Earning Criteria

• This person will be able to explain the elements of the CIA triad (confidentiality, Integrity, availability) and describe hazards, threats, and vulnerabilities and how each relate and lead to risk.  They can describe the impact of a loss of CIA and how organisations develop their approach to risk management.  They can explain how organisations secure information including describing the concepts of trusted and trustworthy and the benefits and limitations of different approaches to assurance.
• This person will be able to explain the elements of the CIA triad (confidentiality, Integrity, availability) and describe hazards, threats, and vulnerabilities and how each relate and lead to risk. They can analyse the main types of attacks, attack techniques, how they work, why they are effective and how they continuously evolve, the role of human behaviour in cyber security and layered security when deploying a system in an organisational context.
• This person can describe key legislation, standards, regulations, why they are important and the responsibilities they place on organisations and individuals and explain the context in which they are used and the differences between them.  They can describe and evaluate the sources of information about the current threat landscape, and  describe and evaluate the sources of information for identifying emerging trends within cyber security.
• This qualification is regulated by OFQUAL