Accredited inspection bodies

Information security inspection bodies accredited by FICORA Act on Information Security Inspection Bodies 1405/2011 (in Finnish)

Decision issued Name and business ID of the inspection bodyCompetence area (protective level and criteria *) Level of the body's own information handling **) Other conditions (e.g. fixed-term accreditation)
28.8.2017 KPMG IT Certification Ltd Business ID: 2469464-1, Box 1037 00101 Helsinki

Protective level IV:
VAHTI ***)
KATAKRI II
KATAKRI 2015
ISO/IEC 27001:2013

Protective level III:
KATAKRI 2015

Protective level II
30.6.2017 Nixu Certification Oy, Y-tunnus: 2623093-9, Keilaranta 15, 02150 Espoo Protective level IV
VAHTI ***)
KATAKRI 2015
ISO/IEC 27001:2013
Protective level III
15.6.2017 KPMG IT Certification Ltd Business ID: 2469464-1, Box 1037 00101 Helsinki Protective level IV
VAHTI ***)
KATAKRI II
ISO/IEC 27001:2013
KATAKRI 2015
Protective level III
10.3.2017 Inspecta Sertifiointi Oy, ID: 1065745-2, Sörnäistenkatu 2, 00580 Helsinki ISO/IEC 27001:2013 Protective level III
24.10.2016 KPMG IT Certification Ltd Business ID: 2469464-1, Box 1037 00101 Helsinki Protective level IV
VAHTI ***)
KATAKRI II
ISO/IEC 27001:2013
KATAKRI 2015
Protective level III KATAKRI 2015 competence valid until 15 June 2017
2.9.2016 Nixu Certification Oy,
Business ID: 2623093-9, Keilaranta 15, 02150 Espoo
Protective level IV
VAHTI ***)
ISO/IEC
27001:2013
Protective level III
2.2.2015 KPMG IT Certification Ltd Business ID:2469464-1 Box 1037 00101 Helsinki Protective level IV
VAHTI ***)
KATAKRI II
ISO/IEC
27001:2013
Protective level III
6.10.2014 KPMG IT Certification Ltd
Business ID:
2469464-1
Box 1037
00101 Helsinki
Protective level IV
KATAKRI II
VAHTI ***)
Protective level III Accreditation valid until 1 February 2015


*) Competence area according to which the body can perform information security inspections.

**) Security of the body's own information handling environment is verified on the basis of the National Security Auditing Criteria (KATAKRI). The body's own information handling must fulfil requirements that are one protective level higher than the level for which the body has proven its competence.

***) If the competence area of the information security inspection body covers the guidelines of the Ministry of Finance for the enforcement of the government decree on information security in central government (VAHTI) , it can carry out the assessment of the social and health care information systems and issue a certificate on their compliance with the essential requirements.

Key words: Information security , Cyber security , NCSA

Updated 29.08.2017

LinkedIn Print

logo

The Finnish Communications Regulatory Authority (FICORA)

The National Cyber Security Centre Finland (NCSC-FI)

Itämerenkatu 3 A

P.O. Box 313

FI-00180 HELSINKI


Media contacts by telephone +358 295 390 248