Step 3. Context analysis of patterns and trends
Organisations can gain further insight into a particular security incident from information/data supplied by other organisations. This information can be obtained either directly through forums or through pooled databases. However, other organisations might use different ways of categorising incidents, making it challenging to analyse shared data. Therefore, it is important to first understand the incident categorisation systems of organisations using different approaches to security incident management. Examples of external incident data-sharing resources include:
- Aid in Danger by Insecurity Insight
- Aid Worker Security Database (AWSD)
- International NGO Safety Organisation (INSO)
- Saving Lives Together Framework
- In-country NGO collaboration structures.
Consult SIIM Handbook, pages 21, 33, 47, 51 & 52:
Chapter 2, Objective one – Immediate response: 1.4 Communication & Objective three – Understanding the operational context, 3.2 External sharing of incident information & 3.3 Forums for sharing security incident information.
Consult the following tools
Tool 2 – Typology of incidents – update 2021
Tool 11 – Technology to report and record incidents
Tool 14 – Incident alert report example and Incident alert report template
Tool 15 – Weekly or monthly report example and Weekly or monthly report template
Tool 16 – Datasheet for recording incidents
Tool 17 – Classification of incidents