Go directly to contents.
Databank of digital security

Digital security architecture model

Read more about the digital security architecture in the Digital and Population Data Services Agency’s workspace: Digitaalisen turvallisuuden arkkitehtuuri (in Finnish)Opens in a new window.

The digital security architecture is first and foremost a planning and design tool to help with developing and structuring digital security. The architecture is an understanding of the organisation’s assets and operating environment that need to be protected, as well as the threats and risks to them. In addition, it covers an understanding of the requirements and strategic policies that concern the organisation and the building blocks of digital security that they are implemented with.

Digital security architecture is utilised in the planning and understanding of digital security, which is a wide and ever-changing entity. It particularly considers how the changing environment and the requirements set by it affect the digital security choices and solutions that have been made.

Digital security architecture is used to achieve the following objectives:

  • Understanding the needs related to the organisation’s activities and setting objectives to the digital security practices and technical solutions based on them.
  • Producing a description of the organisation’s digital security structures.
  • Adapting digital security solutions to the organisation’s other activities by, for example, considering them in the organisation’s enterprise architecture.
  • Setting a target state for digital security, towards which we work with determined development.

In other words, the framework as such is not a set of criteria or a catalogue of safety controls – it contains concrete measures and examples for improving digital security.

Who is it for?

The framework is intended for all public administration actors as a tool for holistic planning and conceptualising of digital security. The framework does not establish which instrument or tool an organisation should use to describe or document digital security, as the effectiveness of description methods vary from organisation to organisation. An organisation should utilise the framework in a manner that it deems to be best. However, creating visual and structural descriptions makes it considerably easier to conceptualise large entities. The framework was published in March 2022

Updated: 17/12/2025

Are you satisfied with the content on this page?