ICT policy officer


An ICT policy officer is a pivotal role in any organisation. An ICT policy officer works to assist the organisation to meet best practice standards in the development, use and maintenance of ICT systems, information and related assets.

An ICT policy officer will research, analyse, interpret and provide feedback on standards and directions. The ICT policy officer will then consult with relevant staff across the organisation, usually senior management, and staff from human resources, finance areas and legal departments to discuss the implications of any new policy direction that needs to be taken. The ICT policy officer needs to have very strong communication and negotiation skills. The ICT policy officer ensures that processes are developed to support the policy implementation. Once a policy has been approved and implemented the ICT policy officer then needs to establish processes to determine compliance with the policy.

An ICT policy officer is also responsible for preparing reports and submissions to senior management about information risk and compliance with ICT policy.

A Policy Officer exhibits a combination of capabilities from the Skills Framework for the Information Age (SFIA) and from the Leadership competencies for Queensland.

SFIA profile

Refer to the framework for descriptions of the seven levels of responsibility and accountability.

SFIA skill

SFIA skill code

SFIA skill level of responsibility

SFIA skills level descriptor

Information governance



Understands the implications of information, both internal and external, that can be mined from business systems and elsewhere. Makes decisions based on that information, including the need to make changes to the systems. Reviews new change proposals and provides specialist advice on information and records management, including advice on and promotion of collaborative working and assessment and management of information-related risk. Creates and maintains an inventory of information assets, which are subject to relevant legislation. Prepares and reviews the periodic notification of registration details and submits them to the relevant regulatory authorities. Ensures that formal information access requests and complaints are dealt with according to approved procedures. Contributes to development of policy, standards and procedures for compliance with relevant legislation.




Takes responsibility for understanding client requirements, collecting data, delivering analysis and problem resolution. Identifies, evaluates and recommends options, implementing if required. Collaborates with, and facilitates stakeholder groups, as part of formal or informal consultancy agreements. Seeks to fully address client needs, enhancing the capabilities and effectiveness of client personnel, by ensuring that proposed solutions are properly understood and appropriately exploited.

Relationship management



Identifies the communications and relationship needs of stakeholder groups. Translates communications/stakeholder engagement strategies into specific activities and deliverables. Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. Provides informed feedback to assess and promote understanding. Facilitates business decision-making processes. Captures and disseminates technical and business information.

Leadership skills

Leadership competencies for Queensland describes what highly effective, everyday leadership looks like in the sector. In simple, action-oriented language, it provides a common understanding of the foundations for success across all roles. The profile describes three performance dimensions (vision, results and accountability) and 11 leadership competencies required against five leadership streams.

Leadership streams are not connected to a level or classification, but rather reflect the balance between leadership and technical skills required of an individual. Individuals can consider the value proposition of roles rather than the traditional lens of hierarchical structures or classification levels. The five leadership streams are:

  • Individual contributor (Leads self and does not supervise others)
  • Team leader (leads a team and typically reports to a program leader)
  • Program leader (leads team leaders and/or multiple areas of work)
  • Executive (leads program leaders or other executives)
  • Chief executive (leads the organisation).

When developing a role description, identify the role type and then focus on the most important attributes and create a balance between SFIA skills and leadership skills.

Entry points

An ICT policy officer does not need to have formal qualifications, however, a degree level qualification in an area such as information technology or business would be highly regarded. Alternatively, a diploma from TAFE in IT or business studies would certainly be of assistance to obtain work in the area of ICT policy officer. Work experience in the information technology area would also be considered highly.

The role of an ICT policy officer requires a high level of communication skills, both written and oral, strong skills in research and analysis. A logical approach to problem solving and an investigative and inquisitive mind are also vital qualities for this role.

Learning and development

There are a number of ways that you can develop and improve your ICT policy officer skills. There are a number of courses that you can attend that will increase your general knowledge of the role of an ICT policy officer. Many of these courses are run by private companies.