Mapping
- Public service levels: A03-4
- SFIA: 1-2
- Leadership competencies for Queensland – Individual contributor
SFIA professional skills
- Audit AUDT
- Customer service management CSMG
- Information assurance INAS
- Information security SCTY
- Risk management BURM
Competencies
- Understands audit and assessment activities, documentation and standards and can keep records.
- Understands the objectives of information security and relevant controls and assists with the coordination, implementation and monitoring of security policies.
- Assists with basic cyber risk management activities including maintenance of risk documentation.
- Responds to stakeholder requests using established procedures, provides information and escalates unresolved matters as needed.
70:20:10 examples
70: Suggested experiential learning
- Review cyber security policies.
- Provide ISMS committee secretariat support.
- Report on risk and maintain risk register documentation.
- Provide routine advice and support on cyber risk management policies and procedures.
20: Suggested professional development
- Find a mentor.
- Shadow other practitioners.
- Join a cyber security professional association and participate in events such as table top exercises.
- Develop situational awareness of cyber security / GRC trends e.g. podcasts, case studies, white papers, news sites, forums.
- Develop writing skills e.g. review or draft GRC documentation and receive feedback
10: Example formal learning
- Bachelor degree or post graduate degree in cyber security or a related field (e.g. communications)
- Certificate IV, Diploma or Advanced Diploma in cyber security or related field (e.g. IT, communications).
Others:
- AusCERT Cyber Security Risk Management
- Certified in Cyber Security (CC)
- CompTIA Security +
- Cyber Security Foundation + Practitioner
- Foundation and Implementing an IMS ISO/IEC 27001:2022
- ITIL
- SANS SEC301: Introduction to Cyber Security
- Last updated:
- 30 June 2025