8600-337 Understanding Security Measures in the Workplace

Introduction

Unit 8600-337 Understanding Security Measures in the Workplace is an integral component of the ILM Level 3 module. This unit is dedicated to instilling key principles essential for implementing security protocols within organizations. Security, a pivotal factor, ensures organizational compliance with the law while also enhancing the successful execution of various tasks and responsibilities. It empowers organizations to implement interventions safeguarding both digital and physical assets owned by the organization.

Addressing compliance requirements, organizations bear the responsibility of safeguarding sensitive information, particularly that which pertains to individuals such as customers and employees. Legal frameworks, including the Data Protection Act of 1998 and other relevant regulations, mandate organizations to secure stakeholder information. The unit places significant emphasis on existing and potential security features within organizations. Leaders play a crucial role in ensuring the implementation of these security measures.

The primary objective of this unit is to equip leaders with the knowledge and understanding necessary to effectively establish security systems and measures within their organizations. By enhancing comprehension of these measures and principles, the unit prepares leaders for their responsibilities in facilitating security measures. The unit encompasses 7 hours of guided learning and contributes 2 credit values towards the completion of the ILM Level 3 module.

Who is this unit suitable for?

Security measures constitute crucial components within an organization, and it falls upon leaders to devise strategies and implement measures that ensure organizational security. This responsibility encompasses comprehending potential security risks faced by the organization, understanding pertinent legislative policies and guidelines that influence it, and effectively utilizing available resources to establish the desired security measures and interventions. The unit is crafted to enhance the knowledge and skills of leaders, making it particularly relevant for individuals in leadership positions within the organization.

Specifically tailored for first-line managers and junior managers, the unit provides essential training required to implement security measures within their respective areas of responsibility. It aids in their understanding of organizational policies, enabling them to operationalize these policies at lower levels of the organization. While primarily targeting these managerial levels, the unit is also suitable for other leaders and managers across the organization, including departmental heads and general organizational leaders.

The unit facilitates a comprehensive understanding of the necessity for security interventions and the effective allocation of resources to achieve desired security levels within the organization. Furthermore, it applies to a broader audience, extending to security consultants working for the organization, whether in digital or physical security. This ensures that these consultants grasp the principles essential for establishing security measures tailored to the organization’s needs.

Learning Outcomes

Upon completing the unit, the learner is expected to attain the following competencies:

• Identification and Explanation of Security Measures:
  • The learner should be adept at identifying and explaining the existing security measures within their organization. This involves a comprehensive understanding of the various protocols, systems, and strategies in place to safeguard both digital and physical assets.
• Understanding Relevant Legislation:
  • The learner will be capable of describing the relevant legislation applicable to the development of security measures within the workplace. This includes a thorough examination of laws, policies, and guidelines that influence and shape security practices. The focus extends to ensuring compliance with legal frameworks such as the Data Protection Act of 1998 and other pertinent regulations.
• Evaluation of Effectiveness and Efficiency:
  • The learner should possess the skills to critically examine the effectiveness and efficiency of prescribed security measures within the workplace. This involves assessing how well the implemented security measures align with their intended goals and whether they efficiently mitigate potential risks.
• Identification of Security Gaps:
  • A key competency involves the ability to identify potential gaps between the intentions of prescribed security measures and their actual implementation. This includes a keen assessment of areas where security loopholes may exist within the organization, thus pinpointing vulnerabilities that could compromise security.
• Proposing Improvements Based on Weaknesses:
  • Building on identified weaknesses, the learner should be capable of suggesting improvements to existing security measures. This involves a proactive approach to address potential shortcomings and strengthen the overall security posture of the organization.

Key Learning Areas

Unit 8600-337 Understanding Security Measures in the Workplace aims at providing the learners with information that they can use to improve their understanding of security systems and approaches that they can use to effectively improve security measures. Some of the main areas of learning within the unit include:

Principles and Legal Frameworks on Security Measures

In this area of learning, the learner is helped to understand the meaning of the concept of security measures within the organisations. They are guided to understand principles such as access control, restricted areas, identification systems, protective clothing, locks and safes, authorisation procedures, manned guarding and other systems that are put in place to provide both digital and physical security within the organisation.

The learners are then introduced to the relevant legislation that has been established to ensure that the security measures are developed and implemented within the organisation. This involves the Data Protection Act, Human Rights, The Regulation of Investigatory Powers and the Computer Misuse Act that ensures both digital and physical security measures are compliant and protect the rights of both the organisations and stakeholders to the organisation.

Limitations to Security Measures

This area of learning helps to identify the various shortcomings that affect the ability of the leaders to implement effective security measures that serve the needs of the organisation. The unit identified the restriction in a range of security measures as well as the sustainability of the prescribed security measures to meet the actual needs of the organisations and the vulnerabilities that arise from the differences between the prescribed security measures and actual practice. Ti also helps to prioritise the weaknesses hence identifying the critical areas that need urgent addressing to ensure that the more serious vulnerabilities are addressed.

Improvement of Security measures

This area focuses on evaluating and monitoring the efficiency of the existing security measures. The learners are guided on principles that they can use to effectively set up measures that can be used to improve the levels of security within the organisation. The area also helps to identify the prioritised weakness that needs to be improved first hence improving the impact of the leaders in addressing loopholes within the security measures.

An Assessment

Upon finishing the unit, learners undergo a comprehensive evaluation aimed at gauging the attainment of learning goals and objectives. This evaluation is conducted through a written assessment that serves as a culmination of the theoretical knowledge and practical principles acquired during the teaching and learning process within the unit.

The written assessment encompasses a range of topics covered throughout the unit, delving into both theoretical concepts and the practical application of principles related to security measures in the workplace. Learners are tasked with demonstrating their understanding of key principles such as access control, identification systems, legal frameworks, limitations, and strategies for improvement in the context of organizational security.

This assessment serves as a critical measure to ascertain not only the breadth of knowledge acquired by the learners but also their ability to apply this knowledge in real-world scenarios. By evaluating both theoretical and practical aspects, the assessment ensures a holistic understanding of the subject matter, reinforcing the practical relevance of the unit in preparing learners to contribute effectively to the implementation and enhancement of security measures within their respective organizations.

References

1. CISCO Talos Intelligence Group (2020, February 19). 2020 Annual Cybersecurity Report. https://www.cisco.com/c/dam/m/en_hk/ciscolive/2020-ciso-benchmark-cybersecurity-series.pdf
2. European Union Agency for Cybersecurity (ENISA) (2020). Threat Landscape 2020. https://www.enisa.europa.eu/news/enisa-news/enisa-threat-landscape-2020
3. National Institute of Standards and Technology (NIST) (2019, May). Cybersecurity Framework Version 1.1. https://www.nist.gov/cyberframework
4. International Organization for Standardization (ISO) (2018, September). ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements.
6. https://www.iso.org/standard/27001
7. Cloud Security Alliance (CSA) (2020, February). Consensus Assessments Initiative Questionnaire (CAIQ). https://cloudsecurityalliance.org/
8. MIT Technology Review (2020, September 10). The 10 biggest cybersecurity threats of 2020. https://www.techtarget.com/searchsecurity/news/252494362/10-of-the-biggest-cyber-attacks
9. World Economic Forum (WEF) (2020, January 15). The Global Risks Report 2020. https://www3.weforum.org/docs/WEF_Global_Risk_Report_2020.pdf
10. Accenture (2020, February 26). State of Cybersecurity Resilience 2020. https://www.accenture.com/us-en/insights/security/state-cybersecurity
11. Deloitte (2020, February 24). 2020 Global Risk Management Survey: Risk in a hyperconnected world. https://www2.deloitte.com/content/dam/Deloitte/rs/Documents/risk/rs_Global-risk-management-survey-12th-edition.pdf
12. PwC (2020, February 25). Global State of Information Security® Survey 2020. https://www.pwc.com/sg/en/publications/assets/gsiss-2018.pdf

FAQ

Related Articles:

• ILM Level 3