Incident Report Generator — lab.johlem.net

All processing happens locally in your browser. No data is sent to any server.

Regulatory Framework

NIS2 DORA GDPR Generic

Report Type

Incident Details

Incident Title

Incident ID

Severity

Incident Category

Detection Date & Time

Estimated Start (if known)

Incident Description

Impact Assessment

Users / Subjects Affected

Systems Affected

Cross-border impact Suspected unlawful / malicious act Incident still ongoing Personal data affected

Response Actions

Containment Measures Taken

Mitigation / Remediation Plan

Root Cause (if identified)

Indicators of Compromise (IoCs)

Reporting Entity

Organization

Contact Person

Contact Email

Contact Phone

Reporting Deadlines Reference

NIS2 (Art. 23)

24h Early warning to CSIRT 72h Detailed notification 1 month Final report with root cause Applies to significant incidents only

DORA (Art. 19)

4h Initial classification 72h Intermediate report 1 month Final report Applies to major ICT incidents

GDPR (Art. 33-34)

72h Notify supervisory authority Undue delay Notify data subjects (if high risk) Applies to personal data breaches

Best Practice

Document everything from minute one Preserve evidence before remediation Keep stakeholder comms separate from technical log Update reports as new facts emerge