SAQA All qualifications and part qualifications registered on the National Qualifications Framework are public property. Thus the only payment that can be made for them is for service and reproduction. It is illegal to sell this material for profit. If the material is reproduced or quoted, the South African Qualifications Authority (SAQA) should be acknowledged as the source.
SOUTH AFRICAN QUALIFICATIONS AUTHORITY 
REGISTERED UNIT STANDARD THAT HAS PASSED THE END DATE: 

Develop an understanding of systems security methods (authorisations) in an Enterprise Resource Planning system 
SAQA US ID UNIT STANDARD TITLE
119086  Develop an understanding of systems security methods (authorisations) in an Enterprise Resource Planning system 
ORIGINATOR
SGB Generic Management 
PRIMARY OR DELEGATED QUALITY ASSURANCE FUNCTIONARY
-  
FIELD SUBFIELD
Field 03 - Business, Commerce and Management Studies Generic Management 
ABET BAND UNIT STANDARD TYPE PRE-2009 NQF LEVEL NQF LEVEL CREDITS
Undefined  Regular-Fundamental  Level 5  Level TBA: Pre-2009 was L5 
REGISTRATION STATUS REGISTRATION START DATE REGISTRATION END DATE SAQA DECISION NUMBER
Passed the End Date -
Status was "Reregistered" 		 2018-07-01  2023-06-30  SAQA 06120/18 
LAST DATE FOR ENROLMENT LAST DATE FOR ACHIEVEMENT
2026-06-30   2029-06-30  

In all of the tables in this document, both the pre-2009 NQF Level and the NQF Level is shown. In the text (purpose statements, qualification rules, etc), any references to NQF Levels are to the pre-2009 levels unless specifically stated otherwise.  

This unit standard does not replace any other unit standard and is not replaced by any other unit standard. 

PURPOSE OF THE UNIT STANDARD 
A person credited with this unit standard is able to describe the importance of systems security is the business environment. Learners are also able to develop security requirements within an Enterprise Resource Planning system and test the system for it effectiveness. Learners are able to correct errors to ensure security standards

The qualifying learner is capable of:
  • Explaining and defining systems security requirements
  • Developing system security requirements within Enterprise Resource Planning system
  • Testing and correcting developed system security requirements 
    		•

    LEARNING ASSUMED TO BE IN PLACE AND RECOGNITION OF PRIOR LEARNING 
    Learners accessing this unit standard will have demonstrated competence in
  • Communications at NQF level 4
  • Mathematical Literacy at NQF level 4 
    		•

    UNIT STANDARD RANGE 
  • Risk profiles include but are not limited to: redundancy, dependency, required uptime, connections, firewall
  • Security systems could include but are not limited to: Sarbanes Oxley, Role Sizing 
    		•

    Specific Outcomes and Assessment Criteria: 

    SPECIFIC OUTCOME 1 
    Explain and define systems security requirements. 

    ASSESSMENT CRITERIA     

    ASSESSMENT CRITERION 1 
    The roles required with reference to the business process are identified and listed in line with organisational practices 

    ASSESSMENT CRITERION 2 
    A mapping of the Enterprise Resource Planning system transactions to the required roles is compiled in required format 

    ASSESSMENT CRITERION 3 
    A mapping of the required roles to the identified Enterprise Resource system users is compiled in line with organisational practices 

    ASSESSMENT CRITERION 4 
    The authorization mapping matrix is documented and verified with the client within required timeframe 

    SPECIFIC OUTCOME 2 
    Develop systems security requirements within an Enterprise Resource Planning system. 

    ASSESSMENT CRITERIA     

    ASSESSMENT CRITERION 1 
    Delegation of duty principles are applied in determining the security system requirements 

    ASSESSMENT CRITERION 2 
    An authorization procedure is defined and verified with the client within required timeframe 

    ASSESSMENT CRITERION 3 
    A risk profile is developed for the Enterprise Resource Planning system and verified with the client within required timeframe and in accordance with organisational systems and procedures 

    SPECIFIC OUTCOME 3 
    Test and correct developed systems security requirements. 

    ASSESSMENT CRITERIA     

    ASSESSMENT CRITERION 1 
    System security audit procedures are defined and verified with the client in accordance with organisational procedures and practices 

    ASSESSMENT CRITERION 2 
    Changes to system security requirements are suggested in accordance with any changes within the organisation 

    ASSESSMENT CRITERION 3 
    Changes to system security are implemented based on the client's requirements and system guidelines and parameters 


    UNIT STANDARD ACCREDITATION AND MODERATION OPTIONS 
  • An individual wishing to be assessed (including through RPL) against this unit standard may apply to an assessment agency, assessor or provider institution accredited by the relevant ETQA or an ETQA that has a Memorandum of Understanding with the relevant ETQA.
  • Anyone assessing a learner against this unit standard must be registered as an assessor with the relevant ETQA or an ETQA that has a Memorandum of Understanding with the relevant ETQA.
  • Any institution offering learning that will enable achievement of this unit standard or assessing this unit standard must be accredited as a provider with the relevant ETQA, or an ETQA that has a Memorandum of Understanding with the relevant ETQA.
  • Moderation of assessment will be conducted by the relevant ETQA according to the policies and guidelines foe assessment and moderation of that ETQA, at its discretion, in terms of agreements reached about assessment and moderation between various ETQA (including professional bodies.) 
    		•

    UNIT STANDARD ESSENTIAL EMBEDDED KNOWLEDGE 
  • Integration of Enterprise Resource Planning Solutions and the business processes they support
  • The integrated nature of business processes
  • The concepts of businesses as going concerns and the profit motive
  • The concepts of business systems and their interdependencies 
    		•

    UNIT STANDARD DEVELOPMENTAL OUTCOME 
    N/A 

    UNIT STANDARD LINKAGES 
    N/A 


    Critical Cross-field Outcomes (CCFO): 

    UNIT STANDARD CCFO WORKING 
    Work effectively with other as a member of a team in order to involve stakeholders system security requirements definition sessions 

    UNIT STANDARD CCFO COLLECTING 
    Collect, analyse, organise and critically evaluate information which is required for system security requirements definition, verification and documentation 

    UNIT STANDARD CCFO COMMUNICATING 
    Communicate effectively with others when participating in or facilitating workshops to extract necessary information from role-players 

    UNIT STANDARD CCFO SCIENCE 
    Use science and technology when implementing system security measures in an Enterprise Resource Planning system 

    UNIT STANDARD CCFO DEMONSTRATING 
    Demonstrate an understanding of the world as a set of related systems by adopting a systemic approach to the company when analyzing and documenting the different authorisation and security system requirements within the organisation 

    UNIT STANDARD ASSESSOR CRITERIA 
    N/A 

    REREGISTRATION HISTORY 
    As per the SAQA Board decision/s at that time, this unit standard was Reregistered in 2012; 2015. 

    UNIT STANDARD NOTES 
    N/A 

    QUALIFICATIONS UTILISING THIS UNIT STANDARD: 
      ID QUALIFICATION TITLE PRE-2009 NQF LEVEL NQF LEVEL STATUS END DATE PRIMARY OR DELEGATED QA FUNCTIONARY
    Core  49419   National Diploma: Business Consulting Practice  Level 5  NQF Level 05  Passed the End Date -
    Status was "Reregistered"     		 2023-06-30  SERVICES 
    Elective  83026   National Certificate: Information and Communications Technology (ICT) Software Testing  Level 5  NQF Level 05  Passed the End Date -
    Status was "Reregistered"     		 2023-06-30  MICTS 


    PROVIDERS CURRENTLY ACCREDITED TO OFFER THIS UNIT STANDARD: 
    This information shows the current accreditations (i.e. those not past their accreditation end dates), and is the most complete record available to SAQA as of today. Some Primary or Delegated Quality Assurance Functionaries have a lag in their recording systems for provider accreditation, in turn leading to a lag in notifying SAQA of all the providers that they have accredited to offer qualifications and unit standards, as well as any extensions to accreditation end dates. The relevant Primary or Delegated Quality Assurance Functionary should be notified if a record appears to be missing from here.
     
    1. DC Academy (PTY)LTD 
    2. Epitome Villa (Pty)Ltd 
    3. Eshybrand Pty Ltd 
    4. FACULTY TRAINING INSTITUTE PTY LTD 
    5. MINDWORX CONSULTING GAUTENG PTY LTD 
    6. Sisekelo Sustainability Institute 
    7. SIYAFUNDA COMMUNITY TECHNOLOGY CENTRE NPC 
    8. SUPREME ICT CONSULTANTS 
    9. Terry Computer Services cc 
    10. Visionary Skill Academy 


    All qualifications and part qualifications registered on the National Qualifications Framework are public property. Thus the only payment that can be made for them is for service and reproduction. It is illegal to sell this material for profit. If the material is reproduced or quoted, the South African Qualifications Authority (SAQA) should be acknowledged as the source.