Editable process for when you have a high-impact situation that requires managerial oversight and organisation-wide communication.
This digital summary outlines the Major Incident Process, a structured approach for responding to and managing major IT incidents within an organisation.
Purpose of the Major Incident Process
The Major Incident Process serves as a guideline for IT teams and stakeholders to coordinate their efforts in restoring disrupted services as swiftly as possible. It provides a set of defined activities, roles, and responsibilities to ensure effective communication and action during a crisis situation.
Where and When to Use the Major Incident Process
The Major Incident Process is activated when a significant incident occurs that affects critical systems and services. It is applicable across various departments within the organisation, including the Helpdesk, technical teams, and upper management.
Major Incident Process Steps
Investigate: Initial 1-hour investigation period by the receiving team to potentially resolve the issue.
Contact Major Incident Manager: Engage MI Manager if the service is not restored within 1 hour.
Assess Criteria for Major Incident: MI Manager evaluates if the situation qualifies as a major incident.
Investigate & Escalate: Continued investigation and escalation by the technical team.
Manage Recovery & Comms: MI Manager oversees recovery and communications.
Investigation Review Meetings: Crisis meetings may be convened by the MI Manager.
Update Stakeholders: MI Manager communicates updates to stakeholders.
Communicate Resolution: Final communication once the service is restored.
Produce an MI Report: A detailed report is produced and circulated within 24 hours.
Close Incident: Formal closure of the major incident record.
Roles & Responsibilities
Helpdesk Staff: Responsible for initial identification, logging, and escalation.
Investigating Technical Teams: Implement fixes and update the incident management system.
Major Incident Manager: Coordinates overall response and communication, and produces the Major Incident Report.
Why Use the Major Incident Process?
Streamlined Response: Ensures a standardised, swift, and effective response to major incidents.
Accountability: Clearly defined roles and responsibilities make it easier to hold parties accountable.
Risk Mitigation: The systematic approach aids in reducing the impact of the incident.
Transparency: Helps in maintaining open and consistent communication with all stakeholders.
Continuous Improvement: Facilitates post-incident reviews to identify areas for improvement.
Additional Information
The Major Incident Process acts as a blueprint for organisations aiming to achieve a coordinated and effective response to severe incidents. It is instrumental for governance and compliance, making it a critical component of a robust IT management strategy.
