FREE POPIA TOOLKIT
SUPPORTING TEMPLATE
Incident Report Form
Date of Incident: [Date]
Incident Details:
1. Incident Description:
Describe the incident in detail, including what happened, when it occurred, and any relevant background information.
2. Incident Category:
Select the appropriate category for the incident from the following options:
- Data Breach
- Unauthorized Access
- Loss or Theft of Devices
- Malware or Virus Attack
- Physical Security Breach
- Other (please specify)
3. Severity Level:
Indicate the severity level of the incident:
- Low: Minimal impact on operations and data security.
- Medium: Moderate impact on operations and data security.
- High: Significant impact on operations and data security.
4. Location of Incident:
Specify the location where the incident occurred, such as a physical address or network/system location.
5. Systems/Assets Affected:
List all systems, applications, and assets affected by the incident.
6. Immediate Actions Taken:
Describe any immediate actions taken to contain the incident and mitigate its impact.
7. Notification:
Indicate whether the incident has been reported to the appropriate authorities, such as regulatory bodies, law enforcement, or affected individuals.
8. Root Cause Analysis:
Provide a brief analysis of the root cause(s) of the incident, if known.
9. Follow-Up Actions:
Outline any follow-up actions required to address the incident fully, including remediation measures and preventive controls.
10. Recommendations:
Include any recommendations for improving incident response procedures or preventing similar incidents in the future.
Incident Reporting Person:
Name: [Name of Reporting Person]
Position/Role: [Reporting Person’s Position or Role]
Contact Information: [Email Address/Phone Number]
Reviewed By:
Name: [Name of Reviewer]
Position/Role: [Reviewer’s Position or Role]
Date Reviewed: [Date]
Approval Signature:
[Signature]
[Date]
This Incident Report Form Template is designed to facilitate the reporting and documentation of security incidents, including incident details, severity level, actions taken, and follow-up measures. It provides a structured format for capturing essential information and ensuring appropriate handling of security incidents.