Governance & Architecture Model

CSA

Compliance Security Architecture

A governance and architecture model for implementing mission-critical environments in a structured, compliant and future-proof way - used by 3Flames as the foundation of our services.

NIS2 IEC 62443 NC-CS / NCCS CER VJV2024 SJV2024
What is CSA

A practical framework for compliant environments

CSA is a governance model that brings together cybersecurity, operational requirements and regulatory compliance into one practical framework for mission-critical environments.

It defines the governance, architecture and controls needed to implement environments correctly - turning complex and scattered requirements into clear architecture decisions and practical controls.

  • Aligns cybersecurity, compliance and operational requirements
  • Turns complex requirements into practical architecture and governance controls
  • Supports security, resilience and continuity in mission-critical environments

Why it matters

From requirements to implementation - CSA helps organizations turn scattered demands into a clear architecture, governance controls and practical implementation decisions.

Instead of interpreting regulations independently, CSA provides a structured model that maps requirements to technical and operational controls.

Security Resilience Continuity
How CSA evolved

From Common Service Models
to Compliance Security Architecture

A completely new and modern Compliance Security Architecture approach was created to meet tightening regulatory, resilience and cybersecurity requirements in the energy sector.

2019 - The Beginning
Common Service Model
The Common Service model described the common ICT services required in typical energy environments and supported the design and documentation of data networks shaped by general service controls, earlier TSO requirements (VJV and SJV) and operational obligations related to electricity system operations.
2025 - Evolution
Creating totally new approach for compliance needs
As cybersecurity requirements and sector-specific legislation became more stringent, 3Flames began designing and developing a new approach from scratch to address evolving compliance and security needs, including NIS2, NC ER, the new EU electricity cybersecurity network code (NC CS), CER and relevant NCSC-FI guidance.
2026 - Today
Compliance Security Architecture
As NIS2, updated TSO requirements (VJV2024 and SJV2024) and wider resilience and cybersecurity obligations reshaped the operating environment, 3Flames defined its current foundation and introduced Compliance Security Architecture as a distinct approach to clarify, simplify and strengthen the practical implementation of regulatory requirements while supporting business needs.
What requirements it supports

CSA Model

CSA Model Compliance Security Architecture (CSA) is the 3Flames model for turning external requirements and operational needs into practical security and compliance controls for mission-critical environments. The model shows how secure and compliant access is enabled for the parties that need to interact with critical environments, while ensuring that the underlying OT and energy systems remain protected, resilient and governable.

CSA Architecture Diagram

How CSA enables FlameGuard

FlameGuard is the operational service built on top of CSA. While CSA defines the governance model and control architecture, FlameGuard delivers the actual service capabilities - connectivity, access management, monitoring and compliance controls - in mission-critical energy environments.

CSA = governance & architecture model  ·  FlameGuard = operational service built on CSA

Discover FlameGuard →

Want to know more?

Have questions about CSA or how it applies to your environment? Reach out directly.

Chat on WhatsApp Send an Email