Incident Management as a Requirement of ISO 18788

What is ISO 18788?

ISO 18788 specifies the requirements and provides guidance for organizations that conduct or contract security operations.
Moreover, it provides a framework for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a Security Operations Management System. It enables the constant development of security services while ensuring customer safety and respect for human rights.

This standard demonstrates compliance with laws and regulations, respect for human rights, and the establishment of professional security operations to better meet the customer’s and stakeholder’s needs.

According to Clause 8.8.1 of ISO 18788:

“The organization shall establish, implement and maintain procedures to identify undesirable and disruptive events that can impact the organization, its activities, services, stakeholders, human rights and the environment. The procedures shall document how the organization will proactively prevent, mitigate and respond to events.”


According to Clause 8.8.2 of ISO 18788:

“The organization shall establish, implement and maintain procedures for incident monitoring, reporting, investigations, disciplinary arrangements and remediation. Incidents involving the use of force or weapons, any casualties, physical injuries, allegations of abuse, loss of sensitive information or equipment, substance abuse, or non-conformance with the principles of the Montreux Document and the ICoC, as well as applicable laws and regulations, shall be reported and investigated with the following steps taken, including:

a) documentation of the incident
b) notification of appropriate authorities
c) steps taken to investigate the incident
d) identification of the root causes
e) corrective and preventive actions are taken
f) any compensation and redress given to the affected parties.” 

Introducing ISOLTX

ISOLTX is a system that was developed by CAA in partnership with one of the leading Universities in South Africa to enable organisations with the implementation of Management System or a combination of Management Systems.

ISOLTX measures the health and maturity of the Management System(s), drive performance and certainty and provides combined assurance to Top Management regarding their Return on Investment (ROI)

This is the first and only system globally that:

  • Provides combined assurance,
  • Serves as a repository for evidence
  • Measures the Level of Risk (LoR)
  • Measures the Level of Assurance (LoA)
  • Ensures continual improvement
  • Provides Maturity modelling
  • Creates real-time Gap Analysis
  • Continuous measurement of risk on various levels
  • Enables auditing
  • Is built-in line with the International Project Management Standard as per ISO 21500
  • Provides Dynamic Visual representation per requirement
  • Automatically plot risks on the risk matrix
  • Is fully customizable according to the client’s requirements

Because Incident Management, whether it is security incidents, OHS incidents, compliance incidents, non-conformances, risk identified etc., is a requirement in any ISO, CAA has built an Incident / Investigations Management Analysis System (I2MAS) as a module within ISOLTX.

I2MAS - Incident/Investigations Management Analysis System

I2MAS enables organizations to capture, classify, manage, analyse, report and prevent incidents/events/risks etc. In doing this your organisation better manages risks and provides assurance to top management as well as clients.

With I2MAS CAA provides a Centralised and Coordinated Reporting Structure, specifically designed for your organisation to ensure the reporting and analysis of incidents and investigations.

The I2MAS ensures pro-active and actionable Business Intelligence which is based on the best available information regarding Trend Analysis, Hotspots Analysis, Linking Analysis, Product Analysis, Training, Vendors, Tools and Technology within the industry, as well as identification of Employee Insider Threats (Ethics and Behaviour: King IV).

I2MAS will govern the management and reporting on incident, risks and investigations within your organisation. Further benefits of having pro-active and actionable Business Intelligence is that it ensures that your employees are informed with regards to risks and how to avoid risks. It also assists in driving and embarking on preventative actions/operations.

I2MAS is divided into four (4) sections:

  • Identification
    Here data regarding where and when the incident occurred is captured. The location is then automatically plotted on a map, providing Longitudes and Latitudes.
  • Description
    In the Description section, the incident is categorized in 3 levels and a short description of the incident is captured. Further to this, the capturer will need to describe what immediate corrections have been implemented to start the mitigation process
  • Impact
    Here the value of the loss related to the incident is captured. The controls that are in place are listed and the Internal Control Effectiveness (ICE) for each control is determined. The cost of the controls is also documented to ensure that the organisation are not overcapitalizing. The system then automatically calculates the Level of Assurance (LoA), Level of Risk (LoR), Residual Risk Rating (RRR) as well as the Cost of the Controls vs Value of the Risk (incident)
  • Conclusion
    In the conclusion, the Root Cause Analysis (RCA) needs to be done and an Action Plan needs to be drafted. The incident status can be updated until the Action Plan is implemented, monitored and measured for effectiveness. The person who will be responsible to sign the incident off needs to be identified as well as the email address of the person that needs to monitor the implementation of the action plan.

Any type of evidence eg. Photos, documents, statements, videos, footage etc. can be attached to the incident.

Duty of Care

The principle of duty of care is that the employer has an obligation to avoid acts or omissions, which could be reasonably foreseen to injure of harm other people. This means that you as the employer must anticipate risks for your employees and clients and take care to prevent them from coming to harm.

One way of complying to these requirements and ensure “Duty of Care” is by implementing an Incident Management system. This can be costly and work-intensive.

Crest Advisory Africa has a solution for your organisation.

I2MAS as a Service

If your organisation does not have an Incident / Investigations Management Analysis Crest Advisory Africa will configure and host the I2MAS according to your organisation’s unique requirements. Analysts will load incidents, events, information etc. reported by your organisation, on the system.

The data will be analysed to provide your organisation with pro-active and actionable Business Intelligence.

Monthly/weekly and/or ad hoc Strategic, Informative and Predictive Reports will be created and provided dependent on your organisation’s requirements.

In utilizing the I2MAS offering you will be able to show a definite cost saving in not having to procure an Incident Management System. Your organisation will not incur any configuration cost (CAPEX) and no additional staff needs to be employed to capture, analyse and report on incidents or investigations.

Because Crest Advisory Africa is an independent third party, data will be validated objectively and will not be at risk of manipulation, thus ensuring data integrity.

I2MAS will assist to turn your business around and to increase your Return on Investment (ROI)

Call to Action

By aligning your organisation with Crest Advisory Africa you are aligning your organisation with a global leader in the provision of structures, strategies and collective business intelligence, driving your business to limit losses suffered and becoming a leader in the industry.

We will use this information to contact you about this enquiry only and not for marketing purposes.
Share the Love

Leave a Reply

Table of Contents

Click here to download this article.

More Quality Articles

What is risk? There’s a lot of research into all types of risk, but in my experience, I have found that most people and organisations don’t completely gras…
There are 7 Critical Steps to Pass Audits. Carina takes your through these steps.
Introduction Enterprise Risk Management (ERM) is describing a Risk Matrix (ERM Risk Matrix) as a tool for ranking and displaying risks by defining ranges for consequ…
What is a Compliance Management System (CMS)? For organizations seeking growth and long-term success, adhering to compliance obligations is not an option, is a must…
Information Security Management Network segregation is the tool used for dividing a network into smaller parts which are called subnetworks or network segments. Yo…
Information Security Management The popularity of the terms “data controller” and “data processor” has sharply increased in recent years. In part because of the sig…
The ability to predict what the future holds and choosing effectively among varying alternatives lies at the centre of contemporary societies and organizations. Ri…
“Food Safety” refers to the prevention, elimination and control of foodborne diseases at the stage of consumption. In a globalized world, the impact of food safety ha…
Six Sigma Benefits Reducing Waste Improving Time Management Increase Customer Loyalty Boost Employee Motivation Higher Revenues and Lower Costs Six Sigma has prov…
As the threat of energy-resource depletion has emerged, the global demand for energy is increasing constantly. Provided that billions of people still have no access…
Is your Business protected against a breach of data and software? Are you Internationally Certified to be able to prevent hackers from stealing your organization’s v…
The education industry has gone through tremendous changes over the last decades in terms of educational opportunities, teaching methods, availability of reading…
The Three P(’s)illars of Sustainability The concept of the “triple bottom line” was firstly introduced in 1994 by John Elkington, with the idea of organizations pre…
A politically inclined attack or just a ‘simple’ lack of security awareness? Whatever the case, the cyber-attack that hit Marriott was huge. This was the joint second…