This is probably the most common ITIL discipline utilised throughout Organisations regardless of the level of ITIL maturity. The goal of ITIL Incident Management is to restore normal Service Operation as quickly as possible with minimum disruption to the business, thus ensuring that the best achievable levels of availability and service are maintained.
Having stated the goal of Incident Management, what is the purpose of implementing it in a formal and consistent manner when many Organisations 'do it' anyway?
- It ensures that the resources utilised to support the business are fully optimised, not only IT and business staff resources but also technological resources, for example the supporting infrastructure (servers, networks etc.)
- Developing and maintaining meaningful records relating to Incidents. This forms the basis of Management Information or MI. Without having this information it is impossible for IT and the business to make informed decisions relating to the existing or even future service provision.
What is an Incident? An Incident is any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in the quality of that service.
The key responsibilities of ITIL Incident Management are broken down as follows:
- Incident detection and recording
- Classification of all Incidents and initial support
- Investigation and diagnosis
- Resolution and recovery
- Incident closure
Throughout the lifecycle of an Incident, Incident Management is responsible for the ownership, monitoring, tracking and communication of Incidents. This will happen continuously at any of the above stages.
As with all of the ITIL disciplines none of them are stand alone, they inter-link with each other and Incident Management is no exception. The ITIL Service Desk will usually play the key role within the Incident Management process. They are typically the single point of contact, recording and monitoring the progress of Incidents as well retaining ownership of them throughout their lifecycle.
There is also a close link with ITIL Problem Management. Where the root cause of an Incident is unknown a Problem record will be raised if further investigation is required. Where the root cause is known, the Problem becomes a Known Error and will often require a request for change (RFC) to be raised to rectify the issue, via ITIL Change Management. The Incident, Problem and Change lifecycle is a logical flow from error to resolution.
Within the Incident Management process, Major Incidents can occur. Major Incidents are when the impact on the User community is extreme, for example a complete loss of service on the network or business critical system(s)/service(s) are unavailable. Once a Major Incident has been diagnosed ITIL Problem Management typically step in and take over the running of the Major Incident leaving the Service Desk 'free' to record actions and keep the User community informed of progress.
The business benefits of itil Incident Management are as follows:
- Timely resolution of Incidents, reducing business impact and increasing effectiveness
- Proactive identification of beneficial system enhancements / amendments
- Business focussed Management Information related to Service Level Agreements (SLAs)
The IT related benefits of Incident Management are:
- Improved monitoring and measurement of performance against SLAs
- Enhanced Management Information regarding service quality
- Improved staff utilisation / increased efficiency
- Lost / incorrect Incidents / service requests eradicated
- Improvements in accuracy of the ITIL Configuration Management Database (CMDB). This can be audited by the Service Desk as Incidents are recorded
- Increased User / Customer satisfaction
The potential problems of implementing ITIL Incident Management are:
- Lack of visible management / staff commitment and no implementation resources
- Unclear business needs / requirements
- Working practices not reviewed and changed
- Poorly defined service objectives goals and responsibilities
- No provision of agreed customer service levels
- Lack of knowledge for resolving Incidents
- Inadequate staff training
- Lack of integration with other processes
- Lack of tools and budget to automate the process
- Overall resistance to change
The main costs of Incident Management are:
- Setting up the function
- Staff, training and accommodation
- Tools including an integrated ITIL Service Management toolset and additional reporting packages.
- Regular audits and reviews and associated improvement projects
Failing to implement Incident Management may result in the following:
- No management / escalation of Incidents, with potential impact on IT service quality increased
- Specialist support staff working with direct interruption from Customers, consequently making the support staff less effective both in cost and productivity
- Business staff being disrupted as colleagues seek their advice
- Incidents frequently re-assessed from first principle rather than reference to existing solutions or knowledge base
- Lack of co-ordinated Management Information
- Lost / incorrectly / badly managed Incidents