Service Desk Management Process
The Service Desk will operate within the KPMG Global Security Operations Centre (GSOC) to serve as a single point of contact for all requests coming into the GSOC and provide an interface to other processes that service these requests.
The GSOC will utilise the ITS Global Service Desk Tool (now known as the Service Desk Tool) and associated processes to handle requests coming into the GSOC. This document describes the activities that the GSOC will perform to use these tools and ensure that all relevant information about requests coming into the GSOC is collected and all requests are managed throughout their lifecycles.
This document covers the activities that are performed within the GSOC to manage requests within the Service Desk Tool for new or changes to existing GSOC services and requests for help from member firms in relation to security incidents.
The responsibility of ownership and ongoing management of this document, including the processes contained therein, rests primarily with the Head of GSOC.
The intended audience for this document is the GSOC Team.
Exceptions will be in line with ITS Global Service Desk Management and must be validated by the GSOC Operations Manager.
Any violations to this policy should be reported directly to the following email address:
Service desk: a service for managing help desk incidents, problem tickets, change records and service requests.
The following roles have responsibilities for respective components of the service desk management process. This list is not intended to provide an extensive list of the responsibilities of each of the roles:
The GSOC Operations Manager is manages the overall service desk activities and acts as a further escalation point for issues that cannot be resolved by senior members of the GSOC.
An Escalation Group will be assigned within the Service Desk Tool to receive tickets raised for the attention of the GSOC. The Escalation Group will comprise of one or more members of the GSOC and will monitor the Service Desk Tool queue, review incoming voicemails, log tickets as necessary and determine the appropriate escalation paths for requests.
A requestor is an individual or group of individuals that may request for a service, report an incident or request for support from the GSOC. Requests may come from within the GSOC, Member Firms, ITS Global or other entities external to the GSOC.
The workflow below describes how the GSOC interacts with ITS Global Service Desk to manage all requests and incidents sent into the GSOC throughout their lifecycles.
2.1 Process Description
The following sections describe the workflow shown in the diagram above.
The requestor will raise a ticket through the Service Desk Tool in accordance with the ITS Global Service Desk requirements. Requests sent directly to the GSOC through the GSOC Communication Process must be logged as tickets by members of the GSOC on behalf of the requestor.
If an incoming request concerns a Change, then the ITS Global Change Management Process will be invoked.
The Escalation Group assigned for the selected service or request type will receive the ticket and determine whether it is sufficiently documented.
The Escalation Group will gather as much information as possible on the request reported. Any incomplete or suspected inaccuracies will be verified with the requestor to make sure that a complete and reliable description of the request is obtained.
If the requestor cannot provide the information requested then a reminder will be sent to the requestor and the ticket updated in line with the ITS Global Service Desk Management Process.
2.1.5 Triggering processes to resolve the issue
The ticket should be assessed to determine which GSOC process to service the request and the identified GSOC processes will then be invoked as follows:
|Service request||ITS Global Service Management Process||Member firm requesting for detailed report not available on the list of reports|
|Security incident||ITS Global Security Incident Management Process||Member firm seeking support to resolve a security incident|
|IT Incident||ITS Global IT Incident Management Process||Member firm unable to access a service provided by the GSOC|
|Change||ITS Global Change Management Process||Tooling engineer determines a change to one or more services within the GSOC is needed in order to resolve the issue reported in the request|
The tickets will be reassigned as necessary, depending on the escalations specified in the respective GSOC process.
When a solution has been provided/found, the ticket should be updated to indicate that the issue has been resolved and the end-user will be notified in order to verify if the proposed solution is acceptable for the problem raised. Once the issue is resolved, documented and verified by the user, the ticket should be closed.
However, if the problem remains the issue will be raised as a problem and handled through the ITS Global Problem Management Process. The original ticket should be updated to indicate that the issue has been pushed to problem management and closed.
When new information is uncovered in the investigation of an issue, the incident should be updated accordingly. The assignee should log all phone conversations, e-mail, file attachments, status changes, reassignments, and create relationships whenever they occur in order to keep the investigation information and status relevant and up to date.
The Escalation Group should review Incident tickets in their queue to provide updates on the progress towards a solution. Any reminders received about pending tickets should be acted upon in accordance with the priorities and any agreed SLAs.