Skip to Content
From Monday 12 September 2020, OVIC's website will no longer be supported in Internet Explorer (IE).
We recommend installing Microsoft Edge, Google Chrome, Safari, Firefox, or Opera to visit the site.

VPDSF resources

This page contains downloadable resources to assist you in understanding the Victorian Protective Data Security Framework (VPDSF). The documents available on this page are inter-linked and should not be read in isolation. They each form part of a suite of supporting guides and resources on the VPDSF.

If you need information security assistance, or have any questions or queries please email at, or contact the OVIC enquiries team.

Start with our introductory videos if you are new to information security or the VPDSF.

Victorian Protective Data Security Framework

The Victorian Protective Data Security Framework (VPDSF 2.0) can be found here.

Alternatively download the VPDSF V.20 as a PDF or Word document.

Please note: The VPDSF V2.0 was published on 26 February 2020

Victorian Protective Data Security Standards

Download a copy of the Victorian Protective Data Security Standards here.

Please note: With the introduction of the updated Victorian Protective Data Security Standards v2.0 (VPDSS), some reference material has been archived. This material is still available upon request. To receive a copy of any archived material, please contact the Information Security Unit by emailing

Practitioner Guides

Download our practitioner guides below:

Information Security Risk Management PDF or Word

Identifying and Managing Information Assets V2.0

Assessing the Security Value of Public Sector Information V2.0

Protective Markings V2.0

Guide to developing an Information Security Incident Management Framework V2.0

Agency reporting obligations


Agency reporting obligations

Submission process

PDSP and Attestation Submission Options (including form)

Incident notification

Overview and notification process

Additional Resources and Templates:

Information sheets:

Risk scenario 1 – Cloud service case study in PDF or Word

Risk scenario 2 – Legacy systems case study in PDF or Word

Risk scenario 3 – Insider threat case study in PDF or Word

VPDSS Elements – V2.0 to V1.1

Significant change and protective data security obligations in PDF or Word

Victorian protective data security obligations during coronavirus (COVID-19) in PDF or Word

Information security leads in PDF or Word

Guiding principles in PDF or Word

Partnering entities in PDF or Word

VPDSS Glossary V2.0

VPDSF Document Map

The Five Step Action Plan

Local Government Obligations Under Part 4 of the PDP Act 2014 V1.0 (November 2019)

VPDSS 2.0 to V1.0 Mapping (V1.0)

OVIC Information Security Incident Notification Scheme V1.0

VPDSS V2.0 Consultation Q&A

Top Questions for the Audit and Risk Committee (ARC) members

Does the VPDSF apply to your organisation?

Security management framework (SMF) template


Back to top
Back to Top