Document Investigation

The first item required to document the investigation is the initial notification of the problem. This might be a Fault Report submitted by a client, but, depending on organisational procedures, it could equally well be a transcript of a phone call or an online entry in a fault-reporting database. Records should also be kept of any meetings held with the client in order to obtain additional information about the problem.

The next item is a journal listing the steps taken to resolve the problem in a systematic manner. This is best done by applying a formal approach, such as the CompTIA Six-Step Troubleshooting Methodology:

  • Identify the problem – Question user and identify user changes to computer, and perform backups before making changes
  • Establish a theory of probable cause (question the obvious)
  • Test the theory to determine cause – Once theory is confirmed, determine next steps to resolve problem – If theory is not confirmed, re-establish new theory or escalate
  • Establish a plan of action to resolve the problem and implement the solution
  • Verify full system functionality and if applicable implement preventative measures
  • Document findings, actions, and outcomes

Next: Document Solution