Something I've seen over and over is a slew of non-incidents sitting in an incident management system. Sometimes they're generic service requests, sometimes they're changes, other times they may be test defects. My take is this: those things are important, but putting them together makes reporting a pain and makes it easier to lose important incident information in the "other requests" haystack. Let incident management be for incidents, and find other homes for those other items. Don't look for needles in haystacks. Make a pile of needles and a stack of hay - you'll be happier and more effective that way.