The Authority is headed by a Director, who is responsible for its activities, manages the Authority and represents it externally. In the case of his absence, the management of the Authority in determined extent is substituted by the Deputy Director of the Authority. The Authority is organisationally divided into departments or directly managed divisions. Departments are divided into divisions.
The Security Clearance Department conducts activities concerning security clearances of individuals and entrepreneurs. Apart from issuing national security clearance certificates for access to national classified information, it issues security clearance certificates for access to NATO and EU classified information both for individuals and entrepreneurs.
The Regulation and Supervision Division is the Authority´s subject-matter division in the field of classified information protection, encrypted information protection, cyber security and trust services. It performs tasks in the field of inspection, audit and supervision. It grants and withdraws qualified status, determines the essential service and its operator, determines the digital service and its provider. It issues opinions and methodologies, elaborates conceptual and strategic documents, develops security and knowledge standards, certification and signature policies, cyberspace behaviour policies, cyber security incident prevention policies and their resolutions. The division represents the Authority at the international level and coordinates the Authority’s foreign activities. It comments draft legislative documents within the cross sectoral consultation procedure and carries out the legislative process of documents with a foreign element.
The National Cybersecurity Centre SK-CERT performs the tasks of the national CSIRT unit and other tasks in the field of cybersecurity.
The Technical Department carries out accreditation and certification in the field of classified information protection for personnel security, management of classified information, physical security and facility security, security of technical devices and industrial security, in the field of encrypted information protection, cyber security and trust services. It implements and maintains the operation and performance of the Authority´s information and communication systems.
The NSA Office provides and carries out basic administrative and organisational activities related to the management and activities of the Authority, provides legislative and legal matters of the Authority, builds and develops external relations and cooperation with state bodies, academia and the private sector, and provides communication to the public, ensures and performs the management and maintenance of the Authority´s property and public procurement for the Authority’s needs.
The Human Resources and Social Security Division ensures the Authority’s personnel and salary policy, social security, education, remuneration and health care for the Authority’s officers and employees.
The Internal Security Division ensures the Authority´s internal security and conducts the physical and technical protection of the Authority´s premises. It carries out internal control and financial control, handles complaints and petitions.
The NSA Liaison Office performs tasks in developing and building international relations and cooperation abroad. The unit ensures communication between the Authority and foreign partners, represents the Slovak Republic interests in the Authority´s competences within NATO, European institutions and agencies and implements bilateral and multilateral cooperation within the Authority´s representation abroad.
The Internal Audit Unit carries out the Authority’s internal audit and performs other tasks according to the Act on Financial Inspection and Audit.
The Hybrid Threats and Disinformation Office fulfills tasks in the field of combating hybrid threats and disinformation.
The Cyber Security Competence and Certification Centre is a contributory organisation of the Authority which, in the public interest, assists in the Authority’s professional tasks in the areas of cybersecurity, classified information protection, cryptographic protection and trust services.