When something breaks in IT, Incident Management is the process that comes to the rescue. Singularly focused on getting interrupted IT services restored to customers as soon as possible, the Incident Management process is owned by the Service Desk. In some organizations, the heroes of the Service Desk take calls, emails, portal submissions, texts, and even tweets from customers experiencing incidents all day, every day.
Perhaps because Incident Management is so routine, it’s often overlooked when it comes time to make process improvements (this, friends, is when it devolves into fire-fighting). Let’s break that habit and start giving Incident Management the attention it deserves. Here is some low hanging fruit to get you started with improving your organization’s Incident Management process, along with an overview of other ITIL processes impacted by Incident Management to keep in mind as you dig in.
Review Your Incident Categories
A simple yet effective way to improve how you handle every day, break-fix incidents is to look at how they’re being categorized. When a Service Desk agent opens a ticket, one of the first things they’ll do – after confirming that it is, in fact, an Incident and logging the ticket – is categorize the type of incident they think it is.
Categorization is extremely helpful when it comes to reporting, so it’s important to ensure the categories you have listed are in good shape. One way to do this is to review the categories you currently have listed for incidents and determine whether they’re current, relevant, and accurate. There’s almost always an opportunity to streamline or consolidate this list. Keep an eye out for which categories are being used most frequently (Are they overly broad? Is one being used as a catch-all? Are they perfectly accurate and revealing a larger problem in need of attention?) and those that are rarely or never used (Is that service retired? Is it worded poorly? Is it just right but happens to be something that rarely goes wrong?). It’s also not a bad idea to make the list of your top ten incident categories and kick it up to leadership to investigate. A thorough review of this list, and even minor tweaks to it, can go a long way toward improving your Incident Management process. Patterns will emerge over time, and you’ll start to see better IT reporting.
NOTE: Two hundred incident categories (yes, I have actually seen that) is WAY too many. Pare that list down. Same goes for the number of services listed in your service catalog.
Automate Incident Escalation
After you’ve gotten your list of incident categories to a good place, it’s time to automate ticket escalation. Take some time to sit down with your team and discuss where tickets of different categories should be sent and identify where you’ve been running into problems. A robust Service Desk platform will be able to reroute tickets to the appropriate team for resolution without issue, saving your Service Desk agents a ton of time.
Automate Template Creation for Common Incident Types
Another helpful way to automate the Incident Management process is by creating templates within your Service Desk platform for incidents commonly reported to the Service Desk. This basically consists of defining instructions that, at the click of a button, allow Service Desk agents to populate a ticket, instantaneously run through the steps, and close it out. Templates allow your Service Desk to handle Incidents more quickly, freeing up time for agents to document the activities they do frequently (you’ll find this to be a common theme).
Leverage the Combined Strength of Event Management, Problem Management, and Incident Management
The two major processes most closely linked with Incident Management are Problem Management and Event Management. Their relationship is such that if you improve one, the other two will become more effective, as well. Here’s why:
Event Management uses technology to catch things before they break. This mean if you have a solid Event Management process, you’ll end up with fewer incidents in the first place. Problem Management, on the other hand, gets involved in those cases when events do become incidents; It addresses the underlying, often mysterious errors that result in multiple reported incident. So, like Event Management, a solid Problem Management process leads to fewer incidents.
These interdependencies make it important to talk with Event and Problem Management teams when you’re looking to improve Incident Management. There are likely ways to combine efforts and help one another (reusing those newly revised incident categories for problem categorization, for example).
Work with other ITIL Processes that Impact Incident Management
Improving Incident Management is so important because this seemingly self-contained process is impacted by and impacts several other important ITIL processes. Below is a list of important interfaces, organized by service lifecycle phase:
- Financial Management: Handling Incidents has a cost, and that cost has an impact on IT services. The more we can automate the Incident Management process and resolve Incidents at the Service Desk – or, better yet, allow customers to resolve their own issues via an online knowledge base on a customer portal – the less costly it is to IT and the overall organization.
- Service Level Management: This process helps us create SLAs with our customers, which will include detail around how we handle Incidents. When our response and/or resolution times improve, so will our SLAs – along with customer satisfaction. You will want to work with your Service Level Manager to better understand IT’s existing SLAs and look for areas where the IT organization can improve. Further, understanding what’s in IT’s SLAs will help the Service Desk better prioritize and resolve incidents.
- Availability Management: When incidents happen, the availability of the associated IT service will be impacted. Understanding how incidents effect overall availability in existing SLAs will help IT identify areas where the Service Desk and other IT activities can be refined.
- Security Management: Security-related incidents must be handled quickly and confidentially. It’s important to have a process for handling security-related incidents within your Service Desk platform in place.
- Change Management: This process helps us better manage and control change within IT. Your Service Desk platform should allow you to link incidents and problems to changes, so you can track necessary changes and have visibility into how issues in your environment are resolved.
- Configuration Management: This process is focused on managing our assets. Being able to tie incidents to asset records (or what we ITIL nerds call “Configuration Items”) will allow you to do better troubleshooting and perform Problem Management effectively.
- Knowledge Management: This process can dramatically improve the effectiveness of the Service Desk. One way is by having second or third line technicians capture details on how to resolve common Incidents that are escalated to their teams. Making this information available to the Service Desk allows them to quickly resolve those incidents themselves, avoiding further escalation. There are also some inexpensive tools like BeyondTrust that allow technicians to record and attach a video of how they resolved an incident (an added bonus here is that they don’t have to write an article).
- Access Management: This process is focused on how we manage access when it comes to on-boarding, off-boarding, and changing employee roles. The Service Desk will likely serve as the entry point for access requests and can provide feedback on how this process can be improved. This is another good candidate for automation.
- Request Fulfillment: In addition to managing Incidents as they arise, the Service Desk will also regularly handle customer requests. Again, the more we can automate here the better. If common requests are built into the system and customers are given a portal where they can submit requests, Service Desk agents will field fewer calls, freeing up their time for other things. Just like creating a top ten list of incident categories, it can be extremely helpful to make one for your most common requests. If you can automate them, do it.
The implications of Incident Management stretch across the organization – from colleagues to customers. Don’t be intimidated, though! These few changes alone carry a lot of weight and will get you headed down the path of designing an Incident Management process that’s just right for your organization.