TheArtOfService
Back to Frameworks

Voluntary Principles on Security and Human Rights (VPs)

Self-Assess
International (VP Initiative)
v2000 (regularly updated)
3 domains
3 controls

The Voluntary Principles on Security and Human Rights (VPs), established in 2000, guide extractive sector companies in maintaining the safety and security of their operations within a framework that respects human rights. The VPs are a multi-stakeholder initiative involving governments (13), companies (39), and NGOs (13). Three pillars: risk assessment, interactions with public security, and interactions with private security. Companies report annually on VP implementation. The VP Initiative is administered from The Hague. Particularly relevant for operations in conflict-affected and high-risk areas.

Unverified

Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.

Framework Domains (3)

Implementation

1 controls
Controls in the Implementation domain of Voluntary Principles on Security and Human Rights (VPs)1 controls
CodeTitle
VPSHR-3Implementation Guidance and Reporting

Interactions

1 controls
Controls in the Interactions domain of Voluntary Principles on Security and Human Rights (VPs)1 controls
CodeTitle
VPSHR-2Interactions, Training, Capacity Building

Policy and Risk

1 controls
Controls in the Policy and Risk domain of Voluntary Principles on Security and Human Rights (VPs)1 controls
CodeTitle
VPSHR-1Policy, Risk Assessment, Engagement with State and Private Security

Your Compliance Coverage

If you comply with Voluntary Principles on Security and Human Rights (VPs), you already cover:

Papua New Guinea National Cybersecurity Policy & Cybercrime Act (2016)

33%

1 controls mapped

Compare →

Barbados Data Protection Act 2019

33%

1 controls mapped

Compare →

IEC 62443

33%

1 controls mapped

Compare →

+ 117 more: IAIS Insurance Core Principles (ICPs) (33%), Kids Online Safety Act (KOSA) (33%)

See all 120 mapped frameworks ↓

Maps to 120 other frameworks

3 total controls
Papua New Guinea National Cybersecurity Policy & Cybercrime Act (2016)
1 source controls mapped|1 target controls covered
33%
Barbados Data Protection Act 2019
1 source controls mapped|2 target controls covered
33%
IEC 62443
1 source controls mapped|4 target controls covered
33%
IAIS Insurance Core Principles (ICPs)
1 source controls mapped|1 target controls covered
33%
Kids Online Safety Act (KOSA)
1 source controls mapped|1 target controls covered
33%
MiFID II / MiFIR
1 source controls mapped|1 target controls covered
33%
DAMA-DMBOK2 - Data Management Body of Knowledge (2nd Edition)
1 source controls mapped|1 target controls covered
33%
AS9100D:2016 - Quality Management Systems for Aviation, Space, and Defence
1 source controls mapped|1 target controls covered
33%
ISO 27005
1 source controls mapped|1 target controls covered
33%
ISO 20000-1
1 source controls mapped|1 target controls covered
33%
ISO 14001
1 source controls mapped|1 target controls covered
33%
ISO 45001:2018
1 source controls mapped|1 target controls covered
33%
ISO 14001:2015
1 source controls mapped|1 target controls covered
33%
ISO 9001:2015
1 source controls mapped|1 target controls covered
33%
Aged Care Quality Standards (Australia)
1 source controls mapped|1 target controls covered
33%
ISO/IEC 27014:2020
1 source controls mapped|1 target controls covered
33%
AS9100D - Aerospace Quality Management System
1 source controls mapped|1 target controls covered
33%
ISO/IEC 27003:2017
1 source controls mapped|1 target controls covered
33%
IEC 62304:2015 Medical Device Software Lifecycle Processes
1 source controls mapped|2 target controls covered
33%
BRCGS Global Standard for Food Safety Issue 9
1 source controls mapped|2 target controls covered
33%
NIST SP 800-171A Rev 3 - Assessing CUI Security Requirements
1 source controls mapped|3 target controls covered
33%
FDA Quality Management System Regulation (QMSR)
1 source controls mapped|2 target controls covered
33%
German Supply Chain Due Diligence Act (LkSG)
1 source controls mapped|4 target controls covered
33%
ICH Q10 - Pharmaceutical Quality System
1 source controls mapped|1 target controls covered
33%
ILO Declaration on Fundamental Principles and Rights at Work (Core Conventions)
1 source controls mapped|3 target controls covered
33%
IMO Maritime Cybersecurity Guidelines (MSC-FAL.1/Circ.3/Rev.2)
1 source controls mapped|1 target controls covered
33%
ITAR - International Traffic in Arms Regulations
1 source controls mapped|1 target controls covered
33%
NIST SP 800-30
1 source controls mapped|1 target controls covered
33%
NIST SP 800-37
1 source controls mapped|1 target controls covered
33%
NIST SP 800-39
1 source controls mapped|1 target controls covered
33%
PIC/S Guide to Good Manufacturing Practice for Medicinal Products
1 source controls mapped|1 target controls covered
33%
SA8000:2014 - Social Accountability Standard
1 source controls mapped|1 target controls covered
33%
TISAX - Trusted Information Security Assessment Exchange
1 source controls mapped|1 target controls covered
33%
UK FCA/PRA Operational Resilience Framework
1 source controls mapped|1 target controls covered
33%
BSI IT-Grundschutz
1 source controls mapped|3 target controls covered
33%
API 1164
1 source controls mapped|3 target controls covered
33%
ISO/IEC 30111:2019
1 source controls mapped|2 target controls covered
33%
APPI
1 source controls mapped|2 target controls covered
33%
Bahrain PDPL
1 source controls mapped|2 target controls covered
33%
ISO/IEC 29147:2018
1 source controls mapped|1 target controls covered
33%
AWS Well-Architected Security Pillar
1 source controls mapped|1 target controls covered
33%
FFIEC IT Examination Handbook
1 source controls mapped|3 target controls covered
33%
ASD Strategies to Mitigate Cyber Security Incidents
1 source controls mapped|2 target controls covered
33%
COSO Internal Control - Integrated Framework (2013)
1 source controls mapped|1 target controls covered
33%
Canada ITSG-33 - IT Security Risk Management
1 source controls mapped|1 target controls covered
33%
APRA CPS 230 Operational Risk Management
1 source controls mapped|1 target controls covered
33%
FFIEC Cybersecurity Assessment Tool (CAT)
1 source controls mapped|1 target controls covered
33%
NIST AI Risk Management Framework (AI RMF 1.0)
1 source controls mapped|1 target controls covered
33%
APRA CPS 234
1 source controls mapped|3 target controls covered
33%
Annex 11 to EU GMP - Computerised Systems
1 source controls mapped|1 target controls covered
33%
ISO/IEC 27400:2022
1 source controls mapped|1 target controls covered
33%
NIST SP 800-171A - Assessing Security Requirements for Controlled Unclassified Information (CUI)
1 source controls mapped|2 target controls covered
33%
NIST SP 800-171
1 source controls mapped|1 target controls covered
33%
ASIS SPC.1-2009 - Organizational Resilience Standard
1 source controls mapped|1 target controls covered
33%
Azure Security Benchmark
1 source controls mapped|1 target controls covered
33%
ISO/IEC 27010:2015
1 source controls mapped|1 target controls covered
33%
Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL)
1 source controls mapped|2 target controls covered
33%
FTC GLBA Safeguards Rule (16 CFR Part 314)
1 source controls mapped|1 target controls covered
33%
IAEA Nuclear Security Series - Computer Security at Nuclear Facilities (NSS-17-T Rev 1)
1 source controls mapped|1 target controls covered
33%
Iceland Data Protection and Processing of Personal Data Act (Act No. 90/2018)
1 source controls mapped|1 target controls covered
33%
Indiana Consumer Data Protection Act
1 source controls mapped|1 target controls covered
33%
ISMAP (Japan)
1 source controls mapped|1 target controls covered
33%
Jamaica Data Protection Act 2020
1 source controls mapped|2 target controls covered
33%
Japan FSA Cybersecurity Guidelines for Financial Institutions
1 source controls mapped|1 target controls covered
33%
Kentucky Consumer Data Protection Act
1 source controls mapped|2 target controls covered
33%
South Korea PIPA
1 source controls mapped|2 target controls covered
33%
Laos Law on Prevention and Combating Cybercrime (2015)
1 source controls mapped|1 target controls covered
33%
LGPD
1 source controls mapped|1 target controls covered
33%
Liechtenstein DPA
1 source controls mapped|1 target controls covered
33%
Malaysia PDPA 2010
1 source controls mapped|2 target controls covered
33%
Maryland Online Data Privacy Act of 2024
1 source controls mapped|2 target controls covered
33%
Mauritius DPA
1 source controls mapped|1 target controls covered
33%
Mexico LFPDPPP
1 source controls mapped|1 target controls covered
33%
Minnesota Consumer Data Privacy Act
1 source controls mapped|1 target controls covered
33%
Monetary Authority of Singapore Technology Risk Management Guidelines
1 source controls mapped|1 target controls covered
33%
Montana Consumer Data Privacy Act
1 source controls mapped|1 target controls covered
33%
MTCS (Singapore)
1 source controls mapped|2 target controls covered
33%
Nebraska Data Privacy Act
1 source controls mapped|4 target controls covered
33%
NERC CIP
1 source controls mapped|1 target controls covered
33%
Nevada Gaming Control Board Cybersecurity Requirements
1 source controls mapped|1 target controls covered
33%
New Hampshire Data Privacy Act
1 source controls mapped|1 target controls covered
33%
New Jersey Data Privacy Act
1 source controls mapped|2 target controls covered
33%
Nigeria Data Protection Act 2023 (NDPA)
1 source controls mapped|4 target controls covered
33%
Nigeria Data Protection Regulation (NDPR)
1 source controls mapped|1 target controls covered
33%
Nigeria Open Banking Regulatory Framework (CBN, 2023)
1 source controls mapped|1 target controls covered
33%
NIS2 Directive
1 source controls mapped|2 target controls covered
33%
NIS2 Directive Implementing Acts
1 source controls mapped|1 target controls covered
33%
NIST SP 800-122
1 source controls mapped|1 target controls covered
33%
NIST SP 800-144
1 source controls mapped|1 target controls covered
33%
NIST SP 800-145
1 source controls mapped|1 target controls covered
33%
NIST SP 800-146
1 source controls mapped|1 target controls covered
33%
NIST SP 800-82 Revision 3: Guide to Industrial Control Systems (ICS) Security
1 source controls mapped|1 target controls covered
33%
NRF Cybersecurity and Data Privacy Framework (National Retail Federation)
1 source controls mapped|1 target controls covered
33%
OECD AI Principles
1 source controls mapped|1 target controls covered
33%
OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (2023 Update)
1 source controls mapped|1 target controls covered
33%
OECD Recommendation on Artificial Intelligence (2024 Update)
1 source controls mapped|2 target controls covered
33%
Oman National Cybersecurity Framework
1 source controls mapped|1 target controls covered
33%
Open Banking Security
1 source controls mapped|2 target controls covered
33%
Oregon Consumer Privacy Act
1 source controls mapped|1 target controls covered
33%
OSFI B-13
1 source controls mapped|3 target controls covered
33%
Virginia CDPA
1 source controls mapped|1 target controls covered
33%
Vietnam PDPD
1 source controls mapped|1 target controls covered
33%
Uruguay DPL
1 source controls mapped|1 target controls covered
33%
UK Gambling Commission - Cyber Resilience Requirements
1 source controls mapped|1 target controls covered
33%
UK GDPR (UK General Data Protection Regulation)
1 source controls mapped|1 target controls covered
33%
Turkey KVKK
1 source controls mapped|1 target controls covered
33%
Trinidad and Tobago Data Protection Act 2011
1 source controls mapped|1 target controls covered
33%
TSA Pipeline Cybersecurity Directives
1 source controls mapped|1 target controls covered
33%
Texas Data Privacy Act
1 source controls mapped|1 target controls covered
33%
Tanzania Personal Data Protection Act (Draft)
1 source controls mapped|1 target controls covered
33%
Taiwan PDPA
1 source controls mapped|1 target controls covered
33%
PSD2 SCA
1 source controls mapped|2 target controls covered
33%
Qatar DPL
1 source controls mapped|2 target controls covered
33%
Privacy Act 2020
1 source controls mapped|1 target controls covered
33%
POPIA
1 source controls mapped|1 target controls covered
33%
Peru DPL
1 source controls mapped|2 target controls covered
33%
Personal Data Act (personopplysningsloven)
1 source controls mapped|1 target controls covered
33%
PDPA Thailand
1 source controls mapped|1 target controls covered
33%
PDPA Singapore
1 source controls mapped|1 target controls covered
33%
PAS 1192-5:2015 - Security-Minded Approach to BIM and Digital Built Environments
1 source controls mapped|1 target controls covered
33%
Compare Voluntary Principles on Security and Human Rights (VPs) with Papua New Guinea National Cybersecurity Policy & Cybercrime Act (2016)

Frequently Asked Questions

What is Voluntary Principles on Security and Human Rights (VPs)?

Voluntary Principles on Security and Human Rights (VPs) is a compliance framework from International (VP Initiative) with 3 domains and 3 controls. The Voluntary Principles on Security and Human Rights (VPs), established in 2000, guide extractive sector companies in maintaining the safety and security of their operations within a framework that respects human rights. The VPs are a multi-stakeholder initiative involving governments (13), companies (39), and NGOs (13). Three pillars: risk assessment, interactions with public security, and interactions with private security. Companies report annually on VP implementation. The VP Initiative is administered from The Hague. Particularly relevant for operations in conflict-affected and high-risk areas. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.

How many controls does Voluntary Principles on Security and Human Rights (VPs) have?

Voluntary Principles on Security and Human Rights (VPs) has 3 controls organised across 3 domains. The largest domains are Implementation (1 controls), Interactions (1 controls), Policy and Risk (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.

What frameworks does Voluntary Principles on Security and Human Rights (VPs) map to?

Voluntary Principles on Security and Human Rights (VPs) maps to 120 other compliance frameworks. The top mapping partners are Papua New Guinea National Cybersecurity Policy & Cybercrime Act (2016) (33% coverage), Barbados Data Protection Act 2019 (33% coverage), IEC 62443 (33% coverage). Use our comparison tool to explore control-level mappings between frameworks.

How do I get started with Voluntary Principles on Security and Human Rights (VPs) compliance?

Start your Voluntary Principles on Security and Human Rights (VPs) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Voluntary Principles on Security and Human Rights (VPs) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 3 controls and track your progress.

Start Your Compliance Journey

Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 700 frameworks.

Get Started Free →

Free forever — no credit card required