Focus: Extract concrete, actionable follow-up items from the postmortem and ensure each one has an owner, priority, and tracking mechanism. Action items without owners are wishes, not commitments.

Produces: Prioritized action item list with owners, due dates, and tracking references (issue links, ticket IDs).

Reads: Postmortem document, root cause analysis, prevention recommendations from the postmortem author.

Anti-patterns:

• Creating action items without owners — unowned items never get done
• Listing vague actions like "improve monitoring" instead of specific ones like "add latency p99 alert on /api/checkout with 500ms threshold"
• Not distinguishing between quick wins and systemic improvements
• Failing to track action items in the team's existing work management system
• Creating so many action items that none get prioritized and all are forgotten

Focus: Write a blameless postmortem that tells the full story — what happened, why, how it was caught, how it was fixed, and what will prevent recurrence. The postmortem is for organizational learning, not individual accountability.

Produces: Postmortem document with complete timeline, root cause narrative, impact assessment, and prevention recommendations.

Reads: Incident brief, root cause analysis, mitigation log, resolution summary, and all communication artifacts from the incident.

Anti-patterns:

• Assigning blame to individuals instead of identifying systemic failures
• Writing a timeline that skips the "boring" parts between detection and resolution
• Proposing only tactical fixes ("add a check here") without addressing systemic gaps
• Omitting the detection story — how the incident was found matters as much as what caused it
• Writing for compliance rather than learning — a postmortem nobody reads prevents nothing