Incident Management (ITSM)
Encyclopedia
Incident Management is an IT service management
(ITSM) process area. The first goal of the incident management process is to restore a normal service operation as quickly as possible and to minimize the impact on business operations, thus ensuring that the best possible levels of service quality and availability are maintained. 'Normal service operation' is defined here as service operation within Service-level agreement (SLA). It is one process area within the broader ITIL
and ISO 20000
environment.
ISO 20000 defines the objective of Incident management (part 1, 8.2) as
Incidents that cannot be resolved quickly by the help desk will be assigned to specialist technical support groups. A resolution or work-around should be established as quickly as possible in order to restore the service.
terminology defines an incident as:
ISO 20000
defines an incident (part 1, 2.7) as:
) or 'known errors' (with a root cause) under the control of problem management and registered in the known-error database ( KeDB ). Where existing work-arounds have been developed, it is suggested that accessing these will allow the service desk to provide a quick first-line fix. Where an incident is not the result of a Problem or Known Error, it may either be an isolated or individual occurrence or may (once the initial issue has been addressed) require that problem management become involved, possibly resulting in a new problem record being raised.
Where an incident is considered to be serious in nature, or multiple occurrences of similar incidents are observed, a problem record might be created as a result (it's possible that the problem will not be recorded until several incidents have occurred). The management of a problem varies from the process of managing an incident and is typically performed by different staff and therefore is controlled by the problem management process. When its 'root cause' has been identified, it becomes a 'known error'. Finally, a request for change (RFC) may be raised to modify the system by resolving the known error. This process is covered by the change management
process.
A request for new additional service is not regarded as an incident, but as a request for service (RFS).
IT Service Management
IT service management is a discipline for managing information technology systems, philosophically centered on the customer's perspective of IT's contribution to the business. ITSM stands in deliberate contrast to technology-centered approaches to IT management and business interaction...
(ITSM) process area. The first goal of the incident management process is to restore a normal service operation as quickly as possible and to minimize the impact on business operations, thus ensuring that the best possible levels of service quality and availability are maintained. 'Normal service operation' is defined here as service operation within Service-level agreement (SLA). It is one process area within the broader ITIL
Itil
Itil may mean:*Atil or Itil, the ancient capital of Khazaria*Itil , also Idel, Atil, Atal, the ancient and modern Turkic name of the river Volga.ITIL can stand for:*Information Technology Infrastructure Library...
and ISO 20000
ISO 20000
ISO/IEC 20000 is the first international standard for IT service management. It was developed in 2005, by ISO/IEC JTC1 SC7 and revised in 2011. It is based on and intended to supersede the earlier BS 15000 that was developed by BSI Group....
environment.
ISO 20000 defines the objective of Incident management (part 1, 8.2) as
- To restore agreed service to the business as soon as possible or to respond to service requests.
Incidents that cannot be resolved quickly by the help desk will be assigned to specialist technical support groups. A resolution or work-around should be established as quickly as possible in order to restore the service.
Definition
ITILItil
Itil may mean:*Atil or Itil, the ancient capital of Khazaria*Itil , also Idel, Atil, Atal, the ancient and modern Turkic name of the river Volga.ITIL can stand for:*Information Technology Infrastructure Library...
terminology defines an incident as:
- Any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to or a reduction in, the quality of that service. The stated ITIL objective is to restore normal operations as quickly as possible with the least possible impact on either the business or the user, at a cost-effective price
ISO 20000
ISO 20000
ISO/IEC 20000 is the first international standard for IT service management. It was developed in 2005, by ISO/IEC JTC1 SC7 and revised in 2011. It is based on and intended to supersede the earlier BS 15000 that was developed by BSI Group....
defines an incident (part 1, 2.7) as:
- any event which is not part of the standard operation of a service and which causes or may cause an interruption to, or a reduction in, the quality of that service.
Incidents, problems and known errors
Incidents may match with existing 'problems' (without a known root causeRoot cause
A root cause is rarely an initiating cause of a causal chain which leads to an outcome or effect of interest. Commonly, root cause is misused to describe the depth in the causal chain where an intervention could reasonably be implemented to change performance and prevent an undesirable outcome.In...
) or 'known errors' (with a root cause) under the control of problem management and registered in the known-error database ( KeDB ). Where existing work-arounds have been developed, it is suggested that accessing these will allow the service desk to provide a quick first-line fix. Where an incident is not the result of a Problem or Known Error, it may either be an isolated or individual occurrence or may (once the initial issue has been addressed) require that problem management become involved, possibly resulting in a new problem record being raised.
Incidents and changes
Incidents are the result of failures or errors in the IT infrastructure. The cause of Incidents may be apparent and the cause may be addressed without the need for further investigation, resulting in a repair, a Work-around or a request for change (RFC) to remove the error.Where an incident is considered to be serious in nature, or multiple occurrences of similar incidents are observed, a problem record might be created as a result (it's possible that the problem will not be recorded until several incidents have occurred). The management of a problem varies from the process of managing an incident and is typically performed by different staff and therefore is controlled by the problem management process. When its 'root cause' has been identified, it becomes a 'known error'. Finally, a request for change (RFC) may be raised to modify the system by resolving the known error. This process is covered by the change management
Change Management (ITSM)
Change management is an IT service management discipline. The objective of change management in this context is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes to control IT infrastructure, in order to minimize the number and impact of...
process.
A request for new additional service is not regarded as an incident, but as a request for service (RFS).
Incident management processes
The main incident management processes are the following:- Incident detection and recording
- Classification and initial support
- Investigation and diagnosis
- Resolution and recovery
- Incident closure
- Incident ownership, monitoring, tracking and communication
- Establish incident framework management
- Evaluation incident framework management
Examples
Incidents should be classified as they are recorded, Examples of incidents by classification are:- Application
- service not available
- application bug
- disk-usage threshold exceeded
- Hardware
- system-down
- automatic alert
- printer not printing