How to establish an efficient and effective incident management process

• Accountability, boundaries and consistency
• Cost-effectiveness and quality
• Stages of the lifecycle
• Services
• The service portfolio
• Processes and functions
• A brief discussion of the processes defined by ITIL
• Roles and responsibilities
• Exercise 1: Understanding basic service management concepts

• Understanding incident management from a service catalog perspective
• Understanding incident management in the context of service level agreements
• What is an incident?
• Defining incident management
• What incident management is not
• Purpose and objectives of incident management
• Scope of incident management
• Incident management policies, principles and basic concepts
• Incident models
• Incident management activities
• Incident matching procedure
• Sourcing of information
• Incident management metrics and measurements
• Challenges and risks
• The Continual Service Improvement Approach
• Why an effective and efficient, real-world oriented incident management process is important to your organization
• Exercise 2: Understanding the Theory of Incident Management

• Using the service catalog as structuring mechanism for incident mechanism
• Establishing common sense policies and practical guiding principles for incident management
• Building an incident management process based on real-world examples
• Using the Schedule of Changes
• Invoking configuration management during incident management
• Sample policies and guiding principles for incident management
• Real-world example I: A short bridge (or vehicles that are too tall)
• Real-world example II: My first car (discovering and using workarounds)
• Real-world example III: A bent CPU Pin (example of the ineffectiveness of service restoration when problem management is ineffective)
• Real-world example IV: Availability management and time zone coding
• Real-world example V: An operating system update

Exercise 3: Practical policies and guiding principles for incident management

• What is a vision?
• Understanding and agreeing to the desired state for problem management in your organization
• Defining the vision
• Sample visions for problem management
• Exercise 4: Establishing a vision for problem management

• Understanding the current state of incident management in your organization
• Incident management Audit of Intent
• Incident management Audit of Action
• Sample incident management assessment questions
• Assessing levels of incident management maturity
• Sample assessment results
• Exercise 5: Understanding the current state of incident management in your organization

• Why many incident management processes fail
• Identifying, understanding and making decisions about incidents in a consistent way
• What is an incident?
• What is a workaround?
• What is a known error?
• What information is contained in an incident record?
• What information is contained in a known error record?
• How are incident records used?
• How are known error records used?
• Storing records in a known error database?
• Basic functionality of known error database and how this helps incident management
• How changes and incidents are related
• Exercise 6: Defining incidents, workarounds and known error records

• What is an incident?
• What is a problem?
• Typical relationships
• Categorization
• Prioritization
• Escalation
• Establishing an effective boundary between problems and incident management
• Definition of workarounds
• Creation of known error records
• Use of known errors
• Which process (of Incident management and problem management) does what and when
• Exercise 7: Establishing an effective boundary between problem management and incident management

• Common incident situations
• Degradations of service
• Violation of a Service Level Agreement
• Interruptions to service
• Incidents without customer impact
• Major incidents
• Security-related incidents
• Access-related incidents
• Defining an incident model
• Effective incident logging
• Using initial categorization effectively
• Using prioritization effectively
• Using initial diagnosis effectively
• Using escalation effectively
• Resolution and recovery as part of the incident model
• Determining and using incident close categorization
• Exercise 8: Understanding common incident situations and defining common incident models

• Using the ITIL incident management process as a starting point
• Defining specific policies for incident management
• Defining roles and responsibilities for incident management
• Defining incident open category
• Defining impact, urgency and priority
• Defining a major incident management process
• Defining other process branches(e.g. security incidents)
• Defining an incident matching procedure
• Defining approaches for functional escalation
• Defining approaches for hierarchic escalation
• Defining incident diagnosis activities
• Defining incident closure activities (e.g. close categorization)
• Building a process for defining incident models
• Invoking incident models
• Exercise 9: Defining your organization’s incident management process

• Useful key performance indicators for incident management and what they really measure
• How to collect key performance indicators
• Common incident management reports
• Exercise 10: Creating common incident management reports

• Comparing the vision and baseline
• Identifying an implementation plan
• Making the implementation plan specific
• Sample incident management implementation plan
• Exercise 11: Developing an implementation plan for incident management

• Common delays roadblocks, challenges, risks and pitfalls
• Developing responses
• Adjusting the vision
• Keeping the momentum going
• Exercise 12: Developing responses to common challenges and risks

• Review of concepts learned
• Questions and answers