This unit specifies the skills and knowledge required to implement security risk management plans. It includes organising, costing and allocating resources, monitoring emerging security risks and changes in the operating environment against activities and targets in action plans, and reviewing treatment options to update security risk management plans. Risk management plans are implemented based on the principles of ISO 31000:2018 Risk management – Guidelines (ISO 31000).

This unit is suitable for those using a broad range of cognitive, technical and communication skills to select and apply methods and technologies to analyse information and provide solutions to sometimes complex problems.

Legislative, regulatory or certification requirements apply in some states and territories to the provision of advice on security solutions, strategies, protocols and procedures. For further information, check with the relevant regulatory authority.