Incident Command
Incident Command dipakai saat terjadi gangguan nyata atau simulasi terkontrol. Tujuannya mencatat kronologi, keputusan, recovery progress, dan evidence secara audit-ready.
Flow Incident
| Step | Action | Output |
|---|---|---|
| 1 | Activate incident dari scenario atau manual trigger. | Incident aktif dengan owner dan severity. |
| 2 | Link BCP/DRP dan crisis template. | Recovery plan dan communication plan siap dipakai. |
| 3 | Tambah timeline event. | Kronologi immutable. |
| 4 | Catat decision dan owner. | Decision log. |
| 5 | Kirim / dry-run notification. | Queue log dan retry policy. |
| 6 | Update recovery progress. | RTO tracking dan status. |
| 7 | Close dan post-incident review. | Report, finding, CAPA. |
Aegis AI di Incident
Aegis dapat membantu:
- merangkum status incident;
- menyarankan recovery step berdasarkan BCP;
- menyusun post-incident report draft;
- mengidentifikasi gap evidence;
- membantu CAPA draft.
Output tetap draft dan harus direview incident commander atau approver.