Being prepared for incidents is critical for effective communication. Pre-incident planning aligns your team with the tools and processes to respond effectively while keeping stakeholders informed.
All great incident response teams start with a plan. Think of this as the pre-work to nailing how you communicate during incidents.
Define an incident & set severity levels
A clear definition of "incident" and a solid understanding of severity levels set your team up for success from the start. Without this alignment, your team won’t be able to respond in a unified way.
Defining an incident
First, you need to know what scenarios qualify as an incident. Defining what an incident means to your organization gets everyone on the same page and ensures incidents are declared consistently.
A clear definition distinguishes incidents from bugs, prevents unnecessary escalations, streamlines your response process, and ensures resources are allocated appropriately.
Sorry’s definition of an incident: An incident is any unplanned disruption, degradation, or issue with a service, system, or process that requires urgent attention and diverts focus from planned work to restore normal operations.
Severity levels
In addition to defining an incident, you should establish incident severity levels. A shared understanding of severity levels allows you to prioritize incidents, allocate resources, and standardize your communication approach. Severity levels typically range from a 3 to 5 scale system. For example:
- SEV 1: Critical incident with major impact.
- SEV 2: Major incident with moderate impact.
- SEV 3: Minor incident with low impact.
Many organizations create a priority matrix to help determine the severity of incidents. The ITIL incident management priority matrix is a great starting point.