> I assume there’s been a post-mortem for this incident
That requires trust. The sysadmin team where I work have a weekly incident review, its vaguely public and although I don't often go, trust is built because results are not private or hidden.
> It’s hard to make the results of the post-mortem public because most of this would be decisions taken by specific people,
Public yes, but wider inside the company, less so (there are some caveats.) but as for throwing people under a bus, that's never the aim for an incident review. Sure if someone clearly acted with malice, then perhaps action might be taken.
The point of incident reviews is to work out what happened, why, and if its likely to happen again. The general rule is that if you allow people to speak honestly in a review, and not punish them after, you get a better result.
That requires trust. The sysadmin team where I work have a weekly incident review, its vaguely public and although I don't often go, trust is built because results are not private or hidden.
> It’s hard to make the results of the post-mortem public because most of this would be decisions taken by specific people,
Public yes, but wider inside the company, less so (there are some caveats.) but as for throwing people under a bus, that's never the aim for an incident review. Sure if someone clearly acted with malice, then perhaps action might be taken.
The point of incident reviews is to work out what happened, why, and if its likely to happen again. The general rule is that if you allow people to speak honestly in a review, and not punish them after, you get a better result.