Review incidents

Once an incident occurs, Kisi provides all the necessary details on the incident page. You can review this information, assign the responsible team member, and ensure they have all the context needed to handle the situation. The assigned team member can then acknowledge the incident, leave notes, follow the provided instructions, and ultimately resolve it.

1. Sign in to Kisi
2. On your left sidebar, click he Incidents icon
3. Select the Incidents tab
4. Choose the Active or Closed tab, depending on whether you want to review active or closed incidents
5. To find the specific incident, filter the list by Type, Status or Opened on date
6. Click on the incident you want to review
7. Under General, ou can review and edit the basic information about the incident:
   • Details
   • Type
   • Opened on date
   • Instructions (if any)
   • Assigned user (if not assigned, you can assign it to a team member)
   • Severity level (if not set, you can define it)
   • Notes section (e.g., "I checked all access event media and confirm no unauthorized access at the New York Office.")
8. Click Save to apply your changes
9. Under Occurence, review related access events and their media, if available
10. Under Activity, review the incident log from detection to resolution
11. After reviewing the incident, the admin or the assigned user can either Acknowledge or Resolve it
    • Acknowledge: When an incident is acknowledged, its status changes from Open to Acknowledged, but it remains active and not yet closed.
    • Resolve: Once an incident is resolved, it is automatically marked as closed