Incident categorization is a challenge for IT organizations. Whether it is due to culture, politics, complexity, or an inability to agree, every organization at some point finds that the categorization of incidents is ineffective, out-of-control, or difficult to maintain. Why does it cause so much of a challenge?
There is no one right way to create a categorization. There’s no template. Every organization is different. The products and services are different. The service levels are different. The customers are different, and the required information to track is different. Even the reports differ. These distinguishing factors impact how incidents are tracked and monitored. There is no master categorization to use because it is up to your organization to define what works for your environment.
There is no one right way to create a categorization scheme. There’s no template. Every organization is different.
What Is Categorization?
Categorization is an essential activity in both incident and problem management. Categorization is the process of arranging incidents and problems into classes or categories. The main objective is to understand what type of incident has occurred. Over time, if incidents are categorized similarly, the data is then used to identify trends and focus efforts on improving proactively. If the data is flawed due to poor categorization, then it makes it incredibly challenging to know what improvements are needed and how to prioritize those improvements.
Categorization is not just used in the management of transactional work within an IT organization. We use classification to arrange a vast array of datasets. Two examples are the Dewey Decimal System and a recipe box. Let’s examine both in more detail.
The Dewey Decimal System. In most libraries around the world, the Dewey Decimal System is used to classify or categorize books. Essentially the goal is to organize knowledge into 10 main classes. Each main class is then further subdivided into 10 divisions. Each division is then further divided into 10 sections. Ultimately, the categorization system contains 10 main classes, 100 divisions, and 1000 sections. The Dewey Decimal System identifies the correct location to store and retrieve a book within the library’s bookshelves. Additionally, books of a similar genre are stored on the same shelf and related works on shelves nearby.
A Recipe Box. A recipe box is also an example of a categorization scheme. However, with this categorization, there is no established standard to follow. For instance, you could store the recipes by food type (appetizers, beverages, bread, breakfast, cakes, candies…) or to make it easier to find a recipe based upon the food you have in your cupboard. you could store them based upon main ingredient (apples, bananas, beans, beef, berries…). Other categorizations could include ethnic identity (Asian, Chinese, European, French…), special occasion, or by unique classifications (6 ingredients or less, bread machine, casseroles, diabetic…). The options provide an extensive array of possibilities, but it also is an example similar to what happens in organizations with incident classification. Without standardization,recipes can be stored in more than one category and may make it difficult to find.
Why Is It Important?
Linking of Service Management Information. When incidents, problems, known errors, events, workarounds, and changes share a common or similar categorization scheme, it is much easier to link the related records. For example, a service owner can run a report and find all incidents, problems, events, known errors, workarounds, and changes related to a service.
Improved Root Cause Elimination. Trend analysis based upon categorization can help to identify faulty components and repetitive errors and assist with more accurate root cause analysis. Historical information related to services is only helpful when trends can be identified. If a problem or incident can be entered into the service management system in more than one way, trends can be missed or under-reported.
Improved Knowledge Searches. When an incident can only be categorized in one way, the search against previous knowledge is more effective. The analyst searches for knowledge in the form of incidents, problems, or known errors within the same categorization. The categorization provides the context for searching for related knowledge and narrows down the data to a much more manageable subset. If knowledge is not present, the categorization provides the context to begin gathering the necessary information to diagnosis and categorize the new knowledge.
Improved Process Efficiency. The activity of categorizing the incident speeds up the incident management process and creates greater efficiency within the process flow. If the issue cannot be solved, the categorization determines the appropriate incident escalation group. When the escalation group is tied to the categorization, the organization can eliminate errors in escalation and improve the efficiency of the incident management process.
Prioritization is also an important activity that identifies the importance of an issue related to business impact and urgency. In most environments, categorization will drive what is set for a priority. For example, a critical business application that is used by a vital business function may require faster response and resolution timeframes when setting the priority of an incident.
Service Improvements. Finally, another benefit to useful categorization is the ability to produce meaningful reports that help the organization to take a more proactive approach to manage services. The available information is used by the service manager along with continual service improvement to make informed decisions on how to improve the overall quality and delivery of services and possible ways to innovate services in meaningful ways for the business.
Why Is It So Challenging?
Organizations allocate resources to different functional units that require specific skills and experience to manage the infrastructure effectively and manage services for improvements in business outcomes. However, the functional units often have very different perspectives on what represents an appropriate categorization structure. Typically, one group wins the discussion, and the categorization is established by one group that will be used by all functional units. Another contributing factor to the difficulty of developing a single structure that works for the entire organization is that the infrastructure is complex, and it is difficult to determine a single structure that allows for tracking of incidents across such a variety of potential issues.
Often there are political pressures to make changes to the structure. For example, if a product or service is not listed explicitly in the categorization structure, it can be viewed as not being important enough to the organization. When this occurs, pressure is often used to get a product added to the categorization so that it gains visibility. Also, as the organization goes through change, the categorization grows organically over time as products are added and released from the environment. The organic growth often results in a fragmented structure to the categorization. The fragmentation is worse in environments that have not established policies or standards on when and how to change the categorization structure.
What Works in Categorization?
When developing a categorization scheme, it is helpful to have three to four hierarchical menus where lower types form part of the higher-level categories. For example, a family is comprised of parents, children, and issues. If you select a family, then the parents form part of the family. Once a parent is picked, the children belong to the selected parents, etc. From a service management perspective, typical categorizations schemes are Service/Category/Type/Item/Action; Type/Service/Component/Symptom; or Location/Service/System/Application.
Here are two sample structures with sample selections to help you understand how each is used as well as similarities and differences:
A carefully designed categorization scheme will simplify how incidents are entered into the system, reduce errors in miscategorization, and tie each unique category/type/item to a specific owner.
Hierarchy/Dependencies Required. An important factor in reducing errors is the use of a hierarchy. The choice in the first menu provides a subset of choices in the second menu. By using a hierarchy, users have a limited number of choices instead of trying to choose from all options. The following graphic shows the difference between using a hierarchical structure and not using one:
Categorization Dependencies. In the overall service value system, there are other aspects of value delivery that are tied to the categorization. The service catalog provides a view of the services that are in the operational environment. The ability to put services into categories that make sense to our customers makes it easier for customers to find information about those services and how to request them. The categorization of incidents is directly related to the ability to categorize our services. All too often, organizations try to categorize incidents before they understand how to categorize services. Even worse, if you decide to categorize incidents without understanding what services are provided, then the categorization is likely to be technology-focused and cannot provide a view of the impacted service. This will limit proactive service management.
Incident management drives process improvement through the analysis of incidents to identify improvement opportunities. By using accurately categorized incident data, the overall customer experience can be analyzed to determine what is working well and where improvements can be made for the customers.
Career development also depends upon categorization. For each service in the service catalog, the organization needs to have a full understanding of the skills and level of experience required to support the offered products and services. When a new service is added to the service catalog, it is then entered in the incident categorization, and training and skills development requirements should then be identified. Additionally, management can use the identified skills and experience requirements to develop training and career development plans for analysts.
Categorization is also critical to establishing expectations when the organization develops operational level agreements. What is solved at the service desk before it is escalated to level 2? The organization needs a core understanding of the types of incidents related to services, the level of support provided at the service desk, and what support is provided by level 2 and beyond.
Event management also has a direct dependency on incident categorization. The ability to build automation that supports filtering and correlation of events to determine the appropriate control action is vital to the success of the process.
Proactive problem management is nearly impossible to do without useful categorization. Imagine trying to run a report that provides visibility into all incidents and problems related to a specific service, type of issue, or component if the analyst can log a single incident in five or six different categorizations. There will be no ability to conduct trend analysis.
A report may find some similarities between incidents and problems. But without the full picture, we may not. Service improvement and error elimination opportunities are much easier to identify with a working categorization that is used in both the problem and incident management processes.
Overall, the information captured within the ITSM system represents the knowledge needed across the service value stream to understand what and how to improve service delivery.
It is no wonder why an accurate and usable categorization scheme is challenging to do. With so many dependencies and requirements, how do we create a categorization scheme that works? In my next article, I will explore how to create a categorization that works for capturing incidents within your service management system.
Julie is a dynamic, engaging change agent who brings authenticity, integrity, and passion to practitioners worldwide. Through her books, articles, speaking, consulting, and teaching, her purpose is to spark change in the world with thought-provoking dialog and interaction on topics of authentic leadership, business strategy, knowledge management, organizational culture, and innovation. Julie has a B.S. in computer science from The Ohio State University and an MaED from the University of Phoenix and is currently pursuing her Ph.D. in Management and Organizational Leadership in Information Systems & Technology from the University of Phoenix. She is an ITIL Expert, Certified Help Desk Director, and Certified Governance IT Professional. She is an HDI Business Associate and teaches training and certification classes for service and support professionals. Visit her website, and follow her on Twitter @JulieMohr, YouTube, and LinkedIn.