IT SERVICES:

INCIDENT MANAGEMENT
PROCESS
Contents:
1.0 Objectives & Scope .................................................................................................................. 2
1.1 Objective ................................................................................................................................... 2
1.2 Scope of Support ....................................................................................................................... 2
2.0. Definitions ................................................................................................................................ 3
2.1 Incident ................................................................................................................................. 3
2.2 Request ................................................................................................................................. 3
2.3 Problem ................................................................................................................................. 3
2.4. Priority.................................................................................................................................. 3
2.5. Response .............................................................................................................................. 3
2.6. Resolution ............................................................................................................................ 3
3.0 Input to the Incident Management Process ............................................................................. 3
1.2 4.0. Output from the Incident Management process ......................................................... 3
5.0. Roles and Responsibilities ........................................................................................................ 4
5.1 - Incident Manager ................................................................................................................ 4
5.2 – IT Service Desk Analyst ....................................................................................................... 4
5.3 – Second and Third Line Support Staff .................................................................................. 4
6.0. Process Activities...................................................................................................................... 5
7.0. Interfaces with other processes ............................................................................................... 5
8.0 Performance Indicators: ........................................................................................................... 5
Appendix 1: Incident Management Activity Descriptions.......................................................... 6
Appendix 2: Priority Matrix and SLA Targets .............................................................................. 7
Appendix 3: Incident Management Process Diagram: ............................................................... 8

Page 1 of 8 Draft v0.1

Introduction:

The purpose of this document is to detail the working framework of the Incident Management process for FX
Plus IT Services. The document covers responsibilities, scope, key deliverables, interfaces and dependencies
within the IT infrastructure.

1.0 Approval
This process has been reviewed and approved by:

Name Role Date

2.0 Objectives & Scope

The goal of the Incident Management process is to resolve incidents and service requests as quickly as
possible, minimising the impact on the business operation.

Incident Management is the process that enables the registering, management and control of disruption to
normal IT service operations as reported by the business.

2.1 Objective

 Restore normal service operation as quickly as possible, wherever possible and with minimal impact to
clients.
 Reduce time taken to resolve incidents.
 Facilitate a reduction of avoidable incidents.
 Ensure higher levels of service availability.
 Contribute to a higher quality of service.
 Provide data for the production of comprehensive and accurate management information on the
quality of service and customer support.

2.2 Scope of Support

The Incident Management process applies to all incidents reported in relation to any IT Service delivered and
supported by FX Plus IT Services.

Any registered student or member of staff who contacts the Service Desk to report an issue or log an IT related
service request will have their issue recorded on the IT Service Desk tool (ITSM Tool) on their behalf.
Each issue recorded by the Service Desk will be categorised as either an Incident or a Request and will be
handled in accordance with either the IT Services’ Incident Management or Request Fulfillment framework.

Page 2 of 8 Draft v0.1

3.0. Definitions
3.1 Incident
An incident is defined as an unplanned interruption to an IT Service or a reduction in the Quality of an IT
Service. Example incidents are detailed below:

 Network failing or too slow

 Server or infrastructure failure
 PC or Laptop not working
 Email service not working
 Failure of a Configuration Item (CI) that has not yet impacted service is also an Incident (e.g. failure of
overnight backups).

3.2 Request

ITIL defines a Service Request as: “a formal request from a user for something to be provided – for
example, a request for information or advice; to reset a password; or to install a workstation for a
new user.”

Request Fulfilment is a distinct separate process defined within ITIL.

3.3 Problem
A problem is the root cause of one or more incidents. Problems can be raised in response to one or
more incidents, or they can be raised without the existence of a corresponding incident. Problems lie
at the root cause of incidents, Incidents are the effect of underlying problems

3.4. Priority
Priority is determined by utilising a combination of the incident’s impact and urgency. For a full
explanation of the determination of priority refer Appendix 2.

3.5. Response
Time elapsed between the time the incident is reported and the time it is logged in the ITSM tool
and a call reference number provided to the end user.

2.6. Resolution
Service is restored to a point where normal service is restored. In some instance this may only be a
work around solution until the root cause of the incident is identified and corrected via the Problem
Management process.

4.0 Input to the Incident Management Process

 Incidents raises by end users or service owners via phone, email or walk ins
 Incidents raised as a result of proactive service or configuration item monitoring (i.e.
Solarwinds or other monitoring tools)

5.0. Output from the Incident Management process

 Incident resolution and closure
 Identification, documentation and implementation of workarounds and fixes
 Communication with affected uses and service owners
 Updated incident record and call log
 Management information (reports)
 Input into Change Management Process (Requests for Change)
 Input to the Problem Management process

Page 3 of 8 Draft v0.1

6.0. Roles and Responsibilities
Regardless of where an incident is assigned to during its lifecycle, ownership of the incident remains
with the Service Desk at all times. The Service Desk remains responsible for tracking progress,
keeping users informed and ultimately for incident closure.

Key roles are: Incident Manager, IT Support Assistant and Second and Third Line Support Staff.

6.1 - Incident Manager

The IT Service Desk Team Manager is the owner of the IT Incident Management process, and as such
is accountable for ensuring that the Incident Management process is adhered to when handling
incidents. However, any appropriate member of the IT Support team may be nominated to act as
Incident Manager in the event of a Priority 1 or 2 incident.

 Ensuring that incidents are resolved and managed to the customer satisfaction.
 Responsible for managing customer communication and escalations.
 Responsible for measuring efficiency and effectiveness targets.
 Production of management information.
 Management of Major Incidents, priority 1 and 2 incidents.
 Management of escalations of all incidents.
 Providing approval for change of priority of incidents on request of IT Users and IT staff in the case of
priority 1 and 2 incidents.
 Resolving any conflict on re-assignment of incidents.

6.2 – IT Service Desk Analyst

 Acts as single point of contact for all IT issues.

 Responsible for recording incidents and requests on ITSM Tool.
 Routing raised incidents to systems/network support when unresolved
 Initial support, classification, prioritisation and resolution of incidents and requests.
 Ownership, monitoring, tracking and communication of incidents and requests assigned to the Service
Desk or to them specifically.
 Resolution of incidents
 Escalation of incidents where necessary.

6.3 – Second and Third Line Support Staff

 Handling and receiving incidents via the ITSM software tool.

 Proactively raising incidents in response to events or requests from an external party/vendor
 Incident investigation and diagnosis.
 Resolution and recovery of assigned incidents.
 Communicating updates to staff and Service Desk of outstanding incidents through to resolution, via
updates within the ITSM tool.
 Service Desk software tool, and via phone, email or in person for non IT staff.
 Escalation of incidents to Incident Manager where required (such as in the case of a severity 1
incident).

Page 4 of 8 Draft v0.1

7.0. Process Activities
The purpose of this section is to define the activities that make up the Incident Management process to
manage all incidents logged with the IT Services ITSM tool.

The life cycle phases of an incident are detailed below:

 Incident Identification and Recording

 Classification and Prioritization in line with SLA Impact and Urgency Matrix (see Appendix 2)
 Investigation and Diagnosis - Assessment of Incident
 Resolution and Recovery - Invoke recovery action
 Escalation – Functional and Hierarchical.
 Incident Closure- Satisfactory resolution of Incident with customer

 For details on process activities throughout the lifecycle of an incident please see Appendix 1
 For details on the process workflow, please see Appendix 3
 For details on additional process activities to be carried out in the event of a high priority
incident, please see the FX Plus IT Services Major Incident Process.

8.0. Interfaces with other processes

Incident management interfaces primarily with the Problem Management and Change Management processes
as well as all processes within the Service Operations phase of the ITIL IT Services Lifecycle.

9.0 Performance Indicators:

The quality of the Incident Management process is measured within the monthly IT Service Reports,
published in the following location:
http://trsp2013farm/IT%20Services/IT%20Calls/Calls%20Fixed%20by%20Month.aspx

Page 5 of 8 Draft v0.1

Appendix 1: Incident Management Activity Descriptions
The following table provides a detailed description of the activities highlighted in the workflow. ‘Assignee’
designates the particular person or team to which a call has been assigned.

Ref Activity Description Responsible

Incidents are received via phone, email and walk-ins or identified via proactive
monitoring. All Incidents must be logged. For each Incident, the Service Desk:

Detect,  Creates a new incident ticket

1.0 Record &  Checks the user details within ITSM Tool and updates if required Service Desk
Classify  Selects the appropriate call category, call impact and urgency. Enters
summary and call description.

Service Desk attempt to resolve each recorded incident/ request, either at first
contact, or by assigning calls types handled by the Service Desk or appropriate
Provide Initial member of the Service Desk team for investigation and resolution. Check ‘Supported
1.1 Service Desk
Support IT Services’ list on IZMI document management system for support information. Save
the Incident and provide a unique reference to the user

All Incidents are assigned to an appropriate member of IT Support.

Perform  Review assigned Incident

1.2 investigation  Perform initial diagnosis
Assignee
and diagnose  Communicate with user and update ITSM Tool call action’ tab through to
resolution

Functional Escalation
 If the Service Desk is unable to resolve the Incident, it is assigned escalated to
the appropriate vendor/third party or to third line support for investigation.
Hierarchical Escalation
Service
Escalate  Notify the Service Desk Team Leader or Customer Centre Manager to be
1.3 Desk/Service
Incident notified of potential Priority 1 and 2 incidents.
Desk Team
 When a client is not satisfied with a proposed solution/workaround, this
Leader
should be escalated to the Service Desk Team Leader or Customer Centre
Manager.
 Where a call has or is likely to breach the resolution target stipulated by its
priority, this should be escalated to the call assignee and their manager.

If the current assignee has investigated the incident and have been unable to
Update & resolve, or the assignee believes the incident should be reassigned to an alternative Support
1.4 person, they will:
reassign Team/Assignee
 Update the ‘call actions’ tab with the investigation performed.
 Reassign to the appropriate person /team

Following further investigation, when the person assigned to handle the call has
Identify & identified a suitable workaround or solution, they will :
Communicate  Implement solution or workaround.
1.5 Assignee
workaround /  Contact user and confirm resolved where possible.
fix  Update the work log within the Incident \ Request

If it is believed the Incident has been resolved, the assignee will:

Update ticket  Update the Incident with the solution information.
1.6 Assignee
and resolve  Move the ticket to ‘resolved’ status.
 Update call with the appropriate resolution codes.

Close Following a period of xx working days, the status of the incident ticket will be set to ITSM
1.7
Incident ‘closed’ Tool/Application

Page 6 of 8 Draft v0.1

Appendix 2: Priority Matrix and SLA Targets

Service Level Agreement (SLA) Targets

Priority Response Resolution

Priority 1 30 mins 1 hour

Priority 2 5 hrs 8 hrs

Priority 3 8 hrs 16 hrs

Priority 4 8 hrs 80 hrs

Priority 5 800 hrs 2920 hrs

Priority Matrix:

Impact Urgency
(Number of Definition of the Impact High Medium Low
users or
criticality of
affected
service)

High Faculty /Campus/Group of VIPS/ Priority 1 Priority 2 Priority 3

Service Down
Medium Small Group of Users/ Service Priority 2 Priority 3 Priority 4
Degraded
Low Single User Priority 3 Priority 4 Priority 5

Page 7 of 8 Draft v0.1

Appendix 3: Incident Management Process Diagram:

INCIDENT MANAGEMENT PROCESS DIAGRAM

Identification and Logging Classification & Prioritization Investigation and Diagnosis Resolution and Recovery Incident Closure

YES

Re-open existing ticket

Customer contacts Service

Provide customer with Client happy with
Desk to log issues/ Issue Prioritise and categorise Can service Desk
Service Desk

YES resolution or take resolution/not YES

raised proactively in incident resolve?
appropriate action contactable?
response to event

NO

Is the call a Severity 1 Does Issue Require vendor/

NO Escalate to Third line
Incident? 3rd party to resolve

Move issue into resolved status

Call moved into closed status

User rejects resolution?
Third Line Support

Provide customer with Client happy with

Issue raised proactively in Prioritise and categorise Is the call a Severity 1
NO Can 3rd line resolve? resolution or take resolution/not YES NO
response to event incident Incident?
appropriate action contactable?

NO
NO

Does Issue Require NO

vendor/3rd party to
resolve

YES
External Party/Vendor

YES

Liaise with third party to

move issue through to
resolution
YES
YES Liaise with third party to
NO move issue through to
resolution
Escalation

Escalate to Incident/ SD
IT Services High Severity
Manager to handle issue
Incident Process
through to resolution

Page 8 of 8 Draft v0.1