770

770 (NIST ID: T0181)

Task

Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.


Core KSAT for the following Work Roles

Information Systems Security Developer (Core) ID: 631 (NIST ID: SP-SYS-001) Workforce Element: Cybersecurity

Designs, develops, tests, and evaluates information system security throughout the systems development lifecycle.

Secure Software Assessor (Core) ID: 622 (NIST ID: SP-DEV-002) Workforce Element: Cybersecurity

Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.

Additional KSAT for the following Work Roles

Software Developer (Additional) ID: 621 (NIST ID: SP-DEV-001) Workforce Element: Software Engineering

Executes software planning, requirements, risk management, design, development, architecture, modeling, estimation, configuration management, quality, security, and tests using software development methodologies, architectural structures, viewpoints, styles, design decisions, and frameworks across all lifecycle phases.

Systems Developer (Additional) ID: 632 (NIST ID: SP-SYS-002) Workforce Element: IT (Cyberspace)

Designs, develops, tests, and evaluates information systems throughout the systems development lifecycle.