Kaamos
Regulation archetype

Finnish public-sector software supplier

Finnish public-sector suppliers should expect GDPR, ISO 27001-style security management, NIS2 pressure in relevant sectors, and procurement-specific criteria such as Julkri or Katakri depending on contract sensitivity.

Run the full checkBrowse frameworks

Company profile

  • A Finnish or EU software company bidding for public-sector contracts or handling public administration data.

Likely planning items

  • GDPR
  • ISO 27001
  • Julkri
  • NIS2 supply-chain pressure

Possible additional pressure

  • Katakri
  • eIDAS2
  • DORA
  • Cyber Essentials

Next steps

  1. 01Confirm the procurement criteria and information classification level.
  2. 02Map technical controls, ownership, continuity, and access evidence before tender review.
  3. 03Keep public-sector evidence reusable across ISO 27001, NIS2, Julkri, and Katakri work.

This page is a practical planning guide, not legal or audit advice. Use it to scope questions before confirming obligations with legal, audit, or regulatory specialists.