What is Incident Management?
- A process to handle incidents
- Incidents are unplanned interruptions for customers (because planned = changes)
- Note: It is still an incident even if the customer has not noticed it
- Eg. It is still an incident if your house is on fire, even if you haven't noticed it yet
- The main goal of Incident Management is to restore normal service asap
- Normal Service = Defined and measured in the SLA (Service Level Agreement)
What does good look like?
- Normal service restored asap (preferably within SLA timescales)
- An incident is always an incident, never a problem.
- Problem = Cause
- Incident = Effect
- A big incident should be handled as a major incident
- Problem Management may be triggered to help restore normal service asap. These are cases where it is more effective to find the cause of the incident.
Eg. I'm driving a car. A tyre gets punctured. I restore normal service asap by changing the tyre. I do not need to know the cause. However in some cases it is necessary to find causes to take effective action.
A simple Incident Management process consists of:
- Identify an incident
- Log the incident
- Categorise the incident
- Prioritise the incident (impact of incident x urgency to restore normal service)
- Initial diagnosis (check for quick fix)
- Escalate (Usually to somebody with more skills to fix)
- If normal service has been restored close the incident after confirming with customer
- If normal service ca not been restored, keep working and inform the customers
Video of ITIL Incident Management
Orientation workshop for your organisation
- Who is the Incident Manager? Several?
- Where is an overview of the current incidents?
- How do we prioritise incidents? Impact + urgency? + other factors?
- What questions do we ask to customers with incidents to get as much information as possible?
- How do we prioritise major incidents?
- If a customer has several major incidents, how would they want us to prioritise? How do we know this?
- How does our Incident Management interface with Problem Management?
- How/Where am I involved in this area of work?
Simple as possible work description for a Incident Manager
- Impress the customer!
- Have control over all incidents (Backlog, In progress, Over allowed SLA time, Resolved)