Model Curriculum › sites › default › files › MC_SSCQ0904...2018/12/17 · 1 Model Curriculum Analyst Identity and Access Management SECTOR: SUB-SECTOR: OCCUPATION: REF ID:

Analyst Identity and Access Management

1

Model Curriculum


SECTOR: SUB-SECTOR: OCCUPATION:

REF ID:

NSQF LEVEL:

IT-ITeS IT SERVICES INFORMATION/CYBER SECURITY SSC/Q0904, V1.0 7



TABLE OF CONTENTS

1. Curriculum 01

2. Trainer Prerequisites 12

3. Annexure: Assessment Criteria 13

Analyst Identity and Access Management 1

Analyst Identity and Access Management CURRICULUM / SYLLABUS

This program is aimed at training candidates for the job of a “Analyst Identity and Access Management”, in the “IT-ITeS Sector/Industry” and aims at building the following key competencies amongst the learner

Program Name Analyst Identity and Access Management

Qualification Pack Name & Reference ID. ID

SSC/Q0904, v1.0

Version No. 1.0 Version Update Date

Pre-requisites to Training

Graduate in Science/ Computer Science/Electronics and Engineering /Information Technology

Training Outcomes After completing this programme, participants will be able to:

Implement and maintain identity and access management solutions in line with organizational policies and standards.

Provision access rights at the computing system for users and resources.

Conduct assessment and reconciliation of access rights at the computing systems for users and resources.

Manage your work to meet requirements.

Work effectively with colleagues.

Maintain a healthy, safe and secure working environment.

Provide data/information in standard formats.

Develop your knowledge, skills and competence.


This course encompasses 8 out of 8 National Occupational Standards (NOS) of “Analyst Identity and Access Management” Qualification Pack issued by “IT-ITeS SSC”.

Sr. No.

Module Key Learning Outcomes Equipment Required

1 IT-ITES/BPM Industry – An Introduction Theory Duration (hh:mm) 15:00 Practical Duration (hh:mm) 15:00 Corresponding NOS Code Bridge Module

Explain relevance of the IT-ITES

industry.

State the various sub-sectors in the

IT-ITES sector.

Explain the relevance of IT

services sector.

State the various occupations and

tracks in the IT-ITES sector.

Provide a general overview of the

IT services sub-sector.

State the profile of the IT services

sub-sector.

Describe the key trends in the IT

services sub-sector.

List roles in the IT services sub-

sector.

Whiteboard and Markers.

LCD Projector and Laptop

for presentations.

Lab equipped with the

PCs/Laptops and Internet

with WiFi (Min 2 Mbps

Dedicated).

Chart paper and sketch

pens.

2 Information/Cyber Security – An Introduction Theory Duration (hh:mm) 15:00 Practical Duration (hh:mm) 15:00 Corresponding NOS Code Bridge Module

Explain the relevance of cyber

security in the society.

Provide an introduction to the job

role/qualification pack – Analyst

IDAM.

List the range of skills and

behaviour, expected from Analyst

IDAM.

List the responsibilities of an

Analyst IDAM.

State the growth opportunities for

an Analyst IDAM.

Provide a general overview of

information/cyber security and its

roles.

Draw a career map for

Information/cyber security.




Dedicated).


Chart paper and sketch

pens.

3 Fundamental Concepts Theory Duration (hh:mm) 25:00 Practical Duration (hh:mm) 20:00 Corresponding NOS Code SSC/N0914

Explain basic cyber security

concepts such as the importance of

confidentiality, integrity and

availability for information systems,

common types of malicious code

(virus, trojan, logic bomb, worm,

spyware, malware, DdoS attacks,

phishing), types of threats facing

the information security of

individuals and organisations,

sources of threats to information

security in terms of opportunity

Whiteboard and markers.

LCD projector and laptop

for presentation.




Dedicated).


Sr. No.


ability and motive, etc., principles

of data security, how

vulnerabilities can be identified and

resolved.

Explain relevant networking

concepts, devices and

terminologies.

Explain information technology (IT)

security principles and methods

(e.g., firewalls, demilitarized zones,

encryption)

4 Introduction to Identity and Access Management Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N0914

Explain the various functions of

identity and access management.

Describe the various components

of identity and access

management.

Describe relevant IDAM

technologies and protocols such as

directory services, lightweight

directory access protocol (LDAP),

digital cards, biometrics, human

interface device (HID), web

services, digital identities,

password managers, single sign-on

(SSO), multi factor authentication

(MFA), security token services

(STS), IP geo-location, device

authentication, mutual

authentication, workflows, OpenID,

WS-Security, WS-Trust, Open

Authorization (OAuth), role-based

access control (RBAC), security

assertion markup language

(SAML), enterprise resource

planning (ERP), systems

applications and products (SAP)

and application programming

interface (API) gateways.



for presentations.

Lab with key devices,

software and hardware in

a network that includes but

is not limited to-

application of IDAM.

5 Preparing for IDAM Implementation Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm)

Review the usage of existing IDAM

technologies and protocols and

logical physical access to assess

risks w.r.t business and security

objectives.

Consult with engineering teams in

the areas of authentication

mechanism for its usage in



for presentations.



a network that includes but

is not limited to-

application of IDAM.


Sr. No.


25:00 Corresponding NOS Code SSC/N0914

channels such as web, mobile,

applications.

Receive specifications and

organisational policy and standards

for information technology and data

related identity and access

management from authorised

sources.

Define user roles and access

controls necessary for application

usage and data access in line with

organisational policies.

6 Implementation of IDAM Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N0914

Identify access and apply identity

and access management tools and

methods across the SDLC

lifecycle.

Provide logical physical access as

per security policy.

Configure and implement custom

extensions to identity and access

management security tools in order

to meet organisational

requirements.

Implement account provisioning

processes to ensure that user

account creation and access to

software and data is consistent,

simple to administer and in line

with organisational policies and

standards.

Implement authentication

mechanisms as per specifications.

Incorporate identity and access

management program controls in

all relevant system in co-ordination

with application owners.

Implement upgrades and manage

patch status for identity and access

management systems in line with

organisational standards.

Implement local network usage

policies and procedures.

Install and configure middleware

for the solution in application server

and database layer, as per

specifications.



for presentations.

IDAM technologies and

protocols that include

Active Directory; Directory

Services; LDAP; Digital

Cards, Biometrics; Human

Interface Device (HID);

Web Services; Digital

Identities; Password

Managers; Single Sign-on

(SSO); Multi Factor;

Authentication (MFA);

Security Token Services

(STS); IP Geo-location;

Device authentication;

Mutual Authentication;

Workflows; OpenID; WS-

Security, WS-Trust; Open

Authorization (OAuth)

Security Assertion; Markup

Language (SAML);

Enterprise resource

planning (ERP); Systems

Applications and Products

(SAP); Application

programming interface;

(API) Gateways.


Sr. No.


Install server files, updates, and

enhancements as per

specifications.

7 Maintenance of IDAM Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N0914

Maintain identity and access

management services in line with

organisational needs.

Monitor and maintain server

configuration.

Manage server resources including

performance, capacity, availability,

serviceability, and recoverability.

Maintain baseline system security

according to organizational

policies.

Administer fixes, patches, &

recovery procedures specified in

the event of a security breach.

Customize identity and access

management solutions as per

requirement specified by

authorised personnel.

Assist with identity and access

management integration across

systems and applications to meet

business requirements.



for presentations.



a network that includes

IDAM technologies and

protocols of Role-based

access control (RBAC).

8 Provision access rights at the computing system for users and resources Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N0915

Create, modify and delete identity

and standard profiles as per

organisational policy on the identity

manager software for users,

systems and computers.

Create standard profiles for groups

of users as per organisational

policy.

Receive user access requests in

specified formats with due

authorisations.

Create and modify, delete system

access IDs for various systems.

Ensure adherence to laid out

procedures to add, transfer, or

delete an employee’s accessibility

to information resources.

Assign appropriate user

permissions and logical physical

access as per specifications and in



for presentations.



a network with use of

various Network Protocols.

Provision for working with

Directory Services, LDAP

protocol, Active Directory.


Sr. No.


line with identity and access control

policies.

Ensure proper permissions are

enforced on user directories,

distribution lists, mailboxes, folders,

and files too.

Provide guidance on user profiles

to immediate colleagues.

Manage accounts, network rights,

and access to systems and

equipment.

Process access requests according

to standard operating procedures

and service level commitments.

Ensure that internal and external

customer needs are met to service

level agreement.

Meet time and quality commitments

as per organisational performance

standards.

Provide guidance and suggestions

as appropriate.

Complete own assigned tasks and

activities to defined standards and

timelines.

Correctly follow and apply the

policies and standards relating to

information security identity and

access management activities.

9 Conduct assessment and reconciliation of access rights at the computing systems for users and resources Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N0916

Obtain information or raw data from

existing repositories.

Mine or discover roles based on

existing access rights and

entitlements data for applications,

email, system assets, file

repositories and devices used by

the organization's employees and

other stakeholders.

Compare the as-is situation for

access with defined access for

roles as per policy.

Validate against master data from

ERP/SAP.

Eliminate conflicts and complete

missing information.

Indicate requirement of roles

access rights and entitlements

adjustment where there are

discrepancies between as-is



for presentations.

Samples of the

tools/templates.




Dedicated).


Sr. No.


situation for access and defined

access as per policy.

Obtain a validation for the

adjustments done by the role

custodian from the business unit.

Consult with human resource

management function, information

security function or business

stakeholders and ratify data.

Clean up and streamline privileges

and group definitions in

consultation with human resource

management function, information

security function or business

stakeholders.

Produce report of the assessment

and reconciliation activities

undertaken and the outcome of

exercise for internal audit and

business / application owners.

Ensure communication is sent to all

users whose role access rights and

entitlements have been changed,

either through the tool or other

means.

Conduct regular assessments of

access rights, application

entitlements, generic, service

accounts, special-access and

administrative accounts.

Ensure adherence to laid out

procedures to add, transfer, or

delete an employee’s accessibility

to information resources.

Assign appropriate user

permissions as per specifications

and in line with identity and access

control policies.

Administer user directories,

distribution lists, mailboxes, folders,

and files.

Manage directory structures to

ensure proper permissions are

enforced.

Complete own assigned tasks and

activities to defined standards and

timelines.

Correctly follow and apply the

policies and standards relating to

information security identity and

access management activities.


Sr. No.


10 Manage your work to meet requirements Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N9001

Establish and agree to your work

requirements with appropriate

people.

Keep your immediate work area

clean and tidy.

Utilize your time effectively.

Treat confidential information

correctly.

Work in line with your

organization’s policies and

procedures.

Obtain guidance from appropriate

people, where necessary.


LCD Projector and Laptop for presentations.

Training organization’s confidentiality policy.

11 Work effectively with colleagues Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N9002

Communicate with colleagues

clearly, concisely and accurately.

Pass on essential information to

colleagues in line with

organizational requirements.

Work in ways that show respect for

colleagues.

Carry out commitments you have

made to colleagues.

Identify any problems you have

working with colleagues and take

the initiative to solve these

problems.



for presentations.

Provision to write emails

and send in the lab.

Lab with provision for

internet, email, word

processor and

presentation software.

Chart paper, markers,

picture magazines and old

newspapers.

12 Maintain a healthy, safe and secure working environment Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N9003

Comply with your organization’s

current health, safety and security

policies and procedures.

Report any identified breaches in

health, safety, and security policies

and procedures to the designated

person.

Identify and correct any hazards

that you can deal with safely,

competently and within the limits of

your authority.

Report any hazards that you are

not competent to deal with to the

relevant person in line with

organizational procedures and

warn other people who may be

affected.

Follow your organization’s

emergency procedures promptly,

calmly, and efficiently.

Identify and recommend

opportunities for improving health,

Whiteboard and Markers


for presentations

The training organization’s

current health, safety and

security policies and

procedures

Provision for online

research in the Lab

A sample health and

safety policy document

Emergency broadcast

system and mock

emergency signage in the

appropriate areas of the

training institute


Sr. No.


safety, and security to the

designated person.

Complete any health and safety records legibly and accurately.

13 Provide data/information in standard formats Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N9004

Establish and agree with

appropriate people the data/

information you need to provide,

the formats in which you need to

provide it, and when you need to

provide it.

Obtain the accurate, complete and

up-to-date data/information from

reliable sources.

Obtain advice or guidance from

appropriate people where there are

problems with the data/information.

Carry out rule-based analysis of

the data/information, if required

Report any unresolved anomalies

in the data/information to

appropriate people.



for presentations.

Provision for online

research in the lab.

14 Develop knowledge, skills and competence Theory Duration (hh:mm) 20:00 Practical Duration (hh:mm) 25:00 Corresponding NOS Code SSC/N9005

Obtain advice and guidance from

appropriate people to develop your

knowledge, skills and competence.

Identify accurately the knowledge

and skills you need for your job role

and benchmark your current level

of knowledge, skills and

competence with any learning and

development needs.

Agree with appropriate people a

plan of learning and development

activities to address your learning

needs.

Undertake learning and

development activities in line with

your plan.

Apply your new knowledge and

skills in the workplace, under

supervision.



for presentations.

Provision for online access

to all students in the lab.

Total Duration Theory Duration 275:00 Practical Duration 325:00

Unique Equipment Required: Training room should be fully furnished with the following equipment / tools / accessories. Additional / specific resources, wherever applicable (e.g. Hardware, software) are indicated in the main text corresponding to relevant learning outcome. For Domain NOS:

Lab equipped with the following:


Sr. No.


o PCs/Laptops and Internet with Wi-Fi (Min 2 Mbps Dedicated),

o Software and hardware in a large network, o Application of host network access controls, servers, etc.

IDAM technologies and protocols: o Role-based access control (RBAC), o Active Directory, o Directory Services, o LDAP, o Digital Cards, o Biometrics, o Human Interface Device (HID), o Web Services, o Digital Identities, o Password Managers, o Single Sign-on (SSO), o Multi Factor, o Authentication (MFA), o Security Token Services (STS), o IP Geo-location, o Device authentication, o Mutual Authentication, o Workflows, o OpenID, o WS-Security, o WS-Trust, o Open Authorization (OAuth), o Security Assertion, o Markup Language (SAML), o Enterprise resource planning (ERP), o Systems Applications and Products (SAP), o Application programming interface, (API) Gateways.

Provision for working with Directory Services,

Samples of the tools/templates,

Training organization’s confidentiality policy,

Provision to write emails and send in the lab,

Provision for online research in the Lab,

The training organization’s current health, Safety and security policies and procedures,

A sample health and safety policy document,

Emergency broadcast system and mock emergency signage in the appropriate areas of the training institute,

General:

Comfortable seats with adequate lighting, controlled temperature and acoustics for training and learning.

White Board, Markers and Eraser.

Projector with screen.

Flip chart with markers.

Faculty PC/Laptop with latest configuration and internet connection.

Supporting software / applications for projecting audio, video, recording.

Presentation Tools to support learning activities:


Sr. No.


o Intranet o Email o IMs o Learning management system e.g. Moodle,

Blackboard to enable blended learning.

Microphone / voice system for lecture and class activities.

Handy Camera.

Stationery kit – Staples, Glue, Chart Paper, Sketch Pens, Paint Box, Scale, A4 Sheets.

For IT Lab sessions: Computer Lab with 1:1 PC: trainee ratio and having internet connection, MS Office / Open office, Browser, chat tools.

Assessment and Test Tools for day to day online Tests and Assessments.

For team discussions: Adequate seating arrangement in full / half circle format for one or more teams as per planned team composition.

Reading Resources: Access to relevant sample documents and learning forums to enable self-study before and after each training session.

Grand Total Course Duration: 600 Hours, 0 Minutes


Trainer Prerequisites for Job role: “Analyst Identity and Access Management” mapped to Qualification Pack: “SSC/Q0904, v1.0”

Sr. No.

Area Details

1 Description To deliver accredited training service, mapping to the curriculum detailed above, in accordance with the Qualification Pack “SSC/Q0904, Version 1.0”.

2 Personal Attributes

Aptitude for conducting training, and pre/ post work to ensure competent, Employable candidates at the end of the training. Strong communication skills, interpersonal skills, ability to work as part of a team; a passion for quality and for developing others; well-organised and focused, eager to learn and keep oneself updated with the latest in this field.

3 Minimum Educational Qualifications

Graduate in Science/ Computer Science/Electronics and Engineering /Information Technology.

4a Domain Certification

Certified for job role “Analyst Identity and Access Management” mapped to Qualification Pack “SSC/Q0904” Version 1.0. Minimum accepted score is 80%.

4b Platform Certification

Recommended that the trainer is certified for the Job Role “Trainer” mapped to the Qualification Pack “MEP/Q0102”. Minimum accepted score is 80% aggregate.

5 Experience 0‐2 years of work experience/internship in security.


Assessment Criteria

Assessment Criteria

Job Role Analyst Identity and Access Management

Qualification Pack SSC/Q0904 V1.0

Sector Skill Council IT-ITeS

Sr. No.

Guidelines for Assessment

1 Criteria for assessment for each Qualification Pack (QP) will be created by the Sector Skill Council (SSC). Each performance criteria (PC) will be assigned Theory and Skill/Practical marks proportional to its importance in NOS.

2 The assessment will be conducted online through assessment providers authorized by SSC.

3 Format of questions will include a variety of styles suitable to the PC being tested such as multiple-choice questions, fill in the blanks, situational judgment test, simulation and programming test.

4 To pass a QP, a trainee should pass each individual NOS. Standard passing criteria for each NOS is 70%.

5 For latest details on the assessment criteria, please visit www.sscnasscom.com.

6 In case of successfully passing only certain number of NOS's, the trainee is eligible to take subsequent assessment on the balance NOS's to pass the Qualification Pack.

Marks Allocated

Assessment Outcomes

Assessment Criteria for Outcomes Total Mark

Out of

Theory Skills

Practical

1. SSC/N0914 (Implement and maintain identity and access management solutions in line with organisational policies and standards)

PC1.Receive specifications and organisational policy and standards for information technology and data related identity and access management from authorised sources.

100

5 1 4

PC2.Identify, access and apply identity and access management tools and methods across the SDLC lifecycle.

5 2 3

PC3. Define user roles and access controls necessary for application usage and data access in line with organisational policies.

4 2 2

PC4.Provide logical physical access as per Security Policy.

4 1 3

PC5.Configure and implement custom extensions to identity and access management security tools in order to meet organisational requirements.

5 2 3

PC6.Implement account provisioning processes to ensure that user account creation and access to software and data is consistent, simple to administer and in line with organisational policies and standards.

4 1 3

PC7. Implement authentication mechanisms as per specifications. 3 1 2

PC8. Incorporate identity and access management program controls in all relevant system in co-ordination with application owners.

4 1 3


PC9. Implement upgrades and manage patch status for identity and access management systems in line with organisational standards.

4 1 3

PC10. Implement local network usage policies and procedures. 4 1 3

PC11. Install and configure middleware for the solution in Application Server and Database layer, as per specifications.

4 1 3

PC12. Install server files, updates, and enhancements as per specifications. 4 0 4

PC13. Manage server resources including performance, capacity, availability, serviceability, and recoverability.

4 1 3

PC14. Maintain identity and access management services in line with organisational needs. 3 1 2

PC15. Maintain baseline system security according to organizational policies. 3 0 3

PC16. Monitor and maintain server configuration 4 0 4

PC17. Administer fixes, patches, & recovery procedures specified in the event of a security breach.

4 1 3

PC18. Customize identity and access management solutions as per requirement specified by authorised personnel.

4 1 3

PC19. Assist with identity and access management integration across systems and applications to meet business requirements.

5 1 4

PC20. Complete own assigned tasks and activities to defined standards and timelines. 4 1 3

PC21. Complete monthly reporting dashboard for the monitoring and continual improvement of the Identity and Access Management program.

4 1 3

PC22. Perform documentation of activities performed with all relevant details for compliance. 4 1 3

PC23. Correctly follow and apply the policies and standards relating to information security identity and access management activities.

4 1 3

PC24. Ensure that customer needs are met to service level agreement. 3 0 3

PC25. Meet time and quality commitments as per organisational performance standards. 4 1 3

Total 100 24 76

2. SSC/N0915 (Provision access rights at the computing system for users and resources)

PC1. Create, modify and delete identity and standard profiles as per organisational policy on the identity manager software for users, systems and computers. 100

8 3 5

PC2. Create standard profiles for groups of users as per organisational policy. 7 2 5


PC3. Receive user access requests in specified formats with due authorisations. 6 3 3

PC4. Create and modify, delete system access IDs for various systems. 7 2 5

PC5. Ensure adherence to laid out procedures to add, transfer, or delete an employee’s accessibility to information resources.

6 2 4

PC6. Assign appropriate user permissions and logical physical access as per specifications and in line with identity and access control policies.

8 3 5

PC7. Ensure proper permissions are enforced on user directories, distribution lists, mailboxes, folders, and files too.

7 2 5

PC8. Provide guidance on user profiles to immediate colleagues. 7 2 5

PC9. Manage accounts, network rights, and access to systems and equipment. 7 2 5

PC10. Process access requests according to standard operating procedures and service level commitments.

8 2 6

PC11. Ensure that internal and external customer needs are met to service level agreement. 5 1 4

PC12. Meet time and quality commitments as per organisational performance standards. 6 2 4

PC13. Provide guidance and suggestions as appropriate.

6 1 5



5 1 4

Total 100 30 70

3. SSC/N0916 (Conduct assessment and reconciliation of access rights at the computing systems for users and resources)

PC1. Obtain information or raw data from existing repositories.

100

5 2 3

PC2. Mine or discover roles based on existing access rights and entitlements data for applications, email, system assets, file repositories and devices used by the organization's employees and other stakeholders.

7 2 5

PC3. Compare the as-is situation for access with defined access for roles as per policy. 5 1 4

PC4. Validate against master data from ERP/SAP. 5 2 3

PC5. Eliminate conflicts and complete missing information. 5 2 3

PC6. Indicate requirement of roles access rights and entitlements adjustment where there are discrepancies between as-is situation for access and defined access as per policy.

7 3 4


PC7. Obtain a validation for the adjustments done by the role custodian from the business unit. 5 2 3

PC8. Consult with human resource management function, information security function or business stakeholders and ratify data.

6 2 4

PC9. Clean up and streamline privileges and group definitions in consultation with human resource management function, information security function or business stakeholders.

6 1 5

PC10. Produce report of the assessment and reconciliation activities undertaken and the outcome of exercise for internal audit and business / application owners.

6 3 3

PC11. Ensure communication is sent to all users whose role access rights and entitlements have been changed either through the tool or other means.

4 1 3

PC12. Conduct regular assessments of access rights, application entitlements, generic, service accounts, special-access and administrative accounts.

7 3 4

PC13. Ensure adherence to laid out procedures to add, transfer, or delete an employee’s accessibility to information resources.

4 1 3

PC14. Assign appropriate user permissions as per specifications and in line with identity and access control policies.

6 2 4

PC15. Administer user directories, distribution lists, mailboxes, folders, and files. 5 1 4

PC16. Manage directory structures to ensure proper permissions are enforced. 5 1 4



6 2 4

Total 100 33 67

4. SSC/N9001 (Manage your work to meet requirements)

PC1. Establish and agree your work requirements with appropriate people.

100

7 0 7

PC2. Keep your immediate work area clean and tidy.

12 6 6

PC3. Utilize your time effectively. 12 6 6

PC4. Use resources correctly and efficiently. 19 6 13

PC5. Treat confidential information correctly. 7 1 6

PC6. Work in line with your organization’s policies and procedures.

12 0 12

PC7. Work within the limits of your job role. 6 0 6

PC8. Obtain guidance from appropriate people, where necessary.

6 0 6


PC9. Ensure your work meets the agreed requirements.

19 6 13

Total 100 25 75

5. SSC/N9002 (Work effectively with colleagues)

PC1. Communicate with colleagues clearly, concisely and accurately.

100

20 0 20

PC2. Work with colleagues to integrate your work effectively with theirs.

10 0 10

PC3. Pass on essential information to colleagues in line with organizational requirements.

10 10 0

PC4. Work in ways that show respect for colleagues.

20 0 20

PC5. Carry out commitments you have made to colleagues.

10 0 10

PC6. Let colleagues know in good time if you cannot carry out your commitments, explaining the reasons.

10 10 0

PC7. Identify any problems you have working with colleagues and take the initiative to solve these problems.

10 0 10

PC8. Follow the organization’s policies and procedures for working with colleagues.

10 0 10

Total 100 20 80

6. SSC/N9003 (Maintain a healthy, safe and secure working environment)

PC1. Comply with your organization’s current health, safety and security policies and procedures.

100

20 10 10

PC2. Report any identified breaches in health, safety, and security policies and procedures to the designated person.

10 0 10

PC3. Identify and correct any hazards that you can deal with safely, competently and within the limits of your authority.

20 10 10

PC4. Report any hazards that you are not competent to deal with to the relevant person in line with organizational procedures and warn other people who may be affected.

10 0 10

PC5. Follow your organization’s emergency procedures promptly, calmly, and efficiently.

20 10 10

PC6. Identify and recommend opportunities for improving health, safety, and security to the designated person.

10 0 10

PC7. Complete any health and safety records legibly and accurately.

10 0 10

Total 100 30 70

7. SSC/N9004 (Provide data/information in standard formats)

PC1. Establish and agree with appropriate people the data/information you need to provide, the formats in which you need to provide it, and when you need to provide it.

100 13 13 0

PC2. Obtain the data/information from reliable sources.

13 0 13


PC3. Check that the data/information is accurate, complete and up-to-date.

12 6 6

PC4. Obtain advice or guidance from appropriate people where there are problems with the data/information.

6 0 6

PC5. Carry out rule-based analysis of the data/information, if required.

25 0 25

PC6. Insert the data/information into the agreed formats.

13 0 13

PC7. Check the accuracy of your work, involving colleagues where required.

6 0 6

PC8. Report any unresolved anomalies in the data/information to appropriate people.

6 6 0

PC9. Provide complete, accurate and up-to-date data/information to the appropriate people in the required formats on time.

6 0 6

Total 100 25 75

8. SSC/N9005 (Develop your knowledge, skills and competence)

PC1. Obtain advice and guidance from appropriate people to develop your knowledge, skills and competence.

100

10 0 10

PC2. Identify accurately the knowledge and skills you need for your job role. 10 0 10

PC3. Identify accurately your current level of knowledge, skills and competence and any learning and development needs.

20 10 10

PC4. Agree with appropriate people a plan of learning and development activities to address your learning needs.

10 0 10

PC5. Undertake learning and development activities in line with your plan. 20 10 10

PC6. Apply your new knowledge and skills in the workplace, under supervision. 10 0 10

PC7. Obtain feedback from appropriate people on your knowledge and skills and how effectively you apply them.

10 0 10

PC8. Review your knowledge, skills and competence regularly and take appropriate action. 10 0 10

Total 100 20 80

Documents

Model Curriculum › sites › default › files › MC_SSCQ0904...2018/12/17 · 1 Model Curriculum Analyst Identity and Access Management SECTOR: SUB-SECTOR: OCCUPATION: REF ID: