The incident management process can be summarized as follows: Show
These processes may be simple or complex based on the type of incident; they also may include several workflows and tasks in addition to the basic process described above. Incident loggingAn incident can be logged through phone calls, emails, SMS, web forms published on the self-service portal or via live chat messages. Incident categorizationIncidents can be categorized and sub-categorized based on the area of IT or business that the incident causes a disruption in like network, hardware etc. Incident prioritizationThe priority of an incident can be determined as a function of its impact and urgency using a priority matrix. The impact of an incident denotes the degree of damage the issue will cause to the user or business. The urgency of an incident indicates the time within which the incident should be resolved. Based on the priority, incidents can be categorized as:
Incident routing and assignmentOnce the incident is categorized and prioritized, it gets automatically routed to a technician with the relevant expertise. Creating and managing tasksBased on the complexity of the incident, it can broken down into sub-activities or tasks. Tasks are typically created when an incident resolution requires the contribution of multiple technicians from various departments. SLA management and escalationWhile the incident is being processed, the technician needs to ensure the SLA isn't breached. An SLA is the acceptable time within which an incident needs response (response SLA) or resolution (resolution SLA). SLAs can be assigned to incidents based on their parameters like category, requester, impact, urgency etc. In cases where an SLA is about to be breached or has already been breached, the incident can be escalated functionally or hierarcially to ensure that it is resolved at the earliest. Incident resolutionAn incident is considered resolved when the technician has come up with a temporary workaround or a permanent solution for the issue. Incident closureAn incident can be closed once the issue is resolved and the user acknowledges the resolution and is satisfied with it. Post-incident reviewAfter an incident has been closed, it's good practice to document all the takeaways from that incident. This helps better prepare teams for future incidents and creates a more efficient incident management process. The post-incident review process can be broken down into various aspects, as shown below, and is particularly useful for major incidents. Internal evaluationIncident identification
Information flow and communication:
Structure
Resource utilization
Process
Reporting
External evaluation - End User surveysApart from the above factors, some end-user facing factors should also be evaluated. For this purpose, a post-closure survey is conducted to collect feedback from the end users affected by the incident. This survey should be used to gain insight in some key areas, like:
Build your custom incident management workflows Which ITIL term is used for errors that were not resolved before a service?Many errors are identified and resolved before a service goes live. However, some remain unidentified or unresolved, and may be a risk to live services. In ITIL, these errors are called problems and they are addressed by the problem management practice.
Which ITIL term describes the uncertainty of a negative or positive outcome?Risk is considered an uncertain outcome, one that that can be positive or negative.
What is defined as an unplanned interruption or reduction in the quality of a service?In ITIL terminology, an 'incident' is defined as an unplanned interruption to an IT service, or reduction in the quality of an IT service, or a failure of a CI that has not yet impacted an IT service (for example failure of one disk from a mirror set).
What happens if a workaround becomes the permanent way of dealing with problem that Cannot be resolved cost effectively?What happens if a workaround becomes the permanent way of dealing with a problem that cannot be resolved cost-effectively? The problem remains in the known error status.
|