Last updated on: July 18, 2019

IT incident management is one of the help desk's fundamental processes. In this guide, you will learn about the basics of incident management, its components, the roles and responsibilities involved, and how incident management works with other components of the service desk.

In this incident management guide, we will discuss the following:

  1. Incident definition
  2. ITIL incident management life cycle/process flow
  3. Incident management roles and responsibilities
  4. Incident management KPIs
  5. Incident management benefits and advantages
  6. Incident management best practices
  7. Incident management software feature checklist
  8. Difference between incident management and problem management
  9. Difference between incident management and change management
  10. Difference between incident management and asset management
  11. ITIL glossary for incident management

Incident management

What is an IT incident?

An IT incident is any disruption to an organization's IT services that affects anything from a single user or the entire business . In short, an incident is anything that interrupts business continuity.

What is IT incident management?

Incident management is the process of managing IT service disruptions and restoring services within agreed service level agreements (SLAs).

The scope of incident management starts with an end user reporting an issue and ends with a service desk team member resolving that issue. 

The Stages in Incident Management 

With proper incident management in place, collecting information about incidents is streamlined and less chaotic without having emails fly back and forth for the purpose. Service desk teams can publish forms in t user  self-service portal to ensure that all relevant information is collected right at the time of ticket creation. 

The next stage in incident management is incident categorization and prioritization. This not only helps sort incoming tickets but also ensures that the tickets are routed to the technicians, most qualified to work on the issue.  Incident categorization also helps the service desk system apply the most appropriate SLAs to incidents and communicate those priorities to end users. Once an incident is categorized and prioritized, technicians can diagnose the incident and provide the end user with a resolution.

Incident management process when enabled with the relevant automations allows service desk teams to keep an eye on SLA compliance, and sends notifications to technicians when they are approaching an SLA violation; technicians also have the option to escalate SLA violations by configuring automated escalations , as applicable to the incident. After diagnosing the issue, the technician offers the end user a resolution, which the end user can validate.  This multistep process ensures that any IT issue affecting business continuity is resolved as  soon as possible. 

How to classify IT incidents

Incidents in an IT environment can be categorized in several different ways. Some factors that influence incident categorization include the urgency of the incident and the severity of its impact on users or the business in general. Classifying and categorizing IT incidents helps identify and route incidents to the right technician, saving time and effort. For example, incidents can be classified as major or minor incidents based on their impact on the business and their urgency. Typically major incidents are the ones that affect business-critical services, thus affecting the entire organization, and need immediate resolutions. Minor incidents usually impact a single user or a department, and might have a documented resolution in place already.

What happens when you don't have IT incident management in place?

Incident management covers every aspect of an incident across its life cycle. It speeds up the resolution process and makes ticket management transparent. Without incident management, handling tickets can be a hassle. Some of the key problems that can arise include:

Looking to streamline incident management in your organisation?

Schedule a ServiceDesk Plus demo

Who uses IT incident management?

Incident management practices are widely used by the IT service desk teams. Service desks are usually the single point of contact for end users to report issues to IT management teams.

The IT incident management lifecycle

The incident management process can be summarized as follows:

ITIL incident management process flow chart

Incident management life cycle

These processes may be simple or complex based on the type of incident; they also may include several workflows and tasks in addition to the basic process described above.

Post-incident review

After an incident has been closed, it's good practice to document all the takeaways from that incident. This helps better prepare teams for future incidents and creates a more efficient incident management process. The post-incident review process can be broken down into various aspects, as shown below, and is particularly useful for major incidents.

Internal evaluation

External evaluation - End User surveys

Apart from the above factors, some end-user facing factors should also be evaluated. For this purpose, a post-closure survey is conducted to collect feedback from the end users affected by the incident. This survey should be used to gain insight in some key areas, like:

Build your custom incident management workflows

Try ServiceDesk Plus now

The roles and responsibilities involved in IT incident management

Although each organization can have their own custom roles and responsibilities, below are some of the most common IT incident management roles.

Each role has unique responsibilities, as shown below.

The key performance indicators for IT incident management

Metrics that drive important decisions are termed key performance indicators (KPIs). Below are a few KPIs for effective IT incident management. 

Average resolution time

The average time taken to resolve an incident.

Average initial response time

The average time taken to respond to each incident. 

SLA compliance rate

The percentage of incidents resolved within an SLA.

First call resolution rate

Percentage of incidents resolved in the first call.

Number of repeat incidents

The number of identical incidents logged within a specific time frame.

Reopen rates

The percentage of resolved incidents that were reopened. 

Incident backlog

The number of incidents that are pending in the queue without a resolution.

Percentage of major incidents

The number of major incidents compared to the total number of incidents. 

Cost per ticket

The average expense pertaining to each ticket. 

End user satisfaction rates

The number of end users or customers who were satisfied with the IT services delivered to them.  

Benefits of ITIL incident management

With a proper ITIL incident management process in place, you can: 

Best practices for successful ITIL incident management

  1. Offer multiple modes for ticket creation including through an email, phone call, or a self-service portal.
  2. Publish business-facing, custom IT incident forms for effective information gathering.
  3. Automatically categorize and prioritize IT incidents based on ticket criteria.
  4. Associate SLAs with IT incidents based on ticket parameters like priority.
  5. If all technicians, are of the same skill levels, auto-assign tickets to technicians based on algorithms like load balancing and round robin.
  6. Associate IT asset data, IT problems, and IT changes with IT incident tickets.
  7. Ensure that incidents are closed only after providing a proper resolution by confirming with end user and applying the appropriate  closure codes.
  8. Configure a custom end-user communication process for every step in an IT incident life cycle
  9. Create, and maintain a knowledge base with appropriate solutions
  10. Provide role-based access to end users and technicians based on the complexity of the solutions.
  11. Handle major incidents by creating unique workflows. 

Feature checklist for IT incident management software

When choosing a ticketing system or IT help desk software, there are a few features that can make or break your IT incident management. Here are some features to consider when choosing incident management software:

Get your own ITIL-compliant incident management software

Start your free trial now
Get a customized quote

Incident management and the other service desk components

IT incident management and IT problem management

Incident management is a collection of policies, processes, workflows, and documentation that helps IT teams manage an incident from start to finish. The process of incident management involves identifying an incident, logging it with all the relevant information, diagnosing the issue, and restoring the service in a timely manner. The process of incident management is akin to firefighting, where the main goal is to minimize damage to the business.

On the other hand, IT problem management is the process of identifying the root cause leading to one or more incidents and then initiating actions to rectify the issue. Problem management aims to minimize the impact of the problem on the business by taking a more organized approach in the form of root cause analysis, which is used to pinpoint the underlying issue. This issue is then fixed to prevent similar incidents in the future. Ultimately, identifying underlying problems helps with incident management and proactively ensures that normal operations continue.

Incident management and change management

ITIL change management is the process of modifying the IT infrastructure of an organization in a standardized and systematic manner. It is a well-planned process comprised of various stages and statuses that IT changes can go through.

Typically, IT changes are initiated after the IT problem management processes to fix the identified IT problem, to replace a faulty asset that leads to repeat incidents, or as a part of the resolution to a major incident. The objective of IT incident management is to minimize IT disruptions and restore services immediately. In some cases, change implementations can lead to incidents, most of which are minor incidents caused by temporary service disruptions or service unavailability. The impact of such incidents can be minimized by proactively informing end users about the change implementation as well as anticipated incidents or service unavailability. In case of a major incident caused by a change, change management teams can immediately roll back the change to restore normalcy.

Incident management and asset management

Integrating IT asset management and IT incident management processes makes incident diagnosis and resolution much easier for Tier 2 and Tier 3 technicians. For example, when a user reports an issue about limited internet connectivity, the issue could be either with the laptop or with the router the user is connected to. Having all the information about the user's laptop—including the router they're connected to along with its details and relationships—helps the technician pinpoint the cause of the incident and provide the right resolution. From an asset-management perspective, linking IT incidents with assets helps IT service desks identify and retire faulty assets that cause repeat incidents in the organization. 

ITIL glossary for incident management

Incident management implementation kit

An exclusive package of a feature checklist and incident management presentations.

  • Feature checklist

    Comprehensive list of must-have features that you can use as a benchmark for your IT service desk.

  • Best practices

    Detailed presentations with specific use cases to get started with ITIL incident management .

By clicking 'Get the implementation kit for FREE', you agree to processing of personal data according to the Privacy Policy.

About ServiceDesk Plus

ManageEngine's flagship product, ServiceDesk Plus, is an ITIL-ready service desk software used by ITSM professionals worldwide. With industry-certified best practice ITSM functionality, easy-to-use capability, and native mobile apps, ServiceDesk Plus leverages the latest technology to help IT support teams deliver world-class service to end users with reduced costs and complexity. Available in both cloud and on-premises versions, the software is available in three editions, and 29 different languages. Over 100,000 organizations across 185 countries trust ServiceDesk Plus to optimize their IT service desk performance and be future-ready in their IT service management operations. For more information on ServiceDesk Plus, please visit