This documentation supports the 25.1 version of BMC Helix ITSM: Service Desk.To view an earlier version, select the version from the Product version menu.

Incident Management roles and permissions

To access the incident management module in BMC Helix ITSM, you must have the Incident Master and Incident User permission. Along with these permissions, you might have to perform the functional role of Support Group Lead or Incident Manager.

The work order permissions and functional roles that are supported in BMC Helix ITSM are derived from Mid Tier. On the CTM:People form in Mid Tier, the administrator can assign the permission and functional role to BMC Helix ITSM users.

Incident Management roles

To efficiently manage incidents, BMC Helix ITSM supports the functional roles of Support Group Lead and Incident Manager. 

  • Incident Manager BMC Helix ITSM users with Incident Manager role can work with incidents.
  • Support Group Lead BMC Helix ITSM users with Support Group Lead role can modify incidents that are closed and are owned by a Support Group of which the user is a member.

Incident Management permissions

Depending upon the permissions given to you by your administrator, you can perform the following operations on an incident.

  • Incident Master — Incident Master supersedes Incident User, Incident Submitter and Incident Viewer permissions. As a BMC Helix ITSM user with Incident Master permission, you can work on Incidents independent of any functional roles or support group affiliations.
  • Incident User — The Incident User permission supersedes Incident Submitter and Incident Viewer permissions. As a BMC Helix ITSM user with Incident User permission, you can work on tickets that are Assigned or Owned by a support group to which you belong.  
  • Incident Submitter — As a user with Incident Submitter permission, you can only query and submit incidents that are Assigned or Owned by a support group to which you belong in Mid Tier. However, you cannot submit or view incidents in BMC Helix ITSM.
  • Incident Viewer — As a user with Incident Viewer permission, you can only view tickets that are Assigned or Owned by a support group to which you belong in Mid Tier. However, you cannot view incidents in BMC Helix ITSM.
  • Incident Config — As a Mid Tier user with Incident Config permission, you can access the configuration forms for Incident Management (including templates). You can also access all forms related to incident configurations including Impact, Urgency, Priority Matrices, Decision Trees, and Incident Management Settings.

The following table describes the scope of the incident permissions:

Tasks

Incident Config

Incident Master

Incident User

View incident tickets

✅️

✅️

✅️

Create incident tickets

✅️

✅️

✅️

Query incident tickets

✅️

✅️

✅️

Modify incident tickets

✅️

✅️

✅️

Add activity notes

✅️

✅️

✅️

Modify activity notes

✅️

✅️

✅️

View incident templates

✅️

✅️

✅️

Create incident templates (in Mid Tier)

✅️

✅️

❌️

Perform configurations on incidents including Impact, Urgency, Priority Matrices, Decision Trees, Incident Management Settings (in Mid Tier)

✅️

❌️

❌️

Important

  • If an incident in Closed or Cancelled status gets flagged because of end-user activity, only users with the Incident Master role can unflag these incidents. This is to ensure that the post closure end-user comments or feedback gets validated and not ignored.
  • Users who have viewer application permissions and are not agents, for example, Incident Viewer, Asset Viewer, Service Request User, Work Order View, Task User permissions cannot search for tickets in BMC Helix ITSM. The specific permissions that you assign depends on the specific role the person fulfills in your organization. A user ID can have more than one permission from each category. For more information, see Roles and permissions.


Instructions for classic interfaces

View instructions for Mid Tier

End user roles

The following end user roles are for the Incident Management module of the BMC Helix ITSM: Service Desk application. 

Roles

Responsibilities

Support staff

Service desk analysts are usually first-line support staff. A service desk analyst's responsibilities include:

  • Providing the interface between the service owner organization and its customers
  • Obtaining accurate and complete information from the user when creating the incident request, and doing so efficiently and accurately
  • Resolving as many of their registered incident requests as possible within the limitations of their access rights and their time constraints
  • Ensuring that the incident requests that they have registered, but are unable to resolve, are assigned to the most appropriate group for resolution
  • Validating incident request resolutions with their users

Specialists are usually second-line and third-line support staff. They are considered subject matter experts. Their main responsibility is to provide an accurate analysis and a diagnosis of their assigned incident requests to restore service to the affected users. A specialist's responsibilities include:

  • Resolving incident requests
  • Updating incident requests with relevant information and status changes
  • Escalating incident requests (for which resolutions can be implemented only through the change management process) to the owner of the affected service

IT agent

An IT agent is any user who performs one or more of the following jobs in your organization:

  • Service Desk Analyst
  • First- and second-line Support Analyst
  • Field Support Agent

IT agents perform the following kinds of activities with the required permissions:

  • View Incident and Work Order graphs on the Dashboard
  • View Service Request graphs on the Dashboard if BMC Service Request Management is installed
  • Access and update the following ticket types from the Ticket Console, Global search, or the Updates feed:
    • incident
    • work order
    • service request
    • task
  • Create incident tickets and work order tickets from Smart Recorder and from the Create menu
  • Add tasks to an incident or work order
  • Create service request records from Smart Recorder (using a service request template)
  • Create broadcasts from the Create New menu
  • Create assets from the Create New menu
  • Access and update assets from the Asset Console, Global search, and Updates feed

Manager

Group coordinators are responsible for the quality and integrity of the incident management processes and for the work of their support group members. They coordinate the assignment of incident requests to support staff. The group coordinator's other responsibilities include:

  • Monitoring incidents
  • Monitoring open incidents requiring assignment
  • Managing the assignment of incidents to their appropriate support groups for resolution
  • Receiving notifications of incident assignments and escalations
  • Facilitating the resolution of escalated incidents in accordance with the escalation policy
  • Ensuring the resolution of incidents within the support group's service targets
  • Ensuring the overall completeness and accuracy of closed incidents
  • Reviewing reports
  • Ensuring that incidents requiring root cause analysis are copied into Problem Management
  • Managing support group membership
  • Managing scripts, templates, and decision trees

On-Duty managers take over the responsibility from service owners when the owner is not available to perform the incident escalation procedure. In these situations, the on-duty manager decides whether an escalated incident must be resolved by implementing an emergency change, by recovering the affected service at its continuity site, or by continuing the resolution of the incident within the incident management process.

Service owners create and assign incident requests. They also decide whether an escalated incident needs to be resolved by implementing an emergency change, by recovering the affected service at its continuity site, or by continuing the resolution of the incident within the incident management process.

User

A user is usually an employee who needs assistance from the IT support staff to resolve an incident or implement a change. Anyone in your organization can be a user.

The incident user's responsibilities include:

  • Requesting support when necessary and providing the required information to help resolve the incident requests. To submit requests, they complete the Request form or contact the service desk by email or telephone.
  • Verifying the solution provided by the service owner organization and reopening the incident request if the solution is not acceptable

Requester Console user

Users of the Requester Console are usually employees who need assistance from the IT support staff. The user or requester is typically an employee in the organization who must have a change implemented or an incident resolved. Any member of your organization can be a requester. Nonemployees can also be requesters, since nonregistered users can submit service requests. Traditionally, after a requester made a telephone call to a central help desk, a support staff member logged the request.

BMC Helix ITSM: Service Desk : Incident Management  and BMC Helix ITSM: Change Management provide user self-provisioning. Using the Requester Console, requesters can submit, track, and (in some cases) resolve their own requests, which improves the overall efficiency.

BMC Helix ITSM: Service Desk : Incident Management and  BMC Helix ITSM: Change Management are preconfigured to work with the Requester Console. However, an organization can set an option to make the Requester Console unavailable. The Requester Console is the primary interface for requesters to define and view their requests. From the Requester Console, you can define a request that is submitted to  BMC Helix ITSM: Change Management or Incident Management. You can also view requests and respond to a survey after the request has been resolved.

How Incident Management roles are mapped to permission groups

The Service Desk Analyst, Specialist, Group Coordinator, Operator, Operations Manager, and On-Duty Manager user roles are mapped to the following permission groups:

Role

Permission groups

Service Desk Analyst

  • Incident Master
  • Problem Viewer
  • Infrastructure Change Viewer
  • Release Viewer
  • Contract Viewer
  • Asset Viewer
  • Knowledge User

Specialist

  • Incident User
  • Problem User
  • Infrastructure Change Viewer
  • Release Viewer
  • Contract Viewer
  • Asset Viewer
  • Knowledge User

Group
Coordinator

  • Incident User
    You can give a user Master permissions if full access to Incidents is required.
  • Problem User
    Give this individual Master permissions if they need full access to Problems or Known Errors.
  • Infrastructure Change User
  • Release Viewer
  • Contract Viewer
  • Asset Viewer
  • Knowledge Viewer

Operator

  • Incident User
  • Problem Viewer
  • Infrastructure Change Viewer
  • Release Viewer
  • Contract Viewer
  • Asset Viewer
  • Knowledge Viewer

Operations
Manager

  • Incident User
  • Problem Viewer
  • Infrastructure Change Viewer
  • Release Viewer
  • Contract Viewer
  • Asset Viewer
  • Knowledge Viewer

On-Duty
Manager

  • Incident User
  • Problem Viewer
  • Infrastructure Change Viewer
  • Release Viewer
  • Contract Viewer
  • Asset Viewer
  • Knowledge User

Incident Management permissions

The following table describes the operations you can perform on an incident based on permissions:

Important

Add licenses only for the features and number of users that correspond to your license entitlements. Your subscription or purchase determine your license entitlements.

Permissions

Description

Application user license type

Best practice

Incident Master

On the System Settings form, if the Application permission model is set to Support group and company , users with the Incident Master permission can perform the following functions:

  • Create incidents
  • Modify all incidents to which the Incident Master has access
  • View Incident templates

If the Application permission model is set to Support group, users must belong to a Support Group to perform the functions. For more information about the application permission model, see Applying system settings.

Important: To create and modify templates, you need the Support Group Admin Functional role. With this role, modifying templates is restricted to those for which the user is a member of the Authoring Group. This role can configure:


    • Cost Category
    • Cost Center information
    • Cost Rate templates
    • Financial rules
    • Chargeback periods

Chargeback is a function of the costing subsystem and is given automatically with the other costing features; for example, access to the Product Catalog console.

Fixed or Floating

We recommend that you limit the use of Master permissions to key personnel who own a process (such as the Service Desk Analyst role) or who require full access to all Incidents.

Incident User

On the System Settings form, if the Application permission model is set to Support group and company, users with the Incident User permission can perform the following functions:

  • Create incidents
  • Modify incidents based on functional roles and support group affiliations (that is, you must be a member or the Assigned or Owner Group to have modify access to the Incidents with this permission)
  • View Incident templates

If the Application permission model is set to Support group, users must belong to a Support Group to perform the functions. For more information about the application permission model, see Applying system settings. 

You must grant the Support Group Admin functional role to create and modify templates. With this role, template modification is restricted to templates for which the user is a member of the authoring group.

Fixed or Floating

We recommend that you limit the use of these permissions to individuals performing one of the following Service Desk roles:


    • Group Coordinator
    • On-Duty Manager
    • Operations Manager
    • Operator and Specialist
    • Problem Coordinator
    • Change and Release Coordinator
    • Service Level Manager
    • Service Owner

Incident Submitter

On the System Settings form, if the Application permission model is set to Support group and company, users with the Incident Submitter permission can perform the following functions:

  • Create incidents
  • Query incidents

If the Application permission model is set to Support group, users must belong to a Support Group to perform the functions.

Users with Incident Submitter permissions cannot modify incidents. For more information about the application permission model, see Applying system settings.

None

We recommend that you grant these permissions to individuals who need to submit and view incidents. Typically, these permissions are given to any individuals who fulfill one of the roles mentioned under the Incident User permissions. User-type permissions are required if the person needs modification access.

Incident Viewer

Users with the Incident Viewer permission can perform the following functions:

  • Query all incident requests
  • Add Work Info records
  • Update Work Info records

Users with Incident Viewer permissions cannot:

  • Submit incident requests 
  • Modify incident requests

None

We recommend that you grant these permissions to individuals who need only read access to incidents. Typically, these permissions are given to most BMC Helix ITSM applications users (that is, users who do not already have the Master, User, or Submitter permission) for them to access incident information.

Incident Config

Users with Incident Config permission can perform functions that span the following components:

  • On the Incident Management module, configure:
    • Management application settings
    • Incident Impact values
    • Incident Urgency values
    • Incident Priority weight ranges
    • Incident Prioritization
    • Incident rules (general field enforcement and assignment rules)
    • Work Info inbound and outbound communications counters
    • Decision trees
    • Scripts
    • Incident templates

The user can create templates regardless of authoring group affiliation. However, a user can modify the template only if the user is a member of the authoring group or the support group for which the template is created.

  • Foundation component, for KPIs, configure:
    • Flashboard parameters
    • KPI titles (and register, this option is an advanced option)
  • Requestor component:
    • Create and update Summary Definitions

Fixed or Floating

We recommend that you grant these permissions to individuals who configure the component functions in the preceding list. Typically, people who fulfill this role are Application Administrators.

Users with the Incident User permission and Support Group admin functional role can create or modify incident templates of the Support Group.

For information about data access in a multitenant environment and application permission model, see Data access in a multitenant environment.

Scope of the incident permissions

The following table describes the scope of the incident permissions: 

Tasks

Incident Config

Incident Master

Incident User

Incident Submitter

Incident Viewer

View incident tickets

✅️

✅️

✅️

✅️

✅️

Create incident tickets

✅️

✅️

✅️

✅️

❌️

Submit incident tickets

✅️

✅️

✅️

✅️

❌️

Query incident tickets

✅️

✅️

✅️

✅️

✅️

Modify incident tickets

✅️

✅️

✅️

❌️

❌️

Delete incident tickets

Important: Only users with AR System Administrator permission can delete incident tickets.

❌️

✅️

✅️

✅️

✅️

Add Work Info records

✅️

✅️

✅️

✅️

✅️

Modify Work Info records

✅️

✅️

✅️

✅️

✅️

View incident templates

✅️

✅️

✅️

❌️

❌️

Create incident templates (in Mid Tier)

✅️

✅️

❌️

❌️

❌️

Perform configurations on incidents including Impact, Urgency, Priority Matrices, Decision Trees, Incident Management Settings (in Mid Tier)

✅️

❌️

❌️

❌️

❌️

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*