An incident, in the context of IT Service Management (ITSM) and security, is defined as an unplanned interruption to a service or a reduction in its quality. The scenario describes an "unplanned event" leading to a "loss of service," which is a classic service disruption. The primary objective of the incident management process is to restore normal service operation as quickly as possible and minimize the adverse impact on business operations. Therefore, the incident generated seeks to resolve the service disruption.

A. Change: A change is a planned and authorized activity to add, modify, or remove something that could have an effect on IT services. The event described was unplanned.

B. Error: An error is a known underlying cause of one or more incidents. Resolving the root-cause error is the goal of problem management, not the immediate incident response.

D. Bug: A bug is a specific type of error in software code. While a bug may have caused the incident, the immediate goal is to restore service, not necessarily to fix the bug itself.

1. NIST Special Publication 800-61 Rev. 2

Computer Security Incident Handling Guide (December 2012). Section 2.1 defines an incident

and the overall goal of the incident handling process described in Section 3 is to recover from the event

which involves resolving the service disruption (loss of availability).

2. Iden

J.

& Eikebrokk

T. R. (2013). Implementing IT Service Management: A systematic literature review. International Journal of Information Management

33(3)

512-523. This paper references the standard ITIL definition of an incident as an "unplanned interruption to an IT Service or a reduction in the quality of an IT Service" (p. 515)

which directly corresponds to a disruption. https://doi.org/10.1016/j.ijinfomgt.2013.01.004

3. AWS Security Incident Response Guide (August 2022). In the "Preparation" section

it states

"Your goal is to respond to an incident to limit the disruption and begin recovery" (p. 4). This aligns the goal of incident response with resolving the disruption.