Manage Incidents
  • 05 Aug 2024
  • 20 Minutes to read
  • PDF

Manage Incidents

  • PDF

Article summary

The Analysts can also log their issues, view the Incidents logged, and update them. In addition to the actions that Analysts can perform, they can also perform all the actions of an End User.

Manage Incidents

To Manage your Incidents, perform the following steps:

1. Login to the application and select Service Management.

2. The following page is displayed as the Analyst dashboard.

Figure: Analyst Dashboard

4. Navigate to Incident > Manage Incidents as shown below. 

Figure: Manage Incident

5. Select Manage Incidents and the following list page is displayedFor more information, refer to the table below. 

Manage Incidents ListFigure: Manage Incident List page

Note
Any additional columns required for the list page can be added by clicking on the following icon from the list page.

4. Click New to add new Incidents. Refer the following screenshot and the table.

new incident pageFigure: New Incident

FieldDescription

Symptom
A brief information on the Incident is provided.
Description
Detailed information on the Incident with more explanation and clarity.
Workgroup
Lists all the Workgroups corresponding to the selected Tenant.
Analyst
Select the Analyst to whom the Incident must be assigned. 
Service Window
Select the Service window based on which SLAs are calculated. Example: 24/7
Effort
Specify the Effort in Days, Hours, Minutes, & Seconds
Response SLA
The field displays the deadline within which a response acknowledgment must be received for the Incident.
Note: 
The remaining time is calculated based on the service window selected. Any violation of SLA will be highlighted.

This field can be edited based on the configurations in SLA. Any changes made will be reflected in the SLA History. 
Response SLA Violation remarks
The workgroup to which the Incident is assigned.
Select the relevant remarks from the dropdown.
Example: Working on other Incidents, Complex Issue etc.
Resolution SLA
The field displays the deadline within which a resolution must be received for the Incident.
Note: 
This field can be edited based on the configurations done in SLA.
Resolution SLA Violation remarks
Select the relevant remarks from the dropdown.
For example, working on other Incidents, complex issues, etc.

The configuration has been explained under each of the tabs. Please expand the following sections for more details.

General
FieldDescription
RequestorThe name of the requestor who raised the Incident is displayed.  It is displayed from the login username.
Requestor LocationThe location from which the requestor has raised the Incident is displayed. 
TenantA Tenant is similar to a department within an organization that provides support related to an IT or a facility. 
ServiceSelect the service required for the Incident. Options available are Emergency Response Service, MS Office 365, Navigation. 
MediumSelect the medium of Incident logging. Options available are: Web, Mail ,Chatbot, MobileApp, Phone, Others.
SourceSelect the origin of the Incident being logged. Options available are: User, Event, Incident, Change, Problem, Others.
ClassificationSelect the appropriate option from the classification Pop-up window which provides various categories.
classificaytion
How would you categorize the issue?Find and select the appropriate category to which the Incident belongs to from the category list. Refer to the screenshot below.
category(1)
TagsAdd relevant tags for better reach or provision to create new tags are also available.
Major IncidentClick this and mark as Major Incident only if the Incident is of High priority, High Impact and Urgency and needs faster resolution.
Propose Major IncidentEnable the button if the Incident needs to be proposed as a Major Incident. When the incident is proposed as a Major Incident, it is transferred to the Approver for the approval process.
When enabled, the following window is displayed. For more information on the details to be input, refer the table below in Major Incident.


Prioritization
ImpactImpact defines the enormity of the situation and the extent of consequence related to the incident. The options available are critical, high, low, and medium.
UrgencyThis field represents the urgency-based factor for Incident. Options available are:
Critical, High, Low, Medium.
PriorityPriority defines the precedence in which a particular Incident should be addressed. The options available are P1, P2, P3, P4, and P5.

Major Incident

FieldDescription
General
TopicSpecify the topic for initiating the major incident. 
MIM Team MembersSelect the team members of the Major Incident Team. 
Create Problem Record on Incident resolutionEnable this feature if a problem record needs to be created for this incident resolution. 
Generate MeetingClick the button to generate a meeting with the MIM team members. 
Root Cause
What is the nature of the Incident?Select the nature of the incident from the dropdown menu. 
What specific symptoms or issues are being observed?Provide details of the symptoms or issues that are observed as part of this incident. 
What are the cause of the Incident?Specify the observed cause of the incident. 
Type of OccurrenceSpecify if it is a first time or repeated occurrence. 
Is there a workaround in place, and is it effective?Choose yes or no if there is a workaround for the issue. 
What is the criticality of the affected systems or services?Specify the criticality of the incident as low, medium, high etc. 
What actions have been taken so far?Provide details of the actions taken for resolution of the issue. 
Preventive Action
ActionProvide details of the action taken for prevention of the issue. 
OwnerProvide the owner details for the issue. 
Due DateEnter the due date for resolution of the issue. 
Status Select the status of the major incident. 


Messages


FieldDescription
User CommunicationType in the problem information that you want to share with the Requestor. Only the workgroup Analysts can update the User Communication.
Also, the Analysts can use the preconfigured templates to update the User Communication.
Private LogType in the problem information that you want to share with other members of your Workgroup. Apart from workgroup Analysts, the Private Log can be updated by Authorizers, Approvers, and Reviewers.
MessagesAny other messages related to the Incident can be added here.
Notes for SelfThis is self note section for individual reference


Checklist
FieldDescription
Checked Windows updates and suggested any critical updates and impact?
Maintaining a secure, stable, and up-to-date operating system with the newest features and enhancements requires regular Windows updates.
Select Yes or No from the dropdown menu.

Backed up DFS Namespace Configuration

Distributed File System (DFS) Windows Server namespace is a feature that lets you combine shared folders from various servers into a single namespace.
Select Yes or No from the dropdown menu.
Are Antivirus Logs checked & updated?
Records produced by antivirus software that detail actions taken in connection with identifying and addressing possible security risks on a system or network are known as antivirus logs.
Select Yes or No from the dropdown menu.


Solution


FieldDescription

I found this solution in a knowledge article.



Enable this if you could find the resolution to your Incident in a knowledge article of documentation. Majority of times there are possibilities a resolution can be found from existing knowledge article.

Please link the article that helped



Select from the dropdown list which is the article that helped you resolve the Incident all by yourself.
Note
If the status of the Incident is Resolved, and the toggle switch for I found this solution in a Knowledge Article is enabled, then it is mandatory to select a Knowledge Article from the dropdown menu. If not selected, then a validation message will be displayed to select the Knowledge Article.


Troubleshooting


FieldDescription

Problem


Enter the Problem of the Incident for reference.

Cause



Enter the cause of the Incident.
Example: My VPN is not working because of wrong password and I'm unable to change it.

Proposed Solution

Suggest a possible solution which can resolve your Incident.

List


This is a cumulative list which gets added with multiple Problem, Cause and Proposed Solutions.


The Incident record can be linked to other records from the same module, another module, or an application by using the Links tab. From the Incident details page, users have the option to create new records or link to already-existing ones.

Link the existing Manage pages from the dropdown list provided in the Links section. This view will provide a list of all the records that have been linked to the record. 

Link

Figure: Links

Analysts can perform the following actions through the Links tab:

  • Create
  • Link
  • De-link

Create

This feature allows a new record to be created from an incident. A new record gets created with fields auto-populated. 

The link tab contains the relationship record with the create button. The create button can be triggered to create a new record from an incident. For example Incident to Service Request. 

Note
The form will open in a new tab and all the fields will be auto populated based on the form relationship selected. For more details refer to the figure below. 

Figure: Create 

Link

Link contains a feature to Link other records to the Incident. This feature is useful to create an association between related records. For more information refer to the image below.

The Link tab allows linking an incident with other modules in the application.  For example, linking an incident to a service request or linking an incident to a problem record. There is also a provision to link records across application. For example, linking service request to fixed asset.

Figure: Link

Note
The link tab can be used to display and link Instore Assets and User Assets
  • In-Store Assets: This will display the list of records in store. 
  • User Assets: This will display the list of assets allocated to the specific user.

Select a module and the following page is displayed.

Note

Select the records to be linked and click Link. Records from the same module can be linked as Parent-Child and other modules can be linked as Peer

Peer Records are related or similar records to the incident being investigated. An incident cannot be resolved without closing the linked peer records. 

For example, if a work order or service request has been raised for an incident, it cannot be resolved till the work order/service request has been closed. The following validation message is displayed when the incident is closed.

The Parent-Child dependency can be selected if the incidents are related to the same main incident. Any updates on the parent incident will also reflect on the child incidents.
  • Child records are not editable once linked. The linked child record will display the following message when opened.
  • Any changes to the parent records will reflect on the child records. There is a provision to exclude certain fields from being updated in the child record by defining exceptions in the Relationship configuration. Once configured, changes to the child incident can be limited by selecting the required fields as shown below. Only selected fields will be updated in the child incident. 

All the linked records of different modules will be displayed as below.

Note

The condition builder has been introduced to display only open records while linking. For more information on configuration, refer to the Relationship feature in Form Designer. 

De-Link

Removing the connection or linkage between two records that are tied to an incident is known as de-linking the records. This step may be required if a record is incorrectly linked, no longer relevant, or if the process changes and the linked records need to be disconnected.

To de-link record(s) from an SR, perform the following steps:

  1. Click Link tab.
  2. All the records which are link to the Incident are displayed.
  3. Select the checkboxes of the records which you want to de-link.
  4. Once you select the records that you want to de-link, the De-Link button is enabled.
    Figure: Delink Records

    5. Click De-Link. A message stating successful de-linking is displayed.
    Figure: Delinked Records
Vendor Info


FieldDescription
Vendor NameSelect the Vendor from the dropdown list. Example: Cisco, Apple.
LocationSelect the Location from the dropdown list. Example: India, Austria.
Configuration ItemsSelect the appropriate CI (Configuration Items) from the list.
ServicesSelect the Services relevant to the Vendor from the dropdown list.
Contact PersonSelect the contact person for the vendor from the dropdown list.
Incident ID
Enter an Incident ID of the Parent Incident if exists.
Status-VendorAdd relevant tags for better reach or provision to create new tags are aslo available.
Vendor-UrgencyJustification or Valid reason for keeping the Incident in Pending status.
For example, dependency on another team, No proper information available. 
Start DateSelect a start date as per requirement. 
Vendor ImpactClick this and mark as Major Incident only if the Incident is of High priority, High Impact and Urgency and needs faster resolution.
Resolution DeadlineImpact defines the enormity of the situation and mostly deals with “How Many” question.
Vendor-PriorityTime based factor for Incident. Options available are:
Critical, High, Low, Medium.
End DateSelect the end date as per requirement.
Underpinning ContactThe Underpinning Contract (UC) is a contract between an IT service provider and a third party. The third-party provides support services that enable the service provider to deliver a service to a customer. 
SolutionPropose a possible solution for the Incident.


Timeline

Timeline displays the chronological events and timestamp of tasks and progress on the Incident. Refer to the screenshot below for more information.
Timeline

Figure: Incident Timeline


 

Orchestration


Repetitive tasks must be executed to resolve an incident automatically or with less manual intervention. Based on the configured scripts, the action is executed automatically.

Modify and Manage Incidents

To Manage your Incidents, perform the following steps:

1. Navigate to Service Management > Incident.
3. Select Manage Incidents and the following list page is displayed
Manage Incidents List

Figure: List page

4. Click any Incident ID hyperlink and the following screen is displayed.

Figure: Incident details page

The topmost right corner has few action icons which are explained in the table below.

Change History

Click the change history icon 2(4)to view the History of the Incident. The following screen is displayed.
Change History

View the complete record or log of all the changes made to the Incident throughout its lifecycle by clicking on the Change History tab.

 Figure: Change History

Click on the Change History ribbon to expand it and view the complete details of the changes occurred on the Incident. It displays the date and time of the change along with information like Impact, Urgency, Priority, Pending Reason, Requestor, Tenant, Classification, Status, Workgroup, Service Window and much more. (Refer the following screenshot) 

 Figure: Change History

Click and view the Change History in Timeline View or Tabular View. (Refer to the following screenshot)

Figure: Change History

You can export the details to an excel by clicking on the Export to excel icon.

Communication History

A communication history is a list or documentation of all the exchanges of messages, discussions, and interactions that have taken place over a given time period between different people or entities. It offers an in-depth description of who spoke with whom, when, and what was said. For more information, refer to the image below. 

Figure: Communication History

Click on the log to find the audit trail of communication as given below. 

Figure: Additional details

Workflow History

View the entire history and progress of the Workflow. Workflow History refers to a log or record of actions and events that have taken place during a workflow or business process. Workflows are a popular tool for managing and streamlining intricate procedures, guaranteeing that assignments are finished quickly and methodically. For more information, refer to the image below.


Figure: Workflow History

Click the highlighted icon and the following page is displayed with the workflow diagram.

Figure: Workflow Diagram

Note
The green line denotes approvals done and the orange box denotes the status at which the approval is pending.

Link History

Link history usually means a list of URLs or hyperlinks that are pertinent to the incident. This can be significant in a scenario where a particular incident is linked to another record. For more information refer to the image below.

Figure: Link History

Note
The link history is also used to track changes in the event of conversion of records. For example, when a service request is created from an incident or vice versa, or Incident to Service Request, Incident to Work order, etc.

SLA History

The term "SLA history" describes the progression and historical development of service-level agreements. It includes the main turning points, how SLAs have changed over time, and how businesses have utilized them to monitor and guarantee the caliber of services they offer to clients.

Figure: SLA History

  • Resolution SLA - Resolution SLA refers to a service provider's guarantee as to how quickly they will address and fix a reported issue or request.
  • Response SLA - Response SLA is the guarantee given by a service provider on how quickly they will react to a customer's request or issue that they have reported.

Click and view the SLA History in Timeline View or Tabular View. (Refer to the following screenshot)

Figure: SLA Tabular view

Figure: SLA Timeline view
You can export the details to an excel by clicking on the Export to excel icon

The Rule History provides a log of any rule changes adopted during the progress of the Incident. Any such changes will be reflected in the SLA value being calculated for completion of the Incident.

Figure: SLA Rule History

For more information, refer to the table below.

FieldDescription
SLA Rule Id

The unique Id provided for the SLA. 
SLA Rule NameThe name given to the SLA task. 
Applied DateThe date on which the SLA Rule was applied to the Incident
SLA CriteriaThe criteria if any applied. 
SLA Value
The calculated days of the SLA is provided. 
SLA Elapsed TimeThe SLA Elapsed Time is automatically calculated based on the SLA Rule selected.

SLA Detail History - The Detail History will have a comprehensive log of the SLA details captured to provide a birds-eye view of the status of SLA and elapsed time.

Figure: SLA Detail History

For more information refer to the table below

FieldDescription
Status

The status of the Form is displayed here. 
Start TimeThe Start time of the SLA when it is activated is displayed. 
End TimeThe End time of the SLA is displayed. 
SLA Elapsed Time
The SLA Elapsed Time is automatically calculated based on the SLA Rule selected.

SLA StatusThe status of the SLA is displayed when the cursor is hovered over the icon

SLA Deadline History - A historical tracking of compliance with deadlines providing a history of how deadlines or timelines have been managed in the context of SLA.

Figure: SLA Deadline History

For more information, refer to the table below.

FieldDescription

SLA Rule Name
The unique name of the SLA Rule configured.
DeadlineThe Deadline as per the rule is displayed. 
Updated ByThe last person who updated the records.
Updated on The time in which the records were last updated.

Business Rule History

View the list of Business rules triggered and satisfied for the Incident. It also provides a log of the business rules triggered with details. 

Click on the highlighted part to reveal the business rules that were satisfied and triggered and vice versa.

  • Business Rules satisfied - This provides the details of the business rules that were triggered and satisfied.
    Figure: BR satisfied

  • Business Rules Not satisfied - This provides details of the business rules that were triggered and not satisfied.
    Figure: BR not satisfied

    Search Function is available for BR history logs using Keywords as shown below.

    Figure: BR History search
Note


Whenever an action fails during the processing of a business rule, resulting in a 'Failed' status, the Business Rule History will display the status as 'Failed' along with reason for the failure, accompanied by the error. This is crucial for facilitating the investigation of the issue.

Access History

It provides details of the access details and history of accesses in chronologically descending order. 

Figure: Access History log

Import Template

A template guarantees uniformity in the manner in which incident data is recorded. By automatically filling in the fields, templates make the process of submitting new records easier.
 
 Click the Import Template icon and apply the required templates from existing records. The following screen is displayed.
Figure: Import Template

Select the required template and Apply

Generate Summary

The Incident Management "Generate Summary" function streamlines the process of producing thorough incident summaries, guaranteeing that all relevant parties have a clear understanding of the incident details, resolution procedures, and any necessary follow-up actions.

Click the icon to generate a summary of the Incident. 

Figure: Generate Summary

The Create Template icon can be used to create a new template from existing incident details.
Click the Create Template  icon and the following page is displayed.

Figure: Create Template

Provide a Template name with sufficient Tags for the template. Enable the toggle button to make the template available for the end user

More Options

Click the more options icon to view more options available to the Analyst. The following options are available in this section. Each section has been explained in detail below.

Figure: More options

Let us see each of the above in detail.

Reminder

Reminders are used in incident management as a proactive measure to guarantee that events are handled effectively, in accordance with SLAs, and with an emphasis on ongoing improvement.
Click Reminder and the following page is displayed.
Reminder Figure: Reminder

Set Reminders for specific date and time and enable Notify Me to receive Notifications.
Also, you have an option to Create Incident for reminder too.

Remote Desktop

Remote desktop functionality is a valuable tool in incident management, where you make take control of the End user's system to analyze the issue. It is useful when it comes to troubleshooting and resolving IT issues.

Click Remote Desktop and the following page is displayed.
remote desktopFigure: Remote Desktop 

Set Remote Desktop connections for specific RDP Type and add Analyst E-mail ID to send Notifications.
Also, the Requestor E-mail ID is selected by default, and you can change the same.

AI Suggestions

Artificial intelligence (AI) has the potential to significantly improve incident management procedures by providing insightful recommendations and modifications that increase productivity, accuracy, and issue-solving efficacy. AI-driven recommendations can help make incident management more proactive, effective, and responsive, which will ultimately enhance the delivery of IT services as a whole.
 
1. Click icon on the right of the top ribbon.

2. Click AI Suggestions and the following page is displayed. 

AI suggestions

Figure: AI Suggestions 

  • Based on the inputs such as Symptom and Description, Service Desk Intelligence scans all the available history or records and identifies similar records. Further, the Service Desk Intelligence understands human responses to similar records in the past and then provides suggestions. Analysts can view and apply the AI suggestions by clicking Apply. However, the predictions made by Service Desk Intelligence is a reflection of past data. If sufficient records exist with “proper” data, the field predictions are in conjunction with that.

  • The Service Desk Intelligence makes the Analyst's job easier by auto filling the following fields of the Incident based on the Service Desk Intelligence: Workgroup, Impact, Urgency, Category, Classification. By default, these fields are enabled. Click Cancel if you do not want to apply the AI suggestions to the record's details page.

Transfer Incidents

The process of transferring responsibility for handling an incident from one support group or team to another. This transfer might occur for various reasons, such as when the initial team realizes that the incident requires expertise or resources beyond their scope, or when there's a predefined escalation or handover process in place.

Click Transfer Incidents and the following page is displayed.
transfer incidentsTransfer the Incidents to appropriate TenantWorkgroup with Remarks on why is the Incident being transferred.

Article Suggestions

Article Suggestions provide articles of similar interest that can be referenced for resolution of the incident. This can help in knowledge sharing and problem solving. This knowledge sharing mechanism can enhance the efficiency and effectiveness of incident resolution process.

Click Article Suggestions and the following window is displayed.
Figure: Article Suggestions

User Record History

User record history refers to a record of events and modifications connected to a user's account or profile that is organized chronologically. It is a log or record of activities, changes, and updates related to a specific user's tickets. This record history provides a detailed timeline of interactions, communications, and any modifications made to a specific user's tickets throughout its lifecycle.

Click User Records History and the following window is displayed.
Figure: User Record History

It provides a log of the user who has logged an Incident. The screen shows details like ID, Status , Symptom etc. Click on the Incident ID to open the incident in a new tab. If there are many tickets logged by the user, a list of the tickets is displayed. Click Close to close the pop-up of User Record History.

Convert

The convert functionality is utilized to convert a record from its current status. For example. Incident to Service Request, Incident to Change Records, etc and vice versa. By doing so, you can efficiently manage and address specific issues associated with the converted record type.

Figure: Convert

Note
When an Incident is converted to a Service Request, a new tab is opened with the new Service record as given below. The fields get auto populated and the mandatory fields need to be filled in. Refer to the figure below for new Service Request.
 

Form relations play a crucial role in ensuring that the auto-populated data is coherent and logically correct. 

Figure: New Service Request converted from Incident

Once you select the type of record to which you want to convert the Incident into, it will open a new details page of the selected record type. The details are auto-populated from the Incident record.

Send Email

 The Send Email feature is designed to streamline communication within the Incident Management. It helps to have seamless communication between Analyst, End users and other stakeholders involved in the Incident resolution. for Click the Send Email to send the Incident as a mail. The following screen is displayed.

 Figure: Send Email

Recipients Selection
Select the list of contacts: by users or by recipients. (Refer the following screenshots)Figure: Send Email - Recipient Selection

Once you click the text field, the following options appear:Figure: Recipient Selection

Click the first option to select the group of users to which you want to send the email. The options in the dropdown menu are: Users, User Groups, By Roles, Groups based on User Properties, Dynamic Groups, Approvers, Custom Email IDs. (Refer the following screenshot)Figure: Contact List - Groups

Once you select the required option from the first menu, the names of the Recipients are auto-populated in the next field. Click on the dropdown menu icon next to Select Recipient to expand the menu. It displays a list of recipients to choose from. (Refer the following screenshot)
Figure: Contact list - recipients
 
You can include additional recipients who should receive a copy of the email under the Cc section. Add recipients in the Bcc section to include additional recipients who should receive a copy of the email without other recipients knowing.

Notification Template Selection 

Select the notification by clicking the Notification Template dropdown menu. (Refer the following screenshot)

Figure: Notification Template Selection. 

Specify the Subject and Body for the email. Subject and Body are mandatory fields. You can also send attachments with the email. (Refer the following screenshot)

Figure: Email body, subject, attachment

Click Submit to save the email settings. If you do now want to configure the Send Email option, click Cancel. <


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.