Security Classified Law Enforcement Data

November 2008

These standards provide that law enforcement data must be suitably classified according to the degree of its sensitivity and confidentiality, that those who access such data have commensurate security clearances and that appropriately approved products and solutions are used to protect nationally classified data.

Victoria Police are also bound to pass on these requirements to external agencies with direct access to Victoria Police law enforcement data systems (Approved Third Parties).

This high level compliance review found that Victoria Police has well documented policy and procedures for the identification, classification and management of sensitive data, but work needs to be done to improve implementation.

The review recommended that Victoria Police undertake a force-wide security classification awareness campaign, a review of existing standard operating procedures and a review of security procedures in areas handling nationally classified data. The review also recommended that Victoria Police establish a process and timeline for the classification of all its IT systems.

The review acknowledged that work is already underway within Victoria Police to improve awareness and implementation of security classified policy and procedures.