Steal These ITSM AI Prompts

The copy button below gives you the full prompt with 40 sample tickets already attached, so you can paste it into any AI and watch it work before you touch your own data. It takes a batch of closed incidents — roughly 40 is a practical working size for a single AI conversation, though anything from 20 to 80 tickets produces valid output.²

Loading the prompt…

From 40 tickets logged under six unrelated categories, the AI surfaces one underlying Problem, names the single ticket that came closest to a major incident, and lays out who owns each next step. The output renders as a single, self-contained web page (HTML) — Claude opens it in the Artifacts panel; ChatGPT and Gemini render it in a canvas.

It is governed by strict guardrails: no invented vendor names, no invented KB numbers, no fabricated staff-hours, and explicit "TBD — measure first" markers anywhere the AI cannot honestly fill a value from your data.

You don't need a special account, and you don't need to understand the prompt. The copy button above already includes 40 sample tickets, so you can see the whole thing work in about two minutes.

1. Open a free AI assistant. Go to claude.ai, chatgpt.com, or gemini.google.com and sign in. The free tier is enough.
2. Copy, paste, send. Click Copy prompt, paste into the AI's message box (Ctrl+V / ⌘V), press Enter. That single paste includes the instructions and the 40 sample tickets.
3. Open the report. After a minute the AI returns a formatted report. In Claude it opens in the Artifacts panel; in ChatGPT or Gemini it appears inline (if you see raw code, reply "show this as an HTML file" or "put this in a canvas"). Save with your browser's Print → Save as PDF.

Running it on your own tickets

Once you've seen it work on the sample, swapping in your own data is easy. Read the data sanitization note below first.

1. Export your closed incidents. Pull the last 30–60 days of resolved tickets from your ITSM tool (ServiceNow, Freshservice, Jira SM, ManageEngine, BMC Helix, Zendesk — anything that exports CSV). Aim for 30–60 tickets.
2. Trim to five columns, one ticket per line: INC#### | YYYY-MM-DD HH:MM | Agent | Category | short description
3. Replace the sample data. Find the line in the prompt that reads ----- SAMPLE DATA · delete this line and everything below it to use your own tickets -----. Delete it and the 40 sample tickets, paste your own.
4. Send it. Read the report.

Using it in Copilot, Cursor, and other tools

The prompt is plain text — it runs in almost any modern AI. The analysis holds up well across capable tools; how the report looks depends on whether the tool can render a web page.

• Claude, ChatGPT, Gemini: smoothest experience. Each renders inline. If you see raw code, ask for an HTML file or canvas.
• Microsoft 365 Copilot: strong at thinking, weaker at rendering. Often returns HTML as code. Either save the code as report.html and open in your browser, or add this to the end of the prompt: "Return the report as a formatted Word document instead of HTML."
• Cursor / GitHub Copilot / dev tools: easiest place to get a clean page — create report.html, ask the AI to write into it, then preview.

What to expect — results will vary

• The analysis is the durable part. The hidden Problem, the cluster, and the canary ticket hold up across capable models. That's the value — not the colors.
• Layout varies most. If output looks thin, reply: "Expand every section to match the structure in the prompt."
• Watch for invented numbers. The prompt says to mark unsupported values "TBD — measure first." Weaker models sometimes guess. If a figure looks too confident, ask: "Which ticket supports this?"
• If a tool cuts the output short, ask in two passes: "Give me sections 1 through 11," then "now sections 12 through 22."

The prompt is a starting point, not a sacred text. Once you've seen it run, change it — just add the instruction to the end before you send:

• Narrow the focus: "Analyze only the security-related tickets" or "Ignore service requests — incidents only."
• Change the output: "Give me just the Problem Record and workarounds as a short email to my manager," or "Summarize the whole thing as five bullet points," or "Turn the executive summary into a slide."
• Change the audience: "Write the summary for a non-technical CFO who cares about cost and risk."
• Resize the input: 20–80 tickets works; more tickets, richer patterns, slightly slower.

Let the AI rewrite the prompt for you

This prompt is really a template for finding patterns in any pile of repetitive records. IT incidents are just the first use. Paste the whole prompt into your AI and ask it to retool itself:

One caution: when you change the subject matter, tell it to replace the five ITIL practices with whatever framework fits — otherwise the AI will force-fit Incident and Problem Management onto data that isn't about IT.

If the report names a pattern you've been firefighting, the next move is decision, not analysis. Open the Change Enablement path, decide which workaround is permanent vs. temporary, and assign the Problem owner. The 30-day Risk Forecast tells you what you're betting on if you don't act.

If you ran this without first running the Practice Scan, consider running it next — it'll flag any practices that have other actionable signal in the same dataset that this deep-dive didn't surface.

This prompt scans across all 34 ITIL 4 practices and tells you, in a one-page report, which ones have actionable signal in your dataset. It doesn't write deep artifacts — that's what Card 1 is for. It tells you where to look. The most common recommended next step is "run the Service Evolution Prompt focused on [practice]."

Loading the prompt…

A one-page report with seven blocks: title bar with scan counts, three-sentence TL;DR naming the most urgent practice, metadata strip, three big tiles (practices flagged · no signal · not evaluated), a flagged-practices table sorted by severity, a 34-practice index proving full coverage, and a document control footer.

The flagged table is capped at 8 rows so the page stays scannable. Each row gives a one-line finding and a one-line recommended next step.

Identical to Card 1: copy → paste into Claude / ChatGPT / Gemini / Copilot → press Enter. The Practice Scan output is a single HTML page — same rendering rules apply (Claude renders in Artifacts; ChatGPT / Copilot may print code, ask for a canvas or save it as scan.html and open in your browser).

For your own data: the scan benefits from a slightly larger sample — aim for 50–80 tickets so the breadth of practices has enough to read.

The scan tells you where. The next step depends on what it flagged:

• P1 or P2 flagged on Incident/Problem/Change: run Card 1 (Service Evolution Prompt) on that practice this week. Don't wait.
• P3 or INFO with a small specific action: do the small action — update a KB, open a Change record, file a CI Register entry — without running the deep dive.
• "No signal" across the board: the dataset is too small or too clean. Pull another month and re-scan.

The scan is designed to run weekly or monthly. Card 1 runs ad-hoc on whatever the scan surfaces.