Root Cause Analysis (RCA)
Post-incident reports documenting what went wrong, why it happened, and what we're doing to prevent recurrence.
RCA Log
| Date | Incident | Severity | Status |
|---|---|---|---|
| — | No incidents recorded yet | — | — |
RCA Template
All RCA documents follow this standard structure:
1. Incident Summary
- Date & Time: When the incident occurred
- Duration: How long the impact lasted
- Systems Affected: Which platforms were impacted
- Impact: Number of users/claims affected
2. Timeline
A chronological sequence of events from detection to resolution.
3. Root Cause
The fundamental reason the incident occurred. Distinguish between:
- Immediate cause — the direct trigger
- Contributing factors — conditions that enabled it
- Root cause — the underlying systemic issue
4. Impact Assessment
- Customer impact
- Operational impact
- Data integrity impact (if any)
5. Corrective Actions
| Action | Owner | Due Date | Status |
|---|---|---|---|
| Example corrective action | Team Lead | — | Pending |
6. Lessons Learned
What the team learned and how it changes future practices.
7. Sign-off
| Role | Name | Date |
|---|---|---|
| Incident Owner | ||
| Technical Lead | ||
| Management |
danger
RCA documents for Severity 1 incidents must be completed within 48 hours of resolution and reviewed by management.