IM Incident Audit Process

Enterprise Services

Page 1 of 5

IM 1.4.02 Incident Audit Process

IM 1.4.02 Incident Audit Process

Document Review

Version

1.0

Effective Date

04/01/13

Last Revised

03/06/13

Annual Review

October 15

Ad-Hoc Review

Change

CRQ

Document Owner

Prepared by

Name

Darren Undershultz

Name

Taras Z. Saranchuk

Role

Director, ICT Processes

Role

Business Analyst

Document Location

http://imtdocs.alberta.ca/operations/585.aspx

Document Sensitivity

Unrestricted

Document Number

C000017

Purpose:

The purpose of this document is to define the process and tasks associated with the audit of

Incidents.

Scope:

User Service Restorations and Infrastructure Restorations

Priority 1-4 Incidents

Out-of-Scope:

Scope does not include any associated Change Management or Problem Management processes.

Exceptions:

Exceptions to this process must be approved by the GOA Director, ICT Processes and follow

formal Change Management Processes.

Enterprise Services

Page 2 of 5

IM 1.4.02 Incident Audit Process

Process Map:

Incident Audit Process

S e rv ic e P ro v id e r In c id e n t M a n a g e r C o rp o ra te I n c id e n t M a n a g e m e n t Generate Selection Criteria Report IAP 1.8 Follow-up With Appropriate Individual or Group IAP 1.1 Use Selection Criteria Reports IAP 1.2 Input Incident Number into ITSM

End IAP 1.7 Pass/Fail? IAP 1.3 Enter Incident Information into Form IAP 1.4 Open Incident Work Info IAP 1.5 Gather Audit Information IAP 1.6 Enter Audit Information into Form Fail Pass

Page 3 of 5

IM 1.4.02 Incident Audit Process

Business Rules:

CIM will generate and distribute the Selection Criteria report to Service Provider Incident

Managers

Terms of Reference:

Activities:

Table 1: Incident Audit Process Activity Matrix

Activity Inputs Description Outputs

IAP 1.1 Use Selection Criteria Report

Selection Criteria Report

CIM will generate and distribute the Selection Criteria report to be used for auditing Incidents

CIM and/or Service Provider Incident Manager(s) will use the Selection Criteria to complete Audit identified within distributed report

List of Incidents to be audited

Criteria on which to audit

IAP 1.2 Input Incident Number into ITSM List of Incidents to be audited Criteria on which to audit

CIM and/or Service Provider Incident Manager(s) will find Incident in ITSM based on Incident Number Specific Incident to be audited IAP 1.3 Enter Incident Information into Form Specific Incident to be audited

CIM and/or Service Provider Incident Manager(s) will enter ITSM Incident information into Audit Form (see associated form)

Populated Audit Form

IAP 1.4 Open Incident Work Info

Specific Incident to be audited

Open Work Detail tab and double click the first entry to open Incident Work Info

Work Info for Specific Incident to be audited

IAP 1.5 Gather Audit Information

Work Info for Specific Incident to be audited

Select highlighted work notes for additional information

Additional Work Info

IAP 1.6 Enter Audit

Additional Work Info

Enter additional work info into Audit Form

Page 4 of 5

IM 1.4.02 Incident Audit Process

Activity Inputs Description Outputs

Information into Form IAP 1.7 Pass/Fail? Updated Audit Form Decision Point:

CIM and/or Service Provider Incident Manager(s) will determine, based on selected criteria, if Incident selected for Audit has passed or failed If PASS: Process ends If FAIL: Move to IAP 1.8

Incident Passed Audit Incident Failed Audit

IAP 1.8 Follow-up with Appropriate Individual or Group Incident Failed Audit

CIM and/or Service Provider Incident Manager(s) will follow-up the results of a failed audit to determine cause, and response to correct underlying issue

Failed Audit Follow Up and Response

Roles and Responsibilities:

Table 2: Incident Audit Process RACI Matrix

Incident Audit Process RACI Matrix

R = Responsible, A = Accountable, C = Consulted, I = Informed

Activity C li en t Servi ce D es k A ss igned Serv ic e Prov ide r Su pp ort T ea m Servi ce Pr ovi d er Su pp or t T eam In ci d ent Manage r C orporat e I nc iden t Manage m en t Servi ce D el iv er y Manag er A ff ec ted S er v ice P rovi d er Manage r G O A Fu n ct ional D ir ec to r

IAP 1.1 Use Selection Criteria Reports R,A R,A

IAP 1.2 Input Incident Number into ITSM R,A R,A

IAP 1.3 Enter Incident Information into Form R,A R,A

IAP 1.4 Open Incident Work Info R,A R,A

IAP 1.5 Gather Audit Information R,A R,A

IAP 1.6 Enter Audit Information into Form R,A R,A

IAP 1.7 Pass/Fail? R,A R,A

IAP 1.8 Follow-up with Appropriate Individual or Group

Page 5 of 5

IM 1.4.02 Incident Audit Process

Measurements:

Every Process will have a balanced set of measurements (Key Performance Indicators) against

which its performance can be tracked, communicated and improved. As the process matures,

the KPI’s and review cycle may be modified based on the Process Owner’s discretion. The

tables below identify the KPI/report and the measurement criteria.

Table 3: Incident Creation Process Measurements

Incident Creation Process Report and Review Cycle

KPI/Report _Dai ly Wee kl y Mont h ly E ver y 3 Mont h s E ver y 6 Mont h s Y ear ly

Number of Audited Incidents that Pass X X X X

Number of Audited Incidents that Fail X X X X

Document Review:

The document will follow the Review schedule below:

Annual Review:

The document shall be reviewed for completeness and accuracy every October

15

. The Document Owner is accountable for performing an annual Document Review.

Ad-hoc Review:

Ad-Hoc requests for document revision should be directed to the Document

Owner and submitted using the Change Management Process and supporting systems. The

Document Owner is accountable for managing the ad-hoc document revisions.

Associated Documents:

Selection Criteria Report

Incident Audit Form