Pricing
    About UsCareersContactPartnersPressStatus
    Start FreeLog in
    Incidents & Monitoring
    5 min readUpdated 2025-01-24

    Incident Management Overview

    How to log, track, and respond to AI-related incidents using Klarvo's incident management system.

    Incident Management

    For high-risk AI systems, deployers must monitor operation and report serious incidents. Klarvo's incident management helps you track, respond to, and document AI-related incidents.

    What Counts as an Incident?

    AI incidents requiring documentation include:

  1. Safety events: Physical or psychological harm
  2. Rights violations: Discrimination, privacy breaches
  3. Performance failures: Unexpected outputs, hallucinations
  4. Security events: Data leaks, unauthorized access
  5. Compliance gaps: Discovered non-conformities
  6. User complaints: Documented concerns about AI behavior

    7. Incident Severity Levels

    LevelDescriptionResponse Time
    CriticalImmediate harm, safety risk, prohibited practice< 24 hours
    HighSignificant impact, rights violation< 48 hours
    MediumModerate impact, contained< 1 week
    LowMinor issue, no harm< 2 weeks

    Incident Workflow

    Detection → Logging → Triage → Containment → Investigation

         ↓                                              ↓
    

      Notify                                        Resolution
    

         ↓                                              ↓
    

    Internal teams                              Postmortem
    

         ↓                                              ↓
    

    Provider (if needed)                        Reassessment
    

         ↓                                              ↓
    

    Authority (if serious)                      Closure

    Required Documentation

    Each incident record should capture:

    Basic Information

  7. Title and description
  8. Linked AI system
  9. Severity level
  10. Status (Open, Investigating, Resolved)

    11. Timeline

  11. When it occurred
  12. When detected
  13. When contained
  14. When resolved

    15. Impact Assessment

  15. Affected parties
  16. Harm description
  17. Scale of impact

    18. Response Actions

  18. Containment measures taken
  19. Internal notifications sent
  20. External notifications required

    21. Resolution

  21. Root cause analysis
  22. Resolution actions
  23. Preventive measures

    24. Serious Incident Reporting

    Under Article 26(5), deployers must report serious incidents to:

  24. The AI system provider — Immediately
  25. Market surveillance authority — Within required timeframe

    26. A "serious incident" includes:

  26. Death or serious damage to health
  27. Serious/irreversible disruption of critical infrastructure
  28. Serious and irreversible environmental damage
  29. Serious violation of fundamental rights

    30. Integration with Reassessment

    Incidents can trigger system reassessment:

  30. Critical incidents → Automatic reassessment flag
  31. Patterns of medium incidents → Recommended review
  32. Resolved incidents → Documented in system history

    33. Best Practices

    🚨 Log immediately: Don't wait to document
    📞 Notify early: Err on the side of over-communication
    🔍 Root cause: Always dig to underlying issues
    📝 Postmortem: Learn and prevent recurrence
    🔄 Update procedures: Improve based on learnings