Collaborative Incident Management
Incident management is a business process that helps a company identify, understand, resolve, prevent future recurrence and communicate with stakeholders whenever a disruptive event happens. Generally an incident is any disruption to or loss of business operation(s), service(s) or function(s). The term is often used in relation to IT service issues, product / service issues, security, privacy and data breaches but can extend to almost any critical business and / or technology event.
There are a number of “traditional” systems to manage incidents. These systems include help desk, contact center, IT service management (ITSM), field service management, complaint management and a number of point customer service solutions like live chat, customer self-service, co-browsing software, conversational support management, etc. These systems are mostly designed to track the incident to resolution, or communicate with a constituent in some manner. There is often some form of knowledge base to serve as a repository of learnings based on incident resolutions. As often happens with markets that are mostly designed for managing (something) or adding communication channels that are not present in the core systems, over time a more integrated solution is needed. Generally it evolves out of the traditional systems into something more complete and hopefully more innovative by leveraging newer technologies. This integrated solution can then take the place of a hodgepodge of loosely connected point solutions that often don’t deliver the intended outcomes. A more integrated process facilitates the move from a tiered support model to a more collaborative model that can quickly bring the “right” resource(s) to more quickly resolve the issue. Taken as a complete business process, and leveraging some newer technology, a complete solution should include:
Communication and collaboration
Tracking
Analysis
Automation
Skill identification and matching
Resolution and knowledge management
Proactive incident identification and communication
Salesforce Service Cloud
I’ve tracked Salesforce for many years and this past week I had a discussion with the Service Cloud team on some interesting capabilities they have now, as well as a roadmap view for the nearer term future that could create a better overall incident management solution in Service Cloud. Using a combination of build, integrate into and leverage acquired tech, Salesforce has an opportunity to transform how companies approach managing and resolving incidents in the future, as well as provide some extremely valuable capabilities now. While I can’t share the details of the roadmap, I can share the overall approach and some obvious opportunities for future improvements.
There’s a process in incident management called “swarming” that has emerged over the past couple of years. The idea seems pretty simple (and maybe just puts a name on something that companies have done in some fashion for a longer time), when there is a critical incident, bring a team together that has the capabilities and skills to find and execute the resolution. This approach eliminates handoffs and puts the spotlight on the issue and the “right” team to sort it out. While the idea is pretty simple, executing it effectively has some complexities and impediments created by the lack of a systematic way to manage the swarming. The process also eliminates the need for the escalation or tiered model in your support organization, creating instead a collaborative support model. The swarm process involves:
Track the details of the incident
Identify that the issue is critical, that there is no current solution for the incident and that it needs a specific skills to resolve
Identify the swarm lead (in an incident that can be resolved by the lead that person engages) and team members (if needed) based on the required skills and capabilities of the individual(s) for that specific incident
Notify the team and provide the details of the incident
Team collaborates to find solution(s) and communicates the resolution to the stakeholders
Swarm lead conducts a post-mortem to make sure the incident is closed, the solution is documented and tracked and that any process improvements are incorporated in future swarms
With the acquisition of Slack, Salesforce has an obvious tool to serve as the swarm operating system (OS). If completely integrated into Service Cloud (and a few other systems) Slack forms the natural vehicle for pulling together the “right” team (or person), provide all the incident details and create a single place where all the collaborative work is done. Since Slack can also cross the firewall, it can serve as the communication channel internally and externally. In addition, Salesforce has modified the data model to bring logical best practices of “Incident”, “Problem” and “ChangeRequest” objects natively to enable the swarming process. The swarm model powered by Slack can significantly reduce case resolution times. Salesforce shared an average resolution time reduction of 26%. In the Summer 2022 release the Service Cloud for Slack app is generally available along with “expert finder” (quick identify and notify the right team), swarm reports to track key metrics, and access Service Cloud records in Slack. Those are only the base capabilities of course, and much more is planned for the next few releases as the integration deepens and other capabilities are brought into the process.
There are some obvious enhancements available to the process based on the current Salesforce solution portfolio. Bringing in automation and AI from the Einstein platform, for example. Adding Salesforce Flow integration would add workflow capabilities, Mulesoft could add integrations and also the new Mulesoft RPA solutions, and of course Tableau could add advanced analytics.
The Startups
After my Salesforce conversation I saw a funding announcement from a startup in the incident management market. Incident.io announced raising a $34M series A this week. As I researched the company I realized that they too are using Slack as the swarming OS with some integrated AI and automation underneath. That research led me to another example of a startup using Slack as a swarm OS, Rootly. Rootly has several other out of the box (1 click) integrations that could be very useful like Zoom, Asana, Notion, Confluence and Jira, Airtable, Dropbox, FreshService, Google, etc. The complete list is here.
I found a few other startups of interest providing point solutions to different parts of the incident management process. Jeli provides incident analytics and also integrates with Slack. For automation focused on incidents, shoreline.io provides an incident repair and automation solution. BreachQuest is more of an end-to-end solution mostly focused on security related incidents. In addition to their Priori platform they offer managed services.
Next Gen Incident Management
As you can see a variety of solutions are coming at the process of incident management, either more holistically or providing point solutions for key parts of the process. A couple of common themes are driving the changes. All the solutions are providing some form of integrations to other related tools to build out a more robust approach. Collaboration is a key part of the redefined process and eliminates the tiered support approach of the past. Bringing the “right” skills to bear on a problem and facilitating a much faster resolution goes a long way to improving both internal satisfaction and the customer experience.
If you’re looking to improve your incident management processes and tools, reach out to us here.