The global skills and competency framework for the digital world

SFIA 8 skill changes in detail

Here are all the skills which have had significant change in SFIA 8.

New skills

Information and cybersecurity

  • Vulnerability research VURE
  • Vulnerability assessment VUAS
  • Threat intelligence THIN

Data privacy

  • Personal data protection PEDP

DevOps, DevSecOps, Software engineering

  • Systems and software life cycle engineering SLEN

Data and analytics

  • Data engineering DENG
  • Data science DATS
  • Business intelligence BINT
  • Machine learning MLNG

People management

  • Workforce planning WFPL
  • Employee experience EEXP

Skills management

  • Subject formation SUBF
  • Certification scheme operation CSOP

Agile/self-organising teams

  • Organisational facilitation OFCL

Business analysis

  • Business situation analysis BUSA
  • Feasibility assessment FEAS

Computational science

  • Scientific modelling SCMO
  • Numerical analysis NUAS
  • High-performance computing HPCC

Service management

  • Service catalogue management SCMG

Governance, risk, audit, compliance

  • Audit AUDT

Others

  • Investment appraisal INVA
  • Business administration ADMN

Renamed skills

  • Governance GOVN - was called Enterprise IT governance
  • Security operations SCAD - was called Security administration
  • Content authoring INCA - was called Information content authoring
  • Content publishing ICPM - was called Information content publishing
  • Systems installation and removal HSIN - was called Systems installation/decommissioning
  • Change control  CHMG - was called Change management
  • Stakeholder relationship management RLMT - was called Relationship management

Re-structured

A combination of re-naming, amended scope, new levels.

  • Information management IRMG - was called Information governance
  • Risk management BURM - was called Business risk management
  • Technology service management ITMG - was called IT management
  • Organisational change management CIPM - was called Change implementation planning and management
  • Teaching TEAC - was called Teaching and subject formation
  • Acceptance testing BPTS - was called Business process testing
  • Data management DATM
  • Software configuration PORT
  • Penetration testing PENT
  • Information security SCTY
  • Resourcing RESC

Retired skills

  • Conformance review - merged with Quality assurance QUAS and Audit AUDT
  • Network planning NTPL - merged with Network design NTDS
  • Business analysis BUAN - now 2 new skills Business situation analysis BUSA and Feasibility assessment FEAS. Some content moved to Acceptance testing and Requirements definition and management
  • Analytics - refined into 3 skills Data science DTAS, Machine learning MLNG and Business intelligence BINT

Changes to Individual skills

A summary description of the changes to each skill plus a rationale for the change is listed below. The menu in the sidebar enables you to jump directly to skills of interest.

Acceptance testing BPTS - renamed and 2 new levels added

  • This is a new skill formed by re-structuring an existing SFIA skill called Business process testing
  • This has been made more encompassing to a range of acceptance testing activities
  • New levels added to reflect working practices and to open up the skill to people and roles outside of typical Enterprise IT roles

Analytics INAN - retired, split into 3 skills

Business analysis BUAN - retired, split into 2 skills

  • Split the SFIA 7 skill called Business analysis into constituent parts
  • New skill - Business situation analysis BUSA
  • New skill - Feasibility assessment FEAS
  • This provides greater granularity and flexibility – for example to support definition of business analysis roles, assignments
    skills assessment, identifying skills gaps, targeted learning and development solutions, developing career paths, resourcing (recruiting, deployment)
  • Business analysis BUAN retired

Change implementation planning and management CIPM - renamed

  • Rename to Organisational change management
  • This has been done along with renaming Change management (CHMG) to Change controls
  • Added additional levels 3 and 4 to open up the skill to roles outside of typical Enterprise IT roles

Change management CHMG - renamed

  • Renamed to Change control
  • This skill has been in SFIA since the first version
  • At that time - it was renamed to align to terminology used in the IT Service management discipline (specifically in ITIL).It was called “Change control” – but was renamed to “Change management” in SFIA version 3.
  • The name "Change management" meant that it could be confused with “organisational change management” – i.e. the skill associated with managing the human side of change
  • The latest update of ITIL (ITIL® 4) has changed the name of “Change management” to “Change control.

Conformance review CORE - retired

  • For SFIA 8 this is largely incorporated into Quality assurance QUAS and some aspects incorporated into the new Audit AUDT skill

Quality Assurance QUAS

  • Align closer to Quality Management
  • Remove references to audit (instead use ‘formal review’ or ‘formal assessment’ for example) and ensure descriptor provides some emphasis on (but not exclusively) ongoing assurance activity (separate from audit)
  • This in turn will assist with delineating Quality Assurance (QUAS) [and Conformance Review (CORE)] from Testing (TEST). 
  • Incorporate the potential of conformance review activity in the context of quality assurance activity

Audit AUDT - new

  • Add a new skill focused on audit activity, where audit is a discreet formal assessment (which may be part of an audit program).
  • Where Quality Assurance (QUAS) is focused on quality and improvement, Audit AUDT is focused on risk
  • Incorporate the potential of conformance review activity in the context of quality audit activity
  • The skill will borrow some ideas and principles from Technology Audit from SFIA 5 (in particular focus on risk-based assessment) but in keeping with design principles for SFIA 8 will have a broader description of audit activity

Consultancy CNSL - new level 4

  • Addition of additional guidance and a new entry level - level 4
  • The Consultancy skill defined in SFIA applies to the delivery of consultancy as part of formal or informal consultancy agreements.
  • SFIA describes the general provision of advice, guidance or problem solving related to an individual's responsibilities by:
    • the responsibilities described by the SFIA generic attributes
    • the SFIA professional skill descriptions which make reference to providing advice and guidance.

Continuity management COPL - new levels 2,3 and 6

  • Informed by the review of SFIA in the context of information and cyber security and the US government NIST cybersecurity framework
  • 3 new levels added
  • New level 6 reflects the importance for leadership and and strategy in this area
  • New levels 2 and 3 to reflect lower level operational responsibilities and activities

Contract management ITCM - new level 3

  • New level 3 added to reflect lower level operational responsibilities and activities
  • In part - informed by the review of SFIA in the context of information and cyber security and the US government NIST cybersecurity framework

Data management DATM - levels 2 and 3 moved

  • Levels 2 and 3 have been updated and moved to the new skill called Data engineering DENG

Data visualisation VISL - new level 3

  • A new level 3 has been added for SFIA 8 based on use of this skill in the workplace and demand from apprenticeships/industry placements
  • Data visualisation as a separate skill was introduced in SFIA 7. It had two levels - level 4 and 5.
  • Supports employability by introducing an entry level career step

Digital forensics DGFS - new level 3

  • A new level 3 has been added for SFIA 8 based on use of this skill in the workplace and demand from industry placements
  • This also supports employability by introducing an entry level career step
  • Level 4 also amended to ensure clear gap between the new level 3 and level 4

Enterprise IT governance GOVN - renamed, level 5 removed

  • The skill name and the skill descriptions have been improved to reflect that Governance is a broad concept which has some universal principles as well as some specifics according to the context in which it is being applied.
  • The descriptors could be more generic to focus on the common elements of governance needed across different domains
  • In SFIA’s overall capability model the skill of “governance” can be separated from the specific domain knowledge needed to implement governance processes and tasks. For example - Enterprise IT governance, service management governance, security governance
  • Level 5 has been removed. This reflects that professionals may contribute specialist knowledge to governance processes, reviews and developments — but that does not imply they need the SFIA skill of Governance. Governance is also referenced in many SFIA skills.

Hardware design HWDE - new level 3

  • Definitions have been made more encompassing to other forms of hardware 
  • A new level 3 has been added - based on use of this skill in the workplace and demand from apprenticeships/industry placements. This also brings into to line with Systems design and Network design
  • Supports employability by introducing an entry level career step

Information assurance INAS - new levels 3 and 4

  • Addition of level 3 and level 4
  • Supports employability by introducing an entry level career step and support for practitioner roles that exist in larger organisations focused on formal system certification and accreditation 
  • Informed by the review of SFIA in the context of information and cyber security and the US government NIST cybersecurity framework

Information governance IRMG - renamed

  • Renamed to Information management to avoid confusion or overlap with the new Governance GOVN skill
  • Descriptors relating to data protection have been extracted to a new SFIA skill called Personal data protection

Information security SCTY

  • Level 3 and 4 re-scoped to align with the creation of a stand-alone Vulnerability assessment skills
  • Other levels re-worded and improved in line with feedback from users and informed by the review of SFIA in the context of information and cyber security and the US government NIST cybersecurity framework
  • Supports employability with an entry level career step

IT management ITMG - renamed

  • Renamed to Technology service management ITMG
  • Shift the focus of IT Management to be Technical service delivery management - not technical management of IT Infrastructure
  • This makes it applicable as a skill needed by other technical managers outside of IT Infrastructure
  • This is supported by changes to IT infrastructure ITOP

IT operations ITOP - new level 5

  • Level 5 added to support roles which provide technical leadership to optimise the performance of IT infrastructure.
  • This is consistent with other operational skills e.g. Application support ASUP or Network support NTAS at level 5
  • Supports employability with improvements to levels 1,2 and 3 based on use of this skill in the workplace and demand from apprenticeships/industry placements

Learning delivery - new level 2

  • Update to Learning Delivery to increase alignment to training activities and provide separation from the activity of teaching.
  • Review and update of level descriptions for level alignment
  • Addition of level 2 for those who actively assist in learning delivery
  • Supports employability for entry level career steps

Network design NTDS - new levels 3 & 4

  • New level 4 added based on feedback - including from a major network company with roles which conduct network design activities at an element level
  • Supports employability with additional level at level 3 based on demand from apprenticeships/industry placements

Network planning NTPL - retired

  • Removed from SFIA 8
  • For SFIA 8 Network design NTDS has been developed and extended down to Level 3.
  • In SFIA v7, both Network planning NTPL and Network design NTDS are described only at Level 5 and Level 6.
  • SFIA 7 NTPL descriptions are brief and focus on setting service level agreements and planning networks to meet these.
  • The high level specification of networks to meet business needs (e.g., performance, capacity, availability) is well covered by NTDS Levels 5 and 6.
  • Setting/agreeing and meeting service levels are fully covered in Service level management SLMO  
  • With these changes there is no need for a separate Network planning skill.

Penetration testing PENT - new level 3

  • Descriptions have been updated to align with the creation of a stand-alone Vulnerability assessment skill for SFIA 8
  • The overall description of the skill has been re-worded to provide more focus on why this skill is different than the Testing TEST skill
  • Supports employability with additional level at level 3 based on demand from apprenticeships/industry placements

Porting/software configuration PORT renamed

  • Rename to Software configuration
  • Provide clarity that the skills is for the design and deployment of configurations not for operational configuration (which is described in operations skill such as IT infrastructure ITOP, Application support ASUP, Network support NTAS
  • Feedback from SFIA users is that the term 'porting' is rarely used and not well recognised
  • Many in infrastructure/support roles are using the SFIA 7 skill as a complement to their operational skill because they "do some configuration" ... the current definition of PORT (and several of the more operational skills like ITOP/ASUP/NTAS and others) leaves room for this unnecessary overlap.
  • SFIA 7 definition has an overlap with Testing TEST and Specialist advice TECH
  • There is need for skills related to the design and deployment of software configuration, particularly for (not exclusively) enterprise scale systems and large SaaS. 
  • This skills can also support software configuration in other "as a service" environment, such as, IaaS, PaaS
  • The reworded SFIA 8 skill is deliberately close to the PROG skills which also combines elements of design, test, deploy, iterate.

Relationship management RLMT renamed

  • Skill renamed to Stakeholder relationship management RLMT
  • This is in line with the skill description so is not a change of scope
  • Re-naming helps distinguish this from general relationship building /working relations which is described in the generic attributes and also from other domains such as customer relationship management and public relations (PR) management

Resourcing RESC

  • This was informed by a comprehensive review of the people management skills in SFIA
  • Descriptors related to workforce planning have been extracted from Resourcing RESC and form the basis for a new separate skill for SFIA 8 - Workforce planning WFPL
  • New level 3 added - supports employability with additional entry level career step

Safety assessment SFAS - new level 4

  • Addition of level 4 to support practitioner roles
  • Removed alignment of safety integrity levels with SFIA levels
  • Removed the names of specific standards and provided range of example approaches in the guidance notes

Security administration SCAD - renamed

  • Rename to Security operations 
  • Security administration has been included as a skill in SFIA since SFIA version 1. Its name has remained the same. 
  • A name change  to Security operations reflects contemporary industry language  and ensures that the skill is not seen as administrative only 
  • This is not change in scope – just repositioning for contemporary industry use. 
  • Level descriptions and guidance notes have been updated to activities and responsibilities in the workplace, apprenticeship standards and cryptographic and certificate management activities.

Selling SALE - new level 3

  • Add level 3 based on feedback from SFIA users and roles observed in the workplace
  • Supports employability with additional level at level 3 as an entry point in Sales

Systems design DESN - new level 3

  • Systems design was restructured for SFIA 7 - alongside the introduction of Software design as a standalone skill
  • A new level 3 has been added - based on use of this skill in the workplace
  • Supports employability by introducing an entry level career step

Systems installation/decommissioning HSIN - renamed

  • Rename to Systems installation and removal HSIN as the SFIA 7 skill name is unwieldy and can be simplified for readability.
  • Decommissioning has been added  as an example activity in the Guidance Notes.
  • Skill level descriptions for Levels 2, 3 and 4 have been improved to provide a clear difference and progression between the levels

Teaching and subject formation TEAC - renamed, Subject formation split out

  • Split the Subject formation aspects of teaching from the delivery of teaching so these can be evaluated separately.
  • Acknowledge that pedagogy is an inherent and inseparable aspect of teaching.
  • Extend both teaching and subject formation to level 7 to support the whole range of responsibilities and roles found in Teaching and related professions
  • Extend teaching to level 2 (assistant) and subject formation to level 4
  • Supports employability with additional level at level 2 and 3 based