The Palos Publishing Company

Follow Us On The X Platform @PalosPublishing
Categories We Write About

Prompt models for incident severity classification

Written by

Bernardo Palos

in

Incident severity classification is an essential part of incident management in various sectors, such as IT, healthcare, manufacturing, and emergency response. The goal is to prioritize incidents based on their potential impact on the organization, system, or people involved. Below are some prompt models that can be used for classifying the severity of incidents. These models can be adapted based on the specific needs and context of the organization:

1. Basic Severity Classification Model (IT or System Incidents)

Severity 1 (Critical)

  • Definition: System down, major service disruption, or critical issue affecting a large user base.

  • Examples:

    • Entire application or system is offline.

    • Severe data breach or cybersecurity incident.

    • Critical infrastructure failure.

Severity 2 (High)

  • Definition: High-impact issue that severely disrupts operations but does not render the system or service completely unavailable.

  • Examples:

    • A major function or feature of the system is unavailable.

    • Partial data loss, which impacts a significant number of users.

    • Performance degradation affecting multiple users.

Severity 3 (Medium)

  • Definition: Moderate impact with a workaround available. Limited number of users affected.

  • Examples:

    • Non-critical features are broken or partially working.

    • Moderate degradation of performance, affecting a small number of users.

    • Minor security vulnerability with no immediate threat.

Severity 4 (Low)

  • Definition: Minor issue or inconvenience that does not impact operations significantly.

  • Examples:

    • Small UI/UX bug that doesn’t affect functionality.

    • Issues that have little to no impact on business continuity.

2. Healthcare Incident Severity Model

Severity 1 (Catastrophic)

  • Definition: Immediate threat to patient safety or health. Critical impact.

  • Examples:

    • Incorrect medication administered leading to an adverse reaction.

    • Life-threatening error in surgery or patient care.

Severity 2 (Major)

  • Definition: Significant harm to patient care or safety, but not immediately life-threatening.

  • Examples:

    • Delay in critical diagnosis or treatment.

    • Infection or injury requiring extended care.

Severity 3 (Moderate)

  • Definition: Minor impact on patient care or safety, may result in discomfort but not severe harm.

  • Examples:

    • Minor complications in treatment.

    • Errors in patient records that do not immediately affect patient care.

Severity 4 (Minor)

  • Definition: Small errors or concerns that have no impact on patient safety or comfort.

  • Examples:

    • Administrative errors or non-critical issues.

    • Minor delays in service without affecting patient care.

3. Manufacturing Incident Severity Model

Severity 1 (Critical)

  • Definition: Immediate risk to safety or major damage to production assets.

  • Examples:

    • Worker injury or fatality.

    • Severe equipment failure that halts production.

Severity 2 (High)

  • Definition: Major production disruption or damage with a significant financial impact.

  • Examples:

    • Partial shutdown of a production line.

    • Large-scale product defects requiring recall.

Severity 3 (Medium)

  • Definition: Moderate disruption with limited production impact.

  • Examples:

    • Short delays in production.

    • Minor defects affecting a small number of products.

Severity 4 (Low)

  • Definition: Minor issues with negligible impact on production or safety.

  • Examples:

    • Small maintenance issues or slight inefficiencies in the process.

    • Non-critical quality concerns.

4. Emergency Response Incident Severity Model

Severity 1 (Disaster)

  • Definition: Large-scale disaster affecting public safety and requiring immediate large-scale intervention.

  • Examples:

    • Earthquake, flood, or wildfire causing widespread devastation.

    • Terrorist attack or other catastrophic events.

Severity 2 (Major)

  • Definition: Large-scale emergency that threatens public safety but can be managed with existing resources.

  • Examples:

    • Building collapse or industrial accident.

    • Large fire or hazardous material spill affecting a localized area.

Severity 3 (Moderate)

  • Definition: Significant local impact that requires response but is manageable within normal operations.

  • Examples:

    • Flooding in a specific region.

    • Vehicle accident with multiple casualties.

Severity 4 (Minor)

  • Definition: Small-scale emergency requiring minimal intervention.

  • Examples:

    • Medical emergencies (e.g., individual injuries).

    • Minor fire or localized hazard.

5. IT Support Incident Severity Model (User Support)

Severity 1 (Critical)

  • Definition: Complete system failure or issue causing high business impact, with no workaround available.

  • Examples:

    • Entire network or critical system is down.

    • Major security breach.

Severity 2 (High)

  • Definition: Service disruption with significant impact on users or business functions.

  • Examples:

    • Application or system is partially down with limited functionality.

    • Important data loss or system errors affecting a large number of users.

Severity 3 (Medium)

  • Definition: Issue with moderate impact, can be worked around.

  • Examples:

    • Non-critical feature is broken but a workaround exists.

    • Performance issues affecting a limited number of users.

Severity 4 (Low)

  • Definition: Minor issues or user-reported concerns that do not affect business functions.

  • Examples:

    • UI bugs or cosmetic issues.

    • Requests for minor improvements or updates.

6. Security Incident Severity Model

Severity 1 (Critical)

  • Definition: A significant security breach with severe impact, requiring immediate attention.

  • Examples:

    • Data breach exposing sensitive customer information.

    • Ransomware attack affecting critical infrastructure.

Severity 2 (High)

  • Definition: Security vulnerability with potential for exploitation, but not yet fully impacting the system.

  • Examples:

    • Unauthorized access attempt detected.

    • Malware detected on a significant number of endpoints.

Severity 3 (Medium)

  • Definition: Minor security issue with low risk of exploitation or impact.

  • Examples:

    • Outdated software vulnerable to known attacks.

    • User account issue with no immediate security risk.

Severity 4 (Low)

  • Definition: Low-level security concern with minimal or no impact.

  • Examples:

    • Weak passwords or non-critical security misconfigurations.

    • Routine patching required for non-vital systems.

Summary

Each of these models outlines categories that can be customized based on your organization’s specific needs. It’s important to ensure that your severity classification aligns with the organization’s overall risk management and response protocols. You might need to incorporate additional factors like time sensitivity, potential business disruption, and regulatory implications in each classification to fine-tune the model.

Share this Page your favorite way: Click any app below to share.
See all the ways to share this page

Enter your email below to join The Palos Publishing Company Email List

We respect your email privacy

Check Out Our Newest Posts we wrote about

Categories We Write About