top of page


“Sometimes it takes a natural disaster to reveal a social disaster” - Jim Wallis, American theologian.

In today's crazy and volatile world, successfully surviving business disruptions is not enough. You need to be able to look back at everything and draw the right conclusions that will help your business confidently move forward and grow.

A post-incident review is an assessment of your response and recovery and an estimated time between the event and resolution. This process reviews all actions and reactions of the incident management response team. The post-incident review process often culminates in an incident report that includes findings and provides suggestions for handling the next major incident.

“The secret of crisis management is not good vs. bad, it’s preventing the bad from getting worse.”- Andy Gilman, President & CEO of Comm Core Consulting Group.


A question always arises while thinking about post-incident analysis is: How to improve the performance of a system that has just failed? Every disruption, no matter how small, is an opportunity to analyze and improve your business continuity plan. Moving from inaction to action is the first step that the emergency management team should try to take immediately after an incident. When the employees understand that they should change their previous plan and should come up with a different plan for the long run, it will help the company to achieve success.

Things to consider while doing Post-Incident Analysis

1. A summary of what happened (With exact date and time)

2. What is the root cause of it?

3. Are there any internal or external causes that caused the problem?

4. What will be the time required to resolve the problem?

5. What are the corrective and Preventive actions?

6. What are the learnings from the incident which can be used to prevent from next incident?

This analysis will help to identify whether there were any technical errors or human errors which caused the incident. This will also help to improve on the incident management plan of the company. Read more

“When written in Chinese, the word ‘crisis’ is composed of two characters. One represents danger and the other represents opportunity.” John F. Kennedy, 35th U.S. president.


1. Emphasis on ‘who’ is conducting the review - To have an unbiased review, many organizations tend to opt for third-party facilitators for the post-mortem process. If the team responsible for recovery and response is set to conduct the review, bias may impact the report since it is human nature to judge your actions in a positive light. To promote a no-blame culture, a facilitator is a must. They will be able to objectively, study and draw conclusions. Also, management must be fully engaged in the review process to signify that learning has value and priority in your organization.

2. Establishment of a Timeline - Understanding the incident timeline can show you a clear picture of how the events unfolded during the time of incident. You must interview everyone to establish a timeline. You’ll also realize that each perspective might reveal another data point. If you don’t cover everyone you may miss an important perspective. For example-10 minutes prior to Ms. Jenna, Mr. Joy, an engineer had tried to recover the system but failed. However, since there was a lack of communication, Ms. Jenna was not aware of this fact and ended up wasting her time in the recovery attempt by doing the exact same process. If you don’t interview Mr. Joy, you may never realize there was a breakdown in communication.

3. Identify Metrics - In the process of prevention and understanding, metrics are everything. It is recommended to quantify as much as you can so that you can have sufficient information to draw conclusions and improvements for the future.

4. Learning and Improving - Learning and improvement are two crucial aspects of post-incident analysis. Every incident response team ought to develop advanced technologies, lessons learned, etc. There can also be a meeting for lessons learned for the benefit of enhancing security precautions and the incident handling procedure. One lesson learned meeting can cover a number of instances. By conducting the meeting, an idea of what happened, what was done to intervene, and how effective the intervention was can be determined.


With this in mind, the use of post-incident analysis should be an integral part of your company's post-disaster procedures. It is an effective instrument for reducing financial losses and raising business performance. It is essential to have a better structured Business Continuity Management System which can also facilitate, registering the post-incident analysis for future improvements.

Get your BCMS automated and simplified today with our product solution BuResus. In light of the aspect of post-incident analysis, our application, BuResus gives you the facility to register the incident in a pre-defined structured format.

Gorisco has a wide range of experts who have various solutions to help organizations mitigate their risks and solve their problems.

At Gorisco, our motto is 'Embedding Resilience' and we are committed to making the organizations and their workforce resilient. Reach out to us if you have any queries, clarifications, or need any support on your initiatives.

To read our other blogs, click here. More importantly, let us know if you liked them or not through your comments.

For this blog, please find the image source here.

41 views1 comment
bottom of page