What’s New at Software Risk?

At Software Risk, we know that the security and software industries don’t sit still for long, and neither do we. We take pride in ensuring we’re across all the latest developments and the “hot topics” of the moment that our clients and the industry are talking about.

To help you do likewise, we regularly prepare articles and updates on the key issues we think you need to know about, offering our take on the matter and what it might mean for your business.


Sign up to get access to the Security Risk platform. Once you fill this form, check your email for confirmation.


The more we learn about the major incidents in our organisation, the better we understand the risks or threats to the environment. Accurate and factual knowledge about the incidents not only allows the organisation to establish contingency plans, but it also enhances the organisation’s ability to respond faster.

Companies hire professional security firms to mitigate or tackle security incidents that might harm their reputation, operations, or site location. As a result, security providers take the responsibility to be prepared all the time, make prompt decisions, and create detailed security incident reports.

Now you may ask, what is an incident report?

What is an Incident Report and Why is it needed?

An incident report is a formal entry of the facts related to a particular incident. It is the first step

  • that triggers an investigation
  • supplies further information for the investigation,
  • enables a report to be issued that becomes a single reference point’
  • and ensures compliance with industry regulations.

Security firms maintain security incident reports for all events that transpire in their operations. No matter how insignificant the incident may seem, it requires the security companies to provide a full record of what took place and when. This increases accountability of the security service provider and creates increased trust between providers and their clients.

Incident reports also highlight the trends or learnings that enable security firms to predict and prepare for future incidents and allocate resources where they are needed most. 

Apart from a detailed description of the incident, other items to include in an incident report are:

  • Site or location of the incident
  • Witnesses to the incident (if any)
  • List of any anomalies that might have contributed to the incident
  • Severity or grade of the incident
  • Details of the immediate measures taken in response
  • Recommendations including future mitigations, immediate follow on actions and reporting requirements

What to cover in an incident report?

The rule of thumb is to gather all the necessary information and create a report that outlines:

  • The What:​ To start with, describe the details of the incident in chronological order. Be as descriptive as possible in this section without adding unnecessary information.
  • The Who:​ In this part, identify the individuals involved in the incident and how (or if) they were affected. Complete their details with accurate and objective contact information and visual descriptions of the persons.
  • The When:​ Include the actual time and date of the incident when it happened. If the time is unknown, use a recognizable timeframe to provide authenticity.
  • The Where:​ In this section, provide the address and other pertinent details that are relevant to describe the location. 
  • The Why:​ This section may be more subjective than others but always give a rational and objective understanding of the reason behind the incident. The best practice is not to speculate or provide biased information.
  • The How:​ In this section, describe as many details as you can regarding how the incident occurred. It is mandatory to include rich media such as photos, videos, and audio recordings, etc. in this section so that there is legal proof of time, location and incident.

Once you are done reporting about the incident, describe the action taken by the security personnel in response to the incident. This may include how an area was secured, made safe or mitigation steps taken (for instance replacing glass in a broken window).

What makes a good security incident report?

An incident report should highlight all the information about the incident and witnesses to the incident. The following are the key elements of a proper report:

Accuracy: Data points mentioned in the report must be correct and free of typo and other human errors. Always proofread the report before submission because a single incorrect detail about witnesses’ names, contact details, or date and time of the event can kill the purpose of the report. To sound more accurate and authentic, provide specific details of the event, and avoid vague and double-meaning statements that lead to any confusion.

Completeness: Never miss out on any detail, no matter how unimportant it may seem. A quick way to ensure is by answering all WH questions (what, where, when, why, and how) one-by-one. For completeness, record not only the cause of the incident but also include details of who witnessed it and what 'might have' caused it.

Factual: The aim of your report should be to provide facts as they happened. Always use a professional tone and avoid any emotional, biased, or one-sided statements that may not provide a full picture of the incident. If you struggle to find both sides of the story, avoid concluding anything from the statements. 

Graphical Representation: A picture is worth a thousand words. Hence use supporting material such as diagrams, images, and graphics as shreds of evidence. Any photos taken at the site location adds clarity and authenticity to the report.

Validity & Reliability: After you finish documenting the report, validate and cross-check the information from those who were involved in the incident. Involved parties can be managers, victims, reports, security guards, etc. Always sign off with the signatures of involved parties to provide authenticity to their testimony. Take photos of any hand written reports to ensure a permanent and shareable record is available. Valid information assists in understanding what happened, reliable information assists in increasing trust and confidence that what is reflected in the report is true.

What Happens After an Incident Report?

Many times, the incident is self-explanatory and does not require any further investigation. Once all the information is gathered in a report and validated with the witnesses, assess whether there is a need for a full investigation. In the security industry an incident report will often result in a police report. Trained and licensed security guards will know when this is required, but an incident report drafted at the time or very soon after the occurrence will be more usable and admissible as evidence in a court proceeding. Reports that have photos and written statements from witnesses are stronger forms of evidence.

In case of an investigation, be prepared to provide further necessary information as per the client's request. Contemporaneous notes and records with real-time incident logs greatly assist in any formal detailed investigation.

​Different Methods of Security Incident Reporting

Security companies globally use different methods to report security incidents. Each method has its pros and cons and how you submit an incident report is entirely up to your organisation’s needs and goals a matter of preference and often driven on the intended use of the report, i.e. is it internal or external distribution, is it for a police investigation, is it an assessment of a potential risk not yet realised?. Still, a ​method or tool to assist in the gathering of critical information can immensely impact the quality of your reports and the speed at which you submit them. Generating them in a consistent format assists users in understanding and accessing the relevant information pertinent to their role (manager, client, guard, member of public).

Three widely used methods of security incident reporting are Pen & Paper method, Wand-based systems & Smart Solutions. Here’s how they differentiate:


Pen & Paper method

Wand-based systems

Smart Solutions


Widely popular as being ‘sufficient method’, 60% of the companies and security agencies globally still use pen and paper method to report incidents.

With better accountability than pen and paper, the wand-based system is the second most popular method. 35%of the companies globally use this to report security incidents.

An emerging method mainly concentrated in countries like Europe, South America and the UAE. Only 5% of the companies use Smart Security Workforce Management solutions to report security incidents.



Expensive - Security equipment needs to be replaced and replenished on a regular basis.

Moderately Expensive


Very low - No easy way to show evidence

High - Better than paper method but prone to human errors.

Very High  - 

Evidence includes rich media such as photos, videos, and audio recordings, etc


Very low - Can easily be stolen and altered.

Moderate to Low - Can easily be tampered with no accurate view of daily operations or security situations.

Very High - Highly automated and stores data in a secure database that comes complete with all pertinent information, providing verifiable digital footprints.



A timely and well-written incident report helps you identify the root cause(s) of the incident and respond to any emergency situation. Security Business Sentry comes with a best-in-class incident reporting with features like offline submission where guards can submit the report even with no or low internet connectivity. By revisiting the incident through the report, you have a higher chance to prevent the same incident from happening again. After all, prevention is better than cure. 

Rapid-response mobile and web applications  To make your security operations smarter.  Register for Free Trial Now!  

Stay up to date with recent industry developments

Tell us what security issues keep you awake at night and we’ll share our latest thinking with you. We also offer access to a library of resources including eBooks, videos, and podcasts. To access the library, you can sign up free of charge here.