Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

DS10.2 - Problem Tracking and Resolution

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective DS10.2 - Problem Tracking and Resolution is contained within Process Popup Manage Problems.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

This Topic Has:
5 Members
0 Online
4264 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer

Problem Tracking and Resolution

Ensure that the problem management system provides for adequate audit trail facilities that allow tracking, analysing and determining the root cause of all reported problems considering:
  • All associated configuration items
  • Outstanding problems and incidents
  • Known and suspected errors
  • Tracking of problem trends
Identify and initiate sustainable solutions addressing the root cause, raising change requests via the established change management process. Throughout the resolution process, problem management should obtain regular reports from change management on progress in resolving problems and errors. Problem management should monitor the continuing impact of problems and known errors on user services. In the event that this impact becomes severe, problem management should escalate the problem, perhaps referring it to an appropriate board to increase the priority of the request for change (RFC) or to implement an urgent change as appropriate. Monitor the progress of problem resolution against SLAs.

View value and Risk Drivers  help

Hide value and Risk Drivers help

Value Drivers

  • Limited disruption to or reduction of IT service quality
  • Efficient and effective handling of problems and incidents
  • Minimised elapsed time for problem detection to resolution
  • Appropriate problem solving with respect to the agreed-upon service levels
  • Improved quality of IT services
  Risk Drivers
  • Recurrence of problems and incidents
  • Loss of information
  • Critical incidents not solved properly
  • Business disruptions
  • Insufficient service quality

View Control Practices  help

Hide Control Practices  help

  1. Establish and maintain a single problem management system to register and report problems identified and to establish audit trails of the problem management processes, including the status of each problem, i.e., open, reopen, in progress or closed. The system should register one record for each problem, including the needed information to understand the problem, relevant documentation of the problem, contact persons, time the problem was identified, known consequences, actual problem owner, any workaround performed, how and when solutions were implemented, and identification of the root cause.
  2. Identify and implement a process for problems to be assigned and analysed in a timely manner to determine the root cause. Identify problems by comparing incident data with the database of known and suspected errors (e.g., those communicated by external vendors). Upon successful root cause identification, classify problems as known errors.
  3. Associate the affected configuration items to the established/known error.
  4. Produce reports to communicate the progress in resolving problems and to monitor the continuing impact of problems not solved. Monitor the status of the problem-handling process throughout its life cycle, including input from change and configuration management.
  5. Produce reports to monitor the problem resolution against the business and customer SLAs. Ensure the proper escalation of problems, e.g., escalation to higher management level according to agreed-upon criteria, contacting external vendors or referring to the change advisory board to increase the priority of an urgent RFC to implement a temporary workaround.
  6. To maximise resources and reduce turnaround, define and implement problem management procedures for the tracking of problem trends.
  7. Identify and initiate sustainable solutions (permanent fix) addressing the root cause, and raise change requests via the established change management processes.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 10 total

Must be a Topic member to contribute
View All »
White Papers
Posted by ISACA 1534 days ago
Posted by FarmService 1541 days ago
Posted by ISACA 1590 days ago
Posted by ISACA 2230 days ago

Events & Online Learning: 0 total

No Results Found

Journal Articles: 49 total

Volume 3, 2018
by Yuri Bobbert, CISM, CISA, SCF, and Talitha Papelard-Agteres, CISM
Understanding the key factors that influence effective BIS is crucial for business leaders; otherwise, security problems can occur, which can lead to financial loss, unavailability, reputational damage or even bankruptcy.
Volume 3, 2018
by Max Alexander, CISM, CRISC, CISSP, DoD Cyber Crime Investigator
Insider threats pose a tremendous risk to an organization’s information security because, due to their nature, insiders “already have access to an organization’s most sensitive data.”
Volume 3, 2018
This article describes an approach that can be used to establish the correlation among operational IT risk, the appropriateness of mitigating measures and organizational targets.
Volume 3, 2018
by Aleksandr Kuznetcov, CISM
A SOC is a set of staff, processes, technologies and facilities that is primarily focused on identification (detection) and response to cybersecurity incidents that arise as a result of cybersecurity threat realizations.
Volume 1, 2018
by Ofir Eitan, CISM and Aviv Srour
Cyberincident response is no different than any other type of warfare. It requires strategy, tactics, planning, technology, psychology and intelligence.
Volume 1, 2018
The intent of this article is to outline a process to define a standard operational report for use cases to identify, monitor and respond to incidents and identify several security monitoring best practices.

Wikis: 2 total

Blog Posts: 15 total

5 Jun 2018
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website Service Integration...
Posted By : Peter873 | 2 comments
Have you experienced ransomware attack so far and, if yes, what did you do to resolve? I set up Twitter poll here: It lasts for seven days. Thank you for taking part in the poll.
Posted By : Dragan Pleskonjic | 5 comments
Mi primer acercamiento real al Framework (o Marco de Referencia) de ISACA COBIT 5, fue a mediados del año pasado (2016) cuando decidí tomar un curso de examinación para la certificación de COBIT® 5 Foundation (Fundamentos de COBIT 5). La jerga técnica me ...
Posted By : MNUNEZA | 0 comments
Information Security and Privacy is hot issue at present time. Number of security breaches is rapidly increasing.  In case of late detection, costs of breaches are skyrocketing. In the same time Artificial Intelligence (AI), Machine Learning (ML) are fast...
Posted By : Dragan Pleskonjic | 0 comments
“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 1 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments