SIIM Roadmap
Step 3. Context analysis of patterns and trends 

Organisations should record incidents in an incident database, which is a software system or spreadsheet that is specifically set up for SIIM. A properly functioning incident database should:
- Uses technology that matches the organisation’s size and needs
- Keeps logged information confidential to protect the privacy of affected individuals
- Have defined access credentials for who can view the information and for what purposes
- Follows consistent reporting procedures
- Allow multiple incidents to be analysed.
IfIf staff members are required to enter their own incident reports directly into a database, then organisations must provide clear guidelines and training to ensure consistent reporting.

Learn more
Consult SIIM Handbook, pages 57 & 59:
Chapter 2, Objective four – Strategic decision making: 4.1 Systematic recording of incidents: what system to use?

Consult the following tools
Tool 9 – SIIM systems
Tool 10 – Incident storing
Tool 11 – Technology to report and record incidents