Do you handle every incident?
We are averaging about 80+ incidents per day. The only ones that we actually act on are the ones when people respond to the automatic email that is sent to them saying they have violated a policy.
If you do handle each one, what do you do? How do you go about presenting this to them? As I said, in our situation they are notified automatically.
The reason I ask is I feel like I am not doing enough with the tool (it is my sole responsibility at the moment).
Am I over thinking it? What else can I do to be productive with the tool?