By Camila Correa

Calculate how much time you are wasting in the management of your technological incidents.

24Cevent Effective incident management Calculate how much time you are wasting in the management of your technological incidents.

We all know that not being aware of technological problems or receiving late and unclear alerts
could generate a series of challenges in the management of IT operations and business continuity
. Efficient incident management is key to the operational
continuity of your company.
These challenges and issues include:

Prolonged downtime: Disruptions in business operations, which can result in lost productivity and revenue.
Data loss: Serious consequences on regulatory compliance and customer reliability.
High recovery costs: When detection is not timely, more resources and time are needed to solve problems.
Damaged reputation and stress: Failures can affect customer satisfaction and increase pressure on IT staff.
Non-compliance with SLA: Legal or financial consequences.

Before addressing how to calculate the time you spend on IT incident management, it is
crucial to understand the stages involved from the time a technology problem occurs until
it is resolved:

Incident detection, using monitoring tool.
Alert prioritization and who resolves that type of alert.
A notification is triggered by sending an e-mail, message or call.
Gathering of information, scaling up with resolution teams.
Actions of the resolution team and creation of tickets.
Solution to the problem.

Let’s go to the times that determine the overall incident management time, the
which you should have calculated and if you don’t have them now you will learn how to do it.

Detection time.
Notification time.
Solution time.

Detection time:

This is the period from the time the technological failure arises until it is detected. This data can be obtained from your monitoring tool at
in the alert detail.

Notification time:

It is the time that elapses when a first notification arises until the resolutor
actually takes notice to resolve. You can get this data from your NOC or
notification tool. It helps you validate the effectiveness of the notification so that the resolver
actually pays attention to the alert and it does not go unnoticed as just another email.

Solution time:

Period of time between when the resolver is notified to fix until
actually fixes the problem.

Example How to measure these times.

1. Using a monitoring tool, in this case we will use Nagios as an example. We are looking for
the time the incident was detected that we will use throughout this example.

calculate-how-much-time-you-are-losing-on-your-technology-incident-management-vista-nagios-with-critical-error .

2. For notification, check the time of the first notification in your
IT incident management platform or in the NOC. If you only have a monitoring tool, check from there when
executed any mail.

3. To continue with our example, we will take a simpler look at the notification time on
our 24Cevent IT incident management platform.

calculate-how-much-time-you-are-losing-on-your-technology-incident-management-view-24cevent-view-operations-error-received-from-nagios

4. With these two data you can calculate your detection time:
(Detection time) = (Time IT incident starts) – (Time of first notification).

5. To calculate the notification time, we consider that the resolver receives a first
notification by mail, but actually pays attention by call and confirms that he/she is going to
resolver.

6. As in our example we are using 24Cevent, we go to the incident history and
we will see the time when the resolver confirmed the notification.

calculate-how-much-time-you-are-losing-on-your-technological-incident-management-view-24-events-with-notified-alarm

7. With this data we can obtain the notification time.
(Notification time) = (Time of confirmation) – (Time of first notification).

8. Finally, the solution time is calculated by subtracting the solution time from the time of
notification confirmation.

calculate-how-much-time-you-are-losing-on-your-technology-incident-management-vista-nagios-with-error-solved .

9. With this data, we can use the following formula:
(Time of solution) = (Time the incident is considered solved) – (Time of confirmation of
notification)

10. Note that it is essential to average these times from at least 10 different
alerts to get a more representative picture of the overall resolution time.

We also leave you other ways to calculate IT incident management indicators:

Time from failure to repair
MTTR = Total time spent on repairs ÷ number of repairs.
Measures responsiveness.
MTTA = Total time elapsed between alert and acknowledgement / total number of incidents.

How would the times be rated?

There is no universal average time, but 10 years of experience in the field
we could say that:

Detection time: if you have a well managed monitoring system the time
should be 0 minutes, since the solution should detect technological problems instantly, and if
are indirect it should create logics to maintain instant detection.

Notification time: the notification time should be less than 1 minute for critical
alerts and for minor alerts the alert confirmation period may increase the
notification time by hours, we recommend no more than 12 hours.

Time of solution: the time of solution is variable within the technological processes and organizational
of each company. If the resolver is notified it should route a solution
instantly taking 1 hour app, but if the solution is complex, involving more people the time
could increase hours or 3 days.

Solution?

If you want to have a notifier to do these calculations for you, talk to your monitoring tool
. We invite you to try the online demo of the 24Cevent solution, you will see
in a simple and fast way how to manage IT incidents.