Creating and Managing Incidents
Creating and Managing Incidents
Creating a New Incident
To log a new security incident:
- Navigate to Incident & Breach
- Click Add Incident button
- Fill in the incident form:
- Status - Current status of the incident
- Incident ID - Unique identifier (auto-generated or manual)
- Incident - Brief title of the incident
- Incident Description - Detailed description of what happened
- Type of Impact - Classification of the impact type
- Date of Incident - When the incident occurred
- Click Submit
Incident Details
Each incident record includes:
- Incident ID - Unique tracking number
- Incident Name - Short descriptive title
- Description - Full details of the incident
- Type of Impact - Category of the incident
- Status - Current state in the lifecycle
- Assigned To - Person responsible for handling
- Date of Incident - When it occurred
Viewing Incidents
The incident list displays:
- Status badge with color coding
- Incident ID for quick reference
- Incident name and description
- Type of impact
- Assigned owner
- Date of incident
Editing Incidents
To update an incident:
- Click on the incident row or use the menu
- Select View & Edit
- Update the necessary fields
- Save changes
Deleting Incidents
To remove an incident:
- Open the action menu for the incident
- Select Delete
- Confirm the deletion
Note: Only users with create content permission can delete incidents.
Assigning Incidents
Assign incidents to team members:
- Open the incident
- Select an owner from the team
- The assigned person will be responsible for resolution
Status Management
Update incident status as it progresses:
- Open - Initial state when created
- In Progress - Investigation or remediation started
- Resolved - Issue has been fixed
- Closed - Incident fully documented and closed
Best Practices
- Log incidents promptly when discovered
- Provide detailed descriptions
- Assign owners immediately
- Update status regularly
- Document all actions taken
- Include timeline information