An Incident Response Best Practice Communication Approach

Written By Zachary Bailey

Introduction

At James Anthony Consulting (JAC), we understand the importance of swift and effective communication in incident response. Managing software system incidents and investigations can be challenging, but with the right communication processes, we can significantly improve the experience for our clients and their customers during their most difficult moments. This article outlines our best practice communication process, ensuring that every member of our team is equipped to handle incidents efficiently and professionally. This ensures we can keep our clients informed and their business operations best supported at all times.

Communication Standards

1. Immediate Acknowledgment: Upon receiving a client's support ticket, our first step is to reply promptly with an assurance, such as "on it." This quick response is crucial to let the client know we are attentive to their needs. We should also ensure the ticket is documented within our relevant ticketing system.

2. Assessing Urgency: Next, we evaluate the urgency of the issue. Key considerations include whether customers are dissatisfied or blocked (urgent), if there are internal deadline blockages (urgent), the availability of workarounds (high priority), or if the issue is more of an inconvenience than a blockade (medium priority).

3. Issue Reproduction and Respect: Our team attempts to reproduce the issue. If unsuccessful, we communicate this respectfully to the client and propose a screenshare, avoiding dismissive phrases like "I can’t reproduce the issue." Acknowledging the client’s problem is crucial, as they are not imagining their difficulties.

4. Isolating the Cause: Once the issue is reproduced, we focus on isolating its cause.

5. Continuous Updates: Throughout the process, we maintain regular communication with the client, providing updates on our actions and next steps. The frequency of updates depends on the issue's priority:

  • Urgent issues: Updates every hour, skipping at most two consecutive hours.

  • High priority: Updates at least at lunchtime, first thing in the morning, and end of day.

  • Medium priority: One update per day.

  • All issues should be included in the PM’s weekly status update if they remain open.

6. End-of-Day Updates: Regardless of the issue's status, we ensure to update the client by 4:30 PM to prevent them from needing to follow up with us.

Additional Communication Protocols

  • CC the PM: Always CC the Project Manager on all communications to keep them informed.

  • Communicate With Clarity: If an update might surprise or confuse the client, consult the PM first to ensure the information is provided with full context and explanation. If PM is unreachable, proceed with the update and call the client immediately to ensure the information is understood.

  • Set Expectations: Always inform the client in the email when they can expect the next update.

  • Report Additional Issues: If another issue is noticed, report it as a footnote, focusing first on the main problem.

  • Take Ownership of Monitoring Issues: If a monitoring issue arises and hasn’t been addressed, take responsibility for reporting and addressing it.

  • Team Accountability: We do not assign individual blame for issues. Instead, we focus on team-based process and habit improvement.

  • Focus on Client Concerns: In case of emotional responses from stakeholders, focus on their problems and questions and what the emotional response is highlighting, rather than moments of frustration. Maintaining a cool head in a crisis ensures the crisis can be best managed.

  • Keep Tickets Up To Date: always update the ticket in the system with any new findings, aiding other collaborators and helping you collect your thoughts.

Closing Tickets

A well-closed ticket includes the issue cause, resolution performed, and a plan for future prevention. It typically involves these steps:

  • Solving Immediate User Impacts: Addressing the immediate concerns of end users and the business.

  • Resolving the Bug: Fixing the underlying issue.

  • Prevention: Analysing how the bug occurred and implementing measures to prevent future occurrences, such as adding the bug to the regression test suite.

  • Documentation: Prepare an incident response report, update any other documentation as-needed. An incident response report should have these headings: Date of incident, Reporter, Severity (critical, high, medium, low), Timeline of response (include times, actions, people), Exposure / impacts, Suspected root cause, Resolution of issue (how was it resolved), Mitigation steps / prevention in future.

  • Communication: notify others about the incident for awareness by circulating the incident response report to the client and other system maintainers.

Conclusion

At JAC, we believe in creating a positive experience for our clients, even in challenging situations. By adhering to these communication standards and focusing on being customer-oriented, as emphasised in the ISO9001 standard, we best support our clients’ success. Remember, effective communication during a crisis is not just about resolving the issue; it’s about supporting and communicating with clients every step of the way.

Zachary Bailey
Previous

Cultivating Communication: The Art of Storytelling at James Anthony Consulting
Next

Effective Task Handovers: The “Five Ws” Framework