Security Incident Report Form Template for Austria

This Security Incident Report Form is designed to comply with Austrian legal requirements and EU GDPR regulations, providing a structured framework for documenting and reporting security incidents within organizations. The document enables systematic collection of incident details, impact assessment, and response actions while ensuring compliance with mandatory reporting obligations under Austrian law and EU regulations. It incorporates specific requirements from the Austrian Data Protection Act (DSG) and Network and Information Systems Security Act (NISG), making it suitable for both general security incidents and data breaches requiring regulatory notification.

Generate a Bespoke Document

1. Select your governing law:

2. Enter your key requirements:

Download a Standard Security Incident Report Form

Download a Austria-compliant Security Incident Report Form or see Genie's full template library.

Get template free

Review your own Security Incident Report Form

Let Genie AI identify missing terms, unusual language, compliance issues and more.

Upload to review

Your data doesn't train Genie's AI

You keep IP ownership of your docs

4.6 / 5

4.8 / 5

What is a Security Incident Report Form?

The Security Incident Report Form serves as a standardized template for organizations operating in Austria to document and report security incidents in compliance with both national and EU regulations. This document is essential for maintaining accurate records of security incidents, facilitating proper incident response, and meeting regulatory reporting requirements under the Austrian Data Protection Act (DSG), GDPR, and sector-specific regulations. The form should be used whenever a security incident is detected, whether it involves data breaches, system compromises, or other security-related events. It captures crucial information about the incident, including discovery details, impact assessment, response actions, and notification requirements, while ensuring all necessary documentation is maintained for regulatory compliance and internal audit purposes.

What sections should be included in a Security Incident Report Form?

1. Incident Information: Basic details including incident ID, date/time of discovery, date/time of occurrence, and location

2. Reporter Details: Information about the person reporting the incident, including name, role, contact details, and department

3. Incident Description: Detailed narrative of the security incident, including how it was discovered and initial assessment of impact

4. Systems/Assets Affected: List and description of all systems, data, or assets impacted by the incident

5. Impact Assessment: Evaluation of the incident's impact on operations, data, and stakeholders

6. Initial Response Actions: Description of immediate actions taken to contain or mitigate the incident

7. Data Breach Details: Specific information about any personal data exposed, required for GDPR compliance

8. Notification Requirements: Checklist of required notifications to authorities, data subjects, and other stakeholders

9. Current Status: Current state of the incident (ongoing, contained, resolved)

What sections are optional to include in a Security Incident Report Form?

1. Third Party Involvement: Details of any third-party vendors or service providers involved in the incident or its resolution

2. Financial Impact: Assessment of financial losses or costs associated with the incident

3. Criminal Activity Details: To be included if the incident involves suspected criminal actions, including details for law enforcement

4. Business Continuity Measures: Description of business continuity plans activated, if incident affected normal operations

5. Root Cause Analysis: Preliminary analysis of how the incident occurred, to be included if immediately apparent

6. Media/PR Impact: Assessment of public relations impact and proposed communication strategy, if public disclosure is likely

What schedules should be included in a Security Incident Report Form?

1. Incident Timeline: Detailed chronological timeline of the incident and response actions

2. Evidence Log: List and description of all evidence collected related to the incident

3. Contact List: List of all relevant contacts including incident response team, stakeholders, and authorities

4. System Logs: Relevant system, security, or application logs documenting the incident

5. Data Breach Notification Template: Template for notifying affected data subjects (if required under GDPR)

6. Technical Analysis Report: Detailed technical analysis of the incident, including any malware or attack vectors identified

Authors

Alex Denne

Head of Growth (Open Source Law) @ Genie AI | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents

Cost

Free to use

Find the exact document you need

No matches found.

Incident Notification Form

Austrian-compliant incident notification form for standardized reporting of various types of incidents, ensuring regulatory compliance and proper documentation.

Download

Hazard Report Form

An Austrian law-compliant form for reporting and documenting workplace hazards and safety concerns, aligned with ArbeitnehmerInnenschutzgesetz requirements.

Download