Skip to content. | Skip to navigation

Personal tools

Reference and guide to SFIA version 8. Framework status: Development.

#1302 Move Security component from the Business Skill generic : change request pending

Security is addressed at all levels in the Business Skill generic attribute. It should be brought out as a generic attribute in its own right.

In SFIA7 security was explicitly addressed as part of the Business Skill Generic Atttribute at all levels - this complements the 5 Security skills and the 14 other skills which embrace security. To reflect the SFIA View that security is part of everyone's job it is recommended that Security is brought out as a Generic Attribut in its own right. The Business Skills Generic Attribute is overloaded as it is.

This has a number of advantages:

  1. It provides emphasis of the importance of security across all aspecgts of skills and competency
  2. It shows the SFIA View that security is part of every activite.
  3. It provides opportunity to raise the issue of security as not just relevant for security specialists but for all roles - something that is missing from the security specialists in general

Additionally such a security Generic Attribute could be extended to be Security and Privacy to reflect the close relationship and also to enable a clearer interface to emerging security initiatives.

Question do we use the encompassing "Security" term or the more fashionable "Cyber Security" term ... 

Attached to Levels of responsibility


Ian Seward says:
Apr 27, 2020 01:05 PM

This is possible to be progressed at an early stage as the current security wording is already in the generics and actioning this change would nut affect other parts of the framework.
1) The starting point for wording is already there in the Business Skills generic
2) It could be separately reviewed by security specialists to ensure it has the right message.