Practitioner

Mapping

• Public service levels: A05-8
• SFIA: 3-5
• Leadership competencies for Queensland – Individual contributor; Program leader

SFIA professional skills

• Incident management USUP
• Information assurance INAS
• Information security SCTY
• Security operations SCAD
• Stakeholder relationship management RLMT

Competencies

• How to coordinate incident management activities including updating plans based on evolving threats, learnings and stakeholder feedback.
• How to understand and follow legal and regulatory requirements related to incidents.
• How to analyse risks, incidents and metrics and communicate these effectively to different stakeholders and management.
• How to coordinate different teams and stakeholders to manage incident preparedness and response.
• How to develop and run incident preparedness activities such as tabletop exercises with various stakeholders.

70:20:10 examples

70: Suggested experiential learning

• Support crisis communications especially internally and with partners.
• Participate in exercise design, planning, delivery and review.
• Coordinate incident management plan drafting, consultation, revision and approval.
• Coordinate incident recovery and debriefs.
• Evaluate alerts and communicate significance.
• Contribute to reviews of regulatory frameworks (e.g. submissions).

20: Suggested professional development

• Mentor and coach team members and peers.
• Volunteer at industry events (e.g. help coordinate tabletop exercises).
• Develop skills in areas of interest to become a subject matter expert.
• Queensland Government strategic crisis management training (e.g. emergency, disaster).

10: Example formal learning

• CISSP – Certified Information Systems Security Professional
• CISM – Certified Information Security Manager
• Crisis Communications

Last updated:

30 June 2025