Skills
Description of all SFIA 6 skills
IT governance
The establishment and oversight of an organisation's approach to the use of information, digital services and associated technology. Includes responsibility for provision of digital services; levels of service and service quality which meet current and future business requirements; policies and practices for conformance with mandatory legislation and regulations; strategic plans for technology to enable the organisation's business strategy; transparent decision making, leading to justification for investment, with appropriate balance between stakeholder benefits, opportunities, costs, and risks.
IT strategy and planning
The creation, iteration and maintenance of a strategy in order to align IT plans with business objectives and the development of plans to drive forward and execute that strategy. Working with stakeholders to communicate and embed strategic management via objectives, accountabilities and monitoring of progress.
Information management
The overall governance of how all types of information, structured and unstructured, whether produced internally or externally, are used to support decision-making, business processes and digital services. Encompasses development and promotion of the strategy and policies covering the design of information structures and taxonomies, the setting of policies for the sourcing and maintenance of the data content, and the development of policies, procedures, working practices and training to promote compliance with legislation regulating all aspects of holding, use and disclosure of data.
Information systems coordination
Typically within a large organisation in which the information strategy function is devolved to autonomous units, or within a collaborative enterprise of otherwise independent organisations, the coordination of information strategy matters where the adoption of a common approach (such as shared services) would benefit the organisation.
Information security
The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.
Information assurance
The protection of integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit. The management of risk in a pragmatic and cost effective manner to ensure stakeholder confidence.
Analytics
The validation and analysis of significant volumes of data, including the ability to discover and quantify patterns and trends in numbers, symbols, text, sound and image. Relevant techniques may include statistical and data mining algorithms and machine learning methods such as rule induction, artificial neural networks, genetic algorithms and automated indexing systems.
Information content publishing
The evaluation and application of different publishing methods and options, recognising key features, including open source and proprietary options. The management and tuning of the processes that collect, assemble and publish information, including in unstructured and semi-structured forms, for delivery to the user at the point at which it is needed. The management of copyright, data protection and other legal issues associated with publishing and re-use of published information and data.
Consultancy
The provision of advice and recommendations, based on expertise and experience, to address client needs. May deal with one specialist subject area, or can be wide ranging and address strategic business issues. May also include support for the implementation of any agreed solutions.
Technical specialism
The development and exploitation of expertise in any specific area of information or communications technology, technique, method, product or application area.
Research
The advancement of knowledge by data gathering, innovation, experimentation, evaluation and dissemination, carried out in pursuit of a predetermined set of research goals.
IT management
The management of the IT infrastructure and resources required to plan for, develop, deliver and support IT services and products to meet the needs of a business. The preparation for new or changed services, management of the change process and the maintenance of regulatory, legal and professional standards. The management of performance of systems and services in terms of their contribution to business performance and their financial costs and sustainability. The management of bought-in services. The development of continual service improvement plans to ensure the IT infrastructure adequately supports business needs.
Financial management
The overall financial management, control and stewardship of the IT assets and resources used in the provision of IT services, including the identification of materials and energy costs, ensuring compliance with all governance, legal and regulatory requirements.
Innovation
The capability to recognise and exploit business opportunities provided by information and communication technology, best practices, methods and standards, to ensure more efficient and effective performance of organisations, to explore possibilities for new ways of conducting business and organisational processes, and to establish new services or businesses.
Business process improvement
The identification of new and alternative approaches to performing business activities. The analysis of business processes, including recognition of the potential for automation of the processes, assessment of the costs and potential benefits of the new approaches considered and, where appropriate, management of change, and assistance with implementation. May include the implementation of a process management capability/discipline at the enterprise level.
Enterprise and business architecture
The creation, iteration, and maintenance of structures such as enterprise and business architectures embodying the key principles, methods and models that describe the organisation's future state, and that enable its evolution. This typically involves the interpretation of business goals and drivers; the translation of business strategy and objectives into an “operating model”; the strategic assessment of current capabilities; the identification of required changes in capabilities; and the description of inter-relationships between people, organisation, service, process, data, information, technology and the external environment. The architecture development process supports the formation of the constraints, standards and guiding principles necessary to define, assure and govern the required evolution; this facilitates change in the organisation's structure, business processes, systems and infrastructure in order to achieve predictable transition to the intended state.
Business risk management
The planning and implementation of organisation-wide processes and procedures for the management of risk to the success or integrity of the business, especially those arising from the use of information technology, reduction or non-availability of energy supply or inappropriate disposal of materials, hardware or data.
Sustainability strategy
The preparation of a sustainability strategy, taking into account any established corporate strategy, to be used as a basis for policies and planning, and covering both consumption and sources of supply of energy and materials. Evaluation and inclusion, as appropriate, of political, legislative, economic, social and technological factors. Identification of major external standards, practices or schemes to be adopted. Consultation with identified relevant parties, either internal or external. Obtaining agreement to the strategy and the commitment to act upon it.
Emerging technology monitoring
The identification of new and emerging hardware, software and communication technologies and products, services, methods and techniques and the assessment of their relevance and potential value as business enablers, improvements in cost/performance or sustainability. The promotion of emerging technology awareness among staff and business management.
Continuity management
The provision of service continuity planning and support. This includes the identification of information systems which support critical business processes, the assessment of risks to those systems' availability, integrity and confidentiality and the co-ordination of planning, designing, testing and maintenance procedures and contingency plans to address exposures and maintain agreed levels of continuity. This function should be performed as part of, or in close cooperation with, the function which plans business continuity for the whole organisation.