> ## Documentation Index
> Fetch the complete documentation index at: https://docs.zenoo.com/llms.txt
> Use this file to discover all available pages before exploring further.

# How Do I Review Alerts?

> Walk through the alert workspace — filter your queue, investigate screening hits, use AI insights, and take action.

# How Do I Review Alerts?

Alerts are the primary work items in Case Management. Each alert represents a compliance issue that needs human judgment — a sanctions match, a PEP flag, an identity discrepancy, or a document problem. This guide walks through the alert workspace and how to process alerts efficiently.

## What you'll learn

* How to navigate the alert workspace
* How to filter and sort your alert queue
* How to investigate an individual alert
* What information the detail panel shows
* How to take action on an alert

## The alert workspace

The alert workspace is split into two panels:

* **Left panel: Alert queue** — a prioritized list of alerts assigned to you or your team, with filters and sort options
* **Right panel: Alert detail** — the full context for the selected alert, including screening hit data, AI research, comments, and action buttons

## How do I find the alerts I need?

<Steps>
  <Step title="Open the alert workspace">
    From the main navigation, click **Alerts** to open the alert workspace. By default, you see alerts assigned to you, sorted by priority score (highest first).
  </Step>

  <Step title="Filter by type or category">
    Use the filter bar at the top of the queue to narrow your view:

    * **Type** — Screening, Identity, Document, Company, Financial
    * **Category** — PEP Match, Sanctions Hit, Adverse Media, Name Mismatch, etc.
    * **Status** — Open, Acknowledged, Resolved, False Positive
    * **Priority** — Critical, High, Medium, Low
    * **SLA Status** — On Track, At Risk, Breached
  </Step>

  <Step title="Sort by what matters">
    Click the sort dropdown to order your queue by:

    * **Priority score** (default) — a composite score combining SLA urgency, risk tier, category severity, match confidence, and case risk
    * **SLA due date** — nearest deadline first
    * **Created date** — newest or oldest first
    * **Match score** — highest confidence matches first
  </Step>
</Steps>

## How do I investigate an alert?

Click any alert in the queue to open its detail panel. The detail panel is organized into sections:

<Tabs>
  <Tab title="Overview">
    The top section shows at a glance:

    * **Alert title** — a human-readable description (e.g., "PEP Match - John Smith")
    * **Category badge** — color-coded by type (red for sanctions, orange for PEP, blue for adverse media)
    * **Priority badge** — Critical, High, Medium, or Low
    * **SLA indicator** — time remaining until the deadline, color-coded (green/yellow/red)
    * **Match score** — confidence percentage for screening matches
    * **Assigned to** — the analyst responsible
  </Tab>

  <Tab title="Screening Hit Data">
    For screening alerts, this section shows the match details:

    * **Matched name** — the name in the database
    * **Match score** — how closely the names match
    * **Source database** — which list or provider flagged the match
    * **Category** — PEP, Sanctions, Adverse Media, or Watchlist
    * **Country** — countries associated with the matched entity
    * **Additional details** — positions held (for PEPs), list names (for sanctions), article summaries (for adverse media)
  </Tab>

  <Tab title="AI Research">
    If AI research has been run on this alert, you will see:

    * **AI assessment** — the AI's analysis of whether this is a true match
    * **Confidence score** — how confident the AI is in its assessment
    * **False positive probability** — estimated likelihood this is a false positive
    * **Recommended action** — what the AI suggests (approve, escalate, investigate further)
    * **Sources** — references the AI used for its analysis

    See [How Do I Use AI Research?](/guides/case-management/use-ai-research) for more detail.
  </Tab>

  <Tab title="Entity Context">
    Shows context about the entity this alert relates to:

    * **Entity name and role** — e.g., "John Smith — Director"
    * **Parent case** — link to the investigation case
    * **Other alerts** — what other alerts exist for this entity
    * **Check status** — where all checks stand for this entity
  </Tab>
</Tabs>

## How do I take action?

Once you have reviewed the alert details, click the **Resolve** button to open the resolution modal. Choose an action:

| Action                      | When to use                                    | What happens                                                                                                   |
| --------------------------- | ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------- |
| **Approve**                 | The match is a false positive or acceptable    | Alert status changes to Resolved. Case open alert count decreases.                                             |
| **Decline**                 | The match is confirmed and unacceptable        | Alert status changes to Resolved with Decline action. May trigger case rejection.                              |
| **Escalate**                | You need a senior reviewer's input             | Alert is escalated. The parent case moves to Internal Review. A notification is sent to the escalation target. |
| **Request Document**        | You need additional evidence from the customer | Alert stays open. A document request is created. The case may move to Client Input.                            |
| **Approve with Conditions** | Acceptable with additional requirements        | Alert is resolved with conditions noted. May trigger EDD requirements.                                         |

<Info>
  Every resolution action is logged in the audit trail with the analyst's name, timestamp, and any notes provided. This record is immutable and available for regulatory review.
</Info>

## What about auto-triaged alerts?

Some alerts are processed by the AI auto-triage system before they reach your queue. These alerts have:

* An AI assessment already populated
* A false positive probability score
* A "QA Sample" flag if the alert was auto-resolved but selected for your quality review

Auto-resolved alerts with the QA Sample flag appear in your queue for spot-checking. Review them to verify the AI made the correct decision.

## What's next?

<Columns cols={2}>
  <Card title="Resolve a Case" icon="circle-check" href="/guides/case-management/resolve-a-case">
    After resolving all alerts, close the case.
  </Card>

  <Card title="Use AI Research" icon="brain" href="/guides/case-management/use-ai-research">
    Get AI analysis to help validate screening matches.
  </Card>

  <Card title="Collaborate With Your Team" icon="users" href="/guides/case-management/collaborate-with-team">
    Add reviewers and discuss alerts with colleagues.
  </Card>

  <Card title="Track SLA Compliance" icon="clock" href="/guides/case-management/track-sla">
    Monitor deadlines across your alert queue.
  </Card>
</Columns>
