You are on page 1of 1

To achieve a merit grade the evidence must show that the learner is able to:

explain possible security issues which exist within a given system


For M1, they must describe possible security issues which exist within a given system. Learners should
M1 be able to show they can link the perceived threat to the countermeasure and to position this in a
feasible security plan. To allow this to occur they must have demonstrated an ability to link perceived
risk, and consequence of loss of resource.

explain the operation and effect of two different threats involving gaining
access to information without damage to damage
M2 For M2, learners must explain the operation and effect of two different threats involving gaining access
to information without damage to damage. This can be achieved through an analysis of ethical codes
of conduct.
explain the operation and use of an encryption technique in ensuring
M3 security of transmitted information.
For M3, learners are required to explain the operation and use of an encryption technique in ensuring
security of transmitted information.

D1 : describe the possible security issues which exist within a given system
identifying the likelihood of each and propose acceptable steps to counter
the issues
or D1, they must describe the possible security issues which exist within a given system identifying the
likelihood of each and propose acceptable steps to counter the issues. Learners should communicate
effectively utilising technical language fluently and with ease.

D2 : justify the security policies used in an organisation.


For D2, learners must justify the security policies used in an organisation. Learners should evaluate the
usefulness of professional bodies and also in assess what they think is acceptable in the IT industry.