Incomes Register's information security remains at a good level


The Tax Administration's Incomes Register Unit was issued an information security certificate in accordance with the international standard ISO/IEC 27001 in 2019. The level of information security was audited again in spring 2020 when it was found to be at a good level and no irregularities were discovered.

The Incomes Register contains comprehensive income and personal data. At the moment, paid wages are reported to the Incomes Register and, in 2021, pension and benefits income will also be reported. With the help of the information security management system, the Incomes Register can ensure the availability, integrity and confidentiality of its data and prevent any loss of data as well as prevent the data from falling into the wrong hands.

'Information security is a priority in the Incomes Register. It is wonderful that we have received recognition for our successful information security management. Various different parties utilise Incomes Register data, and we want to ensure that the system will be easy and safe to use in the future as well,' says Terhi Holmström, Director of Incomes Register Unit.

Information security is constantly being developed

Incomes Register's information security is constantly being evaluated and developed to match the challenges of the changing environment. Information security matters are taken into consideration in our operating culture and action is taken when problems are detected.

'One important factor is the training of the Incomes Register personnel, so that they are properly able to acknowledge and notice possible threats. The Incomes Register Unit must be able to respond to the changing threats and evolving phenomena related to information security,' Holmström says.

ISO/IEC 27001 is an international standard for information security (International Standard for Information Security Management Systems ISMS).