You are here: Home / Moving to SFIA version 6 / Headlines


Industry hot topics

The SFIA skills and content needed to be reviewed against industry hot topics. Some contributors felt there were new skills required; others saw them as the same skills but used in a different context. Either way, the challenge for SFIA is always to demonstrate that it is relevant to the industry. The problem to be solved is that current and potential users may not see any obvious mention of the ‘hot topics’, and make the assumption that SFIA is not kept up to date or is not relevant.

In balancing this, it needs to be recognised that some terms are fairly short-lived and transitory, and it is difficult to predict which ones will be gone from our vocabulary long before the next version of SFIA, and which ones will have some longevity.

The contributors to the version 6 project have tried to steer a careful path of not being too extreme in either direction. Some of these terms do help in the description of skills, but there is no point in simply including popular buzzwords just to try to ensure SFIA appears in searches and appeals to those who are looking for specific words. The aim is to decide what the skill actually is, whether it is already sufficiently covered in SFIA, and if some changes or additions are required to ensure adequate coverage and avoid gaps.

Input was considered in detail, and many changes made to support those inputs. To give some examples, the following were included: social media, digital media, digital transformation and the fusion of IT and marketing and business skills; digital environment content management; the skills needed by roles such as Cloud Broker/Chief Service Office, Cloud Architect, Cloud Developer, Cloud Administrator, Automation Engineer, Cloud Coordinator/Consultant, Cloud Systems/Services Manager, Cloud Batch Administrator, Cloud Recruiter, Cloud Accountant/Financial Manager, Cloud Mentor/Educator, Cloud Security Architect/Specialist, Cloud Governance/Audit Managers and cloud interpretations of Service Catalogue Manager, Service Level Manager, Performance/Capacity Manager and Supplier/Provider Manager; managing outsourced and cloud service providers; internal account management; product management; infrastructure management – IT estate management, data centre power; communications systems – VoIP, radio, microwaves, and other VAS (Value Added Services); IP networks and satellite systems; User support; hardware store and repairs; collaboration tools; Enterprise Systems managed services.

Digital skills

A significant amount of discussion and analysis has taken place around the increased use of the term ‘digital skills’. The range of opinion of what exactly is meant by the term has been researched, with members of the project team reviewing all input and agreeing some changes. 

The most visible of these include the updates for Information management, for which there was significant input from SFIA users in government from Australia and the UK, and the updates to Marketing to become Digital marketing.

Cyber security

Many governments have stated that cyber security skills are essential as a weapon in the fight against terrorism, industrial espionage and information security attacks. Consultation participants provided input around this and information security in general, which prompted a major review of how this was covered in SFIA.

SFIA V5 contained three core skills for security professionals: Information assurance, Information security, and Security administration, all of which have been updated in V6, including adding a level 7 description for Information security, and level 1 and 2 descriptions for Security administration

V5 also contained 10 skills which specifically included the word ‘security’. Investigation identified another 22 SFIA skills which were regularly used to describe the roles of security professionals and were needed for security capabilities, but didn’t include the word ‘security’ anywhere. Apart from demonstrating the limitations of using word search to identify relevant skills, which sadly many users resort to, it highlighted how much coverage SFIA already had for this area.

Security references were specifically added to Solution architecture, Systems development management, Programming/software development, and Testing.

The following new skills have been added:

DGFS Digital forensics

PENT Penetration testing

It was determined that the following skills should explicitly reference security: Solution architecture, Data management, Systems development management, Systems design, Programming/software development, Testing, Network design, Change management, Storage management, IT operations (now called IT infrastructure), Supplier relationship management (content now covered by Relationship management and a new skill Sourcing), Conformance review, and Technology audit (content now merged into Conformance review).

Another 19 skills used by security professionals, or related to security in a wider context, did not need an explicit reference to security.


The use of the term ‘IT’ has been reduced, not as a mechanism to try to spread the coverage of SFIA outside of the existing space, but because the application of this term has continued to change. Many Chief Information Officers, Chief Technology Officers, and senior management personnel are involved in developing strategy, policy, and plans which they would not recognise as being just about IT. Many organisations don’t have IT departments, and professionals that are covered by the skills in SFIA would not necessarily recognise themselves as IT professionals.

Where the term ‘IT’ was superfluous and did nothing to add to the description, it has been removed. This is an example of simplification and editing, removing text which doesn’t add value and sometimes causes people to reject otherwise relevant and useful skill descriptions.

Financial management for IT has become Financial management

Sustainability management for IT has become Sustainability management

IT estate management has become Facilities management

Information management

As mentioned under Digital skills, the Information management area has benefited from substantial input from users around the world.

Big Data, Agile and Cloud

All of these topics received careful consideration, resulting in updates to several skills to ensure that the skills required to address these areas are served by SFIA.

SFIA levels

The seven levels remain as before, though the wording of the generic definitions has been improved in a few places.

Categories and subcategories

There are still 6 categories, there have been some notable changes.

All but one of the category names have been changed, and they now all have a similar three-word structure. Some subcategories have moved, and several skills have moved from one category to another.

One of the issues that had been recognised in observing use of SFIA was that some users incorrectly assumed that categories contained all the skills by people working in an area which resembled a category, subcategory or individual skill. For example, those working in Service Management roles expected all their skills to be in that category, when in reality many of the skills in other categories were relevant. It should be remembered that categories and subcategories are only used to provide a grouping to ease navigation, to avoid having a single flat list. There are no definitions of categories and subcategories themselves.

  • Strategy and architecture – name remains unchanged
  • Business change becomes Change and transformation
  • Solution development and implementation becomes Development and implementation
  • Service management becomes Delivery and operation
  • Procurement and management support becomes Skills and quality
  • Client interface becomes Relationships and engagement

New skills

SFIA version 6 has identified seven new skills, as follows:

DGFS Digital forensics

HWDE Hardware design

ITSP IT strategy and planning

PENT Penetration testing

PEMT Performance management

PROD Product management

SORC Sourcing

Retirement and consolidation

No skills have been retired through lack of use, as it was determined that all skills were still useful to some users. However, the following skills have been removed because their content is sufficiently covered or has been consolidated into another skill.

SPIM Software development process improvement - some amendments made to DLMG Systems development management

HFIN Human factors integration - content has been merged with USEV User experience evaluation

TAUD Technology audit – content has been merged with CORE Conformance review

PROC Procurement – content merged to form the new skill SORC Sourcing

SURE Supplier relationship management – content merged to form the new skill SORC Sourcing

ACMG Account management – content merged into RLMT Relationship management

Name changes

FMIT Financial management (previously Financial management for IT)

SUMI Sustainability management (previously Sustainability management for IT)

STPL Enterprise and business architecture (previously Enterprise and business architecture development)

DBDS Database design (previously Database/repository design)

ITOP IT infrastructure (previously IT operations)

USUP Incident management (previously Service desk and incident management)

DCMA Facilities management (previously IT estate management)

CSMG Customer service support (previously Client services management)

PORT Porting/software configuration (previously Porting/software integration)

LEDA Learning assessment and evaluation (previously Learning and development assessment)

MKTG Digital marketing (previously Marketing)

HCEV User experience design (previously Ergonomic design)

New levels for existing skills

SCTY Information security now has a level 7 description

RSCH Research now has a level 2 description

SUST Sustainability strategy now has a level 4 description

DATM Data management now has descriptions at levels 2 and 3

PROF Portfolio, programme and project support now has a level 6 description

HCEV User experience design (previously Ergonomic design) now has a level 2 description

USEV User experience evaluation now has a level 6 description

SCAD Security administration now includes descriptions at levels 1 and 2

TMCR Learning design and development now has a level 6 description

RESC Resourcing now has a level 4 description

QUMG Quality management now has a level 4 description

MKTG Digital marketing (previously Marketing) now has a level 2 description

Removed levels for existing skills

USUP Incident management (previously Service desk and incident management) no longer has a description at level 1 as this aspect is covered within the Customer service support skill.