This document outlines an incident management plan. It includes sections on incident prioritization based on severity and impact levels, team responsibilities and contact information, communication plans, the incident management process flow, escalation processes, and best practices. The plan provides guidance on how to classify, respond to, communicate about, and resolve different types of incidents to minimize disruption and recover services.
2. Content
2
Risk Matrix
Incident Management- Purpose
Incident Prioritization
Incident Severity Level
Team Responsibility
Incident Management Communication Plan
Incident Management Process Flow
Plan in Action
Escalation Process
Time Guidelines
Incident management Best Practices
3. Content
3This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
Risk Matrix
Incident Management- Purpose
Incident Prioritization
Incident Severity Level
Team Responsibility
Incident Management
Communication Plan
Incident Management Process Flow
Plan in Action
Escalation Process
Time Guidelines
Incident management Best Practices
4. Incident Management- Purpose
4
Problem
Add your company specific text here
Service Request
Add your company specific text here
Incident
Add your company specific text here
5. Incident Prioritization
1- High 2 - Medium 3 - Low
5
Incident Priority
Impact: People & Service
Severity: Time
Severity
3-Low
User cannot perform a
portion of their duties.
2-Medium
User cannot perform critical
time sensitive functions
1-High
Major portion of a critical
service is unavailable
Impact
3-Low
› One or two personnel
› Degraded Service Levels but still processing within
SLA constraints
2-Medium
› Multiple personnel in one physical location
› Degraded Service Levels at or below SLA
constraints
› Cause of incident falls across multiple functional
areas
1-High
› All users of a specific service
› Personnel from multiple agencies are affected
› Public facing service is unavailable
› Any item listed in the Crisis Response tables
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
6. Incident Severity Level
Extreme
High
Medium
Low
Insignificant
Such incidents can potentially affect the company resources and cause heavy losses
Such incidents may affect the confidentiality of data which can lead to direct loss of business
Such incidents affect the availability of information
Such incidents may affect the confidentiality/ integrity of data however no loss of business as the
company should already be secured against these incidents but constant surveillance is still necessary
Such incidents pose negligible risk to the company
6This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
7. Role Contact Name
Contact
Information
Incident Response Lead
Liason between IT & business units. Create record executive update
Text Here
Office Text Here
Mobile Text Here
E-mail Text Here
Incident Response Coordinator
Ensure proper execution of IRP. Validate investigation, containment, remediation and recovery.
Text Here
Office Text Here
Mobile Text Here
E-mail Text Here
Legal Lead
Assess legal liabilities and responsibilities during and after an incident. Guide communication with authorities and public
Text Here
Office Text Here
Mobile Text Here
E-mail Text Here
Investor Relations Lead
Create and distribute comms to investors around the incident, status and conclusion
Text Here
Office Text Here
Mobile Text Here
E-mail Text Here
Public Relations Lead
Translate events into public facing documents. Advise timing and distribution
Text Here
Office Text Here
Mobile Text Here
E-mail Text Here
Internal Communications Lead
Create and distribute internal communications regarding the incident. Adhere to obligations for comms to authorities &
interested parties
Text Here
Office Text Here
Mobile Text Here
E-mail Text Here
IT Operations Lead
Responsible for all systems/application ops. Manage the technical aspects of response & recovery
Text Here
Office Text Here
Mobile Text Here
E-mail Text Here
IT Security Lead
Ensure confidentiality, integrity and availability of information assets. Liaison between outside experts (e.g. Rapid7) and
the internal IR team
Text Here
Office Text Here
Mobile Text Here
E-mail Text Here
Loss Prevention Lead
Ensure that physical assets are protected. Act as law enforcement liaison relevant data
Text Here
Office Text Here
Mobile Text Here
E-mail Text Here
Team Responsibility
7This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
8. Incident Management Communication Plan
8
Incident Severity Communication Medium Audience
Extreme
Conference call
Conference call
E-mail
Powerpoint
Within 1 hour
2x Daily
Daily COB
Incident close
COO, CIO, Legal counsel, etc.
Medium
E-mail
E-mail
Within 1 hour
Daily COB
Add text here
Insignificant E-mail As needed Add text here
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
9. Risk Matrix
Consequences
Likelihood Insignificant Minor Moderate Major Critical
Rare Accept the risk
Routine management
Accept the risk
Routine management
Accept the risk
Routine management
Specific responsibility &
treatment
Quarterly senior
management review
Unlikely Accept the risk
Routine management
Accept the risk
Routine management
Specific responsibility &
treatment
Specific responsibility &
treatment
Quarterly senior
management review
Possible Accept the risk
Routine management
Specific responsibility &
treatment
Specific responsibility &
treatment
Quarterly senior
management review
Quarterly senior
management review
Likely Specific responsibility &
treatment
Specific responsibility &
treatment
Quarterly senior
management review
Quarterly senior
management review
Monthly senior
management review
Almost certain Specific responsibility &
treatment
Specific responsibility &
treatment
Quarterly senior
management review
Monthly senior
management review
Monthly senior
management review
9
High Medium LowExtreme
10. Incident Management Process Flow
1a. Event
Management
1b. Web
Interface
1c. User
Phone Call
1d. E-mail
Technical Staff
2. Incident
Identification
Request
Fulfilment
3. Incident
Logging
5. Service
Request
8. Incident
Prioritization
9. Priority
1(major) Incident?
10. Notify
Senior Staff
17. Close
Incident
7. Relate to existing
open cases and set
impact appropriately
11. Initial
Diagnosis
16. Customer
Satisfied
4. Incident
Categorization
6. Same issue
reported by others?
12. Info in
Knowledge Base?
15. Verify
Resolution with
Customer
14. Resolution &
Recovery
13. Continued
Investigation &
Diagnosis
SourceServiceDesk
Service
Provider
Group
Yes
No Yes
Yes
Yes
Yes
No
No
No
10This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
11. Plan in Action
11
› When a critical incident occurs, it is
important that key people are notified
› Immediately after notification of the
incident the following questions need to
be addressed
› What makes the event critical?
› Where did it happen?
› What is the most appropriate
intervention?
Reaction
› After the critical incident has been dealt
with it is essential that an evaluation is
undertaken to determine if there are any
improvements that can be made to better
handle critical incidents in the Future
› Feedback should be sought from those
who have been involved in various
aspects of the operation
Review and Action
› Written and or verbal reports are
provided to the appropriate manager
including any recommendation on
ways to prevent similar occurrences
› Add text here
› Add text here
Reporting
› Gather accurate facts and information
› Notify all key personnel of the problem
and assign them tasks focused toward
recovery from the critical incident
› Organize alternate facilities in order to
continue operations
› Add text here
Recovery and Restoration
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
12. Escalation ProcessServiceDesk
2. Priority 1 (Major) 5. Resolved?
7. Priority 2
(Medium)
9. Off hours?
14. Time limit to
resolve elapsed?
17. Resolved?
12. Manager
available?
10. On call person
available?
Finish
Yes
No
Yes
Yes
Yes
Yes
Yes
No No
No
No
No
12
1. Examine incident
3. Notify senior
management via
phone or e-mail
4. Monitor
6. Notify senior
management via
phone or e-mail
8. Notify provider
group manager
16. Monitor
18. Notify all
previously notified
parties via e-mail
15. Notify provider
group manager
13. Notify senior
management via e-mail
11. Contact provider
group manager
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
13. Time Guidelines
Priority Time Limit before Escalation by Service Desk
3-Low 3 business days Manager
2-Medium
4 hours Manager
If on-call contact cannot be reached during non-business hours Manager
If neither on-call contact or their manager cannot be reached during non-
business hours
Add text here
48 hours Add text here
1-High
Immediate Manager
Immediate Senior Mgt
1- High 2 - Medium 3 - Low
13This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
14. Incident Management Best Practices
14
Easy
Accessibility
Effective
Communication Strategy
Automate Wherever
possible
Motivate your
Agents
› Incident logging becomes more efficient with easily accessible multi-
channel IT service desk
› Ensure that you promote your service desk heavily to end users and offer
multiple channels such as email, web, mobile app to report an incident
› Communicate first response and resolution to end users by sending relevant
email notifications
› Follow an effective strategy to trigger alerts for ticket updates, replies and
status updates
› Identify tasks that can be automated in order to reduce manual work and
improve efficiency
› Add text here
› Set clear goals for your team and communicate KPIs that are aligned with
business goals
› Add text here
DescriptionAreas
This slide is 100% editable. Adapt it to your needs and capture your audience's attention.
17. Our Mission
17
This slide is 100% editable. Adapt it
to your needs and capture your
audience's attention.
Vision
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
Goal
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
Mission
18. Financial
18
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
$540
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
$340
This slide is 100%
editable. Adapt it to your
needs and capture your
audience's attention.
$659
19. Our Team
19
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
Designation
Name Here Name Here
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
Designation
20. About us
20
Target Audience
This slide is 100% editable. Adapt it to your
needs and capture your audience's attention.
Premium Services
This slide is 100% editable. Adapt it to your
needs and capture your audience's attention.
Value Clients
This slide is 100% editable. Adapt it to your
needs and capture your audience's attention.
21. Idea Generation
21
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
Text Here
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
Text Here
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
Text Here
22. Quotes
22
-Tom Abbott
It’s not just about being better. It’s
about being different. You need to
give people a reason to choose
your business.
23. Timeline
23
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
2017
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
2018
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
2013
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
2015
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
2019
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
2014
This slide is 100% editable. Adapt
it to your needs and capture your
audience's attention.
2016
24. Thank You
24
Address
# street number, city, state
Contact Numbers
0123456789
Email Address
emailaddress123@gmail.com