A new Information Security Policy for Stockholm University was established on June 1 by decision of the President (Ref. No. SU FV 2209-23). The new policy replaces the document Guidelines for Information Security at Stockholm University (Ref. No. SU FV-2.11.2-1923-16), which was established on January 20, 2017. Work to prepare new clear guidelines for information management will continue during autumn 2023.

A new training tool has also been procured in order to improve and quality-assure information management at the University. To reduce the risk of network intrusions, sabotage, malware and fraud, all staff is recommended to undergo this training. As an employee, you are responsible for ensuring that you complete the training and completion will be followed up by your line manager.

• The University has engaged the services of security awareness company Nimblr (https://nimblr.net/) to implement the training courses.
• Approximately once a month, employees will receive an email invitation containing a link to the next course module. Each module will take a few minutes to complete. Invitations will be sent from <training@nimblr.net>.
• Training will be followed up and adapted to the individual employee, so links should not be shared with colleagues.
• Heads of department/administrative managers/equivalent will be able to follow the progress of training in reports showing the status of their own department or other organisational unit.

Please address any questions and viewpoints to informationssakerhet@su.se