The solution is something your security operations and investigations staff will have to rely on every day, now, and in the future, so you need to know that it works, that you can be confident about the value that it’s bringing to your corporate security department, and that it can grow with your business. Here are a few of the most important features and capabilities to look for in choosing an incident management solution and a vendor you trust:
- How can it help you keep track of incidents and make sure business rules are enforced?
- For an individual user, how easy is it to query data and gather reports about a specific activity, incident, investigation, or case?
- Is the incident management solution usable out of the box?
Look at how the incident management system makes your workflow more efficient on the macro and micro level. There are no absolute numbers here, but the solution should minimize the number of clicks to create an incident, eliminate redundancies, etc.—it certainly shouldn’t be harder than what you’re doing now. Don’t just take the vendor’s word that their solution is the best. Challenge them to give you a demo, speak to their customer references, and create a proof of concept when needed. Let the vendor show you how closely the incident management solution fits with the way you already work. If it doesn’t fit perfectly right out of the box, then look at what adjustments would need to be made so that their application can fit your existing system.
- Is it easy to change up the fields and fields labels (even add new fields) to match your organization’s terminology and priorities?
- Will any of these changes impact your ability to update to new releases?
- Can the vendor work with you to solve unique challenges or information requirements (for example, if your company has a policy where a year or more of data needs to be purged, can the vendor create a script that allows that to happen)?
Almost every software deployment is dynamic, and the needs of two customers will never be exactly the same. You want to make sure that the vendor offers a strong out of the box application that can be configured to meet your unique needs.
Data Segregation and Application Security
- How does the incident management solution let you share or restrict data?
- Can the incident management solution accommodate your data sharing needs while, at the same time, enforcing data security?
You may want to allow sharing of certain types of data (say, for collaboration between your IT and Legal departments during an investigation). At the same time, you want to ensure that a security officer isn’t seeing all the information that the Director of Security sees.
- Is there an open API or a web service that allows you to connect the system to other applications?
Integration and interoperability are key for your security operations center (SOC). Whether it’s other devices, security applications, ERPs, or legacy systems, you’ll need to ensure that the flow of data can be pushed and pulled between the incident management system and other applications.
Adaptability and Scalability
- Can your solution grow as your security department does?
- Is it hard to add new users or new locations?
As your business grows, you don’t want to be stuck with a cap on users or a one region limit. Make sure the application can grow and adapt with your security department and the company as a whole. In the future, you may want to have your HR, Legal, or Brand Protection departments sharing your incident management solution.
- Is there a mobile solution? What can you do with it?
- If internet connection is lost, can an incident be created on a mobile app and synced later?
- Can photos and video be uploaded from smartphones right into an incident record?
Many of your physical security officers or investigators are going to be in the field. Having activity, incident, people, vehicle, and company data on a smartphone is critical. Your team needs to connect from anywhere, at anytime.
Other Features to Consider
- Do you need a workflow system to help you stay on top of incidents, investigations, and assignments?
- Would it be beneficial to you to have a case management system where you can group multiple incidents together?
- Do you require an investigations section that can be hidden from other users?
- How robust does your reporting need to be? Do you have an internal person doing data analysis or would you need the tools to do this yourself? Are you looking to remove the need for a third-party reporting system?
- How important is your search functionality? Do you want to be able to search everything in your incident management system including user defined fields?
- Do you need real-time dispatching and officer management software?
- Is it important to you to have a way for your employees or entire corporation fill out an incident report or request an officer using their desktop, tablet, or smartphone?
Finding an Incident Management Software Vendor You Can Trust
Now that you know what you need to look for in incident management system, it’s time to select the right vendor to support it.
- Has the company been around for a while or are they a startup?
- Have they completed 3 to 5 deployments of similar size and scope?
When considering an incident management solution, ask questions about the vendor and their clients. This will help you get a better sense of their expertise and capacity to handle a deployment for your organization.
- Do they have a partner list of systems they can integrate with?
- Can they do custom integrations? What about connectors out of the box?
- Do they have a forward thinking partnership strategy that allows their system to adapt to future technology changes and needs?
Look at the partnerships the vendor has established and how they fit in your overall security operation. Integrations can save you money and time by bringing all of your systems together in one place. As your incident management software is a long-term solution, can the vendor fit your needs now and in the future?
- If you’re switching to a new incident management solution, can the vendor migrate data from your current system?
This is important. You want to make sure that all of your current data can be migrated into your new system, especially when it comes to reporting. And, if you opt for a hosted model with your data stored in the cloud, find out what sort of data backup the vendor has in place to make sure your data is always safe.
Support and Resources
- What types of training and support do they provide before, during, and after deployment?
- Do they have board certified security professionals (CPPs) on staff that can assist you with setting up your software?
- Do they have a dedicated project management team to ensure timelines are met?
- Is their tech support done in house or outsourced? Is it available 24/7?
Make sure the vendor has the resources to provide quality service in addition to the product. Some of your systems are going to be mission critical, e.g., your dispatching system that runs into your security operations centre. These systems cannot fail, so make sure the vendor has a backup plan. Selecting the right incident management software can seem overwhelming, but knowing what you need, and how you want the system to work, will help you find the right solution for your organization to rely on now and in the future.