IT Professionals New Zealand | Te Pou Hangarau Ngaio

Introduction to the NZISM

5 March 2020: 1:00 pm - 5:00 pm

This event is not currently active.

Digital Delivery
Live Online

Also available on demand or in-house. Details


The New Zealand Information Security Manual (NZISM) is the New Zealand Government's security compliance handbook. It contains volumes of valuable information security advice for a variety of organisations, however it is particularly relevant to NZ government agencies or organisations that provide services to or contract to NZ government agencies.

This Introduction to the NZISM provides a short introduction to the structure and specific relevant sections of the NZISM itself. The course focuses on the sections of the NZISM that will be relevant to most organisations. This course includes a range of case studies and activities using real life examples so learners can gain information about how controls are applied or achieved in practice.

Target Audience and Prerequisites

The Introduction to the NZISM course is suitable for any technical or non-technical staff (e.g. IT professionals, project managers, managers or third-party service providers) from organizations within the New Zealand government, organizations that supply services to NZ government or anyone seeking to comply with government cybersecurity requirements. Previous information security and IT knowledge is helpful, but not required for this course. It is suggested (but not required) that attendees have:

  • experience with organization-specific IT infrastructure and practices.
  • an interest in developing a solid basic understanding of the structure, content and relevance of the NZISM and associated documentation.

Course Outcomes

This course will explain the fundamentals of the New Zealand Information Security Manual, including why it was written, who it is relevant and useful to and the structure of the document itself. Specifically, this course focuses on the compliance requirements of the NZISM - paying particular attention to the 'MUST' or 'MUST NOT' security controls, and those relevant to information classed from 'UNCLASSIFIED' through to 'RESTRICTED'. This course also explains what all these terms mean, and how to determine which are appropriate for your data.

The course will also dedicate time to the specific content of some of the 489 controls required for this level of compliance but, in particular, will focus on the areas with the most controls (BYOD, Secure Disposal, and Gateway Security). The course will also spend dedicated time on aspects of the NZISM that are most often used (Incident reporting, mobile, email and password security and Cloud Computing).

On course completion, you will be able to:

  • Navigate and use the NZISM to obtain specific controls required for your organisation
  • Evaluate whether each control is required for your organization, and understand what may be required in order to comply with it
  • Provide an overview of what fundamentals are required for your organization to comply with the minimum requirements for the NZISM
  • Understand how the NZISM fits alongside other security documentation (such as the PSR, the NZCERT Critical Controls and the ASD Essential Eight)

Course Content

The course consists of a live webinar with dedicated time for questions and answers taught by a cybersecurity specialist and All of Government Auditor. Attendees will also be provided with slides and reference materials relevant to the delivered content.

Module 1: NZISM Structure

  • What does the NZISM provide?
  • Understanding classifications, rationale and controls
  • System audits
  • NZISM content overview and controls

Module 2: Core NZISM Compliance

  • Working off-site (including BYOD)
  • Media disposal
  • Gateway and Network security
  • Cryptography

Module 3: NZISM FAQs

  • Cloud Computing
  • Email Security
  • Password Security
  • Mobile Device Security
  • Supply Chain


About The Trainer

Dr Elf Eldridge is a consultant for security consultancy Cyber Toa. Previously he taught computer science, engineering, physics and mathematics at Victoria Univerity of Wellington from 2013-2017 after obtaining his PhD through The MacDiarmid Institute for Advanced Materials and Nanotechnology.


Registration Details:

You can register for this event via Credit Card online now by using the link below, or alternatively call 0800 252 255 with your Credit Card details.

ITP Corporate Partners and approved organisations can opt to pay by invoice by calling 0800 252 255 or emailing attendee and business details through to [email protected]. Credit criteria and other conditions apply.

Want to run it at another time or place, or in-house?

Can't attend at the scheduled time, would like it in another city or want to enquire about running it in-house? No problem!

Simply register your interest and we'll look at whether we can bring to you when you want it. If you're interested in an in-house option, register your interest and we'll come back to you.

Attendance Cost

All ITP Financial Members$300.00 + GST / $345.00 incl GST
Staff of Corporate Partners (20% Discount)$344.35 + GST / $396.00 incl GST
Non-Members$430.43 + GST / $495.00 incl GST

View All 117 ITP Partners