Incident management & its role in your business

Man Sitting Alone In Office Late At Night Watching Computer

Posted on July 20, 2021 by Dan May

‘By failing to prepare, you are preparing to fail’ is an old saying, and one that rings true with incident management. When done correctly, incident management will improve the running of your business.

What is incident management?

Incident management, in the context of IT, is about responding to a computer or IT systems incident. This could be anything from the internet, through to meeting room technology or telephone lines. Incident management will also include responding to issues related to either physical devices or programs on a computer.

The standard and code of practice, ISO 20000, defines the objective of incident management as: “To restore agreed service to the business as soon as possible or to respond to service requests.”

In practice, this is often a response plan, escalation process and then execution.

ITIL (IT Infrastructure Library) created a formal process for incident management that IT teams can work towards in the 1980s. This happened after the UK government was disappointed by their IT response times and wanted a way to improve IT managers processes.

Since then, ITIL has developed and now holds a range of formal processes for IT managers, such as system design and others.

Today, the ITIL incident management process is widely accepted and adopted as an industry-leading standard.

The importance of incident management

Incident management isn’t just a process for finding repeated issues in an IT system. It’s creating a lifecycle that ensures the service management is efficient, and that each incident is responded to in a similar manner.

It’s an important part of any IT response, as it not only ensures the problem is dealt with, but that it is recorded, communicated, and enables vital business continuity.

Incident management also improves employee satisfaction – if IT systems are constantly down or negatively impacted, then it becomes irritating and unproductive for employees.

By creating a cohesive, seven step plan based on ITIL’s core incident management framework, incident management becomes effective and improves productivity.

Creating a response plan

As a business, it can be tricky to manage incidents, especially as the company grows and the tech gets more complicated. Each company’s situation is different, and they have specifics on how their team works. To create a response plan, the below ITIL core seven steps to incident response framework is ideal.

As it’s a ‘Framework’, you can adjust as needed around what your companies’ requirements are.

ITIL compliance comes from making their framework adapt to your business rather than simply following their exact method as it is written.

Below, we have gone through the seven steps to incident management according to ITIL’s framework, and how you can apply it to your business.

ITIL’s core seven steps to incident management

Incident identification

The first step in any plan is getting identification. This could be a programmed notification, a user notifying the service helpdesk, or a developer noting their own bug and recording it in a project management system. Any way that an incident is identified is a valid one.

Logging an incident

When logging an incident, it’s also necessary to add all relevant details such as device type, date, time description, version of software, such as Windows 10, or applicable details. The more information, the better, as this can inform the resolution much quicker.

Logging an incident can be done through a ticketing system, spreadsheet or be manually noted somehow. It’s best to choose a program that is scalable, and one that all your staff can use with ease.

Once an incident of any kind has been identified, it needs both classification and prioritisation.

Classification of an incident can be related to device type, frequency or tailored to what your company needs. For example, you could class incidents as “Mobile”, “Desktop” or “Tablet”.

Prioritisation is normally P1, P2, P3 etc. You could define the following as: P1 (halt everything as the company could fail because of this), P2 (urgent but not at risk of company failure), P3 (can be done tomorrow, affects less users). These definitions are flexible and should be changed from company to company.

Incident investigation/diagnosis

Whether user error or a system issue, investigation is normally the job of first point of call, such as your internal IT manager or an external IT support team. They can try and recreate the issue and provide a resolution if possible. This could be an FAQ page, or by talking the user through steps to fix.

In some cases, it could be as simple as password reset emails or turning it off and on again. Nevertheless, this is still a resolution and an incident solved.

Assignment or escalation

If the initial responder cannot resolve the issue, it must be escalated or assigned to someone else. This could be a senior support person, technical team, or someone relevant. Escalation plans are unique to each company’s situation based on your team size and work rate.

Resolving the incident

Once the incident has been fixed, it can be reported back to the user and tested to see if it has been resolved correctly.

Closing the ticket

After all involved agree the incident has been resolved correctly, the ticket can be closed and logged for future referencing in case a similar incident occurs.

Rating the experience

In order to improve your incident management, it’s best practice to ask a user whether they were satisfied with the experience and welcome any further feedback. This could be a call, a form or simply a star rating with optional long text box.

These seven steps highlight a basic response plan that is the core framework of ITIL compliance and are considered best practice in the IT world.

Incident management and ramsac

If you’re unsure as to how you can improve your incident management or implement the ITIL framework in your company, then why not speak to ramsac about our IT support services. We can provide cost efficient IT solutions that meet your employee’s needs, 24 hours a day.

Get In Touch

Related Posts

  • Cyber Essentials: Transitioning from the Montpelier to Willow Question Set
    March 11th, 2025

    Cyber Essentials: Transitioning from the Montpelier to Willow Question Set

    Cybersecurity

    Cyber Essentials is evolving, on April 28, 2025, the Willow question set will replace Montpelier. Discover what’s changing, how it affects your certification, and how ramsac can help you [...]

    Read article

  • Achieving ISO 27001 Certification: Advancing Information Security Excellence
    March 7th, 2025

    Achieving ISO 27001 Certification: Advancing Information Security Excellence

    ITTechnical Blog

    Discover how we achieved ISO 27001 certification, the challenges we faced, and the lessons we learned, plus how we can support your journey to stronger information security. [...]

    Read article

  • How to know if a Microsoft security alert is real
    March 5th, 2025

    How to know if a Microsoft security alert is real

    CybersecurityMicrosoft 365

    Microsoft security alert emails help you to know if someone is potentially trying to illegally access your Microsoft account. However, scammers and cybercriminals are well aware of this and [...]

    Read article

  • Infographic: Cybersecurity protection vs home protection
    February 18th, 2025

    Infographic: Cybersecurity protection vs home protection

    Cybersecurity

    Just like protecting your home requires more than a single lock, your business needs multiple layers of cybersecurity to stay resilient. Discover how home security principles apply to cyber [...]

    Read article

  • The hidden cost of technical debt: Why your organisation can’t afford to ignore it
    February 13th, 2025

    The hidden cost of technical debt: Why your organisation can’t afford to ignore it

    IT

    Technical debt can silently undermine your business, increasing costs and security risks while limiting innovation. Learn what it is, how it affects your operations, and how to manage it [...]

    Read article

  • Hacker Misconceptions: The Good, The Bad, and The Grey
    February 5th, 2025

    Hacker Misconceptions: The Good, The Bad, and The Grey

    Cybersecurity

    When you hear the word hacker, you probably think of criminals in dark hoodies, but the reality is far more complex—some hackers protect us, some exploit us, and some [...]

    Read article

Quiz yourself

Are you more cyber savvy than an 11 year old?

11-14 year olds get asked these questions in school. Could you get these right?

X