Manage Learn to apply best practices and optimize your operations.

Incident management made easier with Microsoft Service Desk

Expert Stuart Galup gives the skinny on Microsoft's help desk software, called Service Desk, and explains why help desk software and automated incident management can make your life a lot easier.

If you've heard the buzz about Microsoft's new help desk and incident management software, code-named Service Desk,...

you may be wondering how this software and the other tools of the Systems Management Software suite will affect your organization.

First, it is important to understand the reason for Microsoft's push to expand the products' functionality. The Systems Management Software suite is based on Microsoft Operations Framework (MOF), which is a prescriptive approach to delivering IT services. It provides operational guidance on system reliability, availability, supportability and manageability of Microsoft products and technologies. The company based MOF and the new ISO/IEC 20000 standard on the Information Technology Infrastructure Library (ITIL).

Microsoft's Service Desk software helps automate the service desk function and incident management process, two of the most critical aspects of the MOF Process Model Supporting Quadrant. The second process that is integral to the quadrant is problem management, which focuses on root cause analysis. Problem management has a direct effect on the suppression of incidents and the speed with which incident management resolves disruptions.

A corporation's service desk is the single point of contact for all incidents and service requests. An incident is defined as any event that is not part of the standard operation and may or does cause a disruption in normal service levels as defined in the service-level agreement (SLA). Service requests relate to solving issues and problems across a vast array of applications, communication systems, desktop configurations and facilities. A corporation's service desk is a key component of customer relationship management, so staffing the desk with the right personnel is critical.

Incident management is the process of managing the lifecycle of an incident. It includes managing and controlling faults and disruptions in the use or implementation of IT services. The primary goal of the incident management process is to restore normal service operations as quickly as possible and to minimize any adverse impact on business operations. The process groups incidents into minor and major incidents. It handles major incidents differently because they require a response above and beyond what's provided by a normal incident response process. The service desk uses the management process and, in most organizations, the service desk manager is the incident management process owner.

Microsoft's Service Desk software supports the handling of incidents by enabling the recording and coordination of the following process steps:

  • Incident detection and recording: The service desk representative records the basic details about the incident from either the user or from an automated source.
  • Classification and initial support: The action of classifying the incident identifies the reason for the incident and the corresponding resolution action. This step relies on configuration item data stored in the configuration management database (CMDB) as well as information stored about problems and known errors and their associated 8workarounds. One output of the classification step is the establishment of a priority for the incident. It determines priority based on the impact (How business critical is the IT service?) and the urgency (How fast must the IT service be restored?). The second part of this step is initial support that results in the resolution of the incident. Success at this point is often affected by the existence of workarounds and/or information about problems and known errors. If initial support is not successful, the incident management process initiates the investigation and diagnosis step.
  • Investigation and diagnosis: The actions involved in this step are the assessment of the incident and analysis of the related information. This step in the process may become iterative with the incident being transferred to different groups as a workaround or permanent resolution is sought. They are transferred based on hierarchical or functional escalation. Hierarchical escalation results in the notification of management that an incident will not be resolved in the proper time or to the satisfaction of the customer based on the SLA. Functional escalation is the transfer of the incident to a higher level of skill, which consists of multiple technical support lines. These levels are known as Line 1, 2, 3, and N (supported by operational level agreements and underpinning contracts).
  • Resolution and recovery: With the findings of the diagnosis, the incident is resolved using the workaround or a Request For Change (RFC), which is submitted to the change management process.
  • Incident closure: The final step in the process is to update the incident by changing the status to "closed."

The incident management process is a detailed and complicated process that interacts and depends on many other processes in the MOF, such as change management, configuration management, release management, service-level management, capacity management, availability management, service continuity management, security administration and service monitoring and control.

MOF is a quality management framework that follows the plan-do-check-act method of continuous improvement. If you plan to implement incident management or already have a working process, you need key performance indicators to measure how well you are doing the process. Remember, it's not a question of whether you are doing the process. It's a question of how well -- or poorly -- you are doing it.

Dr. Stuart D. Galup (D.B.A., Nova Southeastern University) is an associate professor of computer information systems at Florida Atlantic University. He is a Certified Computing Professional and is certified in ITIL. He has held a number of senior information technology positions and holds a U.S. patent. Galup has authored more than 45 academic publications and two books.

Dig Deeper on Enterprise infrastructure management