Common Understanding of Terminology used in Cyber Security Workforces

Q: Annex 1: Glossaries and Frameworks听听

Australia - Australian Signals Directorate (ASD) Cyber Skills Framework 听 Canada - Canadian Cyber Security Skills Framework 听 European Union Agency, ENISA - European Cybersecurity Skills Framework (ECSF) 听 Singapore - Skills Framework for ICT (SFw for ICT) 听 AND听听 Operational Technology Cybersecurity Competency Framework (OTCCF) 听 Skills Framework for Infocomm Technology 听 UK - UK Cyber Security Council Cyber Career Framework 听 USA - NICE Workforce Framework for Cybersecurity (NICE Framework) 听

Question 1

Shared glossary

Accepted Answer

Adapted from the glossaries of Australia, Canada, Dubai, Agency of the European Union - ENISA, Ghana, Ireland, Japan, Singapore, UK and USA.听

Note: These parties have agreed to the common understanding of the below terms. These are not definitive definitions of these terms.听

础肠肠谤别诲颈迟补迟颈辞苍听听

The formal recognition or attestation by an assessor or independent body that an individual, organisation, or learning programme has achieved an agreed-upon, recognised standard of qualification, behaviour, or adherence to specific definitions and/or standards. As a verb, 鈥渢o accreditate鈥� represents the action of the assessor awarding this recognition.听

础辫辫谤别苍迟颈肠别蝉丑颈辫听

A regime of education that combines classroom and off-line study with paid, on-the-job, practical, hands-on training. The aim is to equip the apprentice with a specific set of skills, knowledge, and experience required in each industry.听

A Body of 碍苍辞飞濒别诲驳别听听

A structured collection of expert-sourced information, including terminology, concepts, models, and theories. It forms the core knowledge base for a profession, aiming to guide education, training, and foster a shared professional vision.听

颁别谤迟颈蹿颈肠补迟颈辞苍听听

The awarding of a recognised title by an independent/competent body, based on assessment of an individual鈥檚 or organisation鈥檚 skills, knowledge, or a system鈥檚 adherence to specific and defined requirements.听

颁辞尘辫别迟别苍肠测听

The proven ability to apply knowledge, skills, and/or behaviours to successfully perform tasks in a specific domain.听听

Cyber Security听听

The ability to protect or defend the use of cyber space from cyber attack.听听

Cyber Security Workforce听

Individuals whose primary focus is on cyber security as well as those in the workforce who need specific cyber security-related knowledge and skills to perform their work in a way that enables organisations to properly manage cyber security-related risks.听

闯辞产听

A single job may be responsible for one or more Work Role or for only a portion of a role.听

碍苍辞飞濒别诲驳别听

A retrievable set of concepts within memory which can be learned through education or experience听

笔谤辞蹿别蝉蝉颈辞苍听

A category of jobs that are similar with respect to the work performed and the skills possessed by workers.听

Professional Development听听

The ongoing process of building new or enhancing existing skills and capabilities in one鈥檚 career, often demonstrated through activities like training, research, or attending seminars and networking.听

笔谤辞蹿颈肠颈别苍肠测听听

An assessed measure of an individual鈥檚 degree of capability in a particular domain.听

厂办颈濒濒听

The personal skills that ensure you do your job well, such as being adept at teamwork, time management, or solving problems. Occasionally, some refer to these as 鈥渉uman skills,鈥� 鈥渆mployability skills,鈥� or 鈥渟oft skills.鈥澨齖u003c/li>

罢补蝉办听

An activity that is directed toward the achievement of organisational objectives.听

Workforce Framework听

An ontology that is used to define a standard approach and common language for describing work and the capabilities of people who do that work for a defined workforce. Workforce frameworks use task, knowledge, and skill (TKS) statements to establish relevant work roles and competency areas.听

Work Role听

A grouping of work for which an individual or team is responsible or accountable.听

Workforce Skills听

The personal skills that ensure you do your job well, such as being adept at teamwork, time management, or solving problems (see also 鈥榮kill鈥�).听

Question 2

Annex 1: Glossaries and Frameworks听听

Accepted Answer

Australia - Australian Signals Directorate (ASD) Cyber Skills Framework听

Canada - Canadian Cyber Security Skills Framework听

European Union Agency, ENISA - European Cybersecurity Skills Framework (ECSF)听

Singapore - Skills Framework for ICT (SFw for ICT)听

AND听听

Operational Technology Cybersecurity Competency Framework (OTCCF)听

Skills Framework for Infocomm Technology听

UK - UK Cyber Security Council Cyber Career Framework听

USA - NICE Workforce Framework for Cybersecurity (NICE Framework)听

Question 3

Annex 2: Country/Framework Specific Terms听

Accepted Answer

Canada听

Work Role - Within the NICE framework, a Work Role is a grouping of work for which an individual or team is responsible or accountable. Work Roles are composed of Tasks that correlate to Knowledge and Skill statements. Work Roles are not synonymous with jobs or position titles, and a single job may consist of one or more Work Roles. They are used in career exploration, education and training, hiring and career development. Assessment for Work Roles typically occurs at the Task level.听

ENISA听

Role Profile - A context-specific and detailed description of what an employee does to assure that the job holder has no doubts about their tasks, duties, responsibilities and often those to whom they report. It usually contains precise information about the competences, skills and knowledge required and practical information about health and safety and remuneration.听

Ghana听

Accredited Cybersecurity Professional (CP) 鈥� as defined in law, under (1) Vulnerability Assessment and Penetration Testing, (2) Digital Forensics Services, (3) Managed Cybersecurity Services, and (4) Cybersecurity Governance, Risk and Compliance听

UK听

Licence Body - A body to whom the process of assessing and, if the assessment proves satisfactory, admitting individuals or organisations to membership of the delegating body.听听
In the sense of the UK Cyber Security Council, a member organisation that is permitted to nominate its members for inclusion on the Council鈥檚 Register.鈥齖u003c/p>
Licensee - See Licensed Body.鈥€齖u003c/p>
Professional Registration - As a verb, the process of becoming registered with a professional body that maintains a register of Professionals in its industry. As a noun, the situation of being so registered.听听
In the sense of the UK Cyber Security Council, the process by which an individual is admitted to the Council鈥檚 Register.鈥齖u003c/p>
Royal Charter - As defined by the Privy Council, 鈥渁n instrument of incorporation, granted by The Queen, which confers independent legal personality on an organisation and defines its objectives, constitution and powers to govern its own affairs.鈥� Incorporation by Charter is widely recognised as a prestigious way of acquiring legal personality and reflects the high status of that body.鈥齖u003c/p>

USA听

Work Role - Within the NICE framework, a Work Role is a grouping of work for which an individual or team is responsible or accountable. Work Roles are composed of Tasks that correlate to Knowledge and Skill statements. Work Roles are not synonymous with jobs or position titles, and a single job may consist of one or more Work Roles. They are used in career exploration, education and training, hiring and career development. Assessment for Work Roles typically occurs at the Task level

伊人直播