The institution permanently monitors, analyses and treats ICT-related events and problems in order to prevent incidents. In turn, incidents are managed in order to restore normal services as quickly as possible and minimize the adverse impact on business operations.
Guideline code
ICT_02000
Mechanism
Mechanism
- The ICT unit, with the assistance of specialized units, should establish proactive and preventative practices to deal with events, problems and incidents.
- The ICT unit should continuously monitor and interpret events in order to determine the appropriate control action.
- The ICT unit should manage problems aiming at:
- Analysing and resolving the root causes of incidents;
- Proactively detecting and preventing future problems/incidents;
- Maintaining information about problems and the appropriate workarounds and resolutions.
- The ICT unit should manage incidents in order to restore normal service as quickly as possible, and to minimize the adverse impact on business operations.
Parent
Structure
Structure
- The management should commission the ICT unit to implement systematic and standardized practices to manage events, problems and incidents.
- A specialized organizational structure, reporting to the ICT management, should be established to manage events, problems and incidents. To establish accountability, the roles and responsibilities of the units within that structure have to be well defined and documented.
- The implemented practices for managing events, problems and incidents should follow the institution’s ICT governance framework and ICT management processes, and be based on international standards and practices (e.g. ITIL v3–Service Operation and ISO/IEC 20000).
Title HTML
Guideline 15. Managing events, problems and incidents
Type
Guideline_1
Weight
23