#1302 Move Security component from the Business Skill generic : change request pending
Security is addressed at all levels in the Business Skill generic attribute. It should be brought out as a generic attribute in its own right.
In SFIA7 security was explicitly addressed as part of the Business Skill Generic Atttribute at all levels - this complements the 5 Security skills and the 14 other skills which embrace security. To reflect the SFIA View that security is part of everyone's job it is recommended that Security is brought out as a Generic Attribut in its own right. The Business Skills Generic Attribute is overloaded as it is.
This has a number of advantages:
- It provides emphasis of the importance of security across all aspecgts of skills and competency
- It shows the SFIA View that security is part of every activite.
- It provides opportunity to raise the issue of security as not just relevant for security specialists but for all roles - something that is missing from the security specialists in general
Additionally such a security Generic Attribute could be extended to be Security and Privacy to reflect the close relationship and also to enable a clearer interface to emerging security initiatives.
Question do we use the encompassing "Security" term or the more fashionable "Cyber Security" term ...
Attached to Levels of responsibility