Fingrid has been granted an ISO 27001 information security certificate
Finland’s transmission system operator Fingrid’s information security management system meets the requirements of the international ISO 27001 standard. For its investment in information security, Fingrid has been granted an ISO 27001 certificate.
Fingrid has had a strong desire to invest in the management and development of information security across the operations of the entire company. In spring 2022, the accredited inspection body Nixu Certification carried out an audit of Fingrid’s information security management system, confirming that Fingrid’s information security is managed in accordance with the requirements of the ISO 27001 standard. By meeting the requirements, Fingrid was granted an ISO 27001 information security certificate.
The information security certificate indicates that Fingrid manages information security in a comprehensive manner and commits to its continuous development. During the audit, the company’s information security management, risk management and development were examined from different perspectives, ranging from ICT operations to HR.
Fingrid's CIO Kari Suominen (left) received the information security certificate from Nixu Certification's Niki Klaus.
In the audit, Fingrid was praised for its way of working as a unified team in developing information security, across the entire organisation. In addition, Fingrid’s activities were considered to be proactive and reactive.
“The excellent feedback received in the certification audit shows so well how the entire Fingrid organisation has grasped its significant role in enabling operations that ensure information security, and how each and every employee is committed to its continuous development,” says Kari Suominen, CIO at Fingrid.
As an organisation vital for the security of supply, it is important for Fingrid to act in accordance with internationally recognised standards in terms of information security. Achieving ISO 27001 certification requires continuous maintenance and development of information security in accordance with the requirements. The surveillance audit for the certification will be carried out one year later in accordance with the requirements of the standard. A tentative agreement has been made for surveillance activities in this audit to focus on information security management associated with service providers.
Kari Suominen, CIO, Fingrid Oyj, tel. +358 30 395 4134
e-mail addresses: firstname.lastname@example.org