Skip to Content

OVIC has activated its business continuity plan due to coronavirus (COVID-19) and staff are working remotely. We have published new guidance on coronavirus (COVID-19) and freedom of information, privacy and information security. Please contact us by email where possible, we ask for your patience during this time.

From Monday 12 September 2020, OVIC's website will no longer be supported in Internet Explorer (IE).
We recommend installing Microsoft Edge, Google Chrome, Safari, Firefox, or Opera to visit the site.

VPDSF resources

This page contains downloadable resources to assist you in understanding the Victorian Protective Data Security Framework (VPDSF). The documents available on this page are inter-linked and should not be read in isolation. They each form part of a suite of supporting guides and resources on the VPDSF.

If you need information security assistance, or have any questions or queries please email at security@ovic.vic.gov.au, or contact the OVIC enquiries team.

Start with our introductory videos if you are new to information security or the VPDSF.

Victorian Protective Data Security Framework

The Victorian Protective Data Security Framework (VPDSF 2.0) can be found here.

Alternatively download the VPDSF V.20 as a PDF or Word document.

Please note: The VPDSF V2.0 was published on 26 February 2020

Victorian Protective Data Security Standards

Download a copy of the Victorian Protective Data Security Standards here.

Please note: With the introduction of the updated Victorian Protective Data Security Standards v2.0 (VPDSS), some reference material has been archived. This material is still available upon request. To receive a copy of any archived material, please contact the Information Security Unit by emailing security@ovic.vic.gov.au.

Practitioner Guides

Download our practitioner guides below:

Information Security Risk Management PDF or Word

Identifying and Managing Information Assets V2.0

Sample Information Asset Register (IAR) Template V2.o

Assessing the Security Value of Public Sector Information V2.0

VPDSF Business Impact Level Table v2.1

Protective Markings V2.0

Protective Markings Flowchart (Ready Reckoner) and Mapping Old to New Protective Markings V2.1
User Guide – Handling Protectively Marked Information V2.0
VPDSF Technical Specification Email Protective Markings V1.1
Round Table Q&As for Protective Marking Transition Deadline V1.0 in PDF or Word

Guide to developing an Information Security Incident Management Framework V2.0

Agency reporting obligations

Overview

Agency reporting obligations

Submission process

PDSP and Attestation Submission Options (including form)

Incident notification

Overview and notification process

Additional Resources and Templates:

Information sheets:

Risk scenario 1 – Cloud service case study in PDF or Word

Risk scenario 2 – Legacy systems case study in PDF or Word

Risk scenario 3 – Insider threat case study in PDF or Word

VPDSS Elements – V2.0 to V1.1

Significant change and protective data security obligations in PDF or Word

Victorian protective data security obligations during coronavirus (COVID-19) in PDF or Word

Information security leads in PDF or Word

Guiding principles in PDF or Word

Partnering entities in PDF or Word

VPDSS Glossary V2.0

VPDSF Document Map

The Five Step Action Plan

Local Government Obligations Under Part 4 of the PDP Act 2014 V1.0 (November 2019)

VPDSS 2.0 to V1.0 Mapping (V1.0)

OVIC Information Security Incident Notification Scheme V1.0

VPDSS V2.0 Consultation Q&A

Top Questions for the Audit and Risk Committee (ARC) members

Does the VPDSF apply to your organisation?

Security management framework (SMF) template