ABOUT US

  • NZINFOSEC specializes in information security compliance certification assessments services in ISO 27001, PCI DSS, SOC 2, ISO 27701, ISO 22301 & GDPR.
    Our Certified Lead Auditors, CPAs, PCI QSA and Certified DPOs has a wealth of experience in assessments of 300+ customers worldwide, including New Zealand in different industry sectors like LSEs, SMEs, Payment Gateways, F&B, IT, BFSI and public sector.

    OUR MISSION IS YOUR SUCCESS
    Our mission is to use our expertise skills to help you achieve your business goals. At NZINFOSEC, we value the relationships that we have with our clients and want to be your long-term compliance partner.

    WHY CHOOSE US
    • Efficient, fast and cost effective
    • Remote and on-site audits
    • Remediation support 
    • Flexible schedule
    • Authentic and globally recognized certifications

    Working virtually is the new normal. We have been able to break the barriers of physical offices. The freedom of working that comes with virtual operations provide immense ease of job and work-life balance for our committed and motivated assessors.

    We operate virtually and we based in AucklandNew Zealand.

SERVICES

  • ISO CERTIFICATIONS
    Audits, certification and training services.

    ISO 27001 Information Security Management System
    ISO 27701 Privacy Information Management System
    ISO 22301 Business Continuity Management System.

    PCI DSS CERTIFICATION 
    PAYMENT CARD INDUSTRY DATA SECURITY STANDARD
    Systems security review, ROC preparation , gap analysis, SAQ and ASV scanning, management workshops, PCI penetration testing and PCI compliance for IATA.

    SOC 2 REPORT
    SERVICE ORGANIZATION CONTROL

    SOC 2 Report - based on five trust service principles "Security, Availability, Processing Integrity,  Confidentiality and Privacy" 
    End-to-end services for SOC 2. Gap analysis, remediation and assessments. 

    (EU) GDPR SERVICES
    GENERAL DATA PROTECTION REGULATION 

    GDPR review, Gap analysis, Security health check, Policy review, DPO services, Personally Identifiable Information (PII) identification, Data Protection Impact Assessment (DPIA) guidance.

    SECURITY COMPLIANCE TRAINING
    ISO Lead Auditor & Implementer certifications, Certified DPO training and certification, PCI DSS introduction and advanced training, GDPR introduction and foundation courses, online and on-site security awareness courses.

    Please contact us for latest training calendar.

CERTIFICATION PROCESS

  • ISO CERTIFICATIONS
    ISO audits are conducted by our IRCA UK Certified Lead Auditors.

    After the final assessment or third party audit and satisfactory submission of the evidence required by the ISO standard, the certificate is issued by an accredited certification body (also called registrar) accredited by a US-based accreditation body which is a member of the International Accreditation Forum (IAF), Asia Pacific Accreditation Cooperation (APAC) and International Laboratory Accreditation Co-Operation (ILAC).

    IAF is an international organization in cooperation with ISO for accreditation. IAF is the world association of Conformity Assessment Accreditation Bodies and other bodies interested in conformity assessment in the fields of management systems, products, services, personnel, and other similar programs of conformity assessment.

    When you receive your certificate, it should be verifiable and should display the logo of any Accredited Bodies(ABs), for example - UKAS (UK), JAS (ANZ), IAS (US), ANAB (US), or other ABs and the IAF logo.

    For more details, please visit ISO website’s certification page.

According to ISO website:

CERTIFICATION is the provision by an independent body of written assurance (a certificate) that the product, service, or system in question meets specific requirements.

ACCREDITATION – the formal recognition by an independent body, generally known as an accreditation body, that a certification body operates according to international standards.


All ISO certifications can be verified from the website of the certification body or registrar.

  • PCI DSS ASSESSMENTS - WE CERTIFY PCIDSS
    PCI DSS audits, reports, and certification are done by a QSA. Qualified Security Assessor (QSA) companies are independent security organizations that have been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS. QSA Employees are individuals who are employed by a QSA Company and have satisfied and continue to satisfy all QSA Requirements.

    Our QSA details can be verified from PCI Standards Council website www.pcisecuritystandards.org.

    SOC 2
    A SOC 2 audit can only be performed by an independent AICPA's licensed CPA (Certified Public Accountant) or accountancy organization. 
    SOC 2 audits are performed and reports are issued and signed by our AICPA's licensed CPA.

    EU GDPR
    GDPR reviews are performed done by our Certified Data Protection Officer (DPO).

RESOURCES

NZISM

New Zealand Information Security Manual

CERT NZ

Computer Emergency Response Team
New Zealand

NetSafe

Online Safety for New Zealand 

CONTACT US

Thanks for filling out form !



+64 21 117 8966
sales@nzinfosec.co.nz
Auckland, New Zealand

    We have been able to break the barriers of physical offices. We operate virtually, but as we are based in New Zealand, we are just a phone call or an email away.

    The freedom of working that comes with virtual operations provides immense ease of job and work-life balance for our committed and motivated experts and auditors.

    © 2018 NZ INFOSEC LTD.      ALL RIGHTS RESERVED      TERMS OF USE      PRIVACY STATEMENT