What is a Daily Occurrence Book? A Guide for Security & Facilities Teams
The daily occurrence book is one of the most important tools in security and facilities management, yet it is often misunderstood or poorly maintained. This guide explains what a daily occurrence book is, what it should contain, how to maintain it to a professional standard, and why more security teams are making the move to electronic occurrence logs.
What is a Daily Occurrence Book?
A daily occurrence book (DOB) is a chronological record of everything that happens during a security shift. It is used by security officers, control room operators, and facilities managers to document events, observations, incidents, and actions as they occur throughout the working day or night.
Think of it as a running diary of activity at a site. Every visitor, every patrol, every telephone call, every maintenance issue, and every incident gets logged in the occurrence book in real time. Critically, the DOB is not just for notable events or security breaches. It should capture the full picture of site activity, including routine checks, maintenance visits, contractor access, and communications with external agencies. Comprehensive logging is what gives the record its value: individual entries only become meaningful when they exist within a complete operational timeline.
Each entry must include a timestamp, a description of the event, and the name of the officer making it. Entries should be made as soon as possible after an event occurs. Delayed logging increases the risk of omitted details and inaccuracies, and in legal or insurance contexts, an entry written hours after the fact carries less evidential weight than one recorded at the time.
The language of every entry matters too. Officers should use objective, neutral terms to describe what was observed rather than what was inferred. Subjective judgments, assumptions, or emotive language have no place in an occurrence log. The DOB is a factual record, not an interpretation of events.
Why is the Daily Occurrence Book So Important?
A well-maintained security occurrence log serves several important functions:
1. It Creates a Legal Record
If an incident leads to legal proceedings, whether a personal injury claim, a criminal prosecution, or an employment tribunal, the daily occurrence book is often the first document requested by solicitors and courts. Entries made contemporaneously (at the time of the event) carry significant weight as evidence, precisely because they were not created after the fact.
A gap in the record, or an entry that appears to have been altered, can seriously undermine your legal position. This is why timeliness, accuracy, and an unbroken audit trail are not optional standards: they are the foundation of a legally reliable occurrence log. A complete, unaltered occurrence book demonstrates professionalism and provides a reliable account of events.
2. It Supports Insurance Claims
Insurance providers rely on incident records to assess claims. Whether you are claiming for property damage, theft, or a liability incident, your insurer will want to see a contemporaneous log that supports your account of what happened. Sites without proper occurrence book records often find that claims are delayed, disputed, or rejected.
3. It Enables Operational Handover
Security operations run around the clock. When one officer ends a shift and another begins, there must be a reliable mechanism for transferring situational awareness: what has happened, what is still ongoing, and what the incoming officer needs to be aware of. The daily occurrence book is that mechanism. A thorough shift handover entry ensures continuity of operations and means nothing gets missed between shifts. Using a standardised entry format across all officers and all shifts makes handovers faster, clearer, and less prone to gaps.
4. It Demonstrates Compliance and Provides an Audit Trail
Many contracts and regulatory frameworks require security teams to maintain occurrence logs. Contract security companies often face SLA audits in which client representatives review the DOB to confirm that agreed patrol frequencies, response times, and reporting obligations have been met. The occurrence book is your proof of service.
Beyond contract compliance, the DOB functions as an accurate audit trail for all operational activities, incidents, and responses. Regular reviews of log entries allow supervisors to identify patterns, follow up on unresolved issues, and verify that all required actions have been completed. The insights drawn from the occurrence log should actively inform decision-making, policy improvements, and training programmes, rather than sitting unread in a filing cabinet or database.
5. It Provides Management Visibility
Site managers, security supervisors, and facilities directors use occurrence book data to identify patterns such as repeated incidents at specific access points, recurring maintenance failures, or peaks in visitor volumes, and adjust their operational response accordingly. Without consistent logging, this intelligence is lost.
What Should a Daily Occurrence Book Contain?
A security occurrence log entry typically includes the following information:
- Date and time of the entry
- Name and role of the officer making the entry
- A clear, factual description of the event or observation, written in objective language
- Any actions taken in response
- The names of any individuals involved (visitors, contractors, third parties)
- Reference to any linked incident report, task, or case where relevant
- Confirmation of patrol completions and checkpoint times, logged at consistent intervals
- Shift handover notes at the start and end of each shift
- Any related documents, images, or evidence attached or referenced
A standardised format for all entries, covering consistent structure, terminology, and level of detail, is important. It ensures that any officer, supervisor, or reviewer can read and understand the log without needing to interpret different writing styles or guess at missing information. Routine activities such as safety inspections and shift changes should be logged at consistent times to maintain a reliable operational timeline.
For more information, read our Guide to Digital Daily Occurrence Book Best Practice.
Who Uses a Daily Occurrence Book?
Occurrence books are used across a wide range of security and facilities environments, including:
- Commercial office buildings and corporate campuses
- Retail centres and shopping estates
- Hospitals, universities, and public buildings
- Logistics hubs, industrial sites, and data centres
- Residential developments and mixed-use schemes
- Hotels, leisure venues, and stadiums
In each of these contexts, the occurrence book may be maintained by in-house security teams, contract security companies, or a combination of both. In sites with a security control room, it is typically the control room operator who maintains the primary occurrence log, with officers in the field submitting entries via radio or mobile device.
Regardless of the context, the principles of good practice remain the same: prompt entries, objective language, consistent formatting, comprehensive coverage of events, and restricted access to protect the confidentiality of any personal or sensitive information contained within the log. All staff who contribute to the occurrence book should be trained on these standards as part of their onboarding, with regular refreshers to maintain awareness of data protection obligations and organisational policies.
Paper Occurrence Books vs Electronic Occurrence Logs
Traditionally, the daily occurrence book was exactly that: a physical book. Officers wrote entries by hand, and at the end of each day, the book was stored in the security office. While this approach is simple, it comes with significant limitations, and it makes it very difficult to uphold many of the best practice standards that a well-run security operation requires.
The Problem with Paper Logs
- Entries cannot be searched: finding a specific event requires manually reading through pages of handwritten notes
- Handwriting can be illegible, making entries difficult to read and legally unreliable
- There is no automatic audit trail: entries can be added, altered, or removed without detection
- Books can be lost, damaged, or destroyed by fire, flood, or accident, with no backup
- Sharing information with management or clients requires physical access to the book
- Oversight is reactive rather than real-time, so supervisors can only review logs after the fact
- Enforcing a consistent entry format across officers and shifts is difficult without a structured template
- Confidentiality is harder to manage: a physical book cannot restrict access by role or seniority
The Shift to Electronic Occurrence Logs
Security teams are increasingly moving to electronic occurrence logs: digital platforms that replicate the function of the traditional occurrence book with significant added capabilities.
With an electronic occurrence log, officers submit entries via a smartphone, tablet, or computer. Each entry is automatically timestamped and tied to the officer’s identity, creating an immutable record that cannot be altered without leaving a trace. Supervisors can view the log in real time, search entries by date, keyword, or category, and generate reports for clients or management. Role-based access controls mean that only authorised personnel can view sensitive entries, and data is stored in secure cloud infrastructure rather than a physical book that can be lost, stolen, or destroyed.
Digital platforms also make it far easier to enforce consistent entry formats, prompt officers to complete all required fields, and flag entries that may need follow-up or escalation. The result is a more complete, more accurate, and more legally reliable occurrence log that actively supports compliance, handover quality, and management insight rather than simply recording events after they happen.
Key Features to Look for in a Digital Occurrence Book
If you are evaluating electronic occurrence log software for your security operation, the following features are worth prioritising:
- Automatic timestamping: every entry is date and time-stamped at the point of submission, with no ability to backdate
- Officer attribution: entries are automatically linked to the logged-in user, creating a clear audit trail
- Structured entry templates: guided fields that enforce a consistent format and ensure officers capture all required information
- Full-text search: the ability to search across all entries by keyword, date range, location, or category
- Multimedia support: the ability to attach photographs, CCTV stills, or documents to entries
- Shift handover workflows: structured prompts that guide officers through a complete shift handover
- Role-based access: different levels of access for officers, supervisors, and clients, protecting confidential information
- Secure cloud storage: data held in secure infrastructure accessible only to authorised personnel, with no risk of physical loss
- Integration with incident management: the ability to escalate an occurrence log entry into a full incident report with a single action
- Exportable audit reports: the ability to generate a formatted report of all entries for a given period, suitable for legal, contractual, or insurance use
Daily Occurrence Book vs Incident Report: What’s the Difference?
A common source of confusion is the relationship between the daily occurrence book and the incident report. They serve different purposes and should not be treated as interchangeable.
The occurrence book is a continuous log of everything that happens at a site. Most entries are routine: patrol completions, visitor arrivals, telephone calls, shift handovers. The occurrence book captures the full picture of activity at a site, including the unremarkable as well as the notable.
An incident report, by contrast, is a detailed account of a specific event that falls outside normal operations: a theft, an injury, an access control breach, a threatening behaviour incident. Incident reports are completed for exceptional events and contain more detailed information, including witness statements, photographs, and recommended actions.
In a well-run security operation, these two records work together. An occurrence book entry flags that something notable has happened; an incident report provides the full detail. The occurrence book entry acts as the contemporaneous first record; the incident report is the structured follow-up. Digital platforms that integrate both tools allow officers to escalate an occurrence log entry directly into an incident report, carrying the core information across automatically and preserving the full audit trail.
The Daily Occurrence Book and Legal Compliance in the UK
In the UK, security professionals are regulated by the Security Industry Authority (SIA). While the SIA does not mandate a specific format for occurrence books, the obligation to maintain accurate and contemporaneous records is embedded in the professional standards that underpin SIA licensing and the British Standards that govern contract security services (notably BS 7858 and BS EN 50518).
Beyond regulatory compliance, the occurrence book has direct relevance to obligations under the Health and Safety at Work Act 1974, the Management of Health and Safety at Work Regulations 1999, and for higher-risk venues, the Terrorism (Protection of Premises) Act (Martyn’s Law), which is expected to require enhanced record-keeping and incident response documentation for many in-scope venues.
Building owners and facilities managers should also be aware that the Building Safety Act 2022 places new obligations on accountable persons to maintain safety records. While the Act primarily focuses on higher-risk residential buildings, the principle that accurate, accessible records are a legal requirement rather than an operational nicety applies across the built environment.
Ensuring your occurrence log complies with these frameworks means more than simply keeping a record. It means keeping one that is complete, timely, consistently formatted, held securely, accessible to reviewers when needed, and actively used to inform operational improvement rather than stored and forgotten.
How Zinc’s Daily Occurrence Book Module Works
Zinc’s digital occurrence book is designed for security and facilities teams who need a reliable, searchable, and audit-ready record of everything that happens on site, and who want that record to actively support their operations rather than simply document them.
Officers submit log entries in real time from their mobile devices. Each entry is automatically timestamped, attributed to the submitting officer, and stored in secure cloud infrastructure. Structured entry templates guide officers through the information required for each entry type, reducing the risk of incomplete or inconsistent records. Supervisors and managers can view the live log from anywhere, search across historical entries, and export formatted audit reports with a single click.
When an entry requires escalation, for example when a routine occurrence becomes a reportable incident, officers can convert the log entry into a full incident report without starting from scratch. All the core information carries across, and the audit trail is preserved.
The Zinc platform also supports the regular review process that best practice requires. Supervisors can filter entries by category, flag items for follow-up, and use logged data to identify operational patterns and inform continuous improvement. For security companies managing multiple client sites, Zinc gives authorised supervisors and account managers portfolio-wide visibility while keeping each site’s log secure and separately accessible.
Take a look at our Daily Occurrence Book module and explore how it connects to our wider platform.
+44 (0)20 3989 4859 
info@zinc.systems 