Automation workflow design for Door forced open incident management - Genetec Mission Control™ 2.13.4.0

Genetec Mission Control™ Administrator Guide 2.13.4.0

series
Genetec Mission Control™ 2.13.4.0
revised_modified
2020-10-27

You can design incident automation workflows to alert operators only if an incident needs investigation and to automatically resolve Door forced open events that do not require operator attention.

Automation workflow design considerations for Door forced open incidents

In this example, the Door forced open incident is configured as a high priority incident until verified otherwise. The incident automation workflow configuration alerts the operators to an active Door forced open incident using the following automation workflow activities:
  • Column color

    You can choose to highlight the entire incident listing or selected columns to draw the operator's attention to a new incident being triggered.

  • Change priority

The first step towards incident resolution should be to validate the incident to see if it is a false-positive. You can do this by displaying the video footage at incident location. Depending on your system setup, you can automate this action in the automation workflow using the Display entity activity or Run a macro activity to display footage at the incident location.

If the operator verifies that the incident is a valid threat, the dynamic incident procedure gives a plan of action, guiding the operators towards incident resolution.

The following automation workflow design example shows how the system indicates the various states of the incident as the operator works through the user procedure. The different colors indicate the state and incident priority as the operator evaluates the seriousness of the incident.

The operator's screen for a Door forced open incident

In this example, the trigger for this incident is a Door forced open event generated by any door in the area map. When the Genetec Mission Control™ Rules Engine detects a trigger, the system automatically triggers the incident and highlights it on the operator’s screen as designated by the automation workflow.

After the operator acknowledges the incident, the system changes the priority to indicate that the incident is under investigation. The downward arrow next to the incident priority indicates that the change in priority is a de-escalation. This is also reflected in the color of the incident listing which has changed from red to orange.

At the same time, the dynamic user procedure is activated.

Based on the operator's response to the dynamic user procedure, the system offers preconfigured alternatives for incident resolution:

  • If the video footage indicates that no further investigation is required, the operator can resolve and close the incident.
  • If the video footage indicates that further investigation is required, the dynamic procedure has been configured with contact details of security teams and teams who can escalate the incident if the primary team does not offer a satisfactory response.
    NOTE: Detailed documents including contact lists pertinent to each incident can be configured in the Document Management page in the Incident configuration task.

    For steps where the operator's comments are mandatory, the system prompts the operator for comments to be recorded in the incident activity log.

Post-resolution incident analysis

All the details of the incident, from being triggered to resolution, including the operator's responses, the system action, and any linked entities, are all captured in the incident activity log. This log can be exported using the Export incident activity in the automation workflow.

The exported file is stored in the preselected destination as an XML file that can later be imported into other systems such as Genetec Clearance™.

Operators can also manually export incident reports from the Incident monitoring task in Security Desk. You can specify the details included in the incident report by choosing the desired export settings in the Incident options window in Security Desk.