Understanding the theory and applying it is one thing, but understanding the theory and applying it to reality is another.
Two entities is a very simple concept to understand, but let's add another service: the ITIL Change Management Process.
Using this as an example of trying to build the communication channels between the three service organizations, we can start by asking some questions:
- Are there any service level agreements in place between these three entities?
- Are there any organizational level agreements in place between these three entities?
If the answer is yes or no, we would next have to understand the following:
- At what point does an IT incident go through the change management process?
- At what point does an IT security incident go through the change management process?
- Who is responsible for what during this process?
- Who is accountable for what during this process?
- Who is supporting during this process?
- Who is consulted during this process?
- Who is informed during this process?
Now between the managers of the IT incident response, IT security incident response, and change management organizations, the goal would be to:
- Understand the information requirement requests from higher management
- Understand the strategic relevance of communicating
- Develop and establish a collaborative and integrated process
- Develop and establish SLAs/OLAs
- Develop and establish metrics and accountability for handling the incidents
- Establish who has the authority to initiate a change request
All of these items are things to consider when trying to create a consolidated metric and communication channel for an end-to-end process.