Back to Basics: Incident Management 101

The 21st century workplace is all about enabling productivity through device and service connectivity. That’s where incident management comes in — by preventing interruption of business processes or other IT services.

In the ITIL® V3 defined service lifecycle, incident management is typically part of service operations. The goal of incident management is to get everything back to normal as soon as possible after an incident. When incidents are managed in a thoughtful manner, the resolution process becomes smoother and more thorough, and future service desk users can benefit from lessons learned during the resolution process.

How an Incident Management System Works

An incident management system:

• Identifies an incident and records it
• Categorizes and prioritizes an incident, depending on its urgency and impact
• Assigns the incident to the appropriate responding personnel
• Manages the incident through resolution and reporting once it’s been resolved

Incidents may be reported in many different ways. For example, end users may report incidents through a self-service portal, IT service catalog, or even  email depending on service desk setup.

Generally, incident forms have empty fields for category and subcategory so that they can be properly classified and handled by the appropriate personnel. Categories may then be used to create automatic notifications or automatic assignment. For instance, if  there was an incident classified as “Hardware,” it could be automatically be assigned to the person or group that deals with hardware issues. Commonly-used categories include:

• Requests (such as “account access”)
• Inquiries (“I don’t know how to _____.”)
• Software problems
• Hardware problems
• Database problems

Incident Management Process

ITIL recommends that incident management follow five basic steps:

1. Incident Identification: Incidents come from users through various forms (walk-ups, self-service email, etc)
2. Incident Logging: Service desk users log the incident as a ticket, which includes details like user’s contact information and the incident description
3. Incident Categorization: Users assign a category and subcategory to the incident
4. Incident Prioritization: The incident is prioritized based on its impact on users and its impact on the overall business
5. Incident Response: The service desk handles and resolves the incident

But, why categorize an incident when you have prioritization? Categorization is an important part of the incident management process for two main reasons:

1. It allows certain issues to be automatically prioritized. For example, an incident might be categorized as “video conferencing” with a sub-category of “audio quality”. In some organizations, this may be considered a high-priority incident that requires an immediate response.
2. Provides the ability to accurately track incidents. Tracking quantifies data and offers insights into emerging patterns, which leads to smarter decisions overall.

Incident Prioritization

Incident prioritization is similar to triage at a hospital — a process of determining the priority of resolving incidents based on their severity. ITIL has three metrics for determining the order in which incidents should be processed:

1. Impact: How the incident affects business
2. Urgency: How long resolution can reasonably be delayed
3. Priority: How quickly the service desk should address the problem

Priority may be dependent on the combination of impact and urgency. For example, high impact and high urgency should dictate top priority, whereas low impact and low urgency dictate low priority.

Incident Response Process

Once an incident has been identified, logged, categorized, and prioritized, the service desk can resolve the incident through an incident response process.

1. Initial Diagnosis: Service desk user reviews incident information
2. Incident Escalation: Following pre-set rules, service desk user escalates the incident to appropriate priority
3. Incident Investigation: Through diagnosis of the incident, service desk users determine how to solve the problem
4. Incident Resolution and Recovery: Incident is resolved and documented appropriately
5. Incident Closure: The incident is officially closed within the system

Benefits of an Incident Management System

An incident management system can benefit your organization in many different ways. From meeting requirements for IT service availability to better end user satisfaction, incident management can help organizations obtain higher efficiency and productivity overall.