| Mini vic.gov.au

Our frequently asked questions (FAQs) provide information and responses to common questions from Information Sharing Entities (ISEs) about CISS, FVISS and MARAM.

Who can share and request information under the Schemes?
What do I need to know to decide what can and can’t be shared?
Sharing and responding to requests made under the Schemes
Consent
Intersections between the Schemes and with other laws
Complaints and offences
What is MARAM?
MARAM resources and information for organisations
MARAM resources and information for practitioners
Training
Policy, guidance and tools for education and health workforces
More information and contact details
Acronyms and glossary

This page contains a list of frequently asked questions about the Child Information Sharing Scheme (CISS), the Family Violence Information Sharing Scheme (FVISS) and MARAM.

If you are looking for information on how to enrol in or complete PROTECT training, refer to Protecting children: Mandatory reporting and other obligations.

Note the ‘Schemes’ collectively refers to CISS and FVISS.

Open all

1What is an Information Sharing Entity (ISE)?

An Information Sharing Entity (ISE) is an organisation or service that has been prescribed in regulations to request and share information under CISS and FVISS.

ISEs can request and share information under the information sharing schemes.

Please refer tohttps://www.vic.gov.au/sites/default/files/2022-11/Child-information-sharing-scheme-ministerial-guidelines-Oct-22.pdf Chapter 1 of the CISS Guidelines and Chapter 2 of the FVISS Guidelines for further guidance.

ISEs are prescribed under:

the Family Violence Information Sharing Scheme by the Family Violence Protection (Information Sharing and Risk Management) Regulations 2018
the Child Information Sharing Scheme by the Child Wellbeing and Safety (Information Sharing) Regulations 2018. This means that organisations and services do not need to register as an ISE.

For a full list of the workforces prescribed as ISEs, see Who can share information under the information sharing and MARAM reforms.

2What is a Risk Assessment Entity (RAE)?

An organisation or service who is an Information Sharing Entity (ISE) may also be classified as an RAE under FVISS.

ISEs can share information relevant for a family violence assessment purpose with RAEs only. Information can be shared with all ISEs for a family violence protection purpose.

ISEs that are also RAEs are:

State funded specialist family violence services (including Men’s Behavioural Change Programs, refuges, family violence counselling services and therapeutic programs)
Risk Assessment and Risk Management Panels (RAMPs)
state funded sexual assault services
Child Protection and Child FIRST
The Orange Door
Victims Support Agency
Victoria Police. Refer to Chapter 2 of the FVISS Guidelines for further guidance.

For a full list of the workforces prescribed as ISEs, see Who can share information under the information sharing and MARAM reforms.

3If an ISE is prescribed under one Scheme, are they automatically prescribed under the other Scheme and/or MARAM?

No. Although most organisations are prescribed across all three reforms, there are some organisations that are only prescribed for some of the reforms.

For a list of workforces prescribed as ISEs, see Who can share information under the information sharing and MARAM reforms.

You can also refer to Chapter 1 of the CISS Guidelines and Chapter 2 of the FVISS Guidelines for guidance.

4How can I identify an ISE?

Information Sharing Entities (ISEs) are responsible for verifying whether an individual is from another ISE before they share any information.

You can search for contact details of organisations and services prescribed to share information on the online ISE List.

The ISE List is updated at regular intervals but is not a live list. If you cannot find an organisation or service on this list, they may still be an ISE. You can refer to the following resources for further guidance:

Who can share information under the information sharing reforms and MARAM?
Appendix 2 - Prescribed entities of the Child Information Sharing Scheme Ministerial Guidelines
Chapter 2 – Information Sharing Entities in the Family Violence Information Sharing Scheme Ministerial Guidelines, available for download from the Family Violence Information Sharing Scheme webpage. Please note that if you have received a request from an ISE, you must respond.

Access the ISE List

If contact information for an organisation does not appear on the ISE List, please check the organisation’s website for public contact details.

Once you have confirmed that an organisation is an ISE, you should take reasonable steps to verify the identity of the person you plan to share information with. This may include asking them to send an email from an organisational account or calling them back via their organisation’s switchboard. The ISE List should not be solely relied on to verify ISEs.

5Who in my organisation can request and share information?

Information Sharing Entities (ISEs) determine how the reforms are implemented in their organisation.

ISEs should identify those roles in the organisation or service that are appropriate to use the Schemes to make or respond to requests and voluntarily share information, on behalf of the ISE.

ISEs must be satisfied that any individual or role authorised to use the Schemes on their behalf are:

employed or otherwise contracted (i.e. not a volunteer) by the ISE
suitably trained and competent in use of the Schemes.

6How do I know what services are prescribed?

Each organisation will have been advised by the relevant department regarding what services within their organisation are prescribed. Where confirmation is required, we recommend contacting the relevant department directly.

For a list of the workforces prescribed as ISEs, see Who can share information under the information sharing and MARAM reforms.

7Can I share information directly with an individual?

Yes, in certain circumstances.

Under CISS, information can be shared with a child, a person with parental responsibility for the child or a person with whom the child is living to manage a risk to the safety of the child.

Under FVISS, Information Sharing Entities (ISEs) may share relevant information about a perpetrator with the victim survivor to manage their safety and/or that of their child. If a child is a victim survivor, information can be shared with them or their parent who is not a perpetrator.

Practitioners should use their professional judgement to determine when and how to share information with a victim survivor.

You may refuse to give an individual access to information about themselves if you believe on reasonable grounds that giving the individual access to the information would:

increase a risk to the safety of a child or group of children
increase family violence risk to a victim survivor. When providing a person access to their information, you must do it in a way that does not unreasonably impact the privacy of other individuals. For example, you may need to redact part of a record to protect the privacy of another person whose information also appears in the record.

Refer to the CISS Guidelines and Chapter 3 of the FVISS Guidelines for more information.

8How can I update my organisation’s name or contact information on the online ISE List?

To update an organisation’s name or contact details appearing on the online ISE List, please send an email to:

Education workforces: cisandfvis@education.vic.gov.au

Health workforces: infosharing@health.vic.gov.au

Families, Fairness and Housing workforces: infosharing@dffh.vic.gov.au

Specialist Family Violence Services: infosharing@familysafety.vic.gov.au

Justice workforces: family.violence@justice.vic.gov.au

What do I need to know to decide what can and can’t be shared?

Open all

1For what purposes can information be shared under the Schemes?

Under CISS, Information Sharing Entities (ISEs) can share confidential information with other ISEs for the purpose of promoting the wellbeing or safety of a child or group of children, if, in their view sharing the information could assist the receiving ISE to:

make a decision, assessment or plan
start or conduct an investigation
provide a service, and/or
manage any risk relating to a child or group of children. This is known as the threshold.

For more information on information sharing for wellbeing, refer to Understanding child wellbeing.

If the threshold for sharing is met, ISEs can share information:

in response to a request and/or
proactively (‘voluntary sharing’) in a manner consistent with the legislative principles.

Confidential information may only be shared to the extent necessary to promote the wellbeing or safety of a child or group of children, consistent with their best interests.

Information must be shared in a timely manner. As the purpose of the Schemes is to allow early identification and supports, you do not need to wait until you are sure of an issue or risk. You can and should share before that time, as long as the requirements of the Schemes are met.

ISEs can also share confidential information about any person, from any source, with a child, a person who has parental responsibility for the child, and/or a person with whom the child is living, to manage a risk to that child’s safety.

Please refer to Chapter 1 of the CISS Guidelines for more information about when information can be shared.

There are two purposes for which information can be shared between ISEs under FVISS:

Family violence assessment purpose: to establish whether family violence risk is present, assessing the level of risk the perpetrator poses to the victim survivor, and correctly identifying the perpetrator and victim survivor (note that only Risk Assessment Entities [RAEs] can request information for this purpose – see Who can share and request information under the Schemes?)
Family violence protection purpose: to manage the risk of the perpetrator committing family violence, or the risk of the victim survivor(s) being subjected to family violence. Managing risk involves removing, reducing or preventing the escalation of risk. This includes information sharing to support ongoing risk assessment. All ISEs can also share information for a family violence assessment purpose with an RAE, including information about an alleged perpetrator. See 2. What is a Risk Assessment Entity (RAE)? under Who can share and request information under the Schemes?

All ISEs can share information for a family violence protection purpose with other ISEs either voluntarily or in response to a request.

Only information that is relevant to assessing or managing a risk of family violence can be shared under FVISS. In determining what information is relevant, practitioners should use their professional judgement and refer to the MARAM Framework to determine what constitutes family violence risk.

Risk should be understood as both:

risk of harm to the victim survivor from past and future family violence incidents
future risk of family violence occurring. The MARAM Framework provides guidance on family violence risk and can be found on the MARAM practice guides and resources page.

If information is not relevant to the assessment and management of family violence, that information should not be shared under FVISS.

Refer to Chapter 1 of the FVISS Guidelines for further information about when you can share information under the Scheme.

2What information can I share?

Confidential information about any person that meets the threshold for sharing under CISS can be shared.

Information that can be shared is broad and may include:

professional judgements
case notes
contact details
health information
sensitive information such as religious and political affiliation and beliefs
plans and assessments
information obtained from other sources. This includes relevant historical information collected before the commencement of CISS, as well as information collected after the commencement of CISS. It also includes information from any source, including received from another service under the Schemes. However, where circumstances allow, requesting Information Sharing Entities (ISEs) should try to seek information from the primary source to ensure information is current.

The information being disclosed or requested must not be ‘excluded information’ under Part 6A of the Child Wellbeing and Safety Act 2005 and must not be restricted from sharing under another law.

Refer to Chapter 1 of the CISS Guidelines for further information.

ISEs are obliged to share (in response to a request) and permitted to voluntarily share information (including information collected prior to the commencement of the Scheme) about perpetrators (as well as alleged perpetrators for an assessment purpose), victim survivors and relevant third parties if relevant consent thresholds for sharing are met and:

the information is relevant to assessing or managing risk of family violence
it is not excluded information and the sharing of that information would not contravene another law. For more information on these thresholds, see For what purposes can information be shared under the Schemes? You can also refer to Chapter 1 of the FVISS Guidelines for further information.

3Can I share to promote the wellbeing or safety of a child whether or not family violence is present?

Information Sharing Entities (ISEs) can share information to promote the wellbeing or safety of a child whether or not family violence is present. Information can be shared:

under CISS to promote the wellbeing or safety of a child
under FVISS to assess or manage family violence risk. For more detail on information sharing for wellbeing, refer to Understanding child wellbeing.

ISEs should be mindful that sharing information in the context of family violence may pose particular and complex risks for children and other family members, and when considering sharing to promote child wellbeing or safety they should be alert to whether family violence risk may be present.

When sharing information in a family violence context, ISEs should therefore take all reasonable steps to plan for and maximise the immediate and ongoing safety of children and all family members at risk of family violence. Information sharing should occur in accordance with a relevant safety plan.

Risks related to information sharing are not always easily identified, so it is important to access relevant expertise. As set out in the MARAM Framework and relevant MARAM Practice Guides, ISEs should engage with services that are authorised and skilled to determine appropriate actions and promote collaborative practice around families and children.

Refer to Chapter 3 of the CISS Guidelines and Chapter 5 of the FVISS Guidelines for more information.

4Can I share information about a child’s guardian or parent?

Under the information sharing schemes, provided the thresholds for sharing have been met, information about any person, including a child’s parent or guardian, can be shared if the purpose is to promote the wellbeing or safety of the child, or assess or manage the risk of family violence.

Consent is not required to share information about a child’s guardian or parent when assessing or managing a risk to a child victim survivor, or promoting child wellbeing or safety.

Information Sharing Entities (ISEs) should seek the views of the child and parent that are not perpetrators of family violence when sharing their information unless it is unsafe, inappropriate or unreasonable to do so.

We have developed resources to support you in these conversations, refer to:

Child Information Sharing - information for parents, carers, children and young people
Child Information Sharing - information for Aboriginal and Torres Strait Islander peoples
Child Information Sharing Factsheet in your language
Information sharing guides, templates and tools. Refer to Chapter 1 and Chapter 2 of the CISS Guidelines and page 68 of the FVISS Guidelines for further information.

Open all

1How do I make to a request for information?

You can make a request under the Schemes verbally or in writing. Some services may have additional operational requirements for making a request, such as receiving the request via a form or email.

To access resources to help you make a request, refer to Information sharing guides, templates and tools.

Refer to Chapter 1 of the CISS Guidelines and Appendix A of the FVISS Guidelines for more information.

2How do I respond to a request for information?

Under the Schemes, you can respond to a request either verbally or in writing. Please note that you should ensure relevant thresholds and purposes for sharing are met, and that you comply with record keeping requirements under the Schemes and the relevant privacy requirements for your organisation, including relevant data security standards.

You should respond to requests in a timely manner, in particular you should respond without delay where there is a risk to the safety of a person.

To access resources to help you respond to a request, refer to Information sharing guides, templates and tools.

Refer to Chapter 1 of the CISS Guidelines and Appendix B of the FVISS Guidelines for more information, or contact us at CISandFVIS@education.vic.gov.au or on 1800 549 646 with any questions.

3Can I share information even when a request has not been made (voluntary sharing)?

Yes, Information Sharing Entities (ISEs) are permitted to share information with other ISEs voluntarily under the information sharing schemes as long as:

the purpose and consent thresholds are met
the information being shared is not excluded information, and
sharing it would not contravene another law. Under FVISS, all ISEs may proactively share relevant information with Risk Assessment Entities (RAEs) for a family violence assessment purpose and with all ISEs for a family violence protection purpose.

Refer to Chapter 1 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for more information about voluntary information sharing.

4Can I share information or respond to a request verbally?

Yes, under both Schemes, information can be requested and shared either verbally (e.g. by telephone or at a case conference, so long as all participants taking part in the case conference are from ISEs) or in writing (e.g. in a standard form or report, letter, email or other form of electronic communication).

However, some services may prefer that requests take a particular form for operational reasons.

Existing data security standards will continue to apply, which may mean that certain information will have to be handled in a particular way.

A written record of information sharing, including through a verbal exchange, must be made and stored securely on file, consistent with an organisation’s policies and procedures and with record keeping requirements.

Refer to Chapter 2 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for more information.

5How will I know if the person requesting information is from an ISE?

Information Sharing Entities (ISEs) should make sure that the organisation they are sharing information with has been prescribed as an ISE under the Schemes. See 4. How can I identify an ISE? under Who can share and request information under the Schemes?

If you do not already know that the person requesting the information works for an information sharing entities (for example, through an existing relationship with or knowledge of that person), you should verify their identity prior to sharing any information. For example, you can ask them to send an email from their official work account or contact the information sharing entities’ switchboard.

6Can I refuse to disclose information when requested?

Information Sharing Entities (ISEs) can refuse to provide information in response to a request under the Schemes:

when the threshold for sharing is not met (see 1. For what purposes can information be shared under the Schemes?)
where the information is not relevant to the purpose for which information is being requested (see 1. For what purposes can information be shared under the Schemes?)
where the information is excluded information
where sharing that information would contravene another law
where sharing would be inconsistent with the legislative principles (as relevant under CISS only)
where applicable consent thresholds have not been met (if required under FVISS only). The CISS Ministerial Guidelines set out 9 legislative principles to guide sharing. When sharing information under CISS, ISEs should use their professional judgement to apply these principles, for example, not sharing parts of the information that are not necessary to promote child wellbeing and safety in the best interests of the child.

If an ISE refuses a request for information, it must record the request and the reason it was refused and provide the reason to the requesting ISE in writing. However, ISEs are not required to provide reasons where it would be inappropriate to provide details of the specific ground for the particular exclusion (e.g. where it would prejudice a criminal investigation). It would then be sufficient to refuse on the grounds that the information is excluded.

Refer to Chapter 1 and Chapter 5 of the CISS Guidelines and Chapters 1 and 10 of the FVISS Guidelines for more information about refusing a request for information.

7What happens if an ISE refuses to respond to a request?

Requesting Information Sharing Entities (ISEs) are encouraged to appropriately skill and equip relevant staff to make requests that contain enough information to enable receiving ISEs to exercise their professional judgment to share information.

Responding ISEs are encouraged to discuss requests that they think do not meet the threshold with the requesting ISEs.

ISEs should assist each other (for example, by providing guidance on how they would like to receive requests, seeking further information and having follow-up conversations) to make actionable requests that meet the needs of the Scheme.

A refusal to share information must be provided in writing to the requesting ISE, with reasons stated. You are encouraged to discuss refusals with the responding ISE and work together to understand the exercise of professional judgement that each ISE is bringing to the request and the decision whether to share. The legislative principles require ISEs to work collaboratively while respecting their different expertise.

If you think a request to share information was incorrectly refused, you should raise this with the responding ISE. If you are unable to resolve the issue, a complaint may be made to the responding ISE. All ISEs are required to have a policy in place for handling complaints in relation to their use of the Schemes, and to keep records of complaints received and how they were resolved.

If an ISE forms a view that another ISE has repeatedly incorrectly applied the thresholds or principles of the Schemes in refusing to provide information, ISEs are encouraged to raise the matter with the service that funds the ISE and/or the department responsible for providing or funding the ISE or service.

Refer to Chapter 5 of the CISS Guidelines and Chapters 1 and 10 of the FVISS Guidelines for more information about refusing a request for information.

Refer to Chapter 5 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines for more information about complaints.

8Is there a time limit for sharing information that has been requested?

No, but Information Sharing Entities (ISEs) should respond in a timely manner to a request from another ISE; and must provide relevant information if the legal requirements of the Schemes are met.

Although no formal time limit is imposed for responding to requests under the Schemes, ISEs should ensure that they respond to requests in a timely manner, taking into account risk issues.

An ISE should prioritise requests for information that pertain to safety risks, including family violence. In particular, where a serious threat has been identified, ISEs should respond to those requests for information without delay.

Refer to Chapter 1 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for more information.

9Can I share information about an ‘alleged perpetrator’?

Where there is not sufficient information for an Information Sharing Entity (ISE) to form a reasonable belief that a person poses a risk of family violence, the person may be considered an ‘alleged perpetrator’. Information about an alleged perpetrator may be shared without consent with Risk Assessment Entities (RAEs) for a family violence assessment purpose, to determine if they are a perpetrator and assess the level of risk they pose.

Refer to Chapter 3 of the FVISS Guidelines for more information.

10What happens if a person has been misidentified as a perpetrator?

Where it is established that a person has been incorrectly identified as a perpetrator, an Information Sharing Entity (ISE) should stop sharing information about that person as a perpetrator under FVISS and should instead share their information in the same way as other victim survivors, which might mean seeking their consent.

A service should make their best efforts to correct their records and any information that has already been disclosed to other ISEs. The correction of records should occur in a timely manner to reduce any likelihood that incorrect information will continue to be shared. Individual officers will not be held liable for incorrectly sharing this information where it has been done in good faith and with reasonable care.

Refer to Chapter 3 of the FVISS Guidelines or Section 11 of the MARAM Framework Foundation Knowledge Guide for more information.

11Requesting information from central information sharing work areas

A number of organisations have established central units for receiving and responding to information sharing requests.

Victoria Police

If you are seeking to request information from the Victoria Police please visit FVISS/CISS Victoria Police and complete the relevant online request form.

If you have any other enquiries in relation to information sharing under FVISS and CISS, please email INFORMATION-SHARING@police.vic.gov.au or phone (03) 8335 5902.

Magistrates’ Court of Victoria and Children’s Court

Information Sharing Entities (ISEs) can now request information under the Family Violence Information Sharing Scheme and Child Information Sharing Scheme from the Magistrate’s Court and Children’s Court via the Courts Information Sharing (CIS) Portal.

If you have any other enquiries in relation to information sharing under CISS and FVISS, please contact the Information Sharing Team at informationsharing@courts.vic.gov.au or visit MCV - Information Sharing Schemes.

Child Protection

If you are seeking to request information from Child Protection, please visit Department of Families, Fairness and Housing Family Violence and Child Information Sharing Schemes – Requests for Child Protection Information and complete the webform. ISEs can email info.exchange@dffh.vic.gov.au for general enquiries.

Births, Deaths and Marriages

If you are seeking to request information from Births, Deaths and Marriages, please visit BDM – Child information sharing. ISEs can email bdmcisscheme@dgs.vic.gov.au for general enquiries.

Justice Health

If you are seeking to request information from Justice Health, please visit Request information from Justice Health under the Family Violence and Child Information Sharing Schemes. ISEs can email jh.healthinformation@justice.vic.gov.au for general enquiries.

Other organisations

For all other organisations please visit the online ISE List for available contact details.

Access the ISE List

Open all

1What is consent?

Under the Schemes, consent means both express and implied consent.

‘Express consent’ is when a person has expressly, either verbally or in written form, given their consent to their information being shared.

‘Implied consent’ is not expressly given but can be inferred through a victim survivor or third party’s conduct or behaviour and the facts of a given situation.

2Do I need consent to share information?

Under CISS, Information Sharing Entities (ISEs) do not require consent from any person to share relevant information. However, it is important to note that a professional should seek and take into account the views of the child and their relevant family members where it is appropriate, safe and reasonable to do so. As supported by the legislative principles, it is critical to maintain constructive and respectful engagement with children and their families.

Refer to Chapter 2 of the CISS Guidelines and Chapter 9 of the FVISS Guidelines for further guidance on consent.

Under FVISS, there are circumstances in which information can only be shared with the consent of the person to whom the information relates.

Consent is not required from an alleged perpetrator (for a risk assessment purpose) or a perpetrator (for a risk assessment purpose or protection purpose), including adolescents who use violence in the home, when sharing information under FVISS to assess or manage risk of family violence to a child or adult victim survivor.

When assessing or managing a risk to a child victim survivor, consent is not required from any person (including the child, a parent who is not a perpetrator or any other person) to share their information if it is relevant to assessing or managing the risk of family violence for a child victim survivor. However, ISEs must seek the views of child and adult victim survivors when sharing their information unless it is not safe, appropriate or reasonable to do so.

For more information refer to:

Chapter 5 of the FVISS Guidelines for further information on seeking the views of adult and child victim survivors
‘Tips for a conversation with a child victim survivor or parent who is not a perpetrator’ under the heading ‘Share Information’ on the Information sharing guides, templates and tools webpage.

When assessing or managing risk to an adult victim survivor (where there is no child at risk), consent will be required from the victim survivor or a third party before their information can be shared under FVISS. However, their information may be shared without consent where the sharing of that information is necessary to lessen or prevent a serious threat to an individual’s life, health, safety or welfare.

Consent is also required to share information about a third party. A third party is any person whose confidential information is relevant to assessing or managing family violence risk who is not a victim survivor, perpetrator or alleged perpetrator. This could include previous partners of either party, friends, acquaintances, neighbours or associates of a victim survivor, perpetrator or alleged perpetrator.

You may also refer to:

Chapter 4 of the FVISS Guidelines for more information on sharing information about adult victim survivors and third parties (where there is no child at risk)
an example ‘Information sharing consent form’ (for adult victim survivors only) and ‘Tips for a conversation for obtaining consent from an adult victim survivor’ under the heading ‘Share Information’ on the Information sharing guides, templates and tools webpage. Refer to Chapter 1 of the FVISS Guidelines for more information on consent thresholds.

Where consent is not required, ISEs should seek and take into account the views of child and adult victim survivors about information sharing if appropriate, safe and reasonable to do so.

3Where do I find information on consent?

It is a matter for Information Sharing Entities (ISEs) to determine a process for obtaining consent and sharing with implied consent under FVISS.

This might include consent being obtained from the requesting ISE where the responding ISE is not directly working with a person whose consent is required to share information.

Refer to Chapter 9 of the FVISS Guidelines for more information.

Intersections between the Schemes and with other laws

Open all

1How do the Schemes intersect?

The information sharing schemes are designed to complement each other, to enable services to share information to respond to the range of needs and risks facing children and families. The Schemes align in a number of ways, including:

broadly consistent Information Sharing Entities (ISEs) and record keeping requirements
similar protections for professionals who share information in good faith and with reasonable care
prioritising the safety of children and victim survivors over the privacy of any individual. Information can be shared:
under FVISS to assess and manage family violence risk, including to children
under CISS to promote the wellbeing or safety of a child. ISEs should be mindful that sharing information in the context of family violence may pose particular and complex risks for children and other family members. When considering sharing to promote child wellbeing or safety, ISEs should be alert to whether family violence risk may be present. When sharing information in a family violence context, ISEs should therefore take all reasonable steps to plan for and maximise the immediate and ongoing safety of children and all family members at risk of family violence. Information sharing should occur in accordance with a relevant safety plan.

When sharing under one Scheme, ISEs should consider whether sharing under the other Scheme may also be beneficial. For example, when sharing to assess or manage family violence risk, if there are children in the family the ISE should consider whether additional information should be shared with other ISEs for child wellbeing or safety purposes beyond the assessment and management of family violence risk.

Refer to Chapter 3 of the CISS Guidelines for further information on the intersection between the two Schemes.

2Can I use the Schemes to share with interstate or Commonwealth agencies?

No, Commonwealth agencies and wholly interstate organisations are not prescribed under the Schemes.

Where Information Sharing Entities (ISEs) share or request information from interstate or Commonwealth organisations, the Schemes will not be relevant. When sharing cross-border, ISEs should continue to use existing permissions for sharing information as well as their current practices for working with agencies in the neighbouring state. Interstate or Commonwealth entities should respond to requests for information in accordance with the laws of their own jurisdiction.

Refer to Chapter 4 of the CISS Guidelines and Chapter 2 of the FVISS Guidelines for more information.

3What if the information can already be shared under another law?

All organisations and services should continue to share information as appropriate in accordance with other laws. The information sharing schemes do not impact on these other permissions to share, including privacy laws, workplace safety laws and the Children, Youth and Families Act 2005, for example.

The Schemes provide additional permissions for Information Sharing Entities (ISEs) to share information with other ISEs for the purpose of family violence risk assessment and management or to promote the wellbeing or safety of a child or group of children, provided the relevant requirements are met.

Refer toChapter 4 of the CISS Guidelines and Chapter 11 of the FVISS Guidelines.

4What happens if information sharing is restricted under other laws?

Secrecy and confidentiality provisions continue to apply unless expressly overridden by the information sharing schemes. If another Act contains legal restrictions on the sharing of information and these provisions have not been expressly overridden under the Schemes, these restrictions will continue to apply to the sharing of that information.

Refer to Chapter 4 of the CISS Guidelines and Chapter 11 of the FVISS Guidelines for further information on the secrecy and confidentiality provisions in other laws that have been overridden by the Schemes.

5How do you determine if there is a ‘serious threat’ to an individual’s life, health, safety or welfare to share when FVISS does not apply?

Refer to MARAM for determining whether a family violence risk is serious.

The Office of the Victorian Information Commissioner and the Health Complaints Commissioner have also prepared guidance to assist services to determine whether information should be shared to lessen or prevent a serious risk under privacy laws. Please refer to the guidance from the Office of the Victorian Information Commissioner for further information.

Refer to Chapter 4 of the FVISS Guidelines for more information about the serious threat exception to victim survivor consent when sharing under FVISS.

6Is the National Disability Insurance Scheme (NDIS) or the National Disability Insurance Agency (NDIA) a prescribed information sharing entity?

The role of disability services in supporting the wellbeing and safety of children and families is recognised, however, neither the NDIS nor NDIA are prescribed as Information Sharing Entities (ISEs).

State provided and funded specialist forensic disability accommodation services are prescribed under the information sharing schemes. The Victorian Disability Worker Commission and the Disability Worker Registration Board of Victoria are also prescribed.

Complaints and offences

Open all

1How are workers protected when sharing information?

Offences and penalties may apply where information is shared unlawfully under the Schemes. However, a person who is authorised to share information under the Schemes, who acts in good faith and with reasonable care when sharing information will:

not be held liable for any criminal, civil or disciplinary action for providing the information
not be in breach of any code of professional ethics or considered to have departed from any accepted standards of professional conduct This protection from liability applies only to individuals, not organisations.

Refer to Chapter 6 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines for further information.

2My client is concerned that their privacy has been breached or that the Schemes have been used inappropriately – what can they do?

Individuals should make any complaints about how the Schemes have been applied to them (including but not limited to breaches of their privacy) directly to the relevant Information Sharing Entity (ISE) in the first instance.

ISEs should have procedures in place for dealing with complaints about the use of the Schemes and are required to keep records of complaints received, how they were resolved, and action taken if any.

If the individual is unsatisfied with the response of the ISE, privacy complaints can be made to the relevant privacy regulator:

The Office of the Victorian Information Commissioner (OVIC) when the complaint is related to personal information Website: www.ovic.vic.gov.au Telephone: 1300 006 842
The Health Complaints Commissioner (HCC) when the complaint is related to health information. Website: www.hcc.vic.gov.au Telephone: 1300 582 113 When Commonwealth privacy law applies, complaints can be made to:
The Office of the Australian Information Commissioner (OAIC) Website: www.oaic.gov.au Telephone: 1300 363 992 For further information on complaints, refer to Chapter 6 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines.

3I have received a complaint about information sharing under the Schemes – what should I do?

Information Sharing Entities (ISEs) should have procedures in place for dealing with complaints made in relation to the Schemes and should make these available. ISEs should also keep records of any complaints.

If a complaint is received, the ISE must record:

the date the complaint was made and received
the nature of the complaint
any action that was taken to resolve the complaint
any necessary action that has been taken to prevent or lessen the risk of further similar complaints by addressing the reasons for the complaint
time taken to resolve the complaint
if the ISE was unable to resolve the complaint, any further action (if any) that was taken For further information on complaints, refer to Chapter 6 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines.

What is MARAM?

Open all

1What is the MARAM Framework?

The Family Violence Multi-Agency Risk Assessment and Management Framework (MARAM) has been developed in response to recommendations 1-3 of the Royal Commission into Family Violence.

The MARAM Framework is embedded in law and policy, establishing the system architecture and accountability mechanisms required for a system-wide approach to and shared responsibility for family violence risk, including:

MARAM Framework legislative instrument, established at Part 11 of the Family Violence Protection Act 2008
Family Violence Protection (Information Sharing and Risk Management) Regulations 2018 prescribe Framework Organisations to the MARAM Framework.
MARAM Framework policy document complements and provides further detail on the legislative instrument. The MARAM Framework is structured through four ‘pillars’ that aim to establish a system-wide approach and shared responsibility for family violence risk assessment and management. These include:
Shared understanding of family violence.
Consistent and collaborative practice.
Responsibilities for risk assessment and management.
Systems, outcomes and continuous improvement. A set of practice guides and supporting resources have been developed alongside the MARAM Framework to better support professionals. These can be found on the MARAM practice guides and resources page.

Find more information on the MARAM Framework.

Organisations will have been notified if they are prescribed to MARAM.

2If my organisation is not prescribed in regulations can it still align to the MARAM framework?

Organisations that are not prescribed in regulations are not precluded from using the MARAM Framework. The MARAM Framework is recommended to be used by all services that come into contact with individuals and families experiencing family violence.

Organisations due to be prescribed can begin aligning to the MARAM Framework and do not have to wait for the date of prescription.

MARAM resources and information for organisations

Open all

1What will be required of organisations?

Organisations and services prescribed under MARAM are required to align their policies, procedures, practice guidance and tools to MARAM. This is a legal obligation as recommended by the Royal Commission into Family Violence to support consistent and widespread use of the MARAM Framework across the many sectors involved in family violence risk assessment and management.

Implementation of MARAM will require significant culture change and system reform. This will take time and effort at all levels of the service system. As such, it is recognised that MARAM alignment is progressive and will take time.

Family Safety Victoria has developed alignment guidance materials to support organisations to determine what alignment activities to prioritise in their first year of prescription. This includes an organisational embedding guide and responsibilities decision guide available at the MARAM practice guides and resources page.

Useful starting documents for organisational leaders are:

Organisation self-audit tool:

MARAM organisation self-audit tool Word 339.64 KB (opens in a new window)

MARAM responsibilities guide
Executive briefing slides:

Executive Briefing Slides PPT 4.38 MB (opens in a new window)

MARAM alignment checklist:

MARAM alignment checklist PDF 122.57 KB (opens in a new window)

Decision guide for organisational leaders:

MARAM Responsibilities decision guide for leaders PDF 160.81 KB (opens in a new window)

2What does alignment to MARAM mean?

The MARAM Framework outlines four pillars, each with a description of a Framework requirement for organisations to align their policies, procedures, practice guidance and tools.

Framework Organisations are not expected to have aligned their policies, procedures, practice guidance and tools to the MARAM Framework from day one. Instead, it is acknowledged that MARAM alignment is progressive and will take time.

Guidance to support organisations to start aligning to MARAM can be found at the MARAM practice guides and resources page. This includes an organisational embedding guide that supports organisations to understand the MARAM responsibilities for risk assessment and management and MARAM practice guides including the victim survivor focused practice guides and the perpetrator focused practice guides.

3What is a maturity model?

A maturity model provides a set of stepped benchmarks against which organisations can compare their alignment progress. The maturity model was proposed early in the development of the MARAM Framework in recognition of the need to provide guidance to prescribed organisations as to their expected alignment pathway, noting that this would vary considerably across different sectors.

A maturity model recognises the importance of flexibility given the diverse group of prescribed organisations, each of whom have their own distinct challenges, levels of understanding of family violence, cultural attitudes, and workforce capability to respond to family violence risk. Whilst the maturity model will include measurable progress markers of alignment, the pathways toward these remain with the organisations themselves.

The maturity model is in development.

MARAM resources and information for practitioners

Open all

1What practice guidance is available to accompany MARAM?

The MARAM practice guides support professionals to understand their relevant responsibilities under the MARAM Framework towards the identification, assessment and ongoing management of family violence risk as it relates to their specific roles. The MARAM Framework sets out 10 responsibilities for practice, and as such there are 10 responsibilities guide for each of these. There is also a Foundational Knowledge Guide. The practice guides are currently available by responsibility to work with victim survivors; practice guides for working with people who use violence are due for release in 2021.

Different practitioners will have different MARAM responsibilities. Organisations have a responsibility to determine which responsibilities apply and advise their staff members. Please refer to the MARAM responsibilities: decision guide to determine which responsibility applies to your organisation:

MARAM Responsibilities decision guide for leaders PDF 160.81 KB (opens in a new window)

Foundation knowledge guide

The Foundation Knowledge Guide underpins all MARAM Responsibilities for practice. It outlines key elements of the MARAM Framework, the service system, the evidence-based family violence risk factors that underpin all levels of risk assessment practice and presentations of risk across different age groups and Aboriginal and diverse communities.

Responsibility 1: Respectful, sensitive and safe engagement
Responsibility 2: Identification of family violence risk
Responsibility 3: Intermediate risk assessments
Responsibility 4: Intermediate risk management
Responsibility 5: Secondary consultation and referral
Responsibility 6: Information sharing with other services
Responsibility 7: Comprehensive risk assessment
Responsibility 8: Comprehensive risk management and safety planning
Responsibility 9: Contribute to coordinated risk management
Responsibility 10: Collaborate for ongoing risk assessment and risk management For more information on the MARAM practice guides, visit the MARAM practice guides and resources page.

2Which tools accompany MARAM?

MARAM tools have been developed for use in practice which are underpinned by the MARAM Framework evidence-based risk factors. The MARAM Framework assessment tools cover different stages and levels of assessment and build on each other.

Each tool asks more detailed questions or contains prompts to get more information about the behaviour used by the perpetrator, level of risk and protective factors. The questions in the tools are designed to identify if risk factors are present.

For adult victim survivors the tools available include:

identification and screening
brief risk assessment (which is for time-critical interventions and includes only serious risk factors associated with an increased likelihood of the victim survivor being killed or nearly killed, to assess the seriousness of risk and inform short term risk management)
intermediate risk assessment
comprehensive risk assessment Each tool asks questions about risk specific to children and young people.

Tools for assessing perpetrator behaviour and an assessment tool for adolescents who use violence are also in development for 2021.

It is expected that professionals will use the tool that matches their level of training, expertise, and relevant MARAM Framework responsibilities. For example, the comprehensive tool will be used by specialist family violence practitioners.

Organisations may have embedded tools into existing processes, or may be use MARAM tools as designed.

All tools are available online at the MARAM practice guides and resources page.

An online system to host the MARAM assessment tools (Tools for Risk Assessment and Management or TRAM) is also available. Framework Organisations interested in using TRAM can contact the TRAM team at: tram@familysafety.vic.gov.au.

Training

Open all

1What information sharing training is available?

Information about training to support implementation can be found on the Training for the information sharing and MARAM reforms webpage.

2What MARAM training is available?

Information about MARAM training is available on the Training for information sharing and MARAM reforms webpage.

Professionals should select the most appropriate training for their level of responsibility in responding to family violence risk based on their organisation and sector.

Policy, guidance and tools for education and health workforces

Policies and resources have been developed for the workforces listed below.

Open all

1Government schools

Government schools are expected to follow the Department of Education’s policy and guidance on requesting and sharing information under CISS and FVISS, and aligning to the MARAM framework. The relevant policies are:

Child and Family Violence Information Sharing Schemes: Policy
Family Violence Support: Policy. Government schools may need to develop local processes or procedures to manage information sharing requests. They may also refer to the Information Sharing and Family Violence Reforms: Guidance and Tools for helpful guidance, interactive templates and tools such as decision making trees.

2Catholic Schools

Catholic schools should refer to their Diocese for guidance on policies and procedures.

Catholic schools may also refer to the Information Sharing and Family Violence Reforms: Guidance and Tools. This resource is designed to help education workforces embed the information sharing schemes and align to the MARAM framework. It includes helpful guidance, interactive templates and tools such as decision making trees.

3Independent Schools

Independent schools can refer to the Information Sharing and Family Violence Reforms: Guidance and Tools. This resource is designed to help education workforces embed the information sharing schemes and align to the MARAM framework. It includes guidance, interactive templates and tools.

4Early Childhood services

Early Childhood services should continue to follow provider level policies and procedures regarding sharing of information.

If you a member of a peak body such as Early Learning Association Australia or Community Child Care Association, these organisations may be able to assist in providing policy guidance and advice related to the information sharing schemes.

Early Childhood services should also refer to the Information Sharing and Family Violence Reforms: Guidance and Tools. This resource is designed to help education workforces embed the information sharing schemes and align to the MARAM framework. It includes guidance, interactive templates and tools.

5General Practice

The Department of Health and the Royal Australian College of General Practitioners (RACGP) have developed the following resources to support general practitioners to use the information sharing schemes.

More information and contact details

Open all

1I have more questions. How can I get further information?

For any queries related to policy, implementation or training, or for technical issues with the online learning modules, please email CISandFVIS@education.vic.gov.au or contact us on 1800 549 646.

Please note our staff are not prescribed Information Sharing Entities (ISEs) under CISS or FVISS and therefore cannot share or receive identifiable information through these schemes

2Where can I find the CISS and FVISS Guidelines and the MARAM Framework?

The CISS Guidelines and FVISS Guidelines are on the Information sharing guides, templates and tools page, under ‘Familiarise yourself with the Ministerial Guidelines’.

Find resources related to the MARAM Framework on the MARAM practice guides and resources page.

Refer to the Information sharing schemes and the MARAM framework website for further resources and guidance.

Acronyms and glossary

Information Sharing and MARAM glossary

The Information Sharing and MARAM Glossary defines terms, acronyms and abbreviations commonly used in information sharing.

For further glossary information, please see the CISS Guidelines and the FVISS Guidelines.

Alleged perpetrator

A person who is alleged to pose a risk of committing family violence. Information about alleged perpetrators can only be shared with Risk Assessment Entities (RAEs) for a family violence assessment purpose.

See Chapter 3 of the FVISS Guidelines for more information on alleged perpetrators, including the distinction between an alleged perpetrator and a perpetrator.

CISS

Child Information Sharing Scheme

The Child Information Sharing Scheme (CISS) allows authorised organisations and professionals working with children, young people and families to share information to promote a child’s wellbeing or safety.

DE

Department of Education (after 1 January 2023)

DET

The former Department of Education and Training

DFFH

Department of Families, Fairness and Housing

DH

Department of Health

DHHS

The former Department of Health and Human Services

Excluded information

Excluded information is information that cannot be shared under the Schemes.

See Chapter 1 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for the full list of excluded information.

FSV

Family Safety Victoria

FVISS

Family Violence Information Sharing Scheme

The Family Violence Information Sharing Scheme (FVISS) allows authorised organisations to share information to assess and manage family violence risk.

ISE

Information Sharing Entity

A person or body, or class of person or body, prescribed to be an information sharing entity under the information sharing schemes.

ISEs may also be referred to as ‘prescribed entities’ or ‘prescribed organisations and services’.

MARAM

Family Violence Multi-Agency Risk Assessment and Management Framework

The Family Violence Multi-Agency Risk Assessment and Management Framework (MARAM) is a framework that guides services in assessing and managing the risk of family violence.

MARAM was previously known as the common risk assessment framework or ‘CRAF’.

RAE

Risk Assessment Entity

An ISE prescribed under FVISS may also be prescribed as a Risk Assessment Entity (RAE).

All ISEs prescribed under FVISS can share information for a family violence assessment purpose with RAEs.

RAMP

Risk Assessment and Management Panel

A Risk Assessment and Management Panel (RAMP) is a formally convened meeting, held at a local level, of key agencies and organisations that contribute to the safety of women and children experiencing serious and imminent threat from family violence.

The reforms

The Child Information Sharing Scheme, the Family Violence Information Sharing Scheme and MARAM.

The Schemes

The Child Information Sharing Scheme and the Family Violence Information Sharing Scheme.

TRAM

Tools for Risk Assessment and Management

Tools for Risk Assessment and Management (TRAM) is the online system that hosts the MARAM risk assessment tools being used in the Orange Door and being piloted in several specialist family violence services.

Updated 26 March 2026

Economic Growth Statement

Frequently asked questions about information sharing and MARAM

On this page

Who can share and request information under the Schemes?

What do I need to know to decide what can and can’t be shared?

Child Information Sharing Scheme (CISS)

Family Violence Information Sharing Scheme (FVISS)

Child Information Sharing Scheme (CISS)

Family Violence Information Sharing Scheme (FVISS)

Sharing and responding to requests made under the Schemes

Victoria Police

Magistrates’ Court of Victoria and Children’s Court

Child Protection

Births, Deaths and Marriages

Justice Health

Other organisations

Consent

Child Information Sharing Scheme (CISS)

Family Violence Information Sharing Scheme (FVISS)

Alleged perpetrators and perpetrators: no consent required

Child victim survivors: no consent required

Adult victim survivors and third parties: consent required

Intersections between the Schemes and with other laws

Complaints and offences

What is MARAM?

MARAM resources and information for organisations

MARAM resources and information for practitioners

Foundation knowledge guide

Training

Policy, guidance and tools for education and health workforces

More information and contact details

Acronyms and glossary

Alleged perpetrator

CISS

DE

DET

DFFH

DH

DHHS

Excluded information

FSV

FVISS

ISE

MARAM

RAE

RAMP

The reforms

The Schemes

TRAM