Ohhh absolutely. And it's not just users, it's also management. "How does this affect us? Are we compromised? What are our options? Why didn't we prevent this? How do you prevent this going forward? How soon can you have it back up? What was affected? Why isn't it everyone? Why are things still down? Why didn't X or Y unrelated vendor schlock prevent this?..."
And on and on and on. Just the amount of time spent unproductively discussing this nightmare is going to cost billions.
Nothing is more annoying than having a user ask a litany of questions obvious to the person working on the problem and looking for the answers while working on the problem and looking for the answers.
They’re valid for a postmortem analysis. They’re not helpful while you’re actively triaging the incident, because they don’t get you any steps closer to fixing it.
Exactly my thinking. Asking these questions doesn't help us now. But after all the action is done, they should be asked. And really should be questions that always get asked from time to time, incident or no incident.
The problem is that you are only focusing on making the computers work and not the system.
"we don't know yet" is a valid response and gives the rest something to work, and it shouldn't annoy you that it's being asked, first of all because if they are asking is because you are already late.
you have to to tell the rest of the team what you know and you don't know, and update them accordingly.
until your team says something the rest don't know if it's a 30 minute thing or the end of the world or if we need to start dusting off the faxes.
And on and on and on. Just the amount of time spent unproductively discussing this nightmare is going to cost billions.