Information assurance: Level 7

Establishes and manages Information assurance strategy and policies in accordance with the ISO/IEC 27000 series of standards. Plans and implements processes to take forward the strategy and policies. Provides leadership and guidelines for provision of Information assurance requirements across all of the organisation's information and information systems.

Information assurance: Level 6

Develops corporate Information security policy, standards and guidelines. Prepares and maintains organisational strategies that address the evolving business risk and information control requirements. Operates as a focus for Information assurance governance expertise for the organisation, working effectively with strategic organisational functions such as legal experts and technical support to provide authoritative advice and guidance on the requirements for security controls.

Information assurance: Level 5

Provides authoritative advice and guidance on Information assurance strategies to manage the identified risk. Interprets security and assurance policies and contributes to development of standards and guidelines that comply with these.