Skip to main content
Cookies Policy
Detailed information on the use of cookies on this website is provided in our Privacy Policy. By closing this message and proceeding, you consent to our use of cookies in accordance with our Cookies Policy.
x
  • CONTACT US
  • icon-facebook
  • icon-linkedin
  • icon-twitter

Information Security

The design, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, breaches, availability and relevant compliance of information systems including risk assessments, business impacts and vulnerability assessment.

Governance

The governance and compliance with information system and protection requirements, standards, policies and management processes. To identify and control non-compliance issues and mitigation.

Risk Management

The planning and implementation of information security risk assessment and management activities in accordance with organisational processes for information security risk assessment and risk management, including the determination of security controls.

Business Resilience

Security related business resilience activities, to advise and implement security related business resilience activities, including disaster recovery and business continuity.

Compliance and Assurance

The conduct of security audit, compliance and assurance activities to verify information systems and processes meet security criteria. To conduct compliance monitoring and security control testing.

Security Testing

To conduct security testing and contribute to the determination of the level of resilience of an information system to information security threats and vulnerabilities. Also includes the selection, planning and application of testing methods, including penetration testing.

Development & Architecture

Security development and architecture activities including access management and network security devices for information security architecture. To implement secure development standards and practices for secure software and technical security controls.

Operations Management

To develop, implement and maintain operational information security management activities in accordance with security policies and standards, including processes for maintaining the security of information throughout its lifespan.

Intrusion Detection

Information security intrusion detection and analysis activities including to detect and analyse information security anomalies in information systems and network security systems. Escalate and communicate information security intrusions with internal and external stakeholders.

Digital Forensics

The collection, processing, preserving, analysis, and presentation of forensic evidence based on the totality of findings including computer-related evidence in support of security vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.

Vulnerability Assessment

To plan and implement information security vulnerability assessments in accordance with processes to prioritise remediation and maintain up to date vulnerability awareness.

Incident Management

The processing and coordination of responses to incident reports and to conduct incident management activities to identify, eliminate and prevent potential and current information security threats.

Identity & Access

To process and implement information security identity and access management activities to ensure that company data is not at risk from being compromised. To coordinate effective implementation and work identity and access management systems.

Level of Recognition

Bronze

(Apply / SFIA Level 3)

At this level an individual is able to work under general direction:

  • interact with and influences colleagues;
  • performs sometimes complex and non-routine work;
  • sound generic domain knowledge; and
  • apply business skills for own work and contributing fully to a work team.

Level of Recognition

Silver

(Enable / SFIA Level 4)

At this level an individual is able to work under general direction with accountability:

  • influence customers and partners at account level;
  • perform complex work;
  • thorough understanding of recognised body of knowledge;
  • enable business skills for complex work; and
  • facilitates collaboration between stakeholders.

Level of Recognition

Gold

(Ensure & Advise / SFIA Level 5)

At this level, an individual is able to work under broad direction and self-initiated:

  • influences organisation, customers and partners in own specialism;
  • performs an extensive range of complex technical work;
  • fully familiar with industry bodies of knowledge and own specialism; and
  • demonstrates leadership and ensure and advise business skills.

Level of Recognition

Platinum

(Initiate & Influence / SFIA Level 6)

At this level an individual has defined authority and accountability:

  • influences policy and strategy formation;
  • broad business understanding of specialism and performs highly complex work;
  • promotes applications of bodies of knowledge in own organisation; and
  • initiates and influence business skills through clear leadership.

Level of Recognition

Diamond

(Strategise & Direct / SFIA Level 7)

At this level, an individual is at highest level of organisation and authority over all aspects of work:

  • makes decisions critical to organisational success;
  • leads the formulation and implementation of strategy;
  • broad and deep knowledge; and
  • strategise and direct business skills through strategic management and leadership.

 

ACS' microCredentials | Cyber Security 

 

ACS microCredential Cyber Security has been developed to enable recognition and validation of skills and knowledge across a range of specialisms and function areas within Information/Cyber Security discipline.  Each microCredential specialism and level is assessed against the ACS’ microCredential Cyber Security Framework. Five (5) levels of recognition are offered through ACS’ microCredential Cyber Security align to Skills Framework for the Information Age (SFIA) and NICE Framework at the specialism type. The five levels of recognition are:

Bronze – Apply – SFIA Level 3
Silver – Enable – SFIA Level 4
Gold – Ensure and advise – SFIA Level 5
Platinum – Initiate and influence – SFIA Level 6
Diamond – Strategize and Direct – SFIA Level 7

 

ACS’ microCredentials Cyber Security cover 12 specialisms at five (5) levels of recognition. When choosing the specialism, select the microCredential level of recognition from the microCredentials specialisms listed below. The descriptor for your selection will be provided based on the level of recognition chosen for the specialism. The same level of recognition will apply to the mandatory microCredential of Information security based on your specialism selection. You can proceed with your application for microCredentials Cyber Security.

 

Information Security

The design, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, breaches, availability and relevant compliance of information systems including risk assessments, business impacts and vulnerability assessment.

ACS’ microCredentials Cyber Security cover the following specialisms:

 

 

Governance

The governance and compliance with information system and protection requirements, standards, policies and management processes. To identify and control non-compliance issues and mitigation.    

Bronze
Silver
Gold
Platinum
Diamond

 

Risk Management

The planning and implementation of information security risk assessment and management activities in accordance with organisational processes for information security risk assessment and risk management, including the determination of security controls.

Bronze
Silver
Gold
Platinum
Diamond

 

Business Resilience

Security related business resilience activities, to advise and implement security related business resilience activities, including disaster recovery and business continuity.

Bronze
Silver
Gold
Platinum
Diamond

 

Compliance & Assurance

The conduct of security audit, compliance and assurance activities to verify information systems and processes meet security criteria. To conduct compliance monitoring and security control testing.

Bronze
Silver
Gold
Platinum
Diamond

 

--------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Security Testing

To conduct security testing and contribute to the determination of the level of resilience of an information system to information security threats and vulnerabilities. Also includes the selection, planning and application of testing methods, including penetration testing.

Bronze
Silver
Gold
Platinum
Diamond

 

Development & Architecture

Security development and architecture activities including access management and network security devices for information security architecture. To implement secure development standards and practices for secure software and technical security controls.

Bronze
Silver
Gold
Platinum
Diamond

 

Operations Management

To develop, implement and maintain operational information security management activities in accordance with security policies and standards, including processes for maintaining the security of information throughout its lifespan.

Bronze
Silver
Gold
Platinum
Diamond

 

Intrusion Detection

Information security intrusion detection and analysis activities including to detect and analyse information security anomalies in information systems and network security systems. Escalate and communicate information security intrusions with internal and external stakeholders.

Bronze
Silver
Gold
Platinum
Diamond

 

--------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Digital Forensics

The collection, processing, preserving, analysis, and presentation of forensic evidence based on the totality of findings including computer-related evidence in support of security vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.

Bronze
Silver
Gold
Platinum
Diamond

 

Vulnerability Assessment

To plan and implement information security vulnerability assessments in accordance with processes to prioritise remediation and maintain up to date vulnerability awareness.

Bronze
Silver
Gold
Platinum
Diamond

 

Incident Management

The processing and coordination of responses to incident reports and to conduct incident management activities to identify, eliminate and prevent potential and current information security threats.

Bronze
Silver
Gold
Platinum
Diamond

 

Identity & Access

To process and implement information security identity and access management activities to ensure that company data is not at risk from being compromised. To coordinate effective implementation and work identity and access management systems.

Bronze
Silver
Gold
Platinum
Diamond

 

--------------------------------------------------------------------------------------------------------------------------------------------------------------------