This document summarizes a student project on incident management. It introduces an Incident Response Tool (IRT) developed by the student. The summary describes the key aspects of incident management covered in the document such as the incident lifecycle, roles and responsibilities, and key performance indicators. It also provides a high-level overview of the IRT application, including its dashboard, incident creation and details forms, and relational data model. The document concludes with a benchmark analysis of IRT compared to traditional incident management systems, along with roadblocks to implementation and future work.
2. BOARD OF EXAMINERS
Dr. Mohammad Nurul Huda Supervisor
Professor and MSCSE Coordinator
Department of Computer Science and Engineering
United International University
Dr. Swakkhar Shatabda Examiner
Assistant Professor and Undergraduate Program Co-ordinator
Department of Computer Science and Engineering
United International University
We fell grateful to and wish our profound our indebtedness to Dr.
Mohammad Nurul Huda, Professor and MSCSE Coordinator,
Department of Computer Science and Engineering, United International
University, Dhaka.
3. Contens
- What is Incident?
- Needs of incident management?
- Life cycle of an incident
- Critical Success Factores(CSF)
- Key Performance Indicators(KPI)
- Roles & Responsibilities
- Introducing Application
- Benchmark Analysis of IRT
- Roadblocks and future work
5. An incident is an event that could lead to loss of, or
disruption to an organization's operations, services
or functions. Incident management is a term
describing the activities of an organization to
identify, analyze, and correct hazards to prevent a
future re-occurrence. If not managed, an incident
can escalate into an emergency, crisis or a disaster.
6. Why Incident Management?
The purpose of incident management is to
reinstate normal service operations as fast as
possible and mitigate the negative impact on
business operations, thus making sure that the
agreed levels of service quality are maintained.
The operational state where closing incident(Cls)
and services are performing within their agreed
service parameters and operational levels is called
‘Normal service operation’.
8. Incident statuses
1. New
The new status indicates that the service desk has received the incident
but has not assigned it to an agent.
2. In progress
The in-progress status indicates that an incident has been assigned to
an agent but has not been resolved. The agent is actively working with
the user to diagnose and resolve the incident.
9. 3. On hold or pending
4. Resolved
5. Closed
The on-hold status indicates that the incident requires some information
or response from the user or from a third party. The incident is placed
“on hold” so that SLA response deadlines are not exceeded while
waiting for a response from the user or vendor.
The resolved status means that the service desk has confirmed that the
incident is resolved and that the user’s service has restored to the SLA
levels.
The closed status indicates that the incident is resolved and that no further
actions can be taken.
10. Incident Triage
We determine the order in which incidents should be processed:
1. Impact: how the incident affects business
2. Urgency: how long resolution can reasonably be delayed
3. Priority: how quickly the service desk should address the problem
12. Critical Success Factors
– Commitment to Process
– Improved Customer Satisfaction
– Maintain quality of IT services
– Maintain user satisfaction with IT services
– Resolve incidents as quickly as possible minimizing
impacts to the business
13. Key Performance Indicators
– Breakdown of incidents at each stage (e.g. logged, work in
progress, closed etc.)
– Number and percentage of incidents resolved remotely,
without the need for a visit
– Total numbers of incidents (as a control measure)
– Size of current incident backlog for each IT service
– Number and percentage of major incidents for each IT
service
14. Roles & Responsibilities
- Driving the efficiency and effectiveness of the Management process
- Producing management information
- Managing the work of incident support staff
- Monitoring the effectiveness of Incident Management and making
recommendations for improvement
- Developing and maintaining the incident Management systems.
Incident Manager
15. - Incident registration
- Monitoring Incident details, including the Configuration Items affected
- Initial support and classification
- Ownership, monitoring, tracking and communication
- Closure of Incidents
- Incident investigation and diagnosis (including resolution where
possible)
- The resolution and recovery of assigned incidents.
Incident Analyst
16. - Provides the input into the Incident Management Process
- Reports incidents when they occur
- Uses the Service Desk, contacts a department directly, or
opens a ticket directly in the Incident Management Tool
- Provides correct and complete information about the incident
itself and the circumstances under which it occurred
Users
22. Benchmark Analysis
Features Category OTRS
(Traditional Incident management system)
IRT
Knowledge Management &
self service
1. Surveys
Ticket Creation 1. Email
2. Phone
3.People
4. On Behalf Of
Ticket Management 1. Ticket priorization& assignment
4. Forward ticket(Other Departments)
5. Incident tracking using code name.
Time Management 1. Escalation
Notification 1. Email incident list to notify all
admin users
YES YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
NO
NO
NO
NO
NO
23. Incident Management Roadblocks
No management/staff commitment, hence no resources
Lack of clarity of business needs
Badly-defined service goals
Working practices not reviewed or changed
No service levels defined with customer
Lack of knowledge on resolving incidents
No integration with other processes
Resistance to using process
24. Future Work
Develops mobile apps so that it can be accessible from
anywhere.
Improve admin module
Make it platform independent (responsive web
application).
Auto update the application using internet.
More reports on the basis of user requirements.
- What is Incident?
- Needs of incident management?
- Life cycle of an incidet
- State of Incidetns
- Recovery time
- Critical Success Factores(CSF)
- Key Performance Indicators(KPI)
- Roles & Responsibilities
- Introducing Application
- Relational Diagrams
- Benchmark Analysis of IRT
- Roadblocks and future work
Incident management is therefore the process of limiting the potential disruption caused by such an event, followed by a return to business as usual. Without effective incident management, an incident can disrupt business operations, information security, IT systems, employees, customers, or other vital business functions.
1. Incident identification2. Incident logging3. Incident categorization4. Incident prioritization5. Incident response - Initial diagnosis - Incident escalation - Investigation and diagnosis - Resolution and recovery - Incident closure
Incidents have a Lifecycle:
„LifeCycle is the series of changes that happen to a living creature/project/product/etc. over the course of its lifetime. ”
New: The new status indicates that the service desk has received the incident but has not assigned it to an agent.
Assigned: The assigned status means that an incident has been assigned to an individual service desk agent.
In progress: The in-progress status indicates that an incident has been assigned to an agent but has not been resolved. The agent is actively working with the user to diagnose and resolve the incident.
On hold or pending: The on-hold status indicates that the incident requires some information or response from the user or from a third party. The incident is placed “on hold” so that SLA response deadlines are not exceeded while waiting for a response from the user or vendor.
Resolved: The resolved status means that the service desk has confirmed that the incident is resolved and that the user’s service has restored to the SLA levels.
Closed: The closed status indicates that the incident is resolved and that no further actions can be taken.
Priority may be made dependent on the combination of impact and urgency. For example, high impact and high urgency should dictate top priority, whereas low impact and low urgency dictate low priority, with other impact and urgency values dictating priority levels between high and low.
A role refers to a set of connected behaviors or actions that are performed by a person, team or group in a specific context. Process roles are defined by the set of responsibilities, activities and authorities granted to the designated person, team or group.
Some process roles may be full-time jobs while others are a portion of a job. One person or team may have multiple roles across multiple processes. Caution is given to combining roles for a person, team or group where separation of duties is required. For example, there is a conflict of interest when a software developer is also the independent tester for his or her own work.
We have developed an incident management application (IRT) for Lafarge Surma Cement Ltd which is a joint venture of LafargeHolcim, a world leader in building materials and cementosMolins, Spanish Company with strong global presence. It was first incorporated on 11th November 1997 as a private limited company in Bangladesh. The plant/depot located in Chhatak, Dipnagar, Kachpur, Kutubpur, Meghnaghat, Mirpur, Dhaka(Head Office), Shella(India) and Shillong(India).
The application is hosted in Dhaka and accessed by ethernet from other locations. The incident which are raised from Chhatak, Dipnagar, Kachpur, Kutubpur, Meghnaghat, Mirpur are maintained and managed from HO-Dhaka. And which are raised from Shella, Shillong are maintained by Shella. But all the incident are monitored from HO-Dhaka.
The quality of the configuration Database
Following features may be added to ‘Incident Management System’ in future:
- Access central database using real IP connection.