#74 Incident Investigation: change request pending
Abbreviated version of SCTY407 needed in SCTY3
SCTY407 "Investigates suspected attacks and manages security incidents."
There is a requirement for an equivalent investigation task without the management aspect in the SCTY Level 3 role. This caused problems in the creation of a "Cyber Defence Analyst" role within a BCS Role Model-using organisation, based around ITOP and SCTY Level 3 roles.
I would suggest something along the lines of "Investigates suspected attacks under the direction of the security incident manager".
Attached to Information security