Skill ID: S0878
Skill in performing risk analysis
Work roles with this Skill
Communications Security (COMSEC) Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-001Responsible for managing the Communications Security (COMSEC) resources of an organization.
Cybersecurity Workforce Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-003Responsible for developing cybersecurity workforce plans, assessments, strategies, and guidance, including cybersecurity-related staff training, education, and hiring processes. Makes adjustments in response to or in anticipation of changes to cybersecurity-related policy, technology, and staffing needs and requirements.Authors mandated workforce planning strategies to maintain compliance with legislation, regulation, and policy.
Privacy Compliance
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-008Responsible for developing and overseeing an organization’s privacy compliance program and staff, including establishing and managing privacy-related governance, policy, and incident response needs.
Security Control Assessment
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-012Responsible for conducting independent comprehensive assessments of management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine their overall effectiveness.
Systems Security Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-014Responsible for managing the cybersecurity of a program, organization, system, or enclave.
Secure Software Development
Category: Design and DevelopmentNICE Framework ID: DD-WRL-003Responsible for developing, creating, modifying, and maintaining computer applications, software, or specialized utility programs.
Secure Systems Development
Category: Design and DevelopmentNICE Framework ID: DD-WRL-004Responsible for the secure design, development, and testing of systems and the evaluation of system security throughout the systems development life cycle.
Software Security Assessment
Category: Design and DevelopmentNICE Framework ID: DD-WRL-005Responsible for analyzing the security of new or existing computer applications, software, or specialized utility programs and delivering actionable results.
Systems Requirements Planning
Category: Design and DevelopmentNICE Framework ID: DD-WRL-006Responsible for consulting with internal and external customers to evaluate and translate functional requirements and integrating security policies into technical solutions.
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)