Amendment of the Act on Strong Electronic Identification and Electronic Trust Services in Finnish legislation, put in force 1st of July 2016, requires service providers of strong electronic identification and signature to assess their compliance and deliver proof of compliance to the Finnish Communications Regulatory Authority (FICORA).
Compliance requirements are largely based on the EU eIDAS regulation and widely used standards, like the ISO 27001.
The compliance assessment is done by following the criteria set by Finnish legislation and FICORA. During the assessment, most of eIDAS criteria will be covered as well. Organizations existing security documentation, like from ISO 27001 or sector specific standards, as well as the previous assessments of these standards.
Compliance reassessment is done every second year.
Nixu Certification Oy is a certification authority approved by FICORA and provides customers with electronic identification and trust service assessments. We are an excellent partner for assessments, as we also have extensive experience on many other security frameworks.
Act on Strong Electronic Identification and Electronic Trust Services (currently only in Finnish and Swedish).
Regulation on Electronic Identification and Trust Services.