Incident Management
Tailored for the security department
Element of the ecosystem
Fast implementation and minimization of the process operation
Ready-made workflows and expert knowledge built into the system
Three elements are crucial when responding to an incident - we know this from our own experience:
❶ Accurate assessment what the incident affects and what the losses may be
❷ Notification to appropriate persons in the organization and regular status updates
❸ Commissioning and monitoring corrective actions.
BCMLogic allows you to determine what processes are affected by the incident. Based on the category, impact and other factors, the priority is set and the appropriate Workflow is selected. Notifications are sent based on ready-made templates - when the status changes or at the operator's request.
There are standard actions for each subcategory that can be launched and ordered (via the application or Help Desk) and their progress can be tracked. All activities are logged in the system for later incident evaluation.
Response stages in the incidents module
Planning responses to various types of events
-
Building predefined incident management plans and a set of default actions to be performed in connection with the report classification
-
Adaptation of incident reporting forms
-
Register management: Area, Category, Subcategory, Priority
-
Definition of default priorities and resolution times
-
Access to managed procedures in the BCM module
Incident register
The module is a security incident management center and therefore enables registration and consistent handling of events from many sources:
-
Dedicated email box
-
Employee/company portal
-
Application screen
-
SIEM class system
-
Infrastructure monitoring systems
-
Help Desk
-
Any other source
Undertaking and service
-
Ordering default actions defined for a given incident category
-
Defining additional actions required by the situation
-
Communication regarding the incident via the application - current view of the situation and use at the inference and reporting stage
-
Notifications about tasks and important events via email and text messages, as well as panels in the application
-
Incident monitoring and expiration notifications
-
Possibility of escalating incidents to the BCM level
-
View of incidents in the emergency management center
Reporting and conclusions
-
Reports and diagrams
-
Access to the entire incident history
-
Incident statistics by status, priority and sources
-
Documentation and report templates dynamically populated with incident data
-
Conclusions from the incident and corrective recommendations
-
Defining and monitoring repair orders
Tailored for the security department
Custom-parameterized
BCMLogic Incidents is a module dedicated to handling security incidents. It allows you to easily connect various sources of information about events, define service phases, uses lists of notifications, predefined tasks, records actions taken and collects attached information, and generates ready-made reports based on templates.
Element of the ecosystem
Cooperation with other processes
The incident handling process can feed and use information collected in other processes:
-
Business Continuity Management,
-
Risk,
-
Information Security.
Example: updating the probability in the risk matrix based on the number of events.