Incident Management

Introduction and Objectives

The main objectives of Incident Management are:

• Detecting any alterations in IT services.
• Logging and classifying these alterations.
• Assigning personnel charged with restoring service, as defined in the relevant SLA.

This activity requires close contact with users, which means that the Service Desk needs to play a central role.

The diagram below summarises the incident management process:

Although the concept of an incident is naturally associated with a malfunctioning of the hardware and software systems, the ITIL Service Support book defines an incident as:

“Any event which does not form part of the standard operation of a service and which causes, or may cause, an interruption or a reduction in service quality."

Thus, almost any call to the Service Desk may be classified as an incident. This includes Service Requests, such as asking for new licences, changing access to information, etc. provided these services are considered standard.

Any change requiring a modification to the infrastructure is considered not to be a standard service and requires the initiation of a Request for Change(RFC), which should be handled in accordance with the principles of Change Management.

The main benefits of correct Incident Management include:

• Improved user productivity.
• Fulfillment of the levels of service agreed in the SLA.
• Greater process control and service monitoring.
• Optimisation of the resources available.
• A more accurate CMDB, as incidents affecting configuration items are logged.
• And, in particular: improved general customer and user satisfaction.
  

On the other hand, incorrect Incident Management may have adverse affects, such as:

• Reduced Service Level.
• Valuable resources are squandered: too many people, or people of the wrong level, working simultaneously on resolving the incident.
• Valuable information on the causes and effects of incidents of use for future restructuring or upgrades is lost.
• Customers and users are unsatisfied as a result of the poor and/or slow resolution of their incidents.

The main difficulties when implementing Incident Management may be summarised as:

• The envisaged procedures are not followed and incidents are resolved without logging or are escalated unnecessarily and/or the pre-defined protocols are omitted.
• There is no operating margin allowing peaks in incidents to be managed, so they are not adequately recorded and the correct operation of the classification and escalation protocols is hindered.
• The service quality levels and products supported are not well defined. This can mean that requests not included in the services agreed beforehand with the customer are processed.