What is the industry standard for business-critical IT incidents - are there any rules of thumbs to gauge if a dept has "too many" or is on par?

Process ManagementApplications & PlatformsDatabase+4 more
169 views9 Upvotes4 Comments
VP of IT and Platform Strategy and Product Management in Telecommunication, 1,001 - 5,000 employees
Super complex question as it relates to industry and business criticality. Obviously some areas should be 1 is too many if the product or solution is business critical, requires real-time experience, etc. In such cases, redundancy and survivability (e.g. telecoms) must be invested in. Vs. products which dont require real-time services. 
Director of Information Security in Software, 10,001+ employees
Number of users and geographical reach (the greater the users base and usage across geographies).  

Financial month-end and or quarter end, applications, solutions and or back-end jobs.
CTO for Digital & IT in Healthcare and Biotech, 10,001+ employees
This is a really hard question actually, as there are a lot of variables:
- How have you defined "business-critical", and have you been super-disciplined in applying the rules so that only the most truly critical incidents are considered business-critical ? For example, we consider an incident critical (P1) if it involves a critical service, and either involves multiple users on a critical site, or affects all users. And the definitions of critical service and critical site are precise and applied with discipline so that only a few incidents are truly considered P1s.
- There can be a lot of noise early in the incident management process that leads to P1s being created because the user was screaming or the service desk misread the situation => reclassifying things quickly and objectively is very important as well.
- If you assume that what's left are the "real" P1s, I'm not sure there is a target number I can point to, but where I work (3000 locations, 70k users), the number of *real* qualified P1s is fairly stable at between 10 and 20 a month overall across all of IT (infra, apps...) and I think that feels about right given that you can't wholly avoid these kinds of outages.
- You need to track a couple things on this front, namely the trend over time of P1s (and take action if it diverges suddenly for some reason), and perhaps most importantly the number of P1s that are related to an IT-managed change, as those are the nastiest to explain to the business => the target there should really be 0.
2
Chief Information Security Officer in Healthcare and Biotech, 1,001 - 5,000 employees
Depends on the context of the business.. As a starting point refer ISO27001
1

Content you might like

The OpenInfra Foundation, the successor to the OpenStack Foundation, has announced that Microsoft has joined as a Platinum Member. If you use OpenStack, what do you run it on currently?

CloudNewsInfrastructure

Azure30%

AWS52%

Google Cloud9%

OpenStack Cloud2%

Other (Please share below)4%


526 PARTICIPANTS
2k views1 Upvote

My organization’s plans to return to the office in 2022 will be postponed.

People & LeadershipProcess ManagementAvailability & Capacity Management

Strongly Agree10%

Agree59%

Neither Agree nor Disagree16%

Disagree10%

Strongly Disagree5%


224 PARTICIPANTS
609 views

What technology solution are you using for your employee experience platform?  How does it integrate with your HCM solution and intranet solution?  Any do's and don'ts, lessons learned to share?

Applications & PlatformsPeer InsightsStrategy & Architecture
350 views2 Comments

What are some great on-prem and SaaS programs for internal PKI and Certificate Life Cycle Management? 

Applications & PlatformsSecurity & GRC
Read More Comments
1.7k views1 Upvote2 Comments

What quantity and size of projects do you expect a Project Manager to oversee at one time?

Process ManagementFeedbackTeam & Organizational Design+2 more
Read More Comments
2.2k views5 Comments