The Security Service advises and inspects public agencies covered by protective security legislation. Where are inspections conducted?
The Security Service is at liberty to decide where to conduct inspections, and always gives priority to the nation's most critical assets. This means that inspections focus mainly on areas where an attack would have consequences serious enough to affect Sweden as a nation.
Once the Service has decided to conduct a protective security inspection, we contact the public agency in question, which is then given some time to prepare.
The inspection involves checking that protective security legislation and regulations are complied with, and that the level of protective security is commensurate with the activities carried out.
Security analyses and other documentation relating to management and steering of physical protection, security screening and information security are scrutinised. The handling of records checks is also examined. This is followed by an on-site inspection, as well as interviews with heads of operations and security. In some cases, technical inspections of IT system security are carried out. Such inspections include testing the ability to withstand electronic attacks. After the inspection, the Security Service recommends measures to enhance protective security and offers post-inspection support in the form of advice.