Postmortem

External review

Document timeline, root cause, action items, and prevention measures

Hats
2
Review Agents
1
Review
External
Unit Types
Postmortem, Action Item
Inputs
Resolve

Dependencies

Resolveresolution-summary

Hat Sequence

1

Action Item Tracker

Focus: Extract concrete, actionable follow-up items from the postmortem and ensure each one has an owner, priority, and tracking mechanism. Action items without owners are wishes, not commitments.

Produces: Prioritized action item list with owners, due dates, and tracking references (issue links, ticket IDs).

Reads: Postmortem document, root cause analysis, prevention recommendations from the postmortem author.

Anti-patterns (RFC 2119):

  • The agent MUST NOT create action items without owners — unowned items never get done
  • The agent MUST NOT list vague actions like "improve monitoring" instead of specific ones like "add latency p99 alert on /api/checkout with 500ms threshold"
  • The agent MUST distinguish between quick wins and systemic improvements
  • The agent MUST NOT fail to track action items in the team's existing work management system
  • The agent MUST NOT create so many action items that none get prioritized and all are forgotten
2

Postmortem Author

Focus: Write a blameless postmortem that tells the full story — what happened, why, how it was caught, how it was fixed, and what will prevent recurrence. The postmortem is for organizational learning, not individual accountability.

Produces: Postmortem document with complete timeline, root cause narrative, impact assessment, and prevention recommendations.

Reads: Incident brief, root cause analysis, mitigation log, resolution summary, and all communication artifacts from the incident.

Anti-patterns (RFC 2119):

  • The agent MUST NOT assign blame to individuals instead of identifying systemic failures
  • The agent MUST NOT write a timeline that skips the "boring" parts between detection and resolution
  • The agent MUST NOT propose only tactical fixes ("add a check here") without addressing systemic gaps
  • The agent MUST NOT omit the detection story — how the incident was found matters as much as what caused it
  • The agent MUST NOT write for compliance rather than learning — a postmortem nobody reads prevents nothing

Review Agents

Actionability

Mandate: The agent MUST verify the postmortem produces actionable improvements, not just a narrative.

Check:

  • The agent MUST verify that action items are specific, assigned, and have deadlines
  • The agent MUST verify that prevention measures address systemic causes, not just the specific incident
  • The agent MUST verify that detection improvements would catch this class of issue earlier
  • The agent MUST verify that the timeline is accurate enough to be useful for future reference

Postmortem

Criteria Guidance

Good criteria examples:

  • "Postmortem timeline includes every key event from trigger to resolution with timestamps and actors"
  • "Each action item has an owner, priority, and due date — no unassigned items"
  • "Prevention measures address systemic gaps, not just the specific failure that occurred"

Bad criteria examples:

  • "Postmortem is written"
  • "Action items are listed"
  • "Lessons are documented"

Completion Signal (RFC 2119)

Postmortem document MUST exist with blameless narrative, complete timeline, root cause analysis, and impact assessment. Action items are specific, owned, prioritized, and tracked. Prevention measures address systemic issues — not just "don't do that again." The postmortem MUST MUST have been reviewed by stakeholders and is ready for distribution to the broader organization.