incident

An incident, in the context of information technology, is an event that is not part of normal operations that disrupts operational processes. An incident may involve the failure of a feature or service that should have been delivered or some other type of operation failure. Security incidents are events that indicate that an organization's systems or data may have been compromised.

In this context, an event can be any occurence that has significance for system hardware or software, including those that are part of normal operations. Incidents include minor disruptions, such as running out of disk space on a desktop machine, as well as major disruptions, such as data breaches involving the exposure of sensitive information.

As an element of IT Service Management (ITSM), incident management involves returning a disrupted service to normal as quickly as possible after an incident, in a way that minimizes any negative impact on the business. To that end, the process starts with identifying incidents that are sufficiently serious to be a cause for concern and then categorizing those incidents according to the source of the problem, the severity, the assets affected, the roles of affected personnel and the method of resolution.

See a brief video about ITIL incident management activities: