Competency Matrix Template Guide

Competency Matrix Ultimate Guide with Template

The competency matrix is a requirement of ISO 27001 certification. It is also best practice management that we understand the competency of employees for information security. It forms part of the information security management system. We also use it to track, plan and manage information security training.

What is a competency matrix?

Competency development requires us to identify the gaps in information security knowledge, experience and training.

We need to know that employees have the skills for information security.

It makes sense to understand if, and to what level, we can also skill our business technology. We record it in a competency matrix.

Competency Matrix Fay Barker High Table
Competency Matrix Template Advert
Competency Martix for ISO 27001

Competency Matrix Template

The competency matrix template is a simple and effective way to record and manage employee competency.

The competency matrix template is to record the skills and training level of staff against information security and business technology.

It allows you to demonstrate and evidence that you have the adequate skills to operate the Information Security Management System and to identify, track and manage any training or resourcing needs.

How to create and use a Competency Matrix Tutorial

In this tutorial video I show you how to create a competency matrix for skills in around 5 minutes.

A competency matrix shows the skills you have, the skills you need and the training requirements and is a part of  of data security and many industry certifications including ISO 27001, PCI DSS, SOC and a host of others.

We cover how the it fits into the information security management system in the ISO 27001 Templates Documents Ultimate Guide.

The competency matrix doesn’t have to be hard and it really is easy to create a basic functioning competency matrix from scratch.

Competency Matrix FAQ

Where can I download a competency matrix template?

A trusted competency matrix template can be downloaded from High Table at this link:

What is a competency matrix?

A competency matrix is a way to measure the skills and experience of staff against the business skill requirements.

What is a competency matrix in HR?

A competency matrix is a way to measure the skills of employees against the requirements of the business. In HR they will use the matrix to align the training needs of staff for the business and allocate the training resources. They will use it to identify skills risks and skills gaps and then plan to reduce those risks.

How do you build a competency matrix?

It is easy to build a competency matrix. In a spreadsheet list your employees down the left hand side in a column. Across the top in a row list the skills that you are interested in measuring. For each employee then mark the level of skill that they have against each skill required. You can use the a simple key of Gap, Trained, Experienced. A tutorial video on how to do it can be found here on YouTube:

Do I need a competency matrix for ISO 27001?

Yes. It is the easiest, simplest way to understand what skills you need verses what skills you have.

Do I need an information security competency matrix?

Yes. Information security skills are wide and varied. Once you understand what skills you need it is important to understand what skills you have so you can address the gaps.

ISO 27001 Certification

ISO 27001 Templates Toolkit: Business Edition

ISO 27001 Policy Templates: Professional Edition

Shopping Cart