Skip to Content
From Monday 12 September 2020, OVIC's website will no longer be supported in Internet Explorer (IE).
We recommend installing Microsoft Edge, Google Chrome, Safari, Firefox, or Opera to visit the site.

Monitoring and Assurance Insights

These reports seek to highlight the information security achievements of organisations, whilst reflecting on areas of organisations’ information security programs that require further investment and focus. The reports provide organisations with insights into OVIC’s analysis of their information security programs informed by various intelligence sources.

OVIC encourages organisations to consider the insights offered and where needed, review their information security risks and recalibrate future work programs based on the material offered.

OVIC’s approach

In previous reporting cycles OVIC generated Insight Reports tailored to each reporting organisation’s Protective Data Security Plan (PDSP) submission. These reports contained statistics specific to the reporting organisation and offered general insights drawn from the reporting cycle.

In 2025, OVIC has adjusted its approach, collating intelligence from a broad range of sources and presenting our analysis in a centralised report.

2025 – Victorian Public Sector Insights – Information Security Monitoring and Assurance report

In 2025 our office published a report collating insights drawn from information security assurance activities undertaken between 2022 and 2024 of organisations reporting to OVIC.

The report is designed to provide transparency and promote continuous improvement of organisations’ information security programs. The insights presented in this report aim to highlight the importance of a robust information security program, as well as providing a valuable insight into the dynamic environment in which the VPS operate.

This report includes analysis of, and reflection on:

  • PDSP submissions across 2022 and 2024 of regulated organisations
  • information security incident notifications to OVIC
  • audits, reviews, investigations conducted by OVIC
  • audits, reviews and publications of other Victorian government integrity and oversight bodies
  • business engagement and outreach activities undertaken by OVIC’s Information Security Unit (ISU).

To read the report, click here. This report launched at the August VISN event. To watch a recording, please visit the VISN event page.

If you require assistance in interpreting this report or would like to discuss your organisation’s own PDSP or sector allocation, please reach out directly to the ISU so that we may discuss with your team further.

Email security@ovic.vic.gov.au with an outline of your request.

2023 – Organisation-specific PDSP Insight Reports

In 2023, OVIC analysed all PDSPs received during the 2022 reporting cycle, collating trends and themes from the implementation data offered by reporting organisations. This year’s PDSP insights offer:

  • a comparative analysis between organisation’s 2022 PDSP submission and previous 2020 PDSP submission
  • comparative analysis of Whole of Victorian Government (WoVG) and, where applicable, sector submissions
  • an overview of subsidiary organisations (only for multi-organisation submissions)
  • OVIC’s observations, in the form of takeouts.

This analysis was launched at a 2023 VISN event. To download a copy of this 2023 presentation, please visit 2023 PDSP Insights Presentation

Organisation-specific reports were sent to Information Security Leads and public sector body Heads at the time of analysis.

2021 – Organisation-specific PDSP Insight Reports

In 2021, OVIC analysed all PDSPs received during the 2020 reporting cycle, collating trends and themes from the implementation data offered by reporting organisations. This year’s PDSP insights offer 2020 PDSP submission cycle statistics and general insights including:

  • general trends and themes observed across VPS;
  • a broad breakdown of implementation status of each Standard by WoVG vs. Portfolio; and
  • next steps for OVIC and VPS organisations.

This analysis was launched at a 2021 VISN event. To download a copy of this 2021 presentation, please visit 2021 PDSP Insights Presentation

Organisation-specific reports were sent to Information Security Leads and public sector body Heads at the time of analysis.

Need more information?

Have a question or would like to request a copy of your organisation’s previous PDSP Insights Report, please reach out to security@ovic.vic.gov.au

 

 

Download

Victorian-Public-Sector-Insights-–-Information-Security-Monitoring-and-Assurance-Report-2025.pdf

Victorian-Public-Sector-Insights-–-Information-Security-Monitoring-and-Assurance-Report-2025.pdf
Size 3.52 MB

Download

Contents

Back to Index
Back to top
Back to Top