This unit describes the skills and knowledge required to contribute to business operations by identifying and assessing cyber security insider threats and risks. This includes reviewing and applying organisational processes for identifying and documenting insider threats.

The unit covers insider threats and risks that relate to individuals in an organisation who commit an act, intentionally or unintentionally, that causes harm.

The unit applies to individuals who identify and communicate identified insider threats and risks to required management and information technology (IT) personnel.

No licensing, legislative or certification requirements apply to this unit at the time of publication.