Skip to content

0470 Incident Reporting

The incident report is used to record that an incident (such as data breach, software error, quality failure detected) has occurred. Many organizations have a dedicated incident management system (such as ServiceNow, GitHub or Jira). Open metadata supports the management of incident reports, either directly, or as a proxy to an incident in an incident management system. Where the incident is described in open metadata, it can be linked to the assets that are affected and its resolution can be governed through governance action processes.

An incident report may be related to the context event(s) that describe the root cause of the incident via the ContextEventEvidence relationship.

UML

IncidentReport entity

The IncidentReport entity is a Referenceable that describes the incident, when it occurred and its current status.

IncidentReportStatus enumeration

The IncidentReportStatus enumeration provides the valid values for the status describing the progress made to resolving the issue described in the incident report.

  • Raised - The incident report has been raised but no processing has occurred.
  • Reviewed - The incident report has been reviewed, possibly classified but no action has been taken.
  • Validated - The incident report records a valid incident and work is underway to resolve it.
  • Resolved - The reported incident has been resolved.
  • Invalid - The incident report does not describe a valid incident and has been closed.
  • Ignored - The incident report is valid but has been closed with no action.
  • Other - Another incident report status.

ImpactedResource relationship

The ImpactedResource relationship allows an IncidentReport entity to be linked to Referenceable entities that describe resources that are impacted by the incident. For example, it may link an incident report to a SoftwareServer that is unavailable. The severityLevelIdentifier describes the severity of the impact on the Referenceable entity. Its value is taken from the list of severities defined using the Valid Metadata Values services.

IncidentOriginator relationship

The IncidentOriginator links the IncidentReport entity to the Actor or Process that created the incident report.

IncidentDependency relationship

The IncidentDependency relationship allows related IncidentReport entities to be linked together. The description property describes the relationship.

Raise an issue or comment below