Help Center
Create a Ticket
  1. SureCloud Help Center
  2. Applications
  3. Incident Manager User Guide
    Follow

    Incident Manager: Incident Details Form

    Incident Details Form 

    Once the prerequisite fields have been completed on the Incident Register, the incident details form is created for incidents. All information that has already been added on the parent forms will be automatically populated. For simplicity the following form has been separated into smaller sections, allowing each to be focused on. 

     

    Introductory Details  

    In this section, the user provides detailed profile of the event, with some additional information being pulled through from the (e.g. the summary, the date notified). This allows the user to provide some context behind the event and fully detail the sequence of events that lead to this incident, including those who participated, see below. 

     mceclip4.png

      

    This introductory section has the following fields: 

     

    Ref.  

    Item  

    Description  

    1  

    Escalate  

    Click this button to escalate to the accountable user as defined in the incident variant selected in the register.  

    2  

    Status  

    This displays status of the incident.  

    3  

    Location  

    A free text field to enter the location of the incident.  

    4  

    Detailed Description  

    An opportunity to add a detailed description of when the incident took place, and what happened. 

    5  

    Attachment  

    There is the option to upload any supporting documentation for this incident.  

    6  

    Root Cause  

    Here, there are four options to choose from in the form of a drop down listSystem Failure, Human Error, Social Engineering and Malicious Attacks.  

    7 

    Sequence  

    This is an automatically generated sequential number that counts based upon when that row was added in a chronological sequence.  

    8 

    Event  

    The event that occurred.

    9 

    Participants  

    The people who were involved

    10 

    Date  

    The date the event occurred.

    11 

    Time  

    The time the event occurred. The value field restricted to “hh:mm” format.

    12 

    Add Button 

    This adds a new row into the table.

     

    Supporting Assets 

    This section detailed any supporting assets that were affected by the incident, see belowThese assets are taken from a Supporting Assets Library, from which the assets details (e.g. the type of asset, the asset owner and infrastructure etc) are recorded. By selecting this asset from the list, these details are automatically populated in this section. 

     mceclip5.png

     

    This section has the following fields: 

    Ref.  

    Item  

    Description  

    1  

    Supporting Asset 

    Add the affected supporting asset(s).  

    2  

    Type 

    Automatically populated from the Supporting Assets.  

    3  

    Owner 

    4  

    Organisation 

    5  

    Infrastructure 

    6  

    Location 

     

    Inherent Risk on Information Assets 

    The affected information assets are taken from the Information Assets Library, from which details such as its risks are auto populated in the incident form. Using these risk values, the overall inherent risk of the incident is calculated, see below. 

     mceclip6.png

      

    Ref.  

    Item  

    Description  

    1 

    Information Asset  

    Add the affected information asset(s)

    2 

    Subjects  

    Automatically populated from the Information Assets.  

     

    3 

    Classification  

    4 

    Sensitivity  

    5 

    Volume  

    6 

    Risk  

    Calculated based upon the settings in Risk Limits.  

    7 

    Add Button 

    This adds a new row into the table.

    8 

    Inherent Risk  

    This displays the maximum risk displayed over all the risks in column 7 of the Affected Information Assets section.  

     

    Third Parties and Mitigating Controls  

    Any third parties that have been affected by the incident can also be detailed on the incident form, as well as any mitigating controlsThe third parties and the controls selected are taken from the Organisation Register and Control Library respectively. The details of the third parties (e.g. status, scope etc) are populated from the Organisation Register. From here, the organisation can record if the Third Party habeen notified of this incident. The control details (e.g. description, status etc) are completed from the Control library. From this, the residual risk and target risk are calculated. The residual risk is calculated by using the inherent risk and the current maturity of the mitigating controls, the target risk is calculated using the inherent risk and the target maturity.   

     

    mceclip7.png

     

    This section has the following fields: 

      

    Ref.  

    Item  

    Description  

    1 

    Third Party  

    Add the affected third parties.  

    2 

    Status  

    The status of the Third Party, set in the Organisation Register.  

    3 

    Scope  

    The scope of the Third Party, set in the Organisation Register. 

    4 

    Service Description  

    The service description for the Third Party, set in the Organisation Register.  

    5 

    Contact  

    This is where the contact information for that third party is displayed.  

    6 

    Notified?  

    Mark if the Third-Party has been notified.  

    7 

    Add Button 

    This adds a new row into the table. 

    8 

    Control  

    Detail the mitigating controls, insert as many rows as needed.  

    9 

    Description  

    This description is automatically populated from the Control Library.  

    10 

    Status  

    This status is automatically populated from the Control Library.  

    11 

    Current Maturity  

    This Current Maturity is automatically populated from the Control Library.  

    12 

    Target Maturity  

    This Target Maturity is automatically populated from the Control Library.  

    13

    Add Button

    This adds a new row into the table.

    14 

    Residual Risk  

    Calculated from the Inherent Risk and Current Maturity.  

    15 

    Target Risk  

    Calculated from Inherent Risk and Target Maturity.  

      

    Failed Controls and Corrective Actions  

    This section details controls that were in place but failed to prevent the incident from occurring. These controls are taking from the Controls Library.  Following this, the user can detail any actions that need to be taken in order to prevent this incident from occurring again.  

     

     mceclip8.png

     

    This section has the following fields: 

     

    Ref.  

    Item  

    Description  

    1 

    Control  

    Detail the mitigating controls, insert as many rows as needed.  

    2 

    Description  

    This description is automatically populated from the Control Library.  

    3 

    Status  

    This status is automatically populated from the Control Library.  

    4 

    Current Maturity  

    This Current Maturity is automatically populated from the Control Library.  

    5 

    Target Maturity  

    This Target Maturity is automatically populated from the Control Library.  

    6

    Add Button

    This adds a new row into the table.

    7  

    Action  

    Detail any corrective actions, insert as many rows as needed.  

    8  

    Facilitator  

    This is automatically populated from the Actions List.   

    9  

    Target Date  

    10

    Updates  

    11   

    Status  

    12

    Add Button

    This adds a new row into the table.

    Next Step:  Incident Variants

    Was this article helpful?
    0 out of 0 found this helpful

    Comments

    Further Questions?