This unit specifies the skills and knowledge required to develop comprehensive security risk management plans based on the principles of ISO 31000:2018 Risk management – Guidelines (ISO 31000). It includes identifying and evaluating security risks and existing control measures, developing action plans to identify and manage risks, designing risk treatment options and testing them in the field as part of a security risk management strategy.

This unit is suitable for those using a broad range of cognitive, technical and communication skills to select and apply methods and technologies to analyse information and provide solutions to sometimes complex problems.

Legislative, regulatory or certification requirements apply in some states and territories to the provision of advice on security solutions, strategies, protocols and procedures. For further information, check with the relevant regulatory authority.