Home » ITIL » ITIL® Incident Management – Putting Out the Fire

ITIL® Incident Management – Putting Out the Fire

SolutionsIncreasingly complex technology means that IT Incidents are now an almost inevitable feature of modern business, no matter how robust the IT governance that’s in place. And every time an IT Incident occurs, there’s an impact on business productivity, the reputation of IT and, in some cases, even the standing of the organization itself.

This is why the ITIL® Best Practice dedicates an entire process to recovering normal service operation, or ‘putting out the fire’, as quickly as possible. It’s also why Incident Management is the most commonly implemented ITIL discipline of all, irrespective of the IT maturity level of an organization.

ITIL Best Practice

ITIL is short for the ‘Information Technology Infrastructure Library®,’ which is an international, industry recognized best practice framework for IT Service Management. ITIL is renowned for its pragmatic, no-nonsense approach to identifying, planning, delivering and supporting IT services in the business and is comprised of five key stages: Service Strategy, Service Design, Service Transition, Service Operation and Continual Service Improvement.

Incident Management

Incident Management falls under the Service Operation stage, which administers all of the processes and activities required to manage services for business users and customers. It also manages the technology required to provide and support these services. The primary goal of Incident Management is to restore normal service operation (which ITIL defines as within the Service Level Agreement) as quickly as possible and to minimize any adverse impact on the business or to customers.

What is an Incident?

ITIL classifies an Incident as ‘any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service.’ This can range from a major system outage, which affects an entire organization, to an individual end user who has forgotten their password.

Key Incident Management Processes

Incident Managers coordinate the resolution of an Incident from its initial identification through to its eventual resolution and closure, which involves close collaboration with the Service Desk, Support Teams, Change Management, and Problem Management. And, as they often spend a significant portion of their time reporting on the progress of high severity Incidents to Senior Management, Incident Managers must be able to translate technical jargon into information that’s accessible for a business audience.

The ITIL Incident Management process includes:

  • Identification – Incidents can be reported by end users via the Service Desk or detected automatically using sophisticated monitoring tools.
  • Registration – ITIL recommends that all IT Incidents be logged in a centralized tool.
  • Categorization – Incidents are categorized according to type and status.
  • Prioritization – Incidents are prioritized according to their impact on the business (severity) and the urgency to resolve (based on the SLA). This determines how support staff and tools will subsequently process the Incident.
  • Diagnosis – initial Incident diagnosis (and wherever possible, resolution) is normally carried out by Service Desk personnel
  • Escalation – Incidents are passed to 2nd and 3rd level support teams for further investigation whenever the Service Desk cannot progress.
  • Investigation and Diagnosis – if there is no known solution, an in-depth investigation and diagnosis is carried out by the appropriate technical resource.
  • Resolution and Recovery – once a resolution has been determined, remedial action can be taken. This may involve raising a Change Request or an Emergency Change Request via the Change Management Process.
  • Communication – individual end users or business departments are kept regularly informed of an Incident’s status via the Service Desk or Incident Manager, depending on the severity.
  • Incident Closure – an Incident is finally closed once the end user, customer or business area affected has confirmed that they are satisfied with the resolution.

The Benefits of Implementing ITIL Incident Management

Implementing an ITIL aligned Incident Management process won’t necessarily prevent IT Incidents from occurring, but it will ensure that there are adequate processes in place to handle them effectively and with minimum disruption to the business. The benefits include but are not limited to:

  • Reduced business impact (and financial loss) of IT Incidents through timely resolution
  • Proactive identification of system improvements
  • More efficient use of IT resources from Service Desk personnel to Technical Support staff
  • Improved ability to track Incidents and Service Requests
  • Enhanced communication and better expectation management
  • Increased customer satisfaction
  • Improved ability to measure, monitor and report on IT SLA performance


Tags: , , , , ,

About this author:


Frank is a leading trainer in IT Security.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.