Incident reviews that change behaviour
Blameless post-mortems are table stakes. The harder problem is making the actions stick — here's a structure that consistently does.
Every mature engineering org runs blameless post-mortems. Fewer have the discipline to make the resulting actions stick. The structural fixes below are what consistently move the needle.
One owner, one date, one acceptance test
Every action item must have all three. No 'team to investigate'. No 'sometime next quarter'. No 'we'll know it when we see it'. If you can't write the acceptance test, the action isn't ready to commit to.
Track actions where work actually happens
Action items in the post-mortem doc are theatre. Action items in the team backlog with a label that lets you query 'all open incident actions older than 60 days' is real.
Review the actions, not just the incidents
Monthly reliability review: how many incident actions opened, how many closed, how many slipped. The trend matters more than any individual ticket.
More insights
Landing zones that survive an audit
A pragmatic walkthrough of multi-account AWS landing zones built for SOC 2 and ISO 27001 — what to centralise, what to delegate, and where automation pays back fastest.
Read ReliabilitySLOs without the theatre
How to define error budgets that engineers actually use, and how to wire them into deployment decisions instead of quarterly slide decks.
Read SecurityZero-trust network design for hybrid estates
Identity-aware proxies, private service connect and short-lived credentials — a practical pattern set for organisations migrating off perimeter security.
ReadLet's talk
Ready to build a platform that scales?
Book a free 30-minute discovery call to review your infrastructure and map out clear recommendations.
- 30-minute discovery call, no obligation
- Architecture review with concrete clear recommendations
- Independent consultancy, direct, hands-on advice