Incident Management

You know the call. We all have received them it is the break fix call. The call occurs any time during the day. The call that tell you three main things, someone's unhappy, someone has to handle this, and isn't there a better way to manage this aspect of support. There is some good news here for all, ITIL has best practice guidelines for dealing with incident management.

Look at an incident from a high level, there is a pattern of actions that can be taken to resolve the incident. All incidents have inputs, outputs, and management activities like all other processes.

The parts of an incident management process are:

§  Inputs - Inputs are key to the process. Incident details are received from the service desk, network, or computer operations. There are many forms of inputs, break fix issues, service request, and/or automatic monitoring alerts.

§  Outputs - Outputs need to be considered from the viewpoint of what are the outputs of incident management. Obviously this would be the closed incident or restored application availability. But looking at a higher level, there is the user satisfaction, improved productivity for all, customer follow up and communication, the documentation for the incident reports and management information.

§  Incident Management Activities - Incident management activities are detection and reporting; classification and initial support; investigation and diagnosis, resolution and recovery; incident closure; and incident ownership, monitoring tracking, and communication.

Just to review the flow of events, most customer and user incidents are initially reported to the service desk. This action gives ownership of the handling and tracking of the incident from beginning to end to the service desk, even though the work maybe completed coordinating with other departments.

The activities of an incident management process are:

§  Incident detection and reporting - Incident detection and reporting is the act of learning an incident has occurred and recording the basic details related to it.

§   Classification and initial support - Classification and initial support categorizes the incident, by matching it against the knowledge base of issues, assigning a priority, assessing if it is related to configuration details, providing initial support and closing the incident or routing it to a specialist group.

§  Investigation and diagnosis - Investigation and diagnosis relates to assessing incident details, collecting and analyzing the information and resolution, then routing the incident to line support

§  Resolution and recovery - Resolution and recovery surrounds the completing of the incident, using a solution or workaround, or raising a request for change.

§  Incident closure - Incident closure is the act of confirming the resolution with the reporter of the incident and closing the incident.

§  Incident ownership, monitoring, tracking, and communications - Incident ownership, monitoring, tracking, and all communications are all the activities that surround monitoring the incident, escalating it, and informing the user of the latest status, key accomplishments, and next steps.

Imagine how helpful this would be if it was in place. Wouldn't anyone work towards this ideal?

To elaborate on this point a little further, as import as roles and responsibilities are to any effective plan, the tools to get the job done are just as important. You simply need the right tools to be able to work effectively.

Tools commonly used in incident management are:

§  Automatic incident logging and alerting - This tool can automatically log incidents and alert support personnel in the event of fault detection on mainframes, networks, servers, and possibly through an interface to system management tools.

§  Automatic escalation facilities - Automatic escalation facilities help facilitate the timely handling of incidents and service requests. Imagine automatic notification, instead of constantly checking a worklist.for a group's queue.

§  Highly flexible routing of incidents - This is a requirement; when control staff members are located in multiple sites or collocated in an operational bridge, the incident calls can be routed efficiently and effectively.

§  Automatic extraction of data records - Automatic extraction of data records from the configuration management database, CMDB, of a failed item and affected items is helpful.

§  Specialized software - This software is used for the speed and effectiveness of handling incidents. BMC is an ideal system. It can help with very accurate classification of incidents and successful matching at the point of alert.

§  Telephone systems integration - Telephone systems integration can be used to automatically registering the names and phone numbers of users.

§  Diagnostic tools - These tools can assist with the diagnostic process so that the support staff can more quickly diagnose the source of incidents.

One of the constant statements is that you can't manage what you can not measure. Normally the incident manager is accountable and responsible for reporting the performance of the incident. In order to accomplish reporting is to have clearly define objects with measurable targets that can provide performance information.

Common metrics used to report the effectiveness and efficiency of the incident management process are:

§  Incident volume refers to the total number of incidents that are handled by the incident management process.

§  Mean elapsed time shows how much time was taken to achieve incident resolution or circumvention. The time is broken down by impact code.

§  Incident response time refers to the percentage of incidents handled within the agreed upon response times, which may have been specified in service level agreements by impact code, for example.

§  Average incident cost refers to the average cost of each incident.

§  The percentage of incidents closed refers to the percentage of incidents closed by the service desk without reference to other levels of support.

§  The number and percentage of incidents resolved remotely refers to those incidents that were taken care of off-site, with no physical visit.

The relationships between the incident management process and other IT Service Management processes are:

§  The configuration management database defines the relationships among resources, services, users, and service levels. For example, let's say a server fails. With the configuration management database, all existing processes, applications, and interfaces would be documented, so downstream affects would be noted immediately.

§  Problem management provides information about problems, know errors, workarounds, and quick fixes.

§  Change management yields information about scheduled changes and their status.

§  Service level management monitors the service level agreements with the customer about the support to be provided.

§  Availability management measures the aspects of the availability of services and uses the incident records and the status monitoring provided by configuration management.

§  Capacity management assures that storage capacity matches the evolving demands of the business. It is concerned with incidents that relate to this objective, such as incidents caused by a shortage of disk space or slow response time.

An item to remember and maybe even reinforce is that the incident management process is interwoven with the other IT service management processes. The processes work as long as all the processes support each other.
Finally there are some common barrier in the form of costs and problems to implementing an incident management process.

The common costs are the implementing and operating cost, as is standard with almost any implementation. Implementation costs are the training, tools needed, process and workflow definition, and resources expended in the implementation. Operating costs are the continuing maintenance license feeds and operating resources expended.

Some of the common recurring problems that affect all organizations are:

§  Users and IT staff bypassing incident management procedures - this results in the IT organization does not obtaining important information about the service level and the number of errors.

§  Incident overload and backlog - This circumvention makes it difficult to record incidents effectively. Escalations may occur if incidents are not resolved quickly enough.

§  Incomplete service catalogs and service level agreements - define the time in which an incident or request for service needs to be solved or escalated. If these documents don't exist or are incomplete, the caller may not be able to get the issue resolved--and get back online--as quickly as possible.

§  Lack of commitment -This is a problem because effective incident management requires real staff commitment, not just involvement.

ITIL V3 Foundation Training

Anyone interested in ITIL Foundation Version 3 training please send me an email @ vikashnarain@gmail.com

ITIL Service Strategy: Overview

Process Objective: To provide guidance on how to design, develop and implement Service Management. It is about ensuring that IT organizations are in position to achieve operational effectiveness and to offer distinctive services to their customers. Its ultimate goal is to make the IT organization think and act in a strategic manner.

Part of: IT Service Management

Processes of ITIL Service Strategy
The following processes are part of the ITIL V3 core discipline Service Strategy:


Service Portfolio ManagementProcess Objective is to decide on a strategy to serve customers, and to develop the service provider's offerings and capabilities.
Financial Management
Process Objective is to manage the service provider's budgeting, accounting and charging requirements.

ITIL The Financial Management Process

One of the key function of IT services is to provision stewardship of the IT assets and resources of the organization. This is a key component to managing your organization. Financial Management presents the foundation for planning and executing while also marketing the value of IT to maximize efficiencies. To meet the main objective for IT financial management, organizations commonly have the following processes:

§  Budgeting - The budgeting process predicts and controls expenditures within the organization. This normally is yearly periodic cycle to set capital and operating budgets. Budgets are commonly closely monitored for variances, which will need to be explained.

§  IT accounting - The goal of the IT accounting process is to track how much money an IT organization spends. Additionally, IT accounting helps to justify expenditure on new and better services. Commonly a financial analyst within IT or finance is accountable for IT accounting.

§  Charging - Charging is the process of billing the customer for services rendered. Unlike budgeting and IT accounting, which are required in the implementation of financial management for IT services, charging is optional.

Budgeting enables a department to do IT accounting, which in turn helps one account for the budget. The budgeting process yields financial targets, and the IT accounting process portrays the cost models for all known costs.

The charging process, however, is optional. If your organization chooses to include charging, it would be able to recover the costs of IT services, or even make a profit, depending on the management philosophy. This process has not be common in the healthcare it organizations. One key item to consider for a charge back process is to effectively implement it so that it brings opportunity for discussion on the value of IT services. Commonly charge back process implemented poorly bring untruth of the organization and justify a poor ranking on the healthcare it credibility scale.

The primary objective of financial management for IT services is to provide cost-effective stewardship of the IT assets and monetary resources.

An organization's expenditures are categorized into different cost types. Cost types are broad categories of costs which can be utilized for assigning various cost elements.

There are six commonly defined cost types. The hardware, software, people, and accommodation cost types are self-explanatory. However, the other two are sometimes a little more difficult to understand:

§  External service - These are for services obtained from other companies – an outsource vendor.

§  Transfer - These are costs associated with internal goods or services sold or provided from one part of an organization to another. Hardware, software, people, or accommodation may be regarded as transfer costs. For example, your organization may have a center of excellence in integration. All integration service costs are transferred to the health system from the regional organization.

Each cost element in an IT budget has to be identified. Classifying cost elements within the commonly defined cost types will help you ensure that all cost elements are identified.

To run an IT organization as a business, it's essential that you identify and understand all the costs which are IT’s responsibility. If an organization has an IT accounting process in place, then it most likely also has implemented financial management for IT services.

The IT accounting process is one of the three main processes of financial management for IT services. IT accounting helps to justify expenditures on new and better services. For financial purposes, once you have determined what your cost elements are, you may find it helpful to classify them further. Additional classifications of cost elements are:

§  direct costs

§  indirect costs

§  fixed costs

§  variable costs

§  operational costs

§  capital costs

Another consideration in IT accounting is determining the depreciation of fixed assets. The methods for assessing depreciation should be appropriate to the types of assets and their uses in the business. The decision on which depreciation method to use for fixed assets is based on the method used by the organization for other non-IT assets.

The three most common methods of assessing depreciation are the:

§  Reducing-balance method —This method applies a percentage—40 percent in the first year, 30 percent in the second and last years—of the capital cost, which is written off the net book value each year. The net book value is the difference between the original cost of an asset and the accumulated depreciation to date.

§  Straight-line method —This depreciation method is the most common, where an equal amount—usually a fixed percentage of the purchase cost—is written off the value of the asset each year. This results in the item having a zero net book value after a preset number of years.

§  By-usage method —This is the method in which an asset's depreciation is written off according to the extent of its use. It is common to estimate the total useful life of an asset and to calculate the proportion of the usage during the year.

The charging process requires billing customers for the delivered services in order to recover revenue. Financial management for IT services is responsible for drawing up a charging system. However, bear in mind that within IT financial management, charging is an optional activity.

That's because the concept of charging is often perceived as bureaucratic or too difficult to implement fairly. Organizations that implement charging normally introduce it to recover revenue for all the costs incurred for the delivery of IT services. Other reasons why an IT organization may introduce charging are:

§  to reduce overall costs

§  to control customer spending

§  to become aware of non-cost-effective areas

§  to match services to justifiable business needs.

In addition, a charging system should help an IT organization determine the most suitable charging policies for its business and shape customer and user behavior to ensure optimal return on the organization's IT investment. To achieve these goals, IT organizations may consider different charging systems such as:

§  differential charging —Differential charging is useful when setting different charges for different usage of the same or similar services.

§  notional charging —Notional charging helps prepare an organization for setting up the initial charging system.

§  full charging —Full charging entails recovering revenue for all costs associated with providing an IT service.

Business divisions may make unrealistic, competing, or unjustifiable demands on the available fixed resources. One way to counter these demands is to implement a charging system.

A charging system should be simple, fair, and realistic. You and your organization will want to consider four factors before implementing any of the three charging systems. They are:

§  level of recovery of expenditure required

§  desire to influence customer and user behavior

§  ability to recover costs according to usage

§  control of the internal market

Setting agreed-upon rates for charging customers is referred to as pricing. Charging is the process that is used to bill customers for the delivered services.

Five common pricing methods to consider are:

1.     cost

2.     cost plus

3.     going rate

4.     market price

5.     fixed price.

Whichever charging or pricing method you choose, it is crucial that your customers know your choice. That way they can accurately tailor their budget forecasts and service level requirements. It is also important to understand how to record cost elements to their corresponding cost type and classify them appropriately.

Organizations must have a dedicated finance manager who is responsible for implementing and maintaining financial management for IT services.

IT financial management revolves around the following three processes:

§  Budgeting —This is the process of predicting and controlling expenditures within the organization. To effectively carry out this process, organizations use a periodic negotiation cycle to set budgets as well as the day-to-day monitoring of current budgets.

§  IT accounting —The goal of the IT accounting process is to track how much money an IT organization spends. Additionally, IT accounting helps to justify expenditure on new and better services.

§  Charging —This is the process of billing the customer for services rendered. Unlike budgeting and IT accounting, which are required in the implementation of financial management for IT services, charging is optional.

IT finance managers can ensure that financial management operates efficiently and effectively through continual communication with other IT service management processes and the organization's customers. All the IT service management (ITSM) processes must work with one another for IT service management to be effective. Financial management for IT services is no exception.

IT financial management has particularly close relationships with the following processes:

§  Service level management (SLM) —Service level management negotiates with financial management about the costs of meeting current and new business demand. SLM is the service delivery process that entails planning, agreeing upon, and monitoring service level agreements.

§  Capacity management —Capacity management supports investment budgeting, cost-benefit analysis, and investment decisions. Capacity management also provides essential information for charging for capacity-related services, such as the allocation of network capacity.

§  Configuration management —Configuration management stores budgeting and IT accounting information for financial management in the configuration management database (CMDB). Financial management provides configuration management with cost information.

When implementing financial management for IT services, keep in mind that the process has particular dependencies and responsibilities with respect to other ITSM processes.

There are a number of common potential problems related to the implementation and ongoing operations of financial management for IT services, particularly with IT accounting and charging.

Common problems associated with the implementation and operations of financial management for IT services are:

§  Lack of management commitment —This is a potential problem because senior managers may not understand the benefits gained from IT financial management and resent the additional overhead.

§  Difficulty quantifying indirect costs —This is a common problem of financial management for IT services. Finding an appropriate and fair strategy for distributing all costs of a service to the proper group can be difficult.

§  Dependence on other ITSM processes —IT financial management relies on other ITSM processes to deliver information. If the information is delayed, the process will not function effectively or efficiently. The timing of the delivery is essential in the execution of financial management.

§  Finding a skilled finance manager —Finding personnel who are familiar with both IT and accounting can be one of the biggest challenges of implementing financial management.

§  Lack of cost documentation —Very little documentation exists about how to record and monitor costs, which means that IT personnel don't always accurately record and monitor the costs that would help the finance manager implement an effective charging system.

In addition, certain costs are associated with implementing, maintaining, planning, and managing financial management for IT services such as:

§  Additional computing resources - These include extra resources such as network sniffers, needed to automate and facilitate IT accounting and charging, and barcode wands, needed to swipe asset tags and facilitate inventory audits.

§  Tools - The purchase and support of tools, such as software and hardware required for carrying out the main financial management processes.

§  Administration and organization - These costs include training staff to implement and maintain financial management.

You will find that there will always be problems and costs associated with implementing financial management in IT services, but most finance managers agree that the benefits easily outweigh the problems and costs.