Cases
A case is an instance of a finding detected by the system that requires investigation and resolution. It is automatically generated when a rule processes the results of a script and records an anomaly or situation to review.
Purpose
Manage detected findings, document evidence, assign responsible parties, record investigations, and close findings with full traceability.
Inputs and outputs
Inputs:
- Findings generated by rules
- Associated transactional data
- User assignments
- Comments and documentation
Outputs:
- Closed cases with documented resolution
- Audit reports
- Traceability records
- Emails and notifications sent to responsible parties
Case states
| # | State | Description |
|---|---|---|
| 1 | Pending | Newly created case, pending investigation |
| 2 | In progress | Case assigned to a user, under analysis |
| 3 | In review | Case investigated, awaiting review |
| 4 | Closed | Case resolved and documented |
Available actions
- Create case (automatic or manual)
- Assign to user
- Add comments and evidence
- Change state
- Close with resolution
- Generate reports
Traceability
Each case maintains a complete record of:
- User who created the case (automatic or manual)
- Date and time of creation
- State changes with timestamps
- Assigned and reassigned users
- Comments and attached evidence with author and date
Relationship with other modules
- Generated from findings detected by Rules and Scripts
- Executed during a Job execution
- Recorded in the Job's auditable execution record
- Requires Roles and Users configuration for assignment