For an Identity Federation as SWAMID trust is everything. SWAMID Board of Trustees has approved two incident routines, one for the Identity Providers and and one for the Service Providers, to ensure that trust can be maintained if an security incident should occur.

Both processes are described in Swedish but starts with that the affected organisation contact SUNET Cert and SWAMID Operations to activate the routine.

SWAMID Board of Trustees also strongly recommends that both the Identity Providers and Service Providers in SWAMID use the security profile REFEDS SIRTFI to increase the trust that SWAMID members and services manage IT security in good practice.