The best recommendation to help prevent the situation where IT support staff were put in a position to make decisions beyond their level of authority during the review of a system disruption incident is to introduce escalation protocols. Escalation protocols are policies and procedures that define who should be notified, involved, or consulted when an incident occurs, how the communication and handover should take place, and what criteria or triggers should be used to escalate the incident to a higher level of authority or expertise2. Escalation protocols help to ensure that:

Incidents are handled by the appropriate staff with the required skills, knowledge, and experience

Incidents are resolved in a timely and effective manner

Incidents are escalated to senior management or specialized teams when necessary

Incidents are documented and reported accurately and transparently

Incidents are analyzed and learned from to prevent recurrence or mitigate impact

Therefore, by introducing escalation protocols, an organization can improve its incident management process and avoid putting IT support staff in a position to make decisions beyond their level of authority.