IT Service Management AI agent collection Generate post incident reviews agentic workflow

  • Release version: Yokohama
  • Updated July 31, 2025
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of IT Service Management AI Agent Collection: Generate Post Incident Reviews Agentic Workflow

    The Post-incident Review AI agent facilitates the generation of review reports after major incidents are resolved. These reports include an Executive Summary, Customer/Service Impact, Detailed Technical Summary, and Action Items & Prevention. This process aims to enhance efficiency and minimize business impact when responding to major incidents.

    Show full answer Show less

    Key Features

    • The workflow generates reports autonomously once a major incident is closed, saving time and enhancing accuracy.
    • To set up the workflow, navigate to All > AI Agent Studio > Create and manage, and select Post-incident reviews.
    • Ensure the Active button is enabled in the Edit trigger form to allow the AI agent to function automatically.
    • Activate the Incident Management - Major Incident Management plugin to display the workflow.
    • The AI agent retrieves essential incident details, including descriptions, assignment groups, and related records such as child incidents and change requests.

    Key Outcomes

    Once the report is generated, the fulfiller receives a notification in the AI Agent Studio, allowing them to follow instructions and complete the task. Users can also trigger the report generation through the Now Assist panel by entering the major incident number. The AI agent validates the incident's status and retrieves necessary information to create the report.

    Feedback can be provided on the generated report, allowing for revisions until it meets user approval. The final report is updated in the major incident record within the Core UI and Service Operations Workspace, ensuring that all stakeholders have access to the latest information.

    Use the Post-incident review AI agent to generate a review report after a major incident is resolved. You can review and revise this report if necessary.

    Generate post incident reviews agentic workflow overview

    Using the Generate post incident reviews agentic workflow, generate reports after an incident is resolved. The report includes the following sections:
    • Executive Summary
    • Customer/Service Impact
    • Detailed Technical Summary
    • Action Items & Prevention

    The time taken to create the report after the incident is resolved may be reduced, and the business impact may be minimized when responses to major incidents are both effective and efficient. For information on how major incidents are created, see Major Incident Management process.

    To modify the Generate post incident reviews agentic workflow, duplicate it, and adjust the settings according to your requirements.

    Important:
    When you modify a use case, AI agent, or tool, make sure that you update all instructions accordingly.

    Generate post incident reviews agentic workflow

    Autonomously generate a report for the fulfiller once a major incident has been closed.

    To access the agentic workflow:
    1. Navigate to All > AI Agent Studio > Create and manage.
    2. Select Post-incident reviews.
    Important:
    In the Edit trigger form, make sure that the Active button is turned on to enable the AI agent to trigger autonomously.
    Important:
    To enable the display of the Generate post incident reviews agentic workflow, you must activate the Incident Management - Major Incident Management plugin (com.snc.incident.mim). For more information, see Activate Incident Management - Major Incident Management.

    AI agents used in the Generate post incident reviews agentic workflow

    The Post-incident review AI agent is used to fetch incident details, related records, and the post incident summary.

    Important:
    In the Define availability screen for the AI agent, make sure that the Status field is enabled to activate the AI agent.

    Generating the report

    In the agentic workflow record:
    1. Review the information in the Describe and connect screen and in the Define trigger screen, make the necessary updates, and then select Save and Continue.
    2. In the Select display screen:
      1. Choose where you want the agentic workflow output to be displayed.
      2. Use the arrow next to it to add roles that can access the agentic workflow.
        Note:
        The itil role is added by default.
      3. Select Save and test.

        The agent executes the request for the agentic workflow.

      Example of a Generate post incident reviews agentic workflow report in the ServiceNow AI Agent Studio Generate post incident reviews agentic workflow output.

    In the AI Agent Studio, the fulfiller receives a notification as soon as the report is generated, enabling them to follow the on-screen instructions and complete the task. For more information, see Request the generative AI capabilities in ITSM by using the Now Assist panel.

    Generating the Post Incident Reviews workflow in the Now Assist panel

    As a user, do the following in the Now Assist panel:
    Note:
    When the Assigned to field is populated and the major incident is moved to the resolved state, then the workflow gets triggered through the Now Assist panel.
    1. To trigger the workflow manually, open the Now Assist panel and enter the major incident number for which you want to generate the post incident review.

      The Post-incident review AI agent validates that the incident is a major incident and that it is in resolved state. If the validation fails, the workflow requests a valid major incident number.

    2. The Post-incident review AI agent retrieves the following information from the incident:
      • Short description and detailed description
      • Assignment group and assigned to user
      • Category and subcategory
      • Service and configuration item
      • Resolution notes and business impact
      • Activity logs and work notes
    3. The AI agent collects the following related records:
      • Child incident details
      • Associated problems
      • Change requests and caused-by change requests
      • Incident tasks
    4. The AI agent generates the Post Incident review report that includes the following four sections:
      • Executive Summary: This includes the non-technical overview such as the nature of the incident, duration, affected users, and the key highlights.
      • Customer / Service Impact: This includes the scope of the impact, affected regions and services, and impact to the service availability.
      • Detailed Technical Summary: This includes the technical description of failures, environmental context, root cause analysis, and the timeline of events.
      • Action Items & Prevention: This includes the completed and outstanding action items, root cause explanation, remediation steps, preventive measures.
    5. The AI agent displays the complete Post Incident Review report to the user and request feedback.
    6. The user provides the feedback by either approving the report or asking for revisions such as requesting for more concise, more detailed information or requests specific modifications.
      Table 1. Approval workflow
      If Then, the AI agent
      The user approves the request
      1. Verifies that the report has write access permissions.
      2. Updates Post Incident Report field in the major incident record. This information is updated in the major incident record in the Core UI and also in Service Operations Workspace.
      3. When the user confirms that there is no additional feedback, the AI agent concludes the workflow.
      If the user requests changes to the report
      1. Revises the report based on the feedback.
      2. Displays the updated report.
      3. Requests feedback again.
      4. Repeats the process until the user approves it.

    Post Incident Review report in Core UI Post Incident Workflow in Now Assist panel for Core UI

    Post Incident review report in Service Operations WorkspacePost Incident Workflow in Now Assist panel in Service Operations Workspace