Your browser currently has JavaScript turned off, which means that Govt.nz might not display properly on your device. It's easy to turn JavaScript on - find out how to enable JavaScript in your browser.

Contact

Department of Internal Affairs

SRS Product Manager

SRSPanel@dia.govt.nz

ICT Security and Related Services Panel

The ICT Security and Related Services Panel (SRS Panel) are a group of industry experts contracted to provide government agencies with ICT services and advice on a range of security and privacy practices. The panel helps government agencies manage privacy and security issues effectively.

Service description

The SRS Panel is part of an ongoing programme of work to ensure government agencies continually lift privacy and security standards as government transitions to providing digital products and services.

This panel largely caters for security requirements relating to information and communications technology (ICT). Agency requirements for other types of security for example, physical, personnel, or intelligence-based, are not included in this panel. 

Services available through the panel include:

InfoSec risk management and assessment
InfoSec security governance and strategy
InfoSec Assurance
source code, application review and technical testing
ICT forensics, investigation and security incident response.

Delivery

The Lead Agency Agreement with The Department of Internal Affairs (DIA) allows eligible agencies to enter into agreements with any of the service providers and purchase the services described in the agreement.

Your agency must only use the service provider for the services they've been contracted for.

If your agency wants to use a service provider for other work, you must conduct a separate purchasing and contracting process.

Benefits

The intention of this panel is to grow market capability and ensure that a consistent and cost-effective service is provided to all government agencies.

Other benefits include:

a new online portal, replacing the traditional paper-based service catalogue
flexibility to complete an assignment spanning multiple service categories using services offered by one service provider
improved supplier-to-lead agency reporting.

Roadmap

The panel is open to ensure the best advice is available from the best providers. This means the Request for Proposal (RFP) process may be repeated to give new service providers the opportunity to join the panel and for existing service providers to apply for additional service categories.

Lead Agency

Te Tari Taiwhenua The Department of Internal Affairs

Status

Operational

Adopting the service

Agencies don’t need to undertake a full procurement process. The lead agency has procured the services on behalf of all agencies and has signed a Lead Agency Agreement with each of the service providers.

Contact the SRS team to adopt a service. They will guide you through the process.

Subscriptions@dia.govt.nz

Contact the SRS Product Manager for all other enquiries.

SRSPanel@dia.govt.nz

How to get a contract

Sign a standard confidentiality agreement so the service providers’ lists of services and costs can be released.
Select a service provider based on business needs. This process along with the service providers’ catalogues is called the Secondary Procurement Process.
Sign a Memorandum of Understanding (MoU) with DIA as Lead Agency. This MoU sets out each party’s rights and obligations.
Sign a Subscription Agreement (SA) with the preferred service provider.
Agree a Statement of Work (SoW) with the service provider.

The finalised contract to deliver the panel services to agencies is made up of:

the Subscription Agreement and
the terms and conditions, as agreed in the Lead Agency Agreement with DIA.

Lead Agency Agreement summary

Open Supplier Panel
ICT Common Capabilities

Lead Agency Agreement details

The initial contract was for 3 years, beginning in October 2017 with the option for three 1-year extensions. This agreement expires on 31 October 2021.

Supplier information

Accenture NZ Limited

Primary supplier

InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing.

Aura Information Security (Kordia Limited)

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.

Axenic Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response.

Canda C&A Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment.

Central Region's Technical Advisory Services Limited

Primary supplier

InfoSec Assurance
Source Code, Application Review and Technical Testing.

Cisco Technologies New Zealand Limited

Primary supplier

ICT Forensics, Investigation and Security Incident Response.

Ancillary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing.

Cogent Limited

Primary supplier

InfoSec Assurance.

Ancillary supplier

InfoSec Governance and Strategy.

Confide Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment.

Context Information Security Limited

Primary supplier

ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.

Ancillary supplier

InfoSec Assurance
InfoSec Risk Management and Assessment.

Cordelta Proprietary Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.

Cyber Toa Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.

Datacom New Zealand Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing.

Deloitte Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.

Ernst & Young Group Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.

Gen2 Consulting Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment.

Grant Thornton New Zealand Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.

Helix Security Services Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment

Ancillary supplier

Source Code, Application Review and Technical Testing

Information Integrity Solutions Proprietary Limited

Primary supplier

InfoSec Risk Management and Assessment

Ancillary supplier

InfoSec Assurance
ICT Forensics, Investigation and Security Incident Response

InPhySec Security Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing

Insomnia Security Group Limited

Primary supplier

Source Code, Application Review and Technical Testing

Intuisec Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy

Ancillary supplier

InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing

Isect Limited

Primary supplier

InfoSec Governance and Strategy
InfoSec Risk Management and Assessment

Ancillary supplier

InfoSec Assurance

KPMG

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing

Lateral Security (IT) Services Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing

Link Consulting Group Limited

Primary supplier

InfoSec Assurance
InfoSec Risk Management and Assessment

Liquid IT Limited

Primary supplier

InfoSec Governance and Strategy

Liverton Security Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment

Middleware New Zealand Limited

Primary supplier

InfoSec Governance and Strategy
InfoSec Risk Management and Assessment

NTT Ltd

Primary supplier

ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing.

NZYM Limited

Primary supplier

InfoSec Governance and Strategy

Optic Digital (formerly Comsmart)

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment

Planit Software Testing Limited

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
Source Code, Application Review and Technical Testing

PricewaterhouseCoopers Consulting (New Zealand) LP

Primary supplier

InfoSec Assurance
InfoSec Governance and Strategy
InfoSec Risk Management and Assessment
ICT Forensics, Investigation and Security Incident Response
Source Code, Application Review and Technical Testing