Interview with Staffan Strömbäck, Sweden

Staffan Strömbäck works for the Swedish Defense Material Agency and has been the Chair of the Swedish mirror committee SIS/TK 494 for the last 5 years. As the Head of the Swedish delegation at the plenary meeting in Sydney he was invited to share his view on the work in ISO/TC 292. You are a member of Swedens mirror committee to ISO/TC 292. Can you briefly introduce your NSB and mirror committee, please?  Staffan Strömbäck

HoD: The Swedish NSB is SIS, Swedish Standardization Institute. It’s a non-profit, private association with more than a thousand members from all parts of society, companies as well as public authorities.

The mirror committee in Sweden for ISO/TC292 is currently not only mirroring this committee, but also ISO/TC262 Risk management as well as two CEN TCs. This gives us the advantage to have a broad overview of ongoing standardization, but requires the mirror committee to manage the information flow in order to process draft standards and take decisions on all topics that evolves in all the four different ISO and CEN technical committees. Who are the key stakeholders of Security and resilience in Sweden?

HoD: In Sweden, currently the main stakeholders come from the public area of government authorities. We have some businesses as members in the committee. During the last half year, there has been a growing interest from both government authorities as well as businesses, and I expect this interest to continue to grow. ISO/TC 292 covers a broad spectrum of standards. In what areas are Sweden’s main interests in the committee?

HoD: This is a quite difficult question to answer for me. Already from the beginning of Sweden’s participation in TC292, and one of the predecessors, TC223, we have been active in almost all areas. Currently is anti-counterfeiting and anti-fraud is the only working group were we have not been active. However, Swedish companies working in this business segment has lately shown interest, so it’s quite possible that we will soon cover almost all of the work done in TC292. How do you work currently in these areas (e.g.: are there any laws, regulations, national standards or other rules?) and how can ISO standards help?

HoD: Quite a few of the areas, e g Emergency management, are regulated by law in Sweden. Some others, like Business continuity management, are not. I’d generally state that the standards developed in the BCM area are the most successful in Sweden in terms of sold copies. However, this may not be a relevant measure if the question is “What standards has been most successful in contributing to Security and Resilience in Sweden?”. So far have you adopted any standards developed by ISO/TC 292 as a national standard in Sweden?

HoD: Yes, almost all of them of them in the ISO 22300 series. We have not adopted ISO 18788 nor the ISO 28000 series ISO/TC 292 is now working on ISO 22396 Guidelines for information sharing between organisations. What is your interest in this project and how would you like to see it develop?  

HoD: The challenges for organisations, working together in an multi-national and multi-organisational environment are huge. In order to work efficiently together, it’s crucial to establish trust. This project aim is to, through an agreed governance structure for information sharing, to establish the necessary foundation for trust.
There are also potential new projects discussed that are quite exciting. One is use of Social media in crisis and/or emergency management.
Finally, I’d like to mention the already published ISO/TR 22351 Message structure for exchange of information that may be evolved into an efficient means for exchange of information between organisations, in particular those involved in multi-disciplinary and multi-national cooperation. How does your mirror committee involve itself in standard development at present and how do you see this developing in the future?

HoD: The future for the mirror committee is a two tier approach. The first is to broaden participation from both industry and government organizations in the work. During the last half year, we have had a quite promising development with a number of new members. The second, already mentioned, is to attract companies and organizations anti-counterfeiting and anti-fraud area. What advice can you give to interested parties in Sweden who want to offer their input to the work of ISO/TC 292 and your mirror committee and who should they address? 

HoD: The work done in TC292 as even more important today, than it was when TC292 was established. To participate in the standardization work will contribute to the security and resilience of the society. There are few areas of as great importance as this. Possible projects?

HoD: When it comes to new projects, the ISO 22340 Protective security - Architecture, framework and guidelines, is worth mentioning. As the standards that have already been developed area, each and every one, of value, I believe that the area Security and Resilience have now reached a level of maturity that would benefit from a structural approach. This would make it much easier to understand how the already developed standards fit together and also contribute to identify areas for future standards development.

Interview made by Stefan Tangen, Convenor of the ISO/TC 292 Communication Group