VPDSS

Get ready.

We help you build trust by demonstrating alignment and compliance with the Victorian Protective Data Security Standards (VPDSS).

VPDSS Guiding Principles

The guidling principles provide the context and purposes behind the protective data security standards:

  • Strong governance
    •  Establish the context for security in your organisation
    •  Link the security program to your business objectives
    •  Base policies & processes based on sound risk management
    •  Embed good governance and practices
  • Risk management
    •  Continually assess security measures against threats & vulnerabilities
    •  Articulate the tolerance within your organisation environment
    •  Understand, prioritise & manage risk treatment plans
  • Information value
    •  Assess requirements for confidentiality, integrity & availability
    •  Base your risk assessments on information value
  • Security culture
    •  Assign accountabilities and responsibilities via policies
    •  Create a mature understanding of managing risk
    •  Undertake security awareness training
  • Continuous improvement
    •  Adopt a plan, do, check, act approach to managing security
    •  Contextualise security risks to your business objectives
    •  Integrate security measures proportionate to business risk
    •  Consistently monitor business operations
    •  Review, validate & update business objectives, risks & operations based on lessons learnt
  • Achieve objectives
    •  Value your information
    •  Employ protective data security measures
    •  Continually refine your security measures

VPDSS Standards

The VPDSS provide a set of criteria for the consistent application of risk-managed security practices across the domains of governance, information security, personnel security & physical security:

  •  1 - Security Management Framework (Governance)
  •  2 - Security Risk Management (Governance)
  •  3 - Security Policies and Procedures (Governance)
  •  4 - Information Access (Governance)
  •  5 - Security Obligations (Governance)
  •  6 - Security Training and Awareness (Governance)
  •  7 - Security Incident Management (Governance)
  •  8 - Business Continuity Management (Governance)
  •  9 - Contracted Service Providers (Governance)
  •  10 - Government Services (Governance)
  •  11 - Security Plans (Governance)
  •  12 - Compliance (Governance)
  •  13 - Information Value (Information Security)
  •  14 - Information Management (Information Security)
  •  15 - Information Sharing (Information Security)
  •  16 - Personnel Lifecycle (Personnel Security)
  •  17 - ICT Lifecycle (ICT Security)
  •  18 - Physical Lifecycle (Physical Security)

                 

      Get more information about the VPDSS from CPDP.

How can Arcord help you?

Arcord provides advice, assessment and assistance with achieving and maintaining VPDSS compliance including:

  •  Preparing your security risk profile assessment (SRPA)
  •  Preparing your protective data security plan (PDSP)
  •  Performing information value assessments (confidentiality, integrity and availability)
  •  Preparing security policies that align with the VPDSS
  •  Scheduling of ongoing security activities
  •  Security awareness training
  •  Preparings reports on your implementation/compliance status

Build smarter security programs.

Get in touch to find out about other ways we can help you.

Contact Us

Get in touch with us.

Your message was sent, thank you!