Incident Report

Board-ready documentation for incidents and non-conformances. Structured inputs ensure audit-grade output.

Document Classification

Determines access control, distribution, and handling requirements

CONFIDENTIAL - INTERNAL USE ONLYREGULATORY DISCLOSURE REQUIREDRESTRICTED - MANAGEMENT ONLYINTERNAL - OPERATIONAL USE

Header Information

Report Type*

IncidentNon-Conformance

Date and Time*

e.g., February 22, 2026 at 03:14 AM

Company Name

Location / Scope*

Specific system, facility, or geographic scope

Activity or Process Involved*

Section 1 — Factual Description

Event Description*

Describe observed facts objectively. The system will reformulate into executive bullets.

Timeline

Separate entries with semicolons. Format: HH:MM AM — Description

People Involved

Separate names and roles with commas

Section 2 — Gap Analysis

Expected Standard / Norm*

What policy, SLA, or procedure should have been in place?

Observed Condition*

What was actually found at the time of the incident?

Section 3 — Impact Severity Matrix

Board-Level

Score each dimension from 1 (negligible) to 5 (critical). Justifications are embedded directly in the PDF table.

Operational

3/5Moderate

0/50

Financial

2/5Low

0/50

Regulatory

2/5Low

0/50

Reputational

2/5Low

0/50

Overall Criticality IndexMEDIUM (2.3 / 5)

Section 4 — Immediate Actions

Optional

Observed Impacts

Business, compliance, reputational, and technical impact — used to enrich the analysis

Immediate Actions Taken

Containment or response actions already executed

Section 7 — Forensic Evidence

Traceability

Each field produces a distinct line in the Evidence section of the PDF. Use specific, traceable identifiers.

Internal Ticket Reference

ITSM / Jira / ServiceNow ticket number

System Log / Event ID

AWS GuardDuty, Splunk, SIEM, or equivalent log reference

Evidence Storage Location

Path, S3 bucket, SharePoint folder, or secure vault reference

Section 8 — Residual Risk Status

Documents the live risk posture after initial containment

Current Risk Level

Containment Status

Pending Validation Items

Select all that currently apply

Forensic analysis pendingRegulatory notification draft in progressData exfiltration confirmation pendingLegal review

Next Review Date

Conditions for Incident Closure

Specific criteria that must be met before this incident can be formally closed

Company Context

Optional

Providing a URL allows the system to contextualize its output to your specific operational environment.

Company Website

Company Logo

Upload Company LogoPNG or JPG — up to 5MB

Document Validity Period

Set the governance lifecycle for this asset. Expired documents will trigger compliance alerts.