#74 Incident Investigation: change request accepted
Abbreviated version of SCTY407 needed in SCTY3
SCTY407 "Investigates suspected attacks and manages security incidents."
There is a requirement for an equivalent investigation task without the management aspect in the SCTY Level 3 role. This caused problems in the creation of a "Cyber Defence Analyst" role within a BCS Role Model-using organisation, based around ITOP and SCTY Level 3 roles.
I would suggest something along the lines of "Investigates suspected attacks under the direction of the security incident manager".
Attached to Information security
What we decided
What we changed
Minor addition to SCTY level 3.