To meet the very latest security and data protection requirements, all of our services are subject to strict rules and regularly checked by independent specialists.
This international standard is designed to set requirements for the establishment, implementation, maintenance and continuous improvement of an information security management system.
An ISO / IEC 27001 certificate shows that the information security management system has been measured against a standard of best practice in the branch and found to be in compliance. Certification of an independent certification body shows that the necessary measures have been taken to protect sensitive information from unauthorized access and changes.
Protect your values
The standard has a holistic approach to information security. Values that need protection can include everything from digital information, paper documentation and physical assets (computers and networks) to the knowledge of individual employees. Conditions you must consider include, among other things, the staff's skills development and technical protection against hacking.
ISO / IEC 27001 helps us protect information as follows:
Signicat is ISO/IEC 27001 certified, certificate is available here.
Signicat is a Qualified Trust Service Provider issuing qualified time-stamps, certificate is available here.
The Signicat Time-Stamp policy and Practice statement is listed at the end of this page.
By being a Qualified Trust Service Provider, Signicat is listed on the EU trust list.
Signicat delivers a SOC 2 (type 1 for 2018) (type 2 for 2019) attestation report to its customer. The SOC 2 report addresses a service organization’s controls that relate to operations and compliance, as outlined by the AICPA’s Trust Services criteria in relation to availability, security, processing integrity, confidentiality and privacy. This report is intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems.
Signicat is an approved identity broker for Finnish businesses, providing access to the Finnish Trust Network, by The Finnish Transport and Communications Agency (Traficom).
Signicat offers strong electronic identification services for the public. The principles for strong identification have been established in Finnish legislation: Laki vahvasta sähköisestä tunnistamisesta ja sähköisistä luottamuspalveluista 533/2016, section 2.2§: http://www.finlex.fi/fi/laki/ajantasa/2009/20090617.
Signicat is an approved broker of IDIN in Netherlands.
An audit report is provided to Signicat's customers of compliance to Signicat's Data Processor Agreement (DPA).
eIDAS QTSP Terms and Conditions
eIDAS QTSP Policy and Practice Statement