This unit describes the skills and knowledge required to contribute to cyber security risk management, which includes assisting in developing and managing associated risk management strategies.

It applies to those working in a broad range of industries and job roles who work alongside technical experts to develop cyber security risk-management strategies.

Unit details

Study level:
Vocational and further education (TAFE)
Unit code:


Assessment tasks will be designed to reinforce and extend knowledge and skill competence within set and controlled parameters in accordance with each unit's learning outcomes and performance criteria requirements, including the setting of work based practical application tasks designed to provide evidence of competence outcomes, within periodic and scheduled timelines. Students will be expected to demonstrate the following required skills: *contribute to developing and implementing risk management strategies that control two different identified cyber security risks and document the response option applied to each risk *support evaluation of effectiveness of each implemented strategy. Students will also be expected to demonstrate the following knowledge: *legislative and regulatory requirements relating to contributing to cyber security risk management, including: - data protection legislation - notifiable data breach legislation - Australian privacy laws - established international legislation *key risk management strategies, including: - regular organisational training - regular threat assessment - cyber security incident response plan - clear escalation routes *organisational policies and procedures, including for: - analysing and reviewing risk management methodologies - developing communications plans - evaluating effectiveness of risk management strategies - monitoring cyber risk - reviewing currency of risk register *industry-specific knowledge of suitable procedures for applying risk management strategy *guidelines required for updating technology *business process design principles in relation to risk management *reporting mechanisms for tracking organisational cyber security maturity.

Where to next?

As part of a course

This unit is studied as part of the following courses. Refer to the course page for information on how to apply for the course.

VU takes care to ensure the accuracy of this unit information, but reserves the right to change or withdraw courses offered at any time. Please check that unit information is current with the Student Contact Centre.