Operational, compliance and data-breach events with detection time, severity, regulator-notification status and remediation. Aligned to ISO 27035, GDPR Art. 33 and JFSC Codes §3.5.
No incidents logged
When the first incident is logged, regulator-notification status and root cause appear here. The register itself satisfies the audit prerequisite.