Accredited information security inspection bodies

We have listed the information security inspection bodies accredited by us below.

Accreditation of inspection bodies is based on the Act on Information Security Inspection Bodies.

Accredited inspection bodies

25.6.2019

Nixu Certification Ltd

Business ID: 2623093-9

Keilaranta 15

FI-02150 Espoo

Protection level IV

  • VAHTI ***)
  • KATAKRI 2015
  • ISO/IEC 27001:2013

Protection level III

  • KATAKRI 2015
Protection level II 
28.8.2017

KPMG IT Certification Ltd

Business ID: 2469464-1

PO Box 1037

FI-00101 Helsinki

Protection level IV

  • VAHTI ***)
  • KATAKRI II
  • KATAKRI 2015
  • ISO/IEC 27001:2013

Protection level III

  • KATAKRI 2015
Protection level II 
30.6.2017

Nixu Certification Ltd

Business ID: 2623093-9

Keilaranta 15

FI-02150 Espoo

Protection level IV

  • VAHTI ***)
  • KATAKRI 2015
  • ISO/IEC 27001:2013
Protection level III 
15.6. 2017

KPMG IT Certification Ltd

Business ID: 2469464-1

PO Box 1037

FI-00101 Helsinki

Protection level IV

  • VAHTI ***)
  • KATAKRI II
  • ISO/IEC 27001:2013
  • KATAKRI 2015
Protection level III 
10.3.2017

Inspecta Sertifiointi Oy

Business ID: 1065745-2

Sörnäistenkatu 2

FI-00580 Helsinki

ISO/IEC 27001:2013Protection level III 
24.10.2016

KPMG IT Certification Ltd

Business ID: 2469464-1

PO Box 1037

FI-00101 Helsinki

Protection level IV

  • VAHTI ***)
  • KATAKRI II
  • ISO/IEC 27001:2013
  • KATAKRI 2015
Protection level IIIKATAKRI 2015 competence valid until 15 June 2017
2.9.2016

Nixu Certification Ltd

Business ID: 2623093-9

Keilaranta 15

FI-02150 Espoo

Protection level IV

  • VAHTI ***)
  • ISO/IEC 27001:2013
Protection level III 
2.2.2015

KPMG IT Certification Ltd

Business ID: 2469464-1

PO Box 1037

FI-00101 Helsinki

Protection level IV

  • VAHTI ***)
  • KATAKRI II
  • ISO/IEC 27001:2013
Protection level III 
6.10.2014

KPMG IT Certification Ltd

Business ID: 2469464-1

PO Box 1037

FI-00101 Helsinki

Protection level IV

  • KATAKRI II
  • VAHTI ***)
Protection level IIIAccreditation valid until 1 February 2015

*) The competence area according to which the body can perform inspections of information security.

**) The security of the body's own information handling environment is verified using the National Security Auditing Criteria (KATAKRI (External link)). The body's own information handling must fulfil requirements at one protection level higher than that for which the body has proven its competence.

***) If the competence area of the information security inspection body is VAHTI or Katakri, it can carry out the assessment of social and health care information systems and issue a certificate on their compliance with the essential requirements.