Cybersecurity (IT) Incident Report Template

Create Document

Cybersecurity (IT) Incident Report Template

A cybersecurity incident report documents the particulars of a cyber attack on an organization’s electronic systems, products, or data. The form is completed by describing how and when the issue was found, the nature and extent of the breach, and the actions that were taken in response to the threat.

Create Document
PDF
Word
ODT

Last updated August 13th, 2025

Document Preview

A cybersecurity incident report documents the particulars of a cyber attack on an organization’s electronic systems, products, or data. The form is completed by describing how and when the issue was found, the nature and extent of the breach, and the actions that were taken in response to the threat.

Downloads: 7
  1. Home »
  2. Incident Report »
  3. Cybersecurity

Reporting a Cybercrime

Cybersecurity attacks can be reported to the FBI by filling out an Online Tip Form or contacting a local field office. Victims of cybercrime can also file a complaint with the Internet Crime Complaint Center (IC3).

If Protected Health Information (PHI) was compromised in a cybersecurity breach, the incident must be reported to the HSS.

Incident Examples

  • Data or information breach
  • Malware
  • Unauthorized access
  • Phishing attacks

Sample

Download: PDF, MS Word, ODT

CYBERSECURITY INCIDENT REPORT FORM
INDIVIDUAL FILING REPORT

Full Name: [FULL NAME] Title/Role: [TITLE/ROLE]
Signature:                                                           Date: [MM/DD/YYYY]

INCIDENT DETAILS
Date of Incident: [DATE OF INCIDENT]      Time: [TIME] AM PM

Location: [LOCATION]

How was the incident discovered? [DESCRIBE DISCOVERY OF INCIDENT]

Describe the Incident: [DESCRIBE THE INCIDENT]

NOTIFICATION
Were other personnel notified? Yes No

If yes, enter: [LIST CONTACTED PERSONNEL]

CONTAINMENT
Were any containment measures made? Yes No

If yes, describe: [DESCRIBE CONTAINMENT MEASURES]

IMPACTED SERVICES
Were any services permanently impacted? Yes No

If yes, describe: [DESCRIBE IMPACTED SERVICES]

ATTACK VECTOR
Do you know how the attack was made? Yes No

If yes, describe: [DESCRIBE ATTACK]

INFORMATION IMPACT

Was there any breach of data, records, or information? Yes No

If yes, describe: [DESCRIBE BREACHES]

ADDITIONAL INFORMATION

Is there any other information that should be provided? Yes No

If yes, describe: [DESCRIBE ADDITIONAL INFORMATION]