Planning → Detection → Reporting & Communication → Triage → Analysis → Containment & Neutralization → Close / Problem Management
Planning
Planning to manage future incidents. For example, creating a knowledge artifact that explains how to resolve common and recurring incidents.Detection
Detecting an incident typically including automated testing and communication channels that allow stakeholders such as customers to report problems.Reporting & Communication
Reporting and communicating incident information to stakeholders. For example, keeping a customer updated regarding an incident they reported or that impacts them.Triage
Triage is the process of assigning a priority to incidents to determine how to direct resources. This often involves estimates of severity and impact.Analysis
Incident analysis resembles troubleshooting whereby you seek out the source of problems and list possible solutions.Containment & Neutralization
Working to contain and neutralize the incident. For example, a food processing facility that shuts down a production line to contain a quality problem that then neutralizes the problem by replacing a malfunctioning machine with a workaround manual process.Close / Problem Management
Closing the incident and potentially opening a problem management ticket to investigate root cause. For example, a problem management ticket that reports a malfunctioning machine that has caused an incident.Other
The incident management process potentially includes several subprocesses as follows.| Audit Trail | The process of capturing information about the incident and the incident management process. |
| Escalation | Escalating incidents to management, other departments or stakeholders. |
| Review | Reviewing the incident and liaison with other processes such as quality assurance. |
