Incident management is all about getting a handle on IT service management problems. Successful incident management will prevent these problems from interrupting business processes (any longer than necessary) or impacting other IT services.
The goal of incident management is getting everything back to normal operations as soon as possible after an incident. When incidents are managed in a thoughtful, forward-looking way, not only is the resolution process smoother and more thorough, future incident management can benefit as well from lessons learned.
5 Benefits of an Incident Management System
An incident management system benefits your organization in many ways:
- Maintenance of more continuous service levels
- Meeting requirements for IT service availability
- Higher efficiency and productivity throughout the organization
- Better end user satisfaction
- Documentation of IT service management value to the enterprise
How an Incident Management System Works
An incident management system:
- Records incidents
- Classifies them depending on their urgency and impact
- Assigns the incident to the appropriate responding personnel
- Manages the incident through resolution and reporting once it’s been resolved
Incidents may be reported in many different ways. For example, end users may report incidents through a self-service portal, filling in applicable input fields about the nature of the incident. Incident reporting may be an option in your IT service catalog, or incidents may be reported by email depending on your service desk setup.
Generally, incident forms have empty fields for category and subcategory so that they can be properly classified and handled by the appropriate personnel. Drop-down menus can help end users fill in these fields appropriately. Categories may then be used to create automatic notifications or automatic assignment. If, say, there was an incident classified as “hardware,” it could be automatically assigned to the person or group that deals with hardware issues. Commonly-used categories include requests (such as account access), inquiries (“I don’t know how to _____.”), software problems, hardware problems, and database problems.
ITIL has three metrics for determining the order in which incidents should be processed:
- Impact: how the incident affects business
- Urgency: how long resolution can reasonably be delayed
- Priority: how quickly the service desk should address the problem
Priority may be made dependent on the combination of impact and urgency. For example, high impact and high urgency should dictate top priority, whereas low impact and low urgency dictate low priority, with other impact and urgency values dictating priority levels between high and low.
Steps in the Incident Management Process
Incident management has five basic steps:
- Initial incident diagnosis: where someone from the service desk looks over the information on the incident and may speak with the person who reported it in order to diagnose the problem. The service desk worker may consult the organization’s configuration management database for help with this.
- Incident escalation: following a pre-set collection of rules, the person managing the incident can ensure that the incident is escalated for quicker handling if necessary.
- Incident investigation: the step when the service desk uses the diagnosis and relevant information to determine how to solve the problem
- Incident resolution and recovery: the stage where the incident is resolved, documented as such by the service desk, and any escalations are canceled.
- Incident closure: when the incident is filtered out of view of the service desk system. At this time, the resolution may be added to the IT service desk’s knowledge base so that similar incidents in the future may be resolved more quickly.