Internet Safety for IT usersWJEC-CBAC Vocationally-Related Qualification Digital Skills & IT Revision

    This subtopic equips learners with foundational knowledge to recognise and mitigate online risks, including cyber threats, inappropriate content, and ident

    Topic Synopsis

    This subtopic equips learners with foundational knowledge to recognise and mitigate online risks, including cyber threats, inappropriate content, and identity theft. It emphasises practical strategies for personal safeguarding, secure data management, and compliance with legal frameworks such as data protection and copyright laws, essential for responsible digital participation at Entry Level 3.

    Key Concepts & Core Principles

    Exam Tips & Revision Strategies

    Common Misconceptions & Mistakes to Avoid

    Examiner Marking Points

    Internet Safety for IT users

    WJEC-CBAC
    vocational

    This subtopic equips learners with the foundational knowledge and skills required to navigate the internet safely. It covers identifying online threats, implementing protective measures for personal and organizational data, and adhering to relevant legal frameworks such as data protection and cybersecurity guidelines. Mastery ensures responsible digital citizenship in professional environments.

    12
    Learning Outcomes
    16
    Assessment Guidance
    16
    Key Skills
    12
    Key Terms
    17
    Assessment Criteria

    Assessment criteria

    WJEC Level 1 Certificate for IT Users (ITQ)
    WJEC Level 1 Award for IT Users (ITQ)
    WJEC Entry Level Award for IT Users (Entry 3)
    WJEC Entry Level Certificate for IT Users (Entry 3)

    Topic Overview

    The WJEC Entry Level Award for IT Users (Entry 3) is a vocationally-related qualification designed to introduce students to essential digital skills. It covers fundamental IT concepts and practical applications, such as using a computer safely, creating and editing documents, and understanding basic online communication. This qualification is ideal for students who are new to IT or need a solid foundation before progressing to higher levels, like Level 1 or GCSE Digital Technology.

    The course is structured around real-world tasks, meaning you'll learn by doing. You'll explore how to manage files, use word processing software, create simple spreadsheets, and stay safe online. Each unit builds your confidence and competence, preparing you for everyday use of technology in education, work, and personal life. The Entry 3 level is equivalent to a GCSE grade 1 or below, but it's a crucial stepping stone for developing digital literacy.

    In the wider context of Digital Skills & IT, this qualification ensures you can navigate the digital world with confidence. It aligns with the National Curriculum's aims for computing and digital literacy, and it's recognised by employers and further education providers. By mastering these basics, you'll be better equipped to handle more complex IT tasks and understand how technology impacts society.

    Key Concepts

    Core ideas you must understand for this topic

    • Health and Safety: Understand how to set up a workstation ergonomically, take breaks, and avoid repetitive strain injury (RSI).
    • File Management: Know how to create, save, open, and organise files and folders on a computer or cloud storage.
    • Word Processing: Use software like Microsoft Word or Google Docs to create, edit, and format text documents (e.g., changing font, size, alignment, and inserting images).
    • Online Safety: Recognise risks like phishing, cyberbullying, and sharing personal information; know how to create strong passwords and use privacy settings.
    • Basic Spreadsheets: Enter data into cells, use simple formulas (e.g., SUM), and create charts to represent information visually.

    Learning Objectives

    What you need to know and understand

    • Identify common internet risks including phishing, malware and identity theft.
    • Describe how to create and manage strong passwords to protect accounts.
    • Explain methods for safeguarding personal information on social media platforms.
    • Outline legal responsibilities under data protection law when handling others' data.
    • Demonstrate safe browsing practices such as checking website security certificates.
    • List procedures for reporting suspicious emails or security incidents in a workplace setting.
    • Identify common internet risks such as malware, phishing, and identity theft
    • Describe methods to protect personal information and digital identity online
    • Demonstrate safe practices for password creation and account security
    • Outline legal constraints and responsible behaviors when using digital content
    • Understand the risks that can exist when using the Internet., Know how to safeguard self and others when working online., Take precautions to maintain data security., Follow legal constraints, guidelines and procedures which apply when working online.
    • Understand the risks that can exist when using the Internet., Know how to safeguard self and others when working online., Take precautions to maintain data security., Follow legal constraints, guidelines and procedures which apply when working online.

    Assessment Criteria

    Key criteria assessors look for in your portfolio

    • Award credit for correctly identifying at least three distinct types of internet risk.
    • Look for evidence of the learner describing a strong password policy including length and character mix.
    • In practical assessments, observe whether the learner checks for HTTPS and padlock symbols before entering data.
    • When answering written tasks, expect learners to reference specific UK legislation, e.g. GDPR, Computer Misuse Act.
    • Credit should be given for explaining the steps to take when receiving a suspected phishing email, such as not clicking links and reporting to IT.
    • Award credit for correctly identifying at least three distinct internet threats with real-world examples
    • Expect clear explanation of two or more protective measures (e.g., privacy settings, secure passwords)
    • Look for evidence of creating a strong password and explaining its effectiveness
    • Recognize accurate reference to at least one relevant law (e.g., GDPR, Computer Misuse Act)
    • Award credit for clearly identifying at least two distinct online risks (e.g., phishing, malware, grooming) with examples relevant to everyday internet use.
    • Award credit for demonstrating understanding of safeguarding measures, such as setting strong passwords, recognising suspicious messages, and reporting concerns to a trusted adult or authority.
    • Award credit for explaining how to maintain data security, including backing up files, avoiding public Wi-Fi for sensitive transactions, and keeping software up to date.
    • Award credit for referencing key legal constraints (e.g., Computer Misuse Act, GDPR principles, age restrictions) and basic guidelines for ethical online behaviour, such as respecting copyright and not sharing personal information.
    • Award credit for correctly identifying at least two types of online risk (e.g., malware, phishing, cyberbullying) with simple, clear explanations.
    • Award credit for demonstrating understanding of safeguarding measures, such as not sharing personal details publicly, using privacy settings, or verifying sources before clicking links.
    • Award credit for outlining basic data security practices, like using strong passwords, locking devices when unattended, or avoiding unsecured public Wi-Fi for sensitive tasks.
    • Award credit for referencing a relevant legal constraint (e.g., not downloading copyrighted material without permission) or guideline (e.g., school acceptable use policy).

    Assessment Guidance

    Guidance for achieving higher grades

    • 💡Always relate your answers to realistic scenarios, such as workplace examples, to show practical understanding.
    • 💡When completing practical tasks, narrate your actions clearly so the assessor can follow your thought process.
    • 💡For legal questions, memorize the names of key UK laws and their main principles rather than trying to quote exact clauses.
    • 💡In multiple-choice assessments, eliminate obviously incorrect options first—especially those that suggest overly trusting behaviour online.
    • 💡Use specific examples when discussing risks, such as a recent phishing scam or data breach
    • 💡For safeguarding, link each method to a concrete outcome (e.g., two-factor authentication blocks unauthorized logins)
    • 💡Always name relevant legislation—like the Data Protection Act—to strengthen legal responses
    • 💡When explaining data security, structure answers around confidentiality, integrity, and availability
    • 💡In assessment tasks, always link preventative measures to specific risks: for example, explain that keeping software updated helps patch vulnerabilities that malware exploits.
    • 💡Use real-life scenarios to demonstrate understanding—describe a situation where someone received a suspicious email and what steps they should take.
    • 💡When discussing legal constraints, name relevant legislation (e.g., Data Protection Act 2018) and give a short, practical example of how it applies to daily internet use.
    • 💡For evidence-based assignments, include screenshots or logs of safety settings configured, such as privacy controls on social media, to strengthen your portfolio.
    • 💡Always provide specific, real-world examples when discussing risks or safeguards – e.g., mention actual phishing signs like generic greetings or urgent language.
    • 💡Structure answers to cover all aspects of each learning objective: risk identification, personal safeguarding, data precautions, and legal compliance.
    • 💡Use simple, clear language but include key terminology (e.g., ‘phishing’, ‘confidentiality’) to demonstrate understanding without overcomplicating.
    • 💡If a scenario is given, reference the scenario explicitly in your response to show application of knowledge to a practical situation.
    • 💡In practical assessments, read each instruction carefully and complete tasks step-by-step. Don't rush – missing a small detail like 'bold the title' can lose marks.
    • 💡For online safety questions, use specific examples (e.g., 'never share your password with friends') rather than vague statements like 'be careful online'.
    • 💡When creating documents or spreadsheets, check your spelling and formatting. A neat, well-organised submission shows attention to detail and can earn you extra credit.

    Common Mistakes

    Common errors to avoid in your coursework

    • Using the same password across multiple online services, increasing vulnerability.
    • Assuming that antivirus software alone provides complete protection against all threats.
    • Not realizing that information posted on social media can be permanent and publicly accessible.
    • Confusing data security with data privacy, leading to inadequate protection measures.
    • Assuming a padlock icon alone guarantees a website is safe, without checking the URL
    • Believing antivirus software eliminates all online risks, ignoring human factors like phishing
    • Treating all online information as public by default, neglecting privacy controls
    • Confusing legal use of copyrighted material with simply acknowledging the source
    • Confusing personal safeguarding (protecting oneself from harm) with data security (protecting information); learners often focus only on viruses and ignore social engineering risks like phishing.
    • Believing that antivirus software alone guarantees complete protection, neglecting the importance of user awareness and safe browsing habits.
    • Assuming that all information found online is free to use and share, overlooking copyright, plagiarism, and the legal consequences of illegal downloads.
    • Underestimating the permanence of online actions, such as posting personal details or images that can be shared beyond their control.
    • Confusing viruses with phishing attempts; learners often think all threats are viruses and fail to distinguish social engineering tricks.
    • Believing that using public Wi-Fi is always safe if they don't enter passwords, overlooking risks like data interception.
    • Providing generic answers without concrete examples, e.g., saying 'be safe' without specifying how to recognise a suspicious email.
    • Misunderstanding the legal implications of sharing copyrighted content, assuming it is fine if it is for personal use only.
    • Misconception: 'If I delete a file, it's gone forever.' Correction: Deleted files often go to the Recycle Bin (Windows) or Trash (Mac), and can be restored. Permanently deleting requires emptying the bin or using Shift+Delete.
    • Misconception: 'I don't need to save my work because the computer saves it automatically.' Correction: While some software has auto-save, it's not always reliable. Always manually save your work regularly to avoid losing progress.
    • Misconception: 'A strong password is just a long word.' Correction: Strong passwords use a mix of uppercase and lowercase letters, numbers, and symbols. Avoid using dictionary words or personal information.

    Frequently Asked Questions

    Common questions students ask about this topic

    Before You Start

    Prior knowledge that will help with this topic

    • Basic familiarity with using a computer mouse and keyboard (e.g., clicking, typing).
    • Understanding of simple English instructions (reading and following directions).
    • No formal IT qualifications needed – this course is designed for beginners.

    Key Terminology

    Essential terms to know

    • Online threat identification
    • Personal data protection
    • Cyber hygiene practices
    • Legal compliance in IT use
    • Social engineering awareness
    • Online threat identification
    • Personal data protection
    • Secure authentication practices
    • Legal and ethical compliance
    • Safeguarding digital identity
    • Understand the risks that can exist when using the Internet., Know how to safeguard self and others when working online., Take precautions to maintain data security., Follow legal constraints, guidelines and procedures which apply when working online.
    • Understand the risks that can exist when using the Internet., Know how to safeguard self and others when working online., Take precautions to maintain data security., Follow legal constraints, guidelines and procedures which apply when working online.

    Ready to learn?

    AI-powered learning tailored to this unit

    Related Topics in WJEC-CBAC vocational Digital Skills & IT

    Data Quality

    View Topic

    Data, Information and Knowledge

    View Topic

    Databases

    View Topic

    Emerging Technologies

    View Topic