Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
Architect Identity and Access Management
Model Curriculum
Architect Identity and Access Management
SECTOR: SUB-SECTOR: OCCUPATION:
REF ID: NSQF LEVEL:
IT-ITeS IT SERVICES INFORMATION/CYBERSECURITY SSC/Q0928, V1.0
8
Architect Identity and Access Management
Architect Identity and Access Management
TABLE OF CONTENTS
1. Curriculum 01
2. Trainer Prerequisites 14
3. Assessment Criteria 15
Architect Identity and Access Management 1
Architect Identity and Access Management CURRICULUM / SYLLABUS
This program is aimed at training candidates for the job of an “Architect Identity and Access Management”, in the “IT-Services” Sector/Industry and aims at building the following key competencies amongst the learner
Program Name Architect Identity and Access Management
Qualification Pack Name & Reference ID.
SSC/Q0928,V1.0
Version No. 1.0 Version Update Date 29/03/2019
Pre-requisites to Training
Graduate in Science/Computer Science/Electronics and Engineering /Information Technology.
Training Outcomes After completing this programme, participants will be able to:
Research and recommend options for identity and access management solutions to meet the identified security objectives.
Design and develop solutions for identity management to meet the security objectives.
Ensure implementation of identity and access management solution follows architecture design.
Manage your work to meet requirements.
Work effectively with colleagues.
Maintain a healthy, safe and secure working environment.
Provide data/information in standard formats.
Develop knowledge, skills and competence.
Architect Identity and Access Management 2
This course encompasses 8 out of 8 National Occupational Standards (NOS) of “Architect Identity
and Access Management” Qualification Pack issued by “IT-ITeS SSC”.
Sr. No.
Module Key Learning Outcomes Equipment Required
1 IT-ITES/BPM Industry – An Introduction
Theory Duration
(hh:mm) 15:00
Practical Duration
(hh:mm) 15:00
Corresponding NOS Code Bridge Module
Explain relevance of the IT-
ITES industry.
State the various sub-
sectors in the IT-ITES
sector.
Explain the relevance of IT
services sector.
State the various
occupations and tracks in
the IT-ITES sector.
Prepare a general overview
of the IT services sub-
sector.
State the profile of the IT
services sub-sector.
Identify the key trends in
the IT services sub-sector.
Identify roles in the IT
Services sub-sector.
Whiteboard and
Markers
LCD Projector and
Laptop for
presentations
Lab equipped with the
PCs/Laptops and
Internet with WiFi (Min
2 Mbps Dedicated)
Chart paper and sketch
pens
2 Information/Cyber Security – An Introduction
Theory Duration
(hh:mm) 15:00
Practical Duration
(hh:mm) 15:00
Corresponding NOS Code Bridge Module
Explain the relevance of
cyber security in the
society.
Provide an introduction to
the job role/ qualification
pack of an Architect –
Identity and Access
Management (IdAM).
Describe the role of an
Architect - IdAM and key
responsibilities.
Identify range of skills and
behavior, expected from
an Architect – IdAM.
Provide a general overview
of information/cyber
security and its roles.
Draw a career map for
Information/ cyber security.
Lab equipped
with the
following:
PCs/Laptops,
Internet with
WiFi (Min 2
Mbps
Dedicated)
Whiteboard and
Markers
Chart paper and sketch
pens
3 Fundamental Concepts Theory Duration
(hh:mm) 20:00
List relevant networking
concepts, devices and
terminologies.
Describe basic
Cybersecurity concepts.
Whiteboard and
markers.
LCD projector and
laptop for presentation.
Architect Identity and Access Management 3
Sr. No.
Module Key Learning Outcomes Equipment Required
Practical Duration (hh:mm) 20:00
Corresponding NOS Code SSC/N0919
Describe enterprise
information technology
architecture.
Comprehend information
technology (IT) security
principles and methods
(e.g., firewalls, demilitarized
zones, encryption)
Information Systems/
Network Security.
Distinguish between
intrusion detection systems
and intrusion prevention
systems
Lab with: Key devices,
software and hardware
in a large network,
Application of multiple
networking topology; use
of various network
protocols; bandwidth
management
tools; application of
host network access
controls; hubs;
switches; routers;
bridges; servers;
transmission media
IDS/IPS; application of
SSL, VPN, 2FA,
Encryption, etc.
Provision for software
development work in
the lab including
software and tools
4 About Identity and Access Management
Theory Duration
(hh:mm) 07:00
Practical Duration
(hh:mm) 05:00
Corresponding NOS Code SSC/N0919
Explain the various
functions of Identity and
Access Management.
Describe the various
components of Identity and
Access Management.
State the basic
functionalities of the
applications, hardware
and/or access rights that
are used by the customers.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Lab with key devices,
software and hardware
in a network that
includes but is not
limited to- application of
multiple networking
topology.
Use of various Network
Protocols; bandwidth
management tools;
application of host
network access
controls; hubs;
switches; routers;
Bridges; servers.
5 Authentication
Theory Duration
(hh:mm) 10:00
Review usage of existing
IdAM technologies/
protocols and Logical
Physical Access to assess
Whiteboard and
Markers.
Architect Identity and Access Management 4
Sr. No.
Module Key Learning Outcomes Equipment Required
Practical Duration
(hh:mm) 10:00
Risks w.r.t Business and
security objectives.
Consult with engineering
teams in the areas of
authentication mechanism
for its usage in channels
such as web, mobile,
applications.
Describe relevant IdAM
technologies and protocols
pertaining to authentication.
LCD Projector and
Laptop for
presentations.
Provision for working
Corresponding NOS Code SSC/N0919
with Authorization
delegation and Federation protocols.
IdAM technologies and
protocols that include:
Active Directory;
Directory Services;
LDAP; Digital Cards,
Biometrics; Human
Interface Device (HID);
Web Services; Digital
Identities; Password
Managers; Single
Sign-on (SSO);Multi
Factor; Authentication
(MFA); Security Token
Services (STS); IP
Geo-location; Device
authentication; Mutual
Authentication;
Workflows; OpenID;
WS-Security, WS-
Trust; Open
Authorization (OAuth)
Security Assertion;
Mark-up Language
(SAML); Enterprise
resource planning
(ERP); Systems
Applications and
Products (SAP);
Application
programming interface;
(API) Gateways
Architect Identity and Access Management 5
Sr. No.
Module Key Learning Outcomes Equipment Required
6 Authorization
Theory Duration (hh:mm) 10:00
Practical Duration
(hh:mm) 10:00
Corresponding NOS Code SSC/N0919
Review the usage of
existing IdAM technologies
and protocols and Logical
Physical Access to assess
risks w.r.t Business and
security objectives.
Consult with engineering
teams in the areas of
authorization mechanism
for its usage in channels
such as web, mobile,
applications.
Describe relevant IdAM
Technologies and Protocols
pertaining to Authorization.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Lab with key devices,
software and hardware
in a network that
includes IdAM
technologies and
protocols of Role-based
access control (RBAC).
7 Directory Services
Theory Duration (hh:mm) 10:00
Practical Duration
(hh:mm) 10:00
Corresponding NOS Code
SSC/N0919
Describe active directory
and its features.
Describe Lightweight
Directory Access Protocol
(LDAP) as a service and its
attributes.
Explain the benefits of
federated solutions.
Review the usage of
existing IdAM technologies
and protocols and Logical
Physical Access to assess
risks with respect to
Business and security
objectives.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Lab with key devices,
software and hardware
in a network with use of
various Network
Protocols.
Provision for working
with Directory Services,
LDAP protocol, Active
Directory.
Provision for working
with Authorization
delegation and
Federation protocols.
8 Identifying IdAM Needs
Theory Duration (hh:mm) 08:00
Practical Duration
(hh:mm) 15:00
Corresponding NOS Code SSC/N0919
Conduct technical risk
analysis, threat
identification of the existing
IdAM solution.
Identify level of risk
acceptable for business
requirements by discussing
with business and technical
leads.
Research relevant
information required to
meet the security objectives
based on the evaluation of
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Samples of the
tools/templates and
checklists.
Architect Identity and Access Management 6
Sr. No.
Module Key Learning Outcomes Equipment Required
Assets, threats,
vulnerabilities and security
risks.
Identify and record details
of constraints that may
have an impact on the
business and security
Options.
9 Identifying IdAM Solutions
Theory Duration
(hh:mm) 10:00
Practical Duration
(hh:mm) 15:00
Corresponding NOS Code
SSC/N0919
Collate sufficient and
accurate information to
determine potential costs,
benefits and effectiveness
of recommended security
solutions.
Identify details of costs,
benefits, effectiveness,
limitations and constraints
of recommendations.
Recommend security
solutions in an agreed
format to the responsible
person(s) within agreed
timescale.
Advise the organization on
the implications of
accepting, modifying or
rejecting security
Recommendations.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Samples of templates
and checklists.
Software for creating
and maintaining
roadmaps.
10 Enterprise Information Technology Architecture
Theory Duration
(hh:mm) 30:00
Practical Duration
(hh:mm) 20:00
Corresponding NOS Code
SSC/N0920
Explain enterprise
information technology (IT)
architecture and solution
design for distributed
systems.
Describe enterprise
architecture approach and
activities.
Explain the enterprise
architecture principles.
Describe the secure
integration approach with
different third-party
systems.
Explain the relevance of
service–oriented
architecture (SOA) for
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Lab with key devices,
software and hardware
in a network that
includes: Enterprise
resource planning
(ERP); Systems
Applications and
Products (SAP);
Application
programming
interface; (API)
Gateways;
Architect Identity and Access Management 7
Sr. No.
Module Key Learning Outcomes Equipment Required
Organizations and
the principles of
SOA.
Determine infrastructure
design for SOA.
Explain the need for
segregation of duties (SoD)
configuration.
Determine segregation of
duties (SoD) configuration.
Service-oriented
architecture (SOA).
SAP software and an
existing sample of SoD
that is already done for
a company.
11 Designing Solutions for IdAM
Theory Duration
(hh:mm) 30:00
Practical Duration (hh:mm)
40:00
Corresponding NOS Code
SSC/N0920
Receive specifications of
requirements and security
objectives from authorized
source.
Design and deploy end to
end identity and access
management using an
IdAM security product.
Deploy end to end identity
and access management
using an IdAM security
product.
Design a cohesive blueprint
for delivery of identity &
access services to include
technology options.
Deliver a cohesive blueprint
for delivery of identity &
access services to include
technology options.
Design the user access
control and privilege
framework.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Lab with IdAM
supporting technologies
and protocols along
with tutorials for the
same.
Identity and Access
Manager Tool.
Access to various
samples of applications
and hardware that
require access rights
including various types
of computer
applications, mobile
applications and cloud
applications.
Provision for
customization and
integration of products
with other application.
Development &
Integration, IdAM
products and examples
of customization and
integration.
Cloud/SAAS ERP-CRM
Solution.
12 Developing Solutions for IdAM
Theory Duration
Develop group policies and
access control lists to
ensure compatibility with
Whiteboard and
Markers.
Architect Identity and Access Management 8
Sr. No.
Module Key Learning Outcomes Equipment Required
(hh:mm) 20:00
Practical Duration (hh:mm)
40:00
Corresponding NOS Code
SSC/N0920
Organizational standards,
business rules, and needs.
Develop strategies for
advancement to more
effective protocols and
sunset ineffective protocols.
Develop local network
usage policies and
procedures.
Deploy access
management technologies,
methodologies and role-
based and security-based
entitlements models to
develop effective IdAM
solutions.
Ensure identification and
remediation of control
weaknesses using existing
methodologies.
LCD Projector and
Laptop for
presentations.
Lab with IdAM
supporting technologies
and protocols along
with tutorials for the
same.
Identity and Access
Manager Tool.
Access to various
samples of applications
and hardware that
require access rights
including various types
of computer
applications, mobile
applications and cloud
applications.
Provision for
customization and
integration of products
with other application.
Development &
Integration, IdAM
products and examples
of customization and
integration.
Cloud/SAAS ERP-CRM
Solution.
13 Implementation of identity and access management Solution-Role of Architect IdAM
Theory Duration
(hh:mm) 30:00
Practical Duration
(hh:mm) 40:00
Corresponding NOS Code
SSC/N0921
Illustrate how to clarify
architectural design to the
implementation team.
Provide inputs for
implementation strategies
and plan, to the
implementation team(s).
Explain relevant features of
the solutions for the desired
requirements as per
architectural design.
List range of supporting
technologies and protocols,
tools, software and
techniques.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Lab with key devices,
software and hardware
in a large network.
Infrastructure design
suite.
Lab with IdAM tools,
technologies and
protocols along with
tutorials for the same.
Provision for working
with Authorization
Architect Identity and Access Management 9
Sr. No.
Module Key Learning Outcomes Equipment Required
State the function and key
features of supporting
technologies and protocols,
tools, software and
techniques.
Delegation and
Federation protocols.
Provision for working
with LDAP protocol,
Active Directory.
14 Analysis and evaluation of the implemented solutions
Theory Duration (hh:mm) 20:00
Practical Duration
(hh:mm) 35:00
Corresponding NOS Code SSC/N0921
Determine how to perform
comparative analysis and
evaluation of the
implemented solutions
against architectural
design.
Review implementation
steps and their outcome to
ensure that they satisfy
architectural objectives and
adhere to design.
Analyze the need to modify
access controls in line with
employees changing
responsibilities, including
removal of access when no
Longer required.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Access to organizations
for company visits and
provision for online
research.
Samples of the
tools/templates and
checklists used for
evaluation and analysis
assessment.
15 Identity management and compliance correlation
Theory Duration
(hh:mm) 20:00
Practical Duration (hh:mm) 30:00
Corresponding NOS Code SSC/N0921
Determine how to assess if
implementation is satisfying
compliance requirements.
Explain how to monitor
access controls in relation
to regulatory compliance for
sensitive data.
State information security
concepts, policies, and
procedures.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
5-6 Case studies of
cybersecurity incidents
and service requests
where internal and
external specialists are
required to be engaged.
16 Manage your work to meet requirements
Theory Duration (hh:mm) 20:00
Practical Duration (hh:mm) 25:00
Corresponding NOS Code
SSC/N9001
Establish and agree your
work requirements with
appropriate people.
Ensure the immediate work
area is clean and tidy.
Utilize your time effectively.
Use resources correctly
and efficiently.
Process confidential
information as separately
following standard
Operating procedure.
Whiteboard and Markers.
LCD Projector and Laptop for presentations.
Training organization’s confidentiality policy.
Architect Identity and Access Management 10
Sr. No.
Module Key Learning Outcomes Equipment Required
Adhere to organization’s
policies and procedures.
Adhere to limits of
responsibility and access
as per the job role.
Obtain guidance from
appropriate people, where
necessary.
Ensure your work meets
The agreed requirements.
17 Work effectively with colleagues
Theory Duration
(hh:mm) 20:00
Practical Duration
(hh:mm) 25:00
Corresponding NOS Code
SSC/N9002
Speak with colleagues
clearly, concisely and
accurately.
Co-ordinate with colleagues
to integrate your work
effectively with them.
Provide essential
information to colleagues in
line with organizational
requirements.
Show due respect for
colleagues while working.
Carry out commitments you
have made to colleagues.
Inform colleagues in good
time if you cannot carry out
your commitments,
explaining the reasons.
Identify any problems you
have working with
colleagues and take the
initiative to solve these
problems.
Follow the organization’s
Policies and procedures
for working with
colleagues.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Provision to write
emails and send in the
lab.
Lab with provision for
internet, email, word
processor and
presentation software.
Chart paper, markers,
picture magazines and
old newspapers.
18 Maintain a healthy, safe and secure working environment
Theory Duration
(hh:mm) 20:00
Practical Duration
Comply with your
organization’s current
health, safety and security
policies and procedures.
Report any identified
breaches in health, safety,
and security policies and
procedures to the
designated person.
Whiteboard and
Markers
LCD Projector and
Laptop for
presentations
The training
organization’s current
health, safety and
Architect Identity and Access Management 11
Sr. No.
Module Key Learning Outcomes Equipment Required
(hh:mm) 25:00
Corresponding NOS Code SSC/N9003
Identify and correct any
hazards that you can deal
with safely, competently
and within the limits of
your authority
Report any hazards that
you are not competent to
deal with to the relevant
person in line with
organizational procedures
and warn other people
who may be affected.
Follow your organization’s
emergency procedures
promptly, calmly, and
efficiently.
Identify and recommend
opportunities for
improving health, safety,
and security to the
designated person.
Complete any health and
safety records legibly and
accurately.
security policies and
procedures
Provision for online
research in the Lab
A sample health and
safety policy document
Emergency broadcast
system and mock
emergency signage in
the appropriate areas of
the training institute
19 Provide data/information in standard formats
Theory Duration (hh:mm) 20:00
Practical Duration
(hh:mm) 25:00
Corresponding NOS Code
SSC/N9004
Establish and agree with
appropriate people the
data/information you need
to provide, the formats in
which you need to provide
it, and when you need to
provide it.
Obtain the data/information
from reliable sources.
Check that the
data/information is
accurate, complete and up-
to-date.
Obtain advice or guidance
from appropriate people
where there are problems
with the data/information.
Carry out rule-based
analysis of the
data/information, if required
Insert the data/information
into the agreed formats.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Provision for online
research in the lab.
Architect Identity and Access Management 12
Sr. No.
Module Key Learning Outcomes Equipment Required
Check the accuracy of your
work, involving colleagues
where required.
Report any unresolved
anomalies in the
data/information to
appropriate people.
Provide complete, accurate
and up-to-date
data/information to the
appropriate people in the
Required formats on time.
20 Develop knowledge, skills and competence
Theory Duration
(hh:mm) 20:00
Practical Duration
(hh:mm) 25:00
Corresponding NOS Code
SSC/N9005
Obtain advice and
guidance from appropriate
people to develop your
knowledge, skills and
competence.
Identify accurately the
knowledge and skills you
need for your job role.
Identify accurately your
current level of knowledge,
skills and competence and
any learning and
development needs.
Agree with appropriate
people a plan of learning
and development activities
to address your learning
needs.
Undertake learning and
development activities in
line with your plan.
Apply your new knowledge
and skills in the workplace,
under supervision.
Obtain feedback from
appropriate people on your
knowledge and skills and
how effectively you apply
them.
Review your knowledge,
skills and competence
regularly and take
appropriate action.
Whiteboard and
Markers.
LCD Projector and
Laptop for
presentations.
Soft copy of QP-NOS.
Provision for online
access to all students in
the lab.
Questionnaire and key
for Honey and Mumford
learning styles.
Total Duration: Unique Equipment Required:
Architect Identity and Access Management 13
Sr. No.
Module Key Learning Outcomes Equipment Required
Theory Duration
355:00
Practical Duration
445:00
Whiteboard and Markers
LCD Projector and Laptop for presentations
Chart paper
Lab equipped with the following: PCs/Laptops and Internet
with WiFi (Min 2 Mbps Dedicated), provision for email,
word processor and presentation software.
CRM application, such as Siebel, Zoho, Social networking
tool LMS tool to enable blog posts or discussion board,
Instant messenger, chat and email tools to enable mock
exercises.
A sample health and safety policy document, Emergency
Broadcast system and mock emergency signage in the
appropriate areas of the training institute.
Grand Total Course Duration: 800 Hours, 0 Minutes
(This syllabus/ curriculum has been approved by SSC: IT-ITeS Sector Skills Council NASSCOM)
Architect Identity and Access Management 14
Trainer Prerequisites for Job role: “Architect Identity and Access Management” mapped to Qualification Pack: “SSC/Q0928, V1.0”
Sr. No.
Area Details
1 Description To deliver accredited training service, mapping to the curriculum detailed above, in accordance with the Qualification Pack “SSC/Q0928,V1.0”
2 Personal Attributes
Aptitude for conducting training, and pre/ post work to ensure competent, Employable candidates at the end of the training. Strong communication skills, interpersonal skills, ability to work as part of a team; a passion for quality and for developing others; well-organized and focused, eager to learn and keep oneself updated with the latest in this field.
3 Minimum Educational Qualifications
Diploma in Engineering (with 1 year experience) or Bachelor's Degree in Science/Technology/Computers
4a Domain Certification
Certified for Job Role “Architect Identity and Access Management” mapped to Qualification Pack “SSC/Q0928, V1.0”. Minimum accepted score is 80%.
4b Platform Certification
Recommended that the trainer is certified for the Job role “Trainer” mapped to the Qualification Pack “MEP/Q0102”. Minimum accepted score is 80% aggregate
5 Experience Field experience: Minimum 2 years’ experience in the same domain Training experience: 1 year preferred
Architect Identity and Access Management 15
Assessment Criteria
Job Role Architect Identity and Access Management
Qualification Pack SSC/Q0928,V1.0
Sector Skill Council IT-ITeS
Sr. No.
Guidelines for Assessment
1 Criteria for assessment for each Qualification Pack (QP) will be created by the Sector Skill
Council (SSC). Each performance criteria (PC) will be assigned Theory and Skill/Practical marks proportional to its importance in NOS.
2 The assessment will be conducted online through assessment providers authorized by SSC.
3 Format of questions will include a variety of styles suitable to the PC being tested such as multiple-choice questions, fill in the blanks, situational judgment test, simulation and programming test.
4 To pass a QP, a trainee should pass each individual NOS. Standard passing criteria for each NOS is 70%
5 For latest details on the assessment criteria, please visit www.sscnasscom.com.
6 In case of successfully passing only certain number of NOS's, the trainee is eligible to take subsequent assessment on the balance NOS's to pass the Qualification Pack.
Architect Identity and Access Management 16
Mark Allocation
Assessable Outcomes
Assessment Criteria for Outcomes Total Marks
Out of
Theory Skills Practical
1.SSC/N0919
(Research and
recommend
options for
identity and
access
management
solutions to
meet the
identified
security
objectives)
PC1. Confirm that you have complete and
accurate details of and understand the
security objectives.
100
5
2
3
PC2. Review the usage of existing IdAM
technologies and protocols and Logical
Physical Access to assess risks w.r.t
Business and security objectives.
6
2
4
PC3. Consult with engineering teams in the
areas of authentication and authorization
mechanism for its usage in channels such
as web, mobile, applications.
7
2
5
PC4. Conduct technical risk analysis, threat
identification of the existing IdAM solution. 8 3 5
PC5. Identify level of risk acceptable for
business requirements by discussing with
business and technical leads.
6
1
5
PC6. Research relevant information required
to meet the security objectives based on the
evaluation of assets, threats, vulnerabilities
and security risks.
7
3
4
PC7. Identify and record details of
constraints that may have an impact on the
business and security options.
6
2
4
PC8. Maintain the security and
confidentiality of information relating to the
Security objectives.
6
2
4
PC9. Gather sufficient accurate information
on which to determine potential costs,
benefits and effectiveness of recommended
Security solutions.
6
2
4
PC10. Identify and determine the cost,
potential benefits, and effectiveness of
recommended security solutions, based on
valid assumptions, considerations and
Information, including possible constraints.
6
1
5
PC11. Prepare recommendations that have
the potential to meet the security objectives
of the organization.
8
3
5
PC12. Provide details of costs, benefits,
effectiveness, limitations and constraints of
Recommendations.
5
2
3
PC13. Provide recommendations of security
solutions in an agreed format to the 6 2 4
Architect Identity and Access Management 17
responsible person within agreed
Timescales.
PC14. Provide the organization with
considered advice on the implications of
accepting, modifying or rejecting security
Recommendations.
5
1
4
PC15. Take account of the organization’s
values, culture and nature of business. 5 1 4
PC16. Maintain the security and
confidentiality of information relating to your
Organization and recommendations.
4
1
3
PC17. Obtain necessary approvals from the
responsible persons as per organizational
Policy.
4
1
3
Total 100 31 69
2. SSC/N0920
(Design and
develop
solutions for
identity
management to
meet the
security
objectives)
PC1. Receive specifications of
Requirements and security objectives from
authorized source.
100
5
1
4
PC2. Use an IdAM security product to
design and deploy end to end identity and
Access management.
8
3
5
PC3. Design and deliver a cohesive
blueprint for delivery of Identity & Access
Services to include technology options.
8
2
6
PC4. Design the user access control and
privilege framework. 8 3 5
PC5. Design and develop group policies
and access control lists to ensure
compatibility with organizational standards,
business rules, and needs.
8
2
6
PC6. Build strategies to advance to more
effective protocols and sunset ineffective
protocols.
6
2
4
PC7. Develop local network usage policies
and procedures. 6 2 4
PC8. Use access management
technologies, methodologies and role-
based and security-based entitlements
models to develop effective IdAM solutions.
5
2
3
PC9. Write applications as per designed
identity and access management solution. 5 3 2
PC10. Write programs in CC++ or .net tool
for designed identity and access
management solution.
4
2
2
PC11. Ensure secure integration approach
with different third party systems. 4 1 3
Architect Identity and Access Management 18
PC12. Ensure identification and remediation
of control weaknesses; using existing
Methodologies.
4
1
3
PC13. Develop fixes, patches, & recovery
Procedures in the event of a
security breach.
7
2
5
PC14. Liaise with delivery/deployment
teams to ensure IAM requirements are
included in all application delivery projects.
6
2
4
PC15. Conduct security assessments of
authentication applications such as secure
code reviews, application penetration
testing & threat modelling/architectural risk
analysis.
7
2
5
PC16. Ensure technology risk
considerations are identified and
adequately addressed for new application
developments, integration and deployment.
4
0
4
PC17. Comply with relevant legislation,
standards, policies and procedures. 5 1 4
Total 100 31 69
3. SSC/N0921
(Ensure
implement and
maintain identity
and access
management
solutions
follows
architectural
design)
PC1. Clarify architectural design to the
implementation team.
100
12 4 8
PC2. Provide inputs for implementation
strategies and plan to the implementation
team(s).
12
3
9
PC3. Perform comparative analysis and
evaluation of the implemented solutions
against architectural design.
12
3
9
PC4. Derive relevant features of the
solutions for the desired requirements s per
architectural design.
10
3
7
PC5. Test or pilot market/in house solutions
for their fitment. 10 3 7
PC6. Suggest integration and interfaces for
market/in-house solutions with other
security solutions like SIEM or external
solutions.
10
2
8
PC7. Resolve queries for the
implementation and administration team
with respect to overall Identity and access
management architectural design.
12
4
8
PC8. Review the implementation steps and
their outcome to ensure that they satisfy
architectural objectives and adhere to
design.
10
2
8
Architect Identity and Access Management 19
PC9. Assess how implementation satisfies
compliance requirements.
12 4 8
Total 100 28 72
4. SSC/N9001
(Manage your
work to meet
requirements)
PC1. Establish and agree your work
requirements with appropriate people.
100
7 0 7
PC2. Keep your immediate work area clean
and tidy. 12 6 6
PC3. Utilize your time effectively. 12 6 6
PC4. Use resources correctly and
efficiently. 19 6 13
PC5. Treat confidential information
correctly. 7 1 6
PC6. Work in line with your organization’s
policies and procedure. 12 0 12
PC7. Work within the limits of your job role. 6 0 6
PC8. Obtain guidance from appropriate
people, where necessary. 6 0 6
PC9. Ensure your work meets the agreed
requirements. 19 6 13
Total 100 25 75
5. SSC/N9002
(Work
effectively with
colleagues)
PC1. Communicate with colleagues clearly,
concisely and accurately.
100
20 0 20
PC2. Work with colleagues to integrate your
work effectively with theirs. 10 0 10
PC3. Pass on essential information to
colleagues in line with organizational
requirements.
10
10
0
PC4. Work in ways that show respect for
colleagues. 20 0 20
PC5. Carry out commitments you have
made to colleagues. 10 0 10
PC6. Let colleagues know in good time if
you cannot carry out your commitments,
explaining the reasons.
10
10
0
PC7. Identify any problems you have
working with colleagues and take the
initiative to solve these problems.
10
0
10
PC8. Follow the organization’s policies and
procedures for working with colleagues. 10 0 10
Total 100 20 80
6. SSC/N9003
(Maintain a
healthy, safe
and secure
working
environment)
PC1. Comply with your organization’s
current health, safety and security policies
and procedures.
100
20
10
10
PC2. Report any identified breaches in
health, safety, and security policies and
procedures to the designated person.
10
0
10
Architect Identity and Access Management 20
PC3. Identify and correct any hazards that
you can deal with safely, competently and
within the limits of your authority.
20
10
10
PC4. Report any hazards that you are not
competent to deal with to the relevant
person in line with organizational
procedures and warn other people who may
be affected.
10
0
10
PC5. Follow your organization’s emergency
procedures promptly, calmly, and efficiently. 20 10 10
PC6. Identify and recommend opportunities
for improving health, safety, and security to
the designated person.
10
0
10
PC7. Complete any health and safety
records legibly and accurately. 10 0 10
Total 100 30 70
7. SSC/N9004
(Provide
data/information
in standard
formats)
PC1. Establish and agree with appropriate
people the data/information you need to
provide, the formats in which you need to
provide it, and when you need to provide it.
100
13
13
0
PC2. Obtain the data/information from
reliable sources. 13 0 13
PC3. Check that the data/information is
accurate, complete and up-to-date. 12 6 6
PC4. Obtain advice or guidance from
appropriate people where there are
problems with the data/information.
6
0
6
PC5. Carry out rule-based analysis of the
data/information, if required. 25 0 25
PC6. Insert the data/information into the
agreed formats. 13 0 13
PC7. Check the accuracy of your work,
involving colleagues where required. 6 0 6
PC8. Report any unresolved anomalies in
the data/information to appropriate people. 6 6 0
PC9. Provide complete, accurate and up-to-
date data/information to the appropriate
people in the required formats on time.
6
0
6
Total 100 25 75
8. SSC/N9005
(Develop your
knowledge,
skills and
competence)
PC1. Obtain advice and guidance from
appropriate people to develop your
knowledge, skills and competence.
100
10
0
10
PC2. Identify accurately the knowledge and
skills you need for your job role. 10 0 10
Architect Identity and Access Management 21
PC3. Identify accurately your current level
of knowledge, skills and competence and
any learning and development needs.
20
10
10
PC4. Agree with appropriate people a plan
of learning and development activities to
address your learning needs.
10
0
10
PC5. Undertake learning and development
activities in line with your plan. 20 10 10
PC6. Apply your new knowledge and skills
in the workplace, under supervision. 10 0 10
PC7. Obtain feedback from appropriate
people on your knowledge and skills and
how effectively you apply them.
10
0
10
PC8. Review your knowledge, skills and
competence regularly and take appropriate
action.
10
0
10
Total 100 20 80