We manage Support Requests via our Incident Management system. This article details what this is.

Incident Management

Handling of any new inbound communication received via telephone, email or via our website.

Incident management includes:

• Receipt of the incident via phone, email or via our website
• Documenting the nature of the incident in our helpdesk system
• Triage the enquiry including capturing key information such as caller, customer, incident type, incident category, desired outcome, desired schedule and last known working status of application, service or device
• Scheduling of incident
• Management of end user expectations

Level 0

Handling of an incident without input or service from a technical resource.

A level 0 incident will generally take fewer than 15 minutes to triage and resolve subject to factors beyond the control of the dispatcher for example further clarifications about the nature of the call/email/chat, ability to contact customer in a timely fashion to avoid recurring follow ups.

Level 0 incidents include:

• Customer service that does not require escalation or input from a technical resource
• Call back requests
• Alerts requiring no action from a technician
• General information tickets requiring no action from a technician

Level 1

Handling of an incident at a technical level by a junior support analyst.

A level 1 incident will generally take less than 30 minutes to triage and resolve subject to factors beyond the technicians control including lack of available documentation, difficulties in locating or contacting the end user or difficulties obtaining access to the end user device or application. 

Level 1 incidents do not require vendor liaison and follow a documented process to resolve. Types of incidents include:

• Credential management including account unlock and password resets
• Desktop application support
• Minor desktop application update
• Minor desktop application installs where the installation generally takes < 30 minutes and does not impact other facets of the IT environment
• New active directory user excluding device configuration
• New Microsoft 365 user excluding device configuration
• Blacklisting or whitelisting an email address or entire domain in spam filtering software
• General desktop performance issues requiring investigation, virus scans and general desktop optimisation techniques
• General login issues

Level 2

Handling of an incident at a technical level by a senior support analyst.

Level 2 incidents follow a documented process, can include desktops/workstations and server related incidents and may require some vendor liaison to resolve.

A Level 2 incident will generally take up to 60 minutes (including any preliminary Level 1 investigation) to triage and resolve subject to factors beyond the technicians control including lack of available documentation, difficulties in locating or contacting the end user or difficulties obtaining access to the end user device or application. 

Level 2 incidents include:

• Escalated incidents from Level 1
• Partial service outage affecting a subset of staff
• Support at the server level but limited to issues that only impact a small subset of users in the IT environment
• Errors presenting at the desktop level that require further investigation at the network or server level
• Group permissions
• Printer support
• Troubleshoot faulting application / partial faulting application (i.e. application module) on a terminal server
• Troubleshoot faulting application / partial faulting application (i.e. application module) on a desktop
• Reinstall single user application on a terminal\RDS server
• Proactive server maintenance (executed a scripted process or maintenance checklist)

Level 3

Handling of an incident at a technical level by a senior support analyst or consultant.

Level 3 incidents do not typically have documented resolution steps and require deep skillsets in either server operating systems, email / exchange platforms, network devices and protocols and hardware devices or a combination of all the above technologies depending on the nature of the incident. As such, a Level 3 incident will often require a named resource to follow the incident through to resolution over the course of several hours or several days depending on the nature of the incident.

Level 3 will liaise with vendors, the internal IT team and customer stakeholders to provide possible solutions, possible workarounds and up to date information on the status of the incident until it is resolved.

Level 3 incidents include:

• High impact issues affecting all staff within a customer / multiple customer environment
• High impact issues affecting a critical business unit within a customer environment
• Vendor liaison at a senior level
• Disaster recovery scenarios
• Physical server(s) or virtual server(s) failure
• Internet and network failures
• Key line of business application failures requiring vendor support and/or reinstallation of product or critical product modules
• A minimum resolution time for a Level 3 incident is 2 hours and an average resolution time for a Level 3 incident is undefined due to the broad scope and nature of such incidents.

Change Request within Helpdesk Support

A change request is defined as the creation of a new service, the installation of an application, the installation of a device or an upgrade of an application, device or product module.

Change requests that fall within the purview of helpdesk support are clearly documented and have minimal business impact i.e., only involves a single end user. These change requests fall within helpdesk support because they can be accomplished with minimal business disruption and in a time period that is unlikely to negatively impact the end user or the broader user base.

Change requests within Helpdesk Support will generally take less than 30 minutes to complete subject to factors beyond the technicians control including lack of available documentation, difficulties in locating or contacting the end user or difficulties obtaining access to the end user device or application.

The following change requests are generally considered part of routine helpdesk work:

• Minor application installation on a single desktop
• Minor application installation on a terminal server
• Minor application upgrade on a single desktop
• Minor application upgrade on a terminal server
• Minor device configuration i.e. configure mail on one smartphone or tablet
• Minor device provisioning e.g. Single user workstation with no applications to install
• Minor data migrations e.g. shift files from folder A to folder B
• Minor, low impact firewall changes e.g. open or close a single firewall port

Change Requests not within Helpdesk Support

A change request is defined as the creation of a new service, the installation of an application, the installation of a device or an upgrade of an application, device or product module.

Many change requests fall outside the purview of helpdesk support because they have a wider business impact on the customer (for example, requiring downtime of critical business systems) or because they require a dedicated resource to stay with the change process until the change is concluded and this cannot be accomplished by helpdesk resources who have multiple other incidents to handle in that time period.

Many change request types also require end user training and familiarisation which places a capacity burden on a helpdesk resource – therefore these requests must be handled by a resource who can work without disruption to complete the project in an acceptable timeframe. Change Requests that fall outside helpdesk support may require 90 minutes or more and therefore require a designated resource and or multiple resources with a mix of skill sets depending on the nature of the change.

The following change request examples are generally considered to be outside normal helpdesk support:

• Device provisioning and installation of 5 or more devices
• Deployment of a physical or virtual server
• Configuration of an internet service
• Broad group permissions impacting an entire user base or critical business unit
• Operating system upgrade on 1 or more devices
• Major line of business application update on desktop(s)
• Major line of business application update on server(s)
• Data migration that will require more than 30 minutes of combined monitoring / transfer time
• Data restoration to one or multiple devices that will require more than 30 minutes of combined monitoring / transfer time
• Outdated patch management update on desktop(s) and server(s)