Incident management user roles and permissions

Incident Management user roles
Incident Management permissions

The following end user roles are for the Incident Management module of the BMC Helix ITSM: Service Desk application.

IT agent

An IT agent is any Smart IT user who performs one or more of the following jobs in your organization:

Service Desk Analyst
First- and second-line Support Analyst
Field Support Agent

IT agents perform the following kinds of activities with the required permissions:

View Incident and Work Order graphs on the Dashboard
View Service Request graphs on the Dashboard if BMC Service Request Management is installed
Access and update the following ticket types from the Ticket Console, Global search, or the Updates feed:
- incident
- work order
- service request
- task
Create incident tickets and work order tickets from Smart Recorder and from the Create menu
Add tasks to an incident or work order
Create service request records from Smart Recorder (using a service request template)
Create broadcasts from the Create New menu
Create assets from the Create New menu
Access and update assets from the Asset Console, Global search, and Updates feed

Manager

Group coordinators are responsible for the quality and integrity of the incident management processes and for the work of their support group members. They coordinate the assignment of incident requests to support staff. The group coordinator's other responsibilities include:

Monitoring incidents
Monitoring open incidents requiring assignment
Managing the assignment of incidents to their appropriate support groups for resolution
Receiving notifications of incident assignments and escalations
Facilitating the resolution of escalated incidents in accordance with the escalation policy
Ensuring the resolution of incidents within the support group's service targets
Ensuring the overall completeness and accuracy of closed incidents
Reviewing reports
Ensuring that incidents requiring root cause analysis are copied into Problem Management
Managing support group membership
Managing scripts, templates, and decision trees

On-Duty managers take over the responsibility from service owners when the owner is not available to perform the incident escalation procedure. In these situations, the on-duty manager decides whether an escalated incident must be resolved by implementing an emergency change, by recovering the affected service at its continuity site, or by continuing the resolution of the incident within the incident management process.

Service owners create and assign incident requests. They also decide whether an escalated incident needs to be resolved by implementing an emergency change, by recovering the affected service at its continuity site, or by continuing the resolution of the incident within the incident management process.

User

A user is usually an employee who needs assistance from the IT support staff to resolve an incident or implement a change. Anyone in your organization can be a user.

The incident user's responsibilities include:

Requesting support when necessary and providing the required information to help resolve the incident requests. To submit requests, they complete the Request form or contact the service desk by email or telephone.
Verifying the solution provided by the service owner organization and reopening the incident request if the solution is not acceptable

Requester Console user

Users of the Requester Console are usually employees who need assistance from the IT support staff. The user or requester is typically an employee in the organization who must have a change implemented or an incident resolved. Any member of your organization can be a requester. Non employees can also be requesters, since non registered users can submit service requests. Traditionally, after a requester made a telephone call to a central help desk, a support staff member logged the request.

BMC Helix ITSM: Service Desk: Incident Management and BMC Helix ITSM: Change Management provide user self-provisioning. Using the Requester Console, requesters can submit, track, and (in some cases) resolve their own requests, which improves the overall efficiency.

BMC Helix ITSM: Service Desk: Incident Management and BMC Helix ITSM: Change Management are preconfigured to work with the Requester Console. However, an organization can set an option to make the Requester Console unavailable. The Requester Console is the primary interface for requesters to define and view their requests. From the Requester Console, you can define a request that is submitted to BMC Helix ITSM: Change Management or Incident Management. You can also view requests and respond to a survey after the request has been resolved.

How Incident Management roles are mapped to permission groups

The Service Desk Analyst, Specialist, Group Coordinator, Operator, Operations Manager, and On-Duty Manager user roles are mapped to the following permission groups:

Role	Permission groups
Service Desk Analyst	Incident Master Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge User
Specialist	Incident User Problem User Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge User
Group Coordinator	Incident User You can give a user Master permissions if full access to Incidents is required. Problem User Give this individual Master permissions if they need full access to Problems or Known Errors. Infrastructure Change User Release Viewer Contract Viewer Asset Viewer Knowledge Viewer
Operator	Incident User Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge Viewer
Operations Manager	Incident User Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge Viewer
On-Duty Manager	Incident User Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge User

Depending upon the permissions your administrator grants to you, you can perform the following operations on an incident.

Related topic

Adding people without using templates

Permissions	Description	Application user license type
Incident Master	On the System Settings form, if the Application permission model is set to Support group and company , users with the Incident Master permission can perform the following functions: Create incidents Modify all incidents to which the Incident Master has access View Incident templates If the Application permission model is set to Support group, users must belong to a Support Group to perform the functions. For more information about the application permission model, see Applying system settings. Important: To create and modify templates, you need the Support Group Admin Functional role. With this role, modifying templates is restricted to those for which the user is a member of the Authoring Group. This role can configure: Cost Category Cost Center information Cost Rate templates Financial rules Chargeback periods Chargeback is a function of the costing subsystem and is given automatically with the other costing features; for example, access to the Product Catalog console. Best practice We recommend that you limit the use of Master permissions to key personnel who own a process (such as the Service Desk Analyst role) or who require full access to all Incidents.	Fixed or Floating
Incident User	On the System Settings form, if the Application permission model is set to Support group and company, users with the Incident User permission can perform the following functions: Create incidents Modify incidents based on functional roles and support group affiliations (that is, you must be a member or the Assigned or Owner Group to have modify access to the Incidents with this permission) View Incident templates If the Application permission model is set to Support group, users must belong to a Support Group to perform the functions. For more information about the application permission model, see Applying system settings. You must grant the Support Group Admin functional role to create and modify templates. With this role, template modification is restricted to templates for which the user is a member of the authoring group. Best practice We recommend that you limit the use of these permissions to individuals performing one of the following Service Desk roles: Group Coordinator On-Duty Manager Operations Manager Operator and Specialist Problem Coordinator Change and Release Coordinator Service Level Manager Service Owner	Fixed or Floating
Incident Submitter	On the System Settings form, if the Application permission model is set to Support group and company, users with the Incident Submitter permission can perform the following functions: Create incidents Query incidents If the Application permission model is set to Support group, users must belong to a Support Group to perform the functions. Users with Incident Submitter permissions cannot modify incidents. For more information about the application permission model, see Applying system settings. Best practice We recommend that you grant these permissions to individuals who need to submit and view incidents. Typically, these permissions are given to any who fulfills one of the roles mentioned under the Incident User permissions. User-type permissions are required if the person needs modification access.	None
Incident Viewer	Users with the Incident Viewer permission can perform the following functions: Query all incident requests Add Work Info records Update Work Info records Users with Incident Viewer permissions cannot: Submit incident requests Modify incident requests Best practice We recommend that you grant these permissions to individuals who need only read access to incidents. Typically, these permissions are given to most BMC Helix ITSM applications users (that is, users who do not already have the Master, User, or Submitter permission) for them to access incident information.	None
Incident Config	Users with Incident Config permission can perform functions that span the following components: On the Incident Management module, configure: Management application settings Incident Impact values Incident Urgency values Incident Priority weight ranges Incident Prioritization Incident rules (general field enforcement and assignment rules) Work Info inbound and outbound communications counters Decision trees Scripts Incident templates The user can create templates regardless of authoring group affiliation. However, a user can modify the template only if the user is a member of the authoring group or the support group for which the template is created. Foundation component, for KPIs, configure: Flashboard parameters KPI titles (and register, this option is an advanced option) Requestor component: Create and update Summary Definitions Best practice We recommend that you grant these permissions to individuals who configure the component functions in the preceding list. Typically, people who fulfill this role are Application Administrators.	Fixed or Floating

Users with the Incident User permission and Support Group admin functional role can create or modify incident templates of the Support Group.

For information about data access in a multitenant environment and application permission model, see Data access in a multitenant environment.

The following table describes the scope of the incident permissions:

Tasks	Incident Config	Incident Master	Incident User	Incident Submitter	Incident Viewer
View incident tickets	✅️	✅️	✅️	✅️	✅️
Create incident tickets	✅️	✅️	✅️	✅️	❌️
Submit incident tickets	✅️	✅️	✅️	✅️	❌️
Query incident tickets	✅️	✅️	✅️	✅️	✅️
Modify incident tickets	✅️	✅️	✅️	❌️	❌️
Delete incident tickets Important: Only users with AR System Administrator permission can delete incident tickets.	❌️	✅️	✅️	✅️	✅️
Add Work Info records	✅️	✅️	✅️	✅️	✅️
Modify Work Info records	✅️	✅️	✅️	✅️	✅️
View incident templates	✅️	✅️	✅️	❌️	❌️
Create incident templates (in BMC Helix ITSM)	✅️	✅️	❌️	❌️	❌️
Perform configurations on incidents including Impact, Urgency, Priority Matrices, Decision Trees, Incident Management Settings (in BMC Helix ITSM)	✅️	❌️	❌️	❌️	❌️