Incidents are events that may cause loss, or disruption to, operations, services, or organizational functions. Incident management ( IcM ) is a term that describes an organization's activities to identify, analyze and correct hazards to prevent future recurrences. This incident in a structured organization is usually handled by the IR response team, the incident management team (IMT), or the Incident Command System (ICS). Without effective incident management, incidents may interfere with business operations, information security, IT systems, employees, customers, or other important business functions.
Video Incident management
Description
Incidents are events that may cause loss, or disruption to, operations, services, or organizational functions. Incident management (ICM) is a term that describes the organization's activities to identify, analyze, and correct hazards to prevent future recurrence. If not managed, incidents may escalate into an emergency, crisis, or disaster. Incident management is the process of limiting potential disruptions caused by such events, followed by return to business as usual. Without effective incident management, incidents may interfere with business operations, information security, IT systems, employees, customers, or other important business functions.
Physical incident management
Incident management is considered more than an analysis of perceived threats and hazards to and organizations to address the risk of events occurring, and therefore the ability of such organizations to conduct business as usual during the incident. An important part of the risk management process and business resilience planning that incident Management is real-time physical activity.
Planning that has taken place to formulate a response to an incident - that disaster, emergency, crisis or accident - has been done so that effective business resilience can be made to ensure minimal losses or damage whether it is real or not. the real assets of the organization. Efficient physical management of the incident - leveraging the best available time and resources and understanding how to get more resources from outside the organization when needed by a clear and timely liaison - ensures the plan is implemented.
The National Fire Protection Association states that incident management can be described as, '[a] n IMS [incident management system] is "a combination of facilities, equipment, personnel, procedures and communications operating within a common organizational structure, designed to assist in resource management during the incident ".
Physical incident management is a real-time response that can last for hours, days, or longer. The United Kingdom Cabinet Office has produced National Recovery Guidance (NRG), aimed at local respondents as part of the implementation of the Civil Contingencies Act 2004 (CCA). It describes the response as follows: "The response includes actions taken to deal with the immediate impact of an emergency.In many scenarios, the likelihood is relatively short and lasts for several hours or days - rapid implementation of arrangements for collaboration, coordination and communication, therefore , important. The response includes efforts to deal not only with the immediate effect of the emergency itself (eg fighting fires, saving individuals) but also indirect effects (eg, distractions, media interests) ".
The International Organization for Standardization (ISO), which is the world's largest developer of international standards also makes a point in the ISO 31000: 2009 risk management, principles and guidelines of the document, "Using ISO 31000 can help organizations increase the likelihood of achieving goals, threats and effectively allocate and use resources for risk treatment ". This again points to the importance of not only good planning but effective resource allocation to deal with risk.
Computer security incident management
Today, an important role is played by the Computer Security Incident Response Team (CSIRT), due to the emergence of Internet crime, and is a common example of incidents faced by companies in developed countries around the world. For example, if an organization finds that an intruder has gained unauthorized access to a computer system, CSIRT will analyze the situation, determine the extent of the compromise, and take corrective action. Computer forensics is a task that is included in this process. Currently, more than half of the world's hacking efforts in Trans National Corporations (TNCs) occur in North America (57%). 23% of efforts are made in Europe. Having a comprehensive Incident Computer Security Incident team is an integral part of providing a safe environment for any organization, and an important part of the overall design of a modern network team.
Maps Incident management
Roles
Incidents in a structured organization are typically handled by an incident response team (IRT), or an incident management team (IMT). These are often designated earlier or during the event, and are placed within the organization's control while the incident is handled, to restore normal functionality.
Similar to IRT or IMT is Incident Command System (ICS). Popular with public safety agencies and jurisdictions in the United States, Canada and other countries, it is growing in practice in the private sector as organizations begin to manage without or jointly manage emergencies with public safety agencies. ICS is a command and control mechanism that provides an expandable structure for managing emergency agencies. Although some details vary according to jurisdiction, ICS typically consists of five main elements: command, operations, planning, logistics, and finance/administration. Some special staff positions, including public affairs, safety, and liaison, report directly to the incident commander (IC) when emergency guarantees the establishment of the position.
Usually as part of a broader management process in private organizations, incident management is followed by post-incident analysis where it is determined why the incident occurred despite the precautions and controls. This analysis is usually supervised by organizational leaders, with the view of preventing the repetition of incidents through preventive measures and often changing in policy. This information is then used as feedback to further develop its security policy and/or practical implementation. In the United States, the National Event Management System, developed by the Department of Homeland Security, integrates effective practice in emergency management into a comprehensive national framework. This often results in higher levels of contingency planning, training and training, and incident management evaluation.
Incident management software system
The incident management software system is designed to collect incident report data that is consistent, time-sensitive, and documented. Many of these products include features to automate the process of approving incident reports or case investigations. These products also have the ability to collect real-time event information such as time and date data. In addition, the incident reporting system will automatically send notifications, assign assignments and escalations to the appropriate individual depending on the type of incident, priority, time, status, and custom criteria. Modern products provide the ability for administrators to configure Incident report forms as needed, create analytics reports and manage access controls on data. This incident report may have the ability to customize most appropriate to the organization using the system. Some of these products have the ability to collect images, video, audio, and other data. Incident management software systems exist that deal directly with specific industries.
Analysis of root causes
Human factors
During the root analysis of the problem, the human factor must be assessed. James Reason conducts research into understanding the detrimental effects of human factors. The study found that major incident investigations, such as Piper Alpha and Kings Cross Underground Fire, explained that the cause of the accident was widely distributed within and outside the organization. There are two types of events: active failure - actions that have immediate and potentially causing an accident - and latent or delayed actions - events can take years to have an effect, usually in combination with a triggering event and then causing the accident.
Active failure is an unsafe measure (error and violation) committed by, for example, the machine operator and the task supervisor. These are the people in the human system interface whose actions can have immediate adverse consequences.
Latent failure is made as a result of decisions taken at higher echelons of an organization. The destructive consequences they may fall asleep for a long time only become clear when they join local trigger factors (eg, spring waves, difficulty loading at Zeebrugge port, etc.) to penetrate the system's defenses. Decisions taken in higher echelons of an organization can trigger events into accidents becoming more likely, planning, scheduling, forecasting, designing, policy-making, etc., can have a slow burning effect. Unsafe acts that trigger accidents can be traced back through the organization and subsequent failures can be exposed, indicating the accumulation of latent failures in the system as a whole that cause accidents to be more likely and ultimately to occur. Improved remedial actions can be implemented, and reduce the chance of events occurring again.
See also
- Essential factor model, formal method of incident analysis
- National Incident Management System in the United States
- Coordinated Area Coordination Management (Netherlands) in the Netherlands
References
External links
- National Insident Management System Consortium in the United States
- British Government Regulation, Civil Contingencies Act (CCA) 2004. (2012)
- Federal Emergency Management Agent (FEMA). (2012)
- What is Incident Management?
Further reading
- Adam Krug (2014-09/16), "Incident Case Study Software Management System", Case Study 1 - 34
- Wearne S H & amp; White-Hunt, K (2010), Managing Urgent and Unexpected, Gower Publishing - Case Study
Source of the article : Wikipedia
0 Comments