


Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

94

Learn

ing

ou

tco

mes

an

d a

ssess

men

t cr

iteri

a

To p

ass

this

unit,

the

lear

ner

nee

ds

to d

emon

stra

te t

hat

they

can

mee

t al

l th

e le

arnin

g o

utc

omes

for

the

unit.

The

asse

ssm

ent

criter

ia

det

erm

ine

the

stan

dar

d r

equired

to a

chie

ve t

he

unit.

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

1.1

In

terp

ret

giv

en r

isk

man

agem

ent

brief

s to

iden

tify

the

info

rmat

ion

asse

ts a

nd s

yste

m c

om

ponen

ts t

o b

e co

vere

d b

y th

e risk

contingen

cy

pla

n

1.2

Ver

ify

the

scope

of

iden

tified

info

rmat

ion a

sset

s an

d s

yste

m

com

ponen

ts w

ith r

elev

ant

per

sons

1.3

D

evel

op r

isk

contingen

cy p

lans

on a

giv

en a

nal

ysis

of

the

pro

bab

ility

an

d im

pac

t of

all id

entified

ris

ks

1.4

Ju

stify

the

range

of

resp

onse

act

ions

that

may

be

use

d t

o m

itig

ate

risk

s

1.5

Eva

luat

e risk

contingen

cy p

lans

agai

nst

ext

ernal

sta

ndar

ds

and

legis

lation

1

Be

able

to d

evel

op

info

rmat

ion

secu

rity

ris

k co

ntingen

cy p

lans

1.6

Rec

ord

info

rmat

ion s

ecurity

ris

k co

ntingen

cy p

lans

in lin

e w

ith

org

anis

atio

nal

req

uirem

ents

Pear

son B

TEC L

evel

4 D

iplo

ma

in I

nfo

rmat

ion S

ecuri

ty P

rofe

ssio

nal

Com

pet

ence

(Q

CF)

Spec

ific

atio

n –

Iss

ue

1 –

July

2014 ©

Pea

rson E

duca

tion

Lim

ited

2014

95

Learn

ing

ou

tco

mes

Ass

ess

men

t cr

iteri

a

Evid

en

ce

typ

e

Po

rtfo

lio

re

fere

nce

D

ate

2.1

M

anag

e def

ined

res

ponse

act

ions

to r

isks

whic

h im

pac

t th

e in

tegrity

of

info

rmat

ion a

sset

s an

d s

yste

m c

om

ponen

ts f

ollo

win

g o

rgan

isat

ional

pro

cedure

s an

d t

imel

ines

2.2

Rep

ort

any

risk

s ar

isin

g f

or

whic

h n

o r

esponse

act

ions

hav

e bee

n

def

ined

to t

he

rele

vant

per

sons

follo

win

g o

rgan

isat

ional

pro

cedure

s an

d t

imel

ines

2.3

Rep

ort

on info

rmat

ion s

ecurity

ris

k m

anag

emen

t ac

tivi

ties

follo

win

g

org

anis

atio

nal

pro

cedure

s

2.4

Com

munic

ate

the

resu

lts

and im

plic

atio

ns

of

risk

man

agem

ent

activi

ties

to r

elev

ant

per

sons

usi

ng m

edia

, fo

rmat

and s

truct

ure

s w

hic

h m

eet

the

nee

ds

of t

he

inte

nded

audie

nce

2

Be

able

to m

anag

e in

form

atio

n

secu

rity

ris

ks

2.5

Eva

luat

e org

anis

atio

nal

pro

cedure

s fo

r risk

man

agem

ent

Lear

ner

nam

e:_______________________________________________

D

ate:

_____________________________

Lear

ner

sig

nat

ure

:____________________________________________

D

ate:

_____________________________

Ass

esso

r si

gnat

ure

:___________________________________________

D

ate:

_____________________________

Inte

rnal

ver

ifie

r si

gnat

ure

:______________________________________

(i

f sa

mple

d)

Dat

e:_____________________________


96

12 Further information and useful publications

To get in touch with us visit our ‘Contact us’ pages:

● Edexcel: www.edexcel.com/contactus

● BTEC: www.edexcel.com/btec/Pages/Contactus

● Pearson Work Based Learning and Colleges: www.edexcel.com/about.wbl/Pages/Contact-us

● books, software and online resources for UK schools and colleges: www.pearsonschoolsandfecolleges.co.uk

Key publications:

● Adjustments for candidates with disabilities and learning difficulties – Access and Arrangements and Reasonable Adjustments, General and Vocational qualifications (Joint Council for Qualifications (JCQ))

● Equality Policy (Pearson)

● Recognition of Prior Learning Policy and Process (Pearson)

● UK Information Manual (Pearson)

● UK Quality Vocational Assurance Handbook (Pearson).

All of these publications are available on our website.

Publications on the quality assurance of BTEC qualifications are available on our website at www.edexcel.com/btec/delivering-BTEC/quality/Pages

Our publications catalogue lists all the material available to support our qualifications. To access the catalogue and order publications, please go to www.edexcel.com/resources/publications/Pages

Additional resources

If you need further learning and teaching materials to support planning and delivery for your learners, there is a wide range of BTEC resources available.

Any publisher can seek endorsement for their resources, and, if they are successful, we will list their BTEC resources on our website at: www.edexcel.com/resources/publications/Pages

http://www.edexcel.com/contactus�

http://www.edexcel.com/btec/Pages/contactus�

http://www.pearsonschoolsandfecolleges.co.uk/contactus�

http://www.edexcel.com/btec/delivering-BTEC/quality/Pages�

http://www.edexcel.com/resources/publications/Pages�

http://www.edexcel.com/resources�


97

13 Professional development and training

Pearson supports UK and international customers with training related to BTEC qualifications. This support is available through a choice of training options offered on our website: www.edexcel.com/resources/Training.

The support we offer focuses on a range of issues, such as:

● planning for the delivery of a new programme

● planning for assessment and grading

● developing effective assignments

● building your team and teamwork skills

● developing learner-centred learning and teaching approaches

● building in effective and efficient quality assurance systems.

The national programme of training we offer is on our website at: www.edexcel.com/resources/Training. You can request centre-based training through the website or you can contact one of our advisers in the Training from Pearson UK team via Customer Services to discuss your training needs.

BTEC training and support for the lifetime of the qualifications

Training and networks: our training programme ranges from free introductory events through sector-specific opportunities to detailed training on all aspects of delivery, assignments and assessment. We also host some regional network events to allow you to share your experiences, ideas and best practice with other BTEC colleagues in your region.

Regional support: our team of Curriculum Development Managers and Curriculum Support Consultants, based around the country, are responsible for providing advice and support in centres. They can help you with planning and curriculum developments.

To get in touch with our dedicated support teams please visit: www.edexcel.com/contactus

Online forum

Pearson Work Based Learning Communities is an online forum where employers, further education colleges and workplace training providers are able to seek advice and clarification about any aspect of our qualifications and services, as well as share knowledge and information with others. The forums are sector specific and cover Business Administration, Customer Service, Health and Social Care, Hospitality and Catering and Retail. The online forum is available at www.pearsonwbl.edexcel.com/Our-support.

http://pearsonwbl.edexcel.com/Our-support/Pages/default.aspx�


98

14 Contact us

We have a dedicated Account Support team, based throughout the UK, to give you more personalised support and advice. To contact your Account Specialist you can use any of the following methods:

Email: [email protected] Telephone: 0844 576 0045

If you are new to Pearson and would like to become an approved centre, please contact us at:

Email: [email protected] Telephone: 0844 576 0045

Complaints and feedback We are working hard to provide you with excellent service. However, if any element of our service falls below your expectations, we want to understand why, so that we can prevent it from happening again. We will do all that we can to put things right.

If you would like to register a complaint with us, please email [email protected].

We will formally acknowledge your complaint within two working days of receipt and provide a full response within seven working days.

mailto:[email protected]�




99

Db300714G:\WORDPROC\LT\PD\BTEC LEVEL\

9781446911877_BTEC_LVL_L4_ISPC\9781446911877_BTEC_LVL_L4_ISPC.DOC.1–106/0

July 2014 For more information on Edexcel and BTEC qualifications please visit our websites: www.edexcel.com and www.btec.co.uk BTEC is a registered trademark of Pearson Education Limited Pearson Education Limited. Registered in England and Wales No. 872828 Registered Office: Edinburgh Gate, Harlow, Essex CM20 2JE. VAT Reg No GB 278 537121

http://www.edexcel.com/�

Pearson BTEC Level 4 Diploma in Information Security ...€¦ · Pearson BTEC Level 4 Diploma in...

Documents

Transcript of Pearson BTEC Level 4 Diploma in Information Security ...€¦ · Pearson BTEC Level 4 Diploma in...