What are incidents


ITIL 4 defines an incident as an unscheduled interruption or reduction in the quality of a service. The main feature of incidents is their unexpectedness and high threat to work processes. Sometimes such failures completely paralyze the activities of individual departments or the whole company, which entails financial losses. So, a major accident in the data center has the potential to disable the entire IT infrastructure of the organization.

Due to their criticality, incidents require the fastest possible response from support specialists. The regulatory deadlines for neutralizing failures are prescribed in special service level agreements (SLA).

service desk incidents


There is often confusion as to how an incident differs from a problem. According to the ITIL definition, a problem is the actual or potential cause of one or more incidents. It is fixed when users repeatedly contact the support service with requests to fix the same failures: the Internet connection is lost, there is no access to the application.

Incident and problem management processes for ITIL vary. In the first case, the main goal is to minimize damage to the business and resume the service as soon as possible. In critical conditions, technicians do not have the task of identifying the cause of the incident. The support team offers a temporary or alternative solution in order to correct the situation as quickly as possible. For example, it uses reserve server capacities in case of a major accident in the data center. Problem management, in contrast, focuses on finding the root causes of failures and choosing solutions that will prevent similar incidents in the future.


Service desk systems are used to manage incidents in accordance with the ITIL methodology. We list the possibilities of such a solution.

incident management at naumen service desk


Manual and automatic mode of generating requests for the elimination of the incident. For example, a user of an IT service can apply through different channels: email, mobile application, messenger, self-service portal.


Fixing the time and date of the creation of the application, its subsequent change. Saving in the record full contact information (person, feedback method), incl. source of the incident report (person, event, group).


Separation of calls into incidents and service requests. Prioritization of incidents according to preconfigured SLA conditions (type of configuration item, failed service, degree of disruption of its performance, etc.). Routing by responsible executors (group, department or employee).


Fixing the signs of a failure and the results of diagnosing its causes. Support for incident registration templates, which may include a list of required processing steps. Notification of users and support service of the occurrence of already known errors that are associated with a registered or processed incident, based on information about its category, configuration item or service.


Notification of interested parties (manager, business customer, contractor, etc.) about incidents based on preconfigured or manually specified conditions.


Using a configuration management system (CMDB) to identify, analyze and diagnose incidents. Ability to create a service request, a change request from an incident record, and establish a link between them.


Saving in the history of the incident full data on the actions that were performed in the process of resolving and restoring the service, and the employees who carried them out. Automatic control and monitoring of response time and incident resolution according to service level and priority.


Fixing data on the elimination of the incident, including time and date. Evaluation of user satisfaction with the results of work.


Built-in reporting tools keep important service metrics under control. Visual display of data online: analytics on incidents, performers, quality of service.