Our Services

Certification &
Accreditation

CANDA specialises in helping organisations manage C&A requirements and responsibilities under the NZISM standard.

LEARN MORE

 ICT Security Consultancy

The CANDA team has a wealth of industry knowledge and experience which we can bring together, to help resolve your security and risk issues.

LEARN MORE

Cloud
Security

CANDA’s expert cloud security team help with design, configuration assurance and C&A and governance concerns.

LEARN MORE

Application
Security

The team at CANDA have experience in application security testing, secure code development, agile deployment, numerous DevOps technologies.

LEARN MORE

Risk
Assessment

CANDA works with ICT businesses in NZ, creating successful C&A engagement with an accurate Risk Assessment & Statement of Applicability for your systems.

LEARN MORE

Controls Validation CVP/CVA

Controls Validation (Planning & Audit) are key components of the C&A process. These allow the assessor to validate the controls in place and their effectiveness in remediating risks.

LEARN MORE

Remediation Management

Good governance over ICT systems demands that security planning and remediation items are all managed effectively. Our team of experienced professionals help manage this.

LEARN MORE

System Security
Plan

A system security plan describes an agency’s implementation and operation of system controls, alongside a planned approach to investment, testing, and more.

LEARN MORE