Incident management (IcM) is a term describing the activities of an organisation to identify, analyze, and correct hazards to prevent a future re-occurrence. These incidents within a structured organisation are normally dealt with by a either an Incident Response Team (IRT), or an Incident Management Team (IMT). These are often designated before hand, or during the event and are placed in control of the organisation whilst the incident is dealt with, to restore normal functions.
Similar to an IRT or IMT is an Incident Command System (ICS). Popular with public safety agencies and jurisdictions in the USA, CANADA and other countries, it is growing in practice in the private sector as organizations begin to manage without or co-manage emergencies with public safety agenices. It is a command and control mechanism that provides an expandable structure to manage emergency agencies. Although some of the details vary by jurisdiction, ICS normally consists of five primary elements: command, operations, planning, logistics and finance / administration. Several special staff positions, including public affairs, safety, and liaison, report directly to the incident commander (IC) when the emergency warrants establishment of those positions.
An incident is an event that could lead to loss of, or disruption to, an organisation's operations, services or functions. If not managed an incident can escalate into an emergency, crisis or a disaster. Incident management is therefore the process of limiting the potential disruption caused by such an event, followed by a return to business as usual.
Without effective incident management an incident can rapidly disrupt business operations, information security, IT systems, employees or customers and other vital business functions.
Usually as part of the wider management process in private organisations, incident management is followed by post-incident analysis where it is determined why the incident happened despite precautions and controls. This analysis is normally overseen by the leaders of the organisation, with the view of preventing repetition of the incident through precautionary measures and often changes in policy. This information is then used as feedback to further develop the security policy and/or its practical implementation. In the USA, the National Incident Management System, developed by the Department of Homeland Security, integrates effective practices in emergency management into a comprehensive national framework. This often results in a higher level of contingency planning, exercise and training, as well as an evaluation of the management of the incident.
Read more about Incident Management: Computer Security Incident Management, Incident Management Process, As Defined By ITIL, Incident Management Software Systems, Human Factors
Famous quotes containing the words incident and/or management:
“I teazed him with fanciful apprehensions of unhappiness. A moth having fluttered round the candle, and burnt itself, he laid hold of this little incident to admonish me; saying, with a sly look, and in a solemn but quiet tone, That creature was its own tormentor, and I believe its name was BOSWELL.”
—James Boswell (17401795)
“People have described me as a management bishop but I say to my critics, Jesus was a management expert too.”
—George Carey (b. 1935)