Incident Register

Automate the entire ICT incident management process—from classification and impact assessment to logging and generating reports fully compliant with DORA and NIS2.

Book a demo

How does the Incident Register module empower your organisation?

Assurance of reporting within 24 hours — even at the most critical moment, when time, information completeness, and consistent communication with regulators matter most. The Incident Register module in RED INTO GREEN was designed with NIS2 and DORA obligations in mind, enabling fast, structured, and accountable management of ICT incidents.

Digital Navigation: Automated decision support and workflow acceleration

Upon logging in, the system automatically classifies incident severity and determines whether it qualifies as “major” under DORA or “significant” under NIS2. This automated assessment enables you to:

  • Validate reporting obligations instantly to ensure regulatory compliance.
  • Optimise resource allocation by prioritising high-impact incidents.
  • Eliminate misclassification risks.
Book a demo

Real-Time Validation: Effective regulatory reporting

Reduce incident assessment time. Instantly determine whether you’re dealing with a serious incident that will require about four hours of reporting, or whether it’s not serious.

Classify, assess, and record ICT incidents, and report them to regulatory authorities. The real-time validation engine matches your data against official templates to:

  • Eliminate formal errors that lead to report rejection.
  • Mitigate risk regarding financial penalties and reputational damage.
  • Ensure predictability and operational calm during high-pressure crises.
Book a demo

Filtering Related Data: Accuracy and consistency

Access all incident data from a single, centralised repository. Every report follows a uniform structure, simplifying risk analysis and ensuring you are always audit-ready. Filter critical data points in seconds and generate comprehensive reports on demand.

If you use an incident register integrated with the Risk Analysis module, you can easily utilise incident information to assess likelihood in your risk analysis. You can instantly see exactly what impact specific incidents have on your organisation’s assets. This makes it easy to review procedures and justify the budget for necessary security measures.

Book a demo

Is DORA and NIS2 incident reporting a burden?

5 critical challenges for organisations

Time Pressure: You have as little as 4 hours to report a major incident to the supervision authority, with additional varying deadlines for CSIRT notifications.

Human Errors: Stress and urgency contribute to the fact that 95% of reporting errors stem from manual mistakes made under pressure.

Risk of Automatic Rejection: Minor technical errors—such as a typo in an LEI code or an incorrect date format—can lead to the immediate rejection of your report by regulatory systems.

Severe Financial Penalties: Non-compliance can result in staggering fines of up to 2% of total annual turnover or PLN 21 million.

Loss of Lifecycle Control: Without automation, tracking complex reporting stages and overlapping deadlines across different authorities becomes nearly impossible.

They trusted us

Combine modules to get a complete view of risk in a single application!

Link your Incident Register directly to Risk Analysis to transform incident data into actionable risk intelligence and streamline DORA/NIS2 compliance.

Product

RIG DORA

Explore
Product

RIG NIS

Explore

Incident Register features

Explore the dependencies between ICT services. Automatically manage changes to the register resulting from, amongst other things, contracts with ICT suppliers or changes to critical functions; generate reports, discover many other possibilities.

Built-in drop-down lists

Use DORA-compliant drop-down lists to eliminate error risk. ​ Instead of entering data into a report (e.g., incident type, effects, classification, status, source of threat), select a value from a predefined list developed in accordance with official DORA guidelines and supervision authorities’ templates.

Book a demo

Smart links

Save time with automatic filters and describe incidents efficiently. ​ Select a specific incident type (e.g. core banking system failure), and the system automatically:

  • suggests the most likely consequences (e.g. service unavailability, impact on customers),
  • filters the drop-down lists to show only those options that make sense in the given context,
  • suggests a classification in accordance with DORA principles.
Book a demo

Incident classification

Enter the necessary data, and the system will classify the incident for you in accordance with the criteria set out in the regulation. The system analyses the data for you according to the ‘1+2’ rule from DORA:

  • mandatory condition: Does the incident concern critical services?
  • at least 2 out of 7 additional criteria: e.g. impact on customers, reputation, data, geographical scope, etc.


On this basis, the application automatically classifies the incident as:

  • “Serious” – triggers the obligation to report within 4 hours.
  • “Minor” – does not require immediate reporting, but may be analysed internally.
Book a demo

Documentation

Store all reported incidents in one place, with a full history of changes, reports and statuses.
Access always up-to-date documentation of the incident lifecycle.
From the initial report through preliminary, interim, and final reports, to root cause analysis and corrective actions – everything is organised and accessible.

Book a demo
Module – Incident Register

Explore standalone and bundled pricing options.

Learn more