There are several IT major incident service models. The end goal is always the same, but some of the people and their roles may vary depending on how your IT operations are organised and serviced.
For the purposes of this post we will focus on the most common types. For those of you that are new to the world of IT or have not got to grips with the ever-growing, ever-changing acronyms in this industry we have detailed some definitions.
Managed Service Providers (MSPs)
An MSP is a company that exists specifically to provide IT services and products to other organisations that choose to outsource their IT services, either in part or completely.
There are several variations in the way in which an MSP can deliver a Major Incident Management service:
- Dedicated Major Incident Management – Where the MSP’s people, processes and resources are supplied exclusively to the end customer’s business (i.e. they do not work on any other customer accounts).
- Shared Service Major Incident Management – Where an MSP has one Major Incident Management service and team that delivers Major Incident Management services to many different customers simultaneously.
There are pros and cons to each of these models. Whilst a shared service is often less costly, it can result in a service that is not as focused or as available as a dedicated team would be. A dedicated major incident service will cost more, but delivers a dedicated team whose knowledge of the end customer’s business is enhanced, which, when coupled with increased focus and capacity, results in a more effective delivery.
In-house IT operations
Where an organisation’s IT service are provided in-house and all or some of the staff work directly for the end user business.
There are three Major Incident Management models that an in-house IT operation can provide:
- Total Ownership Major Incident Management – Where the in-house IT operation has its own Major Incident Management function which manages and coordinates all suppliers, third parties, vendors and operational teams during a major incident. It does not have a counterpart service within its vendor, third party or supplier companies.
- Mirrored Major Incident Management – Where the in-house IT operation has its own Major Incident Management staff, yet also pays some or all of its suppliers for an outsourced major incident service. It may pay suppliers for parts of the service or they may operate a tiered model, where one supplier takes charge of other suppliers during a major incident.
- Fully outsourced Major Incident Management – Where no Major Incident Management function exists within the in-house IT operation and all Major Incident Management is outsourced to suppliers to manage.
Mirrored Major Incident Management is often seen in large organisations that have complex IT services that are delivered by many suppliers. Finance companies often have several IT suppliers and therefore use the mirrored model.
In the mirrored model, the in-house team provides all of the internal communications to end users, whilst also managing and monitoring their supplier’s major incident teams. This adds a layer of control for the end user organisation.
The fully outsourced model means that the organisation is completely reliant on its suppliers for effective service delivery when a major incident occurs.
Deciding which Major Incident Management model is most appropriate for your organisation requires you to analyse the business needs, the resources and finances available, and the potential impact of major incidents on your business.