Configure Major Security Incident status reports
Summarize
Summary of Configure Major Security Incident status reports
This guide outlines the configuration of major security incident status reports within the ServiceNow platform, specifically for the Major Security Incident Management workspace. It enables users to create and customize report templates that can be tailored to meet specific business needs throughout the major security incident lifecycle.
Show less
Key Features
- Report Templates: Users with the snmsi.workspacemanager role can create report templates that define the information to be included in status reports. Customization options allow for specific formatting, layout, and inclusion of visual data.
- Default Report Components: Key components include report title, author name, summary, date, progress metrics, challenges, and next steps.
- Report Types: Various formats are available, including Executive Email, Executive Status Report PDF, and Technical Status Report PDF, each providing comprehensive insights into the incident's scope, metrics, and progress.
- Customizations: Users can upload logos, customize headers and footers, and add standard or custom fields to the report templates.
Key Outcomes
By configuring these reports, ServiceNow customers can efficiently track and communicate the status of major security incidents to stakeholders, ensuring transparency and informed decision-making throughout the remediation process. The mobile-friendly options enhance accessibility for executives, while detailed technical reports provide in-depth insights for operational teams.
Configure major security incident reports to set up and download the reports according to your business needs throughout the life cycle of the major security incident record remediation process.
You can build the report templates with a specific format and layout, and customize these reports according to your specific requirements using the Status Reports feature of the Major Security Incident Management workspace.
A user with the sn_msi.workspace_manager role can create and configure the report templates that outline the type of report information that can be used to generate all the status reports, which can be shared with specific users such as executive stakeholders, legal departments and map those templates to the major security incident records.
To customize your MSI status reports, you must first set up the report templates using Report Templates. With the help of Report Templates, you can build the report template types, define the report components for those report templates, add additional information, create visualized data to track the scope and progress metrics, add related list data, and generate the status reports.
| Component Type | Description |
|---|---|
| Report Title | Title of the report type. For example, the default format of the report type is: {MSI Number} - {Executive Stakeholder Report} depicted as MSI0001001: Executive Stakeholder Report. |
| Name | Displays the name of the user who generated the report using the Status Reports section of the Major Security Incident Management workspace. |
| Summary | Displays a brief summary of the report. |
| Date | Displays the date on which the report is shared with the concerned recipient. |
| Progress | Displays the Scope and Progress Metrics such as the linked SIR Incidents, Response Tasks, Supplementary Tasks, External Collaboration, Timeline components, and Recent Timeline Events. |
| Challenges | This section displays a brief description on the challenges involved throughout the major security incident remediation process. |
| Next Steps | This section displays a brief description on the next steps involved in resolving the major security incident. For example, the active team subsection in the executive stakeholder report provides you with the information with the next step on the team assignment who is involved in further analysis of the major security incident record. |
| Other customizations | The report template also provides you with the capability to upload the logo and customize the headers and footers on the report. |
- Executive Email
- Technical Status Report PDF
- Executive Status Report PDF
Mobile-friendly Executive Status Reports - Email
The Executive Status Reports - Email are mobile-friendly status reports that are generated in email format. The report section includes a summary of the report, MSI duration column, incident scope/impact, active team metrics, progress metrics, and Timeline components such as the recent timeline events for that specific major security incident record.
Executive Status Reports - PDF
The Executive Status Reports - PDF are status reports that are generated in PDF format. The report section includes a summary of the report, MSI duration column, incident scope/impact, active team metrics, progress metrics, and Timeline components such as the recent timeline events for that specific major security incident record.
Technical Status Reports - PDF
The Technical Status Reports - PDF are status reports that are generated in PDF format. The report section includes a summary of the report, MSI duration column, incident scope/impact, active team metrics, progress metrics, and Timeline components such as the recent timeline events for that specific major security incident record, labeled Task updates and labeled activities, based on the assignment group and selected tag label since when the last status report is generated, and additional information such as incident impact and linked incidents.