Security incident management track

Whether working towards ISO 27001 or managing GDPR compliance, you will need to demonstrate effective security incident management.

  • Evidence end-to-end management of incidents & track events and weaknesses, following our proven work processes
  • Filter reporting by customisable settings that include notification to regulators and victims in line with EU GDPR
  • Manage and drive performance improvements using incident stats
  • Handle business continuity & disaster recovery planning

See here to find out more about security incident management in

The Security Incident Management Track, alongside integrated policies within help to make it easy to address 16.1.1 – 16.1.7 over the incident lifecycle.

See here for further details on ISO 27001 – Annex A.16: Information Security Incident Management.

How do I access the Security Incident Management Track?

  1. Hover over ‘Work’ in the navigation bar
  2. Click on ‘All Work’
  3. Search for the ‘Security Incident Management’ Track within the ‘All work’ search field
  4. Click on the ‘Security Incident Management’ link to navigate to the Track

Your Security Incident Management Track will display, and will appear as below, only without any track items present.

Using the Security Incident Management Track

The Security Incident Management Track functions much the same as any other Track on the platform. See here for more of our Track guides.

You will find that the following Statuses are present on the Track. As a Security Incident progresses, it will be assigned to the following statuses:

  1. To-do
  2. Assess: A16.1.4
  3. Respond: A16.1.5
  4. Review & Learn: A16.1.6
  5. Resolved

You will also notice that the Security Incident Management Track has five pre-configured parent categories, these categories allow you to classify security incidents using the following criteria:

  • Severity: Incident, Event, Weakness
  • Source: Internal, External, Internal & External
  • GDPR/DPA 2018: ICO notification, Victims notification (if you’re not doing GDPR or DPA 2018 you can remove this category or change it to something relevant)
  • Type: Confidentiality, Integrity, Availability
  • Personal Data role: Controller, Processor

See here to find out how you can add or remove parent and child categories within the Security Incident Management Track.

Further guidance on Tracks

Implementing ISO 27001 and need a little extra help?

Implementing a successful (and sustainable) information security management system can be challenging, especially if you or members of the implementation team are not experienced on the topic of ISO 27001.

To integrate seamlessly with the pre-configured workspaces and technology at the heart of, we have developed our Virtual Coach package.

Virtual Coach provides time-saving features, tools, actionable policies and controls and other content, you are now also equipped with the confidence and capability to achieve your ISO 27001:2103/17 certification goals faster, and at a tiny fraction of the cost of alternatives.

If you think this is something that your organisation might benefit from, click here to learn more.