In principle, any Incident with an unknown cause should be associated with a Problem. However, this will normally only be
worthwhile if the Incident occurs repeatedly or is expected to recur, or if there is a single serious Incident.
Instance is identified as a Problem when:
- Analysis of Incident details indicates that an Incident recurs, and leads to a significant volume or trend.
- Analysis of the infrastructure identifies the weak areas where new Incidents may arise.
- A serious Incident occurs which requires a permanent solution, as further occurrences should be avoided.
- Service Levels are threatened.
- New or recorded Incidents cannot be linked to an existing Problem or Known Error.
Trend analysis can uncover areas that need further attention. The additional efforts can be expressed in terms of the cost
and benefits to the organization, taking into account:
- Cost to the business activities of the Incidents
- Number of Incidents
- Number of users/customers and business processes affected
- Time and cost of resolving the Incidents