Purpose

Incident management seeks to minimize the negative impact of incidents by restoring normal service operation as quickly as possible.

Definition

An incident is an unplanned interruption to an IT service or a reduction in the quality of an IT service.

Objectives

The objectives of IT Incident Management are to:

• Detect interruptions in IT services,
• Log and classify these interruptions,
• Assign appropriate staff to restore service, and
• Restore normal operations as quickly as possible.

Process Flow

At a very high level, the Incident Management process includes eight process activities:

Identification - Incidents are detected and reported. Logging - All relevant information relating to the nature of the Incident must be documented. Categorization & Prioritization - Incidents are categorized and prioritized to facilitate a swift and effective resolution. Initial Diagnosis - A diagnosis is carried out to try to discover the full symptoms of the incident. Escalation - When the Service Desk cannot resolve the incident, the incident is escalated for further support (functional escalation).  If incidents are more serious, the appropriate IT managers must be notified (hierarchic escalation). Investigation & Diagnosis - When there is no known solution, the incident is investigated. Resolution & Recovery - Once the solution (or acceptable workaround) has been found, the issue can be resolved. Incident Closure - The Service Desk confirms that the incident is resolved and that the user is satisfied and then the incident can be closed.

Key Terminology

• ServiceNow - The request and issue tracking system used by IT Services to provide customer support.
• Service Desk - The function/practice within IT Services for users to report issues, queries, and requests, and have them acknowledged, classified, and actioned.
• Workaround - A solution that reduces or eliminates the impact of an incident for which a full resolution is not yet available.