Branimir Valentic
May 21, 2013
Implementation, maintenance, training, and knowledge products for Information Security Management Systems (ISMS) according to the ISO 27001 standard.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
All required policies, procedures, and forms to implement an ISMS according to ISO 27001.
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful ISMS.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance and training products for critical infrastructure organizations for the European Union’s Network and Information Systems cybersecurity directive.
All required policies, procedures, and forms to comply with the NIS 2 cybersecurity directive.
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Compliance and training products for personal data protection according to the European Union’s General Data Protection Regulation.
All required policies, procedures, and forms to comply with the EU GDPR privacy regulation.
Accredited courses for individuals and privacy professionals who want the highest-quality training and certification.
Implementation, training, and knowledge products for Quality Management Systems (QMS) according to the ISO 9001 standard.
All required policies, procedures, and forms to implement a QMS according to ISO 9001.
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for Environmental Management Systems (EMS) according to the ISO 14001 standard.
All required policies, procedures, and forms to implement an EMS according to ISO 14001.
Accredited courses for individuals and environmental professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 14001 and the EMS using Advisera’s proprietary AI-powered knowledge base.
Implementation and training products for Occupational Health & Safety Management Systems (OHSMS) according to the ISO 45001 standard.
All required policies, procedures, and forms to implement an OHSMS according to ISO 45001.
Accredited courses for individuals and health & safety professionals who want the highest-quality training and certification.
Implementation and training products for medical device Quality Management Systems (QMS) according to the ISO 13485 standard.
All required policies, procedures, and forms to implement a medical device QMS according to ISO 13485.
Accredited courses for individuals and medical device professionals who want the highest-quality training and certification.
Compliance products for the European Union’s Medical Device Regulation.
All required policies, procedures, and forms to comply with the EU MDR.
Implementation products for Information Technology Service Management Systems (ITSMS) according to the ISO 20000 standard.
All required policies, procedures, and forms to implement an ITSMS according to ISO 20000.
Implementation products for Business Continuity Management Systems (BCMS) according to the ISO 22301 standard.
All required policies, procedures, and forms to implement a BCMS according to ISO 22301.
Implementation products for testing and calibration laboratories according to the ISO 17025 standard.
All required policies, procedures, and forms to implement ISO 17025 in a laboratory.
Implementation products for automotive Quality Management Systems (QMS) according to the IATF 16949 standard.
All required policies, procedures, and forms to implement an automotive QMS according to IATF 16949.
Implementation products for aerospace Quality Management Systems (QMS) according to the AS9100 standard.
All required policies, procedures, and forms to implement an aerospace QMS according to AS9100.
Implementation, maintenance, training, and knowledge products for consultancies.
Handle multiple ISO 27001 projects by automating repetitive tasks during ISMS implementation.
All required policies, procedures, and forms to implement various standards and regulations for your clients.
Organize company-wide cybersecurity awareness program for your client’s employees and support a successful cybersecurity program.
Accredited ISO 27001, 9001, 14001, 45001, and 13485 courses for professionals who want the highest-quality training and recognized certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Find new clients, potential partners, and collaborators and meet a community of like-minded professionals locally and globally.
Implementation, maintenance, training, and knowledge products for the IT industry.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance, training, and knowledge products for essential and important organizations.
Documentation to comply with NIS 2 (cybersecurity), GDPR (privacy), ISO 27001 (cybersecurity), and ISO 22301 (business continuity).
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for manufacturing companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for transportation & distribution companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for schools, universities, and other educational organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), and GDPR (privacy).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for telecoms.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for banks, insurance companies, and other financial organizations.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for local, regional, and national government entities.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for hospitals and other health organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), and GDPR (privacy).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the medical device industry.
Documentation to comply with MDR and ISO 13485 (medical device), ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), and GDPR (privacy).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the aerospace industry.
Documentation to comply with AS9100 (aerospace), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the automotive industry.
Documentation to comply with IATF 16949 (automotive), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for laboratories.
Documentation to comply with ISO 17025 (testing and calibration laboratories) and ISO 9001 (quality).
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
I am sure that you have heard users of an IT service say that they have problems, errors, malfunctioning or something similar when there is degradation in the service. Based on ITIL methodology, they are having Incident(s). ITIL defines an Incident as “unplanned interruption to an IT service or reduction in the quality of an IT service or a failure of a CI (Configuration Item) that has not yet impacted an IT service.” We define normal operating state of a Service through SLA parameters, service description and operational parameters. If they are not achieved – an Incident has occurred.
Why are Incidents and the Incident Management process so important? Because Incidents are a user’s introduction to a support organization. When an Incident occurs, users need support from their service provider, and the Incident Management process starts.
If we consider the complete lifecycle of an IT service, Service Operation (where Incident Management is defined) is part of the service lifecycle, for most of the services that last longest. This means that the support organization is around for a long time when needed by their users. That’s one of the reasons why an efficient Incident Management process is important. Another reason is that users typically don’t see Problem Management or Change Management (or, at least, the bulk of the change process). They are also very important, but not right in front of users like Incident Management.
Incident Management is not an “isolated island” in IT Service Management. It influences, or is influenced by, many other processes in IT Service Management. Incident Management’s task is to restore normal service operation as quickly as possible. This will quite often include implementation of various workarounds – just to enable service operation as quickly as possible. But, that doesn’t mean that we know what really caused an Incident. That is the aim of Problem Management. When Problem Management defines the root cause of one or more Incidents, it could start Change Management. Since change includes equipment or CIs (Configuration Items) in most of the cases, for efficient Change Management it is advisable to have Service Asset and Configuration Management in place. On the other side, an Incident could be started by an Event, which is handled by Event Management.
Besides Event Management and monitoring tools, an Incident could be started in several ways:
It’s important that the lifecycle of all Incidents are managed by the Incident Management process. Efficient support organizations use tools to manage Incidents. Tools provide many functions, but from experience, there are a few elements that are important for Incident handling:
Self-service portal – web-based interface that users use to open, escalate or control status of Incidents they open. The portal is an integral part of the IT Service Management tool. It should be simple to use and it should not require too much information from the user (requestor/user data, subject, description, category/topic and priority).
Incident category (or Incident topic) – information that relates to the Incident catalogue, used to categorize the Incident and (optionally) direct the Incident ticket to a specific support group. Incident ticket routing based on category can speed up resolution of an Incident, but I saw some examples where an Incident was routed to a group which contained only one person. If that person is absent, the Incident will not be resolved. The category is defined in the Incident catalogue.
Priority – correct prioritization is important due to the obligations defined in the SLA. That directly impacts the order in which Incidents will be handled. For example, if two Incidents are not assigned to a support person, the Incident that requires less time to resolve must be handled first. To learn more about setting priorities, read this article: All About Incident Classification.
Service Desk – one of the functions according to ITIL. It’s a single point of contact for users and, if not opened via self-service portal, the starting point of an Incident. Incident Management and Service Desk are tied together. If a user contacts the Service Desk, it is important that the Service Desk gathers as much information as possible about the Incident. This will contribute to the quality and time effectiveness of the Incident resolution.
Support groups – it is common situation that Incident Management has several support levels. There are many reasons for that, I will mention just few. Sometimes there are many services in use. Or they are specific and it is hard to have knowledge about every single service or services that are customer specific (e.g. custom implementation of networking technology). Therefore, more expert knowledge is needed to solve Incidents. So organizations have 2nd or 3rd level support. Or they include vendors in their Incident (or Problem) Management process. This is functional escalation. It is important to have governance on Incidents so they don’t get lost in re-routing between support groups.
Figure: Example of Functional and Hierarchical escalation of Incidents
When implementing IT Service Management (based on ITIL) Incident Management is usually first (or one of the first) processes to implement. With or without tool implementation, quality of abovementioned elements is equally important. If not implemented, either clear communication and reachability of the support organization will fail (missing self-service portal or service desk), or the Incident process will be incomplete (lack of technical expertise needed to solve complicated incidents if there are no support teams in functional escalation, or difficulties in compliance with SLA if priorities and categories are not defined and matched).
Efficient Incident Management is the foundation of a support organization. It highly influences users’ perception of the IT support organization, and serves as a starting point for other processes inside the IT support organization like Change Management or Problem Management. With poorly implemented Incident Management, other processes will lack the data needed to provide results. Therefore, value created by the Incident Management process will be seen both externally by customers, and internally by other processes and functions in IT Service Management. Incident Management should be the rock on which IT Service Management processes and organizations are built.
Download a free sample of our Incident Management process template to gain more knowledge regarding incident management.
You may unsubscribe at any time. For more information please see our privacy notice.