SFIA View: Data security and quality skills

Data security and quality skills

The skills needed for foundational practices underpinning the other data management capabilities.

Quality management QUMG

Quality management establishes within an organization a culture of quality and a system of processes and working practices to deliver the organization's quality objectives. This involves the application of techniques for the monitoring and improvement of the quality of any aspect of a function, processes, products, services or data. The achievement of, and maintenance of compliance to, national and international standards, as appropriate, and to internal policies, including those relating to quality, service, sustainability and security.

Conformance review CORE

The independent assessment of the conformity of any activity, process, deliverable, product or service to the criteria of specified standards, best practice, or other documented requirements. May relate to, for example, asset management, network security tools, firewalls and internet security, sustainability, real-time systems, application design and specific certifications.

Quality assurance QUAS

The process of ensuring, through independent assessment and review, that appropriate working practices, quality control activities, organizational processes and quality standards are in place and adhered to and that best practices are promoted throughout the organization. Quality assurance provides confidence to internal management and external bodies, such as customers or regulators, that quality requirements will be fulfilled. Quality assurance may relate to any area where quality standards are applied, including products, data, services and business processes.

Information security SCTY

The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.

Security administration SCAD

The provision of operational security management and administrative services. Typically includes the authorization and monitoring of access to IT facilities or infrastructure, the investigation of unauthorized access and compliance with relevant legislation.

Business risk management BURM

The planning and implementation of organization-wide processes and procedures for the management of risk to the success or integrity of the business, especially those arising from the use of information technology, reduction or non-availability of energy supply or inappropriate disposal of materials, hardware or data.

Continuity management COPL

The provision of service continuity planning and support, as part of, or in close cooperation with, the function which plans business continuity for the whole organization. The identification of information systems which support critical business processes. The assessment of risks to critical systems' availability, integrity and confidentiality. The co-ordination of planning, designing, testing and maintenance procedures and contingency plans to address exposures and maintain agreed levels of continuity.