This unit describes the skills and knowledge required to conduct a risk assessment and analysis in a business environment. The risk assessment requires the identity and alignment of an organisation’s operating environment to their required risk register and the realignment of their operations.

It applies to those who work in risk functions of an organisation, including ICT risk managers, cyber security engineers, network engineers, DevOps engineers and cyber security solutions architects, and are responsible for designing security solutions.