This unit specifies the skills and knowledge required to assess the security vulnerabilities of client assets based an analysis of asset types, use, ownership and value. It includes auditing security risk control mechanisms and incident reporting measures and testing their operational effectiveness to identify failures and recommend treatment options.

This unit is suitable for those using specialised knowledge to complete routine and non-routine tasks and using their own judgement to deal with predictable and sometimes unpredictable problems.

Legislative, regulatory or certification requirements apply in some states and territories to the provision of advice on security solutions, strategies, protocols and procedures. For further information, check with the relevant regulatory authority.