The main objective of ensuring the information security of an organization is to reduce the risks that apply to information resources, and ultimately to prevent or minimize the damage caused by possible security incidents. information.
To achieve this goal, most large and medium enterprises have created information security units that plan and implement a set of measures to protect their information resources.
What is an incident?
In ITIL / ITSM terminology, an incident is an event that jeopardizes the execution of business processes and can reduce the level of service delivery. There is no access to the server or an unstable Wi-Fi signal – each of these problems needs an immediate solution. Incident management comes to the rescue. Its main task is to restore service as quickly as possible, to minimize the impact of an outage on the user and the business, and also to avoid financial losses.
Why should a business automate incident management?
Automating incident management enables the business to respond quickly to detected bugs and failures in services, minimize losses, and maintain a high level of service delivery.
Using the automation tool, work on incidents becomes transparent and understandable, all appeals are recorded and distributed to competent specialists. Priorities don’t confuse employees – they know exactly in which order to process applications.
All user actions are recorded in the system. This data allows you to generate reports on which you can check SLA compliance, see the number of incidents resolved and those that have come back for review, as well as analyze the work of specialists on various indicators.
Service Desk and its role in the incident management process
To sort incidents according to the ideology of the service approach, a dedicated support department, at least logically, the company needs a Service Desk. Support and therefore incident management tasks include:
- process incoming requests;
- obtain from them information about the incident, in particular, the identification of incidents among untargeted requests and service requests, recording, classification and prioritization;
- controlling the “return” of the level of service promised to customers by working on the incident life cycle (setting deadlines, assigning managers, reorienting tasks, etc.);
- monitoring of compliance with declared parameters (mainly SLA).
It should be noted that it is necessary to perform these tasks with the lowest possible financial and time costs, but not at the expense of the quality of service – for cheaper prices, you do not need to insist on “crutches” in the service, however, no one demands to rewrite everything from scratch according to the canons. I just restored the service.
Tips for implementing an incident management system
AT Polotech, when we implement the service center for our customers (mainly based on Jira Service Desk), we believe that the service desk is not a special service that can solve all the problems and automatically provide the business with incident management in accordance with ITIL. Thus, our experts ensure that the technical support department is closely integrated with other departments, to build the right incident management processes.
The main thing to remember is that the service center is not a separate special service, the implementation of which will solve all problems and automatically provide the company with incident management in accordance with ITIL. This department must be closely integrated with other departments, appropriate processes must be built.
For the system to function properly, it is essential to:
- ensure the distribution of the load so that there are no “bottlenecks” in the department;
- take into account the competence of specialists and their value. A typical approach to solving this task and the previous ones together is to allocate help lines that handle requests of varying complexity. For example, the first row works with untargeted queries and simpler tasks. The second resolves the substantive issues, and only requests requiring in-depth knowledge of the deployed IT systems are sent to the third. Within each line, the distribution of tasks between employees must be thought out so that the absence of a person does not affect the overall result;
- ensure that the entire incident management process is controlled by a certain number of metrics – KPIs, chosen by the company itself: for example, adherence to the deadline for resolving a problem, speed resolution of incidents (regardless of the limits), or the level of customer satisfaction according to its own assessment. Some of the metrics may be mentioned in the SLA, while the other may be exclusively an internal initiative.
Interesting related article: “Top Cybersecurity Trends to Watch for in 2020”