What is Incident Management?
In ITIL terminology, an incident is defined as any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or reduction in, the quality of that service.
In most organizations Incident Management is provided by Service Desk Agents and Second Line support groups. As Users contact the Service Desk, incident records are created; these are updated and transferred to different groups as specific expertise is required. During the life of an incident, it will be set to various statuses which will reflect its progress and allow for reporting on how incidents are handled. All groups involved in the Incident Management process have a responsibility to monitor continually and ensure that incidents get progressed.
During the life of an incident it may be assigned to different groups but it always stays owned by the Service Desk, which has the responsibility for monitoring all incidents to ensure that deadlines and SLAs are not breached.
Although ‘major’ incidents follow a similar process to ‘normal’ incidents, usually there is a greater urgency to resolve these and hence a higher priority placed on handling them and restoring normal service. The shorter timescales applicable to major incidents should be documented along with the definition of what a major incident is. It should also be noted that the criteria for being a major incident may differ depending on the time of day, day of the month, etc. For example, an incident causing issues with a financial application may only be a major incident during end-of-month or end-of-year processing.
Key Objectives of the Incident Management Process
The key objectives of operating the Incident Management process are:
• The accurate recording of all events that occur
• To resolution of incidents as quickly as possible
• The restoration of service as soon as possible, within timeframes as contained within SLAs and other agreements
• The accurate recording of all activities performed regarding the events that have been reported
• To provide information to Problem Management in order that actions can be taken to prevent future recurrences