The foundation for IT service management, the efficient handling of incoming incident reports can make or break a business’ service department. Understanding how these incident reports should be handled and establishing procedures for resolving them quickly is key to the smooth operation of any help desk department.
Closely related to other aspects of IT service management, most service procedures can trace their way back to basic incident reports in some fashion. Problem and change management, for example, have a direct correlation to incident reports and are often enacted upon based on data from incoming incidents. On the same token, tracking, managing, and maintaining good asset discovery is designed in part to reduce the number of incidents that occur within a company.
Since the proper handling and cataloging of incoming incident reports have wide ramifications on the rest of ITSM/ITAM procedure, building a solid foundation for a business’ service desk to work from will have a positive impact down the line. Establishing good incident report management can be a simple but time-consuming process for large companies. However, once good protocols are put in place they will greatly improve the efficiency of the company’s IT department and require minimal upkeep to maintain. The introduction of high-quality IT incident management software and properly trained service desk staff will go a long way towards smooth incident handling.
What’s in an incident?
In its most basic sense, an incident is any reduction in quality or interruption of an IT service. This covers a very broad range of issues ranging from bugs in software or malfunctioning hardware to end-user error or improper training. Strictly speaking, these range of incidents can all result in an incident request, or ticket, to the service department for assistance. Whether its a broken printer or a faulty piece of hardware, incidents comprise the front-line of service management.
In order for an interruption in service to officially be cataloged as an “incident,” some form of communication between the end-user and the service desk needs to take place. This could be as rudimentary as a phone call or as advanced as a dedicated ticketing system with software that handles incident requests and tracks them automatically. While this seems like an obvious step in incident management, the initial correspondence with service desk staff and logging of an incident is often ignored or downplayed. The exact opposite should happen for good handling of incoming incidents. A heavy focus needs to be placed on good incident reporting and logging for both the end-user and the service desk. Without a detailed initial form of contact, incidents will take longer to resolve and require more resources to address.
Without the proper structure and protocol for the initial reporting and routing of incidents, things can quickly spiral out of control. Systems that lack in the detailed cataloging of incidents will also suffer further problems down the line. It will be more difficult to compile data that can be used to target upgrades, change management, and education for the end-user.
Enter the Service Desk
All companies large and small operate some form of service desk, whether they’re aware of it or not. The “IT guy” in the small office is, in some capacity, that business’ service desk. The larger the business, the greater the demand for an official structure and procedure for handling incidents.
The vast majority of service desks will follow some form of ITIL guidelines for incident management. This involves a tiered support system and escalation rules for incoming incidents, commonly referred to as support tickets. Once a ticket is received, predetermined routing and escalation rules should determine how that ticket should be handled. Common examples of low-level tickets would include password resets, simple troubleshooting, and other easily modeled support issues. These types of incidents can be easily referenced within a knowledge base for a quick resolution and can be resolved by the end-user in many cases. Easy access to an internal knowledge base can reduce the number of low-level tickets needing service desk attention.
Tier two incidents may require more experience, knowledge, or skill to handle. They may also demand special permissions from the system or network administrators to resolve. Tier two tickets can also include interruptions in service that require immediate attention.
Anything beyond tier two demands a high-level or high-priority resolution. Serious interruptions in service or access that require immediate hardware or software replacements to restore service to multiple end-users will fall into this category. These incidents should be rare, but need to be resolved quickly as the may interrupt operations across multiple departments or customers.
Basic handling of incoming incidents
While the handling of incoming incidents can be a complex topic spanning many pages of text, the basic flow of an incoming ticket should follow a similar procedure across most companies. An outline for ticket management is presented in ITIL guidelines, and many service desks will find they use some form of this basic outline.
- Identification – Discovery and confirmation that the incident does exist and is causing an interruption.
- Logging – Cataloging the incident and entering it into the incident management database
- Categorization – Categorizing the incident so that it can be routed to the appropriate location in the service desk.
- Prioritization – Identifying the level of interruption and routing accordingly.
- Initial Diagnosis – An initial look at the incident that includes deciding if escalation is needed.
- Investigation and Diagnosis – A closer look at the incident to provide a diagnosis and possible resolution.
- Resolution – Once a resolution has been found, implementing the resolution.
- Closure – Closing out the incident within the database
Each of these steps has a number of possible branches within the tree, but all inevitably follow a similar procedure. While it sometimes makes sense to move through these steps rapidly, for most moderate interruptions in service, it’s important to follow these guidelines for incident management. Even small incidents should follow the basic initial steps like logging, categorization, and identification, to help provide models for knowledge base entries and generate more data for support staff to work with that will help improve service to the end-user.
It can’t be stressed enough how important detailed logging of incidents can be to improving the way the service desk operates. Proper logging gives valuable data that can be analyzed to find optimizations in the way each service desk operates. The guidelines currently in use by most organizations are just that: a roadmap to guide others in the right direction. Using these guidelines to help improve the handling of incoming tickets can lead to modifications that allow for more efficient operation.
The world of IT service management is always evolving, and keeping IT efficient requires adaptation and fluidity. Incident reports and their management makes keeping things efficient easy. Finding the right solution can make all the difference in the smooth operation of a business’ service desk!