Protective Data Security Plan (PDSP)
A PDSP must be given to OVIC at least every two years, or upon significant change.
To find out more refer to PDSP Submissions page
Organisations must annually attest to the progress of activities identified in its PDSP to OVIC.
To find out more refer to PDSP Submissions page.
Organisations must notify OVIC of incidents that have an adverse impact on the confidentiality, integrity or availability of public sector information with a business impact level (BIL) of 2 (limited) or higher.
To find out more refer to Incident Notifications page.