FICORA accredits a third information security inspection body

On 10 March 2017, NCSC-FI listed Inspecta Sertifiointi Oy as an accredited inspection body referred to in the Act on Information Security Inspection Bodies. The decision remains in force until further notice.

An accredited information security inspection body means an operator which has been accredited by FICORA and acts under official supervision. An accredited body may, upon assignment, assess authorities’ information systems and the level of information security in companies that process authorities’ confidential information.

In performing its duties, the accredited information security inspection body must comply with the Administrative Procedure Act, the Act on the Openness of Government Activities and the Language Act.

As specified in its application, Inspecta Sertifiointi Oy was accredited to perform assessments based on the ISO/IEC 27001 standard.

In addition to Inspecta Sertifiointi Oy, FICORA has listed two other companies as accredited information security inspection bodies: KPMG IT Certification Ltd's competence area includes VAHTI, Katakri II, Katakri - Information security audit tool for authorities 2015 (all for protective level IV) and ISO 27001. Nixu Certification Oy's competence area includes VAHTI (for protective level IV) and ISO 27001.

For updated information on information security inspection bodies accredited by FICORA and their competence areas, visit FICORA's website:

Further information:

Anna von Fieandt-Lehtonen, Legal Counsel tel. +358 295 390 527


Key words: Information security , Cyber security , NCSA , News

LinkedIn Print