Incident Management

ITIL defines incidents as “any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service”. The Service Desk is responsible for the monitoring the resolution of all registered incidents and is, in effect, the owner of all incidents. The Service Desk may assign incidents that cannot be resolved immediately to functional groups or fix agents. Incident Management includes the following activities:

Incident recording and alerting

All incidents should be recorded in terms of symptoms, basic diagnostic data and information about the configuration item(s) and service(s) affected. Irrespective of the mechanism or pathway through which incidents are recorded, the Service Desk should receive appropriate alerts and maintain overall control.

Incident support and classification

Incident records raised should be analyzed to discover the reason for the incident. Incidents should also be classified, and it is this classification system that further resolution actions are based.

Investigation and diagnosis

Wherever possible, the user should be provided with the means to continue their business functions, perhaps via a degraded service. Every effort should be made to minimise the impact of the incident on the business and to provide more time to investigate and devise a structural resolution.

Resolution and recovery

After successful execution of the resolution or circumvention activity, service recovery actions can be carried out, often by specialist staff. The incident management system must allow the recording of events and actions during the resolution and recovery activity. Incident tracking and customer/user communication Procedures need to be in place to guarantee that each individual incident is resolved within the agreed timeframes, or at least, as soon as possible.

Incident ownership, monitoring and closure The Service desk is responsible for owning and overseeing the resolution of all outstanding incidents whatever the initial source. When the incident has been resolved, the Service Desk must ensure that the incident records are completed and are accurate, and that the resolution is agreed with the customer.

The graphic below, from the ITILv2 literature, depicts the process.


Organizations frequently assess their incident management process to determine where they reside in process maturity.




 <<-Back to ITIL