To explore and analyze the incident management systems plan of the organisation and then produce a model that can be used to

TABLE OF CONTENT

ACKNOWLEDGEMENT…………………………………………………………………………………….. 4

INTRODUCTION…………………………………………………………………………………………5

1.1 BACKGROUND AND PRESENTING PROBLEM…………………………………………6

1.2 RESEARCH SCOPE……………………………………………………………………………………… 7

1.3 EFFECTS OF ELIMINATING IM SYSTEM FAILURE…………………………………. 7

1.4 PROJECT OUTCOME…………………………………………………………………………………… 8

1.5 SITUATION ACTORS……………………………………………………………………………………. 8

1.6 RESEARCH QUESTION………………………………………………………………………………… 9

1.7 AIMS AND OBJECTIVES………………………………………………………………………………. 9

1.7.1 PROJECT AIM………………………………………………………………………………………………. 9

1.7.2 PROJECT OBJECTIVE………………………………………………………………………………….. 9

SUMMARY…………………………………………………………………………………………………………….10

CHAPTER TWO……………………………………………………………………………………………………..11

2.0 INTRODUCTION……………………………………………………………………………………………..11 FIGURE1: FLOW OF INFORMATION OF THE PROPOSED MODEL………………….14

2.1 SYSTEM PROTECTION……………………………………………………………………………………14

2.2 INCIDENT DETECTION…………………………………………………………………………………. 15

2.3 INCIDENT RESPONSE……………………………………………………………………………………. 15

2.3.1 INCIDENT SUSTAINANCE………………………………………………………………………….. 16

2.3.2 INCIDENT REPORTING………………………………………………………………………………. 16

2.2.3 INCIDENT RESOLUTION AND RECOVERY………………………………………………. 18

2.3.4 EVOLUTION OF TECHNICAL SUPPORT…………………………………………………….18

2.3.5 CONTACT WITH THE IT SERVICE DESK…………………………………………………..19

2.3.6 SERVICE QUALITY…………………………………………………………………………………….. 19

2.3.7 INCIDENT MANAGEMENT AND SERVICE DESK……………………………………. 20

2.3.8 INCREASING IM EFFICIENCY THROUGH ITIL BEST PRACTICE………… 22

2.3.9 SURVEY ON MAINTAINING CUSTOMER SATISFACTION………………….22

2.4 SERVICE LEVEL MANAGEMENT……………………………………………………………24

2.5 COMBACTING SYSTEM FAILURE……………………………………………………………26

2.6 SYSTEM FAILURE PREVENTION……………………………………………………………..27

2.7 PREVALENCE OF INCIDENT MANAGEMENT…………………………………………27

2.8 CONCLUSION……………………………………………………………………………………………..28

CHAPTER THREE: RESEARCH METHODOLOGY………………………………………….29

3.0 RESEARCH PHILOSOPHY…………………………………………………………………………..29

3.1 SAMPLE SELECTION…………………………………………………………………………………..30

3.2 DATA COLLECTION…………………………………………………………………………………… 31

3.2.1 SECONDARY SOURCES…………………………………………………………………………….32

3.2.2 PRIMARY SOURCES………………………………………………………………………………….33

3.2.3 RATIONAL FOR THE CHOSEN METHOD………………………………………………..34

TABLE 1: RESEARCH DIMENSION…………………………………………………………………..36

CHAPTER FOUR: DATA COLLECTION……………………………………………………………38

4.1 OVERVIEW…………………………………………………………………………………………………….38

4.2 QUESTINAIRE……………………………………………………………………………………………….39

PART 1: COMPANY PROFILE…………………………………………………………………………… 39

PART 2: RESPONDENT PROFILE……………………………………………………………………..39

PART 3: POSSIBILITY OF ADOPTING INCIDENT MANAGEMENT POLICY….40

PART 4: PERCEIVED BENEFITS OF INCIDENT MANAGEMENT……………………41

PART 5: CHALLENGES FOR IMPLEMENTING POLICY………………………………….41

PART 6: INTEGRATION WITH PARTNERS………………………………………………………42

PART 7: PERSONAL ATTITUDE…………………………………………………………………………43

4.3 PROBLEM FACED…………………………………………………………………………………………..44

CHAPTER FIVE: DATA ANALYSIS AND RESULTS………………………………………….. 46

5.1 KEY FINDINGS……………………………………………………………………………………………….. 46

FIGURE 5.1 RESPONDENTS DEMOGRAPHIC PIE CHART………………………………. 43

FIGURE 5.2 RESPONSIBILTY LEVEL………………………………………………………………… 48

FIGURE 5.3 VARIOUS IT BASED STRATEGIES IMPLEMENTED………………………49

FIGURE 5.4 IM SYSTEM FAILURE IN THE COMPANY……………………………………..50

FIGURE 5.5 BENEFITS OF ITIL ENABLED IMS IN THE ORGANISATION………. 51

FIGURE 5.6 PROBLEMS SOLVED BY ITIL ENABLED IMS IN THE COMAPNY.52

FIGURE 5.7 CHALLENGES FACED BY IMS IN THE COMPANY……………………….53

TABLE 5.1 COMMENTS PERTAINING TO KEY CHALLENGES……………………….. 54

CHAPTER SIX: CONCLUSION……………………………………………………………………………..55

CHAPTER SEVEN: RECOMMENDATION………………………………………………………………………………………….. 59

FIGURE 7:1 PROPOSED MODEL OF INCIDENT MANAGEMENT SYSTEM……. 59

GLOSSARY OF TERMS…………………………………………………………………………………………63

BIBLIOGRAPHY/REFFERENCES………………………………………………………………………..64

ACKNOWLEGEMENT

I would like to use this opportunity to express my appreciation to a number of individuals for their continuous support and assistance during the course of this study.

Thank you to H&M management and staff for their support to make this research study possible.

A special Thanks goes to the IT department crew in the person of Philemon, Munian, Eric and Tehilla for giving your consent to be interviewed and providing wealth of relevant information.

A heartfelt thank you to my Dearly beloved Husband, who stood by me through thick and thin to see to it that I become a better person by giving me both financial and morale support for me to be outstanding in all life endeavours.

My appreciation goes to my late parents, who so much believed in me that i will make it big in life.

Many thanks to my Mentor pastor Chris and Anita Oyakhilome whose support and inspiring words over the past years has been invaluable and i couldn’t have completed this project without you letting me know that I have all it takes to be who i want to be.

Last but by no means the least, I would like to say a special thank you to my supervisor Norlaily Yaacob for supporting and advising me throughout this research, Thank you for believing in me.

CHAPTER ONE: INTRODUCTION

1. Overview

Since the introduction of the personal computer (PC), Information Technology and computers have been utilized and most organisations solely depend on their information technology (IT) infrastructure. With the urgent need to support IT, the service desk department whose role is to support technology was introduced.

Information systems for incident response and management can benefit from experiences acquired in a mainstream context. Moreover, the use of the information technology infrastructure library (ITIL) methodology will be explored from the perspective of incident management. ITIL thus is an information technology infrastructural platform to acquire, store, retrieve, disseminate and manage knowledge and experience.

A successful business continuity strategy includes a way to provide employees with remote access to critical data and applications during a crisis. Business continuity is no longer an issue that purely affects IT. Creating a ‘continuous culture’ touches every division of the business (Matthews and Eden, 1996).

On the basis of the overview of the background and the current situation, this project will endeavour to put forward an operational model for the processes under investigation. Further in the project, will be discussed different techniques applied in context of this model. Finally, the project will conclude with an overview of the recommendations put forward.

1:1 BACKGROUND AND PRESENTING PROBLEM

Businesses by virtue of its dynamic nature are subjected to vagaries of internal as well as external ambience. Every business and organisations thus needs to ascertain that the manpower is fully equipped and is well prepared to tackle any situation. There should be well planned strategy to cope with any such developments as and when required.

The fateful events in London on 7th July 2005, has restated the importance of effective incident management system being put in place. During that unfortunate event and over subsequent days, a system called “Page one” services played a vital role in the putting in place an operational communication systems which was being used by various organisations directly involved with damage recovery management.

During that period, page one transacted nearly quarter of a million messages. NHS Trust, Emergency services, London underground and rail companies, all used Page one paging and messaging services to ensure a coordinated and timely response to the incident. Moreover, hundreds of corporate businesses also used page one as part of their own incident management plan and business strategy. Many desperate citizens across London were kept informed of developments as a part of London Bomb watch Scheme operated by Page one (HYPERLINK “http://www.pageone.co.uk”www.pageone.co.uk).

The cause of failure of IT infrastructure is regarded as an incident. Many a times such cause of an incident may be apparent and cannot be addressed. Thus just a corrective action is taken in spite of preventive one. Here in order to avoid this, a record of such problems can be created where an incident can be segregated on the basis of severity.

1:2 RESEACH SCOPE

The research scope is H&M which operates in 33 countries and has 68,000 employees who work on the same philosophy and specializes on retail consumers, small and medium business. Customers have access to 150 H&M retail outlets including branches and agencies predominantly in Asia (H&M, 2005). The group has demonstrated a significant record of growth over the past few years with a market value of around £11.4billion. H&M unique operating model has almost driven share price growth of 40% in the past 2years (H&M, 2005).

H&M is determined to excel in such competitive industry and it pays close attention in optimizing its business processes.

1.3. EFFECTS OF REDUCING INCIDENT MANAGEMENT SYSTEM FAILURE

The objective of the incident management process is to return IT service to a normal service level, as defined in a Service Level Agreement (SLA),as quickly as possible and with minimum disruption to the business.

If incident management system failure can be resolved or eliminated either partially or fully, then determination of the root cause of incidents is very convenient and thus it is easier to understand how to resolve the problem and how much resource to deploy in order to reduce the likelihood of re-occurrence of any such incident in the future. Often this is not the case. The resolution might be only possible if the root causes of all the failures in the incident management process could be determined.

There are so many sides to failure of incident management system because there are numerous types and each can require a customized response as there are different responses to every incident. Facets of failure include systemic collapse, delayed response, irrelevant response, poor resource at disposal and poor coordination etc.

For an example, resetting password can be called as one of the simplest types of incident to be resolved. As some organisation like H&M uses self-service methodology for customers to address and fix problems. In such condition, password vulnerabilities could pose a security management threat. Accordingly the cost of password management also goes up.

1:4 PROJECT OUTCOMES:

My intended outcome is a set of model to achieve better practiced IT controlled IMS to increase service quality level (SQL) rendered to customers.

This proposed model is likely to involve a set of guidelines which will be used in managing the activities, list of professionals and applications which in turn will minimize the downtime of business operations because of incidents.

It is hoped that this model will be used by clients and the organisations staff to enlighten and guide them in detecting, investigating, managing and reporting any suspected incident.

This study proposes a carefully gathered set of incident management system failure examples that has taken place in the company in time past referring to their characteristics and what measures, what actions were taken in order to further produce a model to follow.

1:5 SITUATION ACTORS:

The purpose here is to make incident managers and service desk staffs, follow the protocol and understand the survey report better. Then they can pin point, how incident management system fails and what are the possible measures to limit the damage caused by such failures.

1:6 RESEARCH QUESTION:

Considering the above discussion, my Research Question might be constructed as follows;

What (Interrogative) IMS best practiced model (Outcome) can be devised for use by the IM/Service desk (Actors) to minimize IMS failure (Problem) in order to improve service to users (Target) by profiling past incident records (Spotlight)

1:7 AIMS AND OBJECTIVES:

1:7.1 PROJECT AIM:

Bearing the scope and scale of this research in mind, the following aim is defined:

a) To explore and analyze the incident management systems plan of the organisation and then produce a model that can be used to reduce the adverse effects of IMS failure in order to improve the business operations and service quality level.

1:7.2 PROJECT OBJECTIVES:

The following objectives map out a set of minor outcomes/milestones in the process of achieving the overall project outcome of a model and survey mentioned in the Research Question and Aim. The objectives listed below directly correlate with the aim of the project. These objectives will help in analysing the current affairs and then building the model as this project aims.

To review the past incident management cases of the organisation and the causes of failure.

To examine the impact of information technology systems in place on success and performance of H&M as an Electronics retail company vis-a-vis its competitors.

To design a set of questionnaire and administer interviews that will provide vital information to assist validating the model proposed. I will be designing and administering the interviews.

To analyze the role of information technology in supporting and controlling incident management (ITIL Technologies) for the company.

SUMMARY:

Information Technology has transformed businesses in the space of few years. Although that this may seem to be a 21st century phenomenon, the damages has actually influenced both Technological and Political activities and this has been in progress for a decade or more.

Chapter one of this study will outlined a problem theme related to incident management system failure and will also look at the possible targets and solution routes with the intention of informing incident managers, service desk staff and customers alike of the relevance of incident management to establish a resolution or workaround as quickly as possible in order to restore the services with minimum disruption to their work.

Chapter two will be a literature review on this topic area and will deal with the nature of IMS failure.

INTRODUCTION: 2.0

The aim of this dissertation is to explore and analyze the incident management system of the organisation and then produce a model that can be used to eliminate or prevent the adverse effects of IMS failure in order to improve the business operations and service quality level.

The aim of Literature Review is to eliminate and convey what ideas/knowledge have been established within the field of enquiry (Taylor, 2005, online).

A thorough Literature search (by the online Company review team) has shown that there is minimal up to date research as regards to IT helpdesk and incident management and ways to manage them. As a matter of fact, the concept IMS is itself very new and hence lacks much of contemporary research.

However, the wide range development and change in Technology with the rise in non-computer literate users has brought about the need for IT user support with emphasis that the technical support department plays a vital role.

The user support industry and helpdesk has, over the last years, risen to prominence as one of the most important areas of the IT and customer service industry (Middleton et al, 1996, p121)

The first IT support department introduced by IBM Canada Ltd in 1974 and this was named the “Information Centre” (O, Brien, 1992, p.10) and the purpose of this support was to support end-users with the incidents that confronts them and when IBM realised that they were unable to respond quickly enough to users “Information Centre” was introduced as a means of support.

Therefore, the potential benefits of SLA, s include an increase in satisfying customers and improves the overall quality of the service (Levesque et al, 1998, p.278)

Further research shows that customer satisfaction and SLA, are interlinked and this is emphasized by “Fabien” who claims that the staff should honour the guarantee with one goal in mind “customer satisfaction” (Fabien, 2005,pg .4 ).

Also, as stated by Mouawad and Kliener (1996) in the 1950,s “peoples perception of a quality of service was extremely low, and the problems concerning the quality of services could not be easily identified by by-then customers.” (p.49)

In order words, people (customers by-then) were ignorant of the quality of a service thereby reducing the chances that the clients could complain of the poor services.

Presently, customer satisfaction is paramount to incident management and is affected by the quality of services provided, for example, in H&M, a research (illustrated in Okumus, 2003) shows that a customer not being attended to by a customer service staff will lead to ten or more customers being lost because definitely one unsatisfied customer will go out and tell friends and family resulting to a low level of satisfaction and business turn around.

Though Bergman et al states that “Quality means customer satisfaction and delight” but this is not the cases in all circumstances. Customers can be delighted but the quality is still low. This happens in cases where the market is monopolized. (Bergman et al, 1994, p.263) hence service quality is of utmost importance for the IT helpdesk.

An effective IT helpdesk is known as an essential requirement of organisations that are operating in a competitive environment. Inasmuch as the cost of desktop hardware is decreasing, for most organisations, the cost of supporting the user desktop and laptop is still a big expenses/project to embark on.

Desktop and laptops with organisations supporting network and server infrastructure posses a big challenge to a customers IT organisation. This difficulty or challenge arises because of the need to support users whose job is solely dependent on the availability of real time information at their desktop and laptop.

The service desk is the first port of call or single point of contact (SPOC) for end users who need help.

Organisations tend to lose money, waste time on looking for avenues to fix issues and get help without this single point of contact (SPOC). This whole process is generally known as “Incident Management”.

Incident management is an important process that provides organisations with the ability to first detect incidents and then to resolve the incidents (suppose the solution can be found) as quickly as possible, often through a workaround or temporary fixes rather than through trying to find a permanent solution (HYPERLINK “http://www.becta.org.uk/tsas”www.becta.org.uk/tsas).

The process also provides management with exact and definite information on the incidents impacting the organisation. Every organisations experience incidents that affects the normal running of the business because business in recent years has become increasingly dependent on the IT services thus creating the need for fast and effectively response to any incident that negatively affect IT services.

Microsoft (Battell and Brooks) states that the aim of the Incident Management process is to ensure that incidents are detected and recorded so as to provide information for problem management and planning activities. The provided information will assist in the monitor and assignment of appropriate control methods.

However, recording an incident, Incident Management has a reactive task which is, reducing the effects of (potential) disturbances in IT services hence ensuring that users can get back to work as soon as possible (Van Bon et al,2002).

The information technology infrastructure library (ITIL) uses a broad definition of “Incident” which states that “Incident is any event which is not part of the standard operation of a service and which causes or may cause interruption to, or a reduction in the quality of that service” (Great Britain, office of Government Commerce, 2003) .

Figure 1: General Flow of information in the proposed model of IMS

Now different aspects of the proposed system along with the allied literature survey will be dealt in a sequential manner.

2.1: SYSTEM PROTECTION:

As collapse of the system is in fact an incident, it becomes imperative to discuss system protection. The protection process has to deal with actions taken to prevent attacks from taking place and mitigate the impact of those which occur.

In managing this, preventive actions fortify systems and network. This reduces the potential for incidents of attacks against the organisation’s infrastructure. Such steps can include:

Implementing best practice to ensure systems and networks are designed and implemented in a secure fashion.

Collection of information on new risks and threats and evaluating their impact on the organisation.

Infrastructure evaluations to find and address any weaknesses before they are exploited.

2.2: INCIDENT DETECTION:

In the detect process, current information about potential incidents, events, vulnerabilities, incident management information is gathered both proactively and reactively.

In reactive detection, information is received from internal or external sources in the form of reports or notifications while proactive detection needs actions by a specified staff to identify suspicious activity through monitoring and analysis of different logging results, situational awareness and evaluation of warnings about events that can negatively affect the organisations successful operations.

2.3: INCIDENT RESPONSE:

The response process includes various ways and steps taken to analyze, resolve an incident such actions focuses at understanding what has taken place (events) and what steps to take to help the organisation to resume operations as soon as possible as well as continue operation while threats, vulnerabilities are dealt with.

Response steps include the following;

Analysis of incidents impact, scope and trends.

Collection of system (computer) forensics evidence followed by chain of custody practices

Collection of technical analysis that has to do with malicious codes.

Notification to stakeholders, customers of the nature and status of incident and response steps to be taken.

Response action to be taken involving both internal and external parties such as management, human resources, IT and telecommunication groups, public relations, operation group, law enforcement, internet service providers, hardware and software vendors.

Verification and follow-up to make sure response actions were brightly implemented and that the incident has been handled effectively. (Adorefee,2007)

2.3.1: INCIDENT SUSTAINANCE:

The sustain process ensures that the incident management is maintained and improved consistently and it ensures the following;

That incident management is appropriately funded

Incident management staff is properly trained in skills and ability.

To ensure that regulatory requirements are followed to maintain, update and monitor the infrastructure (HYPERLINK “http://www.CMU/SE1-2007-TR-008″www.CMU/SE1-2007-TR-008)

2.3.2: INCIDENT REPORTING:

The incident management process basically starts with the detection of a service failure and a service failure may be detected by a client or through the IT infrastructure. In the organisation, clients have various ways to provide notification of the failure. They can either contact the service desk by going to the desk, telephone, through email, fax or intranet or they might notify the Resolver Group directly in person (face to face) or via email, fax or telephone.

H&M also provide other options by granting users a direct access to the CONTROL system which is the IT service desk department.

Some of the customers who have access to the CONTROL which closes the incident reporting process, then if a member of the control group has been contacted, the personnel records the details of the service failure in the control systems which will then raise the incident.

The service desk team being in charge of the “CONTROL” system records the details of the service failure, they do not need to duplicate a new incident records in the database to determine whether the detected service failure is caused by unknown incident which will then be updated with the new details.

The customers and the service desk (IM) who have access to the control system, records the details of the incident in the control-help system but in other cases, an incident record is raised in the control-problem system and peradventure the system detects a service failure, either notifies the control group of the service failure or raises a new incident record on the control system.

All this processes can either be done through pager, system tolls or via email.

In all cases the recording of an incident triggers the incident analysis and diagnosis process.

2.3.3: INCIDENT RESOLUTION AND RECOVERY:

When any IT services is affected in anyway, the incident recovery is very difficult. The incident recovery is only after the causes and the effects have been identified. This might take long. The operational system will be affected hence plus the employers and the employees. That is why it is advised to add any resolution as part of the knowledge base after finding out or identifying the issue and resolving the incident. This procedure helps in giving a quicker response time when another user comes in with the same problem.

The ITIL service desk provides a vital centre point of contact between the customer and the IT organisation. The service desk has to do with a number of service that reach beyond the typical help desk including the ability to process incidents, problems, enquiries, change and service requests and IT service management processes.

The service desk is often seen as the “front door” into an organisation where quality service is delivered and its purpose is to see that the customers are able to resume their work as quickly as possible following a disruption to an IT service minimizing the adverse impact on business operation and when this is defeated or not taken into care, it is likely to result in business downtime and low customer satisfaction (HYPERLINK “http://www.infra-corp.com.ITIL”www.infra-corp.com.ITIL).

2.3.4: EVOLUTION OF TECHNICAL SUPPORT:

Technical support refers to the wide range of services that help people and companies to constantly use the computing technology they have developed (Knapp, 1999, p.2).

Technical products coming into existence connotes that employees and businesses depends solely on IT to carry out and complete their everyday tasks and in the early 1970.s, companies did little to support technology users and Knapp is of the opinion that various problems were as a result of the fact that “no system specified how developers should handle a call or record the resulting information” (Knapp, 1999, p, 5)

2.3.5: CONTACT WITH THE IT SERVICE DESK:

Customer satisfaction studies have shown that when contacting the service desk the customers’ expectation is to get through to a member of staff as quickly as possible in order to resolve their problem (Lorimer, 1998, online).

The customers are always f