Skip to main content
Back to How We Work

Security Incident Reporting Process Reform

Synergy was engaged by the Department of Defence (DoD) through the Defence Security and Vetting Service (DS&VS) to comprehensively reform the security incident reporting process, including the incident reporting form itself, triage and processing of the form, incident response, and reporting and analytics on security incidents. 

Defence Industry
Synergy
6 minutes

Synergy was engaged by the Department of Defence (DoD) through the Defence Security and Vetting Service (DS&VS) to comprehensively reform the security incident reporting process, including the incident reporting form itself, triage and processing of the form, incident response, and reporting and analytics on security incidents. 

 

Engaging extensively with dozens of stakeholder groups within DS&VS and across Defence more broadly, Synergy:​ 
  • Drafted revised policies for security incident reporting;​ 

  • Completely redesigned the security incident reporting form, with a focus on capturing more and better data while significantly enhancing the usability of the form;​ 

  • Re-engineered processes for triage, case management, and investigations;​ 

  • Produced a change management and communication plan, and authored a broad array of supporting communication products.​ 

Following this, Synergy designed and delivered a robotic process automation (RPA) solution for processing incident reports. The automation project required Synergy to develop a solution to: ​ 

  • Monitor a shared Microsoft Outlook inbox to determine when a new “Security Incident Form” has been submitted;​ 

  • Scan incoming emails for malicious code, extract the form data in XML and launch the Department’s target application (DPSMS);  ​ 

  • Transfer all data ingested from the XML into each related field in DPSMS (>60 fields), including implementing a number of complex decision trees and derivation rules;​ 

  • Attach a copy of the original form and email for record-keeping purposes and complete the Security Incident Report process;  and​ 

  • Move the now-processed email to a completed items folder to ensure no duplicate processing can occur. 

 

This benefits Agency through:

Increased incident reporting (due to enhanced usability) and more consistent data capture has provided clearer visibility of trends and emerging issues. ​ 

The automation has increased data quality, expedited registration of incoming security incidents, enabled more accurate reporting of incident types, and reduced data entry errors.​ 

Reductions in processing time will return an annual saving of 2,600 hours. 

Back to How We Work
Share Article