Definition

IT incident report

Contributor(s): Matthew Haughn

An IT incident report is documentation of an event that has disrupted the normal operation of some IT system (or that had the potential to do so) and how that situation was handled. In this context, events include any occurance that has significance for system hardware or software, and an incident is an event that must be dealt with to ensure that a system can continue to function. Most often, an incident is an interruption of an IT service, such as a login failure, due to a problem like a corrupted database table. The incidents that receive the most attention tend to be security-related events, such as data breaches.

IT incident reporting is an essential component of incident management, the area of IT Service Management (ITSM) involved with ensuring that service is returned to normal as quickly as possible in the wake of an incident to minimize any negative impact on the business. 

Incident reports vary from one organization to another and among the types of systems involved. Here’s a basic example of what should be included in the report:

Summary

This section describes the incident briefly and identifies when it happened and when it was resolved, along with the impact, such as the number of requests that resulted in errors and the problem that was the root cause of the incident.

Timeline

This section identifies the precise times of all related events and list the time zone, if relevant. These events include the first report of the incident, all actions taken to resolve the issue and consequent events and the time that the incident was resolved.

Root Cause

This section describes the problem that caused the incident in as much detail as possible.

Resolution and recovery

This section describes all the actions taken, along with the times when they were implemented, in detail. Any results of actions taken should also be described, even if the measures were not effective.

Corrective and Preventative Measures

This section discusses what measures should be taken to prevent a similar incident in the future, including any changes to systems or procedures that are recommended. The section also includes any recommended improvements to the incident response system.

This was last updated in November 2016

Continue Reading About IT incident report

Dig Deeper on IT Log Management and Reporting

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What ways are you looking to improve your business' IT incident management?
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchDataCenter

SearchAWS

SearchServerVirtualization

SearchCloudApplications

SearchCloudComputing

DevOpsAgenda

Close