An incident is an unscheduled interruption to an IT service or reduction in the quality of an IT service. The failure of a configuration item without any previous impact on a service is also classed as an incident. Users of IT services rely on this service operating smoothly. If the user is no longer able to utilize the IT services in the customary way or if this has a detrimental effect on his work he contacts the IT organization’s service desk.

Incident management is the process which is responsible for managing the lifecycle of all incidents. The key aim of the incident management is to restore the IT service for the user as quickly as possible. This troubleshooting process is designed on a three-stage basis, as first, second and third level.
 

Click to enlarge

In this context the following aspects must be taken into account:

• Timescales: time is a key factor when it comes to maintaining the agreed service levels. It is therefore important for the time required for acceptance and processing to be coordinated and agreed with all participating departments/offices in the operational level agreements or external agreements.
• Incident models: many interruptions are repeat situations and can be resolved on the basis of a predefined standard incident model and can consequently keep to the defined times. Other interruptions require special handling and have to be processed accordingly. As such, security incidents or performance incidents for example are escalated to the specialist teams.
• Major incidents: a separate procedure involving a higher degree of urgency must be used for major incidents. Those situations that constitute a major incident must be agreed in advance. Ideally this will also be illustrated in a superordinate prioritization diagram.