News

Digia is developing its information security practices - ISO 27001 information security certificate expands at Digia

Written by Digia | 12/5/23 6:41 AM

Society is digitizing rapidly. The development brings not only benefits, but also risks related to information security. As these risks diversify and forms of cybercrime evolve all the time, organizations must constantly develop and refine their information security and protection practices.

Digia’s goal is to ensure a high level of information security in all our customer implementations. As a sign of this, Digia achieved the international ISO 27001 information security certificate in the fall of 2022. In the November 2023 annual audit, the certificate expanded to cover new businesses within Digia’s Managed Services and Financial Platforms service areas. New locations were also certified: now Digia’s locations in Helsinki, Tampere, Jyväskylä, Turku, Oulu and Rauma are within the scope of the certificate.

“For us at Digia, it is essential that we can act worthy of our customers’ trust in all situations. Information security is at the heart of all our customer implementations. The certificate is a sign that we take information security issues very seriously. I am very pleased that many of our businesses have achieved the certificate and I want to thank everyone who has worked for it,” says Janne Tuominen, Director of Managed Solutions Service Area.

The certificate is a sign of reliability in information security matters

ISO 27001 is an international information security management standard that provides organizations with a model for implementing, maintaining and continuously improving information security management. The certificate is granted to organizations whose operations have been audited according to the standard. At Digia, obtaining the certificate has required, among other things, the development of security management policies, processes and guidelines. These guidelines are followed by the whole Digia, even though only part of the operations are within the scope of the ISO 27001 certification and follow ISO 27001 compliant security controls.

“With the certificate, we can make Digia’s high level of information security practices visible: it is one way to communicate to our customers that we are a reliable partner in terms of information security. The certificate also involves the idea of continuous development, so it encourages us to constantly review and improve our practices,” says Samuli Savolainen, Operational Director, who led the ISO 27001 project for the Managed Solutions service area.

“The financial sector business is essentially a trust business, and effective information security is an increasingly important part of this trust base. ISO 27001 certification is a concrete indication that we take the requirements of our customers’ business environment seriously and that we are ready to invest in the implementation and anticipation of critical requirements for our customers,” says Sami Vallinkoski, Director, who chaired the ISO 27001 project steering group for the Financial Platforms service area.

More information:

Janne Tuominen
Senior Vice President, Managed Solutions, Digia
Tel. 040 839 4370
janne.tuominen(a)digia.com

Mikko Jylhä
Chief Security Officer, Digia
Tel. 050 373 6669
mikko.jylha(a)digia.com