Incident Management

From Boosting Performance
Jump to: navigation, search

What is Incident Management?

  • A process to handle incidents
  • Incidents are unplanned interruptions for customers (because planned = changes)
  • Note: It is still an incident even if the customer has not noticed it
    • Eg. It is still an incident if your house is on fire, even if you haven't noticed it yet
  • The main goal of Incident Management is to restore normal service asap
  • Normal Service = Defined and measured in the SLA (Service Level Agreement)

What does good look like?

  • Normal service restored asap (preferably within SLA timescales)
  • An incident is always an incident, never a problem.
  • Problem = Cause
  • Incident = Effect
  • A big incident should be handled as a major incident
  • Problem Management may be triggered to help restore normal service asap. These are cases where it is more effective to find the cause of the incident.

Eg. I'm driving a car. A tyre gets punctured. I restore normal service asap by changing the tyre. I do not need to know the cause. However in some cases it is necessary to find causes to take effective action.

A simple Incident Management process consists of:

  • Identify an incident
  • Log the incident
  • Categorise the incident
  • Prioritise the incident (impact of incident x urgency to restore normal service)
  • Initial diagnosis (check for quick fix)
  • Escalate (Usually to somebody with more skills to fix)
  • If normal service has been restored close the incident after confirming with customer
  • If normal service ca not been restored, keep working and inform the customers

Video of ITIL Incident Management

Orientation workshop for your organisation

  • Who is the Incident Manager? Several?
  • Where is an overview of the current incidents?
  • How do we prioritise incidents? Impact + urgency? + other factors?
  • What questions do we ask to customers with incidents to get as much information as possible?
  • How do we prioritise major incidents?
  • If a customer has several major incidents, how would they want us to prioritise? How do we know this?
  • How does our Incident Management interface with Problem Management?
  • How/Where am I involved in this area of work?

Simple as possible work description for a Incident Manager

  • Impress the customer!
  • Have control over all incidents (Backlog, In progress, Over allowed SLA time, Resolved)