One of the first questions people ask is how do I get started with improving IT within my organization? The first step is to take stock of where you are today. Are you a proactive or reactive organization? Many IT department will tell you we don’t have the time to implement IT Service Management, (ITSM) because we’re just too busy putting out fires. If this is true you are a reactive organization. You are burning a lot of time and resources running from one fire to the next. To help you move to a proactive organization one of the recommended processes to concentrate on is Incident Management. By reducing your workload related to incidents, (putting out fires) you will begin to free up some resources to help you move to a more proactive organization.
A good place to start is to validate if your properly measuring your performance? You heard of the saying “cheaper, better, faster”. Well this is the basis of any measurement system. The first two measures to concentration on are;
- Faster – For incidents you want to measure how quickly or how fast you are closing them. Many of you will be familiar with the measure Mean Time To Repair, (MTTR). Simply said, this is the average duration of an incident. If you are already measuring duration that is good first step. Next you would want to do some trend analysis to determine is your duration getting better or worse. You also want to take a snap shot of your current performance to establish your duration baseline. This will help you see if you are getting better over time and assist with your goal setting and creation of strategies.
- Better – This can be a much more complicated series of measures so I would recommend initially keeping it simple and growing it as your organization matures. Better means less errors or doing it right the first time. There are many components of how you manage incidents such as; classification, prioritization, escalations, communications, etc. You can establish measures that reflect the performance in each of these areas or any of the key areas that you determine are relevant. In the end, your customer determines the quality of service so a good overall measure would include customer feedback. That could include a survey link on your incident closing notification. An annual survey sent to your customers or an informal contact based on a random sample of closed incident tickets.
Many of the reports mentioned above come standard with most ITSM/Service Desk tools. The key element is to ensure they accurately reflect the work being done. As the owner of this process you want to pull the detail and ensure that the filters you have set are accurately compiling the data. In addition, review the data points that just don’t seem to fit in with the rest of the data. This can either indication where the process has broken down or where you might have a problem with the accuracy of the data.
- Cheaper – For most organization this will be the most difficult measure to establish. It is generally calculated outside the ITSM/Service Desk tool and is best done by your Finance and Accounting section. If you want to have a general level feel you can calculate the total cost of the incident process, (People, Tools, Facilities) and divide by the total number of incidents. Something you may want to consider is as you become successful in reducing the number of incidents you can expect you cost per incident to rise. This will be your impetuous to transfer resources to more proactive activities to further implement your ITSM processes.
Once you have your measurement system established you will want to start documenting the “As Is” process for Incident Management. This identifies how you do things today. Do you have established procedures? Are you performing at the level you desire? If you answer is no to any of these questions you will know where to start. If you don’t have procedures go ahead and start developing them. For incident management there are many best practices frameworks available. ITIL, COBIT that can help provide guidance and directions. Remember the mission of incident management is to restore service as quickly as possible. So as you design or you are simply are improving your established process ask yourself does this modification positively impact the incident goal of restoring service as quickly as possible? (reduce duration of an incident). If the answer is no, then why are you dedicating precious resources to this effort
Some of the key areas you want to ensure you have addressed in your incident procedures is that all incidents are recorded. That they are prioritized and classified. Prioritization will be based on input from your customers to determine impact and urgency. Classifications will be driven by your services offered. Proper classification is also important to ensure you are escalating incidents to the right team. As we had mentioned earlier these might be good areas to be measured to validate you are getting better. There is not one correct formats for classifications or prioritization. They should reflect the uniqueness and needs of your organizations. There are guidelines you can follow that can help you establish whats right for you.
Once the incident has been correctly classified, prioritized and escalated to the proper team the next two phases in the life cycle of an incident are resolution and closure. During resolution process the record must be updated within the time frames established within the Service Level Agreement, (SLA). If your agency does not have signed SLAs with its customers then I would suggest discussing this with them to come up with an agreed upon time frame to set expectation. Once the incident is resolved and the incident record is properly updated the customer is contacted and given the opportunity to either confirm or question the closing of the incident ticket. This is also an opportunity to reach out to the customer to capture their satisfaction with how you managed the outage.
What we have discussed in this post are just some of the key high lights of the Incident process. Your comments and questions are welcome. Please feel free to post them or respond to the comments of others. Thank you.