Templates

Postmortem Templates

Reusable blameless postmortem structures tailored by incident class. Pick a template to start a new draft with predefined sections.

6 of 6 templates

Standard Postmortem

Standard

Default blameless postmortem template for most production incidents. Covers impact, root cause, contributing factors, action items, and lessons learned.

Sections preview

Impact Summary

User-facing and business impact with quantified metrics.

Root Cause

The technical reason the incident occurred.

Contributing Factors

Conditions that amplified or enabled the failure.

Action Items

Concrete, owned, dated remediation tasks.

Lessons Learned

What went well, what didn't, what to change.

30-45 min142 uses

Security Incident

Security

Structured postmortem for security breaches, vulnerability exploits, and access-control failures. Includes blast radius and detection gaps.

Sections preview

Impact Summary

Affected systems, accounts, data, and security boundaries.

Root Cause

Vector, exploited weakness, and entry point.

Contributing Factors

Detection gaps, misconfigurations, missing controls.

Action Items

Remediation, hardening, and detection improvements.

Lessons Learned

Threat model gaps, control failures, and process changes.

60-90 min18 uses

Data Incident

Data

Postmortem for data loss, corruption, consistency violations, or migration failures. Focuses on data integrity and recovery.

Sections preview

Impact Summary

Records affected, scope of corruption or loss.

Root Cause

Schema, query, or migration failure mechanism.

Contributing Factors

Missing constraints, lack of validation, backup gaps.

Action Items

Recovery, integrity checks, and prevention controls.

Lessons Learned

Data-handling and migration process improvements.

45-60 min23 uses

Vendor-Caused

Vendor

Postmortem template for incidents caused by third-party provider outages, API changes, or upstream regressions.

Sections preview

Impact Summary

Customer impact caused by the vendor failure.

Root Cause

Vendor-side issue and the dependency path.

Contributing Factors

Single-vendor dependency, no fallback, no circuit breaker.

Action Items

Mitigation, fallback strategy, vendor SLA review.

Lessons Learned

Vendor risk management and dependency isolation.

30-45 min31 uses

Capacity Event

Capacity

Postmortem for saturation, throttling, or scaling failures. Includes load analysis and capacity planning follow-ups.

Sections preview

Impact Summary

Degraded performance, throttling, or outage duration.

Root Cause

Bottleneck resource and triggering load pattern.

Contributing Factors

Missing autoscaling, capacity review, or alert thresholds.

Action Items

Capacity scaling, alert tuning, headroom targets.

Lessons Learned

Capacity planning and load testing improvements.

45-60 min27 uses

Customer-Facing Outage

Customer-Facing

External-impact postmortem requiring executive review, customer communication log, and SLA-credit considerations.

Sections preview

Impact Summary

External duration, affected regions, customer count, SLA breach.

Root Cause

The trigger and propagation path of the customer-visible failure.

Contributing Factors

Single points of failure, slow detection, escalation delay.

Action Items

Prevention, faster detection, communication automation.

Lessons Learned

Status-page process, customer comms, executive review.

60-90 min12 uses

Standard Section Definitions

Every SentinelGrid postmortem template includes these five core sections to ensure consistent blameless review.

Impact

Quantified user & business impact

Root Cause

Technical reason the incident occurred

Contributing Factors

Conditions that amplified the failure

Action Items

Owned, dated remediation tasks

Lessons

What went well, what didn't

Command Palette

Search for a command to run...