Sei sulla pagina 1di 40

Framework reference SFIA version 4G

Skills defined in categories and subcategories

Sustainability in SFIA
Introduction to version 4G of SFIA
The conservation of power, the risk of power shortages, the procurement of components with
acceptably low carbon footprints and the conservation and careful disposal of sensitive materials
are examples of matters taken seriously by many IT organisations.
In most cases, existing SFIA skills can be seen to include the need to work in a sustainable way.
For example, the System design skill (DESN) indicates the need to satisfy business needs. In
principle, it is not necessary to point out that business needs might well include sustainability.

However, in the SFIA skill descriptors generally, it would be inappropriate to remain silent about
sustainability matters when other examples, such as cost and security are here and there quoted
as examples. For this reason, examples – usually prefaced by a phrase like ‘such as’ – have been
included in a few descriptors.

However, SFIA’s value as a management tool has been enhanced by the inclusion of four
professional skills underpinning work specifically directed at improving sustainability.
This update to version 4 of SFIA has therefore been introduced in order to bring forward those
four new skills, and to make a few adjustments to the wording of existing skills.
The four new skills are:
SUST Sustainability strategy (in Strategy and architecture)
SUMI Sustainability management for IT (in Strategy and architecture)
SUAS Sustainability assessment (in Business change)
SUEN Sustainability engineering (in Solution development and implementation)

It should be remembered that SFIA sets out to give brief descriptions of skills so that they can be
used for diagnostic purposes. There is no intention to list all the things that the skill-holder should
do, nor is there any intention to tell organisations how to go about the activities that are enabled
by SFIA skills.

The contents of this document are copyright © The SFIA Foundation 2010
SFIA 4G: Framework reference

Framework summary 4

The purpose of SFIA 6

The structure of SFIA 6

Skills in categories and subcategories 6
Levels in SFIA 6
Skills are described at several levels 7

How SFIA is used 7

Integration – the capability management cycle 7
The common language 7
Types of information needed 8
Diagnostic 8
Staying relevant 8

Levels of responsibility 9
Generic levels 9
Core competencies 9
Existing levels 9
Level 1: follow 9
Level 2: assist 9
Level 3: apply 9
Level 4: enable 10
Level 5: ensure, advise 10
Level 6: initiate, influence 10
Level 7: set strategy, inspire, mobilise 10

Skills 11
Categories and subcategories 11
Layout 11

Index of skill definitions 12

Skill definitions 13

Framework reference 4G

SFIA 4G: Framework reference Framework summary

Framework summary
Category Subcategory Skill Code 1 2 3 4 5 6 7
Strategy and Information strategy Corporate governance of IT GOVN 6 7
architecture Information management IRMG 4 5 6 7
Information systems co-ordination ISCO 6 7
Information policy formation DPRO 5 6
Information security SCTY 3 4 5 6
Information assurance INAS 5 6 7
Information analysis INAN 4 5 6
Information content publishing ICPM 2 3 4 5 6
Advice and guidance Consultancy CNSL 5 6 7
Technical specialism TECH 5 6 7
Business/IT strategy and planning Research RSCH 3 4 5 6
Innovation INOV 6
Business process improvement BPRE 5 6 7
Enterprise architecture STPL 5 6 7
Business risk management BURM 5 6
Sustainability strategy SUST 5 6
Technical strategy and planning Solution architecture ARCH 5 6
Emerging technology monitoring EMRG 5 6
Continuity management COPL 4 5
Software development process improvement SPIM 5 6 7
Sustainability management for IT SUMI 5 6
Network planning NTPL 5 6
Methods and tools METL 4 5 6
Business change Business change implementation Portfolio management POMG 5 6 7
Programme management PGMG 6 7
Project management PRMG 4 5 6 7
Business change management Business analysis BUAN 3 4 5 6
Business process testing BPTS 4 5 6
Change implementation planning and
CIPM 5 6
Organisation design and implementation ORDI 5 6
Benefits management BENM 5 6
Business modelling BSMO 2 3 4 5 6
Sustainability assessment SUAS 4 5 6
Relationship management Stakeholder relationship management RLMT 5 6
Solution Systems development Systems development management DLMG 5 6 7
development and Data analysis DTAN 2 3 4 5
Requirements definition and management REQM 2 3 4 5 6
Systems design DESN 2 3 4 5 6
Network design NTDS 5 6
Database/repository design DBDS 2 3 4 5 6
Programming/software development PROG 2 3 4 5
Safety engineering SFEN 3 4 5 6
Sustainability engineering SUEN 4 5 6
Information content authoring INCA 2 3 4 5 6
Testing TEST 2 3 4 5 6
Human factors Systems ergonomics HCEV 3 4 5 6
Usability requirements analysis UNAN 3 4 5
Usability evaluation USEV 2 3 4 5
Human factors integration HFIN 5 6 7
Installation and integration Systems integration SINT 2 3 4 5 6
Porting/software integration PORT 3 4 5 6
Systems installation/decommissioning HSIN 1 2 3 4 5

SFIA 4G: Framework reference Framework summary

Category Subcategory Skill Code 1 2 3 4 5 6 7

Service Service strategy IT management ITMG 5 6 7
management Financial management for IT FMIT 4 5 6
Service design Capacity management CPMG 4 5 6
Availability management AVMT 4 5 6
Service level management SLMO 2 3 4 5 6 7
Service transition Configuration management CFMG 2 3 4 5 6
Change management CHMG 3 4 5 6
Release management RELM 3 4 5 6
Service operation System software SYSP 3 4 5
Security administration SCAD 3 4 5 6
Radio frequency engineering RFEN 2 3 4 5 6
Applications support ASUP 2 3 4 5
IT operations ITOP 1 2 3 4
Network control and operation NTOP 3 4 5 6
Database administration DBAD 2 3 4 5
Network support NTAS 2 3 4 5
Problem management PBMG 4 5
Service desk and incident management USUP 1 2 3 4 5
Procurement Supply management Procurement PROC 5 6
and management Supplier relationship management SURE 3 4 5 6 7
Quality management Quality management QUMG 5 6 7
Quality assurance QUAS 3 4 5 6
Quality standards QUST 2 3 4 5
Compliance review CORE 3 4 5 6
Safety assessment SFAS 5 6
Technology audit TAUD 4 5 6 7
Resource management Programme and project support office PROF 2 3 4 5
Asset management ASMG 4 5 6
Client services management CSMG 5 6
Professional development PDSV 5 6
Resourcing RESC 5 6
Learning and development Learning and development management ETMG 5 6
Learning resources creation and maintenance TMCR 4 5
Education and training delivery ETDL 3 4 5
Client interface Sales and marketing Marketing MKTG 3 4 5 6
Selling SALE 4 5 6
Client support Account management ACMG 5 6
Sales support SSUP 1 2 3 4 5 6

SFIA 4G: Framework reference The purpose of SFIA

The purpose of SFIA

Right people, Right skills, Right place, Right time The overall purpose of SFIA is to assist organisations employing IT professionals to…
reduce IT project risk
retain staff
make recruitment effective
enhance the professionalism and effectiveness of the IT function.
Know, plan, manage This is accomplished by developing the right skills, by deploying them to best effect and by
providing appropriate development and career paths for IT professionals.
Reward Acquire
Its focus on professional skills rather than technological information means that the framework is
readily understood by a wide community, including
Develop Deploy IT professionals and their managers in industry and Government
HR managers, professionals and training staff
Assess non-technical managers
lecturers and curriculum planners in education and training organisations.
SFIA is suitable for use in any organisation that employs IT professionals, in any branch of industry
or Government.

The structure of SFIA

The Skills Framework for the Information Age provides a clear model for describing IT practitioners’
skills. It is constructed as a two-dimensional matrix.

Skills in categories and subcategories

SFIA categories One axis presents the whole set of SFIA skills. These are defined in a way that makes them easily
recognisable in the workplace: the practical nature of the descriptions means that they can be
Strategy and architecture
used to construct an organisation’s internal competency framework.
Business change
The skills are presented for convenience in categories which are further broken down into
Solution development and implementation
Service management
The categories and subcategories are purely for the convenience of the SFIA user: they form a
Procurement & management support
navigation aid. For example, SFIA does not claim to be offering a standard definition of the term
Client interface
‘Business change’, nor is it suggesting that this should be the title of a business role or job. It is
simply a convenient heading under which to group certain related skills (Business analysis,
Benefits management, etc).

Levels in SFIA

SFIA levels The other axis defines the different levels of competence or attainment exercised by IT
7 Set strategy/inspire/mobilise practitioners. Each of seven levels – from new entrant to strategist level – has its own generic
6 Initiate/influence definition, cast in terms of autonomy, influence, complexity and business skills.
5 Ensure/advise
Full definitions of the levels of responsibility are given on page 9.
4 Enable
3 Apply
2 Assist
1 Follow

SFIA 4G: Framework reference How SFIA is used

Skills are described at several levels

The resulting matrix shows the complete set of skills used by IT practitioners. SFIA provides an
overall description for each skill, supported by a description of how the skill appears at each level
of competency at which it is recognised. A skill does not normally appear at all seven levels.

Generic definitions Specific professional skill

of levels including a definition of that skill at each level
expressed in terms of
autonomy, influence, Overall skill description
Skill level (Tag) complexity, business skills

7 set strategy/inspire/mobilise definition of level 7 +

6 initiate/influence definition of level 6 definition of the skill at level 6

5 ensure/advise definition of level 5 definition of the skill at level 5

4 enable definition of level 4 definition of the skill at level 4

3 apply definition of level 3

2 assist definition of level 2

1 follow definition of level 1

How SFIA is used

Integration – the capability management cycle
Role profile
Senior Solution Developer The cycle of management of people’s skills and capability involves a number of processes.
Programming/software People are recruited into the organisation
development: level 4
of skills They may be assigned to specific jobs, or they may be in an assignment-based environment,
and levels working on a series of projects
System design: level 3
Their work is assessed against the job requirements and objectives
Database/repository The underlying reasons for their level of success are analysed, so that appropriate development
design: level 3
plans can be agreed.
Decisions about pay and promotion are made, based on factual data.
The overall management of human resources involves planning for future demand, bearing in
mind the different professional capability profiles that may be needed. In addition, general policy
decisions are made about salary levels relating to grades and job types or professional profiles.

All of these activities require a factual information base, so that decisions can be made objectively.

The common language

One of the key pieces of information is a description of capability. This can be the capability
required of a new recruit, or by a specific role on a project that is being staffed. Or it might be the
actual capability of an individual. In order for the processes to work as an integrated capability
management system, the definitions of capability must be consistent, they must be objective and
they must be used as the reference base throughout these individual processes.

The fundamental determinant of professional capability in IT is the professional skill. SFIA

provides the most widely used descriptions of professional IT skills, presented in objective terms at
clearly defined levels of attainment.
This information may appear in a job description: while providing a description of the job itself, the
job description should also describe the capability required by a job holder – a ‘person
specification’ or a ‘professional profile’. Alternatively, in an assignment-based environment there

SFIA 4G: Framework reference How SFIA is used

might be a set of free-standing documents containing professional profiles: these would give
descriptions of what is expected of the various classes of IT professionals needed by the
organisation, such as business analysts, software engineers or service managers.
Then, the same criteria used when recruiting can be used when deploying people on projects,
assessing their competence or producing development plans. Also, the whole process of resource
planning can be based on clear definitions of the types of IT professional that will be needed to
carry out future work.

That set of profiles, based on the SFIA skills, becomes the common language of skills in the

Types of information needed

To give a complete picture of capability, several classes of information are usually included to
support the SFIA skills. The job description or professional profile is likely to include:
Professional skills provided by SFIA, such as programming/software development,
availability management or network planning. Several skills would typically be included. These
have an important dual effect: they emphasise the professional element so often missing from
merely technical interpretations of ‘skill’; they also have a structural effect, thanks to SFIA’s seven
levels of competency that can be related to the organisation’s grading system.
Behavioural skills, such as team working, communication, creativity
Knowledge of things such as specific technologies, products or programming languages,
internal processes, application areas
Experience, expressed in specific terms, such as successfully completed assignments
Qualifications, such as a University degree, or certifications such as a Manager's Certificate in
ITIL Infrastructure Management, or an Intermediate Certificate in Software Testing.
It is important to note that a single SFIA skill does not define a job or a role. Rather than constrain
the way you work, SFIA leaves you free to implement your own roles and practices.

A SFIA skill is not intended as a complete definition of all the activities that could be carried out by
someone with that skill. Rather, it is intended for diagnostic use: to help determine if a given
individual has the skill; and if so, at what level.

Staying relevant
The SFIA Foundation maintains and updates SFIA on behalf of the community of users. The
update exercises are based on a period of open consultation. Feedback from users forms the
basis of the update exercise.
The policy is for SFIA to reflect current IT practice, rather than to dictate it.
By these means, SFIA stays relevant to the needs of the IT industry.

SFIA 4G: Framework reference Levels of responsibility

Levels of responsibility
Generic levels Level 1: follow Level 2: assist Level 3: apply
This section describes the standard
Autonomy Autonomy Autonomy
levels of responsibility and
accountability used in the framework. Works under close supervision. Uses Works under routine supervision. Works under general supervision.
little discretion. Is expected to seek Uses minor discretion in resolving Uses discretion in identifying and
The underlying structure of the
guidance in unexpected situations. problems or enquiries. Works without resolving complex problems and
framework ensures that the
frequent reference to others. assignments. Usually receives specific
definitions of professional skills are Influence instructions and has work reviewed at
defined in a way that makes their Interacts with immediate colleagues. Influence frequent milestones. Determines
different levels recognisably distinct.
Interacts with and may influence when issues should be escalated to a
Complexity immediate colleagues. May have higher level.
Core competencies Performs routine activities in a some external contact with
structured environment. Requires customers and suppliers. May have Influence
The nature of these generic
definitions makes them suitable for assistance in resolving unexpected more influence in own domain. Interacts with and influences
use as the basis of core problems. department/project team members.
Complexity May have working level contact with
Business skills Performs a range of varied work customers and suppliers. In
An organisation that already has a set Uses basic information systems and activities in a variety of structured predictable and structured areas may
of core competencies may wish to
technology functions, applications, environments. supervise others. Makes decisions
use them in combination with SFIA's
and processes. Demonstrates an which may impact on the work
professional skills. The organisation organised approach to work. Learns Business skills assigned to individuals or phases of
will still benefit from the sensible
new skills and applies newly acquired Understands and uses appropriate projects.
spacing of levels that the framework
knowledge. Has basic oral and methods, tools and applications.
provides. written communication skills. Demonstrates a rational and Complexity
Contributes to identifying own organised approach to work. Is aware Performs a broad range of work,
Existing levels development opportunities. of health and safety issues. Identifies sometimes complex and non-routine,
It may be required to map SFIA's and negotiates own development in a variety of environments.
professional skills on to an opportunities. Has sufficient
communication skills for effective Business skills
established structure of levels within
an organisation. In that case, the dialogue with colleagues. Is able to Understands and uses appropriate
generic levels can be used as a work in a team. Is able to plan, methods, tools and applications.
transition aid in order to establish the schedule and monitor own work Demonstrates an analytical and
basis of the mapping. within short time horizons. Absorbs systematic approach to problem
technical information when it is solving. Takes the initiative in
presented systematically and applies identifying and negotiating
it effectively. appropriate development
opportunities. Demonstrates effective
communication skills. Contributes
fully to the work of teams. Plans,
schedules and monitors own work
(and that of others where applicable)
competently within limited deadlines
and according to relevant legislation
and procedures. Absorbs and applies
technical information. Works to
required standards. Understands and
uses appropriate methods, tools and
applications. Appreciates the wider
field of information systems, and how
own role relates to other roles and to
the business of the employer or

SFIA 4G: Framework reference Levels of responsibility

Level 4: enable Level 5: ensure, advise Level 6: initiate, influence Level 7: set strategy,
inspire, mobilise
Autonomy Autonomy Autonomy
Works under general direction within Works under broad direction. Is fully Has defined authority and Autonomy
a clear framework of accountability. accountable for own technical work responsibility for a significant area of Has authority and responsibility for all
Exercises substantial personal and/or project/supervisory work, including technical, financial aspects of a significant area of work,
responsibility and autonomy. Plans responsibilities. Receives assignments and quality aspects. Establishes including policy formation and
own work to meet given objectives in the form of objectives. Establishes organisational objectives and application. Is fully accountable for
and processes. own milestones and team objectives, delegates responsibilities. Is actions taken and decisions made,
and delegates responsibilities. Work is accountable for actions and decisions both by self and subordinates.
Influence often self-initiated. taken by self and subordinates.
Influences team and specialist peers Influence
internally. Influences customers at Influence Influence Makes decisions critical to
account level and suppliers. Has Influences organisation, customers, Influences policy formation on the organisational success. Influences
some responsibility for the work of suppliers and peers within industry contribution of own specialism to developments within the IT industry
others and for the allocation of on the contribution of own business objectives. Influences a at the highest levels. Advances the
resources. Participates in external specialism. Has significant significant part of own organisation knowledge and/or exploitation of IT
activities related to own specialism. responsibility for the work of others and influences customers/suppliers within one or more organisations.
Makes decisions which influence the and for the allocation of resources. and industry at senior management Develops long-term strategic
success of projects and team Makes decisions which impact on the level. Makes decisions which impact relationships with customers and
objectives. success of assigned projects i.e. the work of employing organisations, industry leaders.
results, deadlines and budget. achievement of organisational
Complexity Develops business relationships with objectives and financial performance. Complexity
Performs a broad range of complex customers. Develops high-level relationships with Leads on the formulation and
technical or professional work customers, suppliers and industry application of strategy. Applies the
activities, in a variety of contexts. Complexity leaders. highest level of management and
Performs a challenging range and leadership skills. Has a deep
Business skills variety of complex technical or Complexity understanding of the IT industry and
Selects appropriately from applicable professional work activities. Performs highly complex work the implications of emerging
standards, methods, tools and Undertakes work which requires the activities covering technical, financial technologies for the wider business
applications. Demonstrates an application of fundamental principles and quality aspects. Contributes to environment.
analytical and systematic approach to in a wide and often unpredictable the formulation of IT strategy.
problem solving. Communicates range of contexts. Understands the Creatively applies a wide range of Business skills
fluently orally and in writing, and can relationship between own specialism technical and/or management Has a full range of strategic
present complex technical and wider customer/organisational principles. management and leadership skills.
information to both technical and requirements. Understands, explains and presents
non-technical audiences. Facilitates Business skills complex technical ideas to both
collaboration between stakeholders Business skills Absorbs complex technical technical and non-technical
who share common objectives. Plans, Advises on the available standards, information and communicates audiences at all levels up to the
schedules and monitors work to methods, tools and applications effectively at all levels to both highest in a persuasive and
meet time and quality targets and in relevant to own specialism and can technical and non-technical convincing manner. Has a broad and
accordance with relevant legislation make correct choices from audiences. Assesses and evaluates deep IT knowledge coupled with
and procedures. Rapidly absorbs new alternatives. Analyses, diagnoses, risk. Understands the implications of equivalent knowledge of the activities
technical information and applies it designs, plans, executes and new technologies. Demonstrates of those businesses and other
effectively. Has a good appreciation evaluates work to time, cost and clear leadership and the ability to organisations that use and exploit IT.
of the wider field of information quality targets. Communicates influence and persuade. Has a broad Communicates the potential impact
systems, their use in relevant effectively, formally and informally, understanding of all aspects of IT and of emerging technologies on
employment areas and how they with colleagues, subordinates and deep understanding of own organisations and individuals and
relate to the business activities of the customers. Demonstrates leadership. specialism(s). Understands and analyses the risks of using or not
employer or client. Maintains an Facilitates collaboration between communicates the role and impact of using such technologies. Assesses
awareness of developing stakeholders who have diverse IT in the employing organisation and the impact of legislation, and actively
technologies and their application objectives. Understands the promotes compliance with relevant promotes compliance. Takes the
and takes some responsibility for relevance of own area of legislation. Takes the initiative to keep initiative to keep both own and
personal development. responsibility/specialism to the both own and subordinates' skills up subordinates’ skills up to date and to
employing organisation. Takes to date and to maintain an maintain an awareness of
customer requirements into account awareness of developments in the IT developments in IT in own area(s) of
when making proposals. Takes industry. expertise.
initiative to keep skills up to date.
Mentors more junior colleagues.
Maintains an awareness of
developments in the industry.
Analyses requirements and advises
on scope and options for operational
improvement. Demonstrates
creativity and innovation in applying
solutions for the benefit of the

SFIA 4G: Framework reference Skills

Categories and subcategories
The skills in SFIA are grouped into categories and subcategories for the convenience of users.
It is not proposed that these equate to jobs or areas of personal responsibility. The grouping is
intended to assist people who are incorporating SFIA skills in role profiles or job descriptions, or
who are building an organisation’s IT competency framework.

The skill definitions are presented within their categories and subcategories.

Each skill definition consists of the following:

Skill code
An abbreviated reference code. Example: AVMT
Skill name
The name used for normal reference purposes. Example: Availability management
Overall description
A broad definition of this skill, without any reference to the levels at which it might be practised.
The definition, analysis, planning, measurement and improvement of all aspects of the availability of
IT services. The overall control and management of service availability to ensure that the level of
service delivered in all services is matched to or exceeds the current and future agreed needs of the
business, in a cost effective manner.
Level descriptions
Definitions of the skill for each of the levels at which it is practised. However their phrasing
facilitates their use as professional competencies. Example:
Level 6 Sets strategy and develops plans, policies and processes for the design, monitoring,
measurement, reporting and continuous improvement of service and component
availability, including the development and implementation of new availability techniques
and methods.

SFIA 4G: Framework reference Index of skill definitions

Index of skill definitions

Network support (NTAS) 32
Strategy & architecture 13 Solution development and
Problem management (PBMG) 32
implementation 23
Information strategy 13 Service desk and incident management
Corporate governance of IT (GOVN) 13 Systems development 23 (USUP) 32
Information management (IRMG) 13 Systems development management
Information systems coordination (ISCO) 14 (DLMG) 23
Information policy formation (DPRO) 14 Data analysis (DTAN) 23 Procurement & management
Information security (SCTY) 14 Requirements definition and management support 33
(REQM) 23
Information assurance (INAS) 14 Supply management 33
Systems design (DESN) 24
Information analysis (INAN) 15 Procurement (PROC) 33
Network design (NTDS) 24
Information content publishing (ICPM) 15 Supplier relationship management
Database/repository design (DBDS) 24
Advice and guidance 15 (SURE) 33
Programming/software development
Consultancy (CNSL) 15 (PROG) 25 Quality management 34
Technical specialism (TECH) 15 Safety engineering (SFEN) 25 Quality management (QUMG) 34
Sustainability engineering (SUEN) 25 Quality assurance (QUAS) 34
Business/IT strategy and planning 16
Information content authoring (INCA) 25 Quality standards (QUST) 34
Research (RSCH) 16
Testing (TEST) 25 Compliance review (CORE) 34
Innovation (INOV) 16
Business process improvement (BPRE) 16 Human factors 26 Safety assessment (SFAS) 34
Enterprise architecture (STPL) 16 Systems ergonomics (HCEV) 26 Technology audit (TAUD) 35
Business risk management (BURM) 17 Usability requirements analysis (UNAN) 26 Resource management 35
Sustainability strategy (SUST) 17 Usability evaluation (USEV) 26 Programme and project support office
Human factors integration (HFIN) 26 (PROF) 35
Technical strategy and planning 17
Asset management (ASMG) 36
Solution architecture (ARCH) 17 Installation and integration 27
Client services management (CSMG) 36
Emerging technology monitoring (EMRG) 17 Systems integration (SINT) 27
Professional development (PDSV) 36
Continuity management (COPL) 17 Porting/software integration (PORT) 27
Resourcing (RESC) 36
Software development process improvement Systems installation/decommissioning
(SPIM) 18 (HSIN) 27 Learning and development 37
Sustainability management for IT (SUMI) 18 Learning and development management
Network planning (NTPL) 18 (ETMG) 37
Methods & tools (METL) 18 Service management 28 Learning resources creation and maintenance
(TMCR) 37
Service strategy 28 Education and training delivery (ETDL) 37
IT management (ITMG) 28
Business change 19
Financial management for IT (FMIT) 28
Business change implementation 19
Service design 29 Client interface 38
Portfolio management (POMG) 19
Capacity management (CPMG) 29
Programme management (PGMG) 19 Sales and marketing 38
Availability management (AVMT) 29
Project management (PRMG) 20 Marketing (MKTG) 38
Service level management (SLMO) 29
Selling (SALE) 38
Business change management 20
Service transition 30
Business analysis (BUAN) 20 Client support 39
Configuration management (CFMG) 30
Business process testing (BPTS) 21 Account management (ACMG) 39
Change management (CHMG) 30
Change implementation planning and Sales support (SSUP) 39
Release management (RELM) 30
management (CIPM) 21
Organisation design and implementation Service operation 31
(ORDI) 21 System software (SYSP) 31
Benefits management (BENM) 21 Security administration (SCAD) 31
Business modelling (BSMO) 21 Radio frequency engineering (RFEN) 31
Sustainability assessment (SUAS) 22 Application support (ASUP) 31
Relationship management 22 IT Operations (ITOP) 31
Stakeholder relationship management Network control and operation (NTOP) 32
(RLMT) 22 Database administration (DBAD) 32

SFIA 4G: Framework reference Strategy & architecture: Information strategy

Strategy & architecture Information strategy Information management (IRMG)

The overall management of the control and

Corporate governance of IT (GOVN) exploitation of all kinds of information, structured
and unstructured, to meet the needs of an
The planning and implementation of initiatives organisation. Control encompasses development
and procedures to ensure that the IT services and promotion of the strategy and policies
used by an organisation, and the technology covering the design of information structures and
which supports them, deliver value, are efficient taxonomies, the setting of policies for the
in use of resources, and are compliant with all sourcing and maintenance of the data content,
relevant legislation and regulations. The the management and storage of information in
implementation of systems and IT controls to all its forms and the analysis of information
measure performance, manage risk and ensure structure (including logical analysis of
that IT and the business work together to support taxonomies, data and metadata). Includes the
the business purpose. overall responsibility for compliance with
regulations, standards and codes of good practice
Level 7 Takes overall responsibility for relating to information and documentation,
development and communication of the records management, information assurance and
organisation's strategy for corporate governance data protection. Exploitation encompasses the
of IT. Coordinates IT and Business resources to use of information, whether produced internally
meet specific business objectives and create or externally, to support decision-making and
value for the stakeholders by improving the business processes. It includes management and
performance of the organisation, whilst decision making structures to ensure consistency
maintaining the principles of professional throughout the organisation, information retrieval,
standards, accountability, openness, equality and combination, analysis, pattern recognition and
diversity and clarity of purpose. Ensures that the interpretation.
organisation's business processes are compliant
with relevant legislation, and that the organisation Level 7 Establishes and communicates the
operates according to the principles embedded organisation's information management strategy,
in ISO/IEC38500:2008. developing it as an integrated part of the business
strategy. Ensures that the organisation's business
Level 6 Coordinates IT and business resources processes are correctly modelled and that the
to meet specific business objectives whilst standards, processes and data architectures to
maintaining the principles of professional support these are put in place, taking into
standards, accountability, openness, equality and account any relevant statutory, internal or external
diversity and clarity of purpose. Takes regulations.
responsibility for review of management
processes (and decisions) to ensure that they are Level 6 Maintains and communicates the
compliant with the organisation's strategy for organisation's strategy for managing information,
corporate governance of IT. Is familiar with ensuring that uniformly recognised and accepted
ISO/IEC38500:2008 and the principles data definitions are developed and applied
embedded within it. Ensures that effective throughout the organisation. Models the
controls are in place for internal delegation, audit processes and information required to support
and control and that the board receives timely the organisation and devises corresponding
reports and advice that will inform their decisions. standards, processes, data structures and
Ensures that effective staffing and committee architectures. Identifies the impact of any relevant
structures are in place to support the work of the statutory, internal or external regulations on the
board and that proper relationships exist organisation's use of information.
between the organisation and the external Level 5 Takes responsibility for planning
auditors. effective information storage, sharing and
publishing within the organisation. Maintains and
communicates the organisation’s information
management strategy. Devises and implements
document and record systems, including
classification, retrieval and retention processes.
Maintains an inventory of information subject to
data protection and other appropriate legislation.
Reviews new business proposals and provides
specialist advice on information management,
including advice on and promotion of
collaborative working and assessment and
management of risk. Responsible for ensuring
compliance with organisational policies and
procedures and overall information management

SFIA 4G: Framework reference Strategy & architecture: Information strategy

Level 4 Takes responsibility for the accessibility, Information policy formation Level 4 Conducts security risk assessments for
retrievability and protection of information. (DPRO) defined business applications or IT installations in
Provides advice on the transformation of defined areas, and provides advice and guidance
information from one format/medium to The development of policies, procedures, on the application and operation of elementary
another, where appropriate. Maintains and working practices and training to promote physical, procedural and technical security
implements information handling procedures. compliance with legislation regulating the controls (e.g. the key controls defined in
Ensures the availability, integrity and searchability holding, use and disclosure of personal data. ISO27001). Performs risk assessment, and
of information through the application of formal business impact analysis for medium size
data structures and protection measures. Level 6 Develops strategies for compliance with information systems. Investigates suspected
Identifies and complies with relevant data protection legislation. Ensures that the policy attacks and recommends remedial action.
organisational policies and procedures, taking and standards for compliance with data
responsibility for assessing and managing risks protection legislation are fit for purpose, current Level 3 Applies and maintains specific security
around the use of information. Ensures that and correctly implemented. Reviews new controls as required by organisational policy and
information is presented effectively. business proposals and provides specialist advice local risk assessments to maintain confidentiality,
on compliance issues. Acts as the organisation's integrity and availability of business information
contact for the data protection authorities. systems and to enhance resilience to
unauthorised access. Recognises when an IT
Information systems coordination Level 5 Drafts and maintains the policy, network/system has been attacked, and takes
(ISCO) standards and procedures for compliance with immediate action to limit damage. Determines
relevant legislation. Reviews information systems when security issues should be escalated to a
Typically within a large organisation in which the for compliance with legislation and specifies any higher level. Demonstrates effective
information strategy function is devolved to required changes. Ensures that formal communication of security issues to business
autonomous units, or within a collaborative information access requests and complaints are managers and others. Performs basic risk
enterprise of otherwise independent dealt with according to approved procedures. assessments for small information systems.
organisations, the coordination of information Creates and maintains an inventory of data which
strategy matters where the adoption of a is subject to data protection legislation. Prepares
common approach (such as shared services) and reviews the periodic notification of
would benefit the organisation.
Information assurance (INAS)
registration details and submits it to the data
protection authorities. The leadership and oversight of information
Level 7 Establishes, maintains and
communicates the organisation's strategy for assurance, setting high level strategy and policy,
managing information and the policies, to ensure stakeholder confidence that risk to the
standards, procedures and methods necessary to Information security (SCTY) integrity of information in storage and transit is
implement the strategy. Coordinates the managed pragmatically, appropriately and in a
promotion, development, acquisition and The management of, and provision of expert cost effective manner.
implementation of information systems, and advice on, the selection, design, justification,
implementation and operation of information Level 7 Establishes and manages Information
represents information strategy issues on behalf
security controls and management strategies to assurance strategy and policies in accordance
of the entire organisation, with general
maintain the confidentiality, integrity, availability, with the ISO/IEC 27000 series of standards.
management and external bodies.
accountability and relevant compliance of Plans and implements processes to take forward
Level 6 Maintains an awareness of the global information systems the strategy and policies. Provides leadership and
needs of the organisation, and promotes the guidelines for provision of Information assurance
benefits that a common approach to IT Level 6 Provides leadership and guidelines on requirements across all of the organisation's
deployment will bring to the business as a whole, information assurance security expertise for the information and information systems.
among information systems and business organisation, working effectively with strategic
organisational functions such as legal experts and Level 6 Develops corporate Information security
management. Coordinates the promotion,
technical support to provide authoritative advice policy, standards and guidelines. Prepares and
development, acquisition and implementation of
and guidance on the requirements for security maintains organisational strategies that address
information systems and services in close liaison
controls. Provides for restoration of information the evolving business risk and information control
with those responsible for management and
systems by ensuring that protection, detection, requirements. Operates as a focus for
and reaction capabilities are incorporated. Information assurance governance expertise for
the organisation, working effectively with strategic
Level 5 Conducts security risk assessments for organisational functions such as legal experts and
business applications and computer installations; technical support to provide authoritative advice
provides authoritative advice and guidance on and guidance on the requirements for security
security strategies to manage the identified risk. controls.
Investigates major breaches of security, and
recommends appropriate control improvements. Level 5 Provides authoritative advice and
Interprets security policy and contributes to guidance on Information assurance strategies to
development of standards and guidelines that manage the identified risk. Interprets security and
comply with this. Performs risk assessment, assurance policies and contributes to
business impact analysis and accreditation for all development of standards and guidelines that
major information systems within the comply with these.

SFIA 4G: Framework reference Strategy & architecture: Advice and guidance

Information analysis (INAN) Information content publishing Advice and guidance

The ability to discover and quantify patterns in
data of any kind, including numbers, symbols, The management and tuning of the processes Consultancy (CNSL)
text, sound and image. The relevant techniques that collect, assemble and publish information,
include statistical and data mining or machine including in unstructured and semi-structured The provision of advice, assistance, and guidance
learning methods such as rule induction, artificial forms, for delivery to the user at the point at in any area associated with the planning,
neural networks, genetic algorithms and which it is needed. procurement, provision, delivery, management,
automated precis systems. maintenance or effective use of information
Level 6 Develops strategies for the delivery of
Level 6 Is responsible for the organisation's systems and their environments. Can deal with
support information, including preferred media,
commitment to efficient and effective analysis of one specific aspect of IT and the business, or can
rules for formatting content, and reprographics
textual/numerical/visual information. be wide ranging and address strategic business
strategy if relevant. Ensures that adequate
procedures, standards, tools and resources are in
Level 5 Specifies and applies appropriate
place to ensure the appropriate quality of Level 7 Takes responsibility for a significant
analytical techniques and reports results to clients
material developed by information publishers consultancy business, including business
and management.
within the organisation. Takes responsibility for development, sales to major clients, account
Level 4 Applies a variety of analytical and publishing strategy, including, for example, management and managing the delivery of
presentational techniques, in consultation with frameworks for the overall information structure consultancy services over a wide range of topics,
experts if appropriate, and with sensitivity to the and graphical style for substantial, complex or including the role of IT in the business.
limitations of the techniques. high-profile web sites. Directs the selection of
appropriate tools, templates and standards for Level 6 Manages provision of specialist
publication in various forms, appropriate to knowledge over a range of topics including the
customer expectations. role of IT in the business; in own areas of
expertise provides advice and guidance
Level 5 Develops standards and procedures to influencing the effectiveness of the organisation's
support content publishing. Designs overall business processes.
support information structures. Takes
responsibility for publishing assignments, Level 5 Provides well-informed advice, typically
including, for example, design of the overall on more than one topic, taking steps to ensure
structure and graphical style for substantial, that it is properly understood and appropriately
complex or high-profile web sites. Selects exploited, to enhance the effectiveness of
appropriate tools, templates and standards for significant activities
publication in various forms, appropriate to
customer expectations (differentiating, for
example, between needs such as optimisation Technical specialism (TECH)
and ease of modification). Sets design and
coding standards, taking into account bandwidth The management of, and provision of expert
and compatibility. advice on a specific technical specialism.
Examples of specialism can be any technology,
Level 4 Defines and manages content
technique, method, product or application area.
management processes to meet the needs of
users. Uses appropriate tools and techniques to Level 7 Provides organisational leadership and
provide moderately complex web interfaces to guidelines to promote the development and
new or existing applications. exploitation of technical knowledge in the
Level 3 Specifies and creates content
management processes to meet the needs of Level 6 Maintains an in-depth knowledge of
users. Uses agreed tools to make finished specific technical specialisms, and provides
material available on appropriate platforms. expert advice regarding their application. Can
supervise specialist technical consultancy. The
Level 2 Develops an understanding of
specialism can be any aspect of information or
publications support activities such as drafting,
communication technology, technique, method,
illustrating, printing, etc. Develops a broad
product or application area.
understanding of technical publication concepts,
tools and methods and the way in which these Level 5 Maintains knowledge of specific
are implemented. Obtains and analyses usage technical specialisms, provides detailed advice
data and presents it effectively. regarding their application and executes
specialised tasks. The specialism can be any area
of information or communication technology,
technique, method, product or application area.

SFIA 4G: Framework reference Strategy & architecture: Business/IT strategy and planning

Business/IT strategy and Innovation (INOV) Enterprise architecture (STPL)

The capability to recognise and exploit business The creation, communication and improvement
opportunities provided by IT, (for example, the of the key principles, methods and models that
Internet), to ensure more efficient and effective describe the enterprise's future state and enable
Research (RSCH) performance of organisations, to explore its evolution. The scope of the enterprise
possibilities for new ways of conducting business architecture process involves the interpretation of
The advancement of knowledge in one or more
and organisational processes, and to establish business goals, drivers and strategies (including
fields of IT by innovation, experimentation,
new businesses. for instance security and sustainability), the
evaluation and dissemination, carried out in
assessment of the current capabilities of the
pursuit of a predetermined set of research goals. Level 6 Recognises potential strategic people, processes, information and technology of
application of IT, and initiates investigation and the enterprise, and the determination of how
Level 6 Sets research goals, makes effective
development of innovative methods of exploiting these relate to one another and to the external
proposals for the investment of funds in research
IT assets, to the benefit of organisations and the environment. The process supports the
projects, plays a major role in the development of
community. Plays an active role in improving the formation of the constraints, standards and
the employing organisation's research policy, and
interface between the business and IT. guiding principles required to define, assure and
supervises the work of a research function. Gains
an appreciation of current research work over a govern the required evolution and the transitional
substantial area of IT, and takes a leading part in processes that facilitate predictable transition to
professional activities outside own employing Business process improvement the intended state through information-enabled
organisation. (BPRE) change in the organisation's structure, business
processes, information systems and
Level 5 Agrees research goals and generates The identification of new and alternative infrastructure.
original and worthwhile ideas in a specialised IT approaches to performing business activities. The
field. Develops, reviews and constructively Level 7 Directs the creation and review of an
analysis of business processes, including
criticises ideas, possibly leading a small research enterprise capability strategy to support the
recognition of the potential for automation of the
team, making necessary observations and tests strategic requirements of the business. Identifies
processes, assessment of the costs and potential
and carrying them through to a full practical the business benefits of alternative strategies.
benefits of the new approaches considered and,
demonstration, wherever viable and feasible. Directs development of enterprise-wide
where appropriate, management of change, and
Presents papers at conferences and writes architecture and processes which ensure that the
assistance with implementation.
journal papers of publication quality and/or strategic application of change is embedded in
presents reports, of an equivalent technical Level 7 Identifies, proposes, initiates and leads the management of the organisation. Ensures
standard, to research clients. significant improvement programmes, taking compliance between business strategies,
responsibility for the quality and appropriateness enterprise transformation activities and
Level 4 Contributes to research goals and builds of the work performed, and the realisation of technology directions, setting strategies, policies,
on and refines appropriate outline ideas for the measurable business benefits. Modifies existing standards and practices.
evaluation, development, demonstration and process improvement approaches and/or
implementation of research. Uses available Level 6 Leads the creation and review of a
develops new approaches to achieve
resources to gain an up-to-date knowledge of any systems capability strategy which meets the
relevant IT field. Reports on work carried out and strategic requirements of the business. Identifies
may contribute significant sections of material of Level 6 Analyses business processes; identifies the business benefits of alternative strategies.
publication quality. Contributes to research plans alternative solutions, assesses feasibility, and Develops enterprise-wide architecture and
and identifies appropriate opportunities for recommends new approaches, typically seeking processes which ensure that the strategic
publication and dissemination of research to exploit technology components. Evaluates the application of change is embedded in the
findings. financial, cultural, technological, organisational management of the organisation. Establishes the
and environmental factors which must be contribution that technology can make to
Level 3 Within given research goals, builds on addressed in the change programme. Establishes business objectives, conducting feasibility
and refines appropriate outline ideas for research, requirements for the implementation of studies, producing high-level business models,
i.e. evaluation, development, demonstration and significant changes in organisational mission, preparing business cases, taking into account as
implementation. Uses available resources to gain business functions and process, organisational necessary any implications of systems
an up-to-date knowledge of any relevant IT field. roles and responsibilities, and scope or nature of considered. Ensures compliance between
Reports on work carried out and may contribute service delivery. business strategies, enterprise transformation
sections of material of publication quality. activities and technology directions, setting
Level 5 Analyses business processes; identifies strategies, policies, standards and practices.
alternative solutions, assesses feasibility, and
recommends new approaches. Contributes to Level 5 Contributes to the creation and review of
evaluating the factors which must be addressed a systems capability strategy which meets the
in the change programme. Helps establish strategic requirements of the business. Develops
requirements for the implementation of changes models and plans to drive forward the strategy,
in the business process. taking advantage of opportunities to improve
business performance. Takes responsibility for
investigative work to determine requirements
and specify effective business processes, through
improvements in information systems, data
management, practices, procedures, organisation
and equipment.

SFIA 4G: Framework reference Strategy & architecture: Technical strategy and planning

Business risk management (BURM) Technical strategy and planning Emerging technology monitoring
The planning and implementation of
organisation-wide processes and procedures for Solution architecture (ARCH) The identification of new and emerging
the management of operational risk arising from hardware, software and communication
any aspect of the use of information technology, The development and communication of technologies and products, services, methods
including that arising from reduction or structural frameworks (hardware, software and and techniques and the assessment of their
non-availability of energy supply or inappropriate other components) which meet the present and relevance and potential value as business
disposal of materials, hardware or data. future requirements of an organisation, and the enablers, improvements in cost/performance or
interrelationships between these components. sustainability. The promotion of emerging
Level 6 Plans and manages the implementation
The design of solutions required to automate technology awareness among staff and business
of organisation-wide processes and procedures,
business processes and resolve business issues management.
tools and techniques for the identification,
assessment, and management of risk inherent in in a particular business or functional area. The
Level 6 Co-ordinates the identification and
the operation of business processes and of provision of direction and guidance on all
assessment of new and emerging hardware,
potential risks arising from planned IT-enabled technical aspects of the development of, and
software and communication technologies,
change. modifications to, information systems to ensure
products, methods and techniques. Evaluates
that they take account of relevant architectures,
likely relevance of these for the organisation.
Level 5 Carries out risk assessment within a strategies, policies, standards and practices and
Provides regular briefings to staff and
defined functional or technical area of business. that existing and planned systems and IT
Uses consistent processes for identifying infrastructure remain compatible.
potential risk events, quantifying and Level 5 Monitors the market to gain knowledge
documenting the probability of occurrence and Level 6 Leads the development of architectures
and understanding of currently emerging
the impact on the business. Refers to domain for complex systems, ensuring consistency with
technologies. Identifies new and emerging
experts for guidance on specialised areas of risk, specified requirements agreed with both
hardware and software technologies and
such as architecture and environment. external, and internal customers. Takes full
products based on own area of expertise,
Co-ordinates the development of responsibility for the balance between functional,
assesses their relevance and potential value to
countermeasures and contingency plans. service quality and systems management
the organisation, contributes to briefings of staff
requirements within a significant area of the
and management.
organisation. Establishes policy and strategy for
the selection of systems architecture
Sustainability strategy (SUST) components, and co-ordinates design activities,
promoting the discipline to ensure consistency. Continuity management (COPL)
The preparation of a sustainability strategy for IT, Ensures that appropriate standards (corporate,
taking into account any established corporate industry, national and international) are adhered The provision of service continuity planning and
strategy, to be used as a basis for policies and to. Within a business change programme, support. This includes the identification of
planning, and covering both consumption and manages the target design, policies and information systems which support critical
sources of supply of energy and materials. standards, working proactively to maintain a business processes, the assessment of risks to
Evaluation and inclusion, as appropriate, of stable, viable architecture and ensure consistency those systems' availability, integrity and
political, legislative, economic, social and of design across projects within the programme. confidentiality and the co-ordination of planning,
technological factors. Identification of major designing, testing and maintenance procedures
external standards, practices or schemes to be Level 5 Uses appropriate tools, including logical and contingency plans to address exposures and
adopted. Consultation with identified relevant models of components and interfaces, to maintain agreed levels of continuity. This function
parties, either internal or external. Obtaining contribute to the development of systems should be performed as part of, or in close
agreement to the strategy and the commitment architectures in specific business or functional cooperation with, the function which plans
to act upon it. areas. Produces detailed component business continuity for the whole organisation.
specifications and translates these into detailed
Level 6 Provides leadership and guidelines on designs for implementation using selected Level 5 Owns the service continuity planning
sustainability; leads in the development of a products. Within a business change programme, process and leads the implementation of
sustainability strategy for IT, encompassing assists in the preparation of technical plans and resulting plans. Coordinates the identification by
sources of supply, control and measurement of cooperates with business assurance and project specialists across the organisation of information
in-house utilisation, procurement of staff to ensure that appropriate technical and communication systems which support the
resource-efficient products and services, and resources are made available. Provides advice on critical business processes, and the assessment
legislative factors. technical aspects of system development and of risks to the availability, integrity, and
integration (including requests for changes, confidentiality of those systems. Evaluates the
Level 5 Contributes to strategy formation by
deviations from specifications, etc.) and ensures critical risks associated with these systems and
providing in-depth analysis of one or more broad
that relevant technical strategies, policies, identifies priority areas for improvement.
aspects of the organisation’s use of energy and
standards and practices are applied correctly. Coordinates the planning, designing, testing of
materials, and by recommending elements of the
maintenance procedures and contingency plans
strategy; provides in-depth advice in own area of
to address exposure to risk and ensure that
expertise. Provides analysis of risks arising in the
agreed levels of continuity are maintained.
areas covered.
Level 4 Provides input to the service continuity
planning process and implements resulting

SFIA 4G: Framework reference Strategy & architecture: Technical strategy and planning

Software development process Sustainability management for IT Methods & tools (METL)
improvement (SPIM) (SUMI)
Ensuring that appropriate methods and tools for
The provision of advice, assistance and The specification, planning and management of the planning, development, testing, operation,
leadership in improving the quality of software changes to IT assets, systems, processes or management and maintenance of systems are
development, by focusing on process definition, practices intended to reduce or constrain adopted and used effectively throughout the
management, repeatability and measurement. consumption and/or disposal of energy or organisation.
The facilitation of improvements by changing materials, within the context of company strategy
Level 6 Sets direction and leads in the
approaches and working practices, typically using and policy, and regulatory and contractual
introduction and use of techniques,
recognised models such as the Capability requirements. The evaluation of changes to
methodologies and tools, to match overall
Maturity Model Integration (CMMI), the Software ensure that planned benefits have been
business requirements (both current and future),
Process Improvement and Capability obtained. The specification of remedial and
ensuring consistency across all user groups.
dEtermination Model (SPICE), Test Process process improvement actions in cases where
Improvement (TPI) and Test Maturity Model planned benefits have not been obtained. The Level 5 Promotes and ensures use of
(TMM). identification and planning of alternative sources appropriate techniques, methodologies and
of supply. tools.
Level 7 Liaises with client functions to establish
business requirements and identifies, proposes, Level 6 Establishes the overall approach to the Level 4 Provides expertise and support on use
initiates and leads significant improvement incorporation of sustainability requirements and of methods and tools.
programmes. Manages the quality and factors into the specification and design of
appropriateness of the work performed and systems and services; determines relevant
delivers measurable business benefits. Modifies methods and tools to be used to address energy
existing software process improvement efficiency issues in specification, design and
approaches and/or develops new approaches to operation.
achieving improvement.
Level 5 Plans and implements new practices
Level 6 Plans and manages the evaluation of that ensure that sustainability matters are
software processes. Identifies, proposes, and appropriately addressed in specification, design
initiates software process improvement activities and operation of systems and services.
within the organisation, devising solutions. Takes Recommends methods, tools and practices to be
action to exploit opportunities that will have a used. Establishes organisation-wide practices for
measurable effect on operational effectiveness, the disposal of materials. Sets standards for the
with associated benefits to the business. conformance of components and services to
efficient use of energy and materials.
Level 5 Develops and maintains a detailed
knowledge of software process improvement.
Contributes effectively to identifying new areas of
software process improvement within the
Network planning (NTPL)
organisation. Carries out software process
improvement assignments, justified by The creation and maintenance of overall network
measurable business benefits. plans, encompassing the communication of data,
voice, text and image, in the support of an
organisation's business strategy. This includes
participation in the creation of service level
agreements and the planning of all aspects of
infrastructure necessary to ensure provision of
network services to meet such agreements.
Physical implementation may include copper
wire, fibre-optic, wireless, or any other

Level 6 Creates and maintains overall network

plans to support the organisation's business
strategy, agrees service level agreements with
customers and plans all aspects of the
infrastructure necessary to ensure provision of
network services to meet such agreements.

Level 5 Creates and maintains network plans for

own area of responsibility, contributes to setting
service level agreements, and plans the
infrastructure necessary to provide the network
services to meet such agreements.

SFIA 4G: Framework reference Business change: Business change implementation

Business change Business change

activities to ensure the effective implementation
of interrelated programmes/projects from
business case initiation to final operational stage.
Plans, schedules, monitors and reports on
activities related to the portfolio of programmes.
Portfolio management (POMG) Monitors progress to ensure each project is
performing as expected. Determines, monitors
The systematic appraisal, evaluation and and reviews all programme and inter-programme
management of the IT portfolio of programmes economics to ensures that the portfolio of
and projects in support of specific business programmes/projects is managed to realise
strategies. The development and application of a business benefits. Provides general and specific
portfolio management framework to ensure that advice. Presents key information at each level
all interdependencies are managed and that within the organisation as appropriate. Monitors
standards are maintained across the lifecycle of the standards for the project / programme
different programmes. The delivery and delivery lifecycle. Notifies projects/programmes
documentation of objective and independent of exceptions when they are unsafe and reports
investment appraisal and project review to senior management for corrective action.
throughout the programme lifecycle. The Identifies issues with project/programme
consistent application of the project / structure, resourcing, risks, funding and
programme delivery lifecycle, pre-approval check dependencies.
of business cases, putting projects/programmes
into exception when they are unsafe and to Level 5 Ensures that programme and project
escalate/engage/influence senior management leads adhere to the agreed portfolio
to take corrective action. Supporting the management approach and timetable and that
continuous improvement through the review of they provide the appropriate information to
project/programme structure, resourcing, risks, agreed targets of timelines and accuracy.
funding, and dependencies. Produces reports as appropriate for portfolio
governance, including making recommendations
Level 7 Sets and maintains the portfolio for changes to the portfolio.
management approach across the IT function.
Has an in-depth knowledge of both the business
and IT strategies and what objectives and
business benefit must be fulfilled. Ensures
Programme management (PGMG)
portfolio design is aligned with business strategy
and is making the maximum possible The identification, planning and coordination of a
contribution to the strategic goals and targets of set of related projects within a programme of
the organisation. Plans and initiates portfolio business change, to manage their
definition and management activities across the interdependencies in support of specific business
full programme and project lifecycle. Leads the strategies. The maintenance of a strategic view
determination of business requirements and over the set of projects, providing the framework
translates requirements into operational plans. for implementing business initiatives, or
Monitors and reviews the economics of all large-scale change, by conceiving, maintaining
programme processes, and ensures there are and communicating a vision of the outcome of
effective governance arrangements, supported the programme. The vision, and the means of
by comprehensive reporting. Evaluates changes achieving it, may change as the programme
to programme management practices and progresses.
initiates improvement to the organisation's Level 7 Aligns the objectives for information
practices. Ensures consistent application of systems activities with business change
standards for the project / programme delivery objectives, and authorises the selection and
lifecycle, pre-approval check of business cases, planning of all related projects and activities.
and putting projects/programmes into exception Plans, directs, and co-ordinates activities to
when they are unsafe. manage and implement complex interrelated
Escalates/engages/influences senior projects from contract/proposal initiation to final
management to take corrective action. Leads the operational stage. Plans, schedules, monitors,
review of project/programme structure, and reports on activities related to the
resourcing, risks, funding, and dependencies. programme. Leads the programme teams in
Level 6 Leads the development of the portfolio determining business requirements and
roadmap and ongoing portfolio management translating requirements into operational plans.
activity. Ensures that all projects deliver the Determines, monitors, and reviews all
desired objective or benefit, that each project programme economics, including programme
contributes to the overall achievement of the costs, operational budgets, staffing requirements,
portfolio and that portfolio management is programme resources, and programme risk,
informed by an awareness of current technical ensuring that there are appropriate and effective
developments. Plans and coordinates a portfolio
of programmes and portfolio management

SFIA 4G: Framework reference Business change: Business change management

governance arrangements, supported by the change control procedure, and ensures that Business change management
comprehensive reporting. Evaluates changes to project deliverables are completed within
programme management practices and initiates planned cost, timescale and resource budgets,
improvement to organisation practices. and are signed off. Provides effective leadership
to the project team, and takes appropriate action
Business analysis (BUAN)
Level 6 Plans, directs, and co-ordinates activities where team performance deviates from agreed
to manage and implement interrelated projects The methodical investigation, analysis, review
from contract/proposal initiation to final and documentation of all or part of a business in
operational stage; plans, schedules, monitors, Level 4 Defines, documents and carries out terms of business functions and processes, the
and reports on activities related to the small projects (typically less than six months, with information used and the data on which the
programme. Leads the programme team(s) in a small team, limited budget, no information is based. The definition of
determining business requirements and interdependency with other projects, and no requirements for improving processes and
translating requirements into operational plans. significant strategic impact), actively participating systems, reducing their costs, enhancing their
Determines, monitors, and reviews all in all phases. Identifies, assesses and manages sustainability, and the quantification of potential
programme economics to include programme risks to the success of the project. Prepares business benefits. The creation of viable
costs, operational budgets, staffing requirements, realistic project and quality plans and tracks specifications and acceptance criteria in
programme resources, and programme risk. activities against the plans, providing regular and preparation for the construction of information
Ensures that programme is managed to realise accurate reports to stakeholders as appropriate. and communication systems.
business benefits and that programme Monitors costs, timescales and resources used,
Level 6 Takes full responsibility for business
management is informed by an awareness of and takes action where these deviate from
analysis within a significant segment of an
current technical developments. agreed tolerances. Ensures that own projects are
organisation where the advice given and
formally closed and, where appropriate,
decisions made will have a measurable impact
subsequently reviewed, and that lessons learned
on the profitability or effectiveness of the
Project management (PRMG) are recorded.
organisation. Establishes the contribution that
technology can make to business objectives,
The management of projects, typically (but not defining strategies, validating and justifying
exclusively) involving the development and business needs, conducting feasibility studies,
implementation of business processes to meet producing high-level and detailed business
identified business needs, acquiring and utilising models, preparing business cases, overseeing
the necessary resources and skills, within agreed development and implementation of solutions,
parameters of cost, timescales, and quality. taking into account the implications of change on
the organisation and all stakeholders. Guides
Level 7 Sets organisational strategy governing
senior management towards accepting change
the direction and conduct of project
brought about through process and
management, including application of
organisational change.
appropriate methodologies. Authorises the
management of large scale projects. Leads Level 5 Takes responsibility for investigative
project planning, scheduling, controlling and work to determine business requirements and
reporting activities for strategic, high impact, high specify effective business processes, through
risk projects. Manages risk and ensures that improvements in information systems,
solutions to problems are implemented in line information management, practices, procedures,
with change control processes. and organisation change. Applies and monitors
the use of required modelling and analysis tools,
Level 6 Takes full responsibility for the definition,
methods and standards, giving special
documentation and successful completion of
consideration to business perspectives. Conducts
complex projects (typically greater than 12
investigations at a high level for strategy studies,
months, with significant business, political, or
business requirements specifications and
high-profile impact, and high-risk dependencies),
feasibility studies. Prepares business cases which
ensuring that realistic project, quality, change
define potential benefits, options for achieving
control and risk management processes are
these benefits through development of new or
maintained. Monitors and controls resources,
changed processes, and associated business
revenue and capital costs against the project
risks. Identifies stakeholders and their business
budget and manages expectations of all project
Level 4 Investigates operational requirements,
Level 5 Takes full responsibility for the definition,
problems, and opportunities, seeking effective
documentation and satisfactory completion of
business solutions through improvements in
medium-scale projects (typically lasting 6–12
automated and non-automated components of
months, with direct business impact, teams of
new or changed processes. Assists in the analysis
3–5 and firm deadlines). Identifies, assesses and
of stakeholder objectives, and the underlying
manages risks to the success of the project.
issues arising from investigations into business
Ensures that realistic project and quality plans are
requirements and problems, and identifies
prepared and maintained and provides regular
and accurate reports to stakeholders as
appropriate.Ensures Quality reviews occur on
schedule and according to procedure. Manages

SFIA 4G: Framework reference Business change: Business change management

options for consideration. Identifies potential Change implementation planning organisation boundaries, and creates future
benefits, and available options for consideration. and management (CIPM) organisation design, including location strategy
Works with clients/users in defining acceptance and the number of locations required. Outlines
tests. The definition and management of the process performance measurement objectives and the
for deploying and integrating IT capabilities into high level implementation approach.
Level 3 Investigates operational needs and
problems, and opportunities, contributing to the the business in a way that is sensitive to and fully Level 5 Conducts business impact assessment
recommendation of improvements in automated compatible with business operations. to identify how the changes from the ’as-is’
and non-automated components of new or Level 6 Ensures that there is a business processes, systems, and structures to the ’to-be’
changed processes and organisation. Assists in perspective on how the new technical capabilities processes, systems and structures impact specific
defining acceptance tests for these will be delivered to the business, including organisations and roles. Outlines how the
recommendations. planning around key business cycles, selecting organisation structure, jobs, teams and roles
appropriate customers for migration, etc. Initiates need to change to enable the future business
the business implementation plan, including all processes. Aligns existing jobs/organisational
Business process testing (BPTS) the activities that the business needs to do to structures to new processes.
prepare for new technical components and
The planning, design, management, execution technologies. Ensures sites deliver site
and reporting of business process tests and implementation plans that align with the overall Benefits management (BENM)
usability evaluations. The application of plan. Tracks and reports against these activities to
evaluation skills to the assessment of the ensure progress. Defines and manages the Monitoring for the emergence of anticipated
ergonomics, usability and fitness for purpose of activities to ensure achievement of the business benefits (typically specified as part of the
defined processes. This includes the synthesis of case after delivery. Outlines key business business case for a change programme or
test tasks to be performed (from statement of engagement messages that need to take place project). Action (typically by the programme
user needs and user interface specification), the throughout the programme / project. management team) to optimise the business
design of an evaluation programme, the selection impact of individual and combined benefits.
of user samples, the analysis of performance, and Level 5 Creates the business readiness plan,
inputting results to the development team. taking into consideration IT deployment, data Level 6 Promotes the change programme vision
migration, capability deployment (training and to staff at all levels of the business operation,
Level 6 Is responsible for organisational engagement activities) and any business brings order to complex situations, and keeps a
commitment to high standards in human factors. activities required to integrate new processes or focus on business objectives. Works with senior
Specifies ergonomics standards and methods to jobs into the ’business as usual’ environment. people responsible for the line business
meet organisational objectives. Sets the policy Determines the readiness levels of business operation, to ensure maximum improvements
and standards for business process testing. users with regard to upcoming changes; are made in the business operations as groups of
Manages the design and execution of business uncovers readiness gaps and creates and projects deliver their products into operational
process tests, usability evaluations, network and implements action plans to close the gaps prior use. Maintains the business case for funding the
business trials, confidence tests. Maintains an to going live. Assists the user community in the programme and confirms continuing business
overview of the business environment, required provision of transition support and change viability of the programme at regular intervals.
outcomes and potential exposures. planning, and liaises with the project team.
Monitors and reports progress on business Level 5 Identifies specific measures and
Level 5 Designs and manages tests of readiness targets, business engagement activity, mechanisms by which benefits can be
new/updated processes. Specifies test training design and deployment activities, key measured, and plans to activate these
environment for whole life-cycle testing (e.g. operational metrics and return to productivity mechanisms at the required time. Monitors
using model office concept). Manages measures. Defines the series and sequence of benefits against what was predicted in the
selection/creation of relevant scenarios for activities to bring stakeholders to the required business case and ensures that all participants
testing and ensures that tests reflect realistic level of commitment, prior to going live. are informed and involved throughout the
operational business conditions. Ensure tests and change programme and fully prepared to exploit
results are documented, reported to stakeholders the new operational business environment once
and are available for specification of user it is in place. Supports senior management to
instructions. Highlights issues and risks identified
Organisation design and ensure that all plans, work packages and
during testing to business stakeholders. Provides implementation (ORDI) deliverables are aligned to the expected benefits
specialist guidance and advice to less and leads activities required in the realisation of
experienced colleagues and users to ensure that The design and implementation of an integrated the benefits of each part of the change
test are conducted in an appropriate manner. organisation structure, role profiles, culture, programme.
performance measurements, competencies and
Level 4 Specifies and develops test scenarios to skills, to facilitate strategies for change and for
test that new/updated processes deliver training to enable the change. The identification
improved ways of working for the end user at the of key attributes of the culture and the key
Business modelling (BSMO)
same time as delivering efficiencies and planned principles and factors for addressing location
business benefits. Records and analyses test The production of abstract or distilled
results, and reports any unexpected or representations of real world/business situations
unsatisfactory outcomes. Uses test plans and Level 6 Anticipates major changes affecting the to aid the communication and understanding of
outcomes to specify user instructions. organisation, and mobilises resources to existing, conceptual or proposed scenarios.
implement changes. Advises business managers
about the implications of planned IT-enabled
change on the business, on processes and on
customers. Initiates the definition of new

SFIA 4G: Framework reference Business change: Relationship management

Predominantly focused around the Sustainability assessment (SUAS) Relationship management

representation of processes, data, organisation
and time. Models may be used to represent a The evaluation of the sustainability of operational
subject at varying levels of detail/ decomposition. or planned IT services, devices and day-to-day Stakeholder relationship
operations such as travel. The establishment of a
Level 6 Defines modelling standards and quality
model or scheme to track changes in
management (RLMT)
targets for an organisation. Has continuing
consumption over time and to generate feedback
responsibility for the maintenance of models for The coordination of relationships with and
to enable improvements in energy or resource
a designated function. Initiates organisation-wide between key stakeholders, during the design,
efficiency. The identification of areas requiring
modelling improvement activities and obtains management and implementation of business
attention, and the initiation of actions to change
customer buy-in to general changes. May change.
or control the procurement of energy or other
represent own organisation as a modelling expert
resources, so as to improve sustainability. Level 6 Initiates and influences relationships
in industry initiatives.
with and between key stakeholders. Acts as a
Level 6 Determines the organisation’s approach
Level 5 Produces models in support of business single point of contact for senior stakeholders
to the assessment of sustainability and to the
strategy. Has in-depth knowledge of a broad and influencers. Supports effective business
monitoring of the effectiveness of activities
range of industry-wide modelling techniques. change by building relationships with and
intended to cause improvements. Provides
Advises on the choice of techniques and between senior strategists, planners, designers
overall leadership in assessment activity around
approach and influences customers accordingly. and operational business partners. Initiates
the organisation.
Capable of developing bespoke models for procedures to improve relations and open
unusual contexts. Responsible for planning and Level 5 Leads the introduction and manage- communications with and between stakeholders.
co-ordinating team modelling activities and for ment of measures to assess and report on Initiates and has management oversight of
ensuring the quality of their work. sustainability and the impact of conservation processes to manage and monitor relationships
activities. Ensures that the effectiveness and including lessons learned and the feedback loop
Level 4 Conducts advanced modelling activities to and from business change teams.
accuracy of the monitoring actions is kept under
for significant change programmes and across
review, and that appropriate improvements are
multiple business functions. Has an in-depth Level 5 Develops and manages one or more
knowledge of organisation-standard techniques. defined communication channels and/or
Plans own modelling activities, selecting Level 4 Assesses, records and reports on stakeholder groups. Initiates communications
appropriate techniques and the correct level of utilisation of energy and other resources, showing between stakeholders, acting as a single point of
detail for meeting assigned objectives. May expertise in a given area such as a class of contact for defined groups. Facilitates open
contribute to discussions about the choice of the computing devices, or business travel. Provides communication and discussion between
modelling approach to be used. Obtains input advice on the improvement of sustainability in stakeholders. Captures and disseminates
from and communicates modelling results to that area of expertise. technical and business information. Facilitates the
senior managers for agreement. business change decision-making processes, and
the planning and implementation of change.
Level 3 Conversant with techniques covering full
range of modelling situations. Models current and
desired scenarios as directed. Selects appropriate
modelling techniques for meeting assigned
objectives. Gains agreement from subject matter
experts to models produced. Reviews resulting
models with stakeholders and gains resolution to
resultant issues.

Level 2 Understands the purpose and benefits

of modelling. Uses established techniques as
directed to model simple subject areas with
clearly-defined boundaries. May assist in more
complex modelling activities. Develops models
with input from subject matter experts and
communicates the results back to them for
review and confirmation.

SFIA 4G: Framework reference Solution development and implementation: Systems development

Solution development Systems development relationship descriptions, attribute definitions).

Provides advice and guidance to database
and implementation designers and others using the data structures
and associated components.
Systems development
management (DLMG) Level 3 Applies data analysis, data modelling,
and quality assurance techniques, based upon a
The management of resources in order to plan, detailed understanding of business processes, to
estimate and carry out programmes of systems establish, modify or maintain data structures and
development work to time, budget and quality associated components (entity descriptions,
targets and in accordance with appropriate relationship descriptions, attribute definitions).
standards. Advises database designers and other application
development team members on the details of
Level 7 Sets strategy for resource management data structures and associated components.
within systems development, authorises the
allocation of resources for programmes of system Level 2 Applies data analysis and data modelling
development projects, and maintains an techniques to establish, modify or maintain a
overview of the contribution of the programme to data structure and its associated components
organisational success. (entity descriptions, relationship descriptions,
attribute definitions).
Level 6 Identifies and manages the resources
necessary for all stages (planning, estimation,
execution) of individual systems development
projects to ensure technical, financial and quality
Requirements definition and
targets are met. management (REQM)
Level 5 Agrees, with business management, The definition and management of the business
systems development projects which support the goals and scope of change initiatives. The
organisation's objectives and plans. Ensures that specification of business requirements to a level
management is both aware of and able to that enables effective delivery of agreed changes.
provide the required resources, and that available
resources are properly utilised and accounted for. Level 6 Determines policy on discovery, analysis
Monitors and reports on the progress of systems and documentation of requirements. Defines
development projects, using appropriate quality requirements standards and quality targets for an
assurance processes to ensure that projects are organisation in agreement with key stakeholders.
carried out in accordance with agreed standards, Organises scoping and business priority setting
methods and procedures. for strategic business changes involving business
policy-makers and direction setters.

Level 5 Facilitates scoping and business priority

Data analysis (DTAN) setting for large or complex changes, engaging
senior stakeholders as required. Selects the most
The investigation, evaluation, interpretation and appropriate means of representing business
classification of data, in order to define and clarify requirements in the context of a specific change
information structures which describe the initiative. Drives the requirements elicitation
relationships between real world entities. Such process where necessary, identifying what
structures facilitate the development of software stakeholder input is required. Obtains formal
systems, links between systems or retrieval agreement from a large and diverse range of
activities. potentially senior stakeholders and recipients to
the scope and requirements, plus the
Level 5 Sets standards for data analysis tools
establishment of a base-line on which delivery of
and techniques, advises on their application, and
a solution can commence. Takes responsibility
ensures compliance. Manages the investigation
for the investigation and application of changes to
of corporate data requirements, and co-ordinates
programme scope. Identifies the impact on
the application of data analysis and data
business requirements of external impacts
modelling techniques, based upon a detailed
affecting a programme or project.
understanding of the corporate information
requirements, in order to establish, modify or Level 4 Facilitates scoping and business
maintain data structures and their associated priority-setting for change initiatives of medium
components (entity descriptions, relationship size and complexity. Contributes to selection of
descriptions, attribute definitions). the most appropriate means of representing
business requirements in the context of a specific
Level 4 Investigates corporate data
change initiative, ensuring traceability back to
requirements, and applies data analysis, data
source. Discovers and analyses requirements for
modelling and quality assurance techniques, to
fitness for purpose as well as adherence to
establish, modify or maintain data structures and
business objectives and consistency, challenging
their associated components (entity descriptions,
positively as appropriate. Obtains formal

SFIA 4G: Framework reference Solution development and implementation: Systems development

agreement by stakeholders and recipients to options and assesses and manages associated Database/repository design
scope and requirements and establishes a risks. Ensures that the system design balances (DBDS)
base-line on which delivery of a solution can functional, service quality and systems
commence. Manages requests for and the management requirements. The specification, design and maintenance of
application of changes to base-lined mechanisms for storage and access to both
requirements. Identifies the impact on business Level 4 Recommends/designs structures and
tools for systems which meet business needs. structured and unstructured information, in
requirements of interim (e.g. migration) support of business information needs.
scenarios as well as the required end position. Delivers technical visualisation of proposed
applications for approval by customer and Level 6 Sets strategies for effective use of
Level 3 Defines scope and business priorities for execution by system developers. Translates database technology taking account of the
small-scale changes and may assist in larger scale logical designs into physical designs, and complex interrelations between
scoping exercises. Elicits and discovers produces detailed design documentation. Maps hardware/software. Provides specialist expertise
requirements from operational management and work to user specification and removes errors in the development, use or operation of database
other stakeholders. Selects appropriate and deviations from specification to achieve management system tools and facilities. Provides
techniques for the elicitation of detailed user-friendly processes. expert knowledge in the selection, provision and
requirements taking into account the nature of use of database architectures, software and
the required changes, established practice and Level 3 Specifies user/system interfaces, and
translates logical designs into physical designs facilities, typically taking responsibility for a team
the characteristics and culture of those providing of technical staff.
the requirements. Specifies and documents taking account of target environment,
business requirements as directed, ensuring performance requirements and existing systems. Level 5 Maintains and applies up to date,
traceability back to source. Analyses them for Produces detailed designs and documents all specialist knowledge of database concepts,
adherence to business objectives and for work using required standards, methods and object and data modelling techniques and design
consistency, challenging positively as appropriate. tools, including prototyping tools where principles, and a detailed knowledge of the full
Works with stakeholders to prioritise appropriate. range of database architectures, software and
requirements. facilities available. Analyses data requirements, to
Level 2 Undertakes complete design of simple
applications using simple templates and tools. establish, modify or maintain a data model. Takes
Level 2 Uses established techniques as directed account of specialist requirements (e.g.
to identify current problems and elicit, specify Assists as part of a team on design of
components of larger systems. Produces detailed geocoding, for geographic information systems).
and document business functional, data and Interprets the model into an appropriate
non-functional requirements for simple subject designs including for example: physical data
flows, file layouts, common routines and utilities, database schema within set policies.
areas with clearly-defined boundaries. Assists in Demonstrates, installs and commissions selected
more complex requirements activities and with program specifications or prototypes, and
backup, recovery and restart procedures. products.
the processes for establishing agreed baselines
for change and managing the assessment and Level 4 Develops and maintains specialist
application of requested changes to those knowledge of database concepts, object and data
requirements. Network design (NTDS) modelling techniques and design principles and
a detailed knowledge of database architectures,
The production of network designs and design software and facilities. Analyses data
Systems design (DESN) policies, strategies, architectures and requirements to establish, modify or maintain
documentation, covering voice, data, text, e-mail, object/data models. Evaluates potential
The specification and design of information facsimile and image, to support business solutions, demonstrating, installing and
systems and the design or selection of requirements and strategy. This may incorporate commissioning selected products.
components to meet defined business needs, all aspects of the communications infrastructure,
internal and external, mobile, public and private, Level 3 Develops specialist knowledge of
retaining compatibility with enterprise and
Internet, Intranet and call centres. database concepts, object and data modelling
solution architectures, and conforming to
techniques and design principles. Translates
corporate standards within constraints of cost,
Level 6 Takes responsibility for major aspects of object and data models into appropriate
security and sustainability.
network specification and design within the database schemas within design constraints.
Level 6 Controls system design practice within organisation. Produces network design policies, Interprets installation standards to meet project
an enterprise or industry architecture. Influences philosophies and criteria covering connectivity, needs and produces database components as
industry-based models for the development of capacity, interfacing, security, resilience, recovery, required. Evaluates potential solutions,
new technology applications. Develops effective access and remote access. demonstrating, installing and commissioning
implementation and procurement strategies, selected products.
Level 5 Produces outline system designs and
consistent with business needs.
specifications, and overall architectures, Level 2 Translates and implements simple
Level 5 Specifies and designs large or complex topologies, configuration databases and design development project requirements into physical
systems. Selects appropriate design standards, documentation of networks and networking database structures. Assesses proposed changes
methods and tools, consistent with agreed technology within the organisation. Specifies to object and data structures and implements
enterprise and solution architectures and ensures user/system interfaces, including validation and these changes in physical databases. Assists in
they are applied effectively. Reviews others' error correction procedures, processing rules, database management system support activities
systems designs to ensure selection of access, security and audit controls. Assesses for operational database systems.
appropriate technology, efficient use of associated risks, and specifies recovery routines
resources, and integration of multiple systems and contingency procedures. Translates logical
and technology. Contributes to policy for designs into physical designs.
selection of architecture components. Evaluates
and undertakes impact analysis on major design

SFIA 4G: Framework reference Solution development and implementation: Systems development

Programming/software systems architectures up to the highest safety material developed by document content
development (PROG) integrity levels. Develops and maintains project creators within the organisation. Manages
safety assurance plans, monitors compliance and relationships with stakeholders, ensuring that
The design, creation, testing and documenting of ensures that safety assurance evidence is they receive the information that they need.
new and amended programs from supplied gathered for safety case preparation. Manages reviews of draft material.
specifications in accordance with agreed Level 4 Contributes to the identification, analysis Level 5 Designs overall support information
standards. and documentation of hazards, and to the package plans. Manages small teams of authors,
Level 5 Sets standards for programming tools capture, evaluation and specification of safety ensuring that they are aware of and work to
and techniques, advises on their application and requirements. Analyses and documents safety relevant standards. Advises on appropriate
ensures compliance. Takes technical validation results. Contributes to the documentation formats and documentation
responsibility for all stages in the software development and maintenance of project safety systems to satisfy requirements. Organises
development process. Prepares project and assurance plans, and gathers safety assurance reviews of draft material.
quality plans and advises systems development evidence for safety case preparation.
Level 4 Determines the documentation needs
teams. Assigns work to programming staff and Level 3 Assists with the collection of safety of users. Designs individual documentation
monitors performance, providing advice, assurance evidence, undertaking all work in plans. Creates drafts for review of information
guidance and assistance to less experienced accordance with agreed safety, technical and format and content. Organises the production
colleagues as required. quality standards, using appropriate methods and and distribution of approved documentation
Level 4 Designs, codes, tests, corrects and tools. Documents the results of hazard and risk items. Designs the content and appearance of
documents large and/or complex programs and analysis activities. complex information deliverables (e.g. web
program modifications from supplied pages) in collaboration with clients/users.
specifications using agreed standards and tools, Creates and tests complex, well-engineered
to achieve a well engineered result. Takes part in Sustainability engineering (SUEN) deliverables with specified content and layout.
reviews of own work and leads reviews of Manages the configuration of documentation
colleagues' work. The application of appropriate methods to assure items and files, within own area of responsibility.
sustainability in all phases of the life cycle of Level 3 Liaises with clients/users to clarify details
Level 3 Designs, codes, tests, corrects, and energy- or materials-consuming systems and
documents moderately complex programs and of requirements. Designs, creates and tests
services, including maintenance and re-use. moderately complex, well-engineered
program modifications from supplied These include such things as energy supply risk
specifications, using agreed standards and tools. information deliverables with specified content
analysis, specification of materials procurement and layout. Manages the configuration of
Conducts reviews of supplied specifications, with guidelines, factors influencing system design, and
others as appropriate. documentation items and files, within own area
the verification of energy efficiency. of responsibility.
Level 2 Designs, codes, tests, corrects, and Level 6 Creates models to ensure that new
documents simple programs, and assists in the Level 2 Develops a broad understanding of
systems and services are designed to achieve technical publication concepts, tools and
implementation of software which forms part of specified levels of sustainability and to optimise
a properly engineered information or methods and the way in which these are
the consumption and re-cycling of materials. implemented. Develops an understanding of
communications system. Defines and promulgates best practices in publication development support activities, such
sustainability. as information gathering, user task analysis,
Level 5 Designs systems, services and creating draft documentation, and illustration,
Safety engineering (SFEN) and printing and publishing. Works with
components that meet required levels of
sustainability and specific profiles of materials colleagues and clients to create new sections of
The application of appropriate methods to assure technical documentation through all stages of the
safety during all lifecycle phases of safety-related consumption.
publication process as support literature.
systems developments, including maintenance Level 4 Investigates and recommends
and re-use. These include safety hazard and risk components and subsystems that meet
analysis, safety requirements specification, sustainability criteria.
safety-related system architectural design, formal
Testing (TEST)
method design, safety validation and verification,
and safety case preparation. The concurrent lifecycle process of engineering,
Information content authoring using and maintaining testware (test cases, test
Level 6 Takes full responsibility for hazard (INCA) scripts, test reports, test plans, etc) to measure
analysis and risk assessment, safety-related and improve the quality of the software being
system architectural design, safety assurance The planning, design and creation of textual tested. Testing embraces the planning, design,
planning and compliance and safety case information, supported where necessary by management, execution and reporting of tests,
preparation on systems up to the highest safety graphical content. This material may be delivered using appropriate testing tools and techniques
integrity levels. Takes responsibility for the electronically (for example, as collections of web and conforming to agreed standards (such as ISO
safety-related aspects of multiple complex or pages) or otherwise. This skill includes managing 29119), to ensure that new and amended
high safety integrity level projects, providing the quality assurance and authoring processes for systems, configurations, packages, or services,
effective leadership to team members. the material being produced. together with any interfaces, perform as
Level 5 Identifies and analyses hazards and Level 6 Manages documentation projects,
contributes to the identification and evaluation of ensuring that adequate procedures, standards,
risk reduction measures, ensuring these are tools and resources are in place and
adequately documented. Specifies safety-related implemented to ensure the appropriate quality of

SFIA 4G: Framework reference Solution development and implementation: Human factors

Level 6 Determines testing policy, and owns the Human factors Usability evaluation (USEV)
supporting processes. Takes responsibility for the
management of all testing activities within a Formal assessment of the usability (including
development or integration project or health and safety, and accessibility) of new or
programme. Manages all risks associated with the
Systems ergonomics (HCEV)
existing products or services (including
testing and takes preventative action when any prototypes). Methods include user trials, expert
The iterative development of the allocation of
risks become unacceptable. Assesses and review, survey, and analysis.
function (between the human, machine and
advises on the practicality of testing process
organisational elements of systems), user Level 5 Advises on what to evaluate and type of
alternatives. Identifies improvements to the
interaction and job design. The optimisation of evaluation. Ensures that the results of evaluations
process and assists in their implementation.
accessibility and usability, based on user are understood by system developers.
Level 5 Coordinates and manages planning of requirements, the context of use, relevant
the system and acceptance tests within a ergonomics knowledge and feedback from Level 4 Plans and performs all types of
development or integration project or evaluations of prototypes. evaluation. Interprets and presents the results of
programme. Takes responsibility for integrity of evaluations.
Level 6 Is responsible for organisational
testing and acceptance activities and coordinates
commitment to high standards in human factors. Level 3 Performs, analyses and documents
the execution of these activities. Provides
Specifies ergonomics standards and methods to evaluations according to a plan, excluding expert
authoritative advice and guidance on any aspect
meet organisational objectives. reviews.
of test planning and execution. Defines and
communicates the test strategy for the project. Level 5 Advises what ergonomics tools and Level 2 Assists in the preparations for
Manages all phases of testing, including plans, methods to use in order to allocate functions, evaluations and in the operation of the test
resources, costs, timescales, test deliverables and design user interaction and users' jobs. environment. Maintains the test environment.
auditability. Assesses suppliers' development and
testing capabilities. Selects project testing Level 4 Specifies how to use ergonomics tools
standards for all phases, influencing all parties to and methods to allocate functions, design user
conform to those standards. Manages the client interaction and users' jobs. Human factors integration (HFIN)
relationship with respect to all testing matters.
Identifies process improvements, contributes to Level 3 Applies ergonomics tools and methods Achievement of optimum levels of product or
corporate testing standards and definition of best to allocate functions, design user interaction and service usability, by ensuring that project and
practice users' jobs. enterprise activities take account of the user
Level 4 Defines and creates test cases from
analysis of both functional and non-functional Level 7 Acts to influence the perception of the
Usability requirements analysis organisation, in relation to ergonomics, and the
specifications (such as reliability, efficiency,
usability, maintainability and portability).
(UNAN) user experience of deployed IT products and
Produces test scripts, materials and regression systems, and to ensure that this is addressed in
The establishment, clarification and future design.
test packs to test new and amended software or
communication of non-functional requirements
services. Specifies requirements for environment,
for usability (for example, screen Level 6 Is responsible for organisational
data, resources and tools. Interprets, executes
design/layout/consistency, response times, commitment to high standards in all aspects of
and documents complex test scripts using agreed
capacity). The analysis of the characteristics of the interaction between users and deployed
methods and standards. Records and analyses
users and their tasks, and the technical, technology - the user experience.
actions and results, and maintains a defect
organisational and physical environment in which
register. Reviews test results and modifies tests if Level 5 Advises on achievement of usability
products or systems will operate.
necessary. Provides reports on progress, (including health and safety and accessibility) for
anomalies, risks and issues. Produces reports on Level 5 Advises on tools and methods to be IT products and services.
system quality and metrics on test cases. used and clarifies and communicates the
non-functional requirements of system users,
Level 3 Reviews requirements and
their characteristics and tasks, and the technical,
specifications, and defines test requirements for
organisational and physical environment in which
smaller projects. Creates simple test cases and
products or systems will operate.
test scripts. Interprets and executes moderately
complex test scripts, mapping back to Level 4 Selects and uses tools and methods to
pre-determined criteria, recording and reporting establish, clarify and communicate the
outcomes. Provides specialist advice to support non-functional requirements of system users,
others. Analyses and reports test activities and their characteristics and tasks, and identifies the
results. Identifies and reports issues and risks. technical, organisational and physical
environment in which a complex products or
Level 2 Defines test requirements for smaller
systems will operate.
projects. Creates test scripts and supporting data,
working to the specifications provided. Interprets, Level 3 Applies tools and methods to identify
executes and records simple test cases in the non-functional requirements of users, their
accordance with established plans. Analyses and characteristics and tasks, and the technical,
reports test activities and results. Identifies and organisational and physical environment in which
reports issues and risks. the product or system will operate.

SFIA 4G: Framework reference Solution development and implementation: Installation and integration

Installation and integration Level 6 Ensures the availability of hardware, diagnostic tools. Corrects malfunctions, calling on
software, and resources for the systems testing of other experienced colleagues and external
platform-specific versions of one or more resources if required. Documents details of all
software products. Defines configurations hardware/software items that have been
Systems integration (SINT) required for testing with reference to agreed installed and removed so that configuration
testing standards. Evaluates new developments management records can be updated. Develops
The incremental and logical integration and
in the organisation and the industry and advises installation procedures and standards, and
testing of components and/or subsystems and
senior management on potential growth, schedules installation work. Provides specialist
their interfaces in order to create operational
problem areas and resourcing needs. Ensures guidance and advice to less experienced
adherence to agreed standards and good colleagues to ensure best use is made of
Level 6 Sets standards, strategies and practice. available assets, and to maintain or improve the
procedures across the IT service lifecycle installation service.
Level 5 Leads a team, providing expert technical
(including the development lifecycle) in the areas
knowledge in the systems testing of Level 3 Installs or removes hardware and/or
of systems integration and testing and ensures
platform-specific versions of the software software, using supplied installation instructions
that practitioners adhere to them. Manages
products, on varying platforms. Provides specialist and tools including, where appropriate, handover
resources to ensure that the systems integration
guidance information to support, systems testing to the client. Conducts tests, corrects
function operates effectively.
and quality assurance functions to assist in malfunctions, and documents results in
Level 5 Designs and builds integration improving procedures. accordance with agreed procedures. Reports
components and interfaces. Leads practical details of all hardware/software items that have
Level 4 Configures software and equipment and been installed and removed so that configuration
integration work under the technical direction of
tests platform-specific versions of one or more management records can be updated. Provides
the system /service designer. May contribute to
software products. Reports the outcome of assistance to users in a professional manner
the overall design of the service. May define the
testing and identifies potential improvements to following agreed procedures for further help or
technical criteria for product/component
the process and to the software products escalation. Maintains accurate records of user
selection. Contributes to decisions about tools,
according to agreed designs and standards. requests, contact details and outcomes.
methods and approaches.
Contributes to the development of installation
Level 3 Assists in the configuration of software
Level 4 Defines the integration build, accepts procedures and standards.
and equipment and the systems testing of
software modules from software developers, and
platform-specific versions of one or more Level 2 Installs or removes hardware and/or
produces software builds for loading onto the
software products. Documents faults, software, and associated connections, using
target environment. Configures the hardware
implements resolutions and retests to agreed supplied installation instructions and tools.
environment, produces integration test
standards. Conducts tests and corrects malfunctions, calling
specifications, and conducts tests, recording
details of any failures and carrying out fault on help from more experienced colleagues if
diagnosis. required. Documents results in accordance with
Systems agreed procedures. Assists with the evaluation of
Level 3 Defines the integration build and installation/decommissioning change requests. Contributes, as required, to
produces a build definition for generation of the investigations of problems and faults concerning
software. Accepts software modules from the installation of hardware and/or software and
software developers, and produces software confirms the correct working of installations.
The installation, testing, implementation or
builds for loading onto the target hardware from
decommissioning and removal of cabling, wiring, Level 1 Following agreed procedures, performs
software source code. Configures the hardware
equipment, hardware and appropriate software, simple installations, replaces consumable items,
environment, produces integration test
following plans and instructions and in checks correct working of installations, and
specifications, conducts tests and records the
accordance with agreed standards. The testing of documents and reports on work done.
details of any failures. Carries out and reports
hardware and software components, resolving
fault diagnosis relating to moderately complex
malfunctions found and recording the results.
The reporting of details of hardware and software
Level 2 Produces software builds from software installed so that configuration management
source code. Conducts tests as defined in an records can be updated.
integration test specification, records the details
Level 5 Takes responsibility for installation
of any failures, and carries out fault diagnosis
projects, providing effective team leadership,
relating to simple failures, reporting the results of
including information flow to and from the
the diagnosis in a clear and concise manner.
customer during project work. Develops and
implements quality plans and method
statements. Monitors the effectiveness of
Porting/software integration installations and ensures that appropriate
(PORT) recommendations for change are made.

The integration of software products into existing Level 4 Undertakes routine installations and
software environments to produce new de-installations of items of hardware and/or
platform-specific versions of the software software. Takes action to ensure targets are met
products. within established safety and quality procedures,
including, where appropriate, handover to the
client. Conducts tests of hardware and/or
software using supplied test procedures and

SFIA 4G: Framework reference Service management: Service strategy

Service management Service strategy success depends on achieving clearly stated

business/financial goals and performance
targets. Monitors performance and takes
corrective action where necessary.
IT management (ITMG)
Level 5 Takes responsibility for the design,
The management of the IT infrastructure and procurement, installation, upgrading, operation,
resources required to plan for, develop, deliver control, maintenance and effective use of IT
and support properly-engineered IT services and components and monitors their performance.
products to meet the needs of a business. The Provides technical management of an IT
preparation for new or changed services, operation, ensuring that agreed service levels are
management of the change process and the met and all relevant procedures are adhered to.
maintenance of regulatory, legal and professional Schedules and supervises all maintenance and
standards. The management of performance of installation work. Ensures that operational
systems and services in terms of their problems are identified and resolved. Provides
contribution to business performance and in appropriate status and other reports to specialists,
relation to their financial costs and sustainability. users and managers. Ensures that operational
The management of bought-in services including, procedures and working practices are fit for
for example, public network, virtual private purpose and current.
network and outsourced services. The
development of continual service improvement
plans to ensure the IT infrastructure adequately
supports business needs.
Financial management for IT (FMIT)

Level 7 Sets strategy for management of The overall financial management, control and
resources, including corporate stewardship of the IT assets and resources used
telecommunications functions, and promotes the in the provision of IT services, including the
opportunities that technology presents to the identification of materials and energy costs,
employing organisation, including the feasibility ensuring compliance with all governance, legal
of change and its likely impact upon the business. and regulatory requirements.
Authorises allocation of resources for the
Level 6 Sets strategy and develops plans,
planning, development and delivery of all
policies and processes for the accounting,
information systems services and products.
budgeting and, where applicable, charging of IT
Responsible for IT governance (the rules and
resources and services, including the definition of
regulations under which an IT department
cost models and charging models. Sets,
functions and the mechanisms put in place to
negotiates, agrees and manages all financial
ensure compliance with those rules and
budgets and targets, ensuring that there is
regulations). Authorises organisational policies
adequate funding for all IT targets and plans,
governing the conduct of management of change
especially to meet development and capacity
initiatives and standards of professional conduct.
Maintains an overview of the contribution of
programmes to organisational success. Inspires Level 5 Monitors and manages IT expenditure,
creativity and flexibility in the management and ensuring that all IT financial targets are met, and
application of IT. Sets strategy for monitoring and examining any areas where budgets and
managing the performance of IT-related systems expenditure exceed their agreed tolerances.
and services, in respect of their contribution to Assists with the definition and operation of
business performance and benefits to the effective financial control and decision making,
business. especially in the areas of service, projects and
component cost models and the allocation and
Level 6 Identifies and manages resources
apportionment of all incurred IT costs.
needed for the planning, development and
delivery of specified information and Level 4 Monitors and maintains all required
communications systems services and products. financial records for compliance and audit to all
Influences senior level customers and project agreed requirements. Assists all other areas of IT
teams through change management initiatives, with their financial tasks, especially in the areas of
ensuring that professional standards are identification of process, service, project and
maintained. Takes full responsibility for component costs and the calculation and
budgeting, estimating, planning and objective subsequent reduction of all IT service, project,
setting. Plans and manages implementation of component and process failures.
processes and procedures, tools and techniques
for monitoring and managing the performance of
automated systems and services, in respect of
their contribution to business performance and
benefits to the business, where the measure of

SFIA 4G: Framework reference Service management: Service design

Service design Level 4 Contributes to the availability Level 4 Performs defined tasks to monitor
management process and its operation and service delivery against service level agreements
performs defined availability management tasks. and maintains records of relevant information.
Analyses service and component availability, Analyses service records against agreed service
Capacity management (CPMG) reliability, maintainability and serviceability. levels regularly to identify actions required to
Ensures that services and components meet and maintain or improve levels of service, and
The management of the capability, functionality
continue to meet all of their agreed performance initiates or reports these actions.
and sustainability of service components
targets and service levels. Implements
(including hardware, software and network) to Level 3 Monitors service delivery performance
arrangements for disaster recovery and
meet current and forecast needs in a cost metrics and liaises with managers and customers
documents recovery procedures. Conducts
effective manner. This includes dealing with both to ensure that service level agreements are not
testing of recovery procedures.
long-term changes and short-term variations in breached without the stakeholders being given
the level of demand. the opportunity of planning for a deterioration in
Level 6 Develops strategies to ensure all the Service level management (SLMO)
performance measures of all IT services meet the Level 2 Monitors and logs the actual service
needs of the business and of any service The planning, implementation, control, review provided, compared to that required by service
requirements or service level agreements which and audit of service provision, to meet customer level agreements.
may be in place. Ensures that the policy and business requirements. This includes negotiation,
standards for capacity management are fit for implementation and monitoring of service level
purpose, current and are correctly implemented. agreements, and the ongoing management of
Reviews new business proposals and provides operational facilities to provide the agreed levels
specialist advice on capacity issues. of service, seeking continually and proactively to
improve service delivery and sustainability
Level 5 Drafts and maintains policy, standards targets.
and procedures for service component capacity
management. Ensures the correct Level 7 Sets strategies for service delivery that
implementation of standards and procedures. support the strategic needs of the client
Reviews information in conjunction with service organisation. Authorises allocation of resources
level agreements to identify any capacity issues for monitoring service delivery arrangements.
and specifies any required changes. Provides leadership within the industry on the
identification of future trends (e.g. technical,
Level 4 Monitors service component capacity market, industrial, socioeconomic, legislative).
and initiates actions to resolve any shortfalls Develops relationships with customers at the
according to agreed procedures. highest level to identify potential areas of mutual
commercial interest for future development,
maintains an overview of the contribution of
Availability management (AVMT) service delivery arrangements to organisational
The definition, analysis, planning, measurement
and improvement of all aspects of the availability Level 6 Ensures that a catalogue of available
of IT services, including the availability of power. services is created and maintained and that
The overall control and management of service service level agreements are complete and cost
availability to ensure that the level of service effective. Ensures that service delivery is
delivered in all services is matched to or exceeds monitored effectively and that identified actions
the current and future agreed needs of the to maintain or improve levels of service are
business, in a cost effective manner. implemented. Ensures that operational methods,
procedures, facilities and tools are established,
Level 6 Sets strategy and develops plans, reviewed and maintained. Negotiates with
policies and processes for the design, monitoring, relevant parties in respect of disruptions and
measurement, reporting and continuous major amendments to the provision of services.
improvement of service and component Reviews service delivery to ensure that agreed
availability, including the development and targets are met and prepares proposals to meet
implementation of new availability techniques forecast changes in the level or type of service.
and methods.
Level 5 Ensures that service delivery meets
Level 5 Provides advice, assistance and agreed service levels. Creates and maintains a
leadership associated with the planning, design catalogue of available services. In consultation
and improvement of service and component with the customer negotiates service level
availability, including the investigation of all requirements and agrees service levels.
breaches of availability targets and service Diagnoses service delivery problems and initiates
non-availability, with the instigation of remedial actions to maintain or improve levels of service.
activities. Plans arrangements for disaster Establishes and maintains operational methods,
recovery together with supporting processes and procedures and facilities in assigned area of
manages the testing of such plans. responsibility and reviews them regularly for
effectiveness and efficiency.

SFIA 4G: Framework reference Service management: Service transition

Service transition Change management (CHMG) Level 5 Leads the assessment, analysis,
planning and design of release packages,
The management of change to the service including assessment of risk. Liaises with
infrastructure including service assets, business and IT partners on release scheduling
Configuration management and communication of progress. Conducts post
configuration items and associated
(CFMG) documentation, be it via request for change release reviews. Ensures release processes and
(RFC), emergency changes, incidents and procedures are applied.
The lifecycle planning, control and management
problems, so providing effective control and
of the documentation, software, hardware and Level 4 Assesses and analyses release
mitigation of risk to the availability, performance,
firmware assets of an organisation, system components. Provides input to scheduling.
security and compliance of the business services
and/or service(s), including information relating Carries out the builds and tests in coordination
to those assets and their dependencies and with testers and component specialists
relationships. This involves identification, Level 6 Sets the organisation's policy for the maintaining and administering the tools and
classification and appropriate specification of all management of change in live services and test methods – manual or automatic – and ensuring,
configuration items (CIs) and the interfaces to environments, and ensures that the policy is where possible, information exchange with
other processes and data through techniques reflected in practice. configuration management. Ensures release
such as federation. Required information relates processes and procedures are maintained.
to storage, access, service relationships, versions, Level 5 Develops implementation plans for
problem reporting and change control of CIs. The dealing with more complex requests for change, Level 3 Uses the tools and techniques for
application of status accounting and auditing, evaluates risks to integrity of infrastructure specific areas of release and deployment
often in line with acknowledged external criteria inherent in proposed implementations, seeks activities. Administers the recording of activities,
such as ISO 9000 and ISO 20000, throughout all authority for those activities, reviews the logging of results and documents technical
stages of the CI lifecycle, including (importantly) effectiveness of change implementation, activity undertaken. May carry out early life
the early stages of system development. suggests improvement to organisational support activities such as providing support
procedures governing change management. advice to initial users.
Level 6 Manages the organisation's Leads the assessment, analysis, development,
configuration management system and documentation and implementation of changes
champions the business value and company based on requests for change.
policies for the configuration management
system. Ensures that processes are in place for Level 4 Assesses, analyses, develops,
consistent classification and management of CIs, documents and implements changes based on
and for verification and audit of configuration requests for change.
records. Contributes strongly to the business
service knowledge management system. Level 3 Develops, documents and implements
Manages the research and development of tools, changes based on requests for change. Applies
processes and techniques. change control procedures.

Level 5 Manages configuration items (CIs) and

related information. Investigates and implements Release management (RELM)
tools, techniques and processes for managing CIs
and verifies that related information is complete, The management of the processes, systems and
current and accurate. functions to package, build, test and deploy
changes and updates which are bounded as
Level 4 Manages configuration items (CIs) and
’releases’ into the ‘production’ environment
related information. Applies and maintains tools,
establishing or continuing the specified service, to
techniques and processes for identification,
enable controlled and effective handover to
classification and control of CIs and ensuring
operations and the user community.
related information is complete, current and
accurate. Level 6 Sets the release policy for the
organisation in the context of both development
Level 3 Administers configuration items (CIs)
and production/operations. Ensures that
and related information. Applies tools,
management processes, tools, techniques and
techniques and processes for administering CIs
personnel are in place to ensure that the
and related information, ensuring protection of
transition of services, service components and
assets and components from unauthorised
packages are planned and compliant and that
change, diversion and inappropriate use.
test and validation and configuration
Level 2 Applies tools, techniques and processes management are partnered in all release and
for administering information (such as the deployment activities. Provides authorisation for
tracking and logging of components and critical release activity and point of escalation.
changes) related to configuration items.

SFIA 4G: Framework reference Service management: Service operation

Service operation Level 4 Investigates identified security breaches may be resolved by providing advice or training to
in accordance with established procedures and users about an application's functionality, correct
recommends any required actions. Assists users operation or constraints, by devising
in defining their access rights and privileges, and work-arounds, correcting faults, making general
System software (SYSP) administers logical access controls and security or site-specific modifications, updating system
systems. Maintains security records and documentation, manipulating data, or defining
The provision of specialist expertise to facilitate
documentation. enhancements – often in close collaboration with
and execute the installation and maintenance of
the system's developers and/or with colleagues
system software such as operating systems, data Level 3 Investigates minor security breaches in specialising in different areas, such as Database
management products, office automation accordance with established procedures. Assists administration or Network support.
products and other utility software. users in defining their access rights and privileges,
and operates agreed logical access controls and Level 5 Drafts and maintains procedures and
Level 5 Evaluates new system software, reviews
security systems. Maintains agreed security documentation for applications support.
system software updates and identifies those that
records and documentation. Manages application enhancements to improve
merit action. Ensures that system software is
business performance. Ensures that all requests
tailored to facilitate the achievement of service
for support are dealt with according to set
objectives. Plans the installation and testing of
Radio frequency engineering standards and procedures.
new versions of system software. Investigates
and coordinates the resolution of potential and (RFEN) Level 4 Maintains application support processes,
actual service problems. Ensures that operational and checks that all requests for support are dealt
documentation for system software is fit for The deployment, integration, calibration, tuning with according to agreed procedures. Uses
purpose and current. Advises on the correct and and maintenance of radio frequency (RF) and application management software and tools to
effective use of system software. analogue elements of IT systems. investigate issues, collect performance statistics
and create reports.
Level 4 Reviews system software updates and Level 6 Specifies radio frequency equipment
identifies those that merit action. Tailors system performance requirements and sets Level 3 Identifies and resolves issues with
software to maximise hardware functionality. maintenance policy. applications, following agreed procedures. Uses
Installs and tests new versions of system application management software and tools to
software. Investigates and coordinates the Level 5 Develops maintenance schedules and
collect agreed performance statistics. Carries out
resolution of potential and actual service procedures. Approves equipment upgrades and
agreed applications maintenance tasks.
problems. Prepares and maintains operational modifications. Monitors system performance,
documentation for system software. Advises on recommends equipment modifications and Level 2 Assists in the investigation and
the correct and effective use of system software. changes to operating procedures, servicing resolution of issues relating to applications.
methods and schedules. Assists with specified maintenance procedures.
Level 3 Uses system management software and
tools to collect agreed performance statistics. Level 4 Investigates and resolves system-wide
Carries out agreed system software maintenance fault conditions using a wide range of diagnostic
tasks. tools and techniques. Reconfigures equipment to IT Operations (ITOP)
circumvent temporary outages.
The operation of the IT infrastructure (typically
Level 3 Deploys, sets up, tunes and calibrates hardware, software, information stored on
Security administration (SCAD) radio frequency/analogue elements following various media, and communications) required to
maintenance schedules and using appropriate deliver and support properly-engineered IT
The authorisation and monitoring of access to IT tools and test equipment. Incorporates services and products to meet the needs of a
facilities or infrastructure in accordance with hardware/firmware modifications. Interprets business. Includes preparation for new or
established organisational policy. Includes automatic fault/performance indications and changed services, operation of the change
investigation of unauthorised access, compliance resolves faults down to discrete component level process, the maintenance of regulatory, legal and
with relevant legislation and the performance of or escalates according to given procedures. professional standards, and the monitoring of
other administrative duties relating to security performance of systems and services in relation
management. Level 2 Assists with setting up, tuning and to their contribution to business performance,
functional checks of radio frequency/analogue their security and their sustainability.
Level 6 Develops strategies for ensuring the elements. Resolves faults down to line
security of automated systems. Ensures that the replaceable unit (LRU) level or escalates Level 4 Provides technical expertise to enable
policy and standards for security are fit for according to given procedures. Carries out user the correct application of operational procedures.
purpose, current and are correctly implemented. confidence checks and escalates faults according Contributes to the planning and implementation
Reviews new business proposals and provides to given procedures. of maintenance and installation work. Identifies
specialist advice on security issues and operational problems and contributes to their
implications. resolution. Provides appropriate information to
Application support (ASUP) specialists, users and managers.
Level 5 Drafts and maintains the policy,
standards, procedures and documentation for Level 3 Carries out agreed operational
security. Reviews information systems for actual The provision of application maintenance and
procedures. Contributes to the implementation
or potential breaches in security. Ensures that all support services. Support may be provided both
of maintenance and installation work. Identifies
identified breaches in security are promptly and to users of the systems and to service delivery
operational problems and contributes to their
thoroughly investigated. Ensures that any system functions. Support typically takes the form of
changes required to maintain security are investigating and resolving issues and providing
implemented. Ensures that security records are information about the systems. It may also
accurate and complete. include monitoring their performance. Issues

SFIA 4G: Framework reference Service management: Service operation

Level 2 Carries out agreed operational standards for database objects and ensures Problem management (PBMG)
procedures of a routine nature. Contributes to conformance to these standards. Monitors
maintenance, installation and problem database activity and resource usage. Optimises The resolution of incidents and problems
resolution. database performance and plans for forecast throughout the information system lifecycle,
resource needs. including classification, prioritisation and initiation
Level 1 Contributes, under instruction, to system
of action, documentation of root causes and
operation. Level 4 Uses database management system
implementation of remedies.
software and tools to investigate problems and
collect performance statistics and create reports. Level 5 Ensures that appropriate action is taken
Network control and operation Carries out routine configuration/installation and to investigate and resolve incidents and problems
reconfiguration of database and related products. in systems and services. Ensures that such
incidents and problems are fully documented
Level 3 Uses database management system
The day-to-day operation and control of all within the relevant reporting system(s).
software and tools to collect agreed performance
equipment within wide and local area network Coordinates the implementation of agreed
statistics. Carries out agreed database
infrastructure. Includes production of network remedies and preventative measures.
maintenance and administration tasks.
performance statistics and energy consumption Level 4 Monitors actions to investigate and
data, provision of network diagnostic information Level 2 Assists in database support activities.
resolve incidents and problems in systems and
and site surveys. services. Assists with the implementation of
Level 6 Takes overall responsibility for the agreed remedies and preventative measures.
installation, upgrading, and control of local and
Network support (NTAS)
wide area networks for the communication of
The provision of network maintenance and
data, voice, text or images. Ensures that the Service desk and incident
support services. Support may be provided both
network is managed to provide agreed levels of
to users of the systems and to service delivery
management (USUP)
service and data integrity. Ensures that network
functions. Support typically takes the form of
performance and traffic is monitored and The processing and coordination of appropriate
investigating and resolving problems and
reviewed. Ensures that network problems are and timely responses to incident reports,
providing information about the systems. It may
resolved. including channelling requests for help to
also include monitoring their performance.
Problems may be resolved by providing advice or appropriate functions for resolution, monitoring
Level 5 Takes responsibility for significant
training to users about the network's functionality, resolution activity, and keeping clients appraised
aspects of the installing, upgrading, operation,
correct operation or constraints, by devising of progress.
control and effective use of local and wide area
networks for the communication of data, voice, work-arounds, correcting faults, or making Level 5 Ensures that the inventory of
text or images. Manages the network to provide general or site-specific modifications. components to be supported is complete and
agreed levels of service and data integrity. current. Drafts and maintains policy, standards
Level 5 Drafts and maintains procedures and
Ensures that network performance and traffic is and procedures for the service desk. Schedules
documentation for network support. Makes a
monitored and reviewed. the work of service desk staff to meet agreed
significant contribution to the investigation,
diagnosis and resolution of network problems. service levels.
Level 4 Uses network management tools to
determine network load and performance Ensures that all requests for support are dealt Level 4 Ensures that incidents and requests are
statistics. Creates reports and proposals for with according to set standards and procedures. handled according to agreed procedures.
improvement. Checks that problems are Ensures that documentation of the supported
Level 4 Maintains the network support process
managed in accordance with agreed standards components is available and in an appropriate
and checks that all requests for support are dealt
and procedures. Implements agreed network form for those providing support. Creates and
with according to agreed procedures. Uses
changes and maintenance routines. maintains support documentation.
network management software and tools to
Level 3 Carries out agreed network investigate and diagnose network problems, Level 3 Receives and handles requests for
configuration, installation and maintenance. Uses collect performance statistics and create reports, support following agreed procedures. Responds
standard procedures and tools to carry out working with users, other staff and suppliers as to requests for support by providing information
defined system backups, restoring data where appropriate. to enable problem resolution and promptly
necessary. Uses network management tools to allocates unresolved calls as appropriate.
Level 3 Identifies and resolves network
collect and report on network load and Maintains records and advises relevant persons
problems following agreed procedures. Uses
performance statistics. of actions taken.
network management software and tools to
collect agreed performance statistics. Carries out Level 2 Receives and handles requests for
agreed network maintenance tasks. support following agreed procedures. Responds
Database administration (DBAD)
Level 2 Assists in investigation and resolution of to common requests for support by providing
network problems. Assists with specified information to enable problem resolution and
The installation, configuration, upgrade,
maintenance procedures. promptly allocates unresolved calls as
administration, monitoring and maintenance of
appropriate. Maintains records and advises
physical databases.
relevant persons of actions taken.
Level 5 Drafts and maintains procedures and
Level 1 Receives and handles requests for
documentation for databases. Manages database
support following agreed procedures. Promptly
configuration including installing and upgrading
allocates calls as appropriate. Maintains relevant
software and maintaining relevant
documentation. Contributes to the setting of

SFIA 4G: Framework reference Procurement & management support: Supply management

Procurement & Supply management Level 6 Influences policy and procedures

covering the selection of suppliers, tendering and
management support procurement. Deploys highly developed
commercial skills to identify and manage external
Procurement (PROC) partners, engaging with professionals in other
related disciplines (e.g. procurement specialists,
The management of, and the provision of
lawyers) as appropriate. Is responsible for the
policies, internal standards and advice on the
management and maintenance of the
procurement of goods and services.
relationship between the organisation and the
Level 6 Leads the procurement process, from supplier. Is well acquainted with the key
clarifying a specification to placing contracts, performance indicators and contractual
including identifying opportunities for business obligations, and publishes performance and
improvement. Ensures that the implementation service improvement results. Leads review
of procurement strategies and evaluation criteria meetings for major contracts and suppliers.
are in line with procurement legislation. Where Contributes to, or is responsible for negotiation of
no corporate policy exists, establishes major contracts.
procurement strategy, policy, standards, methods
Level 5 Maintains a broad understanding of the
and processes. Agrees and meets budgets for the
commercial IT environment, how the
procurement of products and services.
organisation sources, deploys and manages
Level 5 Clarifies specifications for key products external partners and when it is appropriate to
and services. Investigates the technical and use in-house resources. Develops and manages
commercial options for fulfilling the contracts with suppliers to meet key performance
requirements, including possible sources of indicators and agreed targets. Is responsible for
supply, and agrees the preferred options and the liaison between the organisation and
potential suppliers with the business. Ensures designated supplier(s). Ensures that supplier
that suppliers are approved in accordance with performance is properly monitored and regularly
company procedures. Manages the tender, reviewed. Advises on policy and procedures
evaluation and acquisition process with expert covering the selection of suppliers, tendering and
assistance as required. Typically as part of a wider procurement. Is responsible for the management
commercial and legal team, assists with and implementation of supplier service
negotiations with preferred suppliers, drafting improvement actions and programmes.
contracts and technical schedules, and
Level 4 Monitors supplier performance, collects
developing acceptance procedures and criteria.
performance data and investigates problems.
Places contracts. Implements, maintains and
Resolves or escalates problems. Implements
disseminates procurement strategy, policy,
supplier service improvement actions and
standards, methods and processes.

Level 3 Acts as the routine contact point

Supplier relationship management between organisation and supplier. Collects and
(SURE) reports on supplier performance data.

On behalf of a client organisation, the

identification and management of external
suppliers to ensure successful delivery of
products and services to achieve outcomes.

Level 7 Determines procurement policies for

the organisation, including ’build or buy’ criteria.
Develops and deploys mechanisms that lead to
positive relationships between the business and
suppliers, including overall management and
development of the commercial relationships
with the senior levels of management in supplier
organisations. Is the ultimate point of escalation
for issues or problems. Determines organisation's
policy and procedures covering the selection of
suppliers, tendering and procurement. Is
responsible for deployment and review of
acquisition processes and for negotiating major

SFIA 4G: Framework reference Procurement & management support: Quality management

Quality management Level 5 Uses quality standards to review past guidance. Authorises the issue of formal reports
performance and plan future activities. Conducts to management on the extent of compliance of
audits and produces audit reports. Monitors and systems with standards, regulations and/or
reports on the outputs from the quality assurance legislation.
Quality management (QUMG) and audit processes.
Level 5 Evaluates and independently appraises
The application of techniques for monitoring and Level 4 Investigates and documents the internal the internal control of automated business
improvement of quality to any aspect of a control of specified aspects of automated or processes, based on investigative evidence and
function or process. The achievement of, and partly automated processes, and assesses assessments undertaken by self or team. Ensures
maintenance of compliance to, national and compliance with the relevant standard. that independent appraisals follow agreed
international standards, as appropriate, and to procedure and advises others on the review
internal policies, including those relating to Level 3 Uses appropriate methods and tools in process. Provides advice to management on
sustainability and security. the development, maintenance, control and ways of improving the effectiveness and
distribution of quality and environmental efficiency of their control mechanisms. Identifies
Level 7 Sets the quality strategy for approval and standards. Makes technical changes to quality and evaluates associated risks and how they can
adoption by business management. Measures and environmental standards according to be reduced.
the extent to which the quality policy meets the documented procedures. Distributes new and
organisation's needs and objectives and reviews revised standards. Level 4 Plans programmes to review activities,
it as necessary. Plans, resources (either directly or processes, products or services. Collects, collates
indirectly) and monitors the internal quality audit and examines records as part of specified testing
schedule. Defines and reviews quality and strategies for evidence of compliance with
environmental systems. Ensures that adequate
Quality standards (QUST)
management directives, or the identification of
technology, procedures and resources are in abnormal occurrences. Analyses evidence
The development, maintenance, control and
place to support the quality system. collated and drafts part or all of formal reports
distribution of quality standards.
commenting on the conformance found to exist
Level 6 Prioritises areas for quality and/or
Level 5 Takes responsibility for the control, in the reviewed part of an information systems
environmental improvement in light of the
update and distribution of quality standards, and environment.
strategy, wider business objectives, results from
advice on their use.
internal and external audits, and advice from Level 3 Collects and collates evidence as part of
colleagues. Initiates the application of appropriate Level 4 Controls, updates and distributes new a formally conducted and planned review of
quality management techniques in these areas. and revised quality standards, including technical activities, processes, products or services.
Initiates improvements to processes by changing changes. Examines records as part of specified testing
approaches and working practices, typically using strategies for evidence of compliance with
recognised models. Achieves and maintains Level 3 Controls, updates and distributes new management directives, or the identification of
compliance against national and international and revised quality standards. abnormal occurrences.
standards, as appropriate. Identifies and plans
systematic corrective action to reduce errors and Level 2 Distributes new and revised quality
improve the quality of the systems and services, standards and maintains department and quality
by examination of the root causes of problems. group documentation. Safety assessment (SFAS)

Level 5 Advises on the application of The assessment of safety-related software

appropriate quality and/or environmental systems to determine compliance with standards
Compliance review (CORE) and required levels of safety integrity. This
management techniques. Facilitates
improvements to processes by changing involves making professional judgements on
The independent assessment of the conformity
approaches and working practices, typically using software engineering approaches, including the
of any activity, process, deliverable, product or
recognised models. suitability of design, testing, and validation and
service to the criteria of specified standards, such
verification methods, as well as the identification
as ISO 27001, local standards, best practice, or
and evaluation of risks and the means by which
other documented requirements. May relate to,
they can be reduced. The establishment,
Quality assurance (QUAS) for example, asset management, network
maintenance and management of an
security tools, firewalls and internet security,
assessment framework and practices.
The process of ensuring that the agreed quality sustainability, real-time systems and application
standards within an organisation are adhered to design. Level 6 Leads assessments up to IEC 61508
and that best practice is promulgated throughout Safety Integrity level 4 or participates in any level
the organisation. Level 6 Specifies organisational procedures for
of assessment. Determines assessment
the internal or third-party assessment of an
methods, techniques and tools that are to be
Level 6 Develops organisational commitment to activity, process, product or service, against
used as appropriate to the integrity levels of the
ongoing quality and environmental improvement recognised criteria, such as BS EN ISO
assessments undertaken.
by ensuring that the quality assurance process is 9000/14000. Develops plans for review of
robust and is based on the best industry practice. technology systems, including the review of Level 5 Participates in assessments up to IEC
Considers implications of emerging technological implementation and use of standards and the 61508 Safety Integrity level 3, and undertakes
developments, economic and social trends, etc. effectiveness of operational and process controls. safety analyses on initial designs using HAZOPS,
Plans and resources periodic quality assurance May manage the review, conduct the review or FMEA or similar methods.
audits. Conducts and/or manages audits and manage third party reviewers. Identifies areas of
analyses audit results. Prepares and delivers risk and specifies interrogation programs.
formal audit reports. Recommends improvements in processes and
control procedures. Provides advice and

SFIA 4G: Framework reference Procurement & management support: Resource management

Technology audit (TAUD) Level 5 Manages risk-based audit of existing and Resource management
planned technology systems. Identifies areas of
The independent, risk-based assessment of the risk and evaluates adequacy and effectiveness of
adequacy and integrity of controls in information organisation's approach to risk in use of IT.
Assesses and communicates associated risks of a
Programme and project support
processing systems, including hardware, software
solutions, information management systems, complex nature to middle and senior managers. office (PROF)
security systems and tools, and communications Recommends changes in processes and control
procedures based on audit findings. Provides The provision of support and guidance on
technologies – both web-based and physical.
general and specific advice. Collates conclusions programme and project management processes,
The structured analysis of the risks to
and recommendations, and presents audit procedures, tools and techniques to programme
achievement of business objectives, including
findings to management regarding the and project managers and their teams. The use
the risk that the organisation fails to make
effectiveness and efficiency of control of project management software. The
effective use of new technology to improve
mechanisms in information systems. Engages development, production and maintenance of
delivery and internal effectiveness. Assessment
with providers of other IT assurance such as time, resource, cost and exception plans. The
of the extent to which effective use has been
compliance audits, quality assurance functions tracking and reporting of progress and
made of techniques and tools to achieve
and other technical specialists. performance of projects (including those
sustainability and business continuity.
performed by third parties). The maintenance of
Level 7 Ensures that there is planned audit Level 4 Contributes to risk-based audit of programme and/or project files and the
coverage across the organisation, and liaises with existing and planned technology systems. repository of lessons learned on previous projects
executives to ensure that this coverage is relevant Identifies IT risk in detail, assesses and tests the and programmes. The servicing of programme/
and understood. Directs use of risk analysis to effectiveness of control measures and prepares project control boards, project assurance teams
identify areas for in-depth review. Evaluates the formal reports in order to provide independent and quality review meetings. The analysis of
effectiveness of corporate IT strategy and assurance on an organisation's information performance and the maintenance of metric data
governance and makes recommendations for security, integrity and resilience. and estimating models. The administration of
development. Agrees terms of reference for project change control, including use of
audits with clients. Plans audit cycle, and leads configuration management systems.
and manages audit function. Determines the
Level 5 Takes responsibility for the provision of
need for and manages the effective use of
project office services, either to a large project or
additional IT experts. Reports at the most senior
to a number of projects within an organisation.
level on the findings, relevance and
May also be responsible for the provision of
recommendations for improvement. Represents
programme office services. Advises on the
the audit function at the Audit Committee of the
available standards, procedures, methods, tools
and techniques. Evaluates project and/or
Level 6 Specifies organisational procedures for programme performance and recommends
the assessment of an activity, process, product or changes where necessary. Contributes to reviews
service, against recognised criteria, such as ISO and audits of project and programme
27001. Develops plans for risk-based audit management to ensure conformance to
coverage of technology systems for inclusion in standards.
audit planning and uses experience to ensure
Level 4 Takes responsibility for the provision of
audit coverage is sufficient to provide the
Project Office Services to a small project. Uses
business with assurance of adequacy and
and recommends project control solutions for
integrity. Leads and manages complex technical
planning, scheduling and tracking projects. Sets
audits, managing specialists contracted to
up and provides detailed guidance on project
contribute highly specialised technical knowledge
management software, procedures, processes,
and experience. Identifies areas of risk and
tools and techniques. Supports programme or
specifies interrogation programs. Recommends
project control boards, project assurance teams
changes in processes and control procedures
and quality review meetings. Provides basic
based on audit findings, including, where
guidance on individual project proposals. May be
appropriate, the assessment of safety-related
involved in some aspects of supporting a
software systems to determine compliance with
programme by providing a cross programme
standards and required levels of safety integrity.
view on risk, change, quality, finance or
Provides general and specific advice, and
configuration management.
authorises the issue of formal reports to
management on the effectiveness and efficiency Level 3 Uses recommended project control
of control mechanisms. solutions for planning, scheduling and tracking
projects. Sets up project files, compiles and
distributes reports. Provides administrative
services to project boards, project assurance
teams and quality review meetings. Provides
guidance on project management software,
procedures, processes, tools and techniques.

SFIA 4G: Framework reference Procurement & management support: Resource management

Level 2 Assists with the compilation of project Client services management Resourcing (RESC)
management reports. Maintains programme and (CSMG)
project files from supplied actual and forecast The overall resource management of the IT
data. The management and control of one or more workforce to enable effective service delivery.
client service functions, including strategy, Provision of advice on any aspect of acquiring IT
support for business development, quality of resources – employees, consultants or
Asset management (ASMG) service and operations. contractors.

Level 6 Sets the strategic direction and takes Level 6 Takes responsibility for the overall
The management of the lifecycle for service
responsibility for the full range of client service workforce planning strategy across the IT service
assets (hardware, software, knowledge, warran-
functions, including organisational frameworks for ensuring that there is adequate skilled resource
ties etc) including inventory, compliance, usage
complaints, service standards and operational to meet planned service delivery. Ensures
and disposal, aiming to optimise the total cost of
agreements. Defines service levels, standards integration with strategic human resource plans.
ownership and sustainability by minimising oper-
and the monitoring process for client service staff. Takes responsibility for meeting the recruitment,
ating costs, improving investment decisions and
Gives technical leadership to operational staff, re-skilling and demand forecasts for IT
capitalising on potential opportunities. Knowl-
and takes responsibility for business continuity practitioners, advising on the approach and
edge and use of international standards such as
and legal compliance. relevant policies. Ensures that expert support is
ISO/IEC 19770-1 for software asset manage-
provided as and when required, including
ment and close integration with change and
Level 5 Carries out day-to-day management of interviewing of applicants for senior posts. Audits
configuration management are examples of
the client services function. Defines service levels and assesses the ongoing success and
enhanced asset management development.
for client services staff and monitors effectiveness of the process, including retention
Level 6 Promotes the continuing economic and performance. Takes responsibility for analysis, media and supplier assessment,
effective provision of services, ensuring that all specification, agreement and application of client customer satisfaction and selection methods
changes to assets and services are appropriately services standards and for the resolution of validation.
and accurately controlled and recorded. Provides clients’ service problems.
Level 5 Conducts job analyses, prepares job
information and advice on issues such as
descriptions and person specifications, and
maintenance of hardware assets, licensing of
prepares selection and evaluation criteria for
software, and legal obligations such as Professional development (PDSV) candidates. Manages recruitment campaigns.
compliance with the Data Protection Act.
Locates and selects possible agencies and other
Promotes awareness of and commitment to The facilitation of the professional development
suppliers, negotiating terms and conditions, and
asset control, ensuring that consequences of of IT practitioners, including initiation, monitoring,
placing orders with them, ensuring that all
decisions to obtain, change or continue the review and validation of individual training and
obligations are met in accordance with the
possession or use of an asset, system or service development plans in line with organisational or
agreed terms and timescales. Reviews candidate
are appropriately understood. business requirements. The counselling of
details, manages selection processes, and
participants in all relevant aspects of their
Level 5 Manages and maintains the service ensures that account is taken of relevant statutory
professional development. The identification of
compliance of all IT and service assets in line with or external regulations, standards and codes of
appropriate training/development resources.
business and regulatory requirements involving good practice. Ensures that all relevant parties are
Liaison with external training providers. The
knowledge of financial and technical processes, informed of the results of interviews and other
evaluation of the benefits of professional
tools and techniques thereby ensuring asset decisions, and assists in the negotiation of terms
development activities.
controllers, infrastructure teams and the business and conditions of service.
co-ordinate and maximise value, maintain control Level 6 Determines organisational development
and ensure any necessary legal compliance. needs in line with business needs and strategic
direction. Generates development strategies to
Level 4 Controls IT assets in one or more achieve required change and monitors progress.
significant areas, ensuring that administration of
the acquisition, storage, distribution, movement Level 5 Determines the required outcomes for
and disposal of assets is carried out. Produces training or development, from organisational
and analyses registers and histories of authorised development needs and the training strategy.
assets (including secure master copies of Mentors assigned practitioners, ensuring
software, documentation, data, licenses and alignment with a predetermined statement of
agreements for supply, warranty and required development outcomes. Assists each
maintenance), and verifies that all these assets practitioner with the creation of development
are in a known state and location. Ensures that plans based on the outcome statements. Ensures
there are no unauthorised assets such as that each practitioner records progress, and
unlicensed copies of software. validates practitioners' records at the end of each
cycle of planned development, ensuring that
achievements and enhanced capabilities are
recorded and referenced to the outcome
statements. May contribute to practitioners'
performance appraisals.

SFIA 4G: Framework reference Procurement & management support: Learning and development

Learning and development Education and training delivery


Learning and development The transfer of business and/or technical skills

management (ETMG) and knowledge and the inculcation of
professional attitudes in order to facilitate
The management of professional development learning and development.
and provision of IT training and education in Level 5 Customises and delivers specialist
order to develop business and/or technical skills. teaching or training to specialist audiences using
Level 6 Identifies the education programme and a range of instructional techniques.
delivery mechanisms needed to grow staff skills Level 4 Customises and delivers teaching or
in line with business needs and future strategy. training to a variety of audiences using a range of
Evaluates learning outcomes. Manages the instructional techniques.
development and provision of all learning, taking
account of the strategic aims of the employing Level 3 Delivers existing teaching or training
organisation. materials to a variety of audiences using a range
of instructional techniques.
Level 5 Manages the provision of education or

Learning resources creation and

maintenance (TMCR)

The design, creation, packaging and maintenance

of materials and resources for use in education
and training. Typically involves the assimilation of
information from existing sources, selection and
re-presentation in a form suitable to the intended
purpose and audience. May include design,
configuration and testing of learning
environments, including population of simulated
databases, and replication of external systems
and interfaces.

Level 5 Specifies the content and structure of

training and education packages. Takes
responsibility for design, creation, packaging and
maintenance and manages development to
deliver agreed outcomes. Where required,
designs, configures and tests learning
environments, including population of simulated
databases, and replication of external systems
and interfaces.

Level 4 Designs, creates, develops, customises

and maintains training content and resources to
deliver agreed outcomes. Assists with design,
configuration and testing of learning
environments, including population of simulated
databases, and replication of external systems
and interfaces.

SFIA 4G: Framework reference Client interface: Sales and marketing

Client interface Sales and marketing Selling (SALE)

The identification of sales prospects and their

Marketing (MKTG) qualification, the development of customer
interest and the preparation (including managing
The research, analysis and stimulation of the bid process), execution and monitoring of the
potential or existing markets for IT and related sale of any IT or related product or service into an
products and services, both to provide a sound external or internal market.
basis for business development and to generate Level 6 Oversees the organisation's sales
a satisfactory flow of sales enquiries. activities to ensure they are aligned with
Level 6 Makes strategic decisions regarding corporate marketing objectives. Approves sales
marketing plans and the planning process. proposals and targets. Negotiates with customer
Determines and oversees the overall marketing representatives at the most senior level on both
strategy for the organisation to meet its business technical and commercial issues. Develops and
objectives. This includes strategies for market implements organisational sales policy and
segmentation and to attract and retain strategy, and contributes significantly to the
customers. development of marketing strategy. Initiates
development and change in services, products
Level 5 Manages marketing campaigns within and systems.
specified budgets to meet specified objectives.
Develops and maintains successful internal and Level 5 Designs and implements sales strategies
external business relationships. Manages and and works with senior management to
monitors market research, analysis and the implement sales plans. Plans, monitors and
marketing planning process. Takes overall controls the work of sales teams. Develops and
responsibility for the production of marketing maintains effective customer relationships at
materials and staging of events. Finds innovative executive levels and qualifies new sales leads.
solutions to marketing problems. Uses Leads the bid process within organisation,
experience to make informed recommendations maintaining customer contact during and after
to senior management. This includes focusing on the selling process to ensure customer
market segmentation and work to attract and satisfaction. Contributes to the development and
retain customers. training of sales teams and product/service
Level 4 Maintains effective internal and external
business relationships. Plans and conducts Level 4 Collects and uses market information in
market research. Investigates and analyses order to achieve sales objectives. Responds to
customer dynamics and uses research to inform existing sales leads and identifies and qualifies
marketing plans, including planning for customer new leads and prospects with a view to
loyalty. Creates unique selling points, and key developing a pipeline of potential opportunities.
messages for marketing material. Drafts Develops and enhances customer relationships,
marketing support materials such as brochures before, during and after the conclusion of sales
and mailshots. Organises and participates actively agreements. Key tasks may also include bid
in marketing events. management, negotiation and presentation.
Monitors and reports on performance, customer
Level 3 Works with technical and non-technical satisfaction, market intelligence and competitors.
customer representatives or from reports, to
identify industry trends, needs and sales
opportunities. Selects from and uses marketing
tools appropriate to a project. Maintains a
database of marketing information. Conducts
market research. Contributes to marketing plans.
Creates unique selling points and key messages
for marketing material. Presents and
communicates at marketing events.

SFIA 4G: Framework reference Client interface: Client support

Client support Sales support (SSUP)

The provision of technical advice and assistance

Account management (ACMG) to the sales force, sales agents,
reseller/distributor staff and existing or
On behalf of an organisation supplying IT and prospective customers, either in support of
related products and/or services, the customer development or sales activity or in
coordination of marketing, selling and delivery fulfilment of sales obligations.
activities to one or more customer organisations Level 6 Leads the organisation's customer
to achieve satisfaction for the customer and an service activities to ensure that they are aligned
acceptable business return for the supplier; with corporate objectives and policy. Approves
assistance to the customer organisation to ensure proposals and initiates the implementation of
that it gains maximum benefit from the products development activity in customer services and
and services supplied and available. systems.
Level 6 Builds relationships with key senior staff Level 5 Works closely with the sales team to
in the customer organisation in order to increase ensure that customers are assisted and advised
business opportunities. Advises them on the properly. Ensures that reliable cost, effort and risk
selection of systems, technology and related estimates and project plans are produced.
services to meet their business objectives. Manages all sales support activities, taking full
Manages colleagues in their dealings with responsibility for the technical content of bids
customer organisations; initiates procedures to and sales proposals. Establishes metrics to
improve service to and relationships with provide data on performance and help with the
customers. Oversees the management and continuous improvement of sales support
planning of business opportunities. activities.
Level 5 Oversees the organisation's sales Level 4 Works closely with the sales team to
activities to ensure they are aligned with help prospects to clarify their needs and
corporate marketing objectives. Approves sales requirements; devises solutions and assesses
proposals and targets. Negotiates with customer their feasibility and practicality. Demonstrates
representatives at the most senior level on both technical feasibility using physical or simulation
technical and commercial issues. Develops and models. Produces estimates of cost and risk and
implements organisational sales policy and initial project plans to inform sales proposals.
strategy, and contributes significantly to the Resolves technical problems.
development of marketing strategy. Influences
the development and enhancement of services, Level 3 Provides customer service, including
products and systems. technical advice and guidance on all matters
bearing on the successful use of complex
products and services. Helps customers to clarify
their requirements; documents the conclusions

Level 2 Communicates effectively with

customers by telephone and in person. Assists in
the provision of customer service, including
technical advice and guidance on matters bearing
on the successful use of products and services.
Assists in devising solutions to customer
requirements and solves straightforward

Level 1 Able to communicate effectively with

customers by telephone and provide information
about products and services. Seeks assistance
from colleagues for the resolution of more
complex customer service queries and
complaints. Can use databases to retrieve and
enter data.

The SFIA Foundation
The SFIA Foundation exists to own, promote, develop and maintain the Skills Framework for the Information Age; to
encourage the adoption of SFIA; to facilitate its use; and to enable the delivery of quality services based on SFIA.
SFIA is owned by The SFIA Foundation, a not-for-profit body. The members of The Foundation are organisations in the
field of Information Technology: BCS (The Chartered Institute for IT), e-skills UK, The IET (Institution of Engineering and
Technology), IMIS (Institute for the Management of Information Systems) and itSMF (IT Service Management Forum).

Our purpose is to maintain SFIA as the generally accepted standard and tool for all IT skills measurement, development,
deployment and debate.
This will serve the interests of employers of Information Technology professionals, the professionals themselves and
many other groups, including training companies and other service providers, education and the government.

Important: limited user licence

All material in this document is and shall remain the You may not redistribute this material to any other
copyright of The SFIA Foundation. By using this document organisation (including any affiliated organisation) or to a
you, as the End User, agree to be bound by, and will person outside your organisation without first providing The
ensure all your employees and agents will comply with, the SFIA Foundation with the full details of such person and
terms of the following limited user licence. The SFIA Foundation receiving from such person written
You are hereby granted a royalty free perpetual non- confirmation that they will be bound by the terms of this
transferable licence to use this material for the internal licence.
skills management of your employees (the ‘Purpose’). The SFIA Foundation may terminate this licence upon
You may copy this material for the Purpose only. your breach.
You must not exploit this material for any commercial The terms of this licence shall be governed by English law
advantage unless you enter into a separate licence and the parties shall submit to the jurisdiction of the
agreement prepared by The SFIA Foundation, which will be English Courts.
subject to the payment of a licence fee.

Contacting the SFIA Foundation

Contact details are published on the SFIA website (

All SFIA information, including details of SFIA training courses, Accredited Consultants, Accredited Partners and the User
Group may also be found there.

The SFIA Foundation is a company limited by guarantee. It is registered in England, number 04770377. The registered
address (not for normal correspondence) is 5 Fleet Place, London EC4M 7RD.

SFIA is © copyright The SFIA Foundation 2010. Unauthorised reproduction prohibited.

The SFIA logo is a registered trademark of The SFIA Foundation.