When teaching some of the intermediate ITIL courses, a fundamental realization came to me that is quite striking. The realization is that you cannot have true Incident Management without a mature Service Level Management process.
Let’s say your organization has a tier one application that requires a high level of availability. One day a user calls the Service Desk complaining that the application is responding slowly. After some interrogation, the Service Desk determines that instead of the screen updating instantly when a record is submitted, it is taking 1.2 seconds. The Service Desk then contacts the Application Owner and explains the situation. The Application Owner says that a 1.2 second delay after a record is submitted is nothing to be concerned about and asks the Service Desk to tell the user not to worry. That length of a delay is considered acceptable performance.
So when does a performance impairment become an Incident? What if it had been 5 seconds? What if it had been 20 seconds? What if it had been a minute?
At some point, the Application Owner would obviously agree that there is an issue that needs to be addressed, but where is that line? Without defined Service Levels, it is impossible to define what constitutes an Incident.
The problem with this situation is that almost no organizations have well defined and documented Services, and even fewer have Service Level Agreements that go to the level of defining when Service impairment should be considered an Incident.
If your organization has Service Levels Agreements, see if the agreements have a section that defines what conditions would trigger an Incident. If the agreements don’t have an “Incident Trigger” section, maybe they should.
If your organization doesn’t have documented Service Level Agreements, then your organization has something worse – Unwritten Service Level Agreements. Without the leaders of the business negotiating with IT to define what roles, responsibilities, and levels of service are associated with the IT Services being delivered, then every user gets to define their own Service Levels.
Unwritten Service Level Agreements defined by the end users are always much more demanding than any that an IT department would ever agree to. I, as an end user, think that all Incidents should be resolved within 5 minutes. If there is nothing documented to say I’m wrong, then IT will fail in fulfilling my perceived Service Levels every time.