The first step in any incident response process is to determine what actually constitutes an incident. We have two high level categories for classifying incidents: these are "SR" or "IN" defintions with an attached priority of "Minor", "Normal" or "Major". "SR" are "Service requests" initiated by a customer and usually do not constitute a critical issue (there are exceptions) while "IN" are "incidents" which are generally "urgent".
All issues reported to Spearhead are to be classified as either a Service Request or an Incident. Incidents have priority over Service Requests provided that there are no Service Requests with a higher priority. In general you will want to resolve a higher severity SR or IN than a lower one (a "Major" priority gets a more intensive response than a "Normal" incident for example).
If you are unsure which level an incident is (e.g. not sure if IN is Major or Normal), **treat it as the higher one**. During an incident is not the time to discuss or litigate severities, just assume the highest and review during a post-mortem.
<tableclass="custom-table">
<thead>
<tr>
<th>Severity</th>
<th>Description</th>
<th>What To Do</th>
</tr>
</thead>
<tbody>
<tr>
<tdclass="sev-1">Major</td>
<td>
<ul>
<li>The system is in a critical state and is actively impacting a large number of customers.</li>
<li>Functionality has been severely impaired for a long time, breaking SLA.</li>
<li>Customer-data-exposing security vulnerability has come to our attention.</li>
</ul>
</td>
<td>See <ahref="/during/during_an_incident">During an Incident</a>.</td>
When creating Cards in Doit, be as specific as possible and include all necessary details. Include relevant details regarding when the issue started, what may have triggered it, etc.. Document your efforts through worklogs and be specific there as well.