Our ISO27001 information security certification extended to cover operations in Estonia

We have finalized necessary steps to expand the ISO27001 certification to also cover our operations in Estonia.

The certification now also covers operations in Estonia.

From April 2022 onwards, whole KPMG Finland Group consisting operations and physical offices in both Finland and Estonia, successfully meets the requirements of ISO27001:2013 standard.

What is ISO/IEC 27001 certification?

ISO/IEC 27001:2013 is an international standard of information security management. Achieving certification to ISO27001 demonstrates that an organization is following recognized best practice on keeping information assets secure through an appropriate information risk framework, known as an Information Security Management System (ISMS). After the successful certification, the organization will be audited against the standard every year by an accredited external third party.

What is the scope of KPMG Finland Group’s certification?

The certification covers all business operations of KPMG Finland and Estonia as well as our centralized supporting functions in Helsinki and Tallinn. In addition, certification covers all our professional services provided to our clients and other stakeholders.

What does this mean for our clients and other interested parties?

Certification is an expression of trust on our commitment to information protection and it demonstrates that we have taken appropriate steps to protect our infrastructure and operations, maintaining our role as trusted data broker for our clients on an ongoing basis.

Further information regarding ISO27001 certification, scope and details on our certification process are available from the KPMG Information Protection team.

More information:

Harri Pienimäki

National IT Security Officer



Juha Karttunen

Partner, General Counsel