Incidents & Issues
Record security incidents, track compliance gaps, and manage resolution through to closure.
-
Recording an incident
An incident is a real-world security event — a data breach, system outage, phishing attempt, policy violation, or near-miss. The Incidents tab tracks these through to resolution with a full audit trail.
-
Managing incident resolution
Each incident has a status: Open, Investigating, or Resolved. Managing resolution ensures events are followed up and closed rather than forgotten.
-
Understanding the issue register
Issues are compliance gaps and weaknesses — not real-world events. They include policy weaknesses, missing controls, and non-compliant conditions. Some issues are raised automatically when problems are detected (for example, during policy generation, or when a user is revoked while still listed as the owner of a policy, vendor, or asset and that ownership needs reassigning). Others you create manually when you identify a gap.
-
Incidents vs issues
Incidents are real-world events that happened — breaches, outages, phishing attacks. Issues are compliance gaps that exist — weak policies, missing controls, non-compliant conditions. They are tracked separately because they require different responses.
-
Using the NDB assessment workflow
-
Managing your vendor register
