New Zealand’s ICT Security Certification Specialists
C&A Processing, Security Consultancy, Azure Cloud Security Specialists
Risk assess and certify your systems, ensure your security and assurance with CANDA.
CANDA are Cyber Security specialists who develop people, process and technology solutions to help organisations manage their C&A (Certification & Accreditation) and cyber security requirements.
We are conscious that the services we provide revolve around establishing relationships and this approach is at the centre of all that we do. We pride ourselves on making the complex simple and ensuring we always exceed our clients expectations.
Get the most out of your ICT professionals and secure your business systems with CANDA today.
Our Services
Certification & Accreditation
CANDA specialises in helping organisations manage C&A requirements and responsibilities under the NZISM standard.
ICT Security Consultancy
The CANDA team has a wealth of industry knowledge & experience which we can bring together, to help resolve your security & risk issues.
Cyber Security
Cyber security planning is essential because you will be the target of a breach at some time in the future. The expert team at CANDA can help.
GenAI, LLMs and Agentic Security
AI is sweeping the world and revolutionising computer and data processing. Are the systems you are developing secure? is critical organisational or privacy data being exposed to external parties? Are your GenAI solutions compliant with all Privacy and Regulatory standards and legislation? Ask us about GenAI security…
Penetration Testing
The team at CANDA provide security testing, secure code development, LLM security, configuration and design review using the OWASP Web Security Testing Guide.
Cloud Security
CANDA’s expert cloud security team help with design, configuration assurance and C&A and governance concerns.
Controls Validation CVP/CVA
Controls Validation (Planning & Audit) are key components of the C&A process. These allow the assessor to validate the controls in place and their effectiveness in remediating risks.
Remediation Management
Good governance over ICT systems demands that security planning and remediation items are all managed effectively. Our team of experienced professionals help manage this.
System Security Plan
A system security plan describes an agency’s implementation and operation of system controls, alongside a planned approach to investment, testing, and more.
Cloud Security and Application Testing
Our specialist cloud security team are experienced in the implementation of cloud services. We can identify issues with Office 365, Azure and AWS, and can provide experienced advice on how to mitigate potential risk in your agency or company adoption and move to the cloud.
CANDA experts can also assist with application security, testing techniques, secure code development, agile deployment, and security planning for uplift programmes.
CANDA
Since 2017, our team has leveraged their Cyber Security & Risk experience and expertise to help agencies, vendors and interested parties improve their cyber security profile.
CANDA’s team can resolve your information security concerns, and help your business to navigate the complexity of the Certification & Accreditation processes.
If you’re interested in learning more about the ICT Certification and Accreditation process with CANDA, contact one of the team today to organise an appointment.



