Home 
 1. Overview 
 What is Incident Management? 
 Why use Incident Management? 
 Who uses Incident Management? 
 How Incident Management works 
 What does Incident Management cost? 
 2. Implementation Guide 
 Define what needs to be done to implement Incident...  
  Prepare to implement Incident Management 
 The Incident Management implementation plan 
 Incident Management post implementation review 
 3. Operations Guide 
  Who carries out Incident Management? 
 DW1105 When does Incident Management occur? 
 How to operate Incident Management 
  Measuring the results of Incident Management 
 4. Toolkit 
 Incident Management downloads 
 Incident Management resources 
 5. Roles and responsibilities 
 Service Desk role in Incident Management 
 Technical support role in Incident Management 
 User role in Incident Management 
 6. Review 
 Recap of Incident Management  
 Checklist  
What is Incident Management?
Difference between Incident Management and Problem Management Incident vs problem Examples of incidents
Incident management is a defined process for logging, recording and resolving incidents.
The aim of Incident Management is to restore the service to the user as quickly as possible, often through a workaround or temporary fixes, rather than through trying to find a permanent solution.


Go back to Overview
Difference between Incident Management and Problem Management
  • The aim of Incident Management is to restore the service to the user as quickly as possible, often through a workaround, rather than through trying to find a permanent solution.
  • Problem Management differs from Incident Management in that its main goal is the detection of the underlying causes of an incident  and the best resolution and prevention.
  • In many situations the goals of Problem Management can be in direct conflict with the goals of Incident Management.
  • Deciding on which approach to take requires careful consideration. A sensible approach would be to restore the service as quickly as possible, but ensuring that all details are recorded, to enable Problem Management to continue once a workaround has been implemented.
  • This does however, require discipline as the thought that the incident is fixed may prevail, but if the resolution to the problem is not found, the incident may well appear again.
Incident vs problem

An incident is where an error occurs or something doesn't work the way it is expected. It is any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service.
This is often referred to as a fault, error, it doesn't work! , a problem, but the term used with FITS is 'incident'.
A problem can be
  • the occurrence of the same incident many times
  • an incident that impacts many users
  • the result of network diagnostics revealing systems not operating the expected way.
Therefore a problem can exist without having immediate impact on the users.
Incidents are usually more visible and the impact on the user is more immediate.
Examples of incidents
User experienced incidents
Examples of user-experienced incidents that can be put into three categories are application, hardware and user requests.

1. Application
    • Service not available (this could be due to either the network or the application, but the user won't be able to determine which at first)
    • Error message when trying to access the application.
    • Application bug/query preventing the teacher/student from working .
    • Disk space full.
    • Technical incidents.

2. Hardware
    • System down.
    • Printer not printing.
    • New hardware such as scanner, printer or digital camera not working.
    • Technical incidents.

3. User requests
    • Request for information/advice/documentation.
    • Forgotten password.
    • Unlock email system.
    • Training required.

Technical incidents
Technical incidents can occur without user knowledge.
  • there may be a slower response but, if this is a gradual decline in response, the user won't notice.
  • Technical incidents are usually spotted by technicians using diagnostics or proactive monitoring.
  • If a technical incident is not resolved, the impact can affect many users for a long time.
  • in time, experienced users and the service desk will spot these incidents before the impact affects users.

Examples of technical incidents:
  • Disk space nearly full - will only impact users when completely full
  • Network card intermittent fault - sometimes it appears that the user cannot connect to the network, on second attempt it works. Replacing the card before it stops working completely provides more benefit to the users
  • Monitor flickering and is more troublesome in some applications than others. Easy to live with or ignore, but the monitor will not usually last more than a few weeks in this state.
Top