You are here: > ITIL Processes > Incident Management > Incident prioritization
ActiveXperts Network Monitor proactively manages network servers, devices, databases and more.

Incident Management - Incident prioritization

Another important aspect of logging every incident is to agree and allocate an appropriate prioritization code as this will determine how the incident is handled both by support tools and support staff.

Prioritization can normally be determined by taking into account both the urgency of the incident (how quickly the business needs a resolution) and the level of impact it is causing. An indication of impact is often (but not always) the number of users being affected. In some cases, and very importantly, the loss of service to a single user can have a major business impact - it all depends upon who is trying to do what - so numbers alone is not enough to evaluate overall priority! Other factors that can also contribute to impact levels are:

  • Risk to life or limb
  • The number of services affected - may be multiple services
  • The level of financial losses
  • Effect on business reputation
  • Regulatory or legislative breaches.

An effective way of calculating these elements and deriving an overall priority level for each incident is given in the table

    High Medium Low
  High 1 2 3
Urgency Medium 2 3 4
  Low 3 4 5
Priority code Description Target resolution time
1 Critical 1 hour
2 High 8 hours
3 Medium 24 hours
4 Low 48 hours
5 Planning Planned

In all cases, clear guidance - with practical examples - should be provided for all support staff to enable them to determine the correct urgency and impact levels, so the correct priority is allocated. Such guidance should be produced during service level negotiations.

However, it must be noted that there will be occasions when, because of particular business expediency or whatever, normal priority levels have to be overridden. When a user is adamant that an incident's priority level should exceed normal guidelines, the Service Desk should comply with such a request - and if it subsequently turns out to be incorrect this can be resolved as an off-line management level issue, rather than a dispute occurring when the user is on the telephone.

Some organizations may also recognize VIPs (high-ranking executives, officers, diplomats, politicians, etc.) whose incidents would be handled on a higher priority than normal - but in such cases this is best catered for and documented within the guidance provided to the Service Desk staff on how to apply the priority levels, so they are all aware of the agreed rules for VIPs, and who falls into this category.

It should be noted that an incident's priority may be dynamic - if circumstances change, or if an incident is not resolved within SLA target times, then the priority must be altered to reflect the new situation.

Note: some tools may have constraints that make it difficult automatically to calculate performance against SLA targets if a priority is changed during the lifetime of an incident. However, if circumstances do change, the change in priority should be made - and if necessary manual adjustments made to reporting tools. Ideally, tools with such constraints should not be selected.

Other ITIL Processes

In order to have a good understanding of ITIL and the importance of configuration management, we first define what ITIL is: ITIL is literally a collection of documentation.

This documentation can help IT organizations implement the best practices. The documentation grows and grows as more successful techniques are documented and guidelines established for what can make others successful. The latest ITIL resources are published by the UK Office of Government Commerce (OGC).

Integrated service delivery refers to the need for Configuration Management, Change Management, Incident Management, Problem Management and Release Management processes that are linked together in a meaningful manner. For example, the process of releasing components to the live environment (the domain of Release Management) is also an issue for Configuration Management and Change Management whilst the Service Desk is primarily responsible for liaison between IT providers and the Users of services. This section highlights the links and the principal relationships between all the Service Management and other infrastructure management processes.

ITIL processes fall under Operational Layer or Tactical Layer, as follows:

Operational Layer: Configuration Management - Service Desk Management - Incident & Problem Management - Change Management - Release Management
Tactical Layer: Service Level Management - Availability Management - Capacity Management - Continuity Management - Financial Management