Incident Management

Incident management (IcM) is a term describing the activities of an organisation to identify, analyze, and correct hazards to prevent a future re-occurrence. These incidents within a structured organisation are normally dealt with by a either an Incident Response Team (IRT), or an Incident Management Team (IMT). These are often designated before hand, or during the event and are placed in control of the organisation whilst the incident is dealt with, to restore normal functions.

Similar to an IRT or IMT is an Incident Command System (ICS). Popular with public safety agencies and jurisdictions in the USA, CANADA and other countries, it is growing in practice in the private sector as organizations begin to manage without or co-manage emergencies with public safety agenices. It is a command and control mechanism that provides an expandable structure to manage emergency agencies. Although some of the details vary by jurisdiction, ICS normally consists of five primary elements: command, operations, planning, logistics and finance / administration. Several special staff positions, including public affairs, safety, and liaison, report directly to the incident commander (IC) when the emergency warrants establishment of those positions.

An incident is an event that could lead to loss of, or disruption to, an organisation's operations, services or functions. If not managed an incident can escalate into an emergency, crisis or a disaster. Incident management is therefore the process of limiting the potential disruption caused by such an event, followed by a return to business as usual.

Without effective incident management an incident can rapidly disrupt business operations, information security, IT systems, employees or customers and other vital business functions.

Usually as part of the wider management process in private organisations, incident management is followed by post-incident analysis where it is determined why the incident happened despite precautions and controls. This analysis is normally overseen by the leaders of the organisation, with the view of preventing repetition of the incident through precautionary measures and often changes in policy. This information is then used as feedback to further develop the security policy and/or its practical implementation. In the USA, the National Incident Management System, developed by the Department of Homeland Security, integrates effective practices in emergency management into a comprehensive national framework. This often results in a higher level of contingency planning, exercise and training, as well as an evaluation of the management of the incident.