Incident management & its role in your business

Man Sitting Alone In Office Late At Night Watching Computer

‘By failing to prepare, you are preparing to fail’ is an old saying, and one that rings true with incident management. When done correctly, incident management will improve the running of your business.

What is incident management?

Incident management, in the context of IT, is about responding to a computer or IT systems incident. This could be anything from the internet, through to meeting room technology or telephone lines. Incident management will also include responding to issues related to either physical devices or programs on a computer.

The standard and code of practice, ISO 20000, defines the objective of incident management as: “To restore agreed service to the business as soon as possible or to respond to service requests.”

In practice, this is often a response plan, escalation process and then execution.

ITIL (IT Infrastructure Library) created a formal process for incident management that IT teams can work towards in the 1980s. This happened after the UK government was disappointed by their IT response times and wanted a way to improve IT managers processes.

Since then, ITIL has developed and now holds a range of formal processes for IT managers, such as system design and others.

Today, the ITIL incident management process is widely accepted and adopted as an industry-leading standard.

The importance of incident management

Incident management isn’t just a process for finding repeated issues in an IT system. It’s creating a lifecycle that ensures the service management is efficient, and that each incident is responded to in a similar manner.

It’s an important part of any IT response, as it not only ensures the problem is dealt with, but that it is recorded, communicated, and enables continuity of service.

Incident management also improves employee satisfaction – if IT systems are constantly down or negatively impacted, then it becomes irritating and unproductive for employees.

By creating a cohesive, seven step plan based on ITIL’s core incident management framework, incident management becomes effective and improves productivity.

Creating a response plan

As a business, it can be tricky to manage incidents, especially as the company grows and the tech gets more complicated. Each company’s situation is different, and they have specifics on how their team works. To create a response plan, the below ITIL core seven steps to incident response framework is ideal.

As it’s a ‘Framework’, you can adjust as needed around what your companies’ requirements are.

ITIL compliance comes from making their framework adapt to your business rather than simply following their exact method as it is written.

Below, we have gone through the seven steps to incident management according to ITIL’s framework, and how you can apply it to your business.

ITIL’s core seven steps to incident management

Incident identification

The first step in any plan is getting identification. This could be a programmed notification, a user notifying the service helpdesk, or a developer noting their own bug and recording it in a project management system. Any way that an incident is identified is a valid one.

Logging an incident

When logging an incident, it’s also necessary to add all relevant details such as device type, date, time description, version of software, such as Windows 10, or applicable details. The more information, the better, as this can inform the resolution much quicker.

Logging an incident can be done through a ticketing system, spreadsheet or be manually noted somehow. It’s best to choose a program that is scalable, and one that all your staff can use with ease.

Once an incident of any kind has been identified, it needs both classification and prioritisation.

Classification of an incident can be related to device type, frequency or tailored to what your company needs. For example, you could class incidents as “Mobile”, “Desktop” or “Tablet”.

Prioritisation is normally P1, P2, P3 etc. You could define the following as: P1 (halt everything as the company could fail because of this), P2 (urgent but not at risk of company failure), P3 (can be done tomorrow, affects less users). These definitions are flexible and should be changed from company to company.

Incident investigation/diagnosis

Whether user error or a system issue, investigation is normally the job of first point of call, such as your internal IT manager or an external IT support team. They can try and recreate the issue and provide a resolution if possible. This could be an FAQ page, or by talking the user through steps to fix.

In some cases, it could be as simple as password reset emails or turning it off and on again. Nevertheless, this is still a resolution and an incident solved.

Assignment or escalation

If the initial responder cannot resolve the issue, it must be escalated or assigned to someone else. This could be a senior support person, technical team, or someone relevant. Escalation plans are unique to each company’s situation based on your team size and work rate.

Resolving the incident

Once the incident has been fixed, it can be reported back to the user and tested to see if it has been resolved correctly.

Closing the ticket

After all involved agree the incident has been resolved correctly, the ticket can be closed and logged for future referencing in case a similar incident occurs.

Rating the experience

In order to improve your incident management, it’s best practice to ask a user whether they were satisfied with the experience and welcome any further feedback. This could be a call, a form or simply a star rating with optional long text box.

These seven steps highlight a basic response plan that is the core framework of ITIL compliance and are considered best practice in the IT world.

Incident management and ramsac

If you’re unsure as to how you can improve your incident management or implement the ITIL framework in your company, then why not speak to ramsac about our IT support services. We can provide cost efficient IT solutions that meet your employee’s needs, 24 hours a day.

Related Posts

  • Are you planning for Coronavirus (COVID-19) in your business?

    Are you planning for Coronavirus (COVID-19) in your business?

    Business continuityCoronavirus

    With cases of Coronavirus increasing by the day, this is the week to take action to review your business continuity plan and to test your organisation’s ability to work [...]

    Read article

  • What is Zero Trust security and where should you start?

    What is Zero Trust security and where should you start?

    Cybersecurity

    Zero Trust security removes assumptions about trusting a user, even when they're inside your network. This means users and devices must be verified. Read here. [...]

    Read article

  • What’s your idea worth spreading?

    What’s your idea worth spreading?

    ramsac

    Would you like to stand on stage and give a TEDx Talk? Maybe you can! ramsac are proud to be sponsoring TEDx Woking for the 4th consecutive year. The 2022 [...]

    Read article

  • What is Microsoft Planner?

    What is Microsoft Planner?

    Office 365

    Microsoft Planner is a lightweight project management tool, allowing teams to work together and have full visibility on the progress of tasks, workloads and deadlines. Discover what it is [...]

    Read article

  • Why are charities increasingly being attacked by cyber criminals? 

    Why are charities increasingly being attacked by cyber criminals? 

    Cybersecurity

    More than a quarter of charities were reportedly the target of cybercrimes in the last year alone. But why are charities increasingly the victims of cyberattacks? Find out here… [...]

    Read article

  • Introducing the Cyber Resilience Certification from ramsac

    Introducing the Cyber Resilience Certification from ramsac

    Cybersecurity

    ramsac is committed to helping organisations to protect themselves against cybercrime, to help organisations understand where they are on their cyber resilience journey, we have created the ramsac cyber [...]

    Read article