SSF 1101

Cyber Security BASIC

SFS 1101 Cybersecurity BASIC protects your business against the most common cyber threats.

A certificate issued in accordance with this norm demonstrates that you take information security seriously and implement basic IT security. These areas are:

  • Computers and mobile units
  • Software and applications
  • Networks
  • External IT services (e.g. cloud storage and similar)
  • Authorisations
  • Training

Application fee: SEK 3,950 VAT exclusive
Annual licence fee: SEK 1,900 VAT exclusive

The purpose of certification

Apply for certification

Requirements for Cybersecurity BASIC
– according to issue SSF 1101

Basic requirements

The applicant must be a legal person and the company’s client declaration must be signed by an authorised company signatory.

Examples of various requirements

  • Strong passwords for user accounts on computers and mobile units.
  • Activated encryption of storage space on computers and mobile units where possible.
  • Back-up copying of information to the extent determined by the operation.
  • Software to protect against malicious code on all computers and mobile units which may be connected to external networks.
  • Decisions regarding, and the extent to which, personal equipment may be used in the organisation.
  • One or more network units with firewall functionality installed between the company’s internal and external networks.
  • Encrypted wireless networks which are protected by a secured protocol and strong password or certificate.
  • Legally binding agreements between you and relevant providers when you use external IT services and cloud services.
  • New password implemented immediately upon suspicion that the password has become known to someone other than the user.
  • All employees undergo basic training in information security in the form of Computer Supported Information
  • Security Training for Users [DISA – Datorstödd informationssäkerhetsutbildning för användare] (Swedish Civil Contingencies Agency).

Advantages of certification

  • Shows that you are in control of your IT security and take information security seriously.
  • Provides solid protection against the most common types of cyber threats.
  • Certifies that your personnel have undergone basic information security training.
  • Shows that you have the conditions for protecting personal data in accordance with the GDPR.Provides a
  • certificate and certification mark with substantial market value.
  • Enhances confidence in your organisation on the part of customers, cooperation partners and standards authorities.

The certification process

  • You apply for certification in our customer portal.
  • In order to ensure that you meet the requirements, you complete an extensive questionnaire (a client declaration).
  • We perform an assessment and follow up on the replies in the form and request that you supplement them as necessary.
  • You affirm the accuracy of your answers formally through an authorised company signatory.
  • We issue a certificate which is valid for three years.
  • During the period of validity, we make conduct spot checks to ensure that you continue to fulfil the requirements of the norm.

Apply for certification

You can apply quickly and easily in our client portal.

New client?

Create account

Already a client?

Log in

Get our news letter

Stay updated on the latest developments in the areas of fire safety and security certification.