This article will center on Incident Management Process.
What Is Incident Management Process:
In simple terms, incident management is a defined process for logging, recording and resolving incidents. It aims at restoring services as quickly as possible, often through a work around or temporary fixes, rather than through trying to find a permanent solution immediately.
An incident is an event that could lead to loss of, or disruption to, an organization’s operations, services or functions. If not managed an incident can escalate into an emergency, crisis or a disaster. Incident management is therefore the process of limiting the potential disruption caused by such an event, followed by a return to business as usual.
Effective incident management requires an organization’s wide approach with clear points of accountability for reporting and feedback at all levels in the organization. The principles of transparency, accountability, obligation to act. No blame culture and collaboration should be applied at each step of the incident management process.
Open communication and documentation should occur throughout the entire process.
Incident management should be done in accordance with relevant legislation, standards and policies.
Benefit Of Incident Management
Let us answer that question from this perspective:
Every incident needs a solution, and anyone that has once been involved in an incident will always looks for avenues to prevent a repetition of the incident since the effect most time are not convenient.
It is the same with security incidents. Some time may pass without an incident, but they happen and will happen. Trend reports show that incidents are not becoming fewer. On the contrary they are becoming more advanced and targeted. Although some targets will be more popular than others, there are no safe hide-outs. There are no exceptions to where incident could happen; either in large or small establishment, wealthy establishment or establishment with low financial status.
You should know that it has been reported that a substantial percentage of all incidents taking place has an internal source rather than an external one.
Incidents threaten the organization as a whole. The organization’s primary business process, all its other processes with their reputation. Every part of the organization is in jeopardy when incidents strike. Incident management seeks to control the effect of incidents when they happen. Therefore, incident management serves the primary process and the organization as a whole.
Incident Management Process
The process of incident management requires the incident to go through a structured workflow that encourages efficiency and best results.
The recommended steps for the incident management process follows thus:
- Incident identification: Incident identification comes in different forms depending on the route of communication designed by the organization. It could be through direct reporting, calls, mail, automated notice, alarm, etc.
- Incident logging: This involves incident documentation. This is where information like reporter’s name, contact information, the incident description, the date and time of the incident report, etc, are documented.
- Incident categorization: Set category for the incident. Is it Equipment failure, Hazardous material emission, Faulty design, etc.
- Incident prioritization: Where lots of incidents are being reported simultaneously, incident prioritization is necessary. This will help pick the incident which needs urgent attention; this incident will always be the one that has much impact on the organizational performance.
- Incident response: This will involve initial diagnosis for the incident (Check the immediate cause), Incident escalation (If the incident requires advanced support), investigation (Where the underlying cause of the incident is being elucidated), resolution and recovery (Here immediate response and additional actions needed are determined), Incident closure (After all recommendations have been implemented; both short and long-term recommendations, the incident is officially closed).
As part of the wider management process in private organizations, incident management is followed by post-incident analysis where it is determined why the incident happened despite precautions and controls.
Incident Management Plan
Incident management plan is a structured approach to manage incident when they occur.
Incidents within a structured organization are normally dealt with by either an incident response team (IRT), or an incident management team (IMT). These are often designated beforehand, or during the event and are placed in control of the organization whilst the incident is dealt with, to restore normal functions.
There is also the Incident Command System (ICS). It is a command and control mechanism that provides an expandable structure to manage emergency agencies. Although some of the details vary by jurisdiction, ICS normally consists of five primary elements: command, operations, planning, logistics and finance / administration. Several special staff positions, including public affairs, safety, and liaison, report directly to the incident commander (IC) when the emergency warrants establishment of those positions.
The incident management plan will tend to set the head-way for all incidents:
It will include:
- Incident escalation rules: A set of rules defining a hierarchy for escalating Incidents, and triggers which lead to escalation. Triggers are usually based on Incident severity and resolution times.
- Incident prioritization guideline: Describes the rules for assigning priorities to Incidents, including the definition of what constitutes a major Incident.
- Incident model: Pre-defined steps that should be taken for dealing with a particular type of Incident.
- Responsibilities: Responsibilities should be allotted to workers on issues of incident management. Incident management team should be constituted, which will have the incident commander, chairman of the team or director as the case may be, with other members of the team.
Incident Management Policy
Writing an incident management policy is the first step to ensuring a successful incident management in any organization. The incident management policy will draw out the general mission statement for incident management, allot responsibilities and also draw out plans and procedures to successful implementation of the incident management policy.