<metaname="description"content="A collection of information about the Spearhead Systems incident response process. Not only how to prepare new employees for on-call responsibilities, but also how to handle major incidents, both in preparation and after-work.">
<metaproperty="og:title"content="Spearhead Systems Incident Response Documentation"/>
<metaproperty="og:site_name"content="Spearhead Systems Incident Response Documentation"/>
<metaproperty="og:description"content="A collection of information about the Spearhead Systems incident response process. Not only how to prepare new employees for on-call responsibilities, but also how to handle major incidents, both in preparation and after-work."/>
<metaname="twitter:title"content="Spearhead Systems Incident Response Documentation"/>
<metaname="twitter:description"content="A collection of information about the Spearhead Systems incident response process. Not only how to prepare new employees for on-call responsibilities, but also how to handle major incidents, both in preparation and after-work."/>
<p>This documentation covers parts of the Spearhead Systems technical support response process. It is used at Spearhead Systems for any technical issue (incident or service request), and to prepare new employees for technical support responsibilities. It provides information not only on preparing for an incident or service request, but also what to do during and after. It is intended to be used by those involved in our operational technical support response process (or those wishing to become part of our support team). See the <ahref="about/">about page</a> for more information on what this documentation is and why it exists.
This documentation is complementary to what is available in our <ahref="https://sphsys.sharepoint.com">existing wiki</a> and other systems that have not been open sourced.</p>
<pclass="admonition-title">Issue: Incidents and Service Request</p>
<p>At Spearhead we use the term <em>issue</em> to define any request that we receive. Issues fall into two categories: "Service Requests (SR)" and "Incidents (IN)". An IN will generally be an issue that has impact on the normal functioning of the business while a SR generally does not.</p>
<p>If you've never been on-call before or part of a support delivery team, you might be wondering what it's all about. These pages describe what the expectations are, along with some resources to help you.</p>
<ul>
<li><ahref="oncall/being_oncall/">Being On-Call</a> - <em>A guide to being on-call, both what your responsibilities are, and what they are not.</em></li>
<li><ahref="oncall/alerting_principles/">Alerting Principles</a> - <em>The principles we use to determine what things notify an engineer, and what time of day they do so.</em></li>
</ul>
<h2id="before-an-incident">Before an Incident<aclass="headerlink"href="#before-an-incident"title="Permanent link">#</a></h2>
<li><ahref="before/severity_levels/">Severity Levels</a> - <em>Information on our severity level classification. What constitutes a Low issue? What's a "Major Incident"?, etc.</em></li>
<li><ahref="before/different_roles/">Different Roles for Incidents</a> - <em>Information on the roles during an incident; Team Leader, Sysadmin, etc.</em></li>
<li><ahref="before/call_etiquette/">Incident Call Etiquette</a> - <em>Our etiquette guidelines for incident calls, before you find yourself in one.</em></li>
</ul>
<h2id="during-an-incident">During an Incident<aclass="headerlink"href="#during-an-incident"title="Permanent link">#</a></h2>
<p>Information and processes during an incident.</p>
<ul>
<li><ahref="during/during_an_incident/">During an Incident</a> - <em>Information on what to do during an incident, and how to constructively contribute.</em></li>
<li><ahref="during/security_incident_response/">Security Incident Response</a> - <em>Security incidents are handled differently to normal operational incidents.</em></li>
</ul>
<h2id="after-an-incident">After an Incident<aclass="headerlink"href="#after-an-incident"title="Permanent link">#</a></h2>
<p>Our followup processes, how we make sure we don't repeat mistakes and are always improving.</p>
<ul>
<li><ahref="after/post_mortem_process/">Post-Mortem Process</a> - <em>Information on our post-mortem process; what's involved and how to write or run a post-mortem.</em></li>
<li><ahref="after/post_mortem_template/">Post-Mortem Template</a> - <em>The template we use for writing our post-mortems for major incidents.</em></li>
<p>So, you want to learn about incident response? You've come to the right place.</p>
<ul>
<li><ahref="training/overview/">Training Overview</a> - <em>An overview of our training guides and additional training material from third-parties.</em></li>
<li><ahref="training/incident_commander.md">Incident Commander Training</a> - <em>A guide to becoming our next Incident Commander.</em></li>
<li><ahref="training/deputy.md">Deputy Training</a> - <em>How to be a deputy and back up the Incident Commander.</em></li>
<li><ahref="training/scribe/">Scribe Training</a> - <em>A guide to scribing.</em></li>
<li><ahref="training/subject_matter_expert/">Subject Matter Expert Training</a> - <em>A guide on responsibilities and behavior for all participants in a major incident.</em></li>
<li><ahref="training/glossary/">Glossary of Incident Response Terms</a> - <em>A collection of terms that you may hear being used, along with their definition.</em></li>