Overview
Major incidents are incidents that are used to track and resolve major losses to service. Major incident records use the same form as regular incidents with additional fields used to record information for the major incident process.
In this article:
- Major Incidents in Application Navigator
- Major Incidents Modules
- Incident Communications Management Modules
- Major Incident Forms
- Incident Communications Management Forms
- Major Incident - Groups & Roles
Major Incidents in Application Navigator
The ServiceNow application navigator offers separate views for the ITIL fulfiller and Major Incident Manager roles. For a user with ITIL fulfiller role the major incidents tab appears as:
Whereas for users with a role of Major Incident Manager the major incidents tab will appear as:
Major Incidents Modules
The major incidents modules appear as items under the Major Incidents dropdown in the application navigator (pictured above). These modules are all available to both ITIL Fulfillers and Major Incident Managers with the exception of Create Major Incident which is only available to Major Incident Managers. Each module is listed below:
- Overview - A dashboard that provides a visual overview of major incidents
- Create Major Incident - Create a new major incident with major incident state "accepted"
- Open - Create a new major incident with major incident state "accepted"
- All - List of all major incidents in your organization, including resolved major incidents
Incident Communications Management Modules
The following modules appear under the Incident Communications Management dropdown in the application navigator and are only accessible to Major Incident Managers.
- Mailing Lists - List of mailing lists that are used for major incident notifications
- Mailing List Notification Plans - List of default mailing lists that are included on all major incident communications for an organization
Major Incident Forms
Incident Form - Major incident tab
The major incident tab is a form that is only visible for major incidents (not regular incidents). This form is composed of the following fields:
- Major incident state - Used to differentiate major incidents from regular incidents
- Major incident watch list - A list of mailing lists that will receive communications for this major incidents. Click the lock to make changes. Once an major incident is saved, all groups listed in the organization's Mailing List Notification Plan will be automatically added to this list
- Business impact - Free-text field that is used to describe the business impact of the major incident
- Probable cause -Free-text field that is used to describe the likely causes of the major incident
Incident Form - Post Incident Report Tab
The post incident report tab contains additional information about the major incident with the following fields:
- Overview - Rich-text field used to describe the major incident from a high-level
- Findings - Rich-text field used to describe findings to the major incident
- Timeline - Automatically populates based on the activity log of the incident when the incident is set to resolved
Incident Communications Management Forms
Incident Communications Management - Mailing List Form
The mailing list form defines a record that specifies which email address to forward updates to along with a human-readable contact name, and the organization that will be able to viewing the mailing list
- Email - The mailing list's email address
- Name - A human-friendly name for the mailing. This is what will display in the Major Incident Watch List picker.
- Organization - The major incidents assigned to an assignment group from this organization will be able to see these mailing lists in the Major Incident Watch List picker
Incident Communications Management - Mailing List Notification Plan Form
This form is similar to the above except it only defines the organization field (as above) and contains an additional Mailing List field for adding mailing lists to major incidents for specified assignment groups.
Organization - The department for the mailing list notification plan
Mailing Lists - Mailing Lists that are present in this list will always be added to major incidents for assignment groups in the department listed on the form
Major Incident - Groups & Roles
The following groups and their associated roles each specify different access privileges related to major cases:
- Internal-ITS-MajorIncidentLocalPassword - This group grants access to the local_password role, which allows users to set a local password in ServiceNow on their user record.
- Internal-ITS-MajorIncidentComms - This group grants access to the major_incident_manager role, which allows users to create major incident records and modify major incident mailing list addresses and notification plans.
- Internal-ITS-MajorIncidentUsers - Used to grant ITS ITIL users the major_incident_user role, which allows them to create major incidents, and add additional mailing lists but not to modify administrative settings for major incident management