Difference between revisions of "Incident management"
(→Purpose) |
(→Key approaches) |
||
Line 9: | Line 9: | ||
The purpose of the incident management practice is to minimize the negative impact of incidents by restoring normal service operation as quickly as possible. | The purpose of the incident management practice is to minimize the negative impact of incidents by restoring normal service operation as quickly as possible. | ||
− | == | + | ==Best practices== |
− | An [[incident]] is an unplanned interruption to a service, or reduction in the quality of service. All incidents should be logged, prioritized, and resolved while meeting agreed target resolution times. | + | An [[incident]] is an unplanned interruption to a service, or reduction in the quality of service. All incidents should be logged, prioritized, and resolved while meeting agreed target resolution times. Other [[best practice]]s include the following. |
− | + | ===Design=== | |
− | + | :To design the incident management practice appropriately for different types of incidents based on different impact. Major incidents include those that affect [[information security]]. | |
− | + | ||
− | + | ===Prioritization=== | |
− | + | :To prioritize incidents based on agreed classification while ensuring that the incidents with highest business impact are resolved first. | |
− | + | ||
− | + | ===Systematization=== | |
o Use a robust tool to log and manage incidents | o Use a robust tool to log and manage incidents | ||
▪ Link to configuration items, changes, problems, known errors and other knowledge | ▪ Link to configuration items, changes, problems, known errors and other knowledge | ||
▪ Provide incident matching to other incidents, problems or known errors | ▪ Provide incident matching to other incidents, problems or known errors | ||
o Incidents may be escalated to a support team for resolution. The routing is typically based on the incident category. Anyone working on an incident should provide quality, timely updates. Incident management requires a high level of collaboration within and between teams. | o Incidents may be escalated to a support team for resolution. The routing is typically based on the incident category. Anyone working on an incident should provide quality, timely updates. Incident management requires a high level of collaboration within and between teams. | ||
+ | |||
+ | ===Swarming=== | ||
o Some organizations use a technique called swarming to help manage incidents. This involves many different stakeholders working together initially, until it becomes very clear which of them is best placed to continue and which can move on to other tasks. | o Some organizations use a technique called swarming to help manage incidents. This involves many different stakeholders working together initially, until it becomes very clear which of them is best placed to continue and which can move on to other tasks. | ||
▪ Collaboration can facilitate information sharing and learning as well as helping to solve the incident more efficiently and effectively. | ▪ Collaboration can facilitate information sharing and learning as well as helping to solve the incident more efficiently and effectively. | ||
[[Category: Articles]][[Category: Information Technology]] | [[Category: Articles]][[Category: Information Technology]] |
Revision as of 15:23, 29 December 2020
Incident management (hereinafter, the Practice) is the practice to minimize the negative impact of incidents by restoring normal service operation as quickly as possible. The Practice relates to incident and service management. This Practice is a part of the ITIL practices.
Contents
Definitions
According to the ITIL Foundation 4e by Axelos,
- Incident management. The practice of minimizing the negative impact of incidents by restoring normal service operation as quickly as possible.
Purpose
The purpose of the incident management practice is to minimize the negative impact of incidents by restoring normal service operation as quickly as possible.
Best practices
An incident is an unplanned interruption to a service, or reduction in the quality of service. All incidents should be logged, prioritized, and resolved while meeting agreed target resolution times. Other best practices include the following.
Design
- To design the incident management practice appropriately for different types of incidents based on different impact. Major incidents include those that affect information security.
Prioritization
- To prioritize incidents based on agreed classification while ensuring that the incidents with highest business impact are resolved first.
Systematization
o Use a robust tool to log and manage incidents ▪ Link to configuration items, changes, problems, known errors and other knowledge ▪ Provide incident matching to other incidents, problems or known errors o Incidents may be escalated to a support team for resolution. The routing is typically based on the incident category. Anyone working on an incident should provide quality, timely updates. Incident management requires a high level of collaboration within and between teams.
Swarming
o Some organizations use a technique called swarming to help manage incidents. This involves many different stakeholders working together initially, until it becomes very clear which of them is best placed to continue and which can move on to other tasks. ▪ Collaboration can facilitate information sharing and learning as well as helping to solve the incident more efficiently and effectively.