The ICT Security and Related Services Panel (SRS Panel) are a group of industry experts contracted to provide government agencies with ICT services and advice on a range of security and privacy practices. The panel helps government agencies manage privacy and security issues effectively.
Service description
The SRS Panel is part of an ongoing programme of work to ensure government agencies continually lift privacy and security standards as government transitions to providing digital products and services.
This panel largely caters for security requirements relating to information and communications technology (ICT). Agency requirements for other types of security for example, physical, personnel, or intelligence-based, are not included in this panel.
Services available through the panel include:
InfoSec risk management and assessment
InfoSec security governance and strategy
InfoSec Assurance
source code, application review and technical testing
ICT forensics, investigation and security incident response.
Delivery
The Lead Agency Agreement with The Department of Internal Affairs (DIA) allows eligible agencies to enter into agreements with any of the service providers and purchase the services described in the agreement.
Your agency must only use the service provider for the services they’ve been contracted for.
If your agency wants to use a service provider for other work, you must conduct a separate purchasing and contracting process.
Benefits
The intention of this panel is to grow market capability and ensure that a consistent and cost-effective service is provided to all government agencies.
Other benefits include:
a new online portal, replacing the traditional paper-based service catalogue
flexibility to complete an assignment spanning multiple service categories using services offered by one service provider
improved supplier-to-lead agency reporting.
Roadmap
The panel is open to ensure the best advice is available from the best providers. This means the Request for Proposal (RFP) process may be repeated to give new service providers the opportunity to join the panel and for existing service providers to apply for additional service categories.
Lead Agency
Te Tari Taiwhenua The Department of Internal Affairs
Status
Operational
Adopting the service
This agreement is expiring in October 2021.
Contact marketplace@dia.govt.nz for more information about the replacement programme, Information Security Services.
Agencies don’t need to undertake a full procurement process. The lead agency has procured the services on behalf of all agencies and has signed a Lead Agency Agreement with each of the service providers.
Contact the SRS team to adopt a service. They will guide you through the process.
Sign a standard confidentiality agreement so the service providers’ lists of services and costs can be released.
Select a service provider based on business needs. This process along with the service providers’ catalogues is called the Secondary Procurement Process.
Sign a Memorandum of Understanding (MoU) with DIA as Lead Agency. This MoU sets out each party’s rights and obligations.
Sign a Subscription Agreement (SA) with the preferred service provider.
Agree a Statement of Work (SoW) with the service provider.
The finalised contract to deliver the panel services to agencies is made up of:
the Subscription Agreement and
the terms and conditions, as agreed in the Lead Agency Agreement with DIA.
Lead Agency Agreement summary
Open Supplier Panel
ICT Common Capabilities
Lead Agency Agreement details
The initial contract was for 3 years, beginning in October 2017 with the option for three 1-year extensions. This agreement expires on 31 October 2021.
Supplier information
Accenture NZ Limited
Primary supplier
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing.
Aura Information Security (Kordia Limited)
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.
Axenic Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response.
Canda C&A Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment.
Central Region's Technical Advisory Services Limited
Primary supplier
InfoSec Assurance
Source Code, Application Review and Technical Testing.
Cisco Technologies New Zealand Limited
Primary supplier
ICT Forensics, Investigation and Security Incident Response.
Ancillary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing.
Cogent Limited
Primary supplier
InfoSec Assurance.
Ancillary supplier
InfoSec Governance and Strategy.
Confide Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment.
Context Information Security Limited
Primary supplier
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.
Ancillary supplier
InfoSec Assurance
InfoSec Risk Management and Assessment.
Cordelta Proprietary Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.
Cyber Toa Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.
Datacom New Zealand Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing.
Deloitte Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.
Ernst & Young Group Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.
Gen2 Consulting Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment.
Grant Thornton New Zealand Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.
Helix Security Services Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Ancillary supplier
Source Code, Application Review and Technical Testing
Information Integrity Solutions Proprietary Limited
Primary supplier
InfoSec Risk Management and Assessment
Ancillary supplier
InfoSec Assurance
ICT Forensics, Investigation and Security Incident Response
InPhySec Security Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing
Insomnia Security Group Limited
Primary supplier
Source Code, Application Review and Technical Testing
Intuisec Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
Ancillary supplier
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing
Isect Limited
Primary supplier
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Ancillary supplier
InfoSec Assurance
KPMG
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing
Lateral Security (IT) Services Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing
Link Consulting Group Limited
Primary supplier
InfoSec Assurance
InfoSec Risk Management and Assessment
Liquid IT Limited
Primary supplier
InfoSec Governance and Strategy
Liverton Security Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Middleware New Zealand Limited
Primary supplier
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
NTT Ltd
Primary supplier
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.
NZYM Limited
Primary supplier
InfoSec Governance and Strategy
Optic Digital (formerly Comsmart)
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Planit Software Testing Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing
PricewaterhouseCoopers Consulting (New Zealand) LP
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing
Prima Solutions 2013 Limited
Primary supplier
InfoSec Risk Management and Assessment
PS Duo Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Ancillary supplier
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing
Quantum Security Services Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing
Resultex Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Safestack Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment.
SSS - IT Security Specialists
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Unify Solutions NZ Limited
Primary supplier
InfoSec Governance and Strategy
Voco Limited
Primary supplier
InfoSec Assurance
InfoSec Governance and Strategy
ZX Security Limited
Primary supplier
InfoSec Assurance
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing