Why Postmortems Fail and How to Make Them Drive Real Change

Dave Rochwerger
Dave Rochwerger
June 23, 20259 min read
Why Postmortems Fail and How to Make Them Drive Real Change

Introduction: The Hidden Cost of Poor Incident Follow-Up

How did this happen again? Didn't we prepare for this?

No engineering leader wants this message—especially after months of careful planning. Yet there we were: during our peak traffic spike, a critical customer-facing service slowed to a crawl, badly impacting customers exactly as we had seen before. Senior executives had to spend days personally reassuring frustrated customers, promising once again to finally address the underlying issues.

The painful truth was that our infrastructure was outdated and architecture desperately needed refactoring. Instead, we’d spent months scaling hardware, applying patches, and tackling easy fixes—everything except solving the core problem. Our team knew what was needed, but the organization never allocated the necessary resources.

This story isn't unique. Most engineering teams genuinely want to prevent incidents—but their organizations struggle to prioritize deep, thematic fixes over quick patches.

Repeated incidents aren't just operational headaches—they’re symptoms of a deeper problem: poorly executed post-incident processes.

Section 1: The Board Issue—Why Senior Leaders Should Care

When there are many incidents, senior engineering leaders often find themselves playing defense: explaining why the product isn't reliable, why customer satisfaction scores are dropping, and why the same issues seem to surface again and again.

At the executive level, the concern isn't just about the total number of incidents; it’s about the consequences of those incidents. Customers and internal stakeholders may not dive deep into root-cause analysis at first—but they absolutely notice when the product is down repeatedly, trust begins to slip, and internal teams start questioning Engineering’s ability to deliver.

Good executive teams track uptime and incident counts, yes, but the real signal they respond to comes from customer satisfaction metrics, renewal rates, and feedback from internal teams like Customer Success and Sales. When incidents—especially repeated ones—pile up, these signals inevitably deteriorate. Leaders then find themselves having uncomfortable conversations with the board, forced to justify performance instead of focusing on growth.

Reducing the number of repeat incidents is one of the most straightforward ways senior engineering leaders can proactively protect customer satisfaction, internal trust, and ultimately, their own credibility.

Here are three reasons why effective post-incident processes matter at the board level:

1. Reputational Risk

Reputation takes years to build but only moments to damage. Repeated incidents send a clear public signal: your team struggles to learn from its mistakes. Customers quickly notice instability, which undermines your brand's perceived reliability. Competitors capitalize, positioning themselves as stable, trustworthy alternatives.

For senior leaders, reputation isn't just a marketing metric—it directly impacts valuation, investor confidence, and long-term growth.

2. Customer Trust

Customers rarely leave after a single incident, but repeated issues erode trust over time. When clients continuously experience similar disruptions, their patience wears thin. Eventually, they ask, Is this company competent enough to reliably deliver its service?

This loss of customer trust isn’t hypothetical. According to PagerDuty’s 2024 Incident Report, 90% of IT leaders agree that outages significantly harm customer trust, and that year-over-year customer-impacting incidents have increased by 43%. And downtime has real cost consequences too: according to a 2016 Ponemon Study, on average the cost of an unplanned outage is nearly $9,000 per minute.

These aren't just numbers; they're warning signals to senior leaders: repeated incidents drive customers away, hurting revenue and growth.

3. Internal Trust & Employee Morale

Internally, repeated incidents quickly sap morale. Teams across your company—especially Customer Success, Sales, and Product—depend on Engineering to deliver a stable product. When they continually encounter the same problems, frustration builds. Internal dialogue shifts from problem-solving to blaming:

  • “Why doesn’t Engineering fix this for real?”
  • “We can’t promise customers improvements if Engineering won’t follow through.”

This internal friction erodes team collaboration and overall efficiency, turning what should be organizational allies into skeptics. At its worst, it creates a culture of learned helplessness—"why bother?" becomes the pervasive attitude.

Section 2: Why Most Postmortems Fail

Why Postmortems Fail

Every engineering team has good intentions after a major incident. You gather the right people, document what happened, and create a list of improvements. But then something breaks down. The urgency fades, action items don't make it into sprints, and weeks later you're asking, "Why didn’t we fix this last time?"

Through experience—ours and others—we've seen consistent patterns emerge. Here are the most common reasons postmortems fail to deliver meaningful change:

1. No Accountability or Clear Ownership

This is one of the most frequent pitfalls. Postmortems often generate a lot of ideas but few explicit owners. Without accountability, tasks drift. Weeks later, it’s unclear who was supposed to deliver what, and critical action items remain undone.

2. Delays in Scheduling and Execution

The best time to perform a root-cause analysis (RCA) is as close to the incident as possible. Memory is fresh, urgency is high, and you’re still in the mindset to solve problems. Wait even a week, and context fades, key details are lost, and urgency drops significantly. Postmortems become box-checking exercises rather than meaningful improvements.

3. Weak or Unstructured Root Cause Analysis

Without structured guidance, RCAs often become superficial or overly narrow. Teams might chase immediate triggers instead of thematic, systemic causes. You fix the symptom—an overloaded server—but miss the underlying cause, such as poor alerting or weak service dependencies.

4. Failure to Follow Through and Learn

It’s easy to capture action items after an incident—harder to follow through. Teams often list every possible improvement in the heat of the moment. But when everything is important, nothing gets done.

We often see teams fall into the same traps:

  • Writing down too many action items, with no clear prioritization
  • Declaring incidents "closed" before improvements are complete
  • Failing to check in on progress or remind owners
  • Fixing each incident in isolation, ignoring repeating patterns across teams or services

Each of these mistakes chips away at your ability to improve. Action items stay incomplete. The same failures repeat. And leadership is left with a false sense of progress—until the next outage proves otherwise. Instead, build follow-through into your reliability strategy. That means:

  • Only taking on the most impactful action items
  • Assigning owners and due dates
  • Tracking completion publicly
  • Categorizing root causes so you can spot recurring themes

Result: Frustration and Repeated Failures

Together, these common pitfalls lead to the same frustrating cycle: repeated failures, eroded trust, and exhausted engineering teams. Your postmortems become performative instead of transformative. Eventually, your stakeholders— customers, internal teams, and senior leaders—start doubting the team's ability to deliver reliable systems.

Fortunately, each of these pitfalls is addressable. In the next sections, I'll show how simple process improvements and structured tooling—like what Phoenix Incidents provides—can shift your team's incident response from reactive to proactive, permanently reducing incident volume and restoring trust.

Section 3: Building a Reliable Postmortem Process

Knowing why postmortems fail isn’t enough. You need clear, repeatable steps to build an effective post-incident practice. From our experience, here’s how you get there:

Step 1: Schedule Postmortems Quickly

Run RCAs within 72 hours of the incident. Memories fade fast, and key context disappears after a few days. Quick scheduling means deeper insights and more accurate findings.

Step 2: Establish Clear Accountability

Assign explicit owners for every action item. This isn’t about assigning blame; it’s about making sure improvements actually get done. Make sure every action item has a single accountable person and a realistic due date. Enforce those dates with SLAs and track progress.

Step 3: Structured Root Cause Analysis

Avoid unstructured discussions. Use standardized methods that guide teams towards identifying deeper, underlying causes--we've had amazing experience with the "Five Whys" method.

Critically, ensure root causes use consistent naming conventions or categories. This makes it easier to detect patterns or systemic issues over time.

Step 4: Prioritize Action Items Carefully

Not every idea from a postmortem is worth immediate action. Too many action items overwhelm teams, reducing the likelihood of completion. Prioritize actions by the potential to prevent future incidents. Quality over quantity wins every time.

Step 5: Regular Follow-ups and Transparent Visibility

Create routine checkpoints to track and review open action items—ideally weekly, but not more infrequently than monthly. This provides clear visibility to stakeholders and ensures no improvement gets lost in the backlog. Regularly report progress to senior leaders to maintain momentum and accountability.

Step 6: Identify and Address Thematic Issues

Track root causes across incidents. If the same issues keep showing up—poor monitoring, unclear ownership, fragile dependencies—address these at the organizational level, not just the team or incident level.

This might mean dedicating sprint time specifically to improve monitoring, tooling, or onboarding. These systemic investments yield major incident reductions down the road.

Section 4: How Phoenix Incidents Helps You Get There

The true test of incident management isn't how quickly you put out fires—it's ensuring those fires never start again.

Phoenix Incidents is designed to make that philosophy real—without adding process for the sake of process. We don’t give you empty templates, nor provide pages of customization; we hardwire best practices directly into the workflow your team already uses.

Here’s how we help teams actually fix what caused the fire:

  • Enforce follow-through: Incidents are not closed until linked action items are complete. That’s not a guideline—it's built in.
  • Guide real RCAs: Five Whys, consistent root cause tagging, and AI-assisted timelines help teams focus on analysis, not formatting.
  • Keep it visible: Weekly Slack reminders, public report cards, and dashboards keep ownership clear and progress visible.

Most importantly, Phoenix turns thematic issues into visible, solvable patterns—so leadership can invest in fixing what really matters, not just what broke last week.

Section 5: The Leadership Call to Action

Incident management isn’t about paperwork or meetings—it’s about trust, credibility, and growth. You’ve seen why postmortems matter, where most teams fail, and how to get it right.

Now it’s time to act.

Evaluate Your Current Postmortem Process

  • Are your teams performing RCAs promptly—ideally within 72 hours?
  • Does every action item have clear ownership and due dates?
  • Do you know how many postmortem tasks are incomplete today?
  • Are you consistently tracking and addressing thematic root causes?

If the answer to any of these questions isn’t a confident “yes,” your post-incident process needs attention. Addressing these gaps is critical, not just for operational reliability, but for customer trust, internal morale, and leadership credibility.

Prioritize What Matters Most

You don’t need dozens of new processes—just a few reliable, high-impact practices that prevent incidents from recurring. Start with prompt scheduling, structured root causes, explicit accountability, and regular check-ins. These basics yield immediate results.

How Phoenix Incidents Helps You Get Started

Phoenix Incidents isn’t another tool you need to babysit; it actively drives your process. It enforces your SLAs, guides your RCAs, ensures accountability, and provides transparency. Incident follow-through isn’t optional—it’s automatic. In fact, it's not even another tool at all, we leverage the existing tools your team already uses.

We’re currently onboarding select teams into our private beta.

If your team is serious about fixing recurring incidents for good, sign up here to join the beta or book a short intro call—we’d love to show you what Phoenix can do.

Your next incident doesn’t need to be déjà vu. When you’re supported by Phoenix Incidents, you can turn incidents into permanent improvements—every single time.

PostmortemRCAIncident Management
← Back to blog