there are few question related to incident management……
please have a look……….
QUESTION 1: What is your understanding of incident management?
ANSWER 1: An Incident occurs when there is an interruption in the flow of service, or if the quality of the process has reduced. For example, (power cut scenario – finance company – server down). Incident management means restoring the flow of process as soon as possible by rectifying the issue caused due to the incident. It reduces the adverse impact on the business.
QUESTION 2: On what factors do you prioritize an Incident?
ANSWER 2: The priority of an Incident can be decided on answering the following questions:
- Do we have a temporary or an alternate solution while fixing the actual issue?
- Is this urgent or can it wait? If it can wait, then how long can it wait?
- What else goes wrong if this is not fixed?
- What is the financial impact, reputational impact, or SLA (Service Level Agreement) breach?
QUESTION 3: Explain – Priority = Impact + Urgency (Priority Matrix)
ANSWER 3: Impact is the level of loss, be it financial or on the business. Urgency is how quick the solution has to be provided. Priority is decided based both on Impact and Urgency.
QUESTION 4: What is an Emergency Change? How different is it from a Normal Change?
ANSWER 4: Emergency Change is something which has huge impact if not addressed immediately. It is dealt by ECAB (Emergency Change Advisory Board), with shorter time-scales and higher levels of urgency. ECAB does the impact assessment and decides whether to approve or to reject the change request.
QUESTION 5: Describe the different phases involved in the Incident Management Process.
ANSWER 5: In the different phases, one needs to:
- Mitigate risk: Incident management guides you to identify the chances, potential risks, or threats that may cause interruption to a process and thereby mitigate the occurrence of any such incident by planning the pre and post actions, to face the
- Prepare: Preparing is nothing but planning. Remember – Prevention is always better than cure. Hence, planning is a part of this phase where the incident professional plans the actions that need to be performed for an incident. This is termed as IMP – Incident Management Plan. This IMP leads you with step by step procedures.
- Respond: One needs to respond to an incident on priority. This is to mitigate the risk occurred and also to reduce further damage. This may also be done by IMRT (Incident Management Response Team).
- Resolve: The incident team or individual should assess the damage caused and take the responsibility of informing all the members involved in the process about the status of the incident.
- Recover: In the recovery phase, the Business Continuity Plans (BCP) are implemented and teams or persons connected in testing this plan / phase are well prepared to perform the action. This may include teams like HR, IT desk, operations, server team, BCP team, and so on.
- Resume: In this phase, incident professionals need to analyze the outcome of the BCP so conducted, whether it has a positive or negative response. Post the analysis, they need to make necessary changes depending on the response, and implement the plan that confirms the BCP plan.
QUESTION 6: How do you engage Problem Management while handling incidents?
ANSWER 6: As soon as an Incident is identified as a problem ticket, the problem management team comes into the picture to check the previous and related incidents, and then do a root cause analysis so as to find the reason for the recurring incident. The incident management team provides, the required incident details to the problem manager, and also coordinates with the end user in times of need.
QUESTION 7: What type of Incident Management reports did you or your team have?
ANSWER 7: The types are:
- Average handling time for transactions
- Average response times based on priority of the incident
- Average resolution times based on the priority of the incident
QUESTION 8: What are the escalation methods that are used in Incident management?
ANSWER 8: There are two types of methods used: the Functional method and the Hierarchical method.
Functional escalation means forwarding or assigning a particular incident from one department to another for resolution.
Hierarchical escalation is done when we don’t get the proper and timely response from the support teams. We escalate it to the senior management above the support team members.
QUESTION 9: Why does an Incident manager need to be aware of new developments and technical changes?
ANSWER 9: An Incident Professional needs to update his knowledge and be aware of the new developments and technical changes because it helps him or her to find upgraded resolutions that may trigger in future.
QUESTION 10: What are the daily responsibilities of an Incident Manger?
ANSWER 10: An Incident Manager is responsible of the following activities:
- Ensuring that the incident backlogs are cleared at the earliest as per the SLAs (Service Level Agreements) and OLAs (Operational Level Agreements)
- Ensuring that the tickets are routed to the correct support group so that the response and resolution times are not affected.
- Following the Incident Management Process (as designed)
- Holding periodical meetings with the stakeholders and other departments involved, to share the new guidelines if any
- Updating oneself with the new procedures and developments
- Utilizing the knowledge effectively and keep updating it
QUESTION 11: How different is Major Management Process from Incident Management Process?
ANSWER 11: There is some similarity in the two processes. In both the cases, we aim to get the incident resolved at the earliest so as to reduce adverse impact on the business. But there is a slight difference in their approaches. Major incident management is a critical process where the timelines are shorter and urgency levels are higher. The way your team wants to deal with it may depend on your organization structure. Usually someone specific is assigned to take care of that particular major incident – right from the identification of the major incident, bringing in the support team members on to a conference call or a group chat till resolving the incident.
QUESTION 12: How is a Major Incident Management bridge call handled?
ANSWER 12: A Major Incident Management bridge call is handled by:
- Inviting all the stakeholders on to the call
- Inviting them about the criticality
- Identifying the appropriate resolver group (in case there are multiple groups related to the incident)
- Letting the resolver group acknowledge and take ownership of the incident
- Coordinating with the stakeholders in order to keep them posted about the progress
- Using Functional or Hierarchical Escalation according to the requirement
- Sending timely updates to all stakeholders