COMPETENCY PROFILE CHART (CPC)

SECTOR
BUSINESS MANAGEMENT

SUB SECTOR
IT SUPPORT

JOB AREA
INFORMATION SYSTEM MANAGEMENT

JOB LEVEL LEVEL 5 JOB AREA CODE

FB-081-5:2012

COMPETENCY COMPETENCY UNIT

INFORMATION INFORMATION
SYSTEM SYSTEMS POLICIES INFORMATION STAFF
CORE TECHNOLOGY & PROCEDURES SYSTEMS AUDITING MANAGEMENT
MANAGEMENT MANAGEMENT

FB-081-5:2012-C01 FB-081-5:2012-C02 FB-081-5:2012-C03 FB-081-5:2012-C04

CORPORATE
BUSINESS
AFFAIRS & PROJECT
CONTINUITY
COMMUNICATION MANAGEMENT
MANAGEMENT
MANAGEMENT
FB-081-5:2012-C05 FB-081-5:2012-C06 FB-081-5:2012-C07

1
Sub Sector IT SUPPORT
Job Area INFORMATION SYSTEM MANAGEMENT
Level FIVE (5)

CU Title CU Code CU Descriptor CU Work Activities Performance Criteria

1 Information System Information System Technology 1. Analyse current usage and 1.1 Overall quality and efficiency of
Technology management is a set of management sustainability of existing business operation assessed according
management disciplines that allows organisations to technology to performance report on usage of
manage technological advancements. It existing systems
is fundamental to create competitive 1.2 Effectiveness and sustainability of
business advantage. technology usage assessed according
to performance report on usage of
The person who is competent shall be existing systems
able to analyse current usage of
existing technology, review companys 2. Manage current companys 2.1 Effectiveness of information system
information system, perform business information system technology management evaluated based on
process analysis and plan new users feedback and system
technology implementation. performance report
2.2 Implementation of information system
The outcome of this competency is to analysed according to Companys ISP
ensure that technology management of (Information System Planning)
business activities are coordinated to 2.3 Execution and implementation of
ensure sustainability and innovative information system management
technology. reviewed according to Companys
information system infrastructure and
ISP

2
CU Title CU Code CU Descriptor CU Work Activities Performance Criteria
3. Analyse business process 3.1 Business process operation reviewed
by applying the business process
analysis methods
3.2 Synchronization of management
system reviewed to establish seamless
integration of systems
3.3 Business process analysis report
findings produced

4. Propose new technology 4.1 Business requirement analysis

enhancement conducted according to categories of
requirements which include design,
architecture, functional and
performance requirements
4.2 Technology scanning carried out
according to scanning process and
techniques
4.3 Information system requirement
specification determined
4.4 Strategic technological change
proposed according to organisation
requirements
4.5 Proposal submitted to the management
for approval

3
 CU Title CU Code CU Descriptor
2 Information systems The Information system policies &
policies & procedures procedures management competency
management unit title describes the competency
required in revising and developing
information system policies & 1.4 Differences between departmental
procedures management in order to
enhance the functionality of the system.
The Information system policies &
procedures management competency
unit describes a person who is aware of
industrys standard practice, and
proposes changes to management
regarding the Information Systems
policies and procedures
The person who is competent in this
competency unit shall be able to
compare current policies with new
trends and standard practice, revise
policies & procedures and implement
revised policies & procedures
The outcome of this competency is to
be able to continuously review and
update work procedures which adhere
to the organisations policies
CU Work Activities
1. Review existing policies &
procedures
2. Amend policies & procedures
3. Implement updated policies &
procedures
Performance Criteria
1.1 Stakeholder involved in policies &
procedures review determined
1.2 Departmental direction determined
1.3 Policies and procedures analysed
policies & procedures and industrys
best practice defined
1.5 Weakness of current policies and
procedures determined
1.6 Policies beneficial to organisation
determined
2.1 Format of policies & procedures
determined
2.2 Statement of revised policies and
procedures confirmed
2.3 Changes to policies & procedures
confirmed with management
2.4 Revised policies & procedures
documented according to format
2.5 Statement of policies and procedures
documented
2.6 Endorsement obtained from top
management
3.1 New policies & procedures are
disseminated to staff
3.2 Updated policies & procedures
implementation issues interpreted
3.3 Policies & procedures implementation
report produced
4
 CU Title CU Code CU Descriptor
3 Information systems The Information System auditing
auditing competency unit title describes the
competency required when auditing the
information systems which is an
examination of the management
controls within an Information
technology (IT) infrastructure. The
evaluation of obtained evidence
determines if the information systems
are safeguarding assets, maintaining
data integrity, and operating effectively
to achieve the organization's goals or
objectives. These reviews may be
performed in conjunction with a
financial statement audit, or internal
audit.
The Information System auditing
competency unit describes a person
who is responsible to audit the system
to ensure procedures are being
followed and the system is operating
according to organisation requirements
The person who is competent in
system auditing shall be able to identify
system auditing requirement, plan
system auditing activities, perform
CU Work Activities
1. Plan system auditing
2. Perform system auditing
3. Produce system audit report
Performance Criteria
3.4 Policies & procedures report submitted
to top management for review
1.1 Organisations information systems
auditing requirement determined
1.2 Organisations information systems
auditing procedure interpreted
1.3 Audit team determined according to
organisation requirements
1.4 System auditing schedule prepared
2.1 Audit activities conducted in
accordance with organisations
requirements
2.2 Standard procedures to determine
compliance and incompliance
determined
2.3 Assessment findings verified and
compiled
2.4 Assessment findings analysed
3.1 Audit findings summarised in report
3.2 Follow up activities to rectify
incompliance proposed in report
3.3 Final auditing findings report prepared
according to management report
3.4 Final audit findings report submitted for
management acknowledgement
5
 CU Title CU Code CU Descriptor
system auditing activities and produce
system audit report
The outcome of this competency is to
ensure the efficiency and accuracy of
the information system and that it is
being utilised and recommended for
improvement accordingly
4 Staff management The Staff management competency unit 1. Perform staff performance
title describes the competency in
managing all employees in the
organization, including the development
of staff skills through training and other
forms of staff development as well as
the identification, development and
implementation of training needs and 2. Conduct training need analysis
programs available for staff
He or She is responsible to evaluate
departmental staff capabilities,
develops staffing strategies and
implements staff development 3. Carry out staff interview session
regarding staffs planning and
development
The person who is competent in the
Staff development management
competency unit shall be able to plan,
conduct, and review staff development
CU Work Activities Performance Criteria
1.1 Staff performance criteria determined
appraisal according to companys policies
1.2 Staff performance evaluated based on
appraisal technique and ethics
1.3 Outcome of the appraisal prepared and
recommendation given to the staff.
2.1 Staff performance issue determined
from the outcome of the TNA session
2.2 Staff development requirements
determined
2.3 Staff training program prepared.
3.1 Information on applicant collected and
recorded before interview session.
3.2 Selected candidate confirmed.
3.3 Candidate for vacant position selected
based on performance during the
interview session
6
 CU Title CU Code CU Descriptor CU Work Activities Performance Criteria
4. Identify staff management 4.1 Companys policy and procedures on
The outcome of this competency is to requirements staff management obtained
ensure that all the activities involved in 4.2 Staff management scope of work
business operation are effectively determined
coordinated and supported 4.3 Manpower requirement determined

5. Evaluate staff management 5.1 Staff scheduling activities assessed

activities 5.2 Staff scheduling activities performance
concluded
5.3 Company policy and procedure on staff
benefit & compensation determined.

5 Corporate Affairs and Corporate Affairs and Communication 1. Administer information systems 1.1 Companys legal policies and
Communication Management is communication with legal matters procedures determined according to
Management government agencies and liaison legal issues needs
relating to legislative matters, 1.2 Legal needs evaluated and reviewed
government procedures, policies and according to requirements
compliances. The management of 1.3 Related legal documents finalised
corporate affairs which include setting according to procedure
company procedures policies and 1.4 Company regulatory compliance
techniques of communication. It is determined according to regulatory and
fundamental to the organisations statutory body requirements
competitive advantage and 1.5 Corporate company legal issues
sustainability. related to the Information System
coordinated with organisations legal
The person who is competent shall be personnel as to ensure action and
able to administer legal affairs decision taken promptly.
activities, administer authority liaison 1.6 Summary of legal issues ascertained
and administer communication from companys lawyer/legal
management department

7
CU Title CU Code CU Descriptor CU Work Activities Performance Criteria
The outcome of this competency is to 1.7 Legal affairs conclusion reported to
ensure that all the activities involved in stakeholders
corporate affairs operation and
communication are effectively 2. Perform government authority 2.1 Authority policies and procedures
liaison related to information system
coordinated and supported in an
determined
organisation. 2.2 Authority compliance needs evaluated
and reviewed according to business
environment requirements
2.3 Regulatory and statutory body
compliance determined according to
business environments requirements
2.4 Compliances with regulatory and
statutory bodies ascertained according
to business environment requirements

3. Perform corporate relations 3.1 Company policies and procedure on

management communication management
determined
3.2 Method of communication relevant to
company operation determined
3.3 Business correspondence records
obtained and assessed according to
company procedure
3.4 Client/public response to information
system assessed according to
organisation procedures
3.5 Communication effectiveness
assessed according to reports and
internal and external feedbacks

8
 CU Title CU Code CU Descriptor
6 Business Continuity Business continuity is the activity 1. Conduct Business Impact
Management performed by an organization to ensure
that critical business functions will be
available to stakeholder that must have
access to those functions. Business
Continuity refers to activities performed
daily to maintain service, consistency,
and recoverability. The foundation of
business continuity are the standards,
program development, and supporting
policies; guidelines, and procedures
needed to ensure a firm to continue
without stoppage, irrespective of the
adverse circumstances or events. All
system design, implementation,
support, and maintenance must be
based on this foundation in order to
have any hope of achieving business
continuity, disaster recovery, or in some 2. Conduct risk mitigation planning
cases, system support.
He or She is responsible for planning
and managing system operations to
maintain service, consistency, and
recoverability in the event of an
accident, disaster, emergency, and/or
threat.
The person who is competent shall be
able to conduct Business Impact
Analysis conduct risk mitigation
CU Work Activities Performance Criteria
1.1 Business operation requirements
Analysis interpreted
1.2 Information system functionality related
to business operation requirements
interpreted
1.3 Criticality, recovery point objectives,
and recovery time objectives
determined through Business Impact
Analysis techniques
1.4 Extent and timescale of the impact on
different levels of an organization
determined
1.5 Effect of disruption on operational,
functional and strategic activities of an
organization determined
2.1 Potential risks and threats to critical
business activities both internally and
from the external environment
determined
2.2 Procedures to enable risk mitigation
determined
2.3 Outage timeframe determined based
on accepted business operation
downtime
2.4 Risk mitigation plan procedures
documented
9
CU Title CU Code CU Descriptor
planning, conduct business recovery
planning , implement the Business 3. Conduct business recovery
Continuity plan, and evaluate planning
implementation according to disaster
recovery/business continuity standards
The outcome of this competency is to
ensure service availability and reliability
in order to have any hope of achieving
business continuity, disaster recovery,
or in some cases, system support.
4. Implement business continuity
in system operations
CU Work Activities Performance Criteria
3.1 Emergency Response team personnel
determined
3.2 Emergency response and management
procedures required during situations
in which the plan is to be activated
based on disaster recovery/business
continuity standards
3.3 Damage assessment procedures
determined according to disaster
recovery/business continuity standards
3.4 Disaster declaration procedures
determined according to disaster
recovery/business continuity standards
3.5 Instructions on recovering operations
determined
3.6 Document management procedures in
event of disaster determined
3.7 Disaster recovery plan documented
4.1 Business Continuity plan which include
risk mitigation plan and disaster
recovery plan compiled
4.2 Business Continuity procedures and
information documented
4.3 Business Continuity plan
communicated and disseminated to
organisation personnel through
awareness and training programs
4.4 Emergency communications and
coordination with public authorities
10
 CU Title CU Code CU Descriptor
7 Project management The Project management competency
unit describes the competency required
in planning, organizing, securing,
managing, leading, and controlling
resources to achieve specific goals.
A project is a temporary endeavour with
a defined beginning and end (usually
time-constrained, and often constrained
by funding or deliverables), undertaken
to meet unique goals and objectives.
CU Work Activities
5. Evaluate business continuity
management implementation
1. Analyse project management
requirements
Performance Criteria
carried out in event of emergency
4.5 Change management procedures
enforced based on business continuity
5.1 Business continuity procedures
checked against business continuity
plan
5.2 Business continuity in terms of
document and information
management assessed
5.3 Business continuity implemented in
business operations assessed
5.4 Business continuity plan issues
determined
5.5 Solutions to improve on business
continuity procedures proposed
5.6 Business continuity plan revised based
on evaluation findings
1.1 Companys SOP on project
management activities interpreted
1.2 Objective, cost, constraint and risk
interpreted
1.3 Project management scope of work
determined
1.4 Project constraint and risk determined
1.5 Project management budget allocation
determined
1.6 Type of project to be developed
determined
11
CU Title CU Code CU Descriptor
He or She is to manage project
activities in an organisation to ensure
the effective delivery of approved
planned programs of the company by
adopting suitable methods
The person who is competent in project
management shall be able to identify
project management requirements, plan
project development activities,
coordinate project implementation,
evaluate project implementation and
produce project management report
The outcome of this competency is to
ensure that all the activities involved in
project management are carried out
efficiently to enhance the companys
image in delivering product/services
and to ensure the sustainability of the
company.
CU Work Activities
2. Conduct project planning
3. Manage information system
project implementation
Performance Criteria
2.1 Project cost estimated
2.2 Project resources planned
according to project requirement
2.3 Project development schedule
prepared
2.4 Redundant task determined
2.5 Critical activities categorised
2.6 Project milestone established
2.7 Job and manpower distribution plan
established
3.1 Project resources managed in
accordance to project plan;
Cost
Time
Manpower
Tools, Equipment and
Materials
3.2 Project development progress checked
against project development schedule
3.3 Project changes managed within the
project scope
3.4 Project development efficiency
assessed in accordance with project
development schedule
3.5 Project development outcome
measured against the objective of
project
12
CU Title CU Code CU Descriptor CU Work Activities Performance Criteria

4. Report information system 4.1 Project development outcome verified

project management activities
4.2 Project closing conducted and
outcome report circulated to project
stakeholders
4.3 Final project management report
prepared and submitted to
stakeholders for review

13