Data breach incidents reported through email or informal communication channels produce records that are inconsistent in the level of detail provided, difficult to audit, and inadequate for meeting regulatory reporting obligations. The systems affected are described vaguely. The breach mechanism is not documented. Immediate response actions are captured in scattered messages rather than a single structured record. Notification of internal teams and external parties is not formally recorded alongside the incident itself. Without a structured, centralized reporting process, managing a data breach response and demonstrating compliance requires significantly more effort than it should.

The Data Breach Report template for SharePoint, built with Infowise Ultimate Forms, provides a formal incident report form that captures the date and time of the incident, reporter details, affected locations and systems, a detailed breach description, detection timeline, data elements compromised, records affected, immediate actions taken, internal and external notification records, and a signed accuracy declaration. Every report is stored as a complete, auditable record in SharePoint.


How it works

Incident timing and reporter details

The form captures the exact date and time of the incident alongside the reporter's name, department or division, position or title, phone number, and email address. Capturing the incident timestamp and the reporter's organizational context at the point of submission creates the foundation for a chronologically accurate, clearly attributed breach record that can withstand regulatory scrutiny.

Location, systems, and nature of incident

The form captures the locations affected, the nature of the incident, and the specific systems, networks, or applications that were compromised. Capturing these in structured fields ensures the incident scope is documented precisely at the point of reporting, rather than being reconstructed from memory or email threads during the investigation phase.

Breach description and detection timeline

A detailed description field asks the reporter to explain how the breach occurred, providing the investigation and response team with a documented account of the breach mechanism from the person who first identified it. A separate field captures when the breach was first detected or suspected, establishing the detection timeline that is a mandatory element of regulatory breach notifications in most jurisdictions.

Data elements compromised and records affected

The form captures which data elements were compromised and provides an estimated number of records affected. These two fields are the primary inputs for assessing the severity of the breach, determining notification obligations under applicable data protection regulations, and scoping the remediation effort.

Immediate actions and notification records

A required immediate actions field documents what steps were taken in response to the breach from the moment it was identified. Separate fields capture the internal teams and personnel notified and any external parties notified, creating a formal record of the response and notification chain within the same incident report. Capturing notification records at this level of detail supports both internal accountability and regulatory compliance reporting.

Accuracy declaration and reporter signature

The form closes with a required accuracy declaration through which the reporter confirms that the information provided is accurate and complete to the best of their knowledge, alongside a reporter e-signature. The signed record is stored as part of the breach report in SharePoint, creating a formally endorsed incident record without any paper-based process.


What you get

  • A formal data breach report form capturing incident date and time, reporter details, affected locations, systems, and nature of incident
  • Detailed breach description and detection timestamp providing the chronological accuracy required for regulatory notifications
  • Data elements compromised and estimated records affected for breach severity assessment and regulatory scope determination
  • Immediate actions taken and internal and external notification records captured within the same incident report
  • Accuracy declaration and reporter e-signature creating a formally endorsed, auditable incident record
  • Every report stored as a complete, searchable record in a standard SharePoint list
  • Filterable by incident date, affected department, nature of incident, or notification status for breach response management
  • Free for all Ultimate Forms customers, installed automatically with a single click

Built on standard SharePoint lists

The Data Breach Report system is built entirely on standard SharePoint lists. There is no external data storage and no custom interface. All breach report records stay inside your SharePoint environment, governed by your existing permissions and data policies. The system can be extended or adapted at any time in the browser by the administrator who manages the site.

Get helpful videos
Templates are provided "as-is", free of charge, for UltimateForms customers. Feel free to make any desired modifications.
Read detailed installation instruction.
Like this template? Get it today!
Solution templates are fully configured and installed automatically with a single click.
Microsoft partner logo
© 2005-2026 Infowise Solutions Ltd. All rights reserved.
Privacy | Cookie Policy | Accessibility | Cloud SLA