HOW EFFECTIVE IS YOUR INCIDENT MANAGEMENT PRACTICE?

I have been drafting the content of our ‘How to Adopt ITIL’ (working title) book and thought I’d share some ideas with you on various topics that we’ll be addressing in the book. I’ll try to draft one article every week or two, so watch this space.

I’ve lost count of the number of clients that Infrassistance has advised on the management of incidents. Here’s ten universal truths we’ve learnt. If anyone can say with confidence that they have no issue with all ten, I’ll happily name-check them!

1)     Almost every organisation would benefit from reviewing their incident categorisation. Some have too many (over 500 – resulting in 92% being recorded as ‘Other!’ in one classic example) some have too few (24 really isn’t enough to support root cause analysis) and many do not validate the category at closure, despite the fact that approximately 70% of initial categorisation is wrong, causing incidents to ‘bounce’ between resolver groups.

2)     Fewer than 1% of IT departments can confidently put a figure on the cost of a major incident. There are four elements; the internal rework, lost user time, business impact and reputational damage – all of these are measurable and can be used to justify investment in problem management.

3)     Do you have a ‘Shift Left’ policy?  Fewer than 40% do. This means actively moving resolution back from third line to second line to first line and then self-support.

4)     Do you have an active contact reduction policy? Typically 65-75% of contacts add no value to either party and are often represented by ‘Chase calls’ such as “When will my incident be fixed?”

5)     Fewer than 15% of IT departments have an Incident Manager. Without this role, who is actively managing incidents across the various resolver groups, updating the priority and maintaining contact with users and customers?

6)     Fewer than 2% of organisations pre-define the impact of incidents from the configuration management system, yet this is easy, time-saving and avoids subjective assessment of impact.

7)     Incident matching is a rare capability either because of the limitations of the toolset or the inadequate data to which it has access, yet this can be the most effective way to restore service, namely by repeating what was done previously in the same circumstances.

8)     First line incident fix rate is the best yet most mis-used measurement. You must not include service requests, do not measure ‘first time fix’ (a contact centre metric) and focus on the complement to understand how to improve the value.

9)     Fewer than 35% of service desks have access to a Known Error Database compiled from the development teams during testing, yet this can save a lot of investigative time and result in rapid service restoration if there is an associated workaround.

10) And finally, the most common complaint from second line teams is a lack of detail on the incident record about what the analyst did before escalating the record. The most common complaint from the service desk is that second line put one word on the ticket: ‘Fixed!’