Sign in
Forgot password?
Access My Procudan
    New
    24/06/2025 07:52:00

    We are NIS2 compliant

    Procudan is classified as an “important entity” under the NIS2 Directive on IT security. This entails a significant responsibility, which we have taken on with a targeted and thorough effort throughout the organisation. We have strengthened both our own processes and our collaboration with our IT partners to ensure stable operations.

    NIS2 strengthens cyber security in Europe – and throughout the value chain

    Over the summer of 2025, the new EU directive NIS2 will come into force. The purpose of the directive is to raise the maturity and robustness of cyber security throughout Europe. The directive imposes stricter requirements on companies that play a significant role in society's infrastructure, both directly and through their supplier and partner relationships.

    IT security has always been important to us, and we have been working hard to ensure that we are compliant and ready when the legislation comes into force.

    Procudan is classified as an "important entity" in NIS2, which means that we must comply with a number of clear and specific requirements.

     

    A risk assessment across the entire organisation

    We have conducted a thorough risk assessment across the entire organisation. Threats and risks have been mapped in all departments with focus on both probability and consequence. This work is anchored in both the IT committee and management, and the board of directors has been kept informed and involved on an ongoing basis.

    We have identified vulnerabilities, highlighted our most important systems and documented clear requirements for what they must be able to do. This has been an extensive project, requiring detailed insight and close involvement from many parts of the organisation.

    For us it is not about changing everything – but about documenting what we already do today.

     

    External advice and closer cooperation

    To prepare for the directive coming into force, we have brought in external expertise. An external consultant has provided us with tools and new perspectives that have strengthened our collaboration with our suppliers and sharpened our requirements for them.

    - For us, it is only natural to be ready. We have our processes under control and have now put into words and structure what we already prioritise highly. This has led to better dialogue with our IT partners and made our expectations of the systems clearer, says Anders Stounberg, IT manager at Procudan.

    We have had close discussions and interviews with our IT partners to ensure that roles and responsibilities are clear and aligned.

    Compliance with NIS2 does not stop when the directive comes into force. It is an ongoing effort that we will build on as requirements and needs evolve.

    Similar content