GEA NZ Standards Reference Document

-
From Vision and Direction to Deployment
Implementing the Directions and Priorities for Government ICT and Better Public Services
Government Enterprise Architecture

for New Zealand (GEA-NZ) - Standards
GEA-NZ Standards Reference
Department of Internal Affairs

April 2013
Version Final
Unclassified
2 of 170
Document information
Project
ID/Name
Government Enterprise Architecture for New Zealand
Author
Architecture Practice, Government Technology Services, Department of Internal

Affairs
Title
GEA-NZ Standards Reference Document
File name
GEA-NZ Standards Reference Document Final.doc
DMS
reference
TBC
Revision history
Version
Date
1.0 Final
April 2013
Author
Description of changes
Final document approved by the Government
Enterprise Architecture Group
Distribution list
Name
Role
Group
Stuart Wakefield
Chair
Government Enterprise Architecture Group
Brian More
Official
Mark Baddeley
Member
Mark Carroll
Member
James Collier
Member
Dan Cooper
Member
Jon Frere
Member
Tina Groark
Member
Paul Henzell
Member
Rosemary McGrath
Member
Reviewer List
Name
Role
Colin Wallis
Authentications Standards Manager, Department of Internal Affairs
Elena Webb
Enterprise Architect, DIA
Mace Edwards
Enterprise Archivist/Archives Advisor
Rowan Smith
Senior Technical Analyst, DIA
Fiona Staples
Manager Information and Collaboration, DIA
Desiree Brown
General Manager Information Services, MSD
Suzanne Jones
Information Manager, Electricity Authority
Patrick Power
Manager Recordkeeping Capability, DIA
Derek Clear
Archives Advisor, DIA
3 of 170
Name
Role
Arnold Reddy
Solution Architect, DIA
Kosta Hahladakis
Ryan Lea
Duncan Hall
Doug Newdick
Mike Jordon
Manager Security & Risk, DIA
Marie Henderson
Technical Specialist, DIA
Scott Rodgers
Applications and Infrastructure, DIA
Sheryl Tunbridge
Manager Client Technologies, DIA
Sheila McLeod
Manager of Infrastructure and Integrated Communications, DIA
Stuart Wakefield
GEAG Member
Brian More
GEAG Member
Mark Baddeley
GEAG Member
Mark Carroll
GEAG Member
James Collier
GEAG Member
Dan Cooper
GEAG Member
Jon Frere
GEAG Member
Tina Groark
GEAG Member
Paul Henzell
GEAG Member
Rosemary McGrath
GEAG Member
4 of 170
Document approval
5 of 170
Table of contents
Introduction ................................................................................................................................................ 7
Document purpose ...................................................................................................................................... 8
Intended audience ....................................................................................................................................... 8
Document evolution and role of Government Enterprise Architecture Group ............................................. 8
Government Enterprise Architecture for New Zealand (GEA-NZ) ........................................................ 9
The need for standards revision and integration into GEA-NZ .......................................................... 11
The need for a simplified ICT standards compliance model .............................................................. 12
New standards compliance model ........................................................................................................ 12
Evidential standards compliance .......................................................................................................... 13
Standards principles ............................................................................................................................... 14
Summary mapping of standards into the GEA-NZ Standard Reference ........................................... 15
GEA-NZ [Region 01] Strategy Region ................................................................................................... 17
GEA-NZ [Region 02] Business Region .................................................................................................. 26
GEA-NZ [Region 03] Information and Communication Technology (ICT) Region ............................ 27
GEA-NZ [Region 03] Information and Communication Technology (ICT) Region Standards
Reference ................................................................................................................................................. 33
6 of 170
Introduction
Standards have long been recognised as useful in commerce, the physical sciences and engineering.
Examples of such standards include coinage, the metric system, and standardised screw threads.
Standards reduce complexity and costs and deliver efficiencies in the design of tangible products
through the re-use of common solutions to address common problems.
The Government Enterprise Architecture for New Zealand (GEA-NZ) provides an ordered classification
of terms to describe the architecture of capabilities for use across All of Government (AoG). Integral to
the on-going development of the GEA-NZ is the identification of standards relevant to the ICT
capabilities to be used across AoG.
Use of the GEA-NZ Standards Reference will help drive ICT efficiencies through re-use of common
solutions to enable implementation of the Directions and Priorities for Government ICT and Better Public
Services: Results for New Zealanders
The document harmonises many diverse standards and policies, including New Zealand legislation. The
GEA-NZ Standards Reference is a coordinator of standards used across New Zealand government and
includes reference to standards and policies developed and owned by a number of government
agencies and international bodies.
The GEA-NZ Standards Reference aims to include all significant standards from across government
mapped against the GEA-NZ structure. Leadership in the selection and maintenance of standards is
carried out by individual lead agencies (for example, Archives NZ provides and manages New Zealand
Government recordkeeping standards, and LINZ provides and manages New Zealand Government
geospatial standards). Established lead agencies will continue their role of managing standards
appropriate for their domain of activity.
This document classifies the GEA-NZ Standards into the GEA-NZ Executive View framework, and it
discusses the applicability, compliance and review status of the standards.
Use of the GEA-NZ standards reference will:
Promote technology, system and data interoperability

Improve the efficacy, utility and cost effectiveness of AoG capabilities
Foster traceability of features to meet requirements
Support the re-use of solutions and services
Describe ways of avoiding risks
Support procedures and practices that improve the overall efficiency of the development
processes
Encompass considerations for building in and maintaining security, privacy and resilience to
malicious attacks
GEA-NZ Standards will be a significant focus for the design of AoG ICT common capabilities, and for all
those solutions that plan to use any of the common capabilities.
This document provides a reference to those standards most applicable to the GEA-NZ components.
Standards are directly mapped to the GEA-NZ components providing the reader with a direct reference
of applicable standards and their compliance and review status. The GEA-NZ component model uses
fours levels of GEA-NZ component. In descending order these are; Regions, Zones, Blocks and
individual Capabilities.
7 of 170
This document provides a mapping of the existing standards from existing standards reference materials
into the GEA-NZ. It also adds standards that are included in other GEA-NZ documents such as
reference architectures. An example of this is the Common Operating Environment Reference
Architecture.
This document also offers new standards for consideration in priority areas. Each of the GEA-NZ
components that contain a new proposed set of standards is marked as requiring review. These new
standards will need to be reviewed and agreed, and a process is being planned to address this. A
definition of this process will be provided as an appendix to this document.
Document purpose
GEA-NZ Standards Reference broadens standards to enable implementation of the Directions and
Priorities for Government ICT and Better Public Services: Results for New Zealanders and aims to
ensure that there is no duplication of standards development in New Zealand Government.
The document is intended to provide agencies and service providers with visibility of applicable and
required standards.
Beyond the direct use of the document to communicate standards to the community the document will
be used by the Government Enterprise Architecture Group (GEAG) to prioritise the standards work,
review proposed changes to standards, and approve standards. Each GEA-NZ component has a
standard work status assigned allowing the GEAG to target specific areas of GEA-NZ for standards
work.
Intended audience
The intended audience of this document is (but not limited to):
Architects of government agencies
Chief Information Officers
Professionals involved into development and delivery of business and ICT solutions
Vendor community
Document evolution and role of Government Enterprise Architecture

Group
The document provides a current state view of standards mapped to GEA-NZ. Individual areas of GEANZ standards mapping and review are at different levels of completeness. Some areas are relatively
complete and others are yet to be developed. For example, it is proposed that work is undertaken to
create a standards map for Cloud computing to support the current impetus on Government Cloud
adoption.
The content of the overall document will be subject to on-going review and improvement. The GEAG will
manage revisions and will indicate priorities for this work.
At the time of publication, the following future enhancements have been identified and are expected to
be incorporated in a future release:
Cloud technical standards baseline
Security technical standards baseline
Mobile technical standards baseline
Evolution of the Information business domain standards.
8 of 170
Government Enterprise Architecture for New Zealand (GEA-NZ)

The Government Enterprise Architecture for New Zealand (GEA-NZ) is a multi-agency single unifying
framework to enable the implementation of the Directions and Priorities for Government ICT. It provides
an ordered classification to describe capabilities for use across All of Government (AoG).
GEA-NZ Regions
GEA-NZ contains three primary regions; Strategy, Business and ICT.
1. Strategy Region contains the strategy and planning viewpoints that are influencing and driving
the "Business Region" and "ICT Region, these are The Directions and Priorities for Government
ICT, Better Public Services: Results for New Zealanders and other applicable references. The
strategy region ensures direct line of sight so that strategies can be translated into business
outcomes. The strategy region will map important government legislation, policy and guidelines.
2. Business Region contains People and Processes, Information and Data, and Investments
zones. The Business Region includes information management and applies information
management principles. It is anticipated that the Business Region will include business domain
specific information standards for areas such as for finance, heath, and education.
3. ICT Region contains End User Devices, Communications, Channels and Touchpoints, Business
Processes and Integration, Business and Operational Functions, and Foundations zones. ICT
Region maps technical standards.
GEA-NZ Regions
1.
2.
3.
9 of 170
Regions in the GEA-NZ are divided into Zones which are further divided into Blocks.
Each GEA-NZ Block may be further divided in to individual GEA-NZ capabilities.
10 of 170
The need for standards revision and integration into GEA-NZ

This document reflects the need and desire to refresh the current New Zealand Government ICT
standards. The current ICT technical standards primarily derive from the NZ e-GIF (New Zealand eGovernment Interoperability Framework) process that was published in 2004 and reflects, what is now
considered to be, an out of date approach. In addition the GEA-NZ extends the scope of standards into
areas beyond the e-GIF.
Previously New Zealand Government ICT standards have been selected and implemented based upon
the technical challenges, primarily identified through the e-GIF process. The e-GIF was technically
focussed with a central theme of converging on a core set of internet technologies and standards. At the
time the e-GIF commenced new on-line technologies and standards were blossoming and emerging and
there was significant risk and cost from the creation of solutions based on divergent and incompatible
technologies and standards.
The e-GIF standards approach was applied in numerous jurisdictions. It is now recognised worldwide
that the primary e-GIF approach to standards is deficient in two aspects:
Firstly, the technical standards domain (core internet interoperability and security standards, and
technologies) has coalesced and matured to a point where in many cases a single standard now
prevails. More importantly, in many cases a single technical standard has also been implemented so
widely as to become an assumed minimum technical capability, rather than an aspired to capability.
Therefore, many of the technical interoperability and security standards that previously were aspiring or
contesting for acceptance are now so broadly adopted and implemented that this standards reference
can record there recommended use without the need for further debate. This document provides a
mapping of the existing e-GIF standards into the GEA-NZ framework. In the majority of cases e-GIF
standards are marked as recommended with a small number of standards being deprecated.
Secondly, the focus of the e-GIF was too narrow and excluded interoperability considerations arising
from political, legal, organisational and semantic influences as described in the European Interoperability
Framework (EIF). The structure of the GEA-NZ allows for these wider considerations.
The GEA-NZ extended scope also identifies new areas of technology, process and data where
standards can be mapped and proposed. This document proposes standards for consideration in a
number of new areas beyond the scope of the e-GIF the most prominent of these is the Cloud. It is
proposed that a subject matter expert working group is rapidly formed, involving agencies that are most
active with the Cloud, to create a cloud standards adoption proposal for the GEAG.
11 of 170
The need for a simplified ICT standards compliance model

The e-GIF provided rigorous standards compliance model that was intended to manage the
development and application of e-GIF standards over time, but for the most part not been used. Its lack
of use reflects the general view that it is too complex and cumbersome to be useful and requires
considerable skilled resources to maintain and deliver which the DIA, and more broadly lead government
agencies, do not have.
This review proposes a new less complex standards compliance model for use with GEA-NZ standards
aimed at working with the GEAG process rather than a separate committee. If accepted the new model
will replace the e-GIF standards compliance model.
Currently the e-GIF standards compliance process has five status levels. These are Future
Consideration, Under Development, Recommended, Adopted and finally Deprecated, reflecting the life
cycle of a standard from its first proposal through to its end of life. It was intended that every standard be
regularly reviewed and its status updated appropriately by authorisation of the e-GIF committee. As
stated previously, although this is a worthy aspiration this has not happened and is not expected to
happen in the future. In addition, the distinction in the e-GIF between optional recommended standards
and mandatory recommended technical standards is confused and is not supported by any
enforcement process or monitoring.
New standards compliance model

It is proposed that the GEA-NZ ICT Region standards will use a self-regulated compliance process, not
requiring evidential compliance, and applied by individual agencies based on a simplified set of ICT
standards compliance statuses (as listed below). Exceptions to self-regulated ICT compliance only occur
where a specific government policy demands evidential compliance - Government policy that demands,
whether specifically or by consequence, evidential ICT standards compliance is specified in the GEA-NZ
Strategy Region of this document. Individual standards that have an evidential standards requirement
are marked as such in GEA-NZ ICT Region definitions.
All of the above points justify a simplification of the e-GIF compliance statuses. The following simplified
GEA-NZ standards compliance model is proposed.
ICT Standards can have one of three compliance levels.
Standard no longer valid. New use not recommended.
D
En
d
Standard or New Zealand Government Standard Profile is approved
R
Recommended Us
er
by the GEAG. Recommended for use.
De
vi
Candidate standard selection approved by the GEAG. Typically an
FC
ce
Future
established international standard that is in common use. Optional
En
s
Consideration
d
Use.
Us
er
All e-GIF standards currently
with a compliance status of Under Development and above have been
De
given a status of Recommended in the GEA-NZ Standards Reference. The GEAG is expected to
vic
approve all new and changed
GEA-NZ ICT Region standards compliance statuses. All GEA-NZ ICT
es
standards are self-regulated unless government policy demands evidential compliance. Details of
evidential compliance are recorded by reference to government policy in the GEA-NZ Strategy Region
standards reference.
Deprecated
GEAG will follow adopted standards maintenance processes such as:
Process for adding new standard to GEA-NZ
Process for updating existing standard
12 of 170
Evidential standards compliance

It is anticipated that, under specific circumstances, a small number of ICT accessibility, interoperability,
security and identity standards will require evidential compliance certification.
Evidential compliance certification is the process by which an organisation can prove compliance to a
standard. In particular, applying evidential compliance certification provides all participants in shared
services, collaborations or federated services with key elements of service quality assurance. For
example, a shared service delivery between government agencies, or between government agencies
and commercial organisations, may require identity compliance certification by all parties involved. In
these circumstances compliance certification is a key aspect of service implementation, and potentially a
part of the on-going service management. Any standard requiring evidential compliance will itself include
a standards compliance process.
Evidential compliance certification is required either by government policy, statute, or international
convention.
Evidential compliance certification requirements will only apply to defined subject areas, circumstances
and capabilities, and will overlay the general ICT standards policy of self-regulation.
Evidential compliance requirements may be defined directly by a policy. Alternatively, evidential
compliance requirements may be identified through defining a design (usually and AoG service) for
delivering the service level confidence demanded by a policy.
Evidential standards compliance may be part of AoG ICT capabilities. A potential significant benefit of
using AoG ICT capabilities is that they provide services that include standards compliance certification
removing the need for individual agencies to undertake separate and potentially duplicate standards
certification work. Similarly, participation or use of AoG shared services may also require standards
compliance certification by all parties to allow the service to achieve required service and quality levels.
Evidential standards compliance requirements are recorded against the government policy they are used
for. Evidential standards compliance is specified in the GEA-NZ Strategy Region of this document.
Individual ICT standards that require evidential compliance as part of a policy requirement will be
identified in the GEA-NZ Strategy Region and marked as requiring evidential compliance requirements in
GEA-NZ ICT Region definitions.
It is expected that only a small set of New Zealand Government ICT standards will require this approach.
Currently only two policy requirements are identified in Strategy Region of this document.
13 of 170
Standards principles
Principles provide a foundation for the selection and implementation of standards supporting open data,
ICT, digital strategies and services.
The following principles are offered for future use in the selection and implementation of GEA-NZ
standards.
Principle 1. User-centric
Place the needs of users at the heart of standards choices. Standards are based on user
needs and expressed in terms of capabilities. Standards selection does not impose undue
cost on citizens, businesses and agencies.
Principle 2. Open and Transparent
Adopted standards should be openly published, transparently developed, freely available,
have an acceptable level of adoption, and be actively maintained.
Principle 3. Flexible
Make standards choices that support flexibility and change. Standards can enable services
to be implemented by a broad range of suppliers. Standards will form a key part of solution
requirements addressing software interoperability, data and document accessibility and
interchange, and information security. Selecting standards for software interoperability, data
and document accessibility and interchange and information security ensures that better and
more flexible choices are made for service delivery through IT specifications.
Principle 4. Vendor independent
Select standards that enable suppliers to compete on a level playing field. Use of standards
means there is no unintentional lock in. Standards potentially allow for large work
programmes and contracts to be broken down into smaller components.
Principle 5. Pragmatic
Adopt standards that support sustainable cost. Increased standardisation enables sharing
and reuse of IT solutions and components across government. Value for money is achieved
through avoidance of lock-in and increased reuse.
Principle 6. Well informed
Selection of standards is a result of well informed decision making. In particular standards
selection must avoid cost that may arise if selected standards are not compatible with major
existing government systems, where a standard implementation is not interoperable across
different implementations in government, or where a standard is not supported by the
market in the short or long term.
Principle 7. Standards compliance
Standards compliance is consistently applied. Agencies are obliged to responsibly self
regulate standards compliance. Evidential standards compliance is applied where policy
demands.
14 of 170
Summary mapping of standards into the GEA-NZ Standard Reference

The following diagram provides a high level view of the major standards groups present in the GEA-NZ
standards reference shown within GEA-NZ regions.
Strategy Region[01] Contains universally applicable strategic standards, policies and

legislation that pertains to all services and systems irrespective of their business subject, ICT
solution or technology. Contains standards that require evidential compliance by policy or
legislation.
Business Region[02] Contains standards and reference models pertaining to specific business
subject areas, services and process scenarios. Compliance for all ICT standards contained in
this region is self-regulated.
ICT Region[03] Contains technical standards that address efficient ICT implementation and
efficient application of strategic standards, policies and legislation derived from the strategy
region. Compliance for all ICT standards contained in this region is self-regulated.
GEA-NZ
GEA: [01] Strategy Region
Information
Governance
Policy and
Standards
Identity
Policy and
Standards
On-line Service
and Accessibility
Polic y and
Standards
Information
Security
Policy and
Standards
Information
Privacy
Polic y and
Standards
Bus ines s Branc h s pec ific produc t Polic y and Standards
GEA: [02] Business Region
GEA: [03] ICT Region
Information
Standards
ICT Interoperability
And Accessibility
Standards
ICT Security
Implementation
Standards
Service and
Proc es s
Standards
ICT Identity
Implementation
Standards
ICT Technology
Standards
Cloud Implementation Standards
15 of 170
Contacts
Brian More,
Chief Architect,
Government Technology Services,
The Department of Internal Affairs.
email: brian.more@dia.govt.nz
16 of 170
GEA-NZ [Region 01] Strategy Region

The GEA-NZ Strategy Region holds strategic direction information. Standards placed in this area of the
GEA-NZ include New Zealand statutes, New Zealand Government policy and New Zealand Government
operating standards.
Identity Policy and Standards

New Zealand Identity Assurance Framework for Government
Outlines a structured approach to the coordination of identity assurance activity across
government. The framework is intended to provide greater assurance to the Government and
the public that identity information is being managed appropriately and effectively within
government, while maintaining privacy
New Zealand Government Evidence of Identity Standard
Sets out the process requirements for establishing and confirming the identity of individuals
seeking government services.
Electronic Identity Verification Bill (2012)
The purpose of this Act is to facilitate secure interactions (particularly online interactions)
between individuals on the one hand and participating agencies on the other.
Identity Information Confirmation Bill 2010 (2011 No 187-2)
The aim of this Bill is to allow, with conditions, the use of an electronic service that allows public
and private sector agencies to confirm identity information provided to them by individuals with
information held by the Department of Internal Affairs under the Births, Deaths, Marriages and
Relationships Registration Act 1995, the Citizenship Act 1977, and the Passports Act 1992.
Guiding Principles for the use of Biometric Technologies for Government Agencies
Guiding Principles for the Use of Biometric Technologies by agencies to inform decision making
when considering biometric technologies for identity-related business processes.
Policy based evidential standards compliance requirements
iGovt implementation compliance
17 of 170
Information Governance Policy and Standards

Public Records Act 2005
The Public Records Act 2005 sets the framework for creating and managing information in
government. Its purpose is to promote government accountability through reliable
recordkeeping, enhance public confidence in the integrity of government records and protect
New Zealands documentary heritage. The Public Records Act 2005 sets a framework for
recordkeeping in public offices and local authorities.
Official Information Act 1982
An Act to make official information more freely available, to provide for proper access by each
person to official information relating to that person, to protect official information to the extent
consistent with the public interest and the preservation of personal privacy, to establish
procedures for the achievement of those purposes, and to repeal the Official Secrets Act 1951.
New Zealand Data and Information Management Principles (2011)
Principles for managing data and information held by the New Zealand Government.
Declaration on Open and Transparent Government (2011)
Declaration by the New Zealand Government to release public data[1] to enable the private and
community sectors to use it to grow the economy, strengthen our social and cultural fabric and
sustain our environment. [1] Public data refers to non-personal and unclassified data.
Archives New Zealand Recordkeeping Standards
The Public Records Act 2005 sets a framework for recordkeeping in public offices and local
authorities. Archives New Zealand provides standards that ensure record keeping and archives
of records meet the requirements of the Public records Act. The following standards ensure that
full and accurate records of New Zealand public offices and local authorities business activities
are created and managed effectively and continue to be accessible and useable over time.
The following record keeping standards are mandatory for Public Offices and Local
Authorities.
Storage Standard
Minimum requirements for storage of physical records and archives under the Public
Records Act.
Create and Maintain Recordkeeping Standard
Minimum requirements for the creation and maintenance of records under the Public
Records Act.
Electronic Recordkeeping Metadata Standard
Principles and minimum requirements for creating and managing recordkeeping
metadata in electronic environments, in accordance with the Public Records Act. This
18 of 170
standard is further supported by a technical metadata standard.

Disposal Standard
Minimum requirements determining how public offices and local authorities dispose of
records. It supports the requirements covering disposal of records set out in the Public
Records Act 2005, and applies to all records whether paper or digital.
The following record keeping standards are discretionary under the Public Records Act.
Access Standard
Legislative requirements and guidance on best practices for the provision of access to
public archives and local authority archives.
Digital Recordkeeping Standard
AS/NZS ISO 13028: 2012, Information and documentation - Implementation guidelines
for digitization of records, as a standard under s27 of the Public Records Act 2005
Digitisation Standard
Requirements for digitisation processes for public offices and local authorities to support
the requirements of the Electronic Transactions Act 2002 and Public Records Act.
Decommissioning Websites
Public sector websites may include content and metadata which must be managed in
accordance with section 17 of the Public Records Act 2005. This factsheet outlines
some key factors to consider when decommissioning websites.
Statistics New Zealand Information Standards
Standards that ensure Statistics New Zealand can deliver accurate statistical reports and both
government and non-government organisations can consistently report to Statistics New
Zealand their periodic domain specific data reports.
Statistics Act 1975
The Statistics Act 1975 establishes the authority and obligations of Statistics New
Zealand to operate and deliver statistics and collect data, and the obligations of those
involved in reporting information for statistics production.
Statistics New Zealand Data Classifications and Related Statistical Standards
Data classifications and statistical standards applied by Statistics New Zealand and
required of reporting parties.
Statistics New Zealand Principles and Protocols for Producers of Tier 1 Statistics
Principles and protocols for information collection for statistics and for statistics
production and dissemination.
19 of 170
On-line Service and Accessibility Policy and Standards

Better Public Services Programme 2012: Improving interaction with government
Result 9: New Zealand businesses have a one-stop online shop for all government
advice and support they need to run and grow their business
Services will be structured around the needs of businesses rather than what works for
government agencies.
Government will work on three key areas to improve business services:
Create services that are designed for business.

Deliver faster online services.
Achieve better integration in how services are delivered across government.
The Result 9 action plan outlines how we will significantly improve the way government
interacts with New Zealand businesses: developing faster online services; achieving
better integration of government services; and creating services that are designed for
business. It includes the following actions:
Create a shared front door for government services

Increase digital delivery of services
Collect information and share it (between agencies as appropriate) so
businesses only have to tell government once
Identify and put in place common core service standards and common
performance measures
Consolidate government functions
Set up new, highly targeted and integrated services
Make it easier to understand what you need to do to comply with regulations
Make government processes for contracting with businesses simpler and
clearer
20 of 170
Result 10: New Zealanders can complete their transactions with government easily in
a digital environment
Develop a roadmap to re-use service capability across government, for example:
A consistent approach to the most commonly used transactions, such as how

citizens make payments to government agencies.
A consistent approach so people do not have to enter in information multiple
times.
Develop and foster initiatives that deliver citizen-centric digital services:
Presenting information organised around peoples needs, not the structure of

government.
Identifying good practice service design and delivery in agencies to be reused
across government.
A review and redevelopment of governments central websites.
Create citizen-centric services through innovation and partnerships, including:
Building on the innovations and different service delivery models that have
emerged from the Canterbury earthquake.
Engaging other government agencies, NGOs and the private sector to find ways
of improving what we do.
Develop business cases for improving the utilisation of governments service delivery
infrastructure.
Develop insights based on research on what people need:
Researching the best way of designing services to meet peoples needs so they
will use digital services.
Policy based evidential standards compliance requirements
New Zealand Government Web Standard
Open Web Application Security Project (OWASP)
21 of 170
Information Security Policy and Standards

New Zealand Information Security Manual (NZISM)
National baseline technical security policy providing minimum mandatory technical security
standards for government departments and agencies.
Security in Government Sector (SIGS)
Minimum obligatory security related standards for New Zealand Government departments and
agencies. Provide guidance on security classification of documents and guidance on applying a
risk based approach to information.
NZS6656 Code of Practice for Implementation and Operation of Trustworthy Computer
Systems
This Standard specifies security requirements for use where a contract between two parties
requires the demonstration of a supplier`s capability to implement and/or operate a computer
system, such as in an outsourcing arrangement, which enforces information confidentiality,
integrity, and availability.
NZMP6653 Directory of national and international security standards.
A directory of national and international security standards.
AS/NZS ISO/IEC 27001:2006 Information Security Management Systems (ISMS)
Specifies the requirements for establishing, implementing, operating, monitoring, reviewing,
maintaining and improving a documented ISMS within the context of the organizations overall
business risks. Identical to and reproduced from ISO/IEC 27001:2005
AS/NZS ISO/IEC 27002:2006 - Code of Practice for Information Security Management
Establishes guidelines and general principles for initiating, implementing, maintaining and
improving information security management in an organisation. The objectives outlined provide
general guidance on the commonly accepted goals of information security management
AS/NZS ISO/IEC 38500:2010 - Corporate Governance of Information Technology
Provides a framework for effective governance, to assist those at the highest level of
organisations to understand and fulfil their legal, regulatory and ethical obligations in respect of
their organisations use of IT.
AS/NZS17799 Information Security Management Requirements and Controls
Factors that should be considered and included to protect information and information systems
HB231 Process for information security risk management
Provides a generic guide for the establishment and implementation of a risk management
process for information security risks.
Electronic Transactions Act (2002)
Sets out rules to facilitate the use of email and other electronic technology, both in business and
in interaction between government and the public.
22 of 170
Protective Security Manual (PSM)

Published by NZSIS, is a consolidation of SIGS, Protective Security Supplements and a
Catalogue of Approved Security Equipment for the information of government departments and
agencies.
New Zealand Security Codes of Practice
New Zealand Cloud Code of Practice (confirming Security compliance)
ISO/IEC 27005_2011(E) Information Security Risk Management

Provides guidelines for Information Security risk management, supporting the general concepts
specified in ISO/IEC 27001. Knowledge of the concepts, models, processes, models and
terminologies described therein is important for a complete understanding of ISO/IEC 27005.
AS/NZS ISO 31000:2009 Risk Management
Risk Management Principles and Guidelines Provides organisations with guiding principles, a
generic framework and a process for managing risk.
23 of 170
Information Privacy Policy and Standards

Privacy Act 1993
An Act to promote and protect individual privacy in general accordance with the
Recommendation of the Council of the Organisation for Economic Co-operation and
Development Concerning Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, and, in particular,
(a) to establish certain principles with respect toInformation Privacy

(i) the collection, use, and disclosure, by public and private sector agencies,
of information relating to individuals; and
(ii) access by each individual to information relating to that individual and
held by public and private sector agencies; and
(b) to provide for the appointment of a Privacy Commissioner to investigate
complaints about interferences with individual privacy; and
(c) to provide for matters incidental thereto
Information Privacy Principles (Privacy Act 1993)
The Privacy Act has twelve information privacy principles. For the full text of each, click
on its number. As a brief guide, though:
Principle 1, Principle 2, Principle 3 and Principle 4 govern the collection of personal
information. This includes the reasons why personal information may be collected,
where it may be collected from, and how it is collected.
Principle 5 governs the way personal information is stored. It is designed to protect
personal information from unauthorised use or disclosure.
Principle 6 gives individuals the right to access information about themselves.
Principle 7 gives individuals the right to correct information about themselves.
Principle 8 and Principle 9, Principle 10 and Principle 11 place restrictions on how
people and organisations can use or disclose personal information. These include
ensuring information is accurate and up-to-date, and that it isnt improperly disclosed.
Principle 12 governs how unique identifiers such as IRD numbers, bank client
numbers, drivers licence and passport numbers can be used.
New Zealand Privacy Codes of Practice (Privacy Act 1993)
o
Credit Reporting Privacy Code
Health Information Privacy Code
Justice Sector Unique Identifier Code
Superannuation Schemes Unique Identifier Code
Telecommunications Information Privacy Code
New Zealand Cloud Code of Practice (confirming Privacy compliance)
24 of 170
New Zealand Privacy Guidelines

Portable Storage Privacy Guide
Guidance notes directed towards raising an awareness of the privacy risks associated
with the use of Portable Storage Devices in business and government.
Closed Circuit Television (CCTV) Privacy Guide
Guidelines to assist organisations of all sizes to manage CCTV systems in line with their
legal obligations and good personal information handling practice.
Effective Website Privacy Notices Guide
Guide containing 10 steps to develop a multilayered privacy notice as a source of
detailed information
Privacy Impact Assessment Handbook
Privacy Impact Assessment (PIA) handbook provides a systematic process for
evaluating a proposal in terms of its impact upon privacy.
25 of 170
GEA-NZ [Region 02] Business Region
Government Enterprise Architecture New Zealand

GEA-NZ Zone
GEA: 2.1 People / Process Zone
Description
Key Features
Applicable
Standard
OASIS Transformational Government Framework
Comment
Incomplete.

GEA-NZ Zone
GEA: 2.2 Information / Data Zone
Description
Key Features
Comment
Standards reference not started
Applicable
Standard
Archives New Zealand Record Keeping Standards

XBRL (eXtensible Business Reporting Language)
OASIS xCIQ (Customer Information Quality)
OGC Geospatial Standards
ISO Geospatial Standards (TC 211 and ISO 19100 Series)
HL7 Health Level Seven International Interoperability Standard
ESA - Emergency Services and Government Administration Core Data
Specification
Standards Body
Comment
Incomplete.

GEA-NZ Zone
GEA: 2.3 Investment Zone
Description
Key Features
Comment
Standards reference not started
Comment for EW/

CW Review
No information
26 of 170
GEA-NZ [Region 03] Information and Communication Technology

(ICT) Region
The following table describes the main GEA-NZ Zones in the ICT Region [03].
Architecture Zones
Description
End User Devices
This stream includes devices used by State sector employees and

clients to access common services, as well as peripheral devices. The
capability includes the hardware and the applications used for end user
computing.
Communications
Communications including Internet and private government networks,

voice, video and multi-channel communications technologies.
Channels and Touchpoints
The service consumer touches the service delivery capability here from
their client device via the communications carrier. Information and
service access capability is provided in this stream.
Business Processes and
This stream provides the capability to orchestrate and manage
Integration
services offered in the Business and Operational Functions layer, and

utilises utility services such as authentication also located in this
stream. Integration services including Enterprise Applications
Integration and Enterprise Service Bus technologies, workflow, and
Data Integration are also included.
Business and Operational
The core business services are provided in this stream, which contains
Functions
mission critical business data and information, and the systems which
perform business operations on this data.
Foundation
Foundation capabilities that underpin, traverse or enable/support other

capabilities. For example, software in other capability streams may be
executing on common Infrastructure capabilities, protected by
common Security capabilities and managed by common
Business/ICT Management.
27 of 170
Compliance status of individual selected standards

The compliance status of each individual standard describes the applicability and use of each standard.
The GEA-NZ standards reference uses the following colour coded status.
Icon
D
En
d
Us
R
er
De
vi
FC
ce
En
s
d
Us
er
De
vic
es
Individual
Standard
Compliance
Status
Description
Deprecated
Standard no longer valid. New use not recommended.
Recommended
Standard or New Zealand Government Standard Profile is

approved by the GEAG. Recommended for use.
Future
Candidate standard selection approved by the GEAG.
Consideration
Typically an established international standard that is in

common use. Optional Use
28 of 170
Status of GEA-NZ ICT Component Guidelines

Some GEA-NZ Standards Reference component descriptions contain guideline information. Guidelines
provide information on topics where experience and knowledge are available and where a standard is
not applicable or available.
Guidelines may provide advice on commonly used solutions where available and acceptable.
Guidelines are not a standard and carry no compliance status.
An example is the choice of database software or office productivity software. NZ Government does not
have a standard for these items and does not endorse particular products. However, GEA-NZ guidelines
may be based on, for example existing GISMO support, a significant established agency user base with
positive usage experience, and an existing Government skills and knowledge base.
A status is provided for each guideline. Guidelines do not have any compliance implications therefore
the status purely reflects their review and acceptance status.
GEA-NZ
Component
Guideline Status
Description
AP
Approved
Guidelines reviewed and approved.
FC
End
Use
r
Dev
ices
Future
Candidate guideline has not yet been reviewed. Candidate
Consideration
guidelines should not be construed as having any approval.
Icon
Candidate guidelines will typically be established solutions

or products that are already in common use in NZ
Government ICT.
29 of 170
Status of the standards selection for each GEA-NZ ICT Component

This label shows the status of standards review for the whole GEA-NZ component and is intended to
provide the reader with a quick summary view of the standards status for the whole GEA-NZ component.
The status of standards selection and applicability for a GEA-NZ component may differ from the
compliance status of the individual standards referenced by a GEA-NZ component.
For example, a component may include a number of established international standards, some of which
have an individual standard status of Recommended, and some standards which have a status of
Future Consideration.
The standards selection status for the whole component reflects the approach to be applied to the
component as a unit of standards implementation work rather than a strict all recommended or all
future consideration decision.
Icon
AP
GEA-NZ
Component
Standards
Status
Description
Approved
Standards selection and status for this component is

approved.
UR
Under Review
Standards selection for this component is subject to active

review. GEAG to review and ratify proposed changes.
Standards nomination may therefore be subject to change.
FC
End
Use
r
Dev
ices
Future
Standards selection for this component includes candidate
Consideration
standards that have not yet been approved. Candidate
LP
End
Use
r
Dev
ices
Low Priority
standards are typically established international standards

that are already in common use.
Low priority subject for standards definition.
30 of 170
Providing technical standards baseline specifications

A small number of exceptional GEA-NZ components map to a large set of technical standards.
It is proposed that the GEA-NZ standards reference incorporates a small number of individual technical
baseline specifications to provide a more useful definition of the applicable individual standards and
there recommended use.
These components are:
Mobile Device Block (3.1.03)
Internet Block (3.2.05)
On-line Presence Block (3.3.01)
Data Integration Block (3.4.03)
Identity Information Management, Authentication and Access Management Block (3.4.04 and
3.4.05 combined)
Security Block (3.6.02)
The technical standards nominated in these components are, in the majority of cases, well established
technical foundations that are in common use and are commonly accepted.
In the majority of cases the individual technical standards have been given Recommended status.
However, because of the broad scope of applicability of these GEA-NZ components and the technical
standards referenced by them the use of the individual standards contained is subject to applicability (in
the most cases only a sub-set of referenced standards will be used).
Specific circumstances may warrant the selection and use of additional technical standards. Where this
occurs agencies may add further technical standards to these components as long as they originate
from one of the nominated standards bodies already recorded in the GEA-NZ component.
The following guidance is provided for the selection and use of additional technical standards.
An additional standard must not replace or conflict with an existing recommended GEA-NZ
standard.
The standard must be used in accordance with published specifications.
The adopted standard should be openly published, freely available, have an acceptable level of
adoption, and be actively maintained.
The standards use must be declared and described in the implementation specification.
The GEA-NZ Standards Reference contact must be informed of the nomination and use of a
new technical standard.
The GEA-NZ cloud XaaS Block (3.6.01) will also warrant the production of a technical standards
specification baseline. The current interest and take up of cloud services by government agencies and
the DIA lead cloud programme justify immediate action. This is new area of standards, with limited
vendor implementation and standards take-up.
31 of 170
Standards definition template

Each GEA-NZ model component (Block or Capability) is described using the following format.

GEA-NZ Capability
GEA-NZ Capability name and number
Description
GEA-NZ component description.
Key Features
GEA-NZ component features, if any.
AoG Common
Capability and
availability
List of all AoG Common Capability services and solutions

within this block
Capability
availability date
Applicable
Standard(s)
Standard Name
Individual Standard
Compliance Status
(Colour coded)
Ditto
Ditto
Standards Body(s)
Standards Body Name (s)
GEA-NZ Standard
Owning Capability
Cross reference to owning GEA-NZ component
GEA-NZ Guidance
GEA-NZ Guidelines provide information where a standard

is not applicable or available. Guidance may provide
common and acceptable solutions if available and
acceptable. Guidance is not a standard and carries not
compliance status.
Individual Guidance
Status (Colour
coded)
Ditto
Ditto
Comments
Explanatory note where required.
GEA-NZ
Component
Standards
Selection Status
Overall component standards selection and approval status. (Colour coded)
32 of 170
GEA-NZ [Region 03] Information and Communication Technology

(ICT) Region Standards Reference
GEA-NZ Zone
GEA: 3.1. End User Devices Zone
Description
The End User Devices Zone technology includes devices used by State Sector
employees and clients to access common services, as well as peripheral
devices.
This Zone includes all the devices and things that people interact with and use
directly. Often this is considered part of the overall infrastructure but in GEA-NZ
this area has been given a specific voice.
Key Features
33 of 170

GEA-NZ Capability
GEA: 3.1.01 Personal Computing Block
Description
The Personal Computing ICT Capability Block includes Desktop, Laptop,

Personal Computers (PCs), and associated desktop devices such as monitors
and keyboards as well as their operating systems.
Key Features
AoG Capability and
availability
Applicable Standard
AoG 1.1.01 AoG Desktop Procurement
Available Now
AoG 1.1.02 Common Operating Environment
Stopped
NZ AoG COE (Common Operating Environment )

Reference Architecture
IPv6 operating system capability
AES +128 for Disk Encryption
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
64 bit version of Microsoft Windows Operating System
Comments
GEA-NZ Component
Standards Selection
Status
FC
End
NIST SP 800-111
FC
Use
rEnd
COE Reference Architecture is an approved part of the GEA-NZ and is the
Use
Dev
carrier for the standards raised.
r
ices
Dev
ices
AP
34 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.01 Thin Device
Description
A Thin Device boots from a kernel that loads minimal services and allows
connection to a Presentation Virtualisation server. Processing is performed at
the server.
Thin devices will be utilised where the need for a Fat Device is not justified. Thin
devices will provide advantages in clinical areas where staff need to share
devices, for example. Implemented correctly, the use of thin devices and
enabling technologies such as swipe card authentication should remove the
requirement for generic user accounts. Users can gain instant access to systems
using Presentation Virtualisation technologies and server based sessions.
Applicable
Standard

Ipv6 operating system capability
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status
FC
End
NIST SP 800-111
FC
Use
End
COE Reference Architecture is an approved part of the GEA-NZr and is the
Use
Dev
rices
Dev
ices
AP
35 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.02 Zero Client
Description
A Zero Client is a device that has the OS and a Virtual Desktop Client running in
firmware. They are typically lower cost than thin clients, but are less flexible.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.1.01.02 Zero Client
GEA-NZ Guidance
Comment
GEA-NZ
Component
Standards
Selection Status
It is anticipated that any standards proposed for Zero Client will be derived from
the Cloud programme.
LP
End
Use
r
Dev
ices
36 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.03 Fat Device Desktop
Description
A Fat Device boots from a local hard drive has a full operating system installed
and performs the majority of processing locally. Desktops are fat devices that
are not portable.
Access to Fat Devices will be required by users of systems that require local
client software, local processing or do not support Presentation Virtualisation
technology.
Applicable
Standard

IPv6 operating system capability
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status
FC
End
NIST SP 800-111
FC
Use
End
r
Includes all Fat/Thick/Heavy PCs. COE Reference Architecture is an approved
Use
part of the GEA-NZ and is the carrier for the standards raised. Dev
rices
Dev
ices
AP
37 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.04 Fat Device Laptop
Description
A Fat Device boots from a local hard drive has a full operating system installed
and performs the majority of processing locally. Laptops are Fat Devices that are
portable.
Access to Fat Devices will be required by users of systems that require local
client software, local processing or do not support Presentation Virtualisation
technology.
Applicable
Standard

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status
FC
End
NIST SP 800-111
FC
Use
rEnd
COE Reference Architecture is an approved part of the GEA-NZ and is the
Use
Dev
r
ices
Dev
ices
AP
38 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.05 Repurposed PC
Description
A Repurposed PC is an older specification fat device (desktop or laptop) that is

no longer suitable for running a full (up to date) operating system. A specialised,
lightweight thin client operating system can be installed onto the device to allow
it to be re-purposed to function as a virtual desktop device (Thin Device). It is
very likely that these devices will be out of warranty, and can be treated as
disposable.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.1.01.05 Repurposed PC
GEA-NZ Guidance
Comment
GEA-NZ
Component
Standards
Selection Status
LP
End
Use
r
Dev
ices
39 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.06 Virtual Desktop
Description
A virtual desktop is a virtual machine that runs a desktop operating system and
is capable of functioning as a desktop in terms of running desktop applications.
Virtual desktops are typically run in the datacentre and accessed by virtual
desktop clients (though there are solutions where virtual desktops run on local
devices). This means that all of the processing traditionally carried out by a
desktop device (or laptop) is performed by datacentre hardware emulating
desktop hardware. This can deliver efficiencies in terms of centralised
management of these desktops and their applications and data, as well as
allowing thin, lower powered, or non-traditional devices to access rich desktop
functionality
The virtual desktop is not a device as such, but in a virtual desktop architecture it
will function as one in a number of different ways: bearing an operating system,
containing applications and data, being managed etc.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.1.01.06 Virtual Desktop
GEA-NZ Guidance
Comment
GEA-NZ Component
Standards Selection
Status
It is anticipated that any standards proposed for Virtual Desktop will be derived
from the Cloud Programme.
LP
End
Use
r
Dev
ices
40 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.07 Thin Device OS
Description
Thin Device OS is the Operating System that is installed onto the device. Many
thin devices have thin or zero OS options and just boot from firmware that can
be refreshed from a central repository when required. There are major
advantages with these options, as the maintenance around Operating System
patching is dramatically reduced.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.1.01.07 Thin Device OS
GEA-NZ Guidance
Windows Embedded Standard 2009 or Windows

Embedded Standard 7
Comment
Candidate guideline offered for consideration.
GEA-NZ
Component
Standards
Selection Status
FC
En
d
Us
er
De
vic
es
41 of 170
FC
En
d
Us
er
De
vic
es

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.08 Fat Device OS
Description
Fat Device OS is the Operating System that is installed onto desktop or laptop
devices. Of all the devices, this Operating System should provide the richest
functionality, but on the flip side, is likely to be the one that requires the most ongoing maintenance.
Key Features
Applicable
Standard

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status
FC
End
NIST SP 800-111
FC
Use
End
COE Reference Architecture is an approved part of the GEA-NZr and is the
Use
Dev
r
ices
Dev
ices
AP
42 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.09 Virtual Desktop OS
Description
The Virtual Desktop OS is the Operating System that is installed onto the virtual
desktop. It may be the same OS as is installed on Fat Devices, but may often be
based on a different image.
Key Features
Applicable
Standard

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status
FC
COE Reference Architecture is an approved part of the GEA-NZEnd
and is the
Use
r
Dev
ices
AP
43 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.01.10 Repurposed PC OS
Description
The repurposed PC OS is a lightweight operating system installed on repurposed computers that provides the minimum functionality required to run a
thin client / virtual desktop client.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.1.01.10 Repurposed PC OS
GEA-NZ Guidance
Comment
GEA-NZ
Component
Standards
Selection Status
LP
End
Use
r
Dev
ices
44 of 170

GEA-NZ Capability
GEA: 3.1.02 Peripherals Block
Description
This block contains the ICT capabilities relating to the peripheral devices that
people interact directly with, in particular printing, scanning, and follow-me
printing etc are of particular importance when looking at the COE.
Key Features
AoG Capability and
availability
AoG 1.2.01 AoG MFD Procurement
Applicable
Standard
FollowMe (RingDale) Pull Printing
Standards Body
GEA-NZ Standard
Owning Capability
Available Now
FC
End
Use
r
Dev
ices
GEA-NZ Guidance
Comments
Standard offered for consideration.

Security around printing and scanning is an essential tool in reducing the
chances of data leakage from the public service, and method of reducing
wastage.
GEA-NZ Component
Standards Selection
Status
FC
End
Use
r
Dev
ices
45 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.02.01 Multi-function Devices
Description
Devices that combine the functions of printers, faxes, photocopiers and

scanners.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
FC
End
Use
r
Dev
ices
GEA-NZ Guidance
Comments

wastage.
GEA-NZ Component
Standards Selection
Status
FC
End
Use
r
Dev
ices
46 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.02.02 Printers
Description
Devices for printing documents and files onto paper or similar materials.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
FC
End
Use
r
Dev
ices
GEA-NZ Guidance
Comments

wastage.
GEA-NZ Component
Standards Selection
Status
FC
End
Use
r
Dev
ices
47 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.02.03 Scanners
Description
Devices for taking documents and rendering them into graphical formats
(typically graphics files or PDF documents).
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
FC
End
Use
r
Dev
ices
GEA-NZ Guidance
Comments

wastage.
GEA-NZ Component
Standards Selection
Status
FC
End
Use
r
Dev
ices
48 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.02.04 Photocopiers
Description
Devices that copy physical documents.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
FC
End
Use
r
Dev
ices
GEA-NZ Guidance
Comments

wastage.
GEA-NZ Component
Standards Selection
Status
FC
End
Use
r
Dev
ices
49 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.02.05 Follow Me Printers
Description
A service for sending documents to a print queue that can be accessed by any
networked printer when the user authenticates with that printer.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
FC
End
Use
r
Dev
ices
GEA-NZ Guidance
Comments

wastage.
GEA-NZ Component
Standards Selection
Status
FC
End
Use
r
Dev
ices
50 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.02.06 Fax devices
Description
No GEA-NZ description.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined.
LP
End
Use
r
Dev
ices
51 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.02.07 EFTPOS Devices
Description
No GEA-NZ Description.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined.
LP
End
Use
r
Dev
ices
52 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.02.08 Specialised Devices
Description
These devices are specific for a particular business area or task such as the
passport encoder.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
53 of 170

GEA-NZ Capability
GEA: 3.1.03 Mobile Device Block
Description
This block includes devices that operate over a Mobile network and includes
Tablets, Mobile Phones, Smart Mobile phones, Mobile Data Cards as well as
their operating systems.
AoG Capability and

availability
AoG 1.3.01 Mobile Device Procurement
Available Now
AoG 1.3.02 Mobile Device Security Management
December 2013
Applicable Standard
COE Reference Architecture is not approved for mobile however it offers a

starting point for standards development and is an approved part of the GEA-NZ.
Accepted
International
Standards
Organisations
Where an applicable technical standard is not listed agencies should give

precedence to selecting and using standards from the following international
standards bodies.
OASIS, W3C,OGC, IETF, W3C, ISO
New standards selections should be notified to the DIA to allow them to be
reviewed by the GEAG and incorporated into this reference list.
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status
Work to develop a Mobile Device Technical Standards Baseline Specification is

planned and will be provided as an appendix to this specification.
FC
End
Use
r
Dev
ices
54 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.03.01 Smart Phone
Description
A Smartphone is a mobile phone built on a mobile operating system, with more

advanced computing capability and connectivity than a mobile phone.
Apart from voice/video calls and SMS (text) messaging services smartphones
provide functions such as:
> personal digital assistant (PDA)
> portable media players
> digital cameras and video cameras
> GPS navigation units
> high-resolution touch screens
> web browsers
> application access
> high-speed data access (provided by Wi-Fi and Mobile Broadband)
Applicable
Standard

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status

FC
End
Use
r
Dev
ices
55 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.03.02 Mobile Phone
Description
No GEA-NZ Description
Key Features
Applicable
Standard

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status

FC
End
Use
r
Dev
ices
56 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.03.03 Data Device
Description
No GEA-NZ Description
Key Features
Applicable
Standard

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status

FC
End
Use
r
Dev
ices
57 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.03.04 Tablet / Slate
Description
A wireless personal computer (PC) contained in a single panel. Its distinguishing

characteristic is the use of a touch screen as the input device
Key Features
Applicable
Standard

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status

FC
End
Use
r
Dev
ices
58 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.03.05 Smart Phone OS
Description
Mobile Device OS is the Operating System that is installed on the device and its
features. There are many flavours of mobile device OS available, each with their
own user interface which dictates look and feel. In a corporate environment
there are OS features that are beneficial for supportability reasons, such as
> Simplicity to apply patches to the OS and software.
> Ability to support corporate based infrastructure (such as DHCP, APNs and
WPAD).
> Ability to favour wireless over data connections to save data charges.
> The ability to remotely wipe data from the device if it is lost.
> Ability to support the pushing of corporate applications to these devices.
Applicable
Standard

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status

FC
End
Use
r
Dev
ices
59 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.03.06 Tablet /Slate OS
Description
Tablet / Slate OS is the Operating System that is installed on the device. Many
tablet and slate Oss are touch aware.
Key Features
Applicable
Standard

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status

FC
End
Use
r
Dev
ices
60 of 170

GEA-NZ Capability
GEA: 3.1.04 Fixed Telephony Block
Description
This technology block covers the fixed voice telephony devices, and in future
VoIP phone clients that may form part of Unified Communications.
Key Features
61 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.04.01 Desktop Phone
Description
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
62 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.04.02 VOIP Phone
Description
Key Features
Current Proposed
Applicable
Standards
Session Initiation Protocol (SIP)

Real Time Transport protocol (RTP)
H.323 v2
G.711
G.729
NZISM Section 17.4
GEA-NZ Standard
Owning Capability
GEA: 3.1.0402 VOIP Phone
GEA-NZ Guidance
None
Comments
Standards from the e-GIF, GEAG to ratify changed status.
GEA-NZ
Component
Standards
Selection Status
FC
End
Use
r
Dev
ices
63 of 170
FC
En
FC
d
En
FC
Us
d
En
FC
er
Us
d
En
De
er
FC
Us
d
vic
De
En
er
R
Us
es
vic
d
De
er
es
Us
vic
De
er
es
vic
De
es
vic
es
R
R
R
R
R
R

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.04.03 VOIP Phone Client
Description
Key Features
Current Proposed
Applicable
Standards
Session Initiation Protocol (SIP)

Real Time Transport protocol (RTP)
H.323 v2
G.711
G.729
NZISM Section 17.4
GEA-NZ Standard
Owning Capability
GEA: 3.1.0403 VOIP Phone Client
GEA-NZ Guidance
None
Comments
Standards from the e-GIF, GEAG to ratify changed status.
GEA-NZ
Component
Standards
Selection Status
FC
End
Use
r
Dev
ices
64 of 170
FC
En
FC
d
En
FC
Us
d
En
er
FC
Us
d
De
En
er
FC
Us
vic
d
De
En
er
A
es
Us
vic
d
De
er
es
Us
vic
De
er
es
vic
De
es
vic
es
A
A
A
A
A
A

GEA-NZ Capability
GEA: 3.1.05 Token Device
Description
This technology block covers the various token devices that people and even
other devices will use as means of identification and access. A security token
may be a physical device or a software token that an authorized user of
computer services is given to ease authentication.
Security tokens are used to prove ones identity electronically (as in the case of
a customer trying to access their bank account). The token is used in addition to
or in place of a password to prove that the customer is who they claim to be. The
token acts like an electronic key to access something.
Key Features
65 of 170

GEA-NZ Capability
GEA: 3.1.05 Token Device Block
GEA-NZ
Component
GEA: 3.1.05.01 Access Card
Description
Technologies used to enable physical access to buildings and controlled spaces,

and may also control access to computer networks and systems.
Key Features
Applicable
Standards
ISO 14443
NIST SP800-96-091106
NIST PIV Card
GEA-NZ Standard
Owning Capability
GEA: 3.1.0501 Access Card
GEA-NZ Guidance
None
Comments
Candidate standards offered for consideration.
GEA-NZ
Component
Standards
Selection Status
FC
End
Use
r
Dev
ices
66 of 170
FC
En
FC
d
En
FC
Us
d
En
er
Us
d
De
er
Us
vic
De
er
es
vic
De
es
vic
es

GEA-NZ Capability
GEA: 3.1.05 Token Device Block
GEA-NZ
Component
GEA: 3.1.05.02 RFID
Description
Key Features
GEA-NZ Standard
Owning Capability
Applicable
Standards
ISO 14443
NIST SP800-96-091106
NIST PIV Card
ISO 15693
ISO 18000 series
ISO 1000-6B UHF Protocol
EPCGlobal Gen 2
NIST SP800-98_RFID-2007
GEA-NZ Standard
Owning Capability
GEA: 3.1.0502 RFID
GEA-NZ Guidance
None
Comments
GEA-NZ
Component
Standards
Selection Status
FC
End
Use
r
Dev
ices
67 of 170
FC
En
FC
d
En
FC
Us
d
En
FC
er
Us
d
En
De
FC
er
Us
d
vic
En
De
FC
er
Us
es
d
vic
En
De
er
FC
Us
es
d
vic
De
En
er
FC
Us
es
vic
d
De
En
er
es
Us
vic
d
De
er
es
Us
vic
De
er
es
vic
De
es
vic
es

GEA-NZ Capability
GEA: 3.1.06 End User Device Management Block
Description
The End User Device Management block includes all of those technologies used
to manage end user devices as well as their configuration, operating systems
and applications. It also includes tools for managing user state information and
transitioning from legacy end user device environments to more modern ones.
Key Features
Comments
This component is missing two components, a soft token and a two factor
authentication token.
68 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.01 OS Deployment
Description
The OS Deployment functional building block is used to deploy (patched)

operating system images. See also 3.1.07.07 Packaging Tools
Key Features
Applicable
Standard
NIST SP800-40v2
Standards Body
NIST
GEA-NZ Standard
Owning Capability
GEA: 3.1.0601 OS Deployment
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status

FC
End
Use
r
Dev
ices
69 of 170
FC
End
Use
r
Dev
ices

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.02 App Deployment
Description
Mechanism to install packaged applications to workstations and other end user

devices running locally installed applications. See also 3.1.07.07 Packaging
Tools
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Comments
Scope requires further definition.

LP
End
Use
Requires
input from security configuration specialists.
r
Dev
ices
70 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.03 Security Configuration Manager
Description
Tools to manage, report on and enforce required security configuration of client

devices.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Comments

LP
End
Use
Requires
input from security configuration specialists.
r
Dev
ices
71 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.04 Policy Manager
Description
Tools to manage deployment and enforcement of policy on the configuration and

settings of devices and their operating systems.
Key Features
Applicable
Standard
OASIS XACML
FC
En
d
Us
er
De
vic
es
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Requires GEAG approval.

FC
En
d
Us
er
De
vic
es
72 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.05 Policy Compliance Manager
Description
Monitors configuration against policy for compliance and initiates action if the
configuration does not comply with the relevant policy. NB: Policy Compliance
Manager, Policy Manager and Security Configuration Manager are often, though
not always, implemented using the same software technology.
Key Features
Applicable
Standard
OASIS XACML
FC
En
d
Us
er
De
vic
es
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Requires GEAG approval.

FC
En
d
Us
er
De
vic
es
73 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.06 Patch Manager
Description
Solution to automatically remediate, manage installation of and report on

operating system and application software patches. The applicability of this
functional component is mainly focussed on fat device desktop and fat device
laptop.
Key Features
Applicable
Standard
NIST SP800-40v2
Standards Body
NIST
GEA-NZ Standard
Owning Capability
GEA: 3.1.0601 OS Deployment
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Candidate standards require further consideration.

FC
End
Use
r
Dev
ices
74 of 170
FC
End
Use
r
Dev
ices

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.07 Persona Manager
Description
The Persona Manager maintains information relevant to a particular user

(settings, preferences, configuration) and determines how it is managed across
devices and contexts.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
75 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.08 User Data Manager
Description
The User Data Manager provides access to users files regardless of their
environment. This functional building block does NOT guarantee off-line access,
but may deliver that as an additional feature.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
76 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.09 Application Discovery
Description
Application Discovery is a tool that can be used to discover which applications

are being used within an agency. Discovery tools may be agent-less or require
agents and may use a variety of means to discover applications.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
77 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.10 Application Compatibility Testing
Description
Tool to automate the analysis of applications to determine compatibility with

device operating systems.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
78 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.06.11 Virtualisation Compatibility Testing
Description
Tool to automate the analysis of applications to determine compatibility with

application virtualisation. Note: these tools are often implemented in combination
with Application Compatibility Testing.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
79 of 170

GEA-NZ Capability
GEA: 3.1.07 End User Applications Block
Description
This block includes all of the applications that an end user interacts directly with
including clients for enterprise applications and standalone apps such as
desktop or tablet applications. It includes common utilities as well as the
application delivery software that is required to manage the users access to
applications.
Key Features
80 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.01 Business Applications
Description
Business Applications covers all applications that are required by the business
that are not covered under another heading below. Examples include, Line of
Business applications, clients for financial management systems etc. Any
systems that contain personal information will require application level
authentication.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
81 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.02 Web Browser
Description
Web Browser provides the interface to all web based content, both on the
Internet or Intranet. Delivery of web applications often also requires additional
applets or plug-ins for the application to work. These factors need to be
considered to ensure usability and security is not compromised.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status
YUI Browser Grading
FC
En
d
Us
Microsoft Internet Explorer v+
FC
er
En
De
Chrome v+
FC
d
vic
En
Us
es
Safari v+
FC
d
er
En
Us
De
Mozilla Firefox v+
FC
d
er
vic
En
Us
Deapplicable
Standard not applicable. Candidate guidelines offering advice on
es
d
er
vic
solution choice, requires lead architect agreement.
Us
De
es
er
vic
De
es
FC
vic
En
es
d
Us
er
De
vic
es
82 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.03 Productivity Suite
Description
Productivity Suite is the core suite that provides software that is most commonly
used such as
o
Word processor
Spread sheet
Email client
Presentation software
Database application
Drawing tools
Publishing software
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comment
GEA-NZ
Component
Standards
Selection Status
Open Document Format for Office Applications (ODF)

OASIS
FC
En
d
Office Open XML ISO/IEC
FC
Us
En
er
OASIS, ISO/IEC
d
De
Us
GEA: 3.1.07.03 Productivity Suite
vic
er
es
De
Microsoft Office vx + TBD
FC
vic
En
es
d
Microsoft Office 365 vx + TBD
FC
Us
En
er
Product standard not applicable. Candidate guidelines offer advice
on applicable
d
De
solution choice, requires lead architect agreement. It is anticipated
that any
Us
vic
guidelines will align with the Cloud programme recommendations.
er
es
De
vic
FC
es
En
d
Us
er
De
vic
es
83 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.04 Application Virtualisation
Description
Application Virtualisation will allow applications to be streamed on-demand or

pre-cached to a device and executed in a virtualised bubble. The advantages of
this type of technology are
> Simplified application packaging process
> Smaller regression testing requirements
> No file or registry changes made to the device by the streamed application
> Simplistic upgrade process
> Shorter application provisioning time
> Local processing power can be utilised for application execution
> Reduction or removal of applications conflicts
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comment
GEA-NZ Component
Standards Selection
Status
It is anticipated that any standards and guidelines will come from the Cloud
programme as future application virtualisation will be Cloud based. Please also
consider the COE Reference Architecture.
LP
End
Use
r
Dev
ices
84 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.05 Presentation Virtualisation
Description
Presentation Virtualisation will allow sessions to be run on devices that contain a

desktop or the publishing of an individual application icon. The processing of the
desktop session and the application execution will be on the server.
Presentation virtualisation has a major role to play in services such as rapid
sign-on. The establishment and disconnection of sessions on the fly allows
quick and efficient roaming between devices.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
LP
End
Use
r
Dev
ices
85 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.06 Virtual Desktop Client
Description
The Virtual Desktop Client will allow devices to be presented with a desktop
session that provides the same rich and customisable environment as a locally
installed operating system. This is essentially a full desktop operating system
session that runs server side. Presentation Virtualisation should be considered
first if session based processing is deemed the best solution for the user
scenario, as it has lower resource requirements.
Virtual Desktop Infrastructure (VDI) attracts the highest cost as the server side
processing requirements are high, but it offers a unique method of providing
services.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
CITRIX vx+ TBD

Cloud offerings (TBC)
Comments
GEA-NZ Component
Standards Selection
Status
Waiting for Cloud Programme to confirm solution offerings.

FC
En
d
Us
er
De
vic
es
86 of 170
FC
En
FC
d
En
Us
d
er
Us
De
er
vic
De
es
vic
es

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.07 Packaging Tools
Description
Tools or solution set for packaging applications for delivery to an end user
device. See also 3.1.0601 OS Deployment and 3.1.06.02 App Deployment.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
87 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.08 Self Service Application Store
Description
A Self-Service App Store allows users to self- select, and automatically provision
applications onto their devices. This may include workflow functionality to allow
for line-management approval or to control expenditure, license consumption
and financial approval.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Cloud offerings (TBC)
Comments
Waiting for Cloud Programme to confirm solution offerings.
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
88 of 170
FC
En
d
Us
er
De
vic
es

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.09 PDF Reader
Description
PDF Reader is the software required to read PDF files. This is a basic tool that
does not allow editing of the PDF file. This software can be subject to regular
version updates which can be problematic for users and cause issues in locked
down environments. Because of this, the software is a perfect candidate for
Application Virtualisation technology.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Adobe Acrobat Reader vx + TBD
Comments
Candidate guidelines.
GEA-NZ
Component
Standards
Selection Status
FC
En
d
Us
er
De
vic
es
89 of 170
FC
En
d
Us
er
De
vic
es

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.10 File Compression and Extraction
Description
File Compression is the capability to compress files for storage or transit and
extract files that have been compressed (This is lossless compression). There
are formats that are commonly used such as ZIP, which require an additional
software component or could be supported natively in the Operating System
being run. Other loss based compressions mechanisms exist such as JPEG and
PNG for images and MPEG for video
Key Features
Applicable
Standard
NZ AoG COE (Common Operating Environment ) Reference

Architecture
ZIP
7z
RAR
Compress
Pack
Bzip2
TAR (unix)
JPEG (image)
PNG (image)
MPEG (video)
gzip
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
NIST SP 800-111
Comments
GEA-NZ
Component
Standards
Selection Status
FC
End
Use the
COE Architecture. Assumed COE is approved by GEA-NZ and is therefore
r
Dev
ices
AP
90 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.11 Power Management Tools
Description
Power Management Tools allow changes to be made to the power scheme on

the device. This can reduce the energy consumption on the device or ensure
power saving doesnt affect expected operation. As an example, users would
turn off hibernation if they were going to be doing a presentation. Power settings
have the potential to save an organisation a substantial amount of money, when
the savings per device are multiplied by the number of devices installed.
Key Features
Applicable
Standard
NZISM Section 15
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA: 3.1.07.11 Power Management Tools
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
No useful standards other than the security advice in NZISM

FC
En
d
Us
er
De
vic
es
91 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.12 Video Tools
Description
Display Tools are required to attach additional monitors / projectors and to

change resolution states etc. Some display tools are resident in the OS, but
advanced functionality can be gained by using the native tools that are provided
with the display adapter.
Key Features
Applicable standards
None
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.2.0206 Video in the Unified Communications Block
GEA-NZ Guidance
None
Comments
Requires more specific GEA-NZ definition.
GEA-NZ Component
Standards Selection
Status
LP
End
Use
r
Dev
ices
92 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.13 Development Frameworks
Description
Development frameworks (such as a Java runtime environment or .NET) are

required to allow applications or applets based on those frameworks to execute.
Incompatibility issues can arise when different versions of the frameworks are
required on a single device. This can be resolved using Application
Virtualisation Client and its associated backend technologies, as each virtual
bubble forms an isolation barrier.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.1.07013 Development Frameworks
GEA-NZ Guidance
Microsoft .Net Framework V + TBD
Comments
GEA-NZ
Component
Standards
Selection Status
FC
En
d
Java Runtime Environment V+ TBD
FC
Us
En
er
Requires more specific GEA-NZ definition. JRE is not a development
d
framework? Standard not applicable. Candidate guidelines offerDe
advice on
Us
applicable solution choices, requires lead architect agreement. vic
Cloud
er
es
programme to input to this.
De
vic
es
FC
En
d
Us
er
De
vic
es
93 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.14 Audio Tools
Description
Audio Tools are required to adjust and tune audio components installed in the
devices. There are some tools resident in the OS, but advanced functionality
can be gained from using the native tools that are provided with the audio
components.
Key Features
Current Proposed
Applicable
Standards
G.711
FC
En
FC
d
En
FC
Us
d
En
er
FC
Us
d
De
En
er
FC
Us
vic
d
De
En
er
FC
es
Us
vic
d
De
En
er
FC
es
Us
vic
d
De
En
er
es
Us
vic
d
De
er
es
Us
vic
De
er
es
vic
De
es
vic
G.722
G.722.1
G.722.2
G.723.1
G.728
G.729. A/B
Standards Body
ITU
GEA-NZ Standard
Owning Capability
GEA: 3.2.0202 Voice
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
es
From e-GIF, GEA-NZ to ratify change. Voice standards already in use by
One.govt. But for consideration for this component (audio tools).
FC
En
d
Us
er
De
vic
es
94 of 170
R
R
R
R
R
R
R

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.15 Web Application Frameworks
Description
Web Application Frameworks are required to run web application components

developed in that framework. Examples of these frameworks are Adobe Flash
and Air and Microsoft Silverlight.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.1.07.15 Web Application Frameworks
GEA-NZ Guidance
ASP.NET
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
Javascript
FC
d
En
Us
Java
FC
d
er
En
Us
De
PHP
FC
d
er
vic
En
Us
De
es
Ruby
FC
d
er
vic
En
Us
De
es
Python
FC
d
er
vic
En
Us
De
es
Adobe Flash
FC
d
er
vic
En
Us
De
es
Microsoft Silverlight
FC
d
er
vic
En
Us
De
es
Standard not applicable. Candidate guidelines offer advice on applicable
solution
d
er
vic
choices, requires lead architect agreement. Cloud programme to
input to this.
Us
De
es
er
vic
FC
De
es
En
vic
d
es
Us
er
De
vic
es
95 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.16 Legacy Browser Support
Description
Legacy Browser Support provides the ability to display web applications that
require Internet Explorer 6 proprietary extensions.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.1.07.16 Legacy Browser Support
GEA-NZ Guidance
Microsoft Internet Explorer 6+ ?
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
d
Requires more specific GEA-NZ definition. Standard not applicable.
Candidate
guidelines offer advice on applicable solution choices, requires Us
lead architect
er
agreement.
De
vic
es
FC
En
d
Us
er
De
vic
es
96 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.1.07.17 Screen Saver
Description
An application that displays an image on and end user device display after a preset time to hide applications and the information they display when running on
that device to minimise the opportunity for unauthorised access. Screen Savers
include the ability to auto-lock a device.
Key Features
Applicable
Standard
NZISM Section 15
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA: 3.1.07.17 Screen Saver
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
No useful standards other than the security advice in NZISM

FC
En
d
Us
er
De
vic
es
97 of 170

GEA-NZ Zone
GEA: 3.2. Communications Zone
Description
Communications Zone includes Internet and private government networks,

voice, video and multi-channel communications technologies.
Key Features
98 of 170

GEA-NZ Capability
GEA: 3.2.01 Lan / Wan Block
Description
Services for accessing applications, data or services over a fixed network.
Key Features
AoG Capability and
availability
AoG 2.1.01 one.govt Wide Area Network
Available Now
AoG 2.1.02 one.govt. PSTN Gateway
Available Now
AoG 2.1.06 Network Interoperability
July 2012
AoG 2.1.07 Network of Networks
July 2012
Current Proposed
Applicable
Standards
IP V6
IP v4
IEEE 802.3 Ethernet
FC
En
FC
d
En
Us
d
er
Us
De
er
vic
De
es
vic
ANSI 3T9.5 Fibre Network

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA: 3.2.01 Lan /Wan Block
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
From e-GIF, GEA-NZ to ratify change.

AP
99 of 170
es

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.01.01 Fixed Local Network
Description
Services for accessing applications, data or services over a fixed (wired) local
network. The defining characteristics of LANs, in contrast to wide area networks
(WANs), include their usually higher data-transfer rates and smaller geographic
area. Most commonly delivered using Ethernet over twisted pair cabling.
Key Features
Current Proposed
Applicable
Standards
IP V6
IP v4
IEEE 802.3 Ethernet
FC
En
FC
d
En
Us
d
er
Us
De
er
vic
De
es
vic
ANSI 3T9.5 Fibre Network

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status

AP
100 of 170
es

GEA-NZ Capability
GEA: 3.2.02 Unified Communication Block
Description
Unified communications (UC) products (equipment, software and services)

facilitate the interactive use of multiple enterprise communications methods. This
can include control, management and integration of these methods. UC products
integrate communications channels (media), networks and systems, as well as
IT business applications and, in some cases, consumer applications and
devices.
Key Features
AoG Capability and
availability
AoG 2.2.01 one.govt Video conferencing Bridge
August 2012
AoG 2.2.02 Directory service / Standard
No date
AoG 2.2.03 Centralised Videoconferencing Facility
No date
AoG 2.2.04 Unified Communication Infrastructure
No date
AoG 2.2.05 SEEMail V2.0
Deprecated
Available Now
101 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.02.01 Communications Integration
Description
This is the integration and coordination between different communication types

that deliver the value of unified communications. It includes the ability to contact
people with a range of different types of communications technology as
appropriate for the situation and person, presence across different
communication types, and follow-me functionality across different
communication types.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
102 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.02.02 Voice
Description
Technologies for delivering human speech commutation in real time using an

ordinary phone
Key Features
Current Proposed
Applicable
Standards
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
G.711
G.722
FC
En
FC
d
En
G.722.1
FC
Us
d
En
G.722.2
er
FC
Us
d
De
En
G.723.1
er
FC
Us
vic
d
De
En
G.728
er
FC
es
Us
vic
d
De
En
G.729. A/B
er
FC
es
Us
vic
d
De
En
ITU
er
es
Us
vic
d
De
er
es
GEA: 3.2.0202 Voice
Us
vic
De
er
es
vic
De
es
vic
esby
From e-GIF, GEA-NZ to ratify change. Voice standards already in use
One.govt.
GEA-NZ Component
Standards Selection
Status
AP
103 of 170
R
R
R
R
R

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.02.03 Email
Description
Systems for delivering, storing and managing e-mail. Electronic mail, commonly
referred to as email or e-mail, is a method of exchanging digital messages from
an author to one or more recipients. Modern email operates across the Internet
or other computer networks. Email systems are based on a store-and-forward
model. Email servers accept, forward, deliver and store messages.
Key Features
AoG Capability and
availability
Deprecated
Available Now
Applicable
Standards
NZISM Section 17.5
SMTP
G.722.1
FC
En
d
Us
er
De
vic
es
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA: 3.2.0203 Email
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
From e-GIF.
AP
104 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.02.04 Voice Mail
Description
Systems for storing voicemail, delivering notifications and managing access to

stored messages. Voice-mail is a computer based system that allows users and
subscribers to exchange personal voice messages; to select and deliver voice
information; and to process transactions relating to individuals, organizations,
products and services, using an ordinary telephone.
Key Features
Applicable
Standard
VPIM
Standards Body
IETF
GEA-NZ Standard
Owning Capability
GEA: 3.2.0204 Voice Mail
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Candidate standard.
FC
En
d
Us
er
De
vic
es
105 of 170
FC
En
d
Us
er
De
vic
es

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.02.05 Instant Messaging
Description
Instant messaging (IM) technologies support a form of communication over the

Internet that offers quick transmission of text-based messages from sender to
receiver. In push mode between two or more people using personal computers
or other devices, along with shared clients, instant messaging basically offers
real-time direct written language-based online chat. The users text is conveyed
over a network, such as the Internet. It may address point-to-point
communications as well as multicast communications from one sender to many
receivers. More advanced instant messaging allows enhanced modes of
communication, such as live voice or video calling, video chat and inclusion of
hyperlinks to media.
Key Features
Applicable
Standards
XMPP Core Protocols (RFC 3920, RFC 3921)
Standards Body
IETF
GEA-NZ Standard
Owning Capability
GEA: 3.2.0205 Instant Messaging
XMPP Extensions
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status

AP
106 of 170
FC
En
FC
d
En
Us
d
er
Us
De
er
vic
De
es
vic
es
R
R

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.02.06 Video
Description
Systems for communicating with people using video. Video is the technology of
electronically capturing, recording, processing, storing, transmitting, and
reconstructing a sequence of still images representing scenes in motion.
Key Features
Current Proposed
Applicable
Standards
H.323 v2
H.261
H.263
H.264/AVC
ISO 14496-10/MPEG-AVC
Standards Body
ITU ISO
GEA-NZ Standard
Owning Capability
GEA: 3.2.0206 Video
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
FC
d
En
FC
Us
d
En
er
FC
Us
d
De
En
er
FC
Us
vic
d
De
En
er
es
Us
vic
d
De
er
es
Us
vic
De
er
es
vic
De
es
vic
R
R
R
R
R
Partially from the e-GIF, requires lead agency discussion to completees

standards
nominations and review. Would expect lead agencies to be able to rapidly agree
the required standards set.
FC
En
d
Us
er
De
vic
es
Requires attention as we understand lead agencies want

standards as new video systems are being acquired by a
number of agencies.
107 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.02.07 Electronic Meeting System
Description
Systems for sharing presentations, electronic whiteboards, screens with other

meeting participants. These may be delivered bundled as part of video
conferencing tools, or delivered separately.
Key Features
Via LAN or WAN

Current Proposed
Applicable
Standards
H.323 v2
Standards Body
ITU
GEA-NZ Standard
Owning Capability
GEA: 3.2.0207 Electronic Meeting System
Real-time Transport Protocol (RTP)
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status

AP
108 of 170
FC
En
FC
d
En
Us
d
er
Us
De
er
vic
De
es
vic
es
R
R

GEA-NZ Capability
GEA: 3.2.03 Mobile / Wireless Block
Description
Key Features
AoG Capability and
availability
AoG 2.3.01 Syndicated Mobile
Available Now
AoG 2.3.02 Wireless Networking
December 2013
109 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.03.01 Wifi
Description
Systems for communicating with people using video. Video is the technology of
electronically capturing, recording, processing, storing, transmitting, and
reconstructing a sequence of still images representing scenes in motion.
Key Features
Applicable
Standard

Architecture
802.11g Wireless Communication capability
FC
End
Use
R
rR
Dev
R
ices
802.11ac Wireless Communication capability
NZISM Section 17.3

802.11n Wireless Communication capability
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
NIST SP 800-111
Comments
GEA-NZ
Component
Standards
Selection Status
FC
Marked as FC because the COE is not ratified for Mobile but offers a End
starting
Use
point in terms of standards. COE is approved by GEA-NZ.
r
Dev
FC
ices
End
Use
r
Dev
ices
110 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.2.03.02 Mobile Network
Description
Services for accessing applications, data or services over a wireless (mobile)

network. A cellular network or mobile network is a radio network distributed over
land areas called cells, each served by at least one fixed-location transceiver,
known as a cell site or base station. When joined together these cells provide
radio coverage over a wide geographic area. This enables a large number of
portable transceivers (e.g., mobile phones, pagers, etc.) to communicate with
each other and with fixed transceivers and telephones anywhere in the network,
via base stations, even if some of the transceivers are moving through more
than one cell during transmission.
Key Features
Applicable
Standard

Architecture
UMTS Mobile Communication
LTE Mobile Communication
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
NIST SP 800-111
Comments
GEA-NZ
Component
Standards
Selection Status
FC
End
Use
R
r
R
Dev
ices
FC
Marked as FC because the COE is not ratified for Mobile but offers a End
starting
Use
point in terms of standards. COE is approved by GEA-NZ.
r
Dev
FC
ices
End
Use
r
Dev
ices
111 of 170

GEA-NZ Capability
GEA: 3.2.04 Voice Block
Description
This Capability block covers those Government Common Capabilities (GCCapabilities) and the department specific Capabilities that relate to Fixed Voice
communications, i.e. PABX and PSTN communications.
Key Features
AoG Capability and
availability
AoG 2.4.01 Gateway Calling Services V1.0
December 2012
AoG 2.4.02 Legacy Voice and Mobile
March 2013
AoG 2.4.03 Telecommunications Billing Assurance

Service
June 2013
AoG 2.4.04 Voice Infrastructure
March 2014
Current Proposed
Applicable
Standards
G.711
FC
En
FC
d
En
FC
Us
d
En
er
FC
Us
d
De
En
er
FC
Us
vic
d
De
En
er
FC
es
Us
vic
d
De
En
er
FC
es
Us
vic
d
De
En
er
FC
es
Us
vic
d
De
En
er
es
Us
vic
d
De
er
es
Us
vic
De
er
es
vic
De
es
vic
G.722
G.722.1
G.722.2
G.723.1
G.728
G.729. A/B
H.323 v2
Standards Body
ITU
GEA-NZ Standard
Owning Capability
GEA: 3.2.0202 Voice
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
esby
one.govt.
AP
112 of 170
R
R
R
R
R
R
R
R

GEA-NZ Capability
GEA: 3.2.05 Internet Block
Description
This Capability block covers those Government Common Capabilities (GCCapabilities) and the department specific Capabilities that relate to Internet
Communications.
Key Features
AoG Capability and
availability
AoG 2.5.01 one.govt Web and Email Filtering
Available Now
AoG 2.5.02 one.govt Managed Firewall
December 2012
AoG 2.2.03 one.govt Internet
Available Now
Applicable Standard
Appendix. Internet Technical Standards Baseline Specification.
Accepted
International
Standards
Organisations

standards bodies.
GEA-NZ Standard
Owning Capability
GEA: 3.2.05 Internet Block
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
GEA-NZ to ratify changes to status of individual standards. The majority of

standards contained in this component are e-GIF based; others originate from
NZGWS and NZSWS.
AP
113 of 170

GEA-NZ Capability
GEA: 3.2.06 Public Protection and Disaster Relief (PPDR) Block
Description
Key Features
AoG Capability and
availability
AoG 2.6.01 Whole of Government Radio Network V1.0
Available Now
AoG 2.6.02 Whole of Government Radio Network V2.0
January 2015
Applicable
Standard
Emergency Services and Government Administration

Core Data Specification
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA: 3.2.06 Public Protection and Disaster Relief (PPDR) Block
GEA-NZ Guidance
APCO P25
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
Cisco IP Interoperability and Collaboration System (IPICS)
FC
d
e-GIF based requires revision. Data standards from e-GIF ApcoEn
P25 and the
Us
d
current NZ Police candidate solution.
er
Us
De
er
vic
AP
R
De
es
En
vic
d
es
Us
er
De
vi
ce
s
114 of 170

GEA-NZ Zone
GEA: 3.3. Channels and Touch points Zone
Description
The Channels and Touch points zone is where service consumers access the
service delivery capabilities from their client device, via the communications
carrier. Information and service access capability is provided in this stream.
Key Features
115 of 170

GEA-NZ Capability
GEA: 3.3.01 Online Presence Block
Description
Services and information published by government agencies for other agencies,

NGOs and/or members of the public. Some lower level transactions such as
email requests for information may also be provided via this channel. This is
fundamentally a publication channel.
Key Features
AoG Capability and
availability
AoG 3.1.01 newzealand.govt.nz V1.0
Available Now
AoG 3.1.02 data.govt.nz
Available Now
AoG 3.1.03 jobs.govt.nz
Available Now
June 2013
June 2014
AoG 3.1.06 Common Web Services
October 2012
AoG 3.1.07 Online Presence Platform
June 2014
AoG 3.1.08 Common Web Services V2.0
October 2013
AoG 3.1.09 jobs.govt.nz V 2.0
June 2013
AoG 3.1.10 Common Forms Framework
June 2014
Applicable Standard
Appendix. On-Line Presence Technical Standards Baseline Specification.
Accepted
International
Standards
Organisations

standards bodies.
GEA-NZ Standard
Owning Capability
GEA: 3.3.01. Online Presence Block
GEA-NZ Guidance
Appendix B. On-line Presence Technical Standards Baseline Specification.
Comments
GEA-NZ to ratify change.
GEA-NZ Component
Standards Selection
Status
AP
116 of 170

GEA-NZ Capability
GEA: 3.3.02 Voice Presence Block
Description
PBX and related services for connecting voice communication, including

conference calls, videoconferencing and telepresence.
Key Features
AoG Capability and
availability
AoG 3.2.01 Interactive Voice Response Service
June 2013
Current Proposed
Applicable
Standards
G.711
G.722
G.722.1
G.722.2
G.723.1
G.728
G.729. A/B
H.323 v2
Standards Body
ITU
GEA-NZ Standard
Owning Capability
GEA: 3.3.02 Voice Presence Block
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
FC
d
En
FC
Us
d
En
er
FC
Us
d
De
En
er
FC
Us
vic
d
De
En
er
FC
es
Us
vic
d
De
En
er
FC
es
Us
vic
d
De
En
er
FC
es
Us
vic
d
De
En
er
es
Us
vic
d
De
er
es
Us
vic
De
er
es
vic
De
es
vic
es by
One.govt.
AP
117 of 170
R
R
R
R
R
R
R
R

GEA-NZ Capability
GEA: 3.3.03 Collaboration Block
Description
Interactive tools and services that enable users from multiple agencies, NGOs
(Non-Government Organisations) and/or the public to share information and
work together on-line remotely.
Key Features
AoG Capability and
availability
AoG 3.3.01 Public Sector Intranet V1.0
Available Now
AoG 3.3.02 Shared Workspaces V 1.0
Available Now
AoG 3.3.03 Public Sector Intranet v2.0
December 2013
AoG 3.3.04 Government Online Directory
December 2013
AoG 3.3.05 Public Sector Intranet v3.0
June 2014
AoG 3.3.06 Shared Workspaces V 2.0
December 2012
AoG 3.3.07 Online Public Consultation Service
June 2013
Applicable
Standard
New Zealand Government Web Standards
Open Web Application Security Project
Standards Body
NZ Government OASIS
GEA-NZ Guidance
Intranet - Use of the Public Sector Intranet.

Online Thinking on ICT.govt.nz
Collaboration - Use of the Government Shared Workspace.
Public Consultation - Use of the Online Public Consultation
Service.
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
118 of 170
FC
En
FC
d
En
Us
FC
d
er
En
Us
FC
De
d
er
En
vic
Us
De
d
es
er
vic
Us
De
es
er
vic
De
es
vic
es

GEA-NZ Capability
GEA: 3.3.04 Gateway Service Block
Description
Channel for transactional services where the consumer is an application. This

includes transactional services between New Zealand or offshore government
agencies (G2G), or agencies and businesses or other NGOs (G2B). It also
includes transactional services provided by one agency that are to be made
available via a service hub operated by another agency (G2P or G2B).
Key Features
AoG Capability and
availability
AoG 3.4.01 Government Gateway Services
Applicable
Standard
NZISM Section 18
NZ AoG Secure Web Service Standard
FC
En
FC
d
En
Us
FC
d
er
En
Us
De
d
er
vic
Us
De
es
er
vic
De
es
vic
es
BPEL (WS-BPEL v2.0)

WS-I Basic Profile 1.2 or 2.0
Standards Body
NZ Government
OASIS
GEA-NZ Standard
Owning Capability
GEA: 3.3.04 Gateway Service Block
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Waiting priority.
FC
En
d
Us
er
De
vic
es
119 of 170
June 2013

GEA-NZ Capability
GEA: 3.3.05 Service Delivery Block
Description
Environment for making related transactional services provided by multiple

agencies available to the appropriate service consumers. This includes
integration with igovt logon and IVS services and user account management that
will manage authentication to all of the services offered via the hub.
Components.
Key Features
AoG Capability and
availability
AoG 3.5.01 Multi-Channel Service Centres
June 2013
AoG 3.5.02 Self-service Kiosks V1.0
No date
AoG 3.5.03 Self Service Mobile Apps Platform V1.0
April 2013
AoG 3.5.04 Integrated Service Centre Support V 1.0
August 2013
AoG 3.5.05 Integrated Service Centre Support V 2.0
April 2014
Current Proposed
Applicable
Standards

New Zealand Government Web Standards
Open Web Application Security Project
Standards Body
NZ Government, OWASP, OASIS
GEA-NZ Standard
Owning Capability
GEA: 3.3.01. Online Presence Block
GEA-NZ Guidance
NIST SP 800-28 Guidelines on Active Content and Mobile

Code
OASIS Transformational Government Framework (TGF)
Online Thinking on ICT.govt.nz
Comments
GEA-NZ Component
Standards Selection
Status
GEA-NZ to review standards and guidelines.

FC
En
d
Us
er
De
vic
es
FC
En
FC
d
En
R
Us
d
er
FC
Us
De
En
er
vic
d
De
es
Us
vic
er
es
De
FC vic
En es
d
FC
Us
En
FC
er
d
En
De
Us
d
vic
er
Us
es
De
er
vic
De
es
vic
es
120 of 170
R
R
R
R

GEA-NZ Zone
GEA: 3.4. Business Process Integration Zone
Description
Business Processes and Integration is about core business process execution

and automation technologies, as well as the integration technologies that
interlink systems e.g. Enterprise Service Bus.
The zone provides capabilities to orchestrate and manage services offered in the
Business and Operational Functions layer, and utilises utility services such as
authentication also located in this stream. Integration services including
Enterprise Applications Integration and Enterprise Service Bus technologies,
workflow, and Data Integration are also included.
Key Features
121 of 170

GEA-NZ Capability
GEA: 3.4.01 Business Process Integration Block
Description
The Business Process Integration capability block includes technologies and

services that connect systems, so that the information flows between those
systems are efficient and seamless. This includes technologies such as workflow
management, BPM execution engines as well as business process modelling
and execution technologies.
This view of integration is separated but complementary to Application
Integration which is where the details of the interfaces and messaging bus
technologies and services are covered.
Key Features
AoG Capability and
availability
AoG 4.1.01 Workflow Management
Applicable
Standard
Standards Body
OASIS
GEA-NZ Standard
Owning Capability
GEA: 3.4.01 Business Process Integration Block
BPEL (WS-BPEL v2.0)
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
122 of 170
September 2013
FC
En
FC
d
En
Us
d
er
Us
De
er
vic
De
es
vic
es

GEA-NZ Capability
GEA: 3.4.02 Application Integration Block
Description
The Application Integration capability block includes information and

communications technologies such as middleware, interfacing and messaging
bus technologies, as well as services that enable multiple processes running on
one or more computer application / technology platforms to interact. Middleware
is software that connects software components or people and their applications.
This view of integration is separated but complementary to Business Process
Integration which is where the details of how process and information interact
are covered.
Key Features
AoG Capability and
availability
AoG 4.2.01 Government Service Bus
No date
Current Proposed
Applicable
Standards
Standards Body
NZ Government, OWASP, OASIS
GEA-NZ Standard
Owning Capability
GEA: 3.4.02 Application Integration Block
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
123 of 170
FC
En
FC
d
En
Us
d
er
Us
De
er
vic
De
es
vic
es
R
R

GEA-NZ Capability
GEA: 3.4.03 Data Integration Block
Description
The Data Integration capability block includes technologies for combining data
residing in different sources and providing users with a unified view of these
data. This includes ETL tools and business intelligence as well as DVS, IDVS
and spatial data infrastructure capabilities.
Key Features
AoG Capability and
availability
AoG 4.3.01 Data Validation Service
Available Now
AoG 4.3.02 Identity Data Validation Service
February 2013
AoG 4.3.03 National Spatial Data Infrastructure
Available Now
AoG 4.3.04 Identity and Personal Information Data

Exchange V1.0
June 2013
AoG 4.3.05 MFT (Managed File Transfer)
No date
AoG 4.3.06 Geospatial Data Service (LINZ)
Available Now
AoG 4.3.07 Open Data Service
December 2012
Applicable Standard
Appendix. Data Integration Technical Standards Baseline Specification.
Accepted
International
Standards
Organisations

standards bodies.
GEA-NZ Standard
Owning Capability
GEA: 3.4.03 Data Integration Block
GEA-NZ Guidance
Appendix C. Data Integration Technical Standards Baseline Specification.
Comments
The majority of standards contained in this component are e-GIF based; others
originate from NZGWS and NZSWS.
GEA-NZ Component
Standards Selection
Status
AP
124 of 170

GEA-NZ Capability
GEA: 3.4.04 Identity Information Management Block
Description
Identity Information Management includes capabilities such as account

provisioning, workflow processing, data synchronization, single sign on,
federation, user data management, information visualisation, centralised
authentication and access management. These technologies and services
ensure that the right people have access to the right information, at the right time
and for the right reasons, while ensuring and enhancing the privacy of citizens.
Key Features
AoG Capability and
availability
AoG 4.4.00 igovt IVS Service
Available Now
AoG 4.4.03 igovt IVS full service
October 2012
AoG 4.4.04 Voice Biometric Management
2016 Beyond
Applicable
Standard
Appendix Identity Information Management Technical Standards Baseline

Specification.
GEA-NZ Standard
Owning Capability
GEA: 3.4.04 Identity Information Management Block
GEA-NZ Guidance
Appendix Identity Information Management Technical Standards Baseline

Specification.
Comments
Marked as approved because of the long standing nature and use of the
standards. The NZ Data Formats for Identity standards needs to be
reviewed/deprecated because RealMe is not going to use it. Other identity
standards are provided for future consideration. Missing any standards for
biometric identity and authentication.
Colin Wallis to ratify and clarify these.
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
125 of 170

GEA-NZ Capability
GEA: 3.4.05 Authentication and Access Management Block
Description
The Authentication and Access Management capability block includes services

that provide the authentication of users and citizens and the management of
their access to Government information systems and portals, for example the
igovt logon service.
Key Features
AoG Capability and
availability
AoG 4.5.00 igovt logon service
Available Now
AoG 4.5.04 igovt logon service 10 RealMe
April 2013
AoG 4.5.05 RealMe Release 2
October 2013
AoG 4.5.06 Identity and Access management v1.0
June 2013
AoG 4.5.11 Identity and Access management v2.0
February 2014
AoG 4.5.12 igovt logon service 9.6 Context mapping
October 2012
AoG 4.5.13 Public Sector Identity and Access

Management V1.0
September 2013
AoG 4.5.15 RealMe release 3
June 2014
Applicable
Standard
Appendix Authentication and Access Management Technical Standards

Baseline Specification.
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Appendix. Authentication and Access Management Technical Standards

Baseline Specification.
Comments
Marked as approved because of the long standing nature and use of the
standards. The Data Formats for Identity Standard needs to be
reviewed/deprecated because RealMe is not going to use it. Other identity
standards are provided for future consideration. Missing any standards for
biometric identity and authentication.
Colin Wallis to ratify and clarify these.
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
126 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.4.05.01 Directory Services
Description
Systems that store, organize and provide access to information held within a
directory, which can be considered a map between objects and information
about those objects, typically described as attributes. Attributes of objects can
be made secure so that only users with the available permissions are able to
access it.
Examples of directory services include Active Directory, Open LDAP, e-Directory
and other implementations of the X.500 ISO/IEC 9594 directory services
standards.
Key Features
GEA-NZ Standard
Owning Capability
GEA: 3.4.0501 Directory Services
Applicable Standard
LDAP v3
Active Directory
FC
En
FC
d
En
Us
FC
d
er
En
Us
De
d
er
vic
Us
De
es
er
vic
De
es
FC
vic
En
es
d
Us
er
De
vic
es
OASIS XACML
PERMIS
Standards Body
IETF, OASIS, University of Kent
GEA-NZ Standard
Owning Capability
GEA: 3.4.0501 Directory Services
GEA-NZ Guidance
NIST Access and Privilege Management
Comments
GEA-NZ Component
Standards Selection
Status
AP
127 of 170

GEA-NZ Zone
GEA: 3.5. Business and Operational Functions Zone
Description
Key Features
128 of 170

GEA-NZ Capability
GEA: 3.5.01 Unique Business Functions Block
Description
The Business and Operational Functions Capability stream provides the core
business services, which contains mission critical business data and information,
and the systems which perform business operations on this data. Business and
Operational Functions is about the core business functions that support business
Key Features
AoG Capability and
availability
Applicable
Standard
AoG 5.1.01 Contract Mapping
Available Now
AoG 5.01.02 National Property and Land Information

System (NaPALIS)
Available Now
AoG 5.1.05 Registration
December 2013
None
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.5.01 Unique Business Functions Block
GEA-NZ Guidance
Use of the AoG Contract Mapping Solution
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
Use of the AoG National Property and Land Information
FC
d
Solution
En
Us
d
The standards reference should offer / recommend for future consideration
the
er
Us
common capability solutions in this block. In particular they should
be
De
er
recommended for use unless there are reasons for not using them.
vic
De
es
vic
FC
es
En
d
Us
er
De
vic
es
129 of 170

GEA-NZ Capability
GEA: 3.5.02 Authoritative Business Data Management Block
Description
Authoritative Data Management is about the management of data specific to the

business, which may range from Business Intelligence Information to the
Business Rules that are applied.
Key Features
AoG Capability and
availability
Applicable Standard
AoG 5.2.01 Business Rule Management
June 2013
AoG 5.2.02 Government Digital Archive
February 2013
AoG 5.2.02 Government Digital Archive V 2.0
July 2013
AoG 5.2.05 Business Service Account Data Service
June 2014
AoG 5.2.06 Government Digital Archive V 3.0
July 2014
AoG 5.2.07 Authoritative Citizen/Customer Data

Standards
April 2013
AoG 5.2.08 Citizen Service Account V1.0
September 2013
NZ AoG Evidence of Identity Standard
NZ AoG Digital Record Keeping Standard
ISO 15489 International Standard for Record

Management
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
FC
En
d
OASIS Transformational Government Framework (TGF)
FC
Us
En
W3C RIF
FC
er
d
En
De
FC
OMG PRR
Us
d
vic
En
er
OMG SVBR
Us
es
FC
d
De
er
En
Us
W3C, OMG, NZ Government, ISO, OASIS
vic
De
d
er
es
vic
GEA: 3.5.02 Authoritative Business Data Management BlockUs
De
es
er
vic
De
es
vic
es of the GEARequires more specific GEA-NZ definition. Unclear what the scope
NZ block is given the range of AoG capabilities encompassed. This component
contains a mix of common capabilities making it difficult to collate a useful set of
standards. Needs review (that is why it is given a FC status).
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
130 of 170

GEA-NZ Capability
GEA: 3.5.03 Enterprise Functions Block
Description
The Enterprise Business Functions are the common functions found in all
enterprises: Finance, Payroll, HR. Policy, Strategy etc.
Key Features
AoG Capability and
availability
Applicable Standard
AoG 5.3.01 All of Government Enterprise Tooling (EA)
Available Now
AoG 5.3.03 All of Government Enterprise Tooling

Evolution
June 2014
AoG 5.3.04 FMIS Suite
December 2013
AoG 5.3.05 EDRM Suite
December 2015
AoG 5.3.06 Integrated Mail processing V 1.0
March 2013
AoG 5.3.07 Integrated Mail processing V 2.0
December 2014
None
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.5.03 Enterprise Functions Block
GEA-NZ Guidance
Provision, EA Modeller Tools
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
ISO UML
R
d
iOctane / Metastorm EA Service Agreement
FC
Us
En
er
SAP FMIS Solution Components
FC
d
De
En
Requires more specific GEA-NZ definition. Unclear what the scope
Us of the GEAvic
d
NZ block is given the range of AoG capabilities encompassed. This
er component
es
Us
contains a mix of common capabilities making it difficult to collate
Dea useful set of
er
standards. Needs review (that is why it is given a FC status). vic
De
es
vic
FC
es
En
d
Us
er
De
vic
es
131 of 170

GEA-NZ Capability
GEA: 3.5.04 Operational Functions Block
Description
Operational Functions are about the practice management and facilitation of the
ITIL services that operate across the ICT Management Capabilities in the
Foundation Zone.
Key Features
Applicable Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
132 of 170

GEA-NZ Zone
GEA: 3.6. Foundation Zone
Description
This Capability Zone contains the Capability Blocks that support the other 5
Capability Zones including the infrastructure, security and management
viewpoints.
Key Features
133 of 170

GEA-NZ Capability
GEA: 3.6.01 XaaS Block
Description
This Zone is about the Infrastructure and Platforms foundation that supports the
business. It contains the Blocks that are the major building blocks of existing and
new business or technology capabilities.
Key Features
AoG Capability and
availability
AoG 6.1.01 Infrastructure as a Service (IaaS)
Available Now
AoG 6.1.02 Platform as a service (PaaS)
December 2013
AoG 6.1.03 Government Cloud V1.0
July 2013
AoG 6.1.06 Government Apps Store
June 2013
AoG 6.1.07 Infrastructure as a service (Iaas) Virtualisation

Enhancements
September 2012
AoG 6.1.09 Cloud Infrastructure Enablers
June 2013
AoG 6.1.11 IaaS Interconnect
June 2013
AoG 1.1.03 Office Productivity Suite on Demand
June 2013
AoG 1.1.04 Desktop as a Service
June 2013
Applicable Standard
Appendix. Cloud Technical Standards Baseline Specification.
GEA-NZ Standard
Owning Capability
GEA: 3.6.01 XaaS Block
Comments
It is proposed that a working group is established immediately to agree an initial

set of standards and provide a plan for the prioritised review and publication of
standards for Cloud.
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
134 of 170

GEA-NZ Capability
GEA: 3.6.01 XaaS
GEA-NZ
Component
GEA: 3.6.01.01 Server Computing
Description
Server computing resource required to deliver server based end user computing
services such as virtual desktops or streamed applications. The virtual desktop
applications execute on the server rather than being hosted and run on the end
user device. The end user device provides presentation services for the
applications running on the server so that the application appears to be
executing on the end user device.
Key Features
Applicable Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
DMTF- Cloud Infrastructure Management Interfaces
FC
En
OCCI - Open Cloud Computing Interface, Open Grid
FC
d
Forum
En
Us
d
OCCI, DMTF
er
Us
De
er
vic
De
es
vic
New Zealand Cloud Computing Code of Practice
FC
es
Institute of IT Professional NZ
En
d
Need to identify the beneficial standards. However we wont necessarily
be
Usan indication
dictating the standards each supplier conforms to, but they will be
er
of implementation capability?
De
vic
FC
es
En
d
Us
er
De
vic
es
135 of 170

GEA-NZ Capability
GEA: 3.6.01 XaaS
GEA-NZ
Component
GEA: 3.6.01.02 Hypervisor
Description
The hypervisor or virtual machine manager (VMM) is computer software,

firmware or hardware that creates and runs virtual machines. The hypervisor
presents a virtual operating platform to the guest operating system and manages
the execution of the guest operating systems on the host machine. Multiple
instances of a variety of operating systems may share the virtualized hardware
resources.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
LP
End
Use
r
Dev
ices
136 of 170

GEA-NZ Capability
GEA: 3.6.01 XaaS
GEA-NZ
Component
GEA: 3.6.01.03 Virtualisation Manager
Description
The Virtualisation Manager manages the virtualised environment for an agency.

It manages the configuration of hypervisors and the deployment and operation of
virtual machines. The Virtualisation Manager may include orchestration
capabilities to automate repeated hypervisor management tasks.
Key Features
Applicable Standard
Open Virtualisation Format
Standards Body
DMTF
GEA-NZ Standard
Owning Capability
GEA: 3.6.01.03 Virtualisation Manager
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
LP
End
Use
r
Dev
ices
137 of 170
FC
En
d
Us
er
De
vic
es

GEA-NZ Capability
GEA: 3.6.01 XaaS
GEA-NZ
Component
GEA: 3.6.01.04 Virtual Desktop Manager
Description
The Virtual Desktop manager manages the allocation and configuration of virtual
desktops and virtual desktop pools to PC's and other end user devices.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
LP
End
Use
r
Dev
ices
138 of 170

GEA-NZ Capability
GEA: 3.6.01 XaaS
GEA-NZ
Component
GEA: 3.6.01.05 IaaS (Infrastructure as a Service)
Description
Technology Capabilities specific to supporting Infrastructure as a Service (IaaS)

can be found in this Technology Block. IaaS provides on demand infrastructure
capability including pay-as-you-go housing, servers, storage and networking.
Key Features
Applicable Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
FC
d
Forum
En
Us
d
OCCI, DMTF
er
Us
De
er
vic
De
es
vic
FC
es
En
d
be
Usan indication
er
De
vic
FC
es
En
d
Us
er
De
vic
es
139 of 170

GEA-NZ Capability
GEA: 3.6.01 XaaS
GEA-NZ
Component
GEA: 3.6.01.06 PaaS (Platform as a Service)
Description
Technology Capabilities specific to supporting Platform as a Service (PaaS) can

be found in this Technology Block. PaaS is an extension of Infrastructure as a
Service (IaaS) which offers pre-built platforms for common architectures.
Key Features
Applicable Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
FC
d
Forum
En
Us
d
SNIA - Cloud Data Management Interface
er
FC
Us
De
En
OCCI, DMTF, SNIA
er
vic
dDe
es
Us
vic
er
es
De
FC
vic
En
es
d
be
Usan indication
er
De
vic
FC
es
En
d
Us
er
De
vic
es
140 of 170

GEA-NZ Capability
GEA: 3.6.01 XaaS
GEA-NZ
Component
GEA: 3.6.01.07 SaaS (Software as a Service)
Description
A software delivery model in which software and associated data are centrally
hosted on the cloud. SaaS is typically accessed by users using a thin client via a
web browser. SaaS has the potential to reduce IT support costs by outsourcing
hardware and software maintenance and support to the SaaS provider.
Key Features
Applicable Standard
OASIS Topology and Orchestration Specification for cloud

applications Version 1.0
OCCI Open Cloud Computing Interface, Open Grid
Forum
SNIA Cloud Data Management Interface
DMTF Open Virtualisation Format
OASIS Service Provisioning Mark-up Language
Standards Body
OCCI, DMTF, SNIA, OASIS
GEA-NZ Standard
Owning Capability
GEA: 3.6.01.07 SaaS (Software as a Service)
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Comment for EW/
CW Review
New
FC
En
d
FC
Us
En
er
d
FC
De
Us
En
vic
FC
er
d
es
En
De
FC
Us
d
vic
En
er
Us
es
d
De
er
Us
vic
De
er
es
vic
De
es
vic
es
FC
En
d
This
Uscomponent provides candidate standards for consideration.
er
De
vic
es
141 of 170

GEA-NZ Capability
GEA: 3.6.02 Security Block
Description
This Block is about the Security foundation capabilities that support the
business. The Security block contains all of the components that protect devices,
other hardware, applications, users and data from threats as well as monitoring
for incidents and mitigating damage from them.
Key Features
AoG Capability and
availability
AoG 6.2.01 Professional Security services
Available Now
AoG 6.2.02 Cybersecurity
Available Now
AoG 6.1.03 AoG Certificate authority
December 2012
Applicable
Standard
Appendix. Security Technical Standards Baseline Specification.
GEA-NZ Standard
Owning Capability
GEA: 3.6.02 Security Block
GEA-NZ Guidance
Appendix. Security Technical Standards Baseline Specification.
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
142 of 170

GEA-NZ Capability
GEA: 3.6.02 Security
GEA-NZ
Component
GEA: 3.6.02.01 Anti-Virus Tools
Description
Anti-virus Tools provide protection against viruses and other threats at the
device level. Anti-virus tools for virtual desktops may be client-less, relying on
intercepting API calls to the virtual host.
Common components that are included are
> Real-time scanner
> Scheduled scan function
> Manual scan function
Key Features
Applicable Standard
NZISM
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA: 3.6.02.01 Anti-Virus Tools
GEA-NZ Guidance
http://www.av-comparatives.org/.
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
Offering a comparative site instead of a recommended product.
d
Us
FC
er
En
De
d
vic
Us
es
er
De
vic
es
143 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.02.02 Drive Encryption
Description
Software tools used to encrypt of data stored on local drives or encryption of the
complete local drive for fat clients. These tools are installed in such a way that
they cannot be bypassed during boot up.
Key Features
Cannot be disabled.
Applicable
Standard
NZISM

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
NIST SP 800-111
Comments
GEA-NZ
Component
Standards
Selection Status
FC
End
Future work is planned to develop a technical baseline specification
Use to
communicate specific technical security standards jointly with lead
r security
agencies. Marked as AP because both standards are approved Dev
by GEA-NZ.
Need to investigate the different standards to be applied to encrypting
ices whole
drives as opposed to encrypting individual files.
AP
144 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.02.03 Removable Media Encryption
Description
Device encryption for portable storage devices that may be provided through
software or hardware. Typically used to ensure data copied to USB flash drives
or external hard disks is also encrypted.
Key Features
Applicable
Standard
NZISM

Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
NIST SP 800-111
Comments
GEA-NZ
Component
Standards
Selection Status
FC
End
Future work is planned to develop a technical baseline specification
Use to
communicate specific technical security standards jointly with lead
r security
agencies. Marked as AP because both standards are approved Dev
by GEA-NZ.
ices
AP
145 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.02.04 Device (Port) Manager
Description
Controls read & write access to external ports & portable storage devices (USB
devices at a minimum). This forces authentication of the device before access is
granted to the data accessed via the port.
Key Features
Device must be authenticated before access to standard info is granted.
Applicable
Standard
RFC 6335
Standards Body
IETF
FC
En
d
Us
er
De
vic
es
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Future work is planned to develop a technical baseline specification to

communicate specific technical security standards jointly with lead security
agencies. Provides a candidate standard for consideration.
FC
En
d
Us
er
De
vic
es
146 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.02.05 Host Firewall
Description
Solution to securely control network access to and/or from a device. These are
hardware devices or software applications whose primary objective is to control
incoming and outgoing network traffic by analysing the data packets and
determining whether they should be allowed through or not, based on a
predetermined rule set. A network's firewall builds a bridge between an internal
network that is assumed to be secure and trusted, and another network, usually
an external (inter)network, such as the Internet, that is not assumed to be secure
and trusted.
Key Features
Applicable Standard
NZISM 18.4
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA: 3.6.02.05 Host Firewall
GEA-NZ Guidance
one.govt.nz firewall
Comments

agencies. one.govt.nz firewall provided as a guideline, this needs to be
explained in terms of its use ?
GEA-NZ Component
Standards Selection
Status
FC
En
d
Us
er
De
vic
es
147 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.02.06 Application Whitelisting
Description
Solution to only allow approved applications to run on users device. The

whitelist contains a register of applications or other entities that are being
provided a particular privilege e.g. will be permitted to execute on an end user
device. Whitelisting is the converse of blacklisting, the practice of identifying
entities that are denied this privilege.
Key Features
Includes web whitelisting.
Applicable Standard
NZISM 14.2
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA: 3.6.02.06 Application Whitelisting
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status

agencies. Only have NZISM input.
FC
En
d
Us
er
De
vic
es
148 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.02.07 Secure Remote Access
Description
Solution providing secure access to a users end user computing environment

inside an agency from outside the boundaries of the agency.
Key Features
Applicable
Standard
NZISM

Architecture
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ
Component
Standards
Selection Status

agencies. Standards in 3.2.03.01 Wifi will provide a starting point for work in this
area. Marked as AP because both standards are approved by GEA-NZ.
AP
149 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.02.08 Network Access Control
Description
Solution to control access to wired and wireless networks. Network Access

Control uses a set of protocols to define and implement a policy that describes
how to secure access to network nodes by devices when they initially attempt to
access the network. NAC might integrate the automatic remediation process
(fixing non-compliant nodes before allowing access) into the network systems,
allowing the network infrastructure such as routers, switches and firewalls to
work together with back office servers and end user computing equipment to
ensure the information system is operating securely before interoperability is
allowed.
Applicable
Standards
NZISM
Standards Body
NZ Government
GEA-NZ Standard
Owning Capability
GEA: 3.6.02.08 Network Access Control
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection

agencies. Standards in 3.2.03.01 Wifi will provide a partial starting point for work
in this area. Marked as AP as all the standards are either recommended or
approved.
AP
150 of 170

GEA-NZ Capability
GEA: 3.6.03 Business / ICT Management Block
Description
This GEA-NZ block is concerned with the Business / ICT management

processes that operate within foundation zone that support the business. It
contains the Capabilities that are the major building blocks of existing and new
business or technology capabilities.
Key Features
AoG Capability and
availability
AoG 6.3.01 Software Asset Management
March 2013
AoG 6.3.02 Multi-Agency Licensing Agreements
Available Now
AoG 6.3.03 Cloud Business Model Enablers
June 2013
AoG 6.3.04 Government Apps Store Management
June 2013
AoG 6.3.05 Service Taxonomy Standard
August 2012
151 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.03.01. Hardware Asset Management
Description
The Hardware Asset Manager is responsible for discovering the computing

hardware assets of an organisation, determining what they are, maintaining a
register of those assets and managing them over the lifecycle of the asset.
Key Features
Applicable Standard
ISO 55000
ISO 55001
ISO 55002
Standards Body
ISO
GEA-NZ Standard
Owning Capability
GEA: 3.6.03.01. Hardware Asset Management
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Candidate standards offered for consideration

FC
En
d
Us
er
De
vic
es
152 of 170
FC
En
FC
d
En
FC
Us
d
En
er
Us
d
De
er
Us
vic
De
er
es
vic
De
es
vic
es

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.03.02. Software Asset Management
Description
The Software Asset Manager is responsible for discovering software assets,

associating software assets with the appropriate hardware or user profile,
enforcing licensing compliance and managing the lifecycle of software assets
across desktops and servers.
Key Features
Applicable Standard
ISO 55000
ISO 55001
ISO 55002
Standards Body
ISO
GEA-NZ Standard
Owning Capability
GEA: 3.6.03.02 Software Asset Management
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Candidate standards offered for consideration

FC
En
d
Us
er
De
vic
es
153 of 170
FC
En
FC
d
En
Us
FC
d
er
En
Us
De
d
er
vic
Us
De
es
er
vic
De
es
vic
es

GEA-NZ Capability
GEA: 3.6.04 Hardware Block - Technology
Description
Technology capabilities that are specifically the hardware technologies deployed

as part of an ICT infrastructure are included in this block.
Key Features
154 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.04.01 Network Traffic Management Infrastructure
Description
This hardware is responsible for managing the flow of information across a

network to ensure packets are delivered to the appropriate destinations e.g.
switches and routers
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Review
Scope undefined
LP
End
Use
r
Dev
ices
155 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.04.02 Server Infrastructure
Description
This is the platform technology that supports software applications including

database applications (refer Software block). This includes the CPU's and other
circuit board technologies, backplanes, power supplies etc. components that
make up physical servers.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Guidance
GEA-NZ Standard
Owning Capability
GA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Web server minimum hardware specifications including

Processor, Memory, Local Storage, NIC TBD
FC
En
Application server minimum hardware specifications
d
FC
including Processor, Memory, Local Storage, NIC TBD
Us
En
Database server minimum hardware specifications
er
d
FC
including Processor, Memory, Local Storage, NIC - TBD
De
Us
En
vic
er
d
es
De
Us
vic
er
es
De
vic
es
No applicable standards. If guidance is seen as important the relevant
lead
architect needs to provide candidate guidance for inclusion and review.
FC
En
d
Us
er
De
vic
es
156 of 170

GEA-NZ Capability
GEA: 3.6.04 Hardware Block- Technology
GEA-NZ
Component
GEA: 3.6.04.03 Storage Hardware
Description
This includes all the physical devices used for non-volatile storage of the
information that is being manipulated by application processing. It includes
technologies such as hard drives, SSD devices, tape storage devices etc.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
157 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.04.04 Security Hardware Infrastructure
Description
This includes physical devices that provide security services e.g. hardware
firewalls
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope undefined
LP
End
Use
r
Dev
ices
158 of 170

GEA-NZ Capability
GEA: 3.6.05 Software Block - Technology
Description
Technology Capabilities that make up the Software Infrastructure can be found

in this Technology Block. This Technology Capability covers all the Operating
System Software.
Key Features
159 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.05.01 OS (Operating System) Software
Description
This Technology Capability covers all Operating System Software. An operating

system (OS) is a collection of software that manages computer hardware
resources and provides common services for computer programs. The operating
system is a vital component of the system software in a computer system.
Key Features
Applicable
Standard
None
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.6.05.01 OS (Operating System) Software
GEA-NZ Guidance
Client Windows OS x + TBD
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
Server Windows OS x + TBD
FC
d
En
Client LINUX OS x + TBD
FC
Us
d
En
er
FC
Server LINUX OS x + TBD
Us
d
De
En
er
Us
vic
lead
d
De
er
esreview.
architects needs to provide candidate guidance for inclusion and
Us
vic
De
er
es
vic
FC
De
es
En
vic
d
es
Us
er
De
vic
es
160 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.05.02 Application Software
Description
This technology capability covers application software that is provided as

infrastructure such as Microsoft Office. Application software, also known as an
application or an app, is computer software designed to help the user to perform
specific tasks. Examples include enterprise software, accounting software, office
suites, graphics software and media players.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA: 3.6.05.02 Application Software
GEA-NZ Guidance
Microsoft Office xxxx - TBD
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
Microsoft Outlook xxxx - TBD
FC
d
En
Us
Microsoft Office 365 - TBD
FC
d
er
En
Us
OpenOffice - TBD
FC
De
d
er
En
vic
Us
Google Docs - TBD
FC
De
d
es
er
En
vic
Us is seen as
Poor quality GEA-NZ definition. No applicable standards. If guidance
De
d
es
important the relevant lead architect needs to provide candidateer
guidance for
vic
Us
De
inclusion and review.
es
er
vic
De
es
FC
vic
En
es
d
Us
er
De
vic
es
161 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.05.03 Development Software
Description
Software development tools are programs or applications that software

developers use to create, debug, maintain, or otherwise support other programs
and applications. These include IDE's, source control solutions, modelling tools
etc.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Microsoft Visual Studio x + TBD
Comments
GEA-NZ Component
Standards Selection
Status
FC
En
Eclipse x + TDB
FC
d
En
Us
lead
d
architects needs to provide candidate guidance for inclusion anderreview.
Us
De
er
vic
FC
De
es
En
vic
d
es
Us
er
De
vic
es
162 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.05.04 Image Packaging and Distribution Software
Description
Image software creates packages of installable software components and/or

applications as images as well as the applications that can deploy these images
on target machines. These are commonly used to automate the installation of
software packages on PC's
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
GEA: 3.6.05.04 Image Packaging and Distribution Software
Comments
Assumed to be for desktop image software. No seen as a high priority unless

agencies raise this as an issue. There are various open source solutions
available and it is the compatibility of the image data which is more important to
interoperability and reliability.
GEA-NZ Component
Standards Selection
Status
LP
End
Use
r
Dev
ices
163 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.05.05 Service Software
Description
Service software is middleware that manages and integrates a computer's

capabilities, but typically is not involved in the performance of tasks that interact
with the end user.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status

LP
End
Use
r
Dev
ices
164 of 170

GEA-NZ Capability
GEA: 3.6.05 Storage Block - Technology
Description
This ICT Capability Block is about the storage infrastructure that supports the
business. It includes services for storing, accessing and backing-up files and
data.
Key Features
165 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.06.01 Database Infrastructure
Description
A Database Management System (DBMS) is a suite of computer software

providing the interface between users and a database or databases. A DBMS is
a shell which surrounds a database or series of databases and through which all
interactions take place with the database. A database is an organised pool of
logically-related data that is managed by the DBMS.
Key Features
Applicable
Standard
None
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
GEA-NZ Standard
Owning Capability
Comments
GEA-NZ Component
Standards Selection
Status
Microsoft SQL Server x + - TBD
FC
En
Oracle x + - TBD
FC
d
En
Us
MySQL x + - TBD
FC
d
er
En
Us
De
d
er
vic
Us
De
es
lead
er
vic
architects needs to provide candidate guidance for inclusion andDe
review.
es
vic
es
FC
En
d
Us
er
De
vic
es
166 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.06.02 SAN (Storage Area Network)
Description
A storage area network (SAN) is a dedicated network that provides access to

consolidated, block level data storage. SANs are primarily used to make storage
devices, such as disk arrays, tape libraries, and optical jukeboxes, accessible to
servers so that the devices appear like locally attached devices to the operating
system.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Govt agencies build their own SANs and they outsource them. No applicable
standards. Current technology is vendor specific and does not work in a
standard way or conform to standard interfaces and approaches. Makes it hard
to move from one vendors offering to another. If guidance is seen as important
the relevant lead architects needs to provide candidate guidance for inclusion
and review and what control do they have over the outsourced implementation.
See cloud storage. 3.6.01 XaaS.
LP
End
Use
r
Dev
ices
167 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.06.03 DAS (Direct Attached Storage)
Description
Direct Attached Storage (DAS) is a local disk server used as a storage device
primarily to run the operating system only. Remaining systems that use DAS
based storage do so either for security reasons (DocSigners) or are legacy
systems to be addressed ( SDE, OLEV, OTS).
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope needs further definition. Assumed to be disk storage only accessible by

the specific machine it is attached to? Should this be continued or retired?
LP
End
Use
r
Dev
ices
168 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.06.04 NAS (Network Attached Storage)
Description
Network-attached storage (NAS) is file-level computer data storage connected to

a computer network that can provide data access to a heterogeneous group of
clients. NAS not only operates as a file server, but is specialized for this task
either by its hardware, software, or configuration of those elements.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Govt agencies build their own NASs and they outsource them. No applicable
standards. If guidance is seen as important the relevant lead architects needs to
provide candidate guidance for inclusion and review and what control do they
have over the outsourced implementation. See cloud storage. 3.6.01 XaaS.
LP
End
Use
r
Dev
ices
169 of 170

GEA-NZ Capability
GEA-NZ
Component
GEA: 3.6.06.05 Repository Infrastructure
Description
Repositories are typically specialised databases or data stores designed to

support the storage and maintenance of particular data sets associated with
specific functions, e.g. document management, model management or digital
asset management.
Key Features
Applicable
Standard
Standards Body
GEA-NZ Standard
Owning Capability
GEA-NZ Guidance
Comments
GEA-NZ Component
Standards Selection
Status
Scope requires further definition. Assumed to relate to managed flat files

(Rosetta), SQL databases or EDRMS.
LP
End
Use
r
Dev
ices
End of Document
170 of 170

GEA NZ Standards Reference Document

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

GEA NZ Standards Reference Document

Diunggah oleh

Hak Cipta:

Format Tersedia

-

From Vision and Direction to Deployment

Government Enterprise Architecture

Department of Internal Affairs

Government Enterprise Architecture for New Zealand

Architecture Practice, Government Technology Services, Department of Internal

GEA-NZ Standards Reference Document

GEA-NZ Standards Reference Document Final.doc

Government Enterprise Architecture Group

Government Enterprise Architecture Group

Government Enterprise Architecture Group

Government Enterprise Architecture Group

Government Enterprise Architecture Group

Government Enterprise Architecture Group

Government Enterprise Architecture Group

Government Enterprise Architecture Group

Government Enterprise Architecture Group

Government Enterprise Architecture Group

Authentications Standards Manager, Department of Internal Affairs

Enterprise Architect, DIA

Enterprise Archivist/Archives Advisor

Senior Technical Analyst, DIA

Manager Information and Collaboration, DIA

General Manager Information Services, MSD

Information Manager, Electricity Authority

Manager Recordkeeping Capability, DIA

Archives Advisor, DIA

Solution Architect, DIA

Solution Architect, DIA

Solution Architect, DIA

Enterprise Architect, DIA

Enterprise Architect, DIA

Manager Security & Risk, DIA

Technical Specialist, DIA

Applications and Infrastructure, DIA

Manager Client Technologies, DIA

Manager of Infrastructure and Integrated Communications, DIA

Promote technology, system and data interoperability

Architects of government agencies

Chief Information Officers

Document evolution and role of Government Enterprise Architecture

Cloud technical standards baseline

Security technical standards baseline

Mobile technical standards baseline

Evolution of the Information business domain standards.

Government Enterprise Architecture for New Zealand (GEA-NZ)

Each GEA-NZ Block may be further divided in to individual GEA-NZ capabilities.

The need for standards revision and integration into GEA-NZ

The need for a simplified ICT standards compliance model

New standards compliance model

GEAG will follow adopted standards maintenance processes such as:

Process for adding new standard to GEA-NZ

Process for updating existing standard

Evidential standards compliance

Summary mapping of standards into the GEA-NZ Standard Reference

Strategy Region[01] Contains universally applicable strategic standards, policies and

Bus ines s Branc h s pec ific produc t Polic y and Standards

GEA: [02] Business Region

GEA: [03] ICT Region

Cloud Implementation Standards

GEA-NZ [Region 01] Strategy Region

Identity Policy and Standards

iGovt implementation compliance