What is the difference between an Incident and a Service Request?

  • 27 March 2014
  • 5 replies

I'm setting up Freshservice for the first time and playing with the features. I was wondering, when creating a ticket, what is the difference between an incident and a service request?

This topic has been closed for comments

5 replies


This is one of the oft confused aspects of ITIL and I find this a highly debatable topic on the internet. I will keep this brief. 

The book definition of an incident is "an unplanned interruption to an IT service". A scenario would be when an authorised personnel is unable to access services that should be available to him. Eg. internet not working in the office.

A service request is when a demand is raised by the user to something that he does not have in the first place. A scenario would be requesting a new asset. Eg. A user asking IT to provide him access to a printer.

Hope this clarifies!



Badge +1

Hi Wesley,


You’ve voiced an interesting
question in ITIL. This may seem simple, if you understand the fundamental
difference between service request and incident.


To compliment what Narain
has said, here are few use cases:


Use case 1:


A sales person raised a
request asking for an access to Electronic Health Records (EHR) service in a


In general, a sales person
by his role doesn’t need an access to EHR service. However, let us assume that
every other sales person have an access. Then it just becomes another service
request to share the credentials.


But what if the answer is
NO. The IT team can deny the access to the sales person or copy his/her manager
for approval.


So, this can be considered a
service request with/ without approval depending upon your internal corporate


In other words:

1) A service request might
go through an approval process, if needed. If the user is eligible, they may be
given the access or even be rejected, if doesn’t comply the policy.

2) A service request is
usually tied close to the requestor’s employment, roles and responsibilities.


Use Case 2:


A user has raised a request
saying that he couldn’t access the pay-roll server.


The screen throws an error
message saying –


(a) Unable to connect to the server and other users are also having
a similar issue.

(b) Enter a proper user name and password to access the service.


In scenario (a), there is a
service disruption. So it is an incident.

Note: Raising an incident
doesn’t need any approval. As an employee, they are eligible to get the access to
the pay-roll service.


In scenario (b), The service
is up and running and other could access the pay-roll service. It is a trouble
with user credentials (By the way, from a change management perspective a Password
reset request is considered a Standard Change, which doesn’t need any approval
to carry out the change), so this is again considered a Service Request.


At times an Incident could
be a raised by a staff irrespective of their employment, roles and

A nursing staff in a
hospital raises a request saying that none of the CCTV cameras seems working in
second floor.

Is he/she responsible to
cross check the service? No. They just made a note of it and reporting it
immediately. Irrespective of the roles and responsibilities, if a service failure/degradation
is reported, it is considered ‘Disruption to the normal course of business
service‘ – Which is an ‘Incident’.


I suppose, by now you got
the difference.


Please feel free to share,
if you have any specific scenarios that puts you in dilemma whether to consider
it as Service Request or Incident. We’ll be happy to share our thoughts.


Kal Ram

Best analogy I have ever heard:

Service Request: A customer orders soup

Incident: The customer reports there is a fly in the soup

Of course, if he ordered a fly in his soup, that's called "functioning as designed."  :)

^ That made my day, Bethany! :D

Hello Kal and Narain,

To put a finer point on it, Incidents reflect some element of the IT infrastructure that is not functioning normally, and requires intervention. Service requests have to do with the use of IT services that are functioning normally. For example, if a user forgets his password and calls for a password reset, that would be a Service Request. The user needs assistance, but all aspects of the system that he is attempting to use are functioning correctly. 

Also - help desk calls can appear to be reporting an Incident when they, in fact, are not. For example, a caller reports that he has lost wireless access. It could be a problem with the IT wireless service, or it could be that his laptop wireless card has conked out, or perhaps his ISP has just cut him off for non-payment. Only after a diagnosis is made can we tell if it is an Incident (IT service not functioning normally) or some other problem.

The reason for splitting these hairs is that the Incident database, accumulated by an organization over time, provides important information about the performance and reliability of IT services, as well as trend analysis that allows for targeting resources where they are needed. If this data is contaminated with non-Incidents that have nothing to do with how your IT services are performing, then the value of the knowledge database is severely compromised, or ruined entirely.


PS. Major Service Desk software vendors, for the most part, do not understand Incident Management at all!