ICT security standards

The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.

IT security compliances

knowledge

sector-specific

ICT security standards is an essential knowledge of the following occupations:

Digital forensics expert: Digital forensics experts retrieve and analyse information from computers and other types of data storage devices. They examine digital media that may have been hidden, encrypted or damaged, in a forensic manner with the aim to identify, preserve, recover, analyse and present facts and opinions about the digital information.
ICT security consultant: ICT security consultants advise and implement solutions to control access to data and programs. They promote a safe exchange of information.

Chief ICT security officer: Chief ICT security officers protect company and employee information against unauthorized access. They also define the Information System security policy, manage security deployment across all Information Systems and ensure the provision of information availability.
ICT security manager: ICT security managers propose and implement necessary security updates. They advise, support, inform and provide training and security awareness and take direct action on all or part of a network or system.

IT auditor: IT auditors perform audits of information systems, platforms, and operating procedures in accordance with established corporate standards for efficiency, accuracy and security. They evaluate ICT infrastructure in terms of risk to the organisation and establish controls to mitigate loss. They determine and recommend improvements in the current risk management controls and in the implementation of system changes or upgrades.

ICT security standards is optional for these occupations. This means knowing this knowledge may be an asset for career advancement if you are in one of these occupations.

ICT security administrator: ICT security administrators plan and carry out security measures to protect information and data from unauthorised access, deliberate attack, theft and corruption.
Embedded system designer: Embedded system designers translate and design requirements and the high-level plan or architecture of an embedded control system according to technical software specifications.
ICT capacity planner: ICT capacity planners ensure that the capacity of ICT services and ICT infrastructure is able to deliver agreed service level targets in a cost effective and timely manner. They also consider all resources required to deliver the appropriate ICT service, and plan for short, medium, and long term business requirements.
ICT auditor manager: ICT auditor managers monitor ICT auditors responsible for auditing information systems, platforms, and operating procedures in accordance with established corporate standards for efficiency, accuracy and security. They evaluate ICT infrastructure in terms of risk to the organisation and establish controls to mitigate loss. They determine and recommend improvements in the current risk management controls and in the implementation of system changes or upgrades.
Ethical hacker: Ethical hackers perform security vulnerability assessments and penetration tests in accordance with industry-accepted methods and protocols. They analyse systems for potential vulnerabilities that may result from improper system configuration, hardware or software flaws, or operational weaknesses.
ICT network architect: ICT network architects design the topology and connectivity of ICT network such as hardware, infrastructure, communication and hardware components.

References

1. ICT security standards – ESCO