Kronofogden Security management system as well as external demand to reduce risk in an adequate way drive the Kronofogden need to constantly improve business continuity. Earlier project had not brought Kronofogden to the level needed, much due to that a Kronofogden common approach to business continuity was not implemented, except for a few guidelines setting out the requirements.
Actensa helped to assess status of business continuity plans, inventory of information repositories and assessed the alignment with Kronofogdens policies and procedures. The work was done by taking “public company” concepts, structures and methods and apply and adjust them to Kronofogden size and needs, in a collaborative way.
The Enforcement Authority is the only organization in Sweden empowered to withdraw money from bank accounts of debtors and, if necessary, visit the homes and companies of debtors to seize (distrain) property. The authority also has the right to withhold money directly from a debtor’s income. It can collect debts for individuals and businesses as well for the government.
Kronofogden had policies that clearly set forward ownership and requirement on content and structure of business continuity plans. However plans (when existing) didn´t meet the requirements neither followed a common structure. Hence first thing for Actensa was to suggest and gain buy-in for a new simple business continuity plan template that helped to define current status and needs for improvement. The template was validated with business representatives for key processes and served as a catalyst for engaging key stakeholders. The feed-back gained on the template and guiding to complete the same was very positive.
Next step was to implement a common ground to manage the business continuity plans at Kronofogden in a collaboration area, that help to put forward the development needs and the organisation of the documents, as well as concrete steps for how to continue the actual development work, in a simple way.
Throughout the work, the responsibilities and hierarchy from directives to concrete plans was emphasized in order to both make the overall set of plans usable in case of a disaster, but also to support successful audit, from both external auditor and Kronofogden perspective.
Actensa helped to assess current maturity and define steps for future improvement aligned with relevant industry standards such as ISO 22301.
The continue plan template helped to assess the critical business and support processes within few hours per area!
Key activates from the Actensa methodology used fpr the Kronofogden engagement:
Mikael Åkerholm , CISO Kronofogden says:
Actensa was able to quickly adjust their approach to the situation discovered in the assessment phase, aligning with Kronofogdens situation. All the way through accountability and professionalism showcased the way the Actensa team carried-out their commitments.
Tomas Kesa and Ulrik Sturk at the office entrance of Kronofogden, Stockholm.
Actensa is leaving Kronofogden with a number of assets that are ready to use when the prerequisites for large scale roll-out are fully meet.
The ambition future Kronfogden business continuity capabilities is still to be decided on.