Paper to incident management software – Ultimate guide
Many businesses have yet to make the move from paper or Excel to incident management software. The move promises a great deal but it is not without its pitfalls.
After 10 years of helping businesses move to our incident management software, we’ve seen what success and failure looks like. As a result, we produced this guide to help ambitious businesses make their move successful.
Current state
If you currently record incidents with paper, Word, Excel or Access don’t worry, you’re not alone. Because some of the most advanced businesses in the world still use these formats. After all, these formats are not flawed, they offer a good place to store information. However, as soon as you want to do something with that information then their limitations are clear. For example, to analyse trends or present visualisations you’d need a small army of data inputters and designers.
The future
Some businesses move from paper to incident management software because its en vogue or to meet environmental, social and governance goals. However, the most powerful, commercial reason to make the move, is the promise of artificial intelligence (AI).
AI promise
There’s a lot of buzz around AI, especially since the launch of ChatGPT. No one knows what the future holds. However, the promise of AI is huge. It’s therefore worth considering the role AI will play in your move from paper to incident management software.
Below we look at AI broken down into three levels, each built on top of the other.
Level 1. Descriptive
At level 1 we trust AI to describe things to us. It can help with with things like analytics and pattern recognition. For example:
CCTV uses analytics to digest large image data sets and learns how to do things such as, alarm when a human passes in front of a camera but ignore animal movement.
Since inception in 2014 SIRV has applied pattern recognition to incidents.
Level 2. Predictive
Predictive AI uses pattern recognition and predicts future events. For example:
CCTV analytics will spot when someone trespasses on a railway line. It will then learn what factors precede trespass and use this information to predicts when a trespass is next likely to occur.
Level 3. Prescriptive
Prescriptive AI uses level one and two and, then prescribes what to do next. For example:
CCTV analytics predicts when trespass is likely to occur and then sends instructions to the nearest railway operative about what to do.
This is the holy grail and the ultimate promise of AI, an intelligent assistant that offers advice on what to do in certain situations.
At SIRV we work on decision support systems that promises advice on things such as workforce deployment. For example, a protest is going to arrive in 10 minutes, deploy additional resource from X location.
Risk management and the promise of AI
Lets take a look at what this means for your journey from paper to incident management software.
Level 1: Understand what’s going on
Time period 12 months
To understand what’s going on is the minimum a risk manager should expect from incident management software. In comparison to paper or something like Excel, you should expect:
- Faster reports, more quickly produced and delivered
- Better quality reports, because they use standardised fixed fields
- Visualisations such as, charts and maps to show what and where things are happening
If your incident management software uses a structured database to record information (most do) then data will be ready for analysis. This means AI can review data and highlight patterns. The volume of data may need to be high unless an AI model is already trained on other data.
Importantly, this level is necessary if you are to move to level 2.
Level 2: Understand what’s going on and predict events
Time period 12 – 36 months
Once sufficient data is recorded there’s an opportunity get a deeper understanding of what’s going on. In addition, attempts can be made to predict future events.
In comparison to level 1, you’ll now have at least 12 months of information ready for analysis. As a result, new exercises are possible. For example, year-on-year analysis to highlight recurring events.
AI can begin to review past data and look at whether it can predict events. For example, it could predict when a protest is likely.
Level 3: Understand what’s going on, predict events and give advice
Time period 24 – onwards
Level 3 represents the holy grail of AI and will likely have the greatest impact on how the risk management function operates.
At this level it’s possible for AI to be a decision support system. It could offer advice on things such as workforce deployment.
AI’s involvement could be light-touch and offer options when scheduling is underway. Or it could produce an entire workforce deployment plan and communicate direct with the workforce.
How to get to level 1
To get to level 1 we need to successfully move from paper to incident management software. There’s a few things to consider on this journey.
Retain your records
Do not ignore your past records, they could still have value. Records stored on paper, Excel etc, can be mapped and input onto your new incident management software.
For example, if your records include lots of different, non-standardised reports, there’s an opportunity to convert this information and feed it into your new incident management software.
Imagine you have spent the last three years recording incidents on one incident form without any categorisation. However, your new incident management software has 12 new incident report categories, from anti-social behaviour to theft. Although resource heavy, you could manually review all past reports and map their content to these 12 new incident report categories.
TIP: In our experience, although possible, many businesses choose to not perform this mapping exercise. Instead, they keep these records and decide to rebase their reporting. In other words, they start over, beginning with the introduction of new incident management software.
Rebase reports
Many businesses decide to rebase their reports and in effect start over with their incident management software.
In this case we recommend the following:
- Communicate the change to all stakeholders
- Store past records in an accessible format so queries about past events can still be answered
- Manage expectations about how soon new results are possible
Rebasing is an important concept that may occur again at any time in the future. For example:
Imagine you have incident management software at five sites. After a couple of years owing to business acquisitions and disposals you lose two sites and add five more sites. At this point, you’re likely to introduce a whole lot more reports, possibly requiring different categorisation. If you do not rebase your reporting you’re likely to see your comparative analysis lose all value.
Tip: Rebasing does not need to be a complex exercise. We recommend notes are made to your analytics and a new report structure is agreed with stakeholders.
Mobilise incident management system
To mobilise the incident management system will require both training and stakeholder communication. In addition, this guides can be used to help promote the business case for a move.
Often incident management software will have its own report templates. However, it’s usual for users to adapt these forms to meet their needs. For example, a nuclear facility will have different report requirements to a shopping centre. However, there are key fields to include in reports and we review these in our security incident reports guide.
TIP: We recommend a mobilisation period of 3 – 6 months in which different report types are explored. After this time, aim to standardise reports and fix the report types and their content. Of course, adaptations and additions can be made but these changes should be infrequent.
Company
Address: SIRV Systems Limited, 85 Great Portland street, First Floor, London, UK W1W 7LT
