How to set up your incident management process
A cyber security or safety incident happens and is reported. What now? This article guides you to proper incident management via a digital incident management process that helps you learn and lower the risk of future incidents.
At this point we assume that you know Why every company needs and incident management system and How you set up incident reporting for lower IT and HSE risk. Now we’ll guide you to setting up your digital incident management process that can help you operationalize it, using Gluu’s BPM tool as an example.
Table of contents
The case for a digital incident management process
The big question is how you handle incidents while minimizing disruptions to operations. In many cases, incidents are managed in a random way from case to case. This leads to poor documentation about what really happened. It also increases reputational risk. If something goes wrong and there is no sufficient documentation, then there is no trail to prove that each case was handled correctly.
What if you could run a water-tight digital process each time that would leave an accurate trail of activities behind? You actually can. Let me show you how.
”If you can’t describe what you are doing as a process, then you don’t know what you are doing.”
W. Edwards Deming
Step 1: Map your incident management process
Before getting started, your incident management process must standardize how each incident is:
- reported with necessary data.
- prioritized and escalated.
- contained and corrected.
- analyzed for prevention.
- prevented from happening again.
Based on the article “How to do simple process mapping”, you create a process named “Manage IT security incident.” The intended outcome is simple: “Incident has been logged, analyzed and preventive measures have been taken.”
To do this you just…
- add a swimlane per role involved.
- add the activities of the process.
- connect the main activities to show the ideal flow.
👉 Recommendation: Map your overall flow by adding activities to swimlanes to show WHAT is done and by WHOM. Wait explaining HOW work is done till afterwards.
Step 2: Add instructions and tasks to each activity
You then add the necessary instructions to each activity. This is to make it easier for the employees reporting incidents and ensuring that everything is done correctly.
You then add tasks to each activity.
👉 Recommendation: Make your instructions short and concise and use tasks to highlight the most critical work since this will make it measurable.
The task for ‘Register incident’ is to fill in a form that you create in Gluu. This form will collect all necessary information about the incident, such as:
- Date and time.
- Location.
- Description of the incident.
- Name and contact information of the person reporting the incident.
- Any evidence of the incident, such as photos or documents.
The form is accessed and used directly from a browser or in the mobile app, so employees can quickly report incidents without any hassle.
Try Gluu for free
Sign up for a 30-day trial.
No credit card required.
Step 3: Prepare your process flow to run
You then create process variations to make different flows for each incident type. This decides the sequence and dependencies in each flow so our incident management process will run the right way every time.
👉 Recommendation: Create an overall incident management process and then handle each incident variation as a template. This way you avoid duplicate work instructions and keep the process number low.
Step 4: Run your flow and improve continuously
With a process, instructions, tasks and case templates ready any employee can report incidents by starting cases. They are then automatically logged and a report can be generated for each incident, just like in this example:
This was just a quick example of how you create a digital incident management process. A full view of the corresponding ‘playbook’ is available for you below:
Download a sample IT security incident management process in playbook format with work instructions (created with Gluu).
Conclusions
In conclusion, incident reporting is nothing without incident management. For this you need an incident management process. This can be established easily with a tool such as Gluu as outlined in this article.
Here’s some inspiration on how to map your own process:
Frequently Asked Questions
Ensuring you get the right level of support is crucial when setting up an incident management process. Gluu offers a comprehensive range of support options, making sure you’re never left without guidance. From providing initial software setup and ongoing technical support, to giving advice on best practices, Gluu helps you every step of the way. They also offer dedicated training programs to ensure your team is equipped to handle the system and feel confident in using it.
The timeline for implementing an incident management process using Gluu’s framework can be surprising. The exact duration will depend on the complexity of your organization and the processes involved. However, thanks to Gluu’s intuitive design and user-friendly interface, businesses can typically see their systems live and operational in a matter of weeks rather than months. Plus, Gluu’s expert support team is there to expedite the process wherever possible.
Adjusting to company growth and change is not a problem for Gluu’s incident management system. It’s designed with scalability in mind, meaning it can easily adapt to expanding or altering operations. Whether you’re adding new departments, onboarding more employees, or even branching into new areas of business, Gluu’s system can grow alongside you. This makes it a flexible option for businesses that anticipate future development and expansion. Gluu provides flexible settings to manage user permissions, workflows, and reporting structures that align with your company’s changes. Furthermore, because it’s a cloud-based software, you’re not limited by physical infrastructure constraints. This allows for easy scalability and adaptability to the changing dynamics of your organization.
