Incidents are part of the Support Observability feature set, which is currently in active development. Reach out to support@craftcx.com for early access.
What makes something an incident?
Not every policy finding becomes an incident. CraftCX applies a high threshold for promotion to keep your incident queue focused on what genuinely matters:- Recurring violations — the same type of policy deviation appears across multiple conversations
- High severity findings — a single finding is severe enough to warrant immediate attention
- Quality regressions — a measurable drop in AXIS scores that persists over time
Working with incidents
The incident queue
Incidents are organized into four views:| Tab | What’s shown |
|---|---|
| Unassigned | Active incidents not yet assigned to a reviewer |
| Assigned | Active incidents assigned to someone on your team |
| Assigned to me | Active incidents assigned to you |
| Resolved | Closed incidents, including false positives |
Incident details
Each incident shows:- Title and summary — what was detected and why it matters
- Severity — high, medium, or low, based on the nature of the issue
- Status — current triage state
- Related conversations — the specific tickets that triggered the incident
- Linked rule — the policy rule that was violated (if applicable)
- Detected at — when the incident was first identified
Triaging an incident
Incidents move through a triage workflow:| Status | Meaning |
|---|---|
| New | Freshly detected, not yet reviewed |
| Acknowledged | Someone has reviewed and is aware of it |
| Needs fix | Requires action—AI config, policy update, or process change |
| Resolved | The underlying issue has been addressed |
| False positive | Incorrectly flagged; no action needed |
Assigning and setting due dates
You can assign an incident to any team member and set a due date. This keeps accountability clear and helps your team prioritize. Assignments and due dates are shown on the incident alongside the current SLA status.Audit trail
Every status change is recorded with a timestamp and the name of the person who made the change. This gives you a full history of how an incident was handled—useful for retrospectives and compliance reviews.SLA and due dates
When an incident is created, you can set a due date to indicate when it should be resolved. CraftCX tracks the SLA status based on that date:- On track — due date hasn’t passed
- At risk — due date is approaching
- Overdue — due date has passed without resolution
Viewing related conversations
Each incident links to the conversations that triggered it. Click through to view the full transcript and the specific policy findings that contributed to the incident.Frequently Asked Questions
Who can create and resolve incidents?
Who can create and resolve incidents?
Any team member with access to the CraftCX platform can triage incidents. Incidents are created automatically by CraftCX based on policy findings and quality signals—you cannot create incidents manually.
How is an incident different from a policy finding?
How is an incident different from a policy finding?
A policy finding is a single observation about one conversation—the AI deviated from a specific policy requirement. An incident is a higher-level, persistent issue that may span multiple conversations or may represent a single very high-severity finding. Think of findings as evidence, and incidents as the cases built from that evidence.
What happens after I mark an incident as resolved?
What happens after I mark an incident as resolved?
The incident moves to the Resolved tab. It remains visible for your records and audit trail, but no further triage actions are available. If the same issue resurfaces later, CraftCX will create a new incident.
Can I get notified when a new incident is detected?
Can I get notified when a new incident is detected?
Yes. Set up a notification rule in Settings → Notifications to receive an alert via Slack, email, or webhook whenever an incident is detected. See Notifications for setup instructions.
How does incident severity get determined?
How does incident severity get determined?
Severity is derived from the underlying policy findings and quality signals that triggered the incident. High-severity findings—where the AI clearly violated a critical policy requirement with high confidence—produce high-severity incidents.
Policy Monitoring
Understand how policy violations are detected and surfaced as findings.
Notifications
Get alerted when a new incident is detected.