Skip to content. | Skip to navigation

Personal tools

Reference and guide to SFIA version 7. Framework status: Current standard.

#74 Incident Investigation: change request accepted

Abbreviated version of SCTY407 needed in SCTY3

SCTY407 "Investigates suspected attacks and manages security incidents."

There is a requirement for an equivalent investigation task without the management aspect in the SCTY Level 3 role. This caused problems in the creation of a "Cyber Defence Analyst" role within a BCS Role Model-using organisation, based around ITOP and SCTY Level 3 roles.

I would suggest something along the lines of "Investigates suspected attacks under the direction of the security incident manager".

Attached to Information security


What we decided


What we changed

Minor addition to SCTY level 3.