The Report Incident workflow in RexCommand is where users document the full context of an adverse or unexpected event as it unfolds. This page is used to initiate a formal record of the issue, capture relevant metadata, and guide the incident through investigation and resolution.
Incidents may involve system failures, hallucinations, privacy violations, data breaches, or any other AI-related issue that requires attention and tracking.
Use Case
This reporting interface is designed for users who are directly observing, responding to, or responsible for logging the initial details of an incident. It ensures the organization has a clear, structured process for beginning incident management and initiating response efforts.
Structure
The incident report is divided into three tabs: Basic Details, Investigation, and Resolution.
Basic Details
Start here by capturing key identifiers and context for the issue:
Incident Title & Description – Provide a clear name and summary of what occurred.
Incident Source – Identify how the issue was reported (e.g., internal audit, public, third-party).
Incident Type – Select the nature of the incident (e.g., Bias/Fairness, Privacy, System Failure, Hallucination).
Severity – Indicate how serious the issue is (Low to Critical).
Status – Choose the current phase of the issue (e.g., Detected, Triaged, Investigating, Remediated).
Business Owner – Assign a responsible individual.
Assign To – Designate a team member to manage the incident going forward.
Contains Personal Data – Flag whether the issue involved PII.
Number of Data Subjects Impacted – Optional field if the incident affects individuals.
Investigation
Once the incident is logged, this tab captures escalation and analysis details:
DPO/Regulatory Notifications – Track whether and when authorities were notified.
Internal Escalation Level – Record how far the issue was escalated within the organization.
Containment Actions – Describe immediate steps taken to limit impact.
Harm Description – Explain any damage or risk resulting from the incident.
Operational Disruption Level – Rate how much the incident affected systems or services.
Compliance Impact – Identify affected regulatory frameworks (e.g., GDPR, HIPAA).
Resolution
After investigation, finalize the record with closure details:
Root Cause & Report – Describe the root cause and attach documentation if needed.
Corrective Actions – Log specific fixes or changes implemented.
Recurrence Risk – Evaluate the likelihood of a repeat occurrence.
Retest Results – Add outcomes from follow-up testing.
Lessons Learned – Capture process improvements or recommendations.
Notes
This page is intended for structured incident intake and documentation at the time of discovery or detection.
After submission, the incident can be monitored and updated through the Incident Dashboard and Incident Details Page.
Accurate and complete reporting helps ensure incidents are triaged, escalated, and resolved appropriately.
Each reported incident becomes part of the organization's historical incident log and governance audit trail.