Adding an Incident
Last updated
Last updated
Clicking on the Add Incident button brings up the Add Incident form. Fill in the required fields marked with a * and click Add to log a new incident.
Incident Name
The name given for an individual incident to help distinguish it from other incidents.
Description
The description section offers a detailed and complete summary of the incident, and should provide the reader with a clear understanding of what occurred.
Rating
The rating assigned to this incident in terms of its impact and implications.
Asset Affected
The specific asset(s) which are affected by this incident.
Date Reported
The specific date on which the incident was reported.
Status
In the context of an Information Security Management System (ISMS), the status of incident can be described as either open or closed
Open - An open incident is a incident that has been identified, assessed, and acknowledged, but has not been mitigated or treated. It remains a potential threat to the organisation and requires further action to reduce its likelihood or impact.
Closed - A closed incident, on the other hand, is an incident that has been adequately mitigated or treated. The organisation has taken appropriate measures to address the incident, and it no longer poses a significant threat to the information assets.
Date Closed
The specific date on which the incident was mitigated.
Category
When reporting an incident in an Information Security Management System (ISMS), incidents can be categorised into several categories, including:
Breach: Unauthorised access to sensitive data or systems.
Denial of Service: Overwhelming a system or network with traffic or requests to make it unavailable.
Physical damage: Physical destruction or damage to IT infrastructure or devices.
Theft: Stealing or unauthorised access to physical or digital assets.
Vulnerability: Weaknesses or flaws in a system or application that can be exploited by attackers.
Misconfiguration: Errors or oversights in system settings or configurations.
Exploitation: Taking advantage of a vulnerability or weakness in a system or application.
Unauthorised Access Attacks: Gaining access to a system or application without proper authorisation.
Privilege Escalation Attacks: Exploiting a vulnerability to gain higher levels of access than authorised.
Insider Threat Attacks: Malicious actions taken by an authorised individual within an organisation.
Phishing Attacks: Deceptive techniques to trick individuals into revealing sensitive information or performing actions.
Man-in-the-Middle (MitM) Attacks: Intercepting communication between two parties to steal or modify information.
Password Attacks: Attempting to crack or steal passwords to gain access to systems or applications.
Identified By
The name of the individual who reported the incident.
Last Reviewed
The date on which this incident was last reviewed.