ABOUT US

  • NZINFOSEC specializes in information security compliance audits and assessments in ISO 27001, SOC 2, ISO 27701, ISO 22301, GDPR and PCI DSS. Our assessors and partners are Certified Lead Auditors, CPAs, PCI QSA and Certified DPOs with a wealth of experience in assessments of 300+ customers worldwide, including New Zealand in different industry sectors like LSEs, SMEs, Payment Gateways, F&B, IT, BFSI and public sector. 

    OUR MISSION IS YOUR SUCCESS
    Our mission is to use our expertise skills to help you achieve your business goals. At NZINFOSEC, we value the relationships that we have with our clients and want to be your long-term compliance partner.

    WHY CHOOSE US
    • Efficient, fast and cost effective
    • Remote and on-site audits
    • Remediation support 
    • Flexible schedule
    • Authentic and globally recognized certifications

    Working virtually is the new normal. We have been able to break the barriers of physical offices. The freedom of working that comes with virtual operations provide immense ease of job and work-life balance for our committed and motivated assessors.

    We operate virtually, but as we are based in New Zealand, we are just a phone call or an email away.

SERVICES

  • ISO CERTIFICATIONS
    Audits, certification and training services.
    ISO 27001 Information Security Management System, ISO 27701 Privacy Information Management System and ISO 22301 Business Continuity Management System.

    PCI DSS CERTIFICATION 
    PAYMENT CARD INDUSTRY DATA SECURITY STANDARD
    Systems security review, ROC preparation , gap analysis, SAQ and ASV scanning, management workshops, PCI penetration testing and PCI compliance for IATA.

    SOC 2 REPORT
    SERVICE ORGANIZATION CONTROL

    SOC 2 Report - based on five trust service principles "Security, Availability, Processing Integrity,  Confidentiality and Privacy" 
    Gap analysis, remediation and assessments. SOC 2 reports (by AICPA verified CPA Partner).

    (EU) GDPR SERVICES
    GENERAL DATA PROTECTION REGULATION 

    GDPR review, Gap analysis, Security health check, Policy review, DPO services, Personally Identifiable Information (PII) identification, Data Protection Impact Assessment (DPIA) guidance.

    SECURITY COMPLIANCE TRAINING
    ISO Lead Auditor & Implementer certifications, Certified DPO training and certification, PCI DSS introduction and advanced training, GDPR introduction and foundation courses, online and on-site security awareness courses.

    Please contact us for latest training calendar.

CERTIFICATION PROCESS

  • ISO CERTIFICATIONS
    ISO audits are done by our IRCA UK Certified Lead Auditors.

    After the final assessment or third party audit and satisfactory submission of the evidence required by the ISO standard, the certificate is issued by an accredited certification body (also called registrar) accredited by a US based accreditation body which is a member of International Accreditation Forum (IAF), Asia Pacific Accreditation Cooperation (APAC) and International Laboratory Accreditation Co Operation (ILAC).

    IAF is an international organization in cooperation with ISO for accreditation. IAF is the world association of Conformity Assessment Accreditation Bodies and other bodies interested in conformity assessment in the fields of management systems, products, services, personnel and other similar programmes of conformity assessment.

    When you receive your certificate, it should display the logos of Accredited Body, for example - UKAS, IAS, ANAB or Others and the IAF logo.

    For more details, please visit ISO website’s certification page.

According to ISO website:

CERTIFICATION is the provision by an independent body of written assurance (a certificate) that the product, service, or system in question meets specific requirements.

ACCREDITATION – the formal recognition by an independent body, generally known as an accreditation body, that a certification body operates according to international standards.


All ISO certifications can be verified from the website of the certification body or registrar.

  • PCI DSS ASSESSMENTS - WE CERTIFY PCIDSS
    PCI DSS audits, reports and certification are done by a QSA. Qualified Security Assessor (QSA) companies are independent security organizations that have been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS. QSA employees are individuals who are employed by a QSA Company and have satisfied and continue to satisfy all QSA Requirements.

    Our QSA details can be verified from PCI Standards Council website www.pcisecuritystandards.org.

    SOC 2
    SOC audits are done by our CPA, and reports are issued and signed by a CPA.
    CPA details can be verified from www.cpaverify.org as recommended on AICPA website - www.aicpa.org/forthepublic/findacpa.html.

    EU GDPR
    GDPR review is done by our Certified Data Protection Officer (DPO).

RESOURCES

NZISM

New Zealand Information Security Manual

CERT NZ

Computer Emergency Response Team
New Zealand

NetSafe

Online Safety for New Zealand 

CONTACT US

Thanks for filling out form !



+64 21 117 8966
sales@nzinfosec.co.nz
Lynfield, Auckland
New Zealand

    We have been able to break the barriers of physical offices. We operate virtually, but as we are based in Auckland, we can reach to our clients whenever required. 

    The freedom of working that comes with virtual operations provide immense ease of job and work-life balance for our committed and motivated consultants and auditors.

    © 2018 NZ INFOSEC LTD.      ALL RIGHTS RESERVED      TERMS OF USE      PRIVACY STATEMENT