Cyber And Data Breach Incident Management

Detect and report cyber and data-related incidents, identify affected systems and user groups, trigger alerts and announcements to relevant stakeholders and efficient resolution of the situation.

Proficiency Level

Level 1 (Follow)


Level 2 (Assist)


Level 3 (Apply)

  • Develop incident management procedures and synthesise incident-related analyses to distil key insights, resolve incidents and establish mitigating and preventive solutions.
  • Apply and maintain specific security controls as required by organisational policy and local risk assessments.
  • Communicate security risks and issues to business managers and others.
  • Perform basic risk assessments for small information systems.
  • Contribute to the identification of risks that arise from potential technical solution architectures.
  • Suggest alternate solutions or countermeasures to mitigate risks.
  • Define secure systems configurations in compliance with intended architectures.
  • Support investigation of suspected attacks and security breaches.

Level 4 (Ensure)

  • Provide guidance on the application and operation of elementary physical, procedural and technical security controls.
  • Explain the purpose of security controls and perform security risk and business impact analysis for medium complexity information systems.
  • Identify risks that arise from potential technical solution architectures.
  • Design alternate solutions or countermeasures and ensure identified risks are mitigated.
  • Investigate suspected attacks and support security incident management.
  • Formulate incident response strategies and direct teams in the remediation, resolution, communication and post-mortem of large- scale, unpredictable cyber and data incidents.
  • Develop and communicate corporate information security policy, standards and guidelines.
  • Ensure architectural principles are applied during design to reduce risk.
  • Drive adoption and adherence to policy, standards and guidelines.
  • Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
  • Contribute to development of information security policy, standards and guidelines.
  • Obtain and act on vulnerability information and conduct security risk assessments, business impact analysis and accreditation on complex information systems.
  • Investigate major breaches of security, and recommend appropriate control improvements.
  • Develop new architectures that mitigate the risks posed by new technologies and business practices.

Level 5 (Strategise)

  • Direct the development, implementation, delivery and support of an enterprise information security strategy aligned with the business strategy.
  • Ensure compliance between business strategies and information security.
  • Lead the provision of information security expertise, guidance and systems needed to execute strategic and operational plans.
  • Secure organisational resources to execute the information security strategy.
  • Contribute to the development of organisational strategies that address information control requirements.
  • Identify and monitor environmental and market trends and proactively assess impact on business strategies, benefits and risks.
  • Lead the provision of authoritative advice and guidance on the requirements for security controls in collaboration with subject matter experts.
  • Drive cross-collaboration efforts to co-develop strategies to manage cyber and data incidents on an industry, national or international scale.