ISO/IEC INTERNATIONAL STANDARD 19896-1 First edition 2018-02 IT security techniques Competence requirements for information security testers and evaluators Part 1: Introduction, concepts and general requirements Techniques de sécurite IT - Exigences de compétence pour I'information testeurs d'assurance et les évaluateurs Partie 1: Introduction, concepts et exigences générales Reference number ISO/IEC 19896-1:2018(E) IEC osi 4 @ IS0/IEC 2018 IS0/IEC 19896-1:2018(E) COPYRIGHT PROTECTED DOCUMENT @ IS0/IEC 2018 All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either IsO at the address below or Iso's member body in the country of the requester. ISO copyright office CP 401 : Ch. de Blandonnet 8 CH-1214 Vernier, Geneva Phone: +41 22 749 01 11 Fax: +41 22 749 09 47 Email: [email protected] Website: www.iso.org Published in Switzerland i IS0/IEC 2018 - All rights reserved IS0/IEC 19896-1:2018(E) Contents Page Foreword ..iv Introduction ..V 1 Scope. .1 2 Normative references 3 Terms and definitions 4 Concepts .2 5 Elements of competence .3 5.1 Competences 3 5.2 Knowledge. .3 5.3 Skills 4 5.4 Experience 4 5.5 Education. .5 5.6 Effectiveness 5 Competency levels .5 6 6.1 General 5 6.2 Level 1 (Associate) .5 6.3 Level 2 (Professional) 5 6.4 Level 3 (Manager) 6.5 Level 4 (Principal) . 6 Measurement of elements of competence 7 .6 7.1 Knowledge. .6 7.2 Skills. . 6 7.3 Experience .6 7.4 Education. . 6 7.5 Effectiveness .7 7.6 Recording elements of competence. Annex A (informative) Framework for describing competence requirements. .8 Annex B (informative) Example records of experience and competence ..10 Bibliography ..11 iii @ IS0/IEC 2018 - All rights reserved