The main goal of ensuring the information security of an organization is to reduce the risks that apply to information resources, and ultimately prevent or minimize damage from possible information security incidents.
To achieve this goal, most large and medium-sized companies have created information security units that plan and implement a set of measures to protect their information resources.
What is an incident?
In ITIL / ITSM terminology, an incident is an event that jeopardizes the execution of business processes and can reduce the level of service provision. There is no access to the server, or an unstable Wi-Fi signal – each of these issues requires an immediate solution. Incident management comes to the rescue. Its main task is to restore the service as quickly as possible, minimize the impact of a failure on the user and the company, and also prevent financial losses.
Why does a company need to automate incident management?
Automation of incident management allows the company to quickly cope with detected bugs and failures in services, minimize losses and maintain a high level of service provision.
With the help of the automation tool, the work on incidents becomes transparent and understandable, all appeals are registered and distributed to competent specialists. Thanks to the priorities, employees do not have confusion: they know exactly in what order to process applications.
All user actions are recorded in the system. This data helps to generate reports on which you can check compliance with the SLA, see the number of resolved incidents, and those that have returned for revision, as well as analyze the work of specialists on various indicators.
Service Desk and its role in the incident management process
To sort out incidents in accordance with the ideology of the service approach, a dedicated support service, at least logically, the company needs a Service Desk. The tasks of support and, accordingly, incident management include:
- processing incoming requests;
- obtaining information about the incident from them, in particular, identifying incidents among non-targeted requests and service requests, registration, classification, and prioritization;
- control over the” return ” of the promised level of service to customers through working with the incident lifecycle (setting deadlines, assigning responsible persons, redirecting tasks, etc.);
- monitoring compliance with the declared parameters (primarily SLA).
It is worth noting that it is necessary to perform these tasks by reducing financial and time costs as much as possible, but not to the detriment of the quality of the service — for the sake of cheaper prices, you do not need to insist on additional “crutches” in the service, however, no one requires rewriting everything from scratch according to any canons. Just restoring the service.
Tips on how to implement an incident management system
At Polontech, when we implement Service Desk for our clients (based on Jira Service Desk mostly), we think that the service desk is not a special service that can solve all problems and automatically provide the company with incident management in accordance with ITIL. So our experts make sure the tech support department is closely integrated with other departments, to build the right incident management processes.
The key thing you need to remember is that the service desk is not a separate special service, the implementation of which will solve all problems and automatically provide the company with incident management in accordance with ITIL. This department should be closely integrated with other departments, appropriate processes should be built.
To make the system work properly, it’s essential to:
- take care of the distribution of the load so that there are no “bottlenecks” in the department;
- take into account the competence of specialists and their value. A typical approach to solving this and the previous tasks together is to allocate support lines that process requests of varying complexity. For example, the first line works with non-targeted requests and the simplest tasks. The second one solves the issues on the merits, and only those requests that require expert knowledge of deployed IT systems are sent to the third one. Within each line, the distribution of tasks between employees should be thought out so that the absence of one person does not affect the overall result;
- to make the entire incident management process controlled by a number of metrics — KPIs, chosen by the company itself: for example, compliance with the time limit for solving a problem, the speed of solving incidents (regardless of the limits), or the level of customer satisfaction according to his own assessment. Some of the metrics can be mentioned in the SLA, while the other can be exclusively an internal initiative.
Interesting Related Article: “Top Cyber-Security Trends to Look Out for in 2020“