Pearson BTEC Level 4 Diploma in Information Security Professional Competence

Similar documents
Pearson BTEC Level 2 Diploma in Professional Competence for IT and Telecoms Professionals

Pearson BTEC Level 2 Award for IT Users (ITQ) Pearson BTEC Level 2 Certificate for IT Users (ITQ) Pearson BTEC Level 2 Diploma for IT Users (ITQ)

Specification. Edexcel qualifications. Edexcel Level 3 Award in Reviewing Health and Safety Procedures in the Workplace(QCF)

Specification. Edexcel Levels 1 and 2. For first teaching September Issue 3

Edexcel Level 4 Awards and Certificates in Assuring the Quality of Assessment (QCF)

Specification. Edexcel Levels 1 and 2. For first teaching September Issue 5

Specification. Levels Entry 1, Entry 2 and Entry 3. For first teaching September Issue 4

Pearson BTEC Level 2 Diploma in IT User Skills (ITQ) Pearson BTEC Level 3 Diploma in IT User Skills (ITQ) Specification NVQ/Competence-based

Pearson Edexcel Level 2 Award in Employee Rights and Responsibilities in the Logistics Industry

IQ Level 4 Award in Understanding the External Quality Assurance of Assessment Processes and Practice (QCF) Specification

Pearson Edexcel Level 1 Certificate in Essential Skills Application of Number

National Vocational Qualifications Delivered Overseas policy

BIIAB ICT Systems and Principles for IT Practitioners and Professionals Qualifications Handbook

Qualification Specification. Suite of Internal Quality Assurance Qualifications

Specification. Edexcel NVQ/competencebased qualifications. Edexcel Level 3 NVQ Certificate in Footwear and Leather (QCF)

Specification. Edexcel Work-related qualifications. Edexcel Level 2 Award in Waste Management in the Workplace (QCF)

Qualification Specification. Higher Apprenticeship in Business & Professional Administration Level 4 (England)

ProQual External Quality Assurance Qualifications. Level 4 Award in the External Quality Assurance of Assessment Processes and Practice

Specification. Levels Entry 1, Entry 2 and Entry 3. For first teaching September Issue 3

ProQual Internal Quality Assurance Qualifications

Pearson BTEC Level 1 Award/Certificate/ Extended Certificate/ Diploma in Vocational Studies

CIBTAC LEVEL 4 DIPLOMA IN SPA AND SALON MANAGEMENT CBD11 QAN 600/3328/9. Qualification Specification

Specification. Edexcel Entry 1

NOCN_Cskills Awards Level 1 Diploma in Construction and Civil Engineering Services (Construction)

Qualification Manual. Level 3 Diploma in NGINEERING. Fabrication and Welding. Engineering Technology. Qualification Code: 501/1131/0. Issue 2.

Level 1 Award in Employee Rights and Responsibilities (QCF)

CIBTAC LEVEL 3 CERTIFICATE IN MEDIA MAKE-UP CMC02 QAN 603/2350/4. Qualification Specification

Level 5 Award in Understanding the Management of Physical and Cyber Asset Security in the Water and Environmental Industries

Specification. Edexcel NVQ/competence-based qualifications. Edexcel Level 2 NVQ Certificate in Laundry Operations (QCF)

TQUK Level 2 Award in Principles of COSHH Risk Assessment (RQF)

Qualification Manual. EAL Level 2 Certificate in Metals Industries Processes QUALIFICATION CODE: 500/7998/0 ISSUE: 2. Page 1 of 14

LEVEL QCF. Accredited

ITC Level 3 Award in Teaching and Assessing First Aid Qualifications G50.T. Qualification Specification Guidance for Centres

NOCN_Cskills Awards Level 3 Diploma in Site Carpentry (Construction)

QCF. Business and Administration. Centre Handbook

Qualification Specification. Skills for Engineering Level 1

OCR LEVEL 1 NVQ FOR IT USERS (03384) OCR LEVEL 2 NVQ FOR IT USERS (03385) OCR LEVEL 3 NVQ FOR IT USERS (03386)

BIIAB Level 2 Certificate in Libraries, Archives and Information Services (QCF)

NOCN_Cskills Awards Level 2 NVQ Diploma in Plant Operations (Construction) - In-shore Marine

Awards and Certificates in Employability Skills (Northern Ireland) (5546)

Principles of Contact Centre Operations OCR Level 2 Certificate/Level 3 Certificate in Principles of Contact Centre Operations

Qualification Specification. Social Media and Digital Marketing (England) Advanced Apprenticeship in Social Media and Digital Marketing

TQUK Level 2 Award in Safe Moving and Handling (RQF)

SQA Advanced Unit specification: general information. Professionalism and Ethics in Computing

Title: EAL Level 2 Certificate in BusinessImprovement Techniques (QCF) At a glance. Level: Credit value: Guided learning hours: Minimum learner age:

Specification. Edexcel BTEC Level 3 Certificate/Subsidiary Diploma/Diploma in Information Technology (Specialist) (QCF) BTEC Specialist qualifications

Qualification Specification

Vocational Qualifications (QCF, NVQ, NQF) ICT Professional Competence. OCR Report to Centres

Qualification Specification

Commissioning Electrical Installations in Building Services Engineering

BTEC Centre Guide to Standards Verification

Programme Specification

Qualification Specification

Qualification Specification. Level 2 Award in Cyber Security Awareness For Business

Contact Centre Qualifications Reference Guide for Centres

OCR Level 3 Award in Administration (Business Professional) Entry code 03958

Vocational Qualifications (QCF, NVQ, NQF) Business Skills Level 1-3. OCR Report to Centres

Levels 1-3 Qualifications in Engineering (2850)

Level 3 Award in Introduction to Crime Prevention

BTEC Centre Guide to Standards Verification

Name of Regulated Qualification: BIIAB Level 2 Certificate In ICT Systems and Principles for Practitioners (QCF)

Qualification Specification Level 4 Award in Food Safety Management for Manufacturing

Provider Monitoring Report. City and Guilds

Qualification Specification. Level 2 Qualifications in Skills for Hospitality and Catering

Level 1 Certificate in Reception Services ( )

Level 5 Diploma in Crime Prevention Designing Out Crime

Level 5 Award in the Independent Auditing of External Quality Assurance. Qualification Specification

Your curriculum planning tool 2018/19

Qualification Specification. Business Administration (England) Intermediate Level Apprenticeship in Business Administration

Qualification Specification

Qualification Specification

Foundation Learning as a progression route to. Apprenticeships. The Toolkit

1 Qualification Specification

Pearson Assured Your independent quality benchmark 1/20

Post-accreditation monitoring report: British Computer Society (BCS) September 2006 QCA/06/2926

QCF. Leisure Operations. Centre Handbook. OCR Level 2 Certificate in Leisure Operations Entry code 10279

Qualification Specification

Audit Report. The Chartered Institute of Personnel and Development (CIPD)

Higher National Unit specification: general information. Graded Unit 2

QUALITY ASSURANCE POLICY. Quality Assurance Policy. September 2016 Version 2.0 Policy authorised by Responsible Officer

FUNCTIONAL SKILLS. Functional Skills in English, Maths and ICT. Levels 1 and 2. Qualification Specification. Issue B. Overview

Qualification Specification Highfield Level 2 Award in Customer Service (RQF)

COURSE SPECIFICATION

Level 2 Certificate in Asbestos Removal For Operatives (QCF)

Qualification Guide. BPEC Level 2 Award in the Principles of Metering for Renewable Heat Installations (QCF) Qualification Number - 601/5226/6

Qualification Specification

EAL Level 3 Award In Approving Electrical Installation Work in Dwellings in Compliance with Building Regulations (QCF)

Level 3 Diploma in Social Media for Business (QCF)

Qualification Specification Highfield Level 1 Award in Health and Safety within a Construction Environment (RQF)

Qualification Specification. Level 2 Award in Problem Solving for Practitioners In Community Safety and Crime Prevention

Advanced Manufacturing. and Engineering. Machining (Foundation Knowledge) Level 2 Diploma in. Qualification Specification

Audit Report. Chartered Management Institute (CMI)

Group Award Specification for:

QUALIFICATION HANDBOOK

Review number FDQ Level 2 Diploma in Bakery 603/2879/4 3 31/01/2023

BTEC. Edexcel Level 3 BTEC Nationals in Construction. Edexcel Level 3 BTEC Nationals in Civil Engineering

Qualification Specification

Qualification Specification

Qualification Specification. Level 2 Award in Cyber Security Awareness For Business

QUALIFICATION HANDBOOK

Transcription:

Pearson BTEC Level 4 Diploma in Information Security Professional Competence Specification Competence-based qualification First registration August 2014 Issue 2

Edexcel, BTEC and LCCI qualifications Edexcel, BTEC and LCCI qualifications are awarded by Pearson, the UK s largest awarding body offering academic and vocational qualifications that are globally recognised and benchmarked. For further information, please visit our qualifications website at qualifications.pearson.com. Alternatively, you can get in touch with us using the details on our contact us page at qualifications.pearson.com/contactus About Pearson Pearson is the world's leading learning company, with 35,000 employees in more than 70 countries working to help people of all ages to make measurable progress in their lives through learning. We put the learner at the centre of everything we do, because wherever learning flourishes, so do people. Find out more about how we can help you and your learners at qualifications.pearson.com This specification is Issue 2. Key changes are listed in the summary table on the next page. We will inform centres of any changes to this issue. The latest issue can be found on the Pearson website: qualifications.pearson.com This qualification was previously known as: (QCF) The QN remains the same. References to third party material made in this specification are made in good faith. Pearson does not endorse, approve or accept responsibility for the content of materials, which may be subject to change, or any opinions expressed therein. (Material may include textbooks, journals, magazines and other publications and websites.) All information in this specification is correct at time of going to publication. Ok ISBN 9781446954690 All the material in this publication is copyright Pearson Education Limited 2017

Summary of Pearson BTEC Level 4 Diploma in Information Security Professional Competence specification Issue 2 changes Summary of changes made between previous Issue 1 and this current Issue 2 Section number All references to QCF have been removed throughout the specification Throughout Definition of TQT added Section 1 Definition of sizes of qualifications aligned to TQT Section 1 TQT value added Section 2 GLH range removed and replaced with lowest GLH value for the Section 2 shortest route through the qualification Reference to credit transfer within the QCF removed Section 4 QCF references removed from unit titles and unit levels in all units Section 11 Guided learning definition updated Section 11 Earlier issue(s) show(s) previous changes. If you need further information on these changes or what they mean, contact us via our website at: qualifications.pearson.com/en/support/contact-us.html.

Contents Purpose of this specification 1 1 Introducing Pearson BTEC Competence-based qualifications 2 What are Competence-based qualifications? 2 2 Qualification summary and key information 3 Qualification number and qualification title 4 Qualification objectives 4 Relationship with previous qualifications 4 Apprenticeships 4 Progression opportunities 5 Industry support and recognition 5 Relationship with National Occupational Standards 5 3 Qualification structure 6 Pearson BTEC Level 4 Diploma in Information Security Professional Competence 6 4 Assessment 9 Assessment requirements 10 Types of evidence 10 5 Centre resource requirements 11 General resource requirements 11 6 Centre recognition and approval 12 Approvals agreement 12 7 Quality assurance of centres 13 8 Programme delivery 14 9 Access and recruitment 15 10 Access to qualifications for learners with disabilities or specific needs 16 11 Unit format 17 Unit title 17 Unit reference number 17 Level 17 Credit value 17 Guided learning hours 17 Unit aim 17 Essential resources 17

Unit assessment requirements/evidence requirements 17 Learning outcomes 18 Assessment criteria 18 Unit 101: Health and Safety in ICT 19 Unit 303: Testing the Security of Information Systems 21 Unit 304: Carrying Out Information Security Risk Assessment 24 Unit 305: Investigating Information Security Incidents 27 Unit 306: Carrying Out Information Security Incident Management Activities 29 Unit 307: Carrying Out Information Security Forensic Examinations 32 Unit 308: Carrying Out Information Security Audits 34 Unit 309: System Operation 36 Unit 310: System Management 39 Unit 311: Creating an Event-Driven Computer Program 41 Unit 312: Creating an Object-Oriented Computer Program 44 Unit 313: Creating a Procedural Computer Program 47 Unit 314: Investigating and Defining Customer Requirements for ICT Systems 50 Unit 315: User Profile Administration 53 Unit 401: Develop Own Effectiveness and Professionalism 56 Unit 403: Testing the Security of Information Systems 60 Unit 404: Carrying Out Information Security Risk Assessment 63 Unit 405: Investigating Information Security Incidents 66 Unit 407: Carrying Out Information Security Forensic Examinations 68 Unit 408: Carrying Out Information Security Audits 70 Unit 409: IT and Telecoms System Operation 73 Unit 410: IT and Telecoms System Management 77 Unit 411: Designing and Developing Event-Driven Computer Program 80 Unit 412: Designing and Developing Object-Oriented Computer Program 83 Unit 413: Designing and Developing Procedural Computer Program 86 Unit 414: Investigating and Defining Customer Requirements for ICT Systems 89 Unit 415: Carrying out Information Security Risk Management 92 12 Further information and useful publications 95 13 Professional development and training 96 14 Contact us 97

Purpose of this specification The purpose of a specification as defined by Ofqual is to set out: the qualification s objective any other qualification that a learner must have completed before taking the qualification any prior knowledge, skills or understanding that the learner is required to have before taking the qualification units that a learner must have completed before the qualification will be awarded and any optional routes any other requirements that a learner must have satisfied before they will be assessed or before the qualification will be awarded the knowledge, skills and understanding that will be assessed as part of the qualification (giving a clear indication of their coverage and depth) the method of any assessment and any associated requirements relating to it the criteria against which the learner s level of attainment will be measured (such as assessment criteria) any specimen materials any specified levels of attainment the Apprenticeship Framework in which the qualification is included, where appropriate. 1

1 Introducing Pearson BTEC Competencebased qualifications What are Competence-based qualifications? Competence-based qualifications reflect the skills and knowledge needed to do a job effectively. They are work-based qualifications that give learners the opportunity to demonstrate their competence in the area of work or job role to which the qualification relates. Competence-based qualifications are outcomes-based with no fixed learning programme, allowing flexibility in their delivery to meet the individual learner s needs. The qualifications are based on the National Occupational Standards (NOS) for the sector, which define what employees, or potential employees, must be able to do and know, and how well they should undertake work tasks and work roles. Most Competence-based qualifications form the competence component of Apprenticeship Frameworks. They are suitable for those in employment or those who are studying at college and have a part-time job or access to a substantial work placement. Most learners will work towards their qualification in the workplace or in settings that replicate the working environment. Colleges, training centres and/or employers can offer these qualifications provided they have access to appropriate physical and human resources. Sizes of Competence-based qualifications For all regulated qualifications, Pearson specify a total number of hours that it is estimated learners will require to complete and show achievement for the qualification this is the Total Qualification Time (TQT). The TQT value indicates the size of a qualification. Within the TQT, Pearson identifies the number of Guided Learning Hours (GLH) that we estimate a centre delivering the qualification might provide. Guided learning means activities, such as lessons, tutorials, online instruction, supervised study and giving feedback on performance, that directly involve tutors and assessors in teaching, supervising and invigilating learners. Guided learning includes the time required for learners to complete external assessment under examination or supervised conditions. In addition to guided learning, other required learning directed by tutors or assessors will include private study, preparation for assessment and undertaking assessment when not under supervision, such as preparatory reading, revision and independent research. As well as TQT and GLH, qualifications can also have a credit value equal to one tenth of TQT, rounded to the nearest whole number. TQT and credit values are assigned after consultation with users of the qualifications. NVQ/Competence-based qualifications are available in the following sizes: Award a qualification with a TQT value of 120 or less (equivalent to a range of 1 12 credits) Certificate a qualification with a TQT value in the range of 121 369 (equivalent to a range of 13 36 credits) Diploma a qualification with a TQT value of 370 or more (equivalent to 37 credits and above). 2

2 Qualification summary and key information Qualification title Pearson BTEC Level 4 Diploma in Information Security Professional Competence Qualification Number (QN) 601/3783/6 Accreditation start date August 2014 Certification end date December 2017 Approved age ranges 16 18 19+ Credit value 78 Please note that sector-specific requirements or regulations may prevent learners of a particular age from embarking on this qualification. Assessment Portfolio of Evidence (internal assessment) Total Qualification Time (TQT) 780 Guided learning hours 325 Grading information Entry requirements The qualification and units are at Pass grade No prior knowledge, understanding, skills or qualifications are required before learners register for this qualification. However, centres must follow the Pearson Access and Recruitment policy (see Section 9, Access and recruitment). 3

Qualification number and qualification title Centres will need to use the Qualification Number (QN) when they seek public funding for their learners. The qualification title, unit titles and QN are given on each learner s final certificate. You should tell your learners this when your centre recruits them and registers them with us. There is more information about certification in our UK Information Manual, available on our website, qualifications.pearson.com Qualification objectives The Pearson BTEC Level 4 Diploma in Information Security Professional Competence is for learners who work in, or want to work in the information security sector. It gives learners the opportunity to: demonstrate competence in relevant job roles within the information security sector develop knowledge and skills related to the specified job roles in the information security sector have existing skills recognised achieve a nationally recognised Level 4 qualification personally develop and engage in learning. Relationship with previous qualifications This is a new qualification. Apprenticeships E-skills UK includes the Pearson BTEC Level 4 Diploma in Information Security Professional Competence as the competence component for the Higher Apprenticeship in Information Security. 4

Progression opportunities Learners who have achieved the Pearson BTEC Level 4 Diploma in Information Security Professional Competence may progress to the Pearson BTEC Level 5 HND Diploma in Computing and Systems Development. Industry support and recognition This qualification is supported by e-skills UK, the Sector Skills Council for Information Technology. Relationship with National Occupational Standards This qualification is based on the e-skills UK National Occupational Standards (NOS) and the IISP (Information Security and Information Assurance Professionals) skills framework in Information Technology. 5

3 Qualification structure Pearson BTEC Level 4 Diploma in Information Security Professional Competence The learner will need to meet the requirements outlined in the table below before the qualification can be awarded. Minimum number of credits that must be achieved 78 Minimum number of credits that must be achieved at Level 4 48 Number of mandatory credits that must be achieved 15 Number of optional credits that must be achieved from Option Group 1 36 The remaining 27 credits may be achieved from: a combination of Option Group 1 and Option Group 2 OR Option Group 2 only 27 Unit Unit reference number Mandatory units All 15 credits MUST be achieved from this group Level Credit Guided learning hours 101 Y/500/7183 Health and Safety in ICT 1 3 15 401 K/601/3502 Develop own Effectiveness and Professionalism 4 12 60 Unit Unit reference number Option Group 1 units A minimum of 36 credits MUST be achieved from this group Level Credit Guided learning hours TS Testing Security No more than one unit to be completed from this section 303 T/505/5788 Testing the Security of Information Systems 403 A/505/5789 Testing the Security of Information Systems 3 12 40 4 15 60 RA Risk Assessment No more than one unit to be completed from this section 304 T/505/5791 Carrying Out Information Security Risk Assessment 404 A/505/5792 Carrying Out Information Security Risk Assessment 3 9 30 4 12 40 6

Unit Unit reference number Option Group 1 units A minimum of 36 credits MUST be achieved from this group Level Credit Guided learning hours II Investigating Information Security Incidents No more than one unit to be completed from this section 305 F/505/5793 Investigating Information Security Incidents 405 D/505/5798 Investigating Information Security Incidents 3 9 23 4 12 35 FE Forensic Examinations No more than one unit to be completed from this section 307 R/505/580 Carrying Out Information Security Forensic Examinations 407 M/505/5806 Carrying Out Information Security Forensic Examinations 3 6 10 4 9 20 SA Security Audits No more than one unit to be completed from this section 308 A/505/580 Carrying Out Information Security Audits 408 A/505/5811 Carrying Out Information Security Audits 3 6 10 4 12 30 RM Risk Management This single unit may be attempted 415 L/505/5814 Carrying Out Information Security Risk Management 4 12 40 Unit Unit reference number Option Group 2 units. A maximum of 27 credits may be taken from this group. Level Credit Guided learning hours MA Management Activities This single unit may be attempted 306 F/505/5812 Carrying Out Information Security Incident Management Activities 3 9 25 SO System Operation No more than one unit to be completed from this section 309 A/500/7340 System Operation 3 12 100 409 R/504/5513 IT and Telecoms System Operation 4 15 90 SM System Management No more than one unit to be completed from this section 7

Unit Unit reference number Option Group 2 units. A maximum of 27 credits may be taken from this group. Level Credit Guided learning hours 310 D/500/7332 System Management 3 12 100 410 M/504/5504 IT and Telecoms System Management 4 15 90 ED Event-Driven Computer Program No more than one unit to be completed from this section 311 F/601/3179 Creating an Event-Driven Computer Program 411 J/601/3300 Designing and Developing Event- Driven Computer Program 3 12 90 4 15 90 OO Object-Oriented Computer Program No more than one unit to be completed from this section 312 L/601/3184 Creating an Object-Oriented Computer Program 412 T/601/3308 Designing and Developing Object- Oriented Computer Program 3 12 90 4 15 90 CP Creating a Procedural Computer Program No more than one unit to be completed from this section 313 R/601/3171 Creating a Procedural Computer Program 413 T/601/3311 Designing and Developing Procedural Computer Program 3 12 90 4 15 90 ID Investigating and Defining No more than one unit to be completed from this section 314 R/601/3249 Investigating and Defining Customer Requirements for ICT Systems 414 R/602/1772 Investigating and Defining Customer Requirements for ICT Systems 3 12 75 4 15 90 UP User Profile Administration This single unit may be attempted 315 K/500/7379 User Profile Administration 3 9 80 8

4 Assessment This qualification is assessed through an externally verified Portfolio of Evidence that consists of evidence gathered during the course of the learner s work. To achieve a Pass for the full qualification, the learner must achieve all the required units in the stated qualification structure. Each unit has specified learning outcomes and assessment criteria. To pass each unit the learner must: achieve all the specified learning outcomes satisfy all the assessment criteria by providing sufficient and valid evidence for each criterion prove that the evidence is their own. The learner must have an assessment record that identifies the assessment criteria that have been met, and it should be cross-referenced to the evidence provided. The assessment record should include details of the type of evidence and the date of assessment. The unit specification or suitable centre documentation can be used to form an assessment record. It is important that the evidence provided to meet the assessment criteria of the unit and learning outcomes is: Valid Authentic Current Reliable Sufficient relevant to the standards for which competence is claimed produced by the learner sufficiently recent to create confidence that the same skill, understanding or knowledge persist at the time of the claim indicates that the learner can consistently perform at this level fully meets the requirements of the standards. Learners can provide evidence of occupational competence from: current practice where evidence is generated from a current job role a programme of development where evidence comes from assessment opportunities built into a learning programme. the Recognition of Prior Learning (RPL) where a learner can demonstrate that they can meet the assessment criteria within a unit through knowledge, understanding or skills they already possess without undertaking a course of development. They must submit sufficient, reliable, authentic and valid evidence for assessment. Evidence submitted based on RPL should provide confidence that the same level of skill/understanding/knowledge exists at the time of claim as existed at the time the evidence was produced. RPL is acceptable for accrediting a unit, several units, or a whole qualification. Further guidance is available in the policy document Recognition of Prior Learning Policy and process, available on our website: qualifications.pearson.com a combination of these. 9

Assessment requirements Learners must provide evidence according to the requirements stated in the unit. Types of evidence To achieve a unit, the learner must gather evidence that shows that they have met the required standard specified in the assessment criteria. The evidence for this qualification can take a variety of forms as indicated below: direct observation of the learner s performance by their assessor (O) outcomes from oral or written questioning (Q&A) products of the learner s work (P) personal statements and/or reflective accounts (RA) outcomes from simulation (S) professional discussion (PD) assignment, project/case studies (A) authentic statements/witness testimony (WT) expert witness testimony (EWT) evidence of Recognition of Prior Learning (RPL). Learners can use the abbreviations for cross-referencing purposes in their portfolios. Learners can also use one piece of evidence to prove their knowledge, skills and understanding across different assessment criteria and/or across different units. It is not necessary for learners to have each assessment criterion assessed separately. They should be encouraged to reference evidence to the relevant assessment criteria. Evidence must be available to the assessor, internal verifier and Pearson standards verifier. Any specific evidence requirements for individual units are stated in the unit introductions to the units. There is further guidance about assessment on our website. Please see Section 10 for details. 10

5 Centre resource requirements As part of the approval process, centres must make sure that the resource requirements below are in place before offering the Pearson BTEC Level 4 Diploma in Information Security Professional Competence. General resource requirements Centres must have the appropriate physical resources to support both the delivery and assessment of the qualification (for example, a workplace in line with industry standards, equipment, IT, learning materials and teaching rooms). Where permitted, a Realistic Working Environment (RWE) must offer the same conditions as the normal day-to-day working environment, with a similar range of demands, pressures and requirements for cost-effective working. Centres must meet any specific human and physical resource requirements. Staff assessing learners must meet the occupational competence requirements. There must be systems in place to ensure the continuing professional development for staff delivering the qualification. Centres must have appropriate health and safety policies, procedures and practices in place for the delivery of the qualification. Centres must deliver the qualifications in accordance with current equality legislation. For further details on Pearson s commitment to the Equality Act 2010, please see Section 9 Access and recruitment and Section 10 Access to qualifications for learners with disabilities or specific needs. For full details of the Equality Act 2010, please go to www.legislation.gov.uk 11

6 Centre recognition and approval Centres that have not previously offered this Pearson qualification need to apply for, and be granted, centre recognition as part of the process for approval to offer this individual qualification. Guidance on seeking approval to deliver BTEC qualifications is given on our website, qualifications.pearson.com Approvals agreement All centres are required to enter into an approval agreement that is a formal commitment by the head or principal of a centre to meet all the requirements of the specification and any associated codes, conditions or regulations. Pearson will act to protect the integrity of the awarding of qualifications. If centres do not comply with the agreement, this could result in the suspension of certification or withdrawal of approval. 12

7 Quality assurance of centres Quality assurance is at the heart of vocational qualifications. Centres will internally assess Competence-based qualifications using internal quality assurance procedures to ensure standardisation of assessment across all learners. Pearson uses external quality assurance procedures to check that all centres are working to national standards. It gives us the opportunity to identify and provide support, if needed, to safeguard certification. It also allows us to recognise and support good practice. For the qualifications in this specification, the Pearson quality assurance model is as described below. Centres offering Pearson BTEC Competence-based qualifications will at least receive two standards verification visits per year. The exact frequency and duration of standards verifier visits must reflect the centre s performance, taking account of the number: of assessment sites and throughput of learners and turnover of assessors and turnover of internal verifiers. For centres offering a full Pearson Apprenticeship (i.e. all elements of the Apprenticeship are delivered with Pearson through registration of learners on a Pearson Apprenticeship framework) a single standards verifier will be allocated to verify all elements of the Pearson Apprenticeship programme. If a centre is also offering stand-alone Competence-based qualifications in the same sector as a full Pearson Apprenticeship, the same standards verifier will be allocated. In order for certification to be released, confirmation is required that the National Occupational Standards (NOS) for assessment, for internal verification and for the specific occupational sector are being consistently met. Centres are required to declare their commitment to ensuring quality and to providing appropriate opportunities for learners that lead to valid and accurate assessment outcomes. For further details, please go to the UK NVQ Quality Assurance Centre Handbook and the Pearson Edexcel NVQs, SVQs and Competence-based qualifications Delivery Requirements and Quality Assurance Guidance on our website, at qualifications.pearson.com. 13

8 Programme delivery Centres are free to offer the qualifications using any mode of delivery (for example full-time, part-time, evening only, distance learning) that meets learners needs. Centres must have due regard to Pearson s policies that may apply to different modes of delivery. Those planning the programme should aim to address the occupational nature of the qualification by: engaging with learners, initially, through planned induction, and subsequently through the involvement of learners in planning for assessment opportunities using naturally occurring workplace activities and products to present evidence for assessment against the requirements of the qualification developing a holistic approach to assessment by matching evidence to different assessment criteria, learning outcomes and units, as appropriate, thereby reducing the assessment burden on learners and assessors taking advantage of suitable digital methods to capture evidence. 14

9 Access and recruitment Pearson s policy regarding access to its qualifications is that: they should be available to everyone who is capable of reaching the required standards they should be free from any barriers that restrict access and progression there should be equal opportunities for all wishing to access the qualifications. Centres must ensure that their learner recruitment process is conducted with integrity. This includes ensuring that applicants have appropriate information and advice about the qualification to ensure that it will meet their needs. Centres should review applicants prior qualifications and/or experience, considering whether this profile shows that they have the potential to achieve the qualification. For learners with disabilities and specific needs, this review will need to take account of the support available to the learner during teaching and assessment of the qualification. The review must take account of the information and guidance in Section 10 Access to qualifications for learners with disabilities or specific needs. 15

10 Access to qualifications for learners with disabilities or specific needs Equality and fairness are central to our work. Pearson s Equality Policy requires all learners to have equal opportunity to access our qualifications and assessments. It also requires our qualifications to be awarded in a way that is fair to every learner. We are committed to making sure that: learners with a protected characteristic (as defined by the Equality Act 2010) are not, when they are undertaking one of our qualifications, disadvantaged in comparison to learners who do not share that characteristic all learners achieve the recognition they deserve from undertaking a qualification and that this achievement can be compared fairly to the achievement of their peers. Learners taking a qualification may be assessed in British Sign Language or Irish Sign Language where it is permitted for the purpose of reasonable adjustments. Further information on access arrangements can be found in the Joint Council for Qualifications (JCQ) document Access Arrangements, Reasonable Adjustments and Special Consideration for General and Vocational qualifications. Details on how to make adjustments for learners with protected characteristics are given in the document Pearson Supplementary Guidance for Reasonable Adjustment and Special Consideration in Vocational Internally Assessed Units. Both documents are on our website at: qualifications.pearson.com 16

11 Unit format Units have the following sections. Unit title This is the formal title of the unit that will appear on the learner s certificate. Unit reference number Each unit is assigned a unit reference number that appears with the unit title on the Register of Regulated Qualifications. Level All units and qualifications have a level assigned to them. The level assigned is informed by the level descriptors defined by Ofqual, the qualifications regulator. Credit value When a learner achieves a unit, they gain the specified number of credits. Guided learning hours Guided Learning Hours (GLH) is the number of hours that a centre delivering the qualification needs to provide. Guided learning means activities that directly or immediately involve tutors and assessors in teaching, supervising, and invigilating learners, for example lectures, tutorials, online instruction and supervised study. Unit aim This gives a summary of what the unit aims to do. Essential resources This section lists any specialist resources needed to deliver the unit. The centre will be asked to make sure that these resources are in place when it seeks approval from Pearson to offer the qualification. Unit assessment requirements/evidence requirements Learners must provide evidence according to each of the requirements stated in this section. 17

Learning outcomes The learning outcomes of a unit set out what a learner knows, understands or is able to do as the result of a process of learning. Assessment criteria Assessment criteria specify the standard required by the learner to achieve each learning outcome. 18

Unit 101: Health and Safety in ICT Unit reference number: Y/500/7183 Level: 1 Credit value: 3 Guided learning hours: 15 Unit aim This unit explores compliance with health and safety legislation when working in ICT. The basis of health and safety law is the Health and Safety at Work Act 1974. The act sets out the general duties that employers have towards employees and members of the public, and employees have to themselves and to each other. What the law requires here is what good management and common sense would lead individuals and organisations to do anyway: that is, identify risks and take sensible measures to tackle them. Health and safety legislation impacts not only on those who are employed at work, but on visitors, bystanders and customers who may be affected by actions of those engaged in work activities. Health and safety legislation is subject to constant review, and new legislation is introduced on a regular basis. This constant change must be monitored by organisations and individuals to identify actions required to remain compliant. Interpretation of the legislation may also be modified as a result of case law or other legal guidance. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 19

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Be able to comply with relevant health and safety procedures 1.1 Identify relevant organisational health and safety procedures 1.2 Identify available sources of health and safety information 1.3 Demonstrate how relevant health and safety procedures have been followed Learner name: Learner signature: Assessor signature: Internal verifier signature: (if sampled) 20

Unit 303: Testing the Security of Information Systems Unit reference number: T/505/5788 Level: 3 Credit value: 12 Guided learning hours: 40 Unit aim On completion of this unit, learners will be able to conduct security tests and be able to report the results of tests using standard documents. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 21

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Be able to conduct security testing 1.1 Develop test scripts for specified information assurance requirements testing 1.2 Create plans that ensure that specified information assurance requirements are tested 1.3 Implement specified preparations prior to carrying out tests 1.4 Apply specified test methods, tools and techniques following organisational procedures 1.5 Record the results of tests using standard documentation 1.6 Implement specified activities following the completion of testing 2 Be able to report on test results 2.1 Examine the results of testing to identify security vulnerabilities 2.2 Prioritise identified vulnerabilities against specified information assurance requirement 2.3 Report any high priority vulnerabilities to the relevant persons following organisational procedures 2.4 Identify the type of actions required to mitigate identified vulnerabilities 2.5 Report the results of test activities using standard documentation following organisational procedures 22

Learner name: Learner signature: Assessor signature: Internal verifier signature: (if sampled) 23

Unit 304: Carrying Out Information Security Risk Assessment Unit reference number: T/505/5791 Level: 3 Credit value: 9 Guided learning hours: 30 Unit aim On completion of this unit, learners will be able to gather information, assess and report on the risks to information security. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 24

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Be able to gather information on information security risks 1.1 Verify the scope of information assets and system components to be assessed with relevant persons 1.2 Use specified investigative methods following organisational procedures 1.3 Gather information to enable the security of specified information assets and system components to be assessed 1.4 Record all gathered information using standard documentation 2 Be able to assess and report on information security risks 2.1 Examine gathered information to identify risks to the security of specified information assets and system components 2.2 Categorise the priority of identified risks by determining their probability of occurrence and potential impact 2.3 Report high priority risks to the relevant persons following organisational procedures 2.4 Determine the types of actions required to mitigate identified risks 2.5 Report the results of risk assessment activities using standard documentation following organisational procedures 25

Learner name: Learner signature: Assessor signature: Internal verifier signature: (if sampled) 26

Unit 305: Investigating Information Security Incidents Unit reference number: F/505/5793 Level: 3 Credit value: 9 Guided learning hours: 23 Unit aim On completion of this unit, learners will be able to gather information to investigate, identify and report information security incidents. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 27

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Be able to gather information to investigate information security incidents 2 Be able to investigate information security incidents 1.1 Identify the information assets and system components that may be impacted by detected incidents 1.2 Verify the scope of detected incidents with relevant persons 1.3 Obtain and preserve evidence relating to detected incidents 2.1 Undertake agreed investigative actions 2.2 Examine how access to the affected information assets and system components was obtained 2.3 Report to the relevant persons any incidents for which the mode of access cannot be identified 2.4 Make recommendations on the need for detailed forensic examinations 2.5 Report on incident investigation activities using standard documentation 2.6 Follow organisational procedures for investigation activities Learner name: Learner signature: Assessor signature: Internal verifier signature: (if sampled) 28

Unit 306: Carrying Out Information Security Incident Management Activities Unit reference number: F/505/5812 Level: 3 Credit value: 9 Guided learning hours: 25 Unit aim On completion of this unit, learners will be able to carry out information security incident management activities and be able to gather information to manage incidents in information security. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 29

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Be able to gather information to manage information security incidents 1.1 Follow organisational procedures for the detection and classification of incidents 1.2 Identify the information assets and system components that may be impacted by detected incidents 1.3 Verify the scope of detected incidents with relevant persons 1.4 Obtain information and data on incidents to assess their impact on information assets and system components 2 Be able to carry out information security incident management activities 2.1 Identify types of actions required to resolve incidents or mitigate their impact 2.2 Report any incidents that cannot be resolved or mitigated to the relevant persons following organisational procedures 2.3 Make recommendations for specific actions to be taken to respond to incidents 2.4 Report on incident management activities using standard documentation following organisational procedures 2.5 Follow organisational procedures for the closure of incidents 30

Learner name: Learner signature: Assessor signature: Internal verifier signature: (if sampled) 31

Unit 307: Carrying Out Information Security Forensic Examinations Unit reference number: R/505/5801 Level: 3 Credit value: 6 Guided learning hours: 10 Unit aim This unit provides the relevant skills and methods for applying forensic examinations. On completion of this unit, learners will be able to report and undertake specific actions to secure relevant information in information security. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 32

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Be able to carry out information security forensic examinations 1.1 Follow organisational procedures for forensic examinations 1.2 Undertake specified actions to secure information assets and system components subject to actual or attempted breaches of security 1.3 Apply forensic methods to examine specified system information for evidence of actual or attempted breaches of security policy or legislation 1.4 Report any identified sources of actual or attempted breaches of security to the relevant persons 1.5 Use specified tools to analyse the integrity of software 1.6 Report on forensic examination activities using standard documentation Learner name: Learner signature: Assessor signature: Internal verifier signature: (if sampled) 33

Unit 308: Carrying Out Information Security Audits Unit reference number: A/505/5808 Level: 3 Credit value: 6 Guided learning hours: 10 Unit aim On completion of this unit, learners will be able to report, examine and follow organisational procedures on audit activities in information security. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 34

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Be able to carry out information security audit activities 1.1 Verify the scope of information assets and system components to be audited with relevant persons 1.2 Use specified audit methods to obtain information and data relating to information assets and system components to assess security compliance 1.3 Examine information and data relating to information assets and system components to assess security compliance 1.4 Report any security non-compliance to the relevant persons 1.5 Report on audit activities using standard documentation 1.6 Follow organisational procedures for information security audits Learner name: Learner signature: Assessor signature: Internal verifier signature: (if sampled) 35

Unit 309: System Operation Unit reference number: A/500/7340 Level: 3 Credit value: 12 Guided learning hours: 100 Unit aim System operation is the ability to operate and monitor a system, which can be any combination of equipment, hardware and software. This may include: using data backup and restore routines handling of incidents controlling and monitoring availability and performance of system components start-up/close-down routines scheduling routine or preventative maintenance maintenance of operating plans and schedules. Examples of operational activities are: replenishment of consumables routine or preventative maintenance data backups. A competent person at Level 3 can maintain and implement system operating procedures. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 36

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Know how to operate the system 1.1 Explain the operating procedures that are applicable to the system, such as: required service levels (e.g. availability, quality) routine maintenance monitoring data integrity (e.g. backups, antivirus) consumables use, storage and disposal health and safety escalation information recording and reporting obtaining work permissions security and confidentiality 1.2 Describe system functionality during normal operation 1.3 Describe the effects of operational activities on system functionality 37

Learning outcomes Assessment criteria Evidence type Portfolio reference Date 2 Be able to operate systems 2.1 Use and operate the system following appropriate procedures 2.2 Identify system faults and resolve or escalate system faults as appropriate 2.3 Gather and record specified operational information 2.4 Assess and minimise risks such as: loss or corruption of data loss of service damage to equipment effects on customer operations 3 Be able to maintain and implement system operating procedures 3.1 Provide advice and guidance on system operation to immediate colleagues 3.2 Select the procedures to be followed 3.3 Schedule operational activities to minimise disruption to system functionality 3.4 Collate operational information Learner name: Learner signature: Assessor signature: Internal verifier signature: (if sampled) 38

Unit 310: System Management Unit reference number: D/500/7332 Level: 3 Credit value: 12 Guided learning hours: 100 Unit aim System management is the ability to manage ICT systems to ensure that they deliver the required functionality and capacity. A system can be any combination of equipment, hardware and software. System management could involve changing system configuration to meet shortterm fluctuations in demand (for example, high numbers of calls to specific telephone numbers). It could also involve longer-term changes such as increasing resources (for example, processing or storage capacity) to meet anticipated needs and taking account of advances in technology. A competent person at Level 3 can administer a system. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 39

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Understand how to administer a system 1.1 Describe how to configure the system 1.2 Describe ICT asset and configuration information applicable to the system such as: physical attributes (e.g. manufacturer, type, revision, serial number, location, value) configuration (e.g. physical and logical addresses, options set, connections) 1.3 Describe how available options for system configuration affect functionality and capacity 2 Be able to administer a system and change system configurations 2.1 Select configuration options to optimise system functionality and capacity 2.2 Make changes to system configuration 2.3 Specify items for which ICT asset and configuration information is to be recorded Learner name: Learner signature: Assessor signature: Internal verifier signature: (if sampled) 40

Unit 311: Creating an Event- Driven Computer Program Unit reference number: F/601/3179 Level: 3 Credit value: 12 Guided learning hours: 90 Unit aim This unit covers the more advanced concepts of event-driven computer languages and their use to implement, refine and test computer programs. Unit assessment requirements/evidence requirements This unit is assessed in the workplace. Learners can enter the types of evidence they are presenting for assessment and the submission date against each assessment criterion. Alternatively, centre documentation should be used to record this information. 41

Learning outcomes and assessment criteria To pass this unit, the learner needs to demonstrate that they can meet all the learning outcomes for the unit. The assessment criteria determine the standard required to achieve the unit. Learning outcomes Assessment criteria Evidence type Portfolio reference Date 1 Be able to implement a software design using event-driven programming 1.1 Identify the screen components and data and file structures required to implement a given design 1.2 Select, declare and initialise variable and data structure types and sizes to implement design requirements 1.3 Select and assign properties to screen components to implement design requirements 1.4 Select and associate events (including parameter passing) to screen components to implement design requirements 1.5 Implement event handling using control structures to meet the design algorithms 1.6 Select and declare file structures to meet design file storage requirements 1.7 Select and use standard input/output commands to implement design requirements 1.8 Make effective use of operators and predefined functions 1.9 Make effective use of an integrated development environment (IDE) including code and screen templates 42

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback