In Finland, the responsibility for our international information security obligations has been divided among several authorities. NCSA-FI is part of the Finnish security authority organisation. The overall responsibility for international information security obligations lies with the Ministry for Foreign Affairs. The Ministry acts as the National Security Authority (NSA) in Finland. It is responsible for:
- steering national operations
- taking responsibility for the preparation of international security agreements
- steering and monitoring activities to ensure that international classified information is protected and handled appropriately.
The Ministry of Defence, the Finnish Security Intelligence Service and the Defence Command Finland are Designated Security Authorities (DSA). We acts as a Designated Security Authority and as a National Communications Security Authority (NCSA), specializing in information security matters concerning the handling of classified information in electronic communications.
PGP signing keys
NCSA-FI PGP keys are signed with the PGP keys below.
Forms (in Finnish)
Criteria to Assess the Information Security of Cloud Services (PiTuKri) include best practices and interpretations regarding cloud security and guidance on managing the related risks.
You may freely use, share and edit the Criteria to Assess the Information Security of Cloud Services (PiTuKri) as longs as you name the original source. The criteria also refer to information from sources outside the National Cyber Security Centre Finland. When you use the criteria, please consider the holders of rights to such sources and the rights they may have.
We provide the criteria as they are published on this website. Those using the criteria are responsible for any action they take based on the criteria, including services they provide to third parties.
We reserve the right to edit and amend the criteria and their conditions based on future needs. We will notify any changes on our website.