← Docs
Recipe

Blameless Postmortem

A structured framework for learning from incidents without pointing fingers.

Ingredients

  • Incident timeline with timestamps
  • Detection method — how was it found?
  • Impact assessment — what broke, for how long?
  • Root cause analysis — the “five whys”
  • Remediation steps taken during incident
  • Preventative actions — what changes now?
  • One owner per action item

Method

  1. Assemble the timeline. Start from first alert to full resolution. Include every action taken, even wrong turns.
  2. Describe impact. Quantify — users affected, revenue lost, data at risk. No adjectives, just numbers.
  3. Find root cause. Ask “why” until you hit a process or system gap. Never stop at “human error.”
  4. Document what fixed it. Rollback, hotfix, config change — be specific about commands run and who ran them.
  5. List preventative actions. Each must be concrete, testable, and assigned to one person with a deadline.
  6. Share broadly. Postmortems are useless if only two people read them. Publish internally within 48 hours.

The Golden Rule

Assume everyone acted with the best information they had at the time. Blame is a bug, not a feature.

← Back to all recipes