- 05 Aug 2024
- 20 Minutes to read
- Print
- PDF
Manage Incidents
- Updated on 05 Aug 2024
- 20 Minutes to read
- Print
- PDF
The Analysts can also log their issues, view the Incidents logged, and update them. In addition to the actions that Analysts can perform, they can also perform all the actions of an End User.
Manage Incidents
To Manage your Incidents, perform the following steps:
1. Login to the application and select Service Management.
2. The following page is displayed as the Analyst dashboard.
Figure: Analyst Dashboard
4. Navigate to Incident > Manage Incidents as shown below.
Figure: Manage Incident
5. Select Manage Incidents and the following list page is displayed. For more information, refer to the table below.
Figure: Manage Incident List page
4. Click New to add new Incidents. Refer the following screenshot and the table.
Figure: New Incident
Field | Description |
---|---|
Symptom | A brief information on the Incident is provided. |
Description | Detailed information on the Incident with more explanation and clarity. |
Workgroup | Lists all the Workgroups corresponding to the selected Tenant. |
Analyst | Select the Analyst to whom the Incident must be assigned. |
Service Window | Select the Service window based on which SLAs are calculated. Example: 24/7 |
Effort | Specify the Effort in Days, Hours, Minutes, & Seconds |
Response SLA | The field displays the deadline within which a response acknowledgment must be received for the Incident. Note: The remaining time is calculated based on the service window selected. Any violation of SLA will be highlighted. This field can be edited based on the configurations in SLA. Any changes made will be reflected in the SLA History. |
Response SLA Violation remarks | The workgroup to which the Incident is assigned. Select the relevant remarks from the dropdown. Example: Working on other Incidents, Complex Issue etc. |
Resolution SLA | The field displays the deadline within which a resolution must be received for the Incident. Note: This field can be edited based on the configurations done in SLA. |
Resolution SLA Violation remarks | Select the relevant remarks from the dropdown. For example, working on other Incidents, complex issues, etc. |
The configuration has been explained under each of the tabs. Please expand the following sections for more details.
General
Field | Description |
---|---|
Requestor | The name of the requestor who raised the Incident is displayed. It is displayed from the login username. |
Requestor Location | The location from which the requestor has raised the Incident is displayed. |
Tenant | A Tenant is similar to a department within an organization that provides support related to an IT or a facility. |
Service | Select the service required for the Incident. Options available are Emergency Response Service, MS Office 365, Navigation. |
Medium | Select the medium of Incident logging. Options available are: Web, Mail ,Chatbot, MobileApp, Phone, Others. |
Source | Select the origin of the Incident being logged. Options available are: User, Event, Incident, Change, Problem, Others. |
Classification | Select the appropriate option from the classification Pop-up window which provides various categories. |
How would you categorize the issue? | Find and select the appropriate category to which the Incident belongs to from the category list. Refer to the screenshot below. |
Tags | Add relevant tags for better reach or provision to create new tags are also available. |
Major Incident | Click this and mark as Major Incident only if the Incident is of High priority, High Impact and Urgency and needs faster resolution. |
Propose Major Incident | Enable the button if the Incident needs to be proposed as a Major Incident. When the incident is proposed as a Major Incident, it is transferred to the Approver for the approval process. When enabled, the following window is displayed. For more information on the details to be input, refer the table below in Major Incident. |
Prioritization | |
Impact | Impact defines the enormity of the situation and the extent of consequence related to the incident. The options available are critical, high, low, and medium. |
Urgency | This field represents the urgency-based factor for Incident. Options available are: Critical, High, Low, Medium. |
Priority | Priority defines the precedence in which a particular Incident should be addressed. The options available are P1, P2, P3, P4, and P5. |
Major Incident
Field | Description |
---|---|
General | |
Topic | Specify the topic for initiating the major incident. |
MIM Team Members | Select the team members of the Major Incident Team. |
Create Problem Record on Incident resolution | Enable this feature if a problem record needs to be created for this incident resolution. |
Generate Meeting | Click the button to generate a meeting with the MIM team members. |
Root Cause | |
What is the nature of the Incident? | Select the nature of the incident from the dropdown menu. |
What specific symptoms or issues are being observed? | Provide details of the symptoms or issues that are observed as part of this incident. |
What are the cause of the Incident? | Specify the observed cause of the incident. |
Type of Occurrence | Specify if it is a first time or repeated occurrence. |
Is there a workaround in place, and is it effective? | Choose yes or no if there is a workaround for the issue. |
What is the criticality of the affected systems or services? | Specify the criticality of the incident as low, medium, high etc. |
What actions have been taken so far? | Provide details of the actions taken for resolution of the issue. |
Preventive Action | |
Action | Provide details of the action taken for prevention of the issue. |
Owner | Provide the owner details for the issue. |
Due Date | Enter the due date for resolution of the issue. |
Status | Select the status of the major incident. |
Messages
Field | Description |
---|---|
User Communication | Type in the problem information that you want to share with the Requestor. Only the workgroup Analysts can update the User Communication. Also, the Analysts can use the preconfigured templates to update the User Communication. |
Private Log | Type in the problem information that you want to share with other members of your Workgroup. Apart from workgroup Analysts, the Private Log can be updated by Authorizers, Approvers, and Reviewers. |
Messages | Any other messages related to the Incident can be added here. |
Notes for Self | This is self note section for individual reference |
Checklist
Field | Description |
---|---|
Checked Windows updates and suggested any critical updates and impact? | Maintaining a secure, stable, and up-to-date operating system with the newest features and enhancements requires regular Windows updates. Select Yes or No from the dropdown menu. |
Backed up DFS Namespace Configuration | Distributed File System (DFS) Windows Server namespace is a feature that lets you combine shared folders from various servers into a single namespace. Select Yes or No from the dropdown menu. |
Are Antivirus Logs checked & updated? | Records produced by antivirus software that detail actions taken in connection with identifying and addressing possible security risks on a system or network are known as antivirus logs. Select Yes or No from the dropdown menu. |
Solution
Field | Description |
---|---|
I found this solution in a knowledge article. | Enable this if you could find the resolution to your Incident in a knowledge article of documentation. Majority of times there are possibilities a resolution can be found from existing knowledge article. |
Please link the article that helped | Select from the dropdown list which is the article that helped you resolve the Incident all by yourself. Note If the status of the Incident is Resolved, and the toggle switch for I found this solution in a Knowledge Article is enabled, then it is mandatory to select a Knowledge Article from the dropdown menu. If not selected, then a validation message will be displayed to select the Knowledge Article. |
Troubleshooting
Field | Description |
---|---|
Problem | Enter the Problem of the Incident for reference. |
Cause | Enter the cause of the Incident. Example: My VPN is not working because of wrong password and I'm unable to change it. |
Proposed Solution | Suggest a possible solution which can resolve your Incident. |
List | This is a cumulative list which gets added with multiple Problem, Cause and Proposed Solutions. |
The Incident record can be linked to other records from the same module, another module, or an application by using the Links tab. From the Incident details page, users have the option to create new records or link to already-existing ones.
Link the existing Manage pages from the dropdown list provided in the Links section. This view will provide a list of all the records that have been linked to the record.
Link
Figure: Links
Analysts can perform the following actions through the Links tab:
- Create
- Link
- De-link
Create
This feature allows a new record to be created from an incident. A new record gets created with fields auto-populated.
The link tab contains the relationship record with the create button. The create button can be triggered to create a new record from an incident. For example Incident to Service Request.
Figure: Create
Link
Link contains a feature to Link other records to the Incident. This feature is useful to create an association between related records. For more information refer to the image below.
The Link tab allows linking an incident with other modules in the application. For example, linking an incident to a service request or linking an incident to a problem record. There is also a provision to link records across application. For example, linking service request to fixed asset.
Figure: Link
- In-Store Assets: This will display the list of records in store.
- User Assets: This will display the list of assets allocated to the specific user.
Select a module and the following page is displayed.
Note
Select the records to be linked and click Link. Records from the same module can be linked as Parent-Child and other modules can be linked as Peer.
Peer Records are related or similar records to the incident being investigated. An incident cannot be resolved without closing the linked peer records.
For example, if a work order or service request has been raised for an incident, it cannot be resolved till the work order/service request has been closed. The following validation message is displayed when the incident is closed.
- Child records are not editable once linked. The linked child record will display the following message when opened.
- Any changes to the parent records will reflect on the child records. There is a provision to exclude certain fields from being updated in the child record by defining exceptions in the Relationship configuration. Once configured, changes to the child incident can be limited by selecting the required fields as shown below. Only selected fields will be updated in the child incident.
All the linked records of different modules will be displayed as below.
The condition builder has been introduced to display only open records while linking. For more information on configuration, refer to the Relationship feature in Form Designer.
De-Link
Removing the connection or linkage between two records that are tied to an incident is known as de-linking the records. This step may be required if a record is incorrectly linked, no longer relevant, or if the process changes and the linked records need to be disconnected.
To de-link record(s) from an SR, perform the following steps:
- Click Link tab.
- All the records which are link to the Incident are displayed.
- Select the checkboxes of the records which you want to de-link.
- Once you select the records that you want to de-link, the De-Link button is enabled.
Figure: Delink Records
5. Click De-Link. A message stating successful de-linking is displayed.
Figure: Delinked Records
Vendor Info
Field | Description |
---|---|
Vendor Name | Select the Vendor from the dropdown list. Example: Cisco, Apple. |
Location | Select the Location from the dropdown list. Example: India, Austria. |
Configuration Items | Select the appropriate CI (Configuration Items) from the list. |
Services | Select the Services relevant to the Vendor from the dropdown list. |
Contact Person | Select the contact person for the vendor from the dropdown list. |
Incident ID | Enter an Incident ID of the Parent Incident if exists. |
Status-Vendor | Add relevant tags for better reach or provision to create new tags are aslo available. |
Vendor-Urgency | Justification or Valid reason for keeping the Incident in Pending status. For example, dependency on another team, No proper information available. |
Start Date | Select a start date as per requirement. |
Vendor Impact | Click this and mark as Major Incident only if the Incident is of High priority, High Impact and Urgency and needs faster resolution. |
Resolution Deadline | Impact defines the enormity of the situation and mostly deals with “How Many” question. |
Vendor-Priority | Time based factor for Incident. Options available are: Critical, High, Low, Medium. |
End Date | Select the end date as per requirement. |
Underpinning Contact | The Underpinning Contract (UC) is a contract between an IT service provider and a third party. The third-party provides support services that enable the service provider to deliver a service to a customer. |
Solution | Propose a possible solution for the Incident. |
Timeline
Timeline displays the chronological events and timestamp of tasks and progress on the Incident. Refer to the screenshot below for more information.
Figure: Incident Timeline
Orchestration
Repetitive tasks must be executed to resolve an incident automatically or with less manual intervention. Based on the configured scripts, the action is executed automatically.
Modify and Manage Incidents
To Manage your Incidents, perform the following steps:
1. Navigate to Service Management > Incident.
3. Select Manage Incidents and the following list page is displayed.
Figure: List page
4. Click any Incident ID hyperlink and the following screen is displayed.
Figure: Incident details page
The topmost right corner has few action icons which are explained in the table below.
Change History
Click the change history icon to view the History of the Incident. The following screen is displayed.
View the complete record or log of all the changes made to the Incident throughout its lifecycle by clicking on the Change History tab.
Figure: Change History
Click on the Change History ribbon to expand it and view the complete details of the changes occurred on the Incident. It displays the date and time of the change along with information like Impact, Urgency, Priority, Pending Reason, Requestor, Tenant, Classification, Status, Workgroup, Service Window and much more. (Refer the following screenshot)
Figure: Change History
Click and view the Change History in Timeline View or Tabular View. (Refer to the following screenshot)
Figure: Change History
You can export the details to an excel by clicking on the Export to excel icon.
Communication History
A communication history is a list or documentation of all the exchanges of messages, discussions, and interactions that have taken place over a given time period between different people or entities. It offers an in-depth description of who spoke with whom, when, and what was said. For more information, refer to the image below.
Figure: Communication History
Click on the log to find the audit trail of communication as given below.
Figure: Additional details
Workflow History
View the entire history and progress of the Workflow. Workflow History refers to a log or record of actions and events that have taken place during a workflow or business process. Workflows are a popular tool for managing and streamlining intricate procedures, guaranteeing that assignments are finished quickly and methodically. For more information, refer to the image below.
Figure: Workflow History
Click the highlighted icon and the following page is displayed with the workflow diagram.
Figure: Workflow Diagram
Link History
Link history usually means a list of URLs or hyperlinks that are pertinent to the incident. This can be significant in a scenario where a particular incident is linked to another record. For more information refer to the image below.
Figure: Link History
SLA History
The term "SLA history" describes the progression and historical development of service-level agreements. It includes the main turning points, how SLAs have changed over time, and how businesses have utilized them to monitor and guarantee the caliber of services they offer to clients.
Figure: SLA History
- Resolution SLA - Resolution SLA refers to a service provider's guarantee as to how quickly they will address and fix a reported issue or request.
- Response SLA - Response SLA is the guarantee given by a service provider on how quickly they will react to a customer's request or issue that they have reported.
Click and view the SLA History in Timeline View or Tabular View. (Refer to the following screenshot)
Figure: SLA Tabular view
Figure: SLA Timeline view
You can export the details to an excel by clicking on the Export to excel icon
The Rule History provides a log of any rule changes adopted during the progress of the Incident. Any such changes will be reflected in the SLA value being calculated for completion of the Incident.
Figure: SLA Rule History
For more information, refer to the table below.
Field | Description |
---|---|
SLA Rule Id | The unique Id provided for the SLA. |
SLA Rule Name | The name given to the SLA task. |
Applied Date | The date on which the SLA Rule was applied to the Incident |
SLA Criteria | The criteria if any applied. |
SLA Value | The calculated days of the SLA is provided. |
SLA Elapsed Time | The SLA Elapsed Time is automatically calculated based on the SLA Rule selected. |
SLA Detail History - The Detail History will have a comprehensive log of the SLA details captured to provide a birds-eye view of the status of SLA and elapsed time.
Figure: SLA Detail History
For more information refer to the table below
Field | Description |
---|---|
Status | The status of the Form is displayed here. |
Start Time | The Start time of the SLA when it is activated is displayed. |
End Time | The End time of the SLA is displayed. |
SLA Elapsed Time | The SLA Elapsed Time is automatically calculated based on the SLA Rule selected. |
SLA Status | The status of the SLA is displayed when the cursor is hovered over the icon |
SLA Deadline History - A historical tracking of compliance with deadlines providing a history of how deadlines or timelines have been managed in the context of SLA.
Figure: SLA Deadline History
For more information, refer to the table below.
Field | Description |
---|---|
SLA Rule Name | The unique name of the SLA Rule configured. |
Deadline | The Deadline as per the rule is displayed. |
Updated By | The last person who updated the records. |
Updated on | The time in which the records were last updated. |
Business Rule History
View the list of Business rules triggered and satisfied for the Incident. It also provides a log of the business rules triggered with details.
Click on the highlighted part to reveal the business rules that were satisfied and triggered and vice versa.
- Business Rules satisfied - This provides the details of the business rules that were triggered and satisfied.
Figure: BR satisfied - Business Rules Not satisfied - This provides details of the business rules that were triggered and not satisfied.
Figure: BR not satisfied
Search Function is available for BR history logs using Keywords as shown below.
Figure: BR History search
Whenever an action fails during the processing of a business rule, resulting in a 'Failed' status, the Business Rule History will display the status as 'Failed' along with reason for the failure, accompanied by the error. This is crucial for facilitating the investigation of the issue.
Access History
It provides details of the access details and history of accesses in chronologically descending order.
Figure: Access History log
Import Template
A template guarantees uniformity in the manner in which incident data is recorded. By automatically filling in the fields, templates make the process of submitting new records easier.
Click the Import Template icon and apply the required templates from existing records. The following screen is displayed.
Figure: Import Template
Select the required template and Apply
Generate Summary
The Incident Management "Generate Summary" function streamlines the process of producing thorough incident summaries, guaranteeing that all relevant parties have a clear understanding of the incident details, resolution procedures, and any necessary follow-up actions.
Click the icon to generate a summary of the Incident.
Figure: Generate Summary
The Create Template icon can be used to create a new template from existing incident details.
Click the Create Template icon and the following page is displayed.
Figure: Create Template
Provide a Template name with sufficient Tags for the template. Enable the toggle button to make the template available for the end user
More Options
Click the more options icon to view more options available to the Analyst. The following options are available in this section. Each section has been explained in detail below.
Figure: More options
Let us see each of the above in detail.
Reminder
Reminders are used in incident management as a proactive measure to guarantee that events are handled effectively, in accordance with SLAs, and with an emphasis on ongoing improvement.
Click Reminder and the following page is displayed.
Figure: Reminder
Set Reminders for specific date and time and enable Notify Me to receive Notifications.
Also, you have an option to Create Incident for reminder too.
Remote Desktop
Remote desktop functionality is a valuable tool in incident management, where you make take control of the End user's system to analyze the issue. It is useful when it comes to troubleshooting and resolving IT issues.
Click Remote Desktop and the following page is displayed.
Figure: Remote Desktop
Set Remote Desktop connections for specific RDP Type and add Analyst E-mail ID to send Notifications.
Also, the Requestor E-mail ID is selected by default, and you can change the same.
AI Suggestions
Artificial intelligence (AI) has the potential to significantly improve incident management procedures by providing insightful recommendations and modifications that increase productivity, accuracy, and issue-solving efficacy. AI-driven recommendations can help make incident management more proactive, effective, and responsive, which will ultimately enhance the delivery of IT services as a whole.
1. Click icon on the right of the top ribbon.
2. Click AI Suggestions and the following page is displayed.
Figure: AI Suggestions
- Based on the inputs such as Symptom and Description, Service Desk Intelligence scans all the available history or records and identifies similar records. Further, the Service Desk Intelligence understands human responses to similar records in the past and then provides suggestions. Analysts can view and apply the AI suggestions by clicking Apply. However, the predictions made by Service Desk Intelligence is a reflection of past data. If sufficient records exist with “proper” data, the field predictions are in conjunction with that.
- The Service Desk Intelligence makes the Analyst's job easier by auto filling the following fields of the Incident based on the Service Desk Intelligence: Workgroup, Impact, Urgency, Category, Classification. By default, these fields are enabled. Click Cancel if you do not want to apply the AI suggestions to the record's details page.
Transfer Incidents
The process of transferring responsibility for handling an incident from one support group or team to another. This transfer might occur for various reasons, such as when the initial team realizes that the incident requires expertise or resources beyond their scope, or when there's a predefined escalation or handover process in place.
Click Transfer Incidents and the following page is displayed.
Transfer the Incidents to appropriate Tenant, Workgroup with Remarks on why is the Incident being transferred.
Article Suggestions
Article Suggestions provide articles of similar interest that can be referenced for resolution of the incident. This can help in knowledge sharing and problem solving. This knowledge sharing mechanism can enhance the efficiency and effectiveness of incident resolution process.
Click Article Suggestions and the following window is displayed.
Figure: Article Suggestions
User Record History
User record history refers to a record of events and modifications connected to a user's account or profile that is organized chronologically. It is a log or record of activities, changes, and updates related to a specific user's tickets. This record history provides a detailed timeline of interactions, communications, and any modifications made to a specific user's tickets throughout its lifecycle.
Click User Records History and the following window is displayed.
Figure: User Record History
It provides a log of the user who has logged an Incident. The screen shows details like ID, Status , Symptom etc. Click on the Incident ID to open the incident in a new tab. If there are many tickets logged by the user, a list of the tickets is displayed. Click Close to close the pop-up of User Record History.
Convert
The convert functionality is utilized to convert a record from its current status. For example. Incident to Service Request, Incident to Change Records, etc and vice versa. By doing so, you can efficiently manage and address specific issues associated with the converted record type.
Figure: Convert
Form relations play a crucial role in ensuring that the auto-populated data is coherent and logically correct.
Figure: New Service Request converted from Incident
Once you select the type of record to which you want to convert the Incident into, it will open a new details page of the selected record type. The details are auto-populated from the Incident record.
Send Email
The Send Email feature is designed to streamline communication within the Incident Management. It helps to have seamless communication between Analyst, End users and other stakeholders involved in the Incident resolution. for Click the Send Email to send the Incident as a mail. The following screen is displayed.
Figure: Send Email
Recipients Selection
Select the list of contacts: by users or by recipients. (Refer the following screenshots)Figure: Send Email - Recipient Selection
Once you click the text field, the following options appear:Figure: Recipient Selection
Click the first option to select the group of users to which you want to send the email. The options in the dropdown menu are: Users, User Groups, By Roles, Groups based on User Properties, Dynamic Groups, Approvers, Custom Email IDs. (Refer the following screenshot)Figure: Contact List - Groups
Once you select the required option from the first menu, the names of the Recipients are auto-populated in the next field. Click on the dropdown menu icon next to Select Recipient to expand the menu. It displays a list of recipients to choose from. (Refer the following screenshot)
Figure: Contact list - recipients
You can include additional recipients who should receive a copy of the email under the Cc section. Add recipients in the Bcc section to include additional recipients who should receive a copy of the email without other recipients knowing.
Notification Template Selection
Select the notification by clicking the Notification Template dropdown menu. (Refer the following screenshot)
Figure: Notification Template Selection.
Specify the Subject and Body for the email. Subject and Body are mandatory fields. You can also send attachments with the email. (Refer the following screenshot)
Figure: Email body, subject, attachment
Click Submit to save the email settings. If you do now want to configure the Send Email option, click Cancel. <