Written by Ana Canteli on 17 July 2020
Incident Management is an ICT management process whose objective is to restore the usual level of service as soon as possible, while trying to minimize the impact that the interruption may have on business operations; ensuring, as much as possible, the maintenance of the best standards of availability and quality of service. The latter is what is known as a service level agreement (SLA).
Incidents may arise from pre-existing problems, known errors, or be the product of a single event, for which there is no prior evidence and for which no information is available. As you can see, incident management can arise from many situations, which is why providing your staff with the platform they can depend on is essential to create a team that shares principles, objectives, and values.
OpenKM's document management system offers all the functionalities, integration, extension, and customization capabilities that your company needs to create the best process management and incident management platform for your company.
Any organization can develop the classification that best suits their needs. Still, ITIL or the Information Technology Infrastructure Library offers a set of concepts and good practices that can be especially useful.
Following these recommendations, it is necessary to differentiate between incidents (unplanned service interruptions) and requests (anything that is inconvenient but does not mean a service interruption. For example a user returns from vacation and does not remember the password and we need to reset it).
Incidents are generally classified according to the assigned priority, this being the result of various considerations: number of users affected, services compromised, operating units affected, urgency, and others. This is where the service level agreement -SLA- becomes essential, since depending on the classification, categorization and possible status assignment (new, assigned, in progress, stopped / waiting, resolved, closed) the teams responsible for Incident management will have more or less time and resources at their disposal to manage the life cycle of incidents. We can mainly consider three categories:
Low priority: these are incidents for which we have prior information, including ad-hoc solutions. These are incidents that do not interrupt the activity of the users or the business because they can be resolved in production.
Medium priority: it affects a small proportion of the company personnel that substantially affects their work, so that other groups (clients, for example) may slightly perceive the effects of these indicators
High priority: it affects many users or clients so that the business is concerned, both internally (for example, a security incident) and externally (undelivered products or services). It usually has a financial impact.
Correctly classifying is a crucial step in incident management processes, as it achieves several goals. It provides workgroups with information based on the Incident Management Model, which allows automatic prioritization. Such information may also determine the assignment of the incident to a particular workgroup. As a result of the classification, patterns and trends can be better detected; in this way, it is easier to identify which incidents are most frequent and, therefore, to develop the most appropriate solution: change of procedure, training courses, or something else.
OpenKM offers category navigation so that you can see all the content that corresponds to a specific classification or categorization at a glance. Also, the Reports functionality allows us to obtain meaningful and detailed information on any aspect relevant to our objectives. And thanks to the subscription service, when an incident is declared or detected, the system immediately informs us about the event. From the search engine, we can retrieve any record based on any information we have: metadata, content, date, author, or any relevant data.
All incidents should be recorded in the organization's incident management system. Keep in mind that incidents can be reported by different actors and be reported in very different ways: a user can call, send an email, use a chat to report a problem, or even a technician can receive an automatic alert of a monitoring system. That is why it is vital to have an incident management system that adapts to our current and future needs, to exercise exhaustive control over service interruptions so that they are adequately treated and do not become an additional source of problems.
Once we have identified an incident, registering an incident means creating a new registry in the system, which will document all the necessary information about the event: date, the information provided by the user, description, and associated problems. OpenKM is an electronic records management system that guarantees the adequate treatment of this type of content, with particular attention to the control of the record's life cycle, including final disposal.
It is the fundamental step that will allow us to continue with the rest of the stages of the incident management process:
Investigation and diagnosis: After identifying and recording the incident, this step aims to determine the optimal solution to the incident.
Assignment or escalation: The employee in charge of this task will be able to make use of the knowledge base that the organization possesses and even implement the solution of the incident. If unable to resolve it, the knowledge base can provide information about the transfer of the incident to other departments or management groups.
Incident resolution: When the incident is resolved, service recovery can be implemented and verified.
Closure of incident: once the incident is resolved, it is confirmed that the affected users are satisfied with the resolution, and the incident can be closed. At this stage, we can check if the classification and categorization of the incident are correct or if they can be improved.
Satisfaction survey: the results of the satisfaction survey provided to users, together with the conclusions obtained, can be linked to the incidence register.
OpenKM, thanks to automatic tasks, among workflow and OCR engine can cover all incident related management processes.
The objectives of incident management are to facilitate the operational control of the business, increase productivity, maintain adequate service levels, promote the identification, and even prevention of incidents that may evolve in more severe cases.
Implementing an incident management system is done in part to achieve a series of objectives, because it provides a multitude of advantages, including:
Reduce costs by limiting the number of incidents to a minimum.
Decrease the duration of incidents, from the time they are identified and recorded in the system until they are resolved and closed.
Improve incident monitoring so that the operational impact is reduced.
Increase user and customer satisfaction by reducing interruptions.
Identify points of improvement and new potential in previously undetected opportunities.
Improve coordination between the IT department and the operating units.
Reduce the number of unregistered or lost incidents.
But we must not lose sight of the fact that incident management can be a complicated issue when not sensitive, therefore it is advisable to follow a series of tips:
Be flexible: you may have useful templates to ensure compliance with the incident management policy or a robust management model, but having structured management processes is not an excuse for not adapting to the times, changing needs, and the business vision that can change for many reasons.
Don't get hung up on easy resolutions: solving incidents on the first call is essential, especially for statistics. But be careful not to let yourself be carried away by the tyranny of metrics. It is better to provide quality solutions on the first call than to obtain incredible statistics, behind which many users hide their distrust in the service due to inadequate or mediocre experiences.
Collaborate: try to work in a network, in a coordinated and open way with other departments or areas, problem management, change management, etc.
Don't let incidents get over you: managing a large volume of incidents supported by a small human group can discourage staff, offer low-quality ratios, which can negatively affect the entire management cycle.