Assessing the Incident Management Process

Any particular instance of an incident management process exists along a maturity spectrum. The questions are largely adapted from those published by the itSMF in regards to ITILv2 and can help to map that level of maturity.

1.      Process Preconditions

1.1.    Are incident records maintained for all reported incidents?

1.2.    Are incidents currently assessed and classified by the Service Desk prior to referring them to a specialist?

1.3.    Is there an incident manager responsible for managing and escalating incidents?

1.4.    Is the business committed to reducing the impact of incidents by their timely resolution?

1.5.    Is there sufficient management commitment, budget and resources available for incident management?

1.6.    Have Incident Management been made aware of the business drivers and needs which will drive the priority for dealing with incidents?

1.7.    Has an education and training program been conducted for the Service Desk and incident managers outlining their relationships and interfaces with each other and with problem, change and configuration management?

 2.      Process Capability

2.1.    Is an incident database maintained recording details for all reported incidents?

2.2.    Is the incident management process documented?

2.3.    Are all incidents managed in conformance with the documented procedures and terms documented in SLAs?

2.4.    Is there a procedure for classifying incidents, with a detailed set of classification, prioritization and impact codes?

2.5.    Is there a procedure for assigning, monitoring and communicating the progress of incidents? 7

2.6.    Does incident management provide the Service Desk or Customer/User with progress updates on the status of incidents?

2.7.    Is there a procedure for the closure of incidents?

2.8.    Does incident management provide the Service Desk with management information and recommendations for service improvement?

2.9.    Are incident managers empowered to enforce agreed customer service levels with second line support and third party suppliers?

2.10.  Do incident managers co-ordinate problem management, support staff and IT services management when a major incident occurs?

2.11.  Has a study of the workload mix been conducted to determine the required staff levels, skill type and the associated costs of incident management?

2.12.  Does incident management match incidents against the problem and known error database?

2.13.  Does incident management inform the Service Desk and problem management of workarounds?

2.14.  Are incidents which breach agreed service level targets identified and the incident resolution team informed of the breach?

2.15.  Are incident records maintained for all reported incidents (including resolution and/or workaround)?

2.16.  Are requests for changes produced, if necessary, for incident resolution?

2.17.  Are resolved and closed incident records updated and clearly communicated to the Service Desk, customers and other parties?

 3.   Inter-Process Integration (i.e., in relationship to other service management processes)

3.1.    Does the organization hold regular meetings with the Service Desk to discuss incidents raised, progressed, escalated and closed?

3.2.    Have the interfaces between the Service Desk and incident management been defined and communicated?

3.3.    Does incident management exchange information with Problem Management concerning related problems and / or known errors?

3.4.    Does incident management exchange information with Configuration Management regarding ease of use of configuration records, configuration anomalies and the potential flagging of configuration item, e.g. as ‘failed’ (or equivalent)?

3.5.    Does incident management receive information from Change Management regarding impending changes to services?

3.6.    Does incident management exchange information with Change Management regarding the details of possible changes to resolve particular incidents / problems?

3.7.    Does incident management exchange information with Service Level Management concerning breaches in service level agreements and the service and support commitments they contain?

 4.      Quality Control

4.1.    Are the standards and other quality criteria applicable for the registration of incidents and for call handling made clear to the incident management team?

4.2.    Are Service Level Agreements available and understood by incident management?

4.3.    Are the personnel responsible for incident management suitably trained?

4.4.    Does the organization set and review either targets or objectives for incident management?

4.5.    Are there suitable tools in use to support the Incident Management function?

4.6.    Is a workload analysis produced to help determine staffing levels?

 5.      Reporting

5.1.    Are reports regularly produced for all the teams contributing to the incident resolution process, concerning incident status?

5.2.    Are management reviews held to highlight escalated incident details?

5.3.    Does incident management provide management with information concerning trend analysis in incident occurrence and resolution?

5.4.    Does incident management provide management with information concerning escalated incidents?

5.5.    Does incident management provide management with information concerning percentage of Incidents handled within agreed response time?

5.6.    Does incident management provide management with information concerning percentage of incidents closed by Service Desk without reference to other levels of support?

<<-Back to Incident Management