Element 2.4 Contribute to the security of information

Performance Criteria

You must be able to:

1. identify the risks to information that could occur
2. obtain information on national legislation, guidelines and organisation procedures for the security of information
3. apply correctly and consistently the relevant security procedures and guidelines for protecting information
4. maintain the confidentiality of seller and organisation information at all times
5. ensure information is disclosed only to people who are entitled to receive it
6. ensure information is recorded correctly and stored in a suitable manner
7. dispose of information in a way that maintains its security
8. pass on any suggestions for improving security to the responsible persons
9. demonstrate full compliance with relevant legislation


Knowledge and Understanding

You must know and understand:

(a) the risks to different types of information
(b) current legislation and national guidelines relating to the security of information
(c) the procedures of the organisation for whom you work relating to the security of information
(d) which procedures and guidelines apply in different circumstances
(e) what type of information could be sensitive
(f) how the disclosure of information could be damaging to others
(g) who is entitled to different types of information
(h) the systems for recording and storing information
(i) how to dispose of paper-based or electronic information
(j) what types of suggestions for improving security could be made and who should be given them
(k) legislation relating to security of information


Scope

This Element requires that you:

A. identify the following risks to information:
(i) loss
(ii) misplacement
(iii) unauthorised access