VPDSF resources

This page contains downloadable resources to assist you in understanding the Victorian Protective Data Security Framework (VPDSF). The documents available on this page are inter-linked and should not be read in isolation. They each form part of a suite of supporting guides and resources on the VPDSF.

If you need information security assistance, or have any questions or queries please email at security@ovic.vic.gov.au, or contact the OVIC enquiries team.

Start with our introductory videos if you are new to information security or the VPDSF.

Victorian Protective Data Security Framework

The Victorian Protective Data Security Framework (VPDSF 2.0) can be found here.

Alternatively download the VPDSF V.20 as a PDF or Word document.

Please note: The VPDSF V2.0 was published on 26 February 2020

Victorian Protective Data Security Standards

Download a copy of the Victorian Protective Data Security Standards here.

Please note: With the introduction of the updated Victorian Protective Data Security Standards v2.0 (VPDSS), some reference material has been archived. This material is still available upon request. To receive a copy of any archived material, please contact the Information Security Unit by emailing security@ovic.vic.gov.au.

Practitioner Guides

Download our practitioner guides below:

Information Security Risk Management

Identifying and Managing Information Assets V2.0

• Sample Information Asset Register (IAR) Template V2.o

Assessing the Security Value of Public Sector Information V2.0

• VPDSF Business Impact Level Table v2.1

Protective Markings V2.0

• Protective Markings Flowchart (Ready Reckoner) and Mapping Old to New Protective Markings V2.1 
• User Guide – Handling Protectively Marked Information V2.0
• VPDSF Technical Specification Email Protective Markings V1.1
• Round Table Q&As for Protective Marking Transition Deadline V1.0

Guide to developing an Information Security Incident Management Framework V2.0

Additional Resources and Templates:

Information sheets:

Risk scenario 1 – Cloud service case study

Risk scenario 2 – Legacy systems case study

Risk scenario 3 – Insider threat case study

VPDSS Elements – V2.0 to V1.1

Significant Change Notification Process

Victorian Protective Data Security Obligations during COVID-19

Information Security Leads

Guiding principles

Partnering entities

VPDSS Glossary V2.0

VPDSF Document Map

The Five Step Action Plan

Local Government Obligations Under Part 4 of the PDP Act 2014 V1.0 (November 2019)

VPDSS 2.0 to V1.0 Mapping (V1.0)

OVIC Information Security Incident Notification Scheme V1.0

VPDSS V2.0 Consultation Q&A

Top Questions for the Audit and Risk Committee (ARC) members

Does the VPDSF apply to your organisation?

Security management framework (SMF) template