Victorian Protective Data Security Framework (VPDSF)
The office of the Victorian Information Commissioner (OVIC) provides a 5 Step Action Plan to assist in managing information security risks for Victorian Public Sector (VPS) organisations.
| Five Step Action Plan | ||||
| 01 | 02 | 03 | 04 | 05 |
| Identify your information assets | Determine the 'value' of this information | Identify any risks to this information | Apply security measures to protect the information | Manage risks across the information lifecycle |
| Start Here | ||||
How-to: A guide to completing the 2024 Protective Data Security Plan (PDSP)
The five steps above are complemented by the pre-requisites required for VPS organisations to produce a Protective Data Security Plan (PDSP), in the How-to guide, which states:
Before developing a PDSP, you need to have:
- an understanding of the organisation’s information assets and systems;
- undertaken a security value assessment for these information assets and systems;
- undertaken a SRPA (information security risk assessment) for these information assets and systems; and
- understand the security controls already in place to protect the organisation’s information assets and systems to develop a risk treatment plan.
Cybersecurity Office: Streamlining Your PDSP Preparation
Cybersecurity Office supports each of the 5 Steps in the Action Plan and all of the pre-requisites for the PDSP in a simple, point and click interface via a centralised enterprise-ready SaaS solution.
