Incident Management Process
This document defines the Incident Management Process. Incident management is the most important process in ITSM process implementations. The process is based on the ITSM best practices, and can be modified to reflect requirements specific to your organization.
The primary audience for this document is IT managers, process owners and process managers responsible for the design, implementation, management, and continuous improvement of this process. This incident management document may also be of interest to IT staff members who execute a specific role within this process and business organizations that want to better understand how the process has been defined within the IT organization.
Introduction to Incident Management Process
Process is a sequence of activities that will result in a specific outcome. Incident management process defines the sequence of activities that will result in effective incident resolution and closure.
Incident management is the most important process which can be considered like the face of the IT service provider and it would be the first process which will implemented in ITSM process implementations.
Common examples of incidents are:
- Network server slow or network not accessible
- File server not accessible
- Emails not receiving or sending
Objectives section defines the definition of term incident and the objectives of incident management.
Scope section defines the scope of incident management which includes any event which disrupts, or which could disrupt, a service. It includes events which are communicated directly by users, either through the service desk or through an interface from event management to incident management tools.
Incident management activities and the lifecycle of incident record, can be briefly mentioned as:
- Detects and records incidents
- Classification, prioritiation and initial support to Customers
- Investigation and diagnosis of incidents, including possibly opening Requests for Change (RFCs)
- Escalation (functional or hierarchical)
- Restores service to its normal operation after incident resolution
- Provides resolutions according to Service Level Agreements
Interface with other processes
This section defines the incident management process interfaces with various other Service management processes.
Incident Management Process Flow
This section presents the visual representation and explanation of incident management activities, its respective roles, how an incident is triggered, how its prioritized and categorized, how investigation and diagnosis is done, how the tickets are handled with 3rd party vendors, resolution and closure.
Process flow – P1 Critical incident management
This section presents the visual representation and explanation of critical incident management activities, responsible groups, and actions.
Key notes on critical incident:
- Any Incident that results in significant Business disruption will be called as Major Incident
- Major incidents require shorter resolution timescales and greater urgency due to its impact on Business.
- Definition of what is “Major” must be agreed and mapped onto the overall Incident prioritization process.
- May require a MI team under the leadership of the Incident Manager.
- Should not divert the attention of the Service Desk Manager.
- At times an Emergency change might be triggered to resolve a Major Incident.
Key skills for incident management staff
- Good Communication & Analytical skills
- Ability to work under pressure
- Ability to be collaborative
- Quick decision making capabilities
- Excellent customer handling skills
- Subject knowledge
- Details focused
- Patient and persistent
- ITIL Awareness