Sprinto Dashboard

How it Works

Learn how Sprinto integrates, tracks, and monitors incidents from detection to resolution across multiple sources.

The Incidents section in Sprinto is designed to provide a single view of all security-related events across your infrastructure, employee activity, and integrated tools. It enables organisations to log, triage, manage, and close incident tickets efficiently—while staying compliant with security frameworks such as ISO 27001, SOC 2, PCI DSS, and GDPR.

Sprinto supports both automated ingestion of incidents from external systems and manual reporting by employees. Once logged, incidents can be reviewed and marked with appropriate outcomes (e.g. data loss reported, incident resolved), and are continuously monitored through system-generated checks.

1. Add and Integrate Incident Sources

You can choose to:

  • Configure Sprinto as your incident management system (IMS): Pull incidents from tools like AWS GuardDuty or Microsoft Defender.

  • Integrate an external IMS: Use tools like PagerDuty, Jira, or Zenduty to forward incidents to Sprinto.

  • Enable employee reporting: Let staff report incidents from the employee portal or via a configured reporting email address.

Once added, each integration is visible as a separate tab under the Incidents section.

2. View and Manage Incidents

Each integrated system displays:

  • Incident title, severity, and status

  • Whether data loss occurred

  • Associated compliance controls

  • Links to manage or resolve tickets

You can filter incidents by failing status, severity, zone, or special case inclusion. Unresolved incidents trigger failing checks which are visible both in the incident list and the Monitoring tab.

3. Resolve Incidents and Report Data Loss

Incident tickets can be closed either directly from Sprinto (for supported integrations) or from the source system (e.g. PagerDuty). In case of data loss:

  • Select the appropriate data type (e.g. customer data, PHI, cardholder data).

  • Notify the relevant stakeholder.

  • Upload supporting evidence.

  • Add closing notes and finalise the ticket.

Tickets marked as Resolved are tracked by Sprinto to update associated compliance checks.

4. Monitor Check Status and Compliance Readiness

Sprinto automatically creates monitoring checks that validate whether:

  • Incidents were closed in their source system.

  • Data loss (if any) was acknowledged and reported.

  • Required evidence has been uploaded.

Checks can be added manually or in bulk, and their statuses (Passing, Failing, Not active) determine the compliance health of the Incidents section.

PreviousIncidentsNextDashboard Actions

Last updated