ICT Security and Related Services Panel (SRS Panel)

The ICT Security and Related Services Panel are a group of industry experts contracted to provide government agencies with ICT services and advice on a range of security and privacy practices. The Panel helps government agencies manage privacy and security issues effectively.

Mandated
The Panel is mandated for all Public Service and non-Public Service departments as well as ACC, EQC, HNZC, NZTA, NZTE, NZQA, TEC and the 20 DHBs. Other agencies can opt-in at anytime.
Status Operational

Agency Contact

Department of Internal Affairs Sandeep Dalvi SRS Product Manager +64 4 4620138 sandeep.dalvi@dia.govt.nz

Service Description

Description

The ICT Security and Related Services Panel are an approved cross-government group of 40 industry experts contracted to provide government agencies with ICT services and advice on a range of security and other related matters.

Delivery

Forty service providers have been contracted to provide eligible government agencies with five categories of ICT security and related services. Service providers can provide services in multiple categories.

The agreement with The Department of Internal Affairs (Lead Agency Agreement) permits eligible agencies to enter into agreements with any of the service providers in order to purchase the services described in the Agreement.

To take advantage of the all-off-government agreement, agencies may only use the service provider for the services for which they have been contracted. If an agency wants to use a service provider for other work, they must conduct a separate purchasing and contracting process for this.

Services available through the panel include:

  • InfoSec Risk Management & Assessment
  • InfoSec Security Governance and Strategy
  • InfoSec Assurance
  • Source Code, Application Review and Technical Testing
  • ICT Forensics, investigation and Security Incident Response

The Panel is part of an ongoing programme of work to ensure government agencies are continually lifting privacy and security standards as government services are transformed into the digital world.

This panel largely caters for security requirements relating to ICT. Agency requirements for other types of security – for example, physical, personnel, or intelligence-based – are not included in this panel. 

Benefits

The intention of this Panel is to grow market capability and ensure a consistent and cost -effective service is provided to all government agencies.

Other benefits include:

  • A new online portal of suppliers, replacing the traditional paper-based service catalogue
  • Flexibility to complete an assignment spanning multiple service categories using services offered by one service provider
  • Improved supplier-to-Lead Agency reporting

Roadmap

In order to continually ensure the best advice is available from the best providers, the panel is open. This means the Request for Proposal (RFP) process may be repeated to give new service providers the opportunity to join the panel and existing service providers can apply for additional categories.

Lead Agency

The Department of Internal Affairs

Adopting the service

Agencies wanting to use the Panel services do not need to undertake a full procurement process. The lead agency has procured the services on behalf of all agencies and has signed a Lead Agency Agreement with each of the service providers. Agencies can select a service provider(s) using an appropriate secondary procurement process.

Agencies can take advantage of the work done by the Lead Agency by contacting DIA and following the process below.

  1. Sign a standard confidentiality agreement so the service providers’ lists of services and costs can be released.
  2. Select a service provider based on business needs. The Department of Internal Affairs has produced a document that takes agencies through this process and is attached below. This process along with the service providers’ catalogues is called the Secondary Procurement Process.
  3. Sign a Memorandum of Understanding (MoU) with Internal Affairs as Lead Agency. This MoU sets out each party’s rights and obligations.
  4. Sign a Subscription Agreement (SA) with the preferred service provider(s).
  5. Agree a Statement of Work (SoW) with the service provider(s).
  6. The SA along with the terms and conditions, as agreed in the Lead Agency Agreement with Internal Affairs, constitutes the contract to deliver the panel services to agencies.

Lead Agency Agreement summary

  • Open Supplier Panel
  • ICT Common Capabilities
  • The initial contract is for three years, beginning in October 20

Supplier Information

Company

InfoSec Risk Management and Assessment

InfoSec Governance and Strategy

InfoSec Assurance

Source Code, Application Review and Technical Testing

ICT Forensics,   Investigation and Security Incident Response

Accenture NZ Limited

Primary

Primary

 

Primary

 

Aura Information Security (Kordia Limited)

Primary

Primary

Primary

Primary

Primary

Axenic Limited

Primary

Primary

Primary

 

Primary

Canda C&A Limited

Primary

Primary

Primary

 

 

Central Region's Technical Advisory Services Limited

 

 

Primary

Primary

 

Cogent Limited

 

Ancillary

Primary

 

 

Comsmart Limited

Primary

Primary

Primary

 

 

Confide Limited

Primary

Primary

Primary

 

 

Context Information Security Limited

Ancillary

 

Ancillary

Primary

Primary

Cordelta Proprietary Limited

Primary

Primary

Primary

Primary

Primary

Cyber Toa Limited

Primary

Primary

Primary

Primary

Primary

Datacom New Zealand Limited

Primary

Primary

Primary

Primary

 

Deloitte Limited

Primary

Primary

Primary

Primary

Primary

Ernst & Young Group Limited

Primary

Primary

Primary

Primary

Primary

Gen2 Consulting Limited

Primary

Primary

Primary

 

 

Grant Thornton New Zealand Limited

Primary

Primary

Primary

Primary

Primary

Helix Security Services Limited

Primary

Primary

Primary

Ancillary

 

Information Integrity Solutions Proprietary Limited

Primary

 

Ancillary

 

Ancillary

InPhySec Security Limited

Primary

Primary

Primary

Primary

Primary

Insomnia Security Group Limited

 

 

 

Primary

 

Intuisec Limited

Ancillary

Primary

Primary

Ancillary

 

Isect Limited

Primary

Primary

Ancillary

 

 

KPMG

Primary

Primary

Primary

Primary

Primary

Lateral Security (IT) Services Limited

Primary

Primary

Primary

Primary

Primary

Link Consulting Group Limited

Primary

 

Primary

 

 

Liquid IT Limited

 

Primary

 

 

 

Liverton Limited

Primary

Primary

Primary

 

 

Middleware New Zealand Limited

Primary

Primary

 

 

 

NZYM Limited

 

Primary

 

 

 

Planit Software Testing Limited

Primary

Primary

Primary

Primary

 

PricewaterhouseCoopers Consulting (New Zealand) LP

Primary

Primary

Primary

Primary

Primary

Prima Solutions 2013 Limited

Primary

 

 

 

 

PS Duo Limited

Primary

Primary

Primary

Ancillary

Ancillary

Quantum Security Services Limited

Primary

Primary

Primary

Primary

 

Resultex Limited

Primary

Primary

Primary

 

 

Safestack Limited

Primary

Primary

Primary

 

 

SSS - IT Security Specialists

Primary

Primary

Primary

 

 

Unify Solutions NZ Limited

 

Primary

 

 

 

Voco Limited

 

Primary

Primary

 

 

ZX Security Limited

Primary

Ancillary

Primary

Primary