ITILPreparing for a major incident

ITIL defines a major incident as the highest category of impact for an incident; a major incident results in significant disruption to the business. Like most things ITIL, the exact definition and criteria for what makes a major incident a major incident will vary from organization to organization, depending on the needs of the organization. For healthcare organizations, one of the primary criteria for declaring major incidents is when an incident has the potential to affect patient care. For a staffing/contracting firm, the criteria may involve timekeeping and billing software for contract employees. For just about everyone, email being unavailable would qualify. Even if you aren’t focused on ITIL best practices or terminology, you’re probably doing some form of major incident management as you deal with unscheduled outages or downtime. 

We here at Symphony SummitAI look at a major incident based on when it was logged. Then we move it to a Problem Record (PR) to perform a Root Cause Analysis (RCA). From there the goal is to identify the cause, find a permanent solution, and avoid similar major incidents in future. The PRs are created for major incidents based on the configuration. 

Let’s explore how you and your team can prepare not just yourselves but your help desk software to handle a major incident.  

How often does this happen and why should you be prepared in your incident management system? 

Hopefully, major incidents are not a regular occurrence, but never the less you need to make sure that you are prepared for them. Knowing how to identify a major incident is the best place to start. Analyzing historical data including resolutions and RCA’s of previous major incidents can help you be prepared for future issues. Once you know what to look for, you can add parameters around identifying a major incident in your current environment. Have multiple incidents been reported in the past 30 minutes regarding the same service? Is this affecting a majority our end users? If so, you may have a major incident happening.  

What qualifications should you put in place? 

Sometimes multiple tickets might feel like a major incident but it’s critical to map with your team and your service desk software what actually constitutes a major incident. Here are four areas you should configure in your ITSM solution to ensure everyone is on the same page when identifying a major incident.  

  1. Category 
  2. Priority levels  
  3. Number of Child Incidents linked  
  4. Number of Open Incidents for this Category 

SummitAI Major Incident

What incident management communications strategy should be in place? 

  • Automated notifications and updates. This isn’t just limited to the announcements in a self-service portal. By linking voice, sms, email, and a mobile app the support teams, as well as the users, can stay up to date on the major incident. And, no, it’s not a one-size-fits-all for notifications! Customizing it to the correct team members ensures that your staff knows when they receive an update they should pay attention.  
  • Scheduling a meeting with an integrated conference bridge. When major incidents occur, sometimes it’s all hands on deck, so how do you ensure that your team knows when to meet and discuss these items? Scheduling meetings straight through the service desk solution ensures a streamlined view and approach to handling the big stuff.  

If you’d like a customized demo of the Symphony SummitAI platform, click here. We’d love to show you how our service management solutions can help you better handle your next major incident.  

Tim Lawes

Senior Manager, Solutions Consulting at Symphony SummitAI

Leave a Reply