Incident management (ITSM)

From Wikipedia, the free encyclopedia

Incident management (IM) is an IT service management (ITSM) process area.[1] The first goal of the incident management process is to restore a normal service operation as quickly as possible and to minimize the impact on business operations, thus ensuring that the best possible levels of service quality and availability are maintained. 'Normal service operation' is defined here as service operation within service-level agreement (SLA). It is one process area within the broader ITIL and ISO 20000 environment.

ISO 20000 defines the objective of Incident management (part 1, 8.2) as: To restore agreed service to the business as soon as possible or to respond to service requests.[2]


ITIL 2011 defines an incident as:

an unplanned interruption to an IT service or reduction in the quality of an IT service or a failure of a Configuration Item that has not yet impacted an IT service (for example failure of one disk from a mirror set).[3]

The ITIL incident management process ensures that normal service operation is restored as quickly as possible and the business impact is minimized. ITIL Service Operation. AXELOS. 30 May 2007. ISBN 978-0113310463.

Incidents, problems and known errors[edit]

The main challenges and cause for problems in the Incident management are:

  1. Constantly increasing Alert and Event Noise
  2. Complex and Lengthy IT Problem Resolution Process
  3. Inability to effectively predict and prevent IT service degradations or outages[4]


  • Bruton, Noel, How to Manage the IT Helpdesk — A Guide for User Support and Call Center Managers. ISBN 0-7506-4901-1.