SIIM Roadmap

The SIIM Roadmap describes the 14 overall actions that organisations should take to manage and benefit from information about safety- or security-related incidents.

Managing safety and security incident information should be a continuous learning cycle. The response to and analysis of one incident should inform the response to and analysis of future incidents. The Roadmap below describes the 14 actions under four key steps that organisations and employees should take to effectively manage information about a security-related incident. The order of the steps and the person responsible for each action may vary according to the situation, and should be adapted to reflect the nature of a particular incident, the organisation affected by the incident and the operational context.

Click on the relevant Step (1 to 4) or Action (1 to 14) to learn more about each one.

Step 1. Incident reporting and immediate response

1

Report the incident

2

Respond to the incident

3

Complete formal incident report

Step 2. Incident analysis and lessons learned

4

Follow up

5

Analyse the incident

6

Implement lessons learned

Step 3. Context analysis of patterns and trends

7

Record incident

8

Access external incident information

9

Share incident data externally

10

Analyse data on multiple incidents

Step 4. Informed decision making and policy design

11

Share incident data internally

12

Inform operational decisions

13

Inform organisational policy

14

Inform staff of decisions made

Incident occurs
Preparedness
Improved access and security
SIIM Handbook
Classification of incidents
Tools and Resources