Definition - What does Incident Reporting mean?
Incident reporting is the process of notifying a user or administrator of an abnormal event, process or action identified on a computing device, system or environment.
It is part of the security incident and event management (SIEM) process that alerts and logs all security incidents discovered within an IT environment.
Incident reporting is also known as security incident reporting or incident tracking.
Techopedia explains Incident Reporting
Incident reporting is generally performed by an anti-virus, firewall application or a purpose-built incident reporting software. Incidents can also be detected manually by the network, IT or security administrator.
Some of the incidents reported may include:
- Violation of security policies/procedures
- Unauthorized access/access attempts
- Abusive use of an IT asset
- Suspicious usage patterns
All such incidents are recorded within a incident log file and are used to asses, act, neutralize and recover from the incident.