An ICT policy officer is a pivotal role in any organisation. An ICT policy officer works to assist the organisation to meet best practice standards in the development, use and maintenance of ICT systems, information and related assets.
An ICT policy officer will research, analyse, interpret and provide feedback on standards and directions. The ICT policy officer will then consult with relevant staff across the organisation, usually senior management, and staff from human resources, finance areas and legal departments to discuss the implications of any new policy direction that needs to be taken. The ICT policy officer needs to have very strong communication and negotiation skills. The ICT policy officer ensures that processes are developed to support the policy implementation. Once a policy has been approved and implemented the ICT policy officer then needs to establish processes to determine compliance with the policy.
An ICT policy officer is also responsible for preparing reports and submissions to senior management about information risk and compliance with ICT policy.
A Policy Officer exhibits capabilities in line with the Skills Framework for the Information Age (SFIA) and the Queensland Public Service Workforce Capability Success Profile.
Within the SFIA profile, the security architect has level 5 capabilities, i.e. ensures and advises on the skills outlined below.
Works under broad direction. Work is often self-initiated. Is fully responsible for meeting allocated technical and/or project/supervisory objectives. Establishes milestones and has a significant role in the assignment of tasks and/or responsibilities.
Influences organisation, customers, suppliers, partners and peers on the contribution of own specialism. Builds appropriate and effective business relationships. Makes decisions which impact the success of assigned work, i.e. results, deadlines and budget. Has significant influence over the allocation and management of resources appropriate to given assignments.
Performs an extensive range and variety of complex technical and/or professional work activities. Undertakes work which requires the application of fundamental principles in a wide and often unpredictable range of contexts. Understands the relationship between own specialism and wider customer/organisational requirements.
Advises on the available standards, methods, tools and applications relevant to own specialism and can make appropriate choices from alternatives. Analyses, designs, plans, executes and evaluates work to time, cost and quality targets. Assesses and evaluates risk. Communicates effectively, both formally and informally. Demonstrates leadership. Facilitates collaboration between stakeholders who have diverse objectives. Takes all requirements into account when making proposals. Takes initiative to keep skills up to date. Mentors colleagues. Maintains an awareness of developments in the industry. Analyses requirements and advises on scope and options for continuous operational improvement. Demonstrates creativity, innovation and ethical thinking in applying solutions for the benefit of the customer/stakeholder.
SFIA Skill Code
SFIA Skill Level of Responsibility
SFIA Skills Level Descriptor
Drafts and maintains the policy, standards and procedures for compliance with relevant legislation. Understands the implications of information, both internal and external, that can be mined from business systems and elsewhere. Makes business decisions based on that information, including the need to make changes to systems. Reviews proposals for new digital initiatives and provides specialist advice on information management, including advice on and promotion of collaborative working and assessment and management of information-related risk. Creates and maintains an inventory of information assets, which are subject to relevant legislation. Prepares, reviews and submits periodic notification of registration details to the relevant regulatory authorities. Ensures that formal information access requests and complaints are dealt with according to approved procedures.
Takes responsibility for understanding client requirements, collecting data, delivering analysis and problem resolution. Identifies, evaluates and recommends options, implementing if required. Collaborates with, and facilitates stakeholder groups, as part of formal or informal consultancy agreements. Seeks to fully address client needs, enhancing the capabilities and effectiveness of client personnel, by ensuring that proposed solutions are properly understood and appropriately exploited.
Identifies the communications needs of each stakeholder group in conjunction with business owners and subject matter experts. Translates communications / stakeholder engagement strategies into specific tasks. Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. (For example, may oversee the organisation's promotional/selling activities to one or more clients, to ensure that such activities are aligned with corporate marketing objectives). Negotiates with stakeholders at senior levels, ensuring that organisational policy and strategies are adhered to. Provides informed feedback to assess and promote understanding.
Queensland Government roles align with the Queensland Public Service Workforce Capability Success Profile.
The success profile is a sector wide, one-government approach to the leadership behaviours expected of all public sector employees to support high performing workplaces. The profile describes three performance dimensions (vision, results and accountability) and 13 leadership competencies required against four role types:
- Individual contributor (manages self)
- Team leader (manages individuals)
- Program manager (manages multiple teams/projects)
- Executive (manages program managers)
When developing a Role Description, identify the role type and then focus on the most important attributes and create a balance between SFIA skills and leadership skills.
An ICT policy officer does not need to have formal qualifications, however, a degree level qualification in an area such as information technology or business would be highly regarded. Alternatively, a diploma from TAFE in IT or business studies would certainly be of assistance to obtain work in the area of ICT policy officer. Work experience in the information technology area would also be considered highly.
The role of an ICT policy officer requires a high level of communication skills, both written and oral, strong skills in research and analysis. A logical approach to problem solving and an investigative and inquisitive mind are also vital qualities for this role.
Learning and development
There are a number of ways that you can develop and improve your ICT policy officer skills. There are a number of courses that you can attend that will increase your general knowledge of the role of an ICT policy officer. Many of these courses are run by private companies.
 The Skills Framework for the Information Age (SFIA) provides a common language that integrates with an organisation’s way of working, to improve capability and resource planning, resource deployment and performance management. This role profile quotes extensively from the SFIA, under licence from the SFIA Foundation. Information about the SFIA can be found at http://www.sfia-online.org/en
 The Queensland Public Service Workforce Capability Success Profile plays a key role in translating the government’s ‘talent management requirements’ into clear behavioural terms, while at the same time delivering organisational change and growth. The success profile is being utilised to align sector-wide talent management strategies, including workforce planning, talent acquisition, leadership development, capability development, performance management, career management and succession planning. See http://www.psc.qld.gov.au/includes/assets/PSC_Workforce_Capability_Success_Profile.pdf