Service break for the Incomes Register's stakeholder testing environment on 5 November, 12 noon – 6 November, 8 am.

Incomes Register Unit's information security certificate

The Tax Administration’s Incomes Register Unit was given an information security certificate in accordance with the international ISO/IEC 27001:2022 standard.

The Incomes Register Unit is responsible for the operation of two registers, the Incomes Register and the Positive credit register. With a certified data security management system, we ensure that the information contained in the registers remains confidential, intact and accessible.

We prevent accidental losses of data and we also prevent the data from falling into the wrong hands. The ISO/IEC 27001 is an international standard for information security, covering a number of different aspects of security. In total, the standard contains more than 100 security-related requirements and controls from data encryption to physical security.

The certificate proves that information security is properly managed through all work processes in the entire organisation of the Incomes Register Unit.

Renewed external audits with regard to the certification are conducted every three years. Between the external audits, adherence to information security practices is controlled both internally and by the auditor.

The current certification is valid until 22 August 2025.

The certificate was granted for the first time to the Incomes Register Unit on 22 August 2019. In October 2024, the unit’s second register, the Positive credit register, was also accepted for certification.

Check out our registers

Information on the Incomes Register

What is the Incomes Register

See also the instructions how to use our services safely

Information on the Positive credit register

What is the Positive credit register

Frequently asked questions about the Positive credit register

Page last updated 10/21/2024