This document defines the Incident Management Process. Incident management is the most important process in ITSM process implementations. The process is based on the ITSM best practices and can be modified to reflect requirements specific to your organization.
The process is a sequence of activities that will result in a specific outcome. The Incident management process defines the sequence of activities that will result in effective incident resolution and closure.
Incident management is the most important process which can be considered as the face of the IT service provider and it would be the first process that will be implemented in ITSM process implementations.
Common examples of incidents are:
- Network server slow or network not accessible
- File server not accessible
- Emails not receiving or sending
The objectives section defines the definition of the term incident and the objectives of incident management.
Scope section defines the scope of incident management which includes any event which disrupts, or which could disrupt service. It includes events that are communicated directly by users, either through the service desk or through an interface from event management to incident management tools.
Incident management activities and the lifecycle of incident record can be briefly mentioned as:
- Detects and records incidents
- Classification, prioritization, and initial support to Customers
- Investigation and diagnosis of incidents, including possibly opening Requests for Change (RFCs)
- Escalation (functional or hierarchical)
- Restores service to its normal operation after the incident resolution
- Provides resolutions according to Service Level Agreements
Interface with other processes
Incident Management Process Flow
This section presents the visual representation and explanation of incident management activities, its respective roles, how an incident is triggered, how it's prioritized and categorized, how investigation and diagnosis are done, how the tickets are handled with 3rd party vendors, resolution, and closure.
Process flow – P1 Critical incident management
This section presents the visual representation and explanation of critical incident management activities, responsible groups, and actions.
Keynotes on the critical incident:
- Any Incident that results in significant Business disruption will be called a Major Incident
- Major incidents require shorter resolution timescales and greater urgency due to its impact on Business.
- The definition of what is “Major” must be agreed upon and mapped onto the overall Incident prioritization process.
- May require a MI team under the leadership of the Incident Manager.
- Should not divert the attention of the Service Desk Manager.
- At times an Emergency change might be triggered to resolve a Major Incident.
Key skills for incident management staff
- Good Communication & Analytical skills
- Ability to work under pressure
- Ability to be collaborative
- Quick decision-making capabilities
- Excellent customer handling skills
- Subject knowledge
- Details focused
- Patient and persistent
- ITIL Awareness