Activity: 02.07 - Assess And Plan For Major Incident
The objective of this activity is to validate that the incident is a Major Incident, carry out initial assessment for the same and establish a plan for communication and recovery during the incident resolution process.
DescriptionWork Breakdown StructureRolesWork Product Usage
Relationships
Parent Activities
Description

Major incidents are the incidents which cause highest degree of undesired impact on client services and may also damage the reputation of the client. Such incidents need special focus and governance to minimize the impact on the critical client services, hence must be dealt with a separate process. Having a dedicated process for such incidents provides an increased coordination, planning, escalation, communication, and deployment of resources that these incidents require. Major incidents may not follow a different process than normal incident, but it is integrated with Incident Management process with additional governance and communication.

The criteria required to classify an incident as major incident must be defined and agreed in the Incident Management Procedures. In some cases, this may be as per client requirements. Major Incident Manager must ensure that, the incident is classified appropriately as major incident. Typical scenarios to classify an incident as major incident would include:

  • Financial impact, any incident where the potential impact could exceed a stated figure
  • Service-based, any downtime of key business-critical services
  • Site or user-based, any incident affecting more than a specified number of sites or users
  • Health and safety-based, any incident where it is felt that health and safety will be directly at risk until a resolution can be achieved
  • Security-based, any security incident where it is felt that either a major loss or impact has been sustained, or where a major vulnerability has been exposed
  • Reputational damage – any commercial impact or incident which would create any reputational damage to the client.

The Major Incident Manager owns the major incident process and must ensure that all the stakeholders involved in the major incident life cycle adhere to this process. The Major Incident Manager performs planning, coordination, communications and governance throughout the lifecycle of a major incident.

The major incident must be documented meticulously in terms of description, all actions with their timelines, drivers behind decisions, results of the actions taken etc. Documented information provides critical input to assist with Root Cause Analysis and subsequent prevention of any further incidents.