Skip to main content

Overview

The Incidents module provides a secure way to report and track sensitive situations including extortion attempts, system errors, and operational issues. It ensures proper documentation and notification of relevant personnel.

Extortion Reporting

Confidential reporting of security threats

System Issues

Report errors and technical problems

Automatic Notifications

Alerts sent to security and management teams

Audit Trail

Complete history of all incident reports

Incident Types

Reports of extortion attempts, threats, or security concerns related to operations.Purpose: Allow employees to confidentially report dangerous situations.Automatic Actions:
  • Creates incident record in database
  • Notifies security team immediately
  • Does NOT send any confirmation to reporter (for safety)
Technical problems, errors, or bugs encountered in the platform.Purpose: Help IT team identify and fix system issues.Automatic Actions:
  • Creates case in system reports table
  • Sends notification to IT team and management
  • Includes page URL and user information
  • Reporter receives confirmation email

Reporting an Extortion Incident

This feature is for serious security situations. All reports are treated as confidential and reviewed immediately by the security team.
1

Access Incident Form

Navigate to the incident reporting page or use the quick-access link provided by management.
2

Enter Incident Details

Provide as much information as safely possible:
  • Date and time of incident
  • Location or route affected
  • Description of threat or situation
  • Any identifying information about perpetrators
  • Vehicle details (if applicable)
3

Submit Report

Click “Submit” to send the report securely.
4

No Confirmation

For safety reasons, no confirmation message or email is sent. Your report has been received and will be reviewed immediately.
POST /api/incidents/create
{
  "incident_date": "2024-11-20T10:30:00Z",
  "location": "Route to Zone 12",
  "description": "Vehicle followed service truck",
  "vehicle_details": "White pickup, no plates visible",
  "route_id": 15,
  "reporter_notes": "Additional context"
}
Incident data is stored with restricted access. Only authorized security personnel can view reports.

Reporting a System Issue

Help improve the platform by reporting bugs or errors:
1

Encounter an Error

When you see an error page (403, 404, 500) or experience unexpected behavior.
2

Click 'Report Issue'

Most error pages include a “Report this issue” button.
3

Describe the Problem

  • What were you trying to do?
  • What happened instead?
  • Any error messages shown?
The system automatically captures:
  • Page URL
  • Your user ID and name
  • Browser information
  • Timestamp
4

Add Contact Info (Optional)

Provide phone or email if you want follow-up.
5

Submit

IT team receives immediate notification.
POST /api/incidents/report-system
{
  "page_url": "https://app.ambiosys.com/quotations/123",
  "description": "Getting 500 error when trying to finalize quotation",
  "reporter_user_id": 45,
  "reporter_user_nombre": "John Doe",
  "reporter_celular": "+50212345678",
  "reporter_email": "[email protected]",
  "metadata": {
    "error_code": "500",
    "action_attempted": "finalize_quotation",
    "browser": "Chrome 119.0"
  }
}

Viewing Incidents (Internal)

Authorized personnel can view incident reports: 
GET /api/incidents/incidents
Returns chronological list of all incidents with:
  • Incident ID and type
  • Report date/time
  • Status (pending_review, investigating, resolved)
  • Brief description
Access full incident details including:
  • Complete description
  • Location and time information
  • Reporter information (if not anonymous)
  • Attached evidence or documents
  • Action taken log
  • Resolution notes
Access to incident reports is restricted based on user roles. Unauthorized access attempts are logged.

Notifications

Incidents trigger automatic notifications to appropriate teams:
Recipients: Security team, managementChannels:
  • Email (urgent flag)
  • SMS/WhatsApp to security chief
  • In-app notification
Information Shared:
  • Incident summary
  • Location and time
  • Severity level
  • Link to full report (secure)
Recipients: IT team ([email protected]), managementChannels:
  • Email
  • In-app notification
Information Shared:
  • Error description
  • Page URL where error occurred
  • Reporter contact information
  • Technical metadata (browser, timestamp)

Incident Lifecycle

1

Reported

Incident is submitted and logged.
2

Pending Review

Awaiting initial assessment by security or IT team.
3

Investigating

Team is actively reviewing and gathering information.
4

Resolved/Dismissed/Escalated

Final disposition based on findings.

System Reports Dashboard

IT staff can view system issue trends:
  • 403 Forbidden: Permission issues
  • 404 Not Found: Broken links
  • 500 Internal Server Error: Backend issues
  • Total reports by error type
  • Most reported pages
  • Average resolution time
  • Repeat issues (not yet fixed)
This data helps prioritize bug fixes and system improvements.

Security and Privacy

  • Incident data is encrypted at rest
  • Access logs maintained for all views
  • Automatic purging of resolved incidents after retention period
  • Extortion incidents can be reported anonymously
  • Reporter identity is optional and protected
  • IP addresses are not logged for security reports
  • Security incidents: Security team and C-level only
  • System issues: IT team and management
  • Regular users: Cannot view other users’ reports

Best Practices

For extortion or security threats, report as soon as it is safe to do so.
More information helps the team respond effectively. Include:
  • Exact location (GPS coordinates if possible)
  • Time of incident
  • Vehicle descriptions
  • Any photos (if safe to take)
For security incidents, do not attempt to gather additional information or confront individuals.
If you report a bug, respond to IT team inquiries to help them reproduce and fix the issue.
  • Security threats: Use incident system
  • Feature requests: Contact product team
  • Training questions: Contact your manager

Dashboard

View incident statistics and trends

Service Requests

Manage service operations and routes

Build docs developers (and LLMs) love

Get started for freeTalk to us