Certification and compliance to professional standards

Information security

TIMG manages sensitive records for both Government and corporate clients, who by default, demand the highest level of information security and process auditability/transparency of both physical and digital information.

We are members of the following organisations or comply with the professional standards or requirements as listed.

International Legislation

TIMG adheres to applicable information security requirements contained in legislation such as the following;

  • Privacy Act (NZ)
  • Public Records Act (NZ)
  • Notifiable Data Breach Legislation (Australia)
  • General Data Protection Regulation (EU)

NAID®

NAID® (National Association for Information Destruction), a division of the International Secure Information Governance and Management Association™ (i-SIGMA™), is recognised as the leading international body for companies providing secure information destruction services.

TIMG are members of NAID and our Wellington branch is NAID AAA certified for secure destruction of information contained on media such as paper, micro media and physical hard drives.

In New Zealand, TIMG is the only NAID member holding AAA accreditation.

PRISM International

PRISM (Professional Records and Information Services Management) International is recognised as the worlds leading global trade association for information management companies and is a division of the International Secure Information Governance and Management Association™ (i-SIGMA™). They are an essential business resource for member companies, their employees, and the marketplace in the global information management industry through education, advocacy, industry promotion, and networking.

TIMG are members of PRISM International and adhere to the information security principles contained in Privacy +.

NZISM

The New Zealand Information Security Manual (NZISM) is the New Zealand Government’s guide on information assurance and information systems security.

The NZISM is a practitioner’s set of requirements to meet the needs of agency information. Agency Heads utilise the guide to accredit vendors, contractors and consultants who provide services to agencies. The requirements include minimum technical security standards for good system hygiene, as well as providing other technical and security guidance for Government departments and agencies to support good information governance and assurance practices.

TIMG collaborates with our Government clients on a case by case basis to ensure that our solutions meet NZISM compliance.

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a global data security standard adopted by the payment card brands for all entities that process, store or transmit cardholder data and/or sensitive authentication data.  It consists of steps that mirror security best practices.  The PCI DSS is administered and managed by the PCI Security Standards Council – an independent body that was created by the major payment card brands.

TIMG are compliant with the PCI DSS requirements 9 & 12 regarding personnel access and physical security of the media.

Archives New Zealand

Archives New Zealand, Te Rua Mahara o te Kāwanatanga, is the official guardian of New Zealand’s public archives. They gather, store and protect an extremely wide range of material. The Public Records Act 2005 sets the framework for contemporary record keeping across Government and Archives New Zealand works with Government agencies to administer the Act.

TIMG adheres to the guidelines laid down by the Public Records Act.

Toitū carbonreduce® (formerly CEMARS)

TIMG are a Toitū carbonreduce® (formerly CEMARS) certified organisation. Our greenhouse gas emissions are measured in accordance with ISO 14064-1 and we are committed to managing and reducing emissions. The Toitū carbonreduce® certification comprises the first two steps towards the Toitū carbonzero certification.

TIMG is part of the Freightways group of companies and each business within the group will measure emissions to gain an understanding of our impact on the environment in which we do business. Freightways are currently committed to a five year reduction plan, with longer-term targets being developed on an ongoing basis. Freightways believes that our commitment to the Toitū carbonreduce® certification process will encourage staff and contractors across Freightways, together with our business partners and suppliers, to make environmentally positive decisions every day. Toitū carbonreduce® certification allows Freightways to take a very positive step toward reducing our carbon emissions and further minimising our relative impact on the environment.

Private Investigators and Security Guards Act

TIMG maintains strict security, handling, and environmental protocols that comply fully with Section 16 of the Private Investigation and Security Guards Act.

Certificate of Approval

TIMG carries a Company Licence to run a business in the private security industry, as defined in the Private Security Personnel and Private Investigators Act.  As such, all TIMG staff carry a current Certificate of Approval and have been security cleared by the Ministry of Justice and the NZ Police.