Create post incident review questionnaire categories

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • You can use the post incident review questionnaire categories that come with the base system or create your own categories.

    Avant de commencer

    Role required: sn.si_admin

    Pourquoi et quand exécuter cette tâche

    To create a category of questions:

    Procédure

    1. Navigate to All > Security Incident > Post Incident Review - Assessments Setup.
    2. In the Assessment Questionnaire Configurations section, select Configure.
      A list of questionnaire categories is displayed, along with their order and filters that define under what conditions the questions are asked (for example, only when the security incident category is Criminal activity). Each category is a section in the post incident review questionnaire and the questions in each category are included only when the security incident matches the Condition filter. For example, for a category of questions applying only to Linux servers, you can up a filter that selected security incidents where the affected resource type was Linux Server. In this category, you would then create all questions needed when a security incident is on a Linux Server. You use one of the categories supplied in the base system or create a category. This procedure assumes that you want to create a category before defining questions.
    3. Select New to create a new category.
    4. Fill in the fields on the form, as appropriate.
      Tableau 1. Security incident
      Field Description
      Name Name for the category that appears on the security incident questionnaire.
      Type Post Incident Review is the default.
      Create Stakeholders Unused by Security Incident Response.
      Table This field is auto-assigned once the form is submitted.
      Filter The condition that determines when questions in this category are used.

      If a security incident record matches this filter, the questions are included in a post incident review for that security incident. Filters can use any data on the record, or on other records linked to this record. For example, the department of the requesting user’s manager.
      Application Scope application for the incident.
      Weight

      Numeric value that represents the importance of this metric relative to other metrics in the same category. By default, the weight is 10.
      Total Metrics Number of metrics used by the category.
      Description Description of the questionnaire.
    5. Select Submit to save the category.