Problem solve Get help with specific problems with your technologies, process and projects.

Use SLAs to assign help desk incident priorities

Service-level agreements help service desks categorize and prioritize IT incidents according to an organization's strategic plan.

Stuart Galup
Stuart D. Galup

The typical service desk receives hundreds or even thousands of incident notifications during the course of a year. Managing this onslaught of notifications and ensuring that each incident is resolved in a timely manner based on the needs of the business can be a daunting task.

IT service availability is the single most important responsibility of an IT organization. Once an IT service is operational in the live environment, and the business grows dependent on it, it is imperative that the service is available when needed. In the event of a service disruption, it is the responsibility of incident management to restore the service as quickly as possible. Incident management is critical to the availability of IT services.

Before delving into how to assign incident priorities, let's review some key terms:

  • Incident: An unplanned interruption to an IT service or reduction in the quality of an IT service. Any event that could affect an IT service in the future -- for example, the failure of one disk from a mirror set.-- is also considered an incident.


  • Incident management: The process responsible for managing the lifecycle of all incidents. The primary objective of incident management is to return the IT service to customers as quickly as possible.


  • Service-level agreement (SLA): An agreement between an IT service provider and a customer. The SLA describes the IT service, documents and service-level targets. It specifies the responsibilities of the IT service provider and the customer. A single SLA may cover a number of IT services or customers.


  • Impact: A measure of the effect of an incident on business processes. Impact is often based on how service levels will be affected.


  • Urgency: A measure of how long it will be until an incident has a significant impact on the business. For example, a high-impact incident may have low urgency if the impact will not affect the business until the end of the financial year.


  • Priority: A category used to identify the relative importance of an incident. Priority is based on impact and urgency and is used to identify required times for actions to be taken. For example, the SLA may state that Priority2 Incidents must be resolved within 12 hours.

In most organizations, the process owner of incident management is the manger of the service desk. When an incident is reported, the first step in the process is to evaluate the situation and, based on established business requirements, assign a priority to the incident. This may seem straightforward, but setting priorities is an activity that requires agreements across the organization as well as within specific organizational units.

For example, if a major incident occurs causing widespread disruption, it is understood that all resources are directed to address the service disruption. As a result, the resolution of minor incidents may be delayed. But, when there are a number of minor or major incidents, directing the application of resources becomes a challenge.

IT service priorities are defined by business priorities. Thinking of it another way, the IT strategy is created once the business strategy is completed. So before you can set an IT service priority, the organization must prioritize its business services. You determine a service priority based on the impact the incident causes and the business urgency to restore the IT service to normal operating levels. The formula is Priority = Impact + Urgency.

The service-level management process collects and records the business priorities for each IT service. If the number-one priority of the business is customer service, then the customer call center is a critical business service. The IT services that support the customer call center would be classified as a high priority. There are also priorities unique to each specific segment of the organization, and a priority must be established for each one of these IT services.

IT service priorities are recorded in the service-level agreements and made known to the business units and to the service desk. Prioritizations specific to a business unit would be recorded in that unit's service-level agreement. Priorities across the organization may be recorded in each SLA or published in a common area, such as the organization's internal Web site. This ensures that all parties are aware of the prioritization scheme used to restore IT services.

  1. Step one in establishing priorities is to review the business' strategic plan. Categorize and prioritize your IT services based on how senior management categorizes and prioritizes business services. A mission-critical business service determines a mission-critical IT service.


  2. Step two is to build and publicize the list.


  3. Step three is to have the incident management owner build this information into the incident management process.


  4. Step four is to make sure all parties are aware of the prioritization scheme and the process of escalation.

When all of this is in place, the service desk can assign a priority to an incident knowing that IT resources are restoring IT services that benefit the organization the most. With so many incidents recorded each day, having priorities set in advance can help the service desk do its job better. When the service desk is more efficient, everyone wins.

Stuart D. Galup is an associate professor of computer information systems at Florida Atlantic University. He is a Certified Computing Professional and is certified in ITIL. He has held a number of senior information technology positions and holds a U.S. patent. Galup has written more than 45 academic publications and two books.


Dig Deeper on Enterprise infrastructure management