Incident Management Guidance for Every Organization

Nancy Van Elsacker Louisnord

In incident management, we often overlook the simple things in favor of trying to do too much, too soon. Why not make sure we've done the fundamentals properly? Incident management describes the activities of an organization to identify, analyze and correct hazards to prevent a future reoccurrence of an incident. These incidents within a structured organization are normally dealt with by either an incident response team, or an incident management team. These are often designated beforehand, or during the event and are placed in control of the organization whilst the incident is dealt with, to restore normal functions. An incident is an event that can lead to loss of or disruption to an organization's operations, services or functions. If not managed properly, an incident can escalate into an emergency, so you must be able to limit any potential disruption because of it and get business back to normal as quickly as possible. Activities of incident management that must be taken, as defined by ITIL v3, include: ■ Identify and detect the incident ■ Register the incident in your incident management system ■ Categorize the incident by priority, SLA, etc. ■ Prioritize the incident for best utilization of the resources and the support staff time ■ Diagnose the incident ■ Escalation of the incident to determine if your support staff needs any help from other organizational units ■ Investigate the incident and identify the root cause ■ Resolve the incident once found ■ Close out the incident after it is resolved and detail the plan, action and outcome in the incident management system With all of these guidelines, and calls to action, why then not make sure we've done the fundamentals correctly?

Log everything, every incident

Wise counsel but not always done. Logging every incident should be the first task after an incident has been corrected. Here's a classic real-world example that makes the point beautifully: It's a typical Tuesday morning and the internet's gone down in an important meeting room and your CEO is about to make a major presentation to the board in it. Obviously, she's concerned so you sprint there and, thankfully, you manage to right the problem in under 10 minutes. On your way back to the service desk, you grab a coffee and breathe a sigh of relief then hurry back to answer another incoming call. What have you forgotten to do? Log the incident! No matter how urgent the call, or how important the caller, absolutely every call should be registered as soon as it's been resolved.

Fill in everything

In addition to registering the call, it's imperative that as many of the fields within your incident record are filled in as possible. The best way to ensure this happens is to make fields mandatory, and service desk operatives should be encouraged to complete all fields in the incident record report. The biggest benefit of doing this is that when it comes to reporting incidents, you'll get out exactly what you put in. Knowing the "method of entry" for every Incident also allows you the ability to establish the proportion of calls that came in through the self-service portal (if you have one). These statistics could end up being used to show your boss how well the self-service portal is working and to spread the word about it.

Keep things tidy

Another thing that can be overlooked is making sure that your incident management categories are assessed properly. Don't be afraid to clear out subcategories in your incident management report that are either rarely used or not used at all. Tailor and filter the settings of your categories and subcategories to the different service desk teams. Also, never provide the option to select either "other" or "general" as drop-down options. This eliminates discrepancies and ensures that your incident management reports are as accurate as they can be.

Keep your team up to speed

Ensure that all service desk employees are following the same troubleshooting procedures right from the offset. What's more, regular reminder sessions about the best use of your ITSM tool, and tips for resolving calls more effectively, could be of use here. But remember that while it's great to have quick-fixes and default text set up, this shouldn't mean that staff on the service desk can become lazy. The tone of each operator must still be universal in its nature, to represent the organization as a whole.

The best way to resolve calls

What's the fastest, most reliable way to resolve a call? While this will differ from organization to organization, there are some general rules that you might apply: ■ If possible, take advantage of standard solutions when you can. Doing so will allow you to autofill your forms with information if you have this set up in your system. ■ If your incident management process allows you to insert "default texts" into the progress trail of your calls, doing so could be useful for simply letting a caller know that you're working on their ticket. ■ Gather enough information about the issue so that if it's escalated to second or third line staff they have the insight they need to help them troubleshoot the call. This also applies if another colleague takes the call in your place. ■ Follow the advice previously mentioned in this piece.

Related Links

Hot Topics

The Latest

Operator to Orchestrator: 80% of IT Pros See Shift in Role as AI Permeates Workflows

80% of respondents agree that the IT role is shifting from operators to orchestrators, according to the 2026 IT Trends Report: The Human Side of Autonomous IT from SolarWinds ...

Gartner: 40% of Organizations Deploying AI Will Use AI Observability to Monitor Model Performance by 2028

40% of organizations deploying AI will implement dedicated AI observability tools by 2028 to monitor model performance, bias and outputs, according to Gartner ...

Almost Half of AI-Generated Code Fails in Production

Until AI-powered engineering tools have live visibility of how code behaves at runtime, they cannot be trusted to autonomously ensure reliable systems, according to the State of AI-Powered Engineering Report 2026 report from Lightrun. The report reveals that a major volume of manual work is required when AI-generated code is deployed: 43% of AI-generated code requires manual debugging in production, even after passing QA or staging tests. Furthermore, an average of three manual redeploy cycles are required to verify a single AI-suggested code fix in production ...

AI Requires Design, Not Edicts

Many organizations describe AI as strategic, but they do not manage it strategically. When AI plans are disconnected from strategy, detached from organizational learning, and protected from serious assumptions testing, the problem is no longer technical immaturity; it is a failure of management discipline ... Executives too often tell organizations to "use AI" before they define what AI is supposed to change. The problem deepens in organizations where strategy isn't well articulated in the first place ...

How Intelligent Orchestration Enables Enterprises to Move from AI POC to AI Production

Across the enterprise technology landscape, a quiet crisis is playing out. Organizations have run hundreds, sometimes thousands, of generative AI pilots. Leadership has celebrated the proof of concept (POCs) ... Industry experience points to a sobering reality: only 5-10% of AI POCs that progress to the pilot stage successfully reach scaled production. The remaining 90% fail because the enterprise environment around them was never ready to absorb them, not the AI models ...

Reliability Is the New Bottleneck of Innovation

Today's modern systems are not what they once were. Organizations now rely on distributed systems, event-driven workflows, hybrid and multi-cloud environments and continuous delivery pipelines. While each adds flexibility, it also introduces new, often invisible failures. Development speed is no longer the primary bottleneck of innovation. Reliability is ...

5 Takeaways from the Observability Forecast for Retail and eCommerce

Seeing is believing, or in this case, seeing is understanding, according to New Relic's 2025 Observability Forecast for Retail and eCommerce report. Retailers who want to provide exceptional customer experiences while improving IT operations efficiency are leaning on observability ... Here are five key takeaways from the report ...

Maximizing Impact Amid Constraints: The Role of Automation and Orchestration in Federal IT Modernization

Technology leaders across the federal landscape are facing, and will continue to face, an uphill battle when it comes to fortifying their digital environments against hostile and persistent threat actors. On one hand, they are being asked to push digital transformation ... On the other hand, they are facing the fiscal uncertainty of continuing resolutions (CR) and government shutdowns looming near and far. In the face of these challenges, CIOs, CTOs, and CISOs must figure out how to modernize legacy systems and infrastructure while doing more with less and still defending against external and internal threats ...

The SRE Report 2026: Reliability Is Being Redefined

Reliability is no longer proven by uptime alone, according to the The SRE Report 2026 from LogicMonitor. In the AI era, it is experienced through speed, consistency, and user trust, and increasingly judged by business impact. As digital services grow more complex and AI systems move into production, traditional monitoring approaches are struggling to keep pace, increasing the need for AI-first observability that spans applications, infrastructure, and the Internet ...

The Hidden Data Engineering Work Required to Make Enterprise AI Viable

If AI is the engine of a modern organization, then data engineering is the road system beneath it. You can build the most powerful engine in the world, but without paved roads, traffic signals, and bridges that can support its weight, it will stall. In many enterprises, the engine is ready. The roads are not ...

Incident Management Guidance for Every Organization

Nancy Van Elsacker Louisnord

In incident management, we often overlook the simple things in favor of trying to do too much, too soon. Why not make sure we've done the fundamentals properly? Incident management describes the activities of an organization to identify, analyze and correct hazards to prevent a future reoccurrence of an incident. These incidents within a structured organization are normally dealt with by either an incident response team, or an incident management team. These are often designated beforehand, or during the event and are placed in control of the organization whilst the incident is dealt with, to restore normal functions. An incident is an event that can lead to loss of or disruption to an organization's operations, services or functions. If not managed properly, an incident can escalate into an emergency, so you must be able to limit any potential disruption because of it and get business back to normal as quickly as possible. Activities of incident management that must be taken, as defined by ITIL v3, include: ■ Identify and detect the incident ■ Register the incident in your incident management system ■ Categorize the incident by priority, SLA, etc. ■ Prioritize the incident for best utilization of the resources and the support staff time ■ Diagnose the incident ■ Escalation of the incident to determine if your support staff needs any help from other organizational units ■ Investigate the incident and identify the root cause ■ Resolve the incident once found ■ Close out the incident after it is resolved and detail the plan, action and outcome in the incident management system With all of these guidelines, and calls to action, why then not make sure we've done the fundamentals correctly?

Log everything, every incident

Wise counsel but not always done. Logging every incident should be the first task after an incident has been corrected. Here's a classic real-world example that makes the point beautifully: It's a typical Tuesday morning and the internet's gone down in an important meeting room and your CEO is about to make a major presentation to the board in it. Obviously, she's concerned so you sprint there and, thankfully, you manage to right the problem in under 10 minutes. On your way back to the service desk, you grab a coffee and breathe a sigh of relief then hurry back to answer another incoming call. What have you forgotten to do? Log the incident! No matter how urgent the call, or how important the caller, absolutely every call should be registered as soon as it's been resolved.

Fill in everything

In addition to registering the call, it's imperative that as many of the fields within your incident record are filled in as possible. The best way to ensure this happens is to make fields mandatory, and service desk operatives should be encouraged to complete all fields in the incident record report. The biggest benefit of doing this is that when it comes to reporting incidents, you'll get out exactly what you put in. Knowing the "method of entry" for every Incident also allows you the ability to establish the proportion of calls that came in through the self-service portal (if you have one). These statistics could end up being used to show your boss how well the self-service portal is working and to spread the word about it.

Keep things tidy

Another thing that can be overlooked is making sure that your incident management categories are assessed properly. Don't be afraid to clear out subcategories in your incident management report that are either rarely used or not used at all. Tailor and filter the settings of your categories and subcategories to the different service desk teams. Also, never provide the option to select either "other" or "general" as drop-down options. This eliminates discrepancies and ensures that your incident management reports are as accurate as they can be.

Keep your team up to speed

Ensure that all service desk employees are following the same troubleshooting procedures right from the offset. What's more, regular reminder sessions about the best use of your ITSM tool, and tips for resolving calls more effectively, could be of use here. But remember that while it's great to have quick-fixes and default text set up, this shouldn't mean that staff on the service desk can become lazy. The tone of each operator must still be universal in its nature, to represent the organization as a whole.

The best way to resolve calls

What's the fastest, most reliable way to resolve a call? While this will differ from organization to organization, there are some general rules that you might apply: ■ If possible, take advantage of standard solutions when you can. Doing so will allow you to autofill your forms with information if you have this set up in your system. ■ If your incident management process allows you to insert "default texts" into the progress trail of your calls, doing so could be useful for simply letting a caller know that you're working on their ticket. ■ Gather enough information about the issue so that if it's escalated to second or third line staff they have the insight they need to help them troubleshoot the call. This also applies if another colleague takes the call in your place. ■ Follow the advice previously mentioned in this piece.

Related Links

Hot Topics

The Latest

Operator to Orchestrator: 80% of IT Pros See Shift in Role as AI Permeates Workflows

80% of respondents agree that the IT role is shifting from operators to orchestrators, according to the 2026 IT Trends Report: The Human Side of Autonomous IT from SolarWinds ...

Gartner: 40% of Organizations Deploying AI Will Use AI Observability to Monitor Model Performance by 2028

40% of organizations deploying AI will implement dedicated AI observability tools by 2028 to monitor model performance, bias and outputs, according to Gartner ...

Almost Half of AI-Generated Code Fails in Production

Until AI-powered engineering tools have live visibility of how code behaves at runtime, they cannot be trusted to autonomously ensure reliable systems, according to the State of AI-Powered Engineering Report 2026 report from Lightrun. The report reveals that a major volume of manual work is required when AI-generated code is deployed: 43% of AI-generated code requires manual debugging in production, even after passing QA or staging tests. Furthermore, an average of three manual redeploy cycles are required to verify a single AI-suggested code fix in production ...

AI Requires Design, Not Edicts

Many organizations describe AI as strategic, but they do not manage it strategically. When AI plans are disconnected from strategy, detached from organizational learning, and protected from serious assumptions testing, the problem is no longer technical immaturity; it is a failure of management discipline ... Executives too often tell organizations to "use AI" before they define what AI is supposed to change. The problem deepens in organizations where strategy isn't well articulated in the first place ...

How Intelligent Orchestration Enables Enterprises to Move from AI POC to AI Production

Across the enterprise technology landscape, a quiet crisis is playing out. Organizations have run hundreds, sometimes thousands, of generative AI pilots. Leadership has celebrated the proof of concept (POCs) ... Industry experience points to a sobering reality: only 5-10% of AI POCs that progress to the pilot stage successfully reach scaled production. The remaining 90% fail because the enterprise environment around them was never ready to absorb them, not the AI models ...

Reliability Is the New Bottleneck of Innovation

Today's modern systems are not what they once were. Organizations now rely on distributed systems, event-driven workflows, hybrid and multi-cloud environments and continuous delivery pipelines. While each adds flexibility, it also introduces new, often invisible failures. Development speed is no longer the primary bottleneck of innovation. Reliability is ...

5 Takeaways from the Observability Forecast for Retail and eCommerce

Seeing is believing, or in this case, seeing is understanding, according to New Relic's 2025 Observability Forecast for Retail and eCommerce report. Retailers who want to provide exceptional customer experiences while improving IT operations efficiency are leaning on observability ... Here are five key takeaways from the report ...

Maximizing Impact Amid Constraints: The Role of Automation and Orchestration in Federal IT Modernization

Technology leaders across the federal landscape are facing, and will continue to face, an uphill battle when it comes to fortifying their digital environments against hostile and persistent threat actors. On one hand, they are being asked to push digital transformation ... On the other hand, they are facing the fiscal uncertainty of continuing resolutions (CR) and government shutdowns looming near and far. In the face of these challenges, CIOs, CTOs, and CISOs must figure out how to modernize legacy systems and infrastructure while doing more with less and still defending against external and internal threats ...

The SRE Report 2026: Reliability Is Being Redefined

Reliability is no longer proven by uptime alone, according to the The SRE Report 2026 from LogicMonitor. In the AI era, it is experienced through speed, consistency, and user trust, and increasingly judged by business impact. As digital services grow more complex and AI systems move into production, traditional monitoring approaches are struggling to keep pace, increasing the need for AI-first observability that spans applications, infrastructure, and the Internet ...

The Hidden Data Engineering Work Required to Make Enterprise AI Viable

If AI is the engine of a modern organization, then data engineering is the road system beneath it. You can build the most powerful engine in the world, but without paved roads, traffic signals, and bridges that can support its weight, it will stall. In many enterprises, the engine is ready. The roads are not ...