An incident is a single, unplanned event that causes a disruption in service and indicates an underlying error that needs addressing. All security issues should be considered incidents.

Incident management flow in BV:

• Detection: Incident is detected either through automated systems or manual reporting.
• Reporting: Once an incident is detected, it should be reported to the relevant team or individual responsible for incident management. – Create a task that has the title in this format: INC-Customer name-Date
• Categorization: After the incident is reported, it needs to be analyzed and categorized based on its severity, impact, and urgency. – The name of the task will be changed in INC-Customer name-Date – Critical (site breakdown)/Medium (section of the site not working)/Low (performance issues) and assigned to a resolving party.
• Investigation: Once the incident is categorized, an investigation should be conducted to determine the root cause of the incident. – Resolving party will change the status of the task to “In Progress”. Based on the info discovered during this step the categorization cand be changed, if needed.
• Resolution: Once the root cause is identified, a plan to resolve the incident should be created and implemented. – All relevant information from the investigation step should be documented and root caused should be highlighted. 
• Communication: During the incident management process, it is essential to keep all stakeholders informed about the status of the incident and the progress being made towards resolution. – Any relevant update end ETR (Estimated Time of Restoration) should be notified to the customer.
• Closure: Once the incident is resolved, it should be documented and closed. – Task will be marked in “Completed” status.