The Negotiability of “Severity” Levels

Posted Posted in ACL Posts, Incident Analysis

What does the term severity mean, in the context of incidents involving software systems? Merriam-Webster gives us this: “the quality or state of being severe: the condition of being very bad, serious, unpleasant, or harsh.” Here are a few colloquial definitions: “Severity measures the effort and expense required by the service provider to manage and resolve an […]

The Multiple Audiences and Purposes of Post-Incident Reviews

Posted Posted in ACL Posts, Incident Analysis

The conventional rationale for undertaking some form of post-incident review (regardless of what you call this process) is to “learn from failure.” Given without much more specifics and context, this is, for the most part, a banal platitude aimed at providing at least a bit of comfort that someone is doing something in the wake of these surprising […]

Moving Past Shallow Incident Data

Posted Posted in ACL Posts, blogpost, cognitive systems engineering, Incident Analysis, methods

Here is some data: the last incident your company experienced lasted 54 minutes. What insight does this data reveal besides a) an incident happened, and b) it lasted 54 minutes (at least according to someone interpreting an event as an incident)? What else could we glean from this data? Hrm. What if we found that someone marked down […]