Articles on: Incidents

Incident Management

🚨 Incident Management

Log it, classify it, track it, and notify the relevant parties.



1️⃣ Page Overview

The Incidents menu is your central place to document, classify, and manage incidents quickly. To help you work efficiently, we provide a structured incident template (ensuring consistent reporting), and then allows you to move each incident into a Kanban workflow for tracking until resolution.


Did you know you can override our templates from Settings > Document Templates by importing and modifying the content. That way you can fully align them with your needs. These templates can also be a word/excel document if that is how you prefer to work.



2️⃣ Creating an Incident (from Template)

When logging an incident, the form ensures that all important details are captured.

Here is the template you will see when creating a new incident:




Sections include:

  • Incident Identification — Reference number, description, who reported it.
  • Assessment — Date, location, severity classification.
  • Incident Classification — Confidentiality breach, Integrity violation, Availability disruption, Quality issue
  • Incident Category — Incident, Event, or Weakness.
  • Incident Source — Internal, External, or both.
  • Personal Data Considerations — Processing role (e.g., Controller, Processor).


📌 Think of this as your standardized reporting sheet that ensures nothing is left out.


3️⃣ Existing Security Measures

Document controls already in place at the time of the incident, such as:

  • Encryption
  • Password policies
  • Monitoring & alerting measures
  • Access control configurations


🔗 You can also @link related controls in the system for traceability.


4️⃣ Incident Response Actions

Capture actions taken to contain and mitigate the incident:


Date | Action Taken | Responsible Party |

YYYY-MM-DD | Describe action | Assigned person/team |

YYYY-MM-DD | Describe action | Assigned person/team |


5️⃣ Review & Lessons Learned

Prevent future recurrence by documenting corrective actions:


Date | Preventive Measure | Responsible Party |

YYYY-MM-DD | Describe preventive step | Assigned person/team |

YYYY-MM-DD | Describe preventive step | Assigned person/team |


6️⃣ Resolution

Once resolved, the incident is closed and archived as per retention policies.


  • Date of Resolution (YYYY-MM-DD)
  • Justification for Closure — Explain why the incident is considered resolved, including mitigation evidence and ongoing monitoring.


A resolved incident should always include proof of action and closure notes.


7️⃣ Notification Requirements

Brainframe allows you to record who needs to be informed. Checkboxes make it simple:


  • [ ] All Stakeholders
  • [X] Company Board
  • [ ] InfoSec & Risk Board
  • [ ] Authorities/Regulator
  • [X] Employees
  • [ ] Customers
  • [ ] DPO
  • [ ] Top Management
  • [ ] Data Subjects
  • [X] Legal


8️⃣ Incident Kanban Board

Make sure to add incidents to the Kanban board to properly keep track of their resolution.


Stages include:

  • 🟢 Open — New, not yet managed.
  • 🟡 In Progress — Being investigated.
  • 🔵 Mitigated — Addressed, awaiting confirmation.
  • Closed — Fully resolved and documented.


📌 Update incidents to advance stages as your team progresses.

The stages are fully configurable to match your own preferred workflows


9️⃣ Best Practices

  • 🚨 Log incidents immediately — Never wait, details fade quickly.
  • 🗂 Keep evidence attached — Controls, logs, screenshots.
  • 📨 Update notifications — Regulators and boards expect timely updates.
  • 🧩 Always document lessons learned — Prevent repeating mistakes.
  • 🔄 Keep Kanban up to date — Ensures audit readiness at all times.


🎯 Visual Checklist

  • [x] Incident logged in template
  • [x] Security measures noted
  • [x] Response actions documented
  • [x] Notifications sent
  • [ ] Lessons learned completed
  • [ ] Incident closed & archived


Updated on: 03/09/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!