Triaging alerts

When an alert is in the Triage state, it is ready to be reviewed by either a member of the triage team or the Supervisor. Either role can review the alert to determine the next action.

About this task

Alerts typically originate from an analysis flow. When the analytic detects something in a transaction or a claim that exceeds the set threshold, the alert is generated and routed to the appropriate role. Usually this role is a member of the triage team, or the case management Supervisor.

Procedure

To triage an alert:

  1. In the role in-basket, click the name of the alert to open it. To see alert details without opening the alert, click another part of the row to expand the alert details panel.
  2. On the Task Details tab, review the details of the alert in the Summary section.
  3. Expand the related objects sections to view additional relevant information for the case. These sections provide details about the objects. The Alerted column shows a check mark if the object was flagged by the analysis flow. This flag means that the object was marked suspicious in another alert or case.
  4. Mark any objects as suspicious by clicking in the row to enable edit mode, then selecting the check box in the Suspicious column.
    Note: All editable suspicious markings are initially set to false. To view any previous suspicious markings, select the detailed view on the objects. Any objects that are marked suspicious are saved by the actions taken in Step 7.
  5. On the Documents tab, you can view any documents or images that are attached to the alert. You can also add a document or item if you have an artifact that is relevant to the alert.
  6. Choose Actions > Add Related Objects if you know that there are existing objects in another case or alert that are relevant to this alert.
  7. When you have completed the triage review, choose a resolution by clicking Actions:
    • Close - Not Suspicious
    • Close - Insufficient Evidence
    • Refer to Supervisor
    • Refer to Investigator
  8. To send for further investigation, for example, Send to Supervisor or Send to Investigator, search for and assign the appropriate Supervisor or Investigator to continue managing the alert or case.