Technical Operations Method
Method for Technical Connectivity Post-Mortems
Auditable method for timeline, detection, diagnosis, carrier escalation, cause, impact, and preventive action.
Core answer
A connectivity post-mortem separates observations, causes, and assumptions. Anexum reconstructs measurements, alerts, changes, support contacts, and carrier responses on one timeline. The result identifies technical and organizational contributors plus actions with owners and due dates. This page describes the method, not a fabricated customer incident.
When is a post-mortem created?
A review is appropriate after a prolonged outage, repeated degradation, failed failover, unclear carrier ownership, an SLA-relevant event, or an incident that reveals a previously unknown shared failure point.
Which data is preserved?
The evidence set includes monitoring time series, router and modem state, signal values, configuration changes, alerts, tickets, emails, call times, carrier references, and relevant user observations. Time zones and clock synchronization are documented explicitly.
How is the timeline built?
Each entry records time, source, observation, and action. Assumptions are not recorded as facts. The timeline starts before the first alert and ends only after stable recovery and confirmed failback.
How is impact described?
Impact is described through affected sites, services, applications, user groups, and duration. Revenue or productivity values are included only when the customer can provide reliable data.
How is the cause determined?
The analysis separates the triggering event, technical cause, contributing factors, and missing controls. A carrier outage alone does not explain why a backup path was unknowingly unavailable.
How is carrier escalation assessed?
The review checks ticket creation, diagnostic evidence supplied, priority, response time, escalation level, updates, and closure evidence. Contracted targets are compared with measured times without assuming services that were never agreed.
How are actions created?
Every action has an owner, due date, and verification method. Common categories include monitoring, router configuration, carrier diversity, documentation, test frequency, spare hardware, escalation contacts, and contract changes.
When is the review complete?
The review does not end with the document. It is complete when actions are implemented or consciously accepted, tests are repeated successfully, and remaining risks are acknowledged by the responsible decision maker.