ITSM Workflow Intelligence v25

Open Source · No Server · No Setup

ITSM Workflow
Intelligence Tool

Structured guidance from first alert to service review. Paste-ready outputs for ServiceNow, Jira and Confluence. No setup, no server, no licence.

ITIL 4 Aligned FCA / PRA Ready DORA Article 9 🧠 Decision log with audit trail 🔒 Sanitise outputs for external sharing 📊 SLA health bar — Green → Amber → Red 📋 Live checklist progress tracking Routing Intelligence 🤖 Pre-flight AI review agent ⬛ War Room Pulse 🔍 Cross-session pattern detection 🔄 Self-updating regulatory guidance 📋 Live regulatory status indicator

The Problem

The incident record is always the last thing to get attention

Good documentation is always the last thing to get attention and the first thing asked for in a post-incident review, a regulatory audit or a service board. This tool makes structured, accurate records the path of least resistance at every stage.

🔄

Context lost on every handoff. The next team starts from scratch. Same things investigated twice.

⏰

Monthly service pack takes three days. Chasing updates from six teams, manually assembling the RAG status.

📋

ServiceNow records are incomplete. MTTA/MTTR wrong, root cause blank, close code missing.

🏦

Regulatory exposure. FCA/PRA expects complete and accurate incident records. Gaps found in review.

Always One Click Away

Persistent navigation rail. Every workspace visible at all times. Full Mode or Lite Mode. No menus.

🚨

Incident

Stage 2

📞

Customer Report

⚡

P1 Fast Track

📥

Pick Up Incident

🎓

Practice Run

📋

Retrospective

📊

Reporting

🔌

Integration

🔎

Problem Record

🔄

Change Request

📖

Glossary

⚠ KI 🔍 ?

⚡

P1 Fast Track

Bridge pack in 90 seconds. SLA clock with pause and hold.

Critical incident

🔄

Change Request

Standalone CHG record. Rollback decision tree. Step builder. Freeze window detection.

Updated v25

💡

Routing Intelligence

Assignment group suggested as you type the observation. Applies to first-line quick capture and full workflow.

New in v25

🔍

Pattern Analysis Engine

35 checks. Probable cause, interpretation and recommended action for each. Runs automatically from entered data.

New in v25

P1 Fast Track

Bridge pack ready.
90 seconds.

When the payment gateway is down at 2am, there is no time for a 7-stage workflow. Five fields. One click. Bridge pack ready, SLA clock running, full incident record pre-populated in the background. Complete the detail when the pressure eases.

5

fields

90s

to bridge pack

P1

SLA clock

⚡ P1 Fast Track: Critical Incident Response

What is down?

Payment Gateway / PAY-GW-PROD-01

Major Incident Manager

Sarah Chen, Platform Engineering

Bridge / Call details

MS Teams bridge. Link pinned in #incidents.

Initial diagnosis

DB connection pool exhaustion / PAY-DB-PROD-02

P1 SLA Countdown — mm:ss in the final hour

00:47:23

Green → Amber → Red 35% consumed

Desktop notification fires at ≤10 minutes remaining

7 Stages. 8 Outputs. Everything Connected.

Every stage feeds the next. Every stage generates structured paste-ready outputs.

1

Triage

Impact scoring, severity, smart hints

2

Incident

SLA clock, reassignment tracker, obs context

3

Major Inc

Bridge pack, comms templates, MIM checklist

4

Problem

Known error, KEDB, problem_state

5

RCA

5 Whys or Fishbone. Both guided.

6

Change

Risk score, CAB, lifecycle tracker

7

Outputs

8 structured outputs, paste-ready

📋

ServiceNow Incident

SNow SOW

🐛

Jira Bug

Jira backlog

📖

Confluence PIR

Confluence

🔎

Problem Record

SNow PRB

🔄

Change Request

SNow CHG

🔬

RCA Report

Confluence

📡

Status Page

Public comms

📜

Jira Story

Improvement tracking

Reassignment Tracker

Context survives every handoff

Every team that touches an incident records what they investigated, what they ruled out and a handoff note for the next team. Context loss on reassignment is the single biggest cause of SLA breach on complex incidents. This stops it.

1

Service Desk → Platform Engineering

Initial routing

Checked app monitoring. All green. No alerts. Unable to identify. Not our layer.

📋 Handoff: Start with DB layer. Latency elevated on PAY-DB-PROD-02

2

Platform Engineering → DBA Team

Investigation complete

Confirmed connection pool exhaustion. Application layer is clean. DB issue confirmed.

📋 Handoff: Connection pool 100% since 14:32. DBA on-call: Sarah Chen. Check replica lag.

3

DBA Team — Current

SLA Warning

Root cause identified: index rebuild job consuming all connections. Fix in progress.

New in v25

Pick Up Existing Incident

Most teams are not taking customer calls — they are picking up incidents that have been routed to their queue. Enter the INC reference, paste the description from ServiceNow. The tool pre-populates the incident record and creates the first reassignment entry automatically.

📥 Pick Up Existing Incident

Incident Reference

INC0047832

How it reached your team

Handed off — L1 routing

Description (paste from ServiceNow)

Statement download returning 503, ~340 enterprise customers since 09:23. Service Desk investigated. No alerts on monitoring. Unable to identify cause. Routing to Platform Engineering.

What the previous team investigated

Application health — green. API gateway responding normally. Network ruled out. Not our layer — routing to Platform Engineering.

Service Review Reporting

Six tabs. Full picture.
One workspace.

The monthly service pack that normally takes three days. Structured data entry, auto-calculated RAG, executive narrative in one click.

⚙

Configuration

Unlimited teams, Lab to Platform hierarchy. Per-team RAG thresholds. Custom P1-P5 severity codes.

📊

RAG Dashboard

Auto-calculated from entered data. P1/P2 SLA %, change success rate, rollback rate, MTTR trend. Override available.

🔍

Pattern Analysis

5 auto-detected patterns: multiple teams RED, elevated P1 volume, high rollback rate, overdue problem records, MTTR worsening.

📝

Executive Narrative

Verbatim text. Names teams, calls out patterns, states decisions required. Paste directly into a board pack.

📅

Period History

Save monthly periods, compare to previous. One-click quarterly rollup built from saved monthly data.

5

Green

3

Amber

1

Red

Monthly

Report mode

Team	RAG	P1 SLA	Changes	Rollbacks	MTTR	Trend
Payments Platform	G	98%	97%	1	42m	↑
Digital Channels	A	87%	88%	3	78m ↑	↓
Data Engineering	R	74%	71%	5	112m ↑	↓

CRITICAL — Data Engineering — Rollback rate: 60%

Probable cause: Changes reaching production without adequate confidence. Action: Freeze non-critical changes pending review.

Executive Narrative — Governance Committee style

⚡ Decisions required: 1. Recovery plan for Data Engineering — team lead to present root cause and remediation timeline before close of this meeting. 2. CAB chair to present change quality findings within 2 weeks.

Copy narrative · Style: Board / Ops / Briefing →

Integration Hub

Live data in.
Structured outputs out.

A full JavaScript API surface and webhook receiver for 9 monitoring platforms. Automation populates the incident record. Engineers review, complete and generate outputs. No copy-paste from alerting to ITSM.

Dynatrace

Datadog

New Relic

Grafana

CloudWatch

Azure Monitor

ServiceNow

GitHub Actions

Generic JSON

Integration Hub — JS API

// Dynatrace webhook → auto-populate incident
window.ITSMTool.loadWebhookPayload({
  "ProblemID": "P-12345",
  "ProblemTitle": "Response time degradation",
  "ProblemSeverity": "PERFORMANCE",
  "ImpactedEntities": "payment-service"
}, 'dynatrace');

// Or use the JS API directly
window.ITSMTool.setSeverity('P2');
window.ITSMTool.loadObsContext({
  platform: 'dynatrace',
  aiFinding: 'Connection pool exhaustion...',
  metrics: [{ name: 'Error Rate', value: '23%' }]
});

// Read all generated outputs
const outputs = window.ITSMTool.getOutputs();
console.log(outputs.servicenow);
      

New in v25

🧠 Intelligence & Audit Trail

Tools that don't just capture data — they support decisions and protect data

🧠

Decision Log

Log key decisions with automatic timestamps during the incident. Feeds directly into the PIR and handover pack. Creates the audit trail that post-incident reviews depend on.

Stage 2 — Incident workspace

🔒

Sanitise Export

One toggle replaces emails, IPs, ticket references and proper names with [REDACTED] across all 7 outputs. Share externally without a data review step.

All outputs · one click

📋

Checklist Progress

The Post-Incident Action Checklist shows a live progress bar and completion percentage. Green when all items are done.

Live progress bar

🤖

Pre-flight Review Agent

Rules-based AI surfaces blocking issues, regulatory flags and quality gaps before outputs are generated. Human in the loop — every finding is dismissable.

Before output generation

📋

📋 Reg — Regulatory Status

A nav button with a live notification dot. Blue dot activates when the weekly monitor detects a new FCA, DORA or ICO publication. Passive when all is current. Zero maintenance required.

Nav rail · weekly monitor

Human in the Loop · Rules-Based AI

🤖 Pre-flight Review Agent

The tool reviews your incident data before generating outputs — not generative AI, but a deterministic rules engine. Every finding explained, every finding dismissible.

Open Source · Free to Use

Practitioner-built. Production
grade. Completely free.

From first alert to service review — with a rules-based pre-flight review agent, decision logs, SLA health bars, War Room Pulse and live checklist progress. Incident, problem, change, RCA, reporting and integration in one place. Self-updating regulatory content — FCA/DORA/GDPR guidance maintained independently of the tool, always current. Single HTML file. Nothing to install.

7

Workflow stages

7

Practice scenarios

8

ITSM outputs

428

Functions

130+

Glossary terms

35

Pattern checks

0

Dependencies

🔗 github.com/Zeus-17/itsm-workflow-intelligence