AgentSkillsCN

Ticket Triage

当您需要对任意PSA平台的工单进行初步分类、确定优先级、归类整理、路由分配并给出首次响应时,可使用此技能:无论您使用的是Autotask、ConnectWise、HaloPSA或其他平台,这套通用的最佳实践都能帮助您高效处理工单。

SKILL.md
--- frontmatter
description: >
  Use this skill when triaging tickets in any PSA - determining priority,
  categorization, routing, and initial response. Vendor-agnostic best
  practices for efficient ticket handling applicable to Autotask,
  ConnectWise, HaloPSA, and other platforms.
triggers:
  - ticket triage
  - prioritize ticket
  - categorize ticket
  - ticket routing
  - ticket assessment
  - initial ticket response
  - ticket classification
  - service desk triage

Ticket Triage Best Practices

Overview

Ticket triage is the critical first step in service delivery. Proper triage ensures tickets are correctly prioritized, categorized, and routed to the right team for efficient resolution. These practices apply across all PSA platforms.

The Triage Process

Step 1: Initial Assessment

Within 2-5 minutes of ticket receipt:

  1. Read the full ticket - Title, description, any attachments
  2. Identify the reporter - Is this an authorized contact?
  3. Determine scope - Single user, multiple users, entire site?
  4. Check for urgency indicators - VIP, production down, security issue?

Step 2: Duplicate Detection

Before proceeding:

  1. Search open tickets for same company
  2. Look for similar issues in last 24-48 hours
  3. Check for related alerts from monitoring

If duplicate found:

  • Link to existing ticket
  • Notify user their issue is being tracked
  • Close or merge as appropriate

Step 3: Priority Assignment

Use impact and urgency to determine priority:

Low UrgencyMedium UrgencyHigh Urgency
High ImpactMediumHighCritical
Medium ImpactLowMediumHigh
Low ImpactLowLowMedium

Impact Assessment

LevelDescriptionExamples
HighBusiness operations severely affectedServer down, email outage, ransomware
MediumProductivity impacted but workarounds existApp slow, printer offline, VPN issues
LowMinor inconvenienceSingle user issue, how-to question

Urgency Assessment

LevelDescriptionExamples
HighImmediate action requiredSecurity breach, executive request
MediumSame-day attention neededUser blocked, deadline approaching
LowCan wait for normal queueScheduled changes, non-critical requests

Step 4: Categorization

Assign issue type and sub-type:

Common Categories

CategorySub-Categories
HardwareWorkstation, Server, Printer, Network Device, Mobile
SoftwareApplication, Operating System, Driver, Update/Patch
NetworkConnectivity, VPN, Firewall, DNS, DHCP
EmailOutlook, Exchange, M365, Spam/Phishing
SecurityMalware, Access Request, Breach, Policy Violation
CloudAzure, AWS, SaaS Applications
AccountPassword Reset, Access Rights, New User, Termination

Step 5: Routing

Route to appropriate queue/team:

Issue TypeTypical Route
Simple requestsService Desk
Complex technicalEscalations / Tier 2
Network/InfrastructureNetwork Team
Security incidentsSecurity Team
On-site requiredDispatch Queue
ProjectsProject Queue
Monitoring alertsNOC

Step 6: Initial Response

Send acknowledgment within SLA window:

Good initial response includes:

  • Confirmation ticket received
  • Expected response time
  • Any immediate steps user can take
  • Ticket number for reference

Example:

Thank you for contacting support. We've received your ticket (#12345) regarding email connectivity issues.

A technician will be in touch within 2 hours per your service agreement.

In the meantime, please try restarting Outlook and let us know if that resolves the issue.

Priority Guidelines

Critical Priority (P1)

Criteria:

  • Complete business outage
  • Security breach in progress
  • Production systems down
  • Data loss occurring

Response: Immediate acknowledgment, active work begins immediately

Examples:

  • Server down affecting all users
  • Ransomware detected
  • Email system outage
  • Phone system down

High Priority (P2)

Criteria:

  • Major productivity impact
  • Multiple users affected
  • Executive or VIP request
  • Time-sensitive business need

Response: Within 1 hour

Examples:

  • Department-wide application failure
  • CFO laptop issue during quarter close
  • VPN down for remote team
  • Backup failure

Medium Priority (P3)

Criteria:

  • Single user or small group affected
  • Workarounds available
  • Non-critical systems

Response: Within 4-8 hours

Examples:

  • Application running slowly
  • Non-critical printer offline
  • Single user email issue
  • Software installation request

Low Priority (P4)

Criteria:

  • Minimal impact
  • Enhancement requests
  • Scheduled work
  • How-to questions

Response: Within 24-48 hours

Examples:

  • Password reset
  • Training request
  • Feature question
  • Scheduled software install

Red Flag Indicators

Escalate Immediately

  • "Security" or "breach" mentioned
  • "Everyone" or "all users" affected
  • "Down" or "outage" mentioned
  • Executive or VIP reporter
  • Financial systems involved
  • Compliance/audit mentioned

Check Contract Status

  • First ticket from company
  • Company marked inactive
  • No contract visible
  • Billing disputes mentioned

Potential Phishing

  • Urgent wire transfer requests
  • Password reset requests via email
  • Suspicious sender addresses
  • Links to unknown sites

Documentation During Triage

Record in ticket notes:

  1. Impact summary - Who/what is affected
  2. Triage decision - Why this priority/category
  3. Initial steps taken - What you verified/checked
  4. Next actions - What needs to happen

Example triage note:

Triage Note:

  • Impact: Single user, Outlook not loading
  • Scope: User's workstation only, other apps working
  • Priority: Medium - user can use webmail as workaround
  • Category: Software > Application > Microsoft Outlook
  • Route: Service Desk
  • Initial check: Confirmed user credentials working, O365 service healthy
  • Next: Remote session to troubleshoot Outlook profile

Common Triage Mistakes

Avoid These Pitfalls

  1. Over-prioritizing - Not everything is Critical
  2. Under-categorizing - Be specific, not generic
  3. Skipping duplicate check - Creates confusion and double work
  4. No initial response - User thinks they're ignored
  5. Insufficient information - Don't escalate without details
  6. Wrong routing - Creates unnecessary handoffs

Quality Triage Checklist

  • Read full ticket details
  • Checked for duplicates
  • Verified reporter authorization
  • Assessed impact and urgency correctly
  • Assigned appropriate priority
  • Categorized specifically
  • Routed to correct queue
  • Sent initial response
  • Documented triage decision

Metrics to Track

MetricTargetPurpose
Triage Time< 5 minResponsiveness
Misrouted %< 5%Quality
Re-prioritized %< 10%Accuracy
First Response SLA> 95%Customer satisfaction
Duplicate Rate< 5%Process efficiency

Related Skills