ICT Security Consultants in New Zealand

- serving the ICT industry, Government Agencies and ICT Service and Software organisations in New Zealand.

The CANDA team has a wealth of industry knowledge and experience which we can bring together, to help resolve your security, risk and assurance issues and concerns.

ICT Security Consultants in New Zealand

- serving the ICT industry, Government Agencies and ICT Service and Software organisations in New Zealand.

The CANDA team has a wealth of industry knowledge and experience which we can bring together, to help resolve your security, risk and assurance issues and concerns.

What does CANDA ICT Security Consultancy cover?

CANDA ICT Security experts provide comprehensive security consultancy services, addressing concerns on a range of issues and providing solutions to agency’s looking to gain security assurance over their systems.

The list below provides a flavour for what you can expect from a CANDA engagement.

What and How?

  • CANDA consultants will firstly seek to understand your requirements and your objectives in dealing with security, risk and assurance concerns.
  • At CANDA we are keen to understand the outcome you are seeking from an engagement with us, whether it be to fill an interim gap, or complete a process, engagement for a project or the complete restructure of your security, risk and assurance processes.
  • While we are experts, CANDA consultants are all team players.  Our consultancy can lead a programme of work or form part of the team implementing solutions. Our experience is wide ranging and can be effective in meeting your consulting requirements whatever they may be.

Leadership and Expertise

  • CANDA consultants are experts, the CANDA consultants have all been in the ICT security field for no less than 20+ years each. We have all grown with the advances in ICT security and been involved, lead or participated in many of the leading security programmes both within New Zealand and overseas.
  • Our consultants have specialised areas of experience and expertise in a number of security domains. This enables us to provide leadership in areas that others cannot.

Security Domains

  • Certification & Accreditation – This is our bread and butter, all CANDA consultants have been involved in performing C&A for many years. Our cross-agency expertise provides us with a unique perspective in this area.  We have seen various models operating and can provide a perspective which may be able to help optimise costs and effort, getting the ‘best bang for bucks’.  CANDA has designed a number of processes which can triage the effort required and customise a process which fits with agency outcomes and objectives.
  • Cloud Security – CANDA is currently leading a number of engagements for agencies adopting Cloud Services from AWS, Azure, Office 365, Dynamics 365, and other services. CANDA can address your concerns regarding adoption of Cloud Services.
  • Application Security, DevOps, Agile – CANDA is currently leading two large engagements for agencies implementing transformational change, dealing with a major uplift in applications and business processes. CANDA can address your concerns regarding change, transformation and application security within both agile and waterfall frameworks.
  • Governance, Risk, Compliance – CANDA has a wealth of expertise in these key areas, having lead assurance and risk programmes, in both large and medium sized organisation recently and in many past engagements.
  • Assurance – CANDA has developed processes and software solutions for managing the assurance function within an agency, to ensure the accurate capture of assurance artefacts and an ongoing effective practice is in place. CANDA has lead assurance programmes for large organisation’s in past engagements and are well able to meet your assurance requirements.
  • Security Architecture – CANDA consultants have experience in designing security and risk frameworks, security policy and standards, security requirements and detailed procedures. The key to a good architecture is in ensuring that the elements required to provide good systems security can be effectively implemented, maintained and operated within the organisation frameworks in place. This may require review and updating, or complete revision.  CANDA can help to design, or improve your security architecture and frameworks they operate under.
  • Security Operations – All CANDA consultants have come from a technical and operational security background. We understand the difficulties involved in providing security services and the challenges in ensuring that a good outcome results from the agency investment in this core function. Our expertise in this area comes from a lot of practical experience in delivery of security services.  CANDA can help to design, improve or operate your security services effectively for a good agency outcome.
  • Leadership – All of the CANDA team can provide leadership with respect to their security domain experience, but we have also held security leadership roles in the past and are able to provide insight from this perspective with regards to resourcing, requirements, budgeting, responsibilities, objectives and outcomes. CANDA can help to provide a pragmatic approach to achieving agency objectives with a deeper understanding of the restraints which often come with the Security and Risk territory.

How will you benefit from engaging our ICT Security Consultants?

CANDA ICT Security Consultants offer professional impartiality, vast experience in the industry, and a skillset capable of covering all areas of a security plan or programme while maintaining control of the process.

Our team can provide you with the guidance and information needed to determine your agency’s ICT security risk level, evaluate your security strengths and weaknesses, perform a risk assessment and develop security programme designed to mitigate risk or remediate/strengthen the controls environment.

Our goal is to help you determine an appropriate level of security within your agency or business, assess and mitigate risk by implementing solid procedures and controls, and ensure all staff and systems are performing at their optimal level within the lowest achievable risk profile.

Contact CANDA today


Our experienced team at CANDA are experts in everything ICT Security & Risk related, and can provide a range of services to ensure your agency or business systems remain secure.

As New Zealand’s trusted and impartial experts on guiding agencies through the Certification & Accreditation process, we have extensive experience in resolving your security and risk concerns.

Contact CANDA today to speak to one of our team and learn more about how we can help.