title: {{report_title}}
meta: | type: template | domain: organization | description: Security incident report with timeline, impact analysis, response actions, and lessons learned | theme: technical | version: 1.0 | author: IntentText
---
section: Incident Summary
---
text: Incident Details
text: *Incident ID:* {{incident_id}}
text: *Severity:* {{severity}}
text: *Status:* {{status}}
text: *Date Detected:* {{date_detected}}
text: *Date Reported:* {{date_reported}}
text: *Date Resolved:* {{date_resolved}}
text: *Reported By:* {{reported_by}}
text: *Incident Commander:* {{incident_commander}}
---
text: Executive Summary
text: {{executive_summary}}
---
section: Timeline of Events
---
text: {{timestamp}} — {{event_title}}
text: {{event_description}}
---
section: Affected Systems
---
text: Impacted Assets
text: {{affected_systems}}
---
section: Impact Assessment
---
text: Business Impact
text: *Data Compromised:* {{data_compromised}}
text: *Users Affected:* {{users_affected}}
text: *Service Downtime:* {{service_downtime}}
text: *Financial Impact:* {{financial_impact}}
text: *Regulatory Implications:* {{regulatory_implications}}
---
section: Root Cause Analysis
---
text: Root Cause
text: {{root_cause}}
---
section: Response Actions Taken
---
text: Containment and Eradication
text: {{containment_actions}}
---
text: Recovery
text: {{recovery_actions}}
---
section: Lessons Learned
---
text: Key Takeaways
text: {{lessons_learned}}
---
section: Action Items
---
task: {{action_id}} — {{action_title}}
text: *Owner:* {{action_owner}} · *Priority:* {{action_priority}} · *Due:* {{action_due_date}}
text: {{action_description}}
---
section: Approval
---
approve: Approved | by: {{ciso_name}} | role: {{ciso_title}} | at: {{approval_date}}
---
freeze: Incident closed | at: {{freeze_date}} | by: {{ciso_name}}

{{report_title}}

Security incident report with timeline, impact analysis, response actions, and lessons learned