Capability Methodology
About the Methodology
The CIISec Capability Development Methodology (CDM) has been designed to help organisations to develop, recruit and retain talent. It can be adapted and tailored for your organisation and will align comfortably with your internal standards and any external standards that may use.
Implementing the Capability Development Methodology
The exact process by which an information security skills capability is implemented is likely to differ from organisation to organisation – and will be influenced by factors such as the current level of information security maturity in the organisation and the extent to which a structured approach to skills management is already in place. The process set out in this guide sets out suggested steps for implementing a skills capability ‘from scratch’ using the concept of ‘roles families’. However, the process could also be applied to validate the adequacy of an existing skills capability. The process is summarised in the diagram below.
Capability Development Methodology Diagram
At the heart of the methodology are the CIISec Skills, Knowledge, Roles and Accreditation Frameworks that have been developed over a number of years via collaboration with private and public sector organisations, world-renowned academics, security leaders and authoritative bodies.