What is MTTD?

MTTD, or Mean Time to Detect, is a performance indicator that measures the mean time it takes for an organization to detect an incident. IT organizations use MTTD metrics to assess the effectiveness of monitoring and management systems. MTTD is also used to look at the efficient of communication routes from the end-user to the troubleshooting parties. MTTD is a common metric used when assessing the difference made by a new tool or approach. 

How is MTTD calculated? 

To calculate MTTD, measure the time when the incident began and the time when it was detected. For example, to calculate MTTD, measure the time when the incident began and the time when it was detected. If the time that an incident began was at 1:00 p.m. and someone noticed it at 1:15 p.m., then it took 15 minutes to be noticed. Keep a record of the incident per month, then calculate the mean time by adding the elapsed time to be noticed for each incident, and then divide by the total number of incidents. Some organizations may choose to remove an outlier that will disrupt the overall data. Organizations can also group incidents by severity to isolate and determine the mean time it takes to detect severe issues.

Why does a low MTTD matter?

A low mean time to detect indicates a fast indication of an incident. It is important to keep a low mean time as the longer an incident goes undetected, the problems can arise, such as a greater financial loss. The sooner the incident is detected, the sooner it can be fixed. A high detection time indicates that an organization has a poorly functioning incident management.

MTTD Best Practices

MTTD also affects DevOps as tracking the metric can assess the fitness of an organization’s monitoring systems such as incident management and log management. With the growing importance of MTTD, it is important to outline best practices:

  • Optimize incident response plans: Creating a well-structured plan can provide optimal performance.
  • Strategize: Examining different ways to handle the incidents allows DevOps teams to determine which resources to invest in to better enhance their IT monitoring practices.
  • Automate: Automating is a crucial component of DevOps. Automating incident detections allows for a more accurate data collection and more efficient IT Service Management (ITSM) processes.

Related IT Incident Management Metrics 

MTTD is only one of many of the metrics utilized to measure IT incident response. The following are additional metrics to measure incident response: 

  • Mean time to repair or restore (MTTR), how long to resolve an incident once detected;
  • Mean time between failures (MTBF), the duration of time an IT deployment goes with an outage or performance degradation; and
  • First time resolution rate (FTTR), which demonstrates how effectively a team troubleshoots the problem.

First-time resolution rate and MTTR assess the response skills, such as IT management capabilities, of a response team. The combined metrics of MTTD and MTTR analyze the timeline of incident response.  

Learn more about incident management metrics>

« Back to Glossary Index
X