From incident to report - GO supports NIS2 requirements

With the NIS2 Directive, Sweden has tightened requirements on how serious and reportable incidents should be handled. Organizations covered by the directive must be able to report an incident within 6 hours to MSB, the Police and the Swedish Data Protection Authority.

To make it easier for our customers, we have developed a ready-made incident process in Easit GO for cybersecurity incidents, structured in clear steps that follow MSB guidelines and NIS2 reporting requirements.

What is a serious and reportable incident?

Unlike everyday IT incidents, such as login problems or a broken printer, these are incidents that can have significant impact on the delivery of essential or digital services.

According to the MSB, this may include, for example,

• Major outages that affect availability for a longer period of time.
• Cyber-attacks leading to intrusion, data leakage or manipulation of information.
• Incidents that compromise confidentiality or integrity, such as exposure of sensitive personal data.
• Disruption of critical functions where the business can no longer deliver its services.

The reporting obligation includes both an initial report within 6 hours and a follow-up report with more detailed analysis when more facts are available.

New incident process in GO (Cybersecurity Incident)

To meet these requirements, we have built a process into GO that is divided into six steps:

1. Initial assessment - quickly assess the scope of the incident and determine whether it is reportable.
2. Initial actions & management - take the first steps to limit the damage and restore operations.
3. Reporting - use ready-made templates to create reports for MSB, Police and IMY.
4. Risk and safety analysis - analyze causes, consequences and lessons learned.
5. Follow-up and improvement actions - document how the incident was handled and how future risks can be reduced.
6. Files & history - Gather reports, attachments and documentation in one place for full traceability.

Why is this important?

Having a structured process for serious and reportable incidents is crucial to meet NIS2 requirements. But it is also a matter of business resilience.

• Faster recovery reduces the risk of long-term disruptions.
• Traceability and transparency creates confidence when engaging with authorities.
• Systematic learning strengthens the organization's capacity for future incidents.

The GO incident process provides organizations with practical support that combines operational management, mandatory reporting and improvement work - in a single solution.

Want to see how the process works in practice? Contact us for a demo.