Difference between revisions of "Incident management"

From CNM Wiki
Jump to: navigation, search
(Definitions)
Line 6: Line 6:
 
:[[Incident management]]. The practice of minimizing the negative impact of incidents by restoring normal service operation as quickly as possible.
 
:[[Incident management]]. The practice of minimizing the negative impact of incidents by restoring normal service operation as quickly as possible.
  
 +
==Purpose==
 +
The purpose of the incident management practice is to minimize the negative impact of incidents by restoring normal service operation as quickly as possible.
 +
 +
 +
▪ An incident is an unplanned interruption to a service, or reduction in the quality of service.
 +
 +
● Incidents should be logged.
 +
● Incidents should be managed to meet agreed target resolution times.
 +
● Incidents should be prioritized.
 +
o Design the incident management practice appropriately for different types of incidents
 +
▪ Incidents based on different impact
 +
▪ Major incidents
 +
▪ Information security incidents
 +
o Prioritize incidents
 +
▪ Based on agreed classification
 +
▪ Ensure incidents with highest business impact are resolved first
 +
o Use a robust tool to log and manage incidents
 +
▪ Link to configuration items, changes, problems, known errors and other knowledge
 +
▪ Provide incident matching to other incidents, problems or known errors
 +
o Incidents may be escalated to a support team for resolution. The routing is typically based on the incident category. Anyone working on an incident should provide quality, timely updates. Incident management requires a high level of collaboration within and between teams.
 +
o Some organizations use a technique called swarming to help manage incidents. This involves many different stakeholders working together initially, until it becomes very clear which of them is best placed to continue and which can move on to other tasks.
 +
▪ Collaboration can facilitate information sharing and learning as well as helping to solve the incident more efficiently and effectively.
 
[[Category: Articles]][[Category: Information Technology]]
 
[[Category: Articles]][[Category: Information Technology]]

Revision as of 15:02, 29 December 2020

Incident management (hereinafter, the Practice) is the practice to minimize the negative impact of incidents by restoring normal service operation as quickly as possible. The Practice relates to incident and service management. This Practice is a part of the ITIL practices.


Definitions

According to the ITIL Foundation 4e by Axelos,

Incident management. The practice of minimizing the negative impact of incidents by restoring normal service operation as quickly as possible.

Purpose

The purpose of the incident management practice is to minimize the negative impact of incidents by restoring normal service operation as quickly as possible.


▪ An incident is an unplanned interruption to a service, or reduction in the quality of service.

● Incidents should be logged.
● Incidents should be managed to meet agreed target resolution times.
● Incidents should be prioritized.
o Design the incident management practice appropriately for different types of incidents
▪ Incidents based on different impact
▪ Major incidents
▪ Information security incidents
o Prioritize incidents
▪ Based on agreed classification
▪ Ensure incidents with highest business impact are resolved first
o Use a robust tool to log and manage incidents
▪ Link to configuration items, changes, problems, known errors and other knowledge
▪ Provide incident matching to other incidents, problems or known errors
o Incidents may be escalated to a support team for resolution. The routing is typically based on the incident category. Anyone working on an incident should provide quality, timely updates. Incident management requires a high level of collaboration within and between teams.
o Some organizations use a technique called swarming to help manage incidents. This involves many different stakeholders working together initially, until it becomes very clear which of them is best placed to continue and which can move on to other tasks.
▪ Collaboration can facilitate information sharing and learning as well as helping to solve the incident more efficiently and effectively.