Certification and compliance to professional standards

TIMG manages sensitive records for both Government and corporate clients, who by default, demand the highest level of information security and process auditability/transparency of both physical and digital information.

We are members of the following organisations or comply with the professional standards or requirements as listed.

TIMG adheres to applicable information security requirements contained in legislation such as the following;

• Privacy Act (NZ)
• Public Records Act (NZ)
• Notifiable Data Breach Legislation (Australia)
• General Data Protection Regulation (EU)

International Secure Information Governance and Management Association™ (i-SIGMA™), is recognised as the leading international body for companies providing secure information destruction services. NAID AAA Certification means that your information will be disposed of according to Government regulations that are applicable to your business.

TIMG are i-SIGMA members and our Wellington branch is NAID AAA certified for secure destruction of information contained on media such as paper, micro media, and physical hard drives. At our other nationwide branches, we destroy documents and media with compliance with NAID AAA standards.

In New Zealand, TIMG is the only i-SIGMA member holding NAID AAA accreditation.

The New Zealand Information Security Manual (NZISM) is the New Zealand Government’s guide on information assurance and information systems security.

The NZISM is a practitioner’s set of requirements to meet the needs of agency information. Agency Heads utilise the guide to accredit vendors, contractors and consultants who provide services to agencies. The requirements include minimum technical security standards for good system hygiene, as well as provide other technical and security guidance for Government departments and agencies to support good information governance and assurance practices.

TIMG collaborates with our Government clients on a case by case basis to ensure that our solutions meet NZISM compliance.

The Payment Card Industry Data Security Standard (PCI DSS) is a global data security standard adopted by the payment card brands for all entities that process, store or transmit cardholder data and/or sensitive authentication data.  It consists of steps that mirror security best practices.  The PCI DSS is administered and managed by the PCI Security Standards Council – an independent body that was created by the major payment card brands.

TIMG are compliant with the PCI DSS requirements 9 & 12 regarding personnel access and physical security of the media. NB this is not applicable to BackOnline services in NZ.

Archives New Zealand, Te Rua Mahara o te Kāwanatanga, is the official guardian of New Zealand’s public archives. They gather, store and protect an extremely wide range of material. The Public Records Act 2005 sets the framework for contemporary record keeping across Government and Archives New Zealand works with Government agencies to administer the Act.

TIMG adheres to the guidelines laid down by the Public Records Act.

TIMG are a Toitū carbonreduce® (formerly CEMARS) certified organisation. Our greenhouse gas emissions are measured in accordance with ISO 14064-1 and we are committed to managing and reducing emissions. The Toitū carbonreduce® certification comprises the first two steps towards the Toitū carbonzero certification.

TIMG is part of the Freightways group of companies and each business within the group will measure emissions to gain an understanding of our impact on the environment in which we do business. Freightways are currently committed to a five year reduction plan, with longer-term targets being developed on an ongoing basis. Freightways believes that our commitment to the Toitū carbonreduce® certification process will encourage staff and contractors across Freightways, together with our business partners and suppliers, to make environmentally positive decisions every day. Toitū carbonreduce® certification allows Freightways to take a very positive step toward reducing our carbon emissions and further minimising our relative impact on the environment.

TIMG maintains strict security, handling, and environmental protocols that comply fully with Section 16 of the Private Investigation and Security Guards Act.

TIMG carries a Company Licence to run a business in the private security industry, as defined in the Private Security Personnel and Private Investigators Act.  As such, all TIMG staff carry a current Certificate of Approval and have been security cleared by the Ministry of Justice and the NZ Police.