Purpose
One shared definition for every term referenced across the knowledge base.
Used by
Administrators, reviewers, reporters, partners.
Companion
Troubleshooting when a workflow behaves unexpectedly.

Workspace & identity

TermDefinition
WorkspaceThe organization-scoped boundary for members, roles, incidents, partners, sites, and settings. Every Castlewatch user operates inside exactly one workspace at a time.
Organization profileThe public-facing name, region, billing state, and plan context that partners and team members see.
RegionA label like a metro area, county, or regional network used to make the workspace recognizable to partners.
Mapped siteA saved location with coordinates (campus, event site, building) that reports and the dashboard map reference.
MemberA user account associated with the workspace and assigned exactly one role.

Reporting

TermDefinition
IncidentA durable record of one operationally meaningful event, with structured metadata, narrative, comments, sightings, and attachments.
SeverityThe reporter or reviewer's assessment of potential impact: low, medium, high, or critical.
Operational statusWhat is still happening or needed: open, monitoring, resolved. Independent of severity.
TagsSearchable labels reporters and reviewers apply to surface patterns (e.g., vehicle, repeat-pattern, threat-statement).
SightingA follow-up observation logged on the incident timeline after the original report (patrol confirmation, witness update, recurrence).
AttachmentA supporting file (photo, document, exported evidence) tied to an incident record.

Moderation

TermDefinition
SubmittedThe report entered the workflow but no reviewer has claimed it.
Under reviewA reviewer has claimed the report and is evaluating it.
Changes requestedThe report needs clarification or correction before it can be verified.
VerifiedThe report is accepted for its selected visibility scope and becomes part of the durable record.
RejectedThe report will not proceed as an operational incident record (duplicate, out of scope, unsupported).
Return to reviewAction that moves a previously closed report back into the review queue for additional redaction or clarification.

Visibility & trust

TermDefinition
VisibilityThe audience scope for a verified incident: origin only, selected partners, trust group, or region.
Trusted partnerAn organization with an explicit, stateful relationship to your workspace.
Connection stateRequested, connected, declined, or revoked — the lifecycle stage of a partner relationship.
Trust groupA named coalition of connected partners used as a shorthand for repeated visibility decisions.
Template MOU / NDAStandard documents with tracked signature status and signer metadata, acknowledging the relationship.
Sharing defaultsOrganization-level setting that influences the initial visibility choice on new reports.

Access & alerts

TermDefinition
RoleOrg admin, reviewer, reporter, or viewer — determines which actions appear and which workflows are available.
Policy thresholdMinimum role required for sensitive actions like managing members, partner requests, or notification defaults.
Billing gateA workflow that requires an active subscription before live use.
Organization notification defaultsBaseline alert routing for the organization, layered under each user's personal preferences.
Personal alert preferencesPer-user controls for event type, channel, severity threshold, quiet hours, and SMS destination.
MFAMulti-factor authentication using an authenticator app; recommended for administrators and reviewers.
Quiet hoursA time window during which non-urgent notifications are suppressed for a user.

Related references