Blameless post-mortem
Definition
A cultural approach to post-incident review, popularised in site reliability engineering, in which the analysis focuses on systemic and process failures rather than individual error. The framing assumes that skilled people make mistakes when systems and processes create conditions for failure, and that honest reporting improves when individuals are not penalised for their involvement.
Related terms
- Action item
- A specific, time-bound improvement task generated by a post-incident finding. An action item has a named owner, a target completion date, a...
- Lessons-learned register
- A persistent record, maintained by the security programme, that links each post-incident action item to the originating incident, tracks its status, and...
- Post-incident activity
- The NIST SP 800-61 label for the final phase of the incident response lifecycle. It encompasses evidence retention, lessons-learned meetings, and the...
- Root-cause analysis (RCA)
- A structured method for identifying the underlying systemic cause of a failure rather than its immediate trigger. Common techniques in incident review...
- Timeline reconstruction
- The process of ordering digital events from multiple sources into a single chronological account. Requires normalising all timestamps to a common reference...
Explained in
- Post-Incident Review and Lessons LearnedA cultural approach to post-incident review, popularised in site reliability engineering, in which the analysis focuses on systemic and process failures rather...