Information security auditing tool for authorities - Katakri
Katakri is the authorities’ auditing tool, which an authority can use in assessing the target organisation’s ability to protect an authority’s classified information.
Katakri can be used as an auditing tool when assessing a company’s security arrangements in the facility security clearance and in evaluations of the security of the authorities’ information systems. It can also be used to help companies, organisations and the authorities in other security work and its development.
Katakri is used with the aim of ensuring that the target organisation has adequate security arrangements to prevent the disclosure of an authority’s classified information in all of the environments where the information is handled.
A facility security clearance made using Katakri can be utilised for both domestic and international projects.
The minimum requirements based on national legislation and international obligations are gathered in Katakri. Katakri does not set any absolute requirements for information security; instead, the requirements collected in Katakri are based on the legislation in force and the international information security obligations binding on Finland.