This requirement also applies to any third parties supporting the organisation who may hold or access government or public sector data (for example, an IT contractor providing services to the organisation).
Prompt reporting enables the department to monitor information security incidents involving Victorian Government data and provide support to funded organisations during the incident response process.
The Information Security Incident Triage and Reporting (ISITR) Guide has been developed to help funded organisations understand how to report these incidents. The guide aligns with the Victorian Protective Data Security Standards (VPDSS), as well as relevant Victorian legislation and regulations.
The guide focuses specifically on the funded organisation’s reporting requirements during the ‘Detect and Report’ phase of the incident management process and covers the following stages:
Incident Identification
Impact Assessment
Incident Reporting
Incident Review.
For further information on data security see:
Access to these resources can be requested through the VPDSS team at vpdss.infosec@dhhs.vic.gov.au.