Task: Manage Events
The purpose of the task is to ensure that all the events logged in the event monitoring tool are monitored and tracked to closure.
Relationships
RolesPrimary: Additional: Assisting:
Outputs
Main Description

The Event Manager must monitor events (from monitoring as well as IT Service Management tools) on an ongoing basis. The Event Manager should generate a periodic report of closed incidents containing user as well as infrastructure events (incidents logged as an output from events) and verify if there were any warnings or alerts for the same, prior to the incident occurrence.

Event logs and monitoring baselines should be reviewed to analyze:

  • Which of the events were false events?
  • Why the required events were not raised?
  • Inaccurate thresholds or triggers
  • Incorrect escalation rules
  • Malfunctioning of monitoring tools
  • Frequent or recurring events to identify technology configuration items that need attention.

The Event Manager should also compare the Asset register/Configuration Management Database with the list of components monitored in order to:

  • Identify if any asset is missed from monitoring
  • Identify assets missing from CMDB or Asset Register.

The Event Manager should assess the Event Management for its effectiveness and ensure that event capture, assessment and responses are timely and as expected. Event trends must also be monitored to identify patterns (if any) in event occurrence.

The Event Manager should review if there are any outstanding actions for Event Management and track them to closure.

The Event Manager should also look for changes (if any) to the scope of monitoring and communicate to the Engagement Manager if Change Control needs to be triggered.

These actions could be:

  • Events that are open for too long
  • Pending actions due to change or improvement in the Event Management process.