Reporting incidents

Efficient incident management is crucial for maintaining data integrity and complying with privacy regulations. The Kertos platform simplifies the process of reporting and assessing incidents, allowing organizations to respond promptly and effectively. This article guides you through the steps of reporting an incident on Kertos and highlights the differences between incidents and breaches.

 

What is an Incident?

An incident refers to any event that may compromise the confidentiality, integrity, or availability of information systems. Examples include unauthorized access attempts, system malfunctions, or suspicious activities.

What is a Breach?

A breach occurs when there is confirmed unauthorized access to sensitive data, leading to potential data exposure. Breaches typically require immediate action and notification to affected parties.

Key Differences

Incidents: Broadly cover any security event.

Breaches: Specifically involve data compromise, often with legal implications.

Reporting an incident in Kertos

This section provides a step-by-step guide to reporting an incident using Kertos.

 

1. Go the "Incidents" tab in the main menu.

 

2. Click "Report Incident".

 

3. Enter the incident Title and choose the Reporter person.

 

4. Determine Personal Data Involvement: Indicate whether personal data is affected. 

 

Ein Bild, das Text, Quittung, Screenshot enthält.

Automatisch generierte Beschreibung

If yes, additional fields will appear to specify the type and extent of data exposure and the incident becomes a breach. Article 33 of the GDPR requires the personal data breach incident be notified immediately or at the most, within 72 hours of it’s initial detection.

 

5. Enter Incident Details: Provide a detailed description of the incident, including the date, time, affected systems, and any initial evidence.

 

6. Clarify data affected and the Information Impact - Confidentiality, Integrity, Availability + Authenticity (DORA framework only).

 

Ein Bild, das Text, Screenshot, Quittung enthält.

Automatisch generierte Beschreibung

7. Decide on Measures to take:

  • Assign Responsibility: Identify the person responsible for managing the incident
  • Document the root cause and potential consequences 
  • Document any measures planned or undertaken so far

 

Ein Bild, das Text, weiß, Screenshot enthält.

Automatisch generierte Beschreibung

8. Decide on Authority Notification: If the incident is a breach involving personal data, determine if authorities need to be notified.

9. Attachments: Upload or link any necessary attachments.

10. After reviewing and submitting the incident report, you can view the incident in the "Closed" tab.

Was this article helpful?