Information Management (IRMG)

The overall management of information, as a fundamental business resource, to ensure that the information needs of the business are met. Encompasses development and promotion of the strategy and policies covering the design of information structures and taxonomies, the setting of policies for the sourcing and maintenance of the data content, the management and storage of electronic content and the analysis of information structure (including logical analysis of data and metadata). Includes overall responsibility for compliance with regulations, standards and codes of good practice relating to information and documentation records management, information assurance and data protection.

Consultancy (CNSL)

The provision of advice, assistance and leadership in any area associated with the planning, procurement, provision, delivery, management, maintenance or effective use of information systems and their environments. The consultancy can deal with one specific aspect of IT and the business, or it can be wide ranging and address strategic business issues

Technical specialism (TECH)

The management and provision of ex per t advice on a specific technical specialism. Examples of specialism can be any technology, technique, method, product or application area.

Research (RSCH)

The advancement of knowledge in one or more fields of information technology by innovation, ex per imentation, evaluation and dissemination, carried out in pursuit of a predetermined set of research goals.

Innovation (INOV)

The capability to recognise and exploit business opportunities provided by IT (for example, the Internet), to ensure more efficient and effective per formance of organisations, to explore possibilities for new ways of conducting business and organisational processes and to establish new businesses.

Business process improvement (BPRE)

The identification of new and alternative approaches to per forming business activities. The analysis of business processes, including recognition of the potential for automation of the processes, assessment of the costs and potential benefits of the new approaches considered and, where appropriate, management of change and assistance with implementation.

Strategic application of information systems (STPL)

The development or review of an information systems strategy to support an organisation’s business goals and the development of plans to drive forward and manage that strategy. Working with others to embed the strategic management of information systems as part of the management of the organisation.

Business risk management (BURM)

The planning and implementation of organisation-wide processes and procedures for the management of o per ational risk.

Information security (SCTY)

The management of, and provision of ex per t advice on, the selection, design, justification, implementation and o per ation of information security controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.

Browse extended SFIAplus detail for this Skill  

Information assurance (INAS)

The protection of systems and information in storage, processing, or transit from unauthorised access or modification. Denial of service to unauthorised users; or the provision of service to authorised users. Includes those measures necessary to detect, document and counter threats to the integrity of stored information, such as the application of firewalls and intrusion detection systems (IDS).

Systems architecture (ARCH)

The specification of systems architectures, identifying the components needed to meet the present and future requirements, both functional and non-functional (such as security) of the business as a whole, and the interrelationships between these components. The provision of direction and guidance on all technical aspects of the development of, and modifications to, information systems to ensure that they take account of relevant architectures, strategies, policies, standards and practices and that existing and planned systems and IT infrastructure remain compatible.

Emerging technology monitoring (EMRG)

The identification of new and emerging hardware, software and communication technologies, products, methods and techniques and the assessment of their relevance and potential value to the organisation. The promotion of emerging technology awareness among staff and business management.

Continuity management (COPL)

The provision of service continuity planning and support. This includes the identification of information systems that support critical business processes, the assessment of risks to those systems' availability, integrity and confidentiality and the coordination of planning, designing, testing and maintenance procedures and contingency plans to address exposures and maintain agreed levels of continuity. This function should be performed as part of, or in close cooperation with, the function that plans business continuity for the whole organisation.

Software development process improvement (SPIM)

The provision of advice, assistance and leadership in improving the quality of software development, by focusing on process definition, management, repeatability and measurement. The facilitation of improvements by changing approaches and working practices, typically using recognised models such as the Capability Maturity Model Integration (CMMI), or the Software Process Improvement and Capability dEtermination Model (SPICE).

Network planning (NTPL)

The creation and maintenance of overall network plans, encompassing the communication of data, voice, text and image, in the support of an organisation's business strategy. This includes participation in the creation of service level agreements and the planning of all aspects of infrastructure necessary to ensure provision of network services to meet such agreements.

Methods and tools (METL)

Ensuring that appropriate methods and tools for the planning, development, operation, management and maintenance of systems are adopted and used effectively throughout the organisation.

Systems development management (DLMG)

The management of resources in order to plan, estimate and carry out programmes of systems development work to time, budget and quality targets and in accordance with appropriate standards.

Data analysis (DTAN)

The provision of specialist expertise and practical assistance in the investigation, evaluation and interpretation of data in order to ensure its coherence, availability, accuracy and security to meet information and communication systems requirements.

Systems design (DESN)

The specification and design of information systems, their components and architecture to meet defined business needs.

Browse extended SFIAplus detail for this Skill  

Network design (NTDS)

The production of network designs and design policies, strategies, architectures and documentation, covering voice, data, text, e-mail, facsimile and image, to support business requirements and strategy. This may incorporate all aspects of the communications infrastructure, internal and external, mobile, public and private, Internet, intranet and call centres.

Database design (DBDS)

The specification, design and maintenance of structures for information storage and access to support business information needs.

Programming / software development (PROG)

The design, creation, testing and documenting of new and amended programs from supplied specifications in accordance with agreed standards.

Safety engineering (SFEN)

The application of appropriate methods to assure safety during all lifecycle phases of safety-related system developments, including maintenance and reuse. These include safety hazard and risk analysis, safety requirements specification, safety-related system architectural design, formal method design, safety validation and verification and safety case preparation.

Web site specialism (WBSP)

The design, creation, testing, implementation and support of new and amended collections of pages of information on the world wide web or an intranet or extranet.

Systems testing (TEST)

The planning, design, management, execution and reporting of tests, using appropriate testing tools and techniques and conforming to agreed standards, to ensure that new and amended systems, together with any interfaces, perform as specified.

Systems ergonomics (HCEV)

The iterative development of the allocation of function (between the human, machine and organisational elements of systems), user interaction and job design. Optimisation of accessibility and usability, based on user requirements, the context of use, relevant ergonomics knowledge and feedback from evaluations of prototypes.

Content creation (DOCM)

The planning, design and creation of information content, to be delivered electronically or otherwise. This includes managing the quality assurance and publication process.

Non-functional needs analysis (UNAN)

The establishment, clarification and communication of non-functional requirements for usability and utility, for example screen design/layout, response times, capacity, resilience. The analysis of the characteristics of users and their tasks and the technical, organisational and physical environment in which products or systems will operate.

Usability evaluation (USEV)

Assessment of the usability (including health and safety and accessibility) of new or existing products or services (including prototypes). Methods include user trials, expert review, survey and analysis.

Human factors integration (HFIN)

Achievement of optimum levels of product or service usability, by ensuring that project and enterprise activities take account of the user experience.

Systems integration (SINT)

The incremental and logical integration and testing of components and/or subsystems and their interfaces in order to create operational systems.

Porting / software integration (PORT)

The integration of software products into existing software environments to produce new platform-specific versions of the software products.

Systems installation / decommissioning (HSIN)

The installation, testing, implementation or decommissioning and removal of cabling, wiring, equipment, hardware and appropriate software, following plans and instructions and in accordance with agreed standards. The testing of hardware and software components, resolving malfunctions found and recording the results. The reporting of details of hardware and software installed so that configuration management records can be updated.

Business analysis (ANAL)

The methodical investigation, analysis, review and documentation of all or part of a business in terms of business functions and processes, the information used and the data on which the information is based. The definition of requirements for improving any aspect of the processes and systems and quantification of potential business benefits. The creation of viable specifications and acceptance criteria in preparation for the construction of information and communication systems.

Programme management (PGMG)

The identification, planning and coordination of a set of related projects within a programme of business change, to manage their interdependencies in support of specific business strategies. Maintains a strategic view over the set of projects, providing the framework for implementing business initiatives, or large-scale change, by achieving a vision of the outcome of the programme. The vision, and the means of achieving it, may change as the programme progresses.

Project management (PRMG)

The management of projects, typically (but not exclusively) involving the development and implementation of business processes to meet identified business needs, acquiring and utilising the necessary resources and skills, within agreed parameters of cost, timescales and quality.

Business process testing (BPTS)

The planning, design, management, execution and reporting of business process tests and usability evaluations. The application of evaluation skills to the assessment of the ergonomics, usability and fitness for purpose of defined processes. This includes the synthesis of test tasks to be performed (from statement of user needs and user interface specification), the design of an evaluation programme, the selection of user samples, the analysis of performance and inputting results to the development team

Change implementation planning & mgtm (CIPM)

Defining and managing the process of deploying and integrating IT capabilities into the business in a way that is sensitive to, and fully compatible with, business operations.

Organisation design & implementation (ORDI)

The design of organisation structure, role profiles, culture, performance measurement, competencies and skills, to support strategies for change and for training to enable the change. Identification of key attributes of the culture and key principles and factors for addressing location strategy.

Benefits management (BENM)

Monitoring for the emergence of anticipated policy benefits (typically specified as part of the business case for a change programme or project). Action (typically by the programme management team) to optimise the business impact of individual and combined benefits.

Stakeholder relationship management (RLMT)

The coordination of relationships with and between key stakeholders, during the design, management and implementation of business change.

Configuration management (CFMG)

The systematic management of information relating to the documentation, software, hardware and firmware assets of an organisation. This will involve identification and appropriate specification of all configuration items (CIs). Required information will relate to storage, access, problem reporting and change control of CIs. Application of status accounting and auditing, often in line with acknowledged external criteria such as ISO 9000, throughout all stages of the CI life history.

Change management (CHMG)

The management of all changes to the components of a live infrastructure, from requests for change (RFC) through to implementation and review, to support the continued availability, effectiveness and safety of the infrastructure. Level 3 Develops, documents and implements changes based on RFC. Applies change control procedures. Level 4 Assesses, analyses, develops, documents and implements changes based on RFC.

Capacity management (CPMG)

The management of the capability and functionality of hardware, software and network components to meet current and predicted needs in a cost-effective manner. This will include dealing with both long-term changes and short-term variations in the level of demand.

System software (SYSP)

Specialist technical expertise in the installation and maintenance of system software such as operating systems, data management products, office automation products and other utility software.

Security administration (SCAD)

The authorisation and monitoring of access to IT facilities or infrastructure in accordance with established organisational policy. Includes the investigation of unauthorised access, compliance with data protection and performance of other administrative duties relating to security management.

Radio frequency engineering (RFEN)

The deployment, integration, calibration, tuning and maintenance of radio frequency (RF) and analogue elements of IT systems.

Availability management (AVMT)

The overall control and management of services and their availability to ensure that all services meet all of their agreed availability targets.

Financial management for IT (FMIT)

The overall financial management, control and stewardship of the IT assets and resources used in the provision of IT services, ensuring that all governance, legal and regulatory requirements are complied with.

Data protection (DPRO)

The development and implementation of policies, procedures, working practices and training to comply with the requirements of legislation regulating the holding, use and disclosure of personal information such as, in the UK, the Data Protection Act, Computer Misuse Act, Freedom of Information Act.

Application support (ASUP)

The provision of application maintenance and support services. Support may be provided both to users of the systems and to service delivery functions. Support typically takes the form of investigating and resolving problems and providing information about the systems. It may also include monitoring their performance. Problems may be resolved by providing advice or training to users about an application's functionality, correct operation or constraints, by devising work-arounds, correcting faults, making general or site-specific modifications, updating system documentation, manipulating data, or defining enhancements - often in close collaboration with the system's developers.

Management and operations (COPS)

The management and operation of the IT infrastructure (typically hardware, software and communications) and the resources required to plan for, develop, deliver and support properly engineered IT services and products to meet the needs of a business. Includes preparation for new or changed services, management of the change process and maintenance of regulatory, legal and professional standards, management of performance of systems and services in relation to their contribution to business performance and management of bought-in services including, for example, public network, virtual private network and outsourced services.

Network control and operation (NTOP)

The day-to-day support, operation and control of all equipment within an IT network infrastructure. Includes data backup and restore, production of network performance statistics, provision of network diagnostic information and site surveys. Level 3 Carries out agreed network configuration, installation and maintenance. Uses standard procedures and tools to carry out defined system backups, restoring data where necessary. Uses network management tools to collect and report on network load and performance statistics. Contributes to network problem resolution.

Database administration (DBAD)

The installation, configuration, upgrade, administration, monitoring and maintenance of physical databases.

Service level management (SLMO)

The planning, implementation and control of service provision. This includes negotiation, implementation and monitoring of service level agreements, and the ongoing management of operational facilities to provide the agreed levels of service, seeking continuously and proactively to improve service delivery.

Network support (NTAS)

The provision of network maintenance and support services. Support may be provided both to users of the systems and to service delivery functions. Support typically takes the form of investigating and resolving problems and providing information about the systems. It may also include monitoring their performance. Problems may be resolved by providing advice or training to users about the network's functionality, correct operation or constraints, by devising work-arounds, correcting faults, or making general or site-specific modifications.

Problem management (PBMG)

The resolution of incidents and problems throughout the information system lifecycle, including classification, prioritisation and initiation of action, documentation of root causes and implementation of remedies.

Service desk and incident management (USUP)

The receipt of problem reports and the coordination of appropriate and timely responses, including channelling requests for help to appropriate functions for resolution, monitoring progress and keeping users apprised of progress. Level 1 Receives and handles requests for support following agreed procedures. Promptly allocates calls as appropriate. Maintains relevant records.

Procurement (PROC)

The management of, or provision of advice on, the procurement of goods and services.

Supplier relationship management (SURE)

On behalf of a client organisation, the sourcing and management of external suppliers to ensure successful delivery of products and services.

Quality management (QUMG)

The management of, or provision of advice on, the application of appropriate quality and/or environmental management and process improvement techniques to any aspect of a function or process. The achievement of, and maintenance of compliance to, national and international standards, as appropriate.

Quality assurance (QUAS)

The process of ensuring that the agreed quality standards within an organisation are adhered to and that best practice is promulgated throughout the organisation.

Quality standards (QUST)

The development, maintenance, control and distribution of quality standards.

Compliance audit (COMP)

The independent, third-party assessment of the conformity of any activity, process, deliverable, product or service with the criteria of specified standards, such as BS EN ISO 9000/14000, local standards, best practice or other documented requirements. May relate to, for example, asset management, network security tools, firewalls and Internet security, real-time systems and application design.

Safety assessment (SFAS)

The assessment of safety-related software systems to determine compliance with standards and required levels of safety integrity. This involves making professional judgements on software engineering approaches, including the suitability of design, testing, and validation and verification methods, as well as the identification and evaluation of risks and the means by which they can be reduced. The establishment, maintenance and management of an assessment framework and practices may also be included.

Project office (PROF)

The provision of support and guidance on project management processes, procedures, tools and techniques to programme and project managers and their teams. The use of project management software. The development, production and maintenance of time, resource, cost and exception plans. The tracking and reporting of progress and performance of projects, including those performed by third parties under contract. The maintenance of programme and/or project files. The servicing of project control boards, project assurance teams and quality review meetings. The analysis of performance and the maintenance of metric data and estimating models. The administration of project change control, including use of configuration management systems.

Asset management (ASMG)

The management of the inventory of IT assets (hardware, software, network and user knowledge) held within an organisation, aiming to optimise the total cost of ownership, by minimising operating costs, improving investment decisions and capitalising on potential opportunities.

Information systems coordination (ISCO)

Typically within a large organisation in which the information strategy function is devolved to autonomous units, or within a collaborative enterprise of otherwise independent organisations, the coordination of information strategy matters where the adoption of a common approach (such as shared services) would benefit the organisation.

Client services management (CSMG)

Management and control of one or more client service functions, including strategy, support for business development, quality of service and operations.

Professional development (PDSV)

The responsibility for facilitating the professional development of IT practitioners, including initiation, monitoring, review and validation of individual training and development plans in line with organisational or business requirements, counselling of participants in all relevant aspects of their professional development, identification of appropriate training/development resources, liaison with external training providers and evaluation of the benefits of professional development activities.

Resourcing (RESC)

The management or provision of advice on any aspect of acquiring IT resources: internally or externally recruited practitioners, permanent or temporary, full time or part time, specialist or generalist, employees or consultants/contractors.

Education and training management (ETMG)

The overall management responsibility for the development and provision of education or training covering relevant SFIA skills and levels.

Training materials creation and maintenance (TMCR)

The creation of training materials for use by teachers or students covering any subject within the scope of SFIA.

Education and training delivery (ETDL)

The teaching of knowledge and techniques and skills training relevant to SFIA content.

Account management (ACMG)

On behalf of an organisation supplying IT products and/or services, the coordination of marketing, selling and delivery activities to one or more customer organisations to achieve satisfaction for the customer and an acceptable business return for the supplier; assistance to the customer organisation to ensure that it gains maximum benefit from the products and services supplied and available.

Marketing (MKTG)

The research, analysis and stimulation of potential or existing markets for IT products and services, both to provide a sound basis for their development and to generate a satisfactory flow of sales enquiries.

Selling (SALE)

The identification of sales prospects, the development of customer interest, and the preparation, execution and monitoring of sales of any IT product or service into an external or internal market.

Sales support (SSUP)

The provision of technical advice and assistance to the sales force, sales agents, reseller/distributor staff, prospective or actual users of products or services (collectively - the customers), either in support of customer development or sales activity or in fulfilment of sales obligations.