Page 1 of 1
Major Problem Review / Major Incident Review
Posted: Thu Jan 05, 2012 2:18 pm
What is the difference between a major problem review and a major incident review?
Posted: Fri Jan 06, 2012 12:54 am
I don't understand the question. What kind of difference are you looking for? What is the significance of the term major as you are using it?
Posted: Fri Jan 06, 2012 4:57 am
you mean major incident and problem review???.
well they are two completley diffrent roles..so the review would be different too.
Major incidents review will look at all the years/quaters etc..major incidents and check downtime,outage. on key applications
Problem review will see what types of probelms have been recored and try to find root cause through pro-active problem mangament..
Posted: Mon Jan 09, 2012 1:12 pm
Abu1 - Thank you, I understand the first one on Major Incident Review, however, on Major Problem Review, I don't think I understood your comment "Problem review will see what types of probelms have been recored and try to find root cause through pro-active problem mangament..".
If I am not wrong review is something which is done post the implementation / closure. Wanted to know what could be reviewed in such case for a Problem.
Posted: Tue Jan 10, 2012 4:52 am
Abu1 is describing a review of the incident management process.
I think you are asking about the review of a specific incident and of a specific problem.
It is possible to review any incident, not just major incidents and it is important to review every problem (I'm not sure what can be meant by major problem - I don't think the distinction is necessary unless you are handling tens of problems per day).
This is done, as you rightly say, after the incident or problem has been resolved and is part of the incident or problem procedure. In each case you need a policy in place to determine whether to review and what to review.
The "whether", may say, for example:
- review any incident that has exceeded its expected resolution time
- review any major incident
- review any incident that took twice as long as the SLA average for that incident type
- review any incident that affected the central accounting/ security/ stock/ whatever system
- the incident manager/ problem manager/ service manager/ security manager/ customer account manager (either on his/her own account or on behalf of the customer)/ etc. can call for an incident review
- review every problem
It will also describe what to review, for example:
- were communications effective?
- were the right resources available on time?
- what were the costs?
- were the procedures followed correctly?
- was compliance addressed?
- what could/should have been done differently?
- are there lessons to be learned?
Outcomes of the review may be:
- recommended changes to procedures (service improvement project?)
- reccomended additional training for ITS staff
- reccommended renegotiations of SLAs
- reccomended improved training of customer staff
- [for incidents] raising a problem (in any event, the problem manager will always look at reviews - perhaps also attend review meetings)
Thes lists are far from exhaustive, and you only do the things of value to your own organization. For example, some aspects might overlap with service improvement reviews or with management quality audits.
Additionally, incidents (and perhaps, but to a much lesser extent, problems) may also be looked at during service review with the customer and for any that are likely to be raised there, it is a good idea to have conducted a review in anticipation.
All of which still leaves me puzzled by your original question. Much of the above is generically applicable to both incident and problem reviews (and to many other reviews such as change reviews). But incidents and problems are entirely different beasts and therefore reviews of them will be entirely different as well:
The incident review asks the question: did we restore service as quickly, effectively and economically as possible whlie conforming to policy and procedure?
The problem review asks the question: did we successfully remove the possibility of future incidents as quickly, effectively and economically as possible whlie conforming to policy and procedure?