Incident management refers to those activities which are undertaken by any organization for identification, analysis and correction of already occurred hazards so that the reoccurrence of those hazards can be prevented in the future.

In any organization that is well structured, these incidents are handled by Incident Management Team (IMT) or Incident Response Team (IRT). IMT or IRT is either designated before the occurrence of an incident as a part of strategic departments or they are appointed during occurrence of the incident or event. IMT or IRT is generally given full control of the organization during the event until they successfully restore normal operations of the organization.

Now that we know what incident management is, it is important to understand what exactly an incident is. There are two concepts that must be cleared:

• A crisis, an emergency or a disaster is a result of an incident but an incident may not lead to any of them.
• An incident, if not managed, will lead to a crisis, an emergency or a disaster.

So, an incident can be defined as: an event that can lead to disruption to or loss of functions, services or operations of an organization.

An incident must be managed immediately to prevent the event from becoming a crisis, an emergency or a disaster. Thus, incident management actually aims towards limiting the impacts of the event and giving necessary leeway and cushion to the business so that BAU or business as usual is restored as quickly as possible.

An incident, if not effectively managed, will very quickly disrupt information security, business operations, IT systems and affect customers, employees and other aspects of the business.

The management process in private organizations is very wide. In such organizations, when an incident occurs, the following organizational events take place:

• Occurrence of the event initiates immediate incident management.
• Operations are restored to business as usual.
• Management team analyzes the incident and tries to determine the exact cause of the incident despite all controls and precautions. This management team generally involves the organization leaders.
• These leaders initiate policy changes and precautionary measures to avoid repetition of the event.

]]>