Your browser currently has JavaScript turned off, which means that Digital.govt.nz might not display properly on your device. It's easy to turn JavaScript on - find out how to enable JavaScript in your browser.

Required NZ government agreements with access to public cloud services

If government organisations are looking to buy public cloud services that are covered in 1 or more of these all-of-government agreements, use the matching agreements instead of going directly to service providers.

Assess the risks before using required all-of-government agreements

For the information system you’re looking to use with the all-of-government agreement, you’ll still need to do a risk assessment. It’s needed to account for factors that are unique to your:

information system
business context.

Assess the risks of using a public cloud service

Check for certification documents you can use

You can use certification documents to help with your risk assessment of using an all-of-government agreement. To get these, contact the security team at the Department of Internal Affairs at ictassurance@dia.govt.nz.

Required all-of-government agreements

These 3 all-of-government agreements use, in varying amounts, public cloud services.

1 — Information Security Professional Services

When it comes to risk assessments for public cloud services, your organisation must either:

have in-house expertise
consult industry experts from Information Security Professional Services, or
use a mix of both.

Information Security Professional Services

**Table 1:** Work out if you need to use Information Security Professional Services
Level of in-house expertise	Are you required to use Information Security Professional Services?
Full	No.
Partial	Yes — use the professional services for the parts of the risk assessment outside your organisation’s in-house expertise.
None	Yes — use the professional services for the full risk assessment.

2 — Telecommunications as a Service

The all-of-government agreement for Telecommunications as a Service (TaaS) helps government organisations with:

telecommunications and managed security
unified communications
contact centres.

Telecommunications as a Service

3 — RealMe®

Government organisations are required to use RealMe® services rather than developing new systems for authenticating and verifying people’s identities. RealMe® helps government organisations with service delivery — specifically:

security
digital identity
privacy.

RealMe®

Previously required: Infrastructure as a Service

In April 2023, the all-of-government agreement for Infrastructure as a Service (IaaS) stopped being required.

DIA’s information and communications technology (ICT) team has contacted the government organisations affected by this change. If you have questions, contact ictccpartners@dia.govt.nz.

In the meantime, this IaaS agreement continues to help government organisations with 4 core services for:

data centres
utility computing — a range of hypervisors
storage
back-up.

Infrastructure as a Service

A hypervisor is a specialised operating system that allows server hardware to run multiple virtual guest operating systems at the same time.

More information — Cloud Capabilities Network

The Government Chief Digital Officer has set up a network for learning about using public cloud services. The Cloud Capabilities Network includes sharing resources among its many benefits.

Join the Cloud Capabilities Network — help with public cloud services

JavaScript is currently turned off in your browser — this means you cannot submit the feedback form. It's easy to turn on JavaScript — Learn how to turn on JavaScript in your web browser.

If you're unable to turn on JavaScript — email your feedback to govt.nz@dia.govt.nz .

Was this page helpful?

Yes No Partly

Thanks, do you want to tell us more?

Do not enter personal information. All fields are optional.

What did you come here to do?

How can we improve this information?

Last updated 26 July 2023