INCIDENT MANAGEMENT
Detect. Report. Resolve.
From first signal to audit evidence. Classify incidents, meet GDPR, NIS2 and DORA reporting obligations, and document every step for auditors.
Unauthorized access to staging DB
Phishing email sent to 12 employees
API timeout at payment provider
Backup job failed (non-critical)
SSL certificate expires in 7 days
HOW IT WORKS
From incident to audit evidence in 4 steps
Report incident
Via form, API or directly from monitoring. Affected assets, timestamp and initial description are documented immediately.
Classify
Assign severity, incident type and affected data categories. Kopexa automatically detects which regulatory reporting obligations apply.
Meet reporting obligations
GDPR Art. 33 (72h), NIS2 (24h early warning), DORA (4h initial). Deadlines, responsible authorities and reporting templates ready to go.
Resolve & document
Assign actions, analyze root cause, track progress. Complete audit trail for auditors and supervisory authorities.
REPORTING OBLIGATIONS
Know deadlines. Reach authorities. Prove it.
GDPR, NIS2, DORA: each regulation has its own reporting deadlines, authorities and forms. Kopexa tracks everything automatically and ensures you never miss a deadline.
Automatic deadlines
Kopexa calculates reporting deadlines from detection. GDPR 72h, NIS2 24h/72h, DORA 4h/72h. Escalation on breach.
Manage authorities
Store responsible supervisory authorities per regulation and location. DPA, BSI, BaFin or custom contacts.
Configure incident types
Data breach, system outage, unauthorized access, phishing. Define your own categories and link them to reporting obligations.
Reporting templates
Pre-filled forms for Art. 33 GDPR, NIS2 early warnings and DORA initial reports. Exportable as PDF.
GDPR Art. 33 & 34
Data breach notification to authority (Art. 33) and notification of data subjects (Art. 34). Both processes integrated.
Rules & thresholds
Define which severity triggers which reporting obligation. Individually configurable per organization.
WHY KOPEXA
Incident management is not a ticket system
Most teams track incidents in Excel, Jira or a generic ticketing tool. It works until the auditor asks: 'Where is the authority notification?'
| Excel / Email | Jira / ServiceNow | Kopexa | |
|---|---|---|---|
| Incident capture | |||
| Severity classification | |||
| GDPR breach notification (Art. 33/34) | |||
| NIS2 / DORA reporting deadlines | |||
| Automatic deadline calculation | |||
| Store authorities & contacts | |||
| Configure incident types | |||
| Link to assets & risks | |||
| Reporting templates (PDF export) | |||
| Audit trail | |||
| Root cause analysis |
FEATURES
Everything incident management needs.
Classification
Severity, incident type and affected data categories in one structured form.
Reporting engine
Automatic detection of regulatory reporting obligations based on classification and context.
Deadline tracker
Live countdowns for GDPR 72h, NIS2 24h/72h and DORA 4h/72h. Escalation on breach.
Authority management
Store supervisory authorities per regulation and location. Contacts, channels, responsibilities.
Incident types
Configurable categories: data breach, system outage, phishing, unauthorized access and more.
Linking
Connect incidents to risks, assets, controls and vendors. Context stays intact.
Assignment & escalation
Assign owners, define escalation paths, notifications on status changes.
Root cause analysis
Structured root cause capture. Derive actions and link them to controls.
Audit trail
Every change, every decision, every timestamp. Audit-ready for reviewers and authorities.
Ready for incident management that thinks ahead?
Let us show you in 30 minutes how Kopexa brings incidents, reporting obligations and audit trails together.