When the Dust Settles: How to Learn from a Business Disruption

Many organizations successfully endure a major business disruption and then drop the ball by not looking back at the event and drawing lessons from it for the future. In today’s blog, we’ll look at how performing a Post-Incident Analysis (PIA) can help you turn a disruption into a powerful opportunity for learning and improvement.

Related on MHA Consulting: In Time of Crisis: What to Do in the First 24 Hours

In many fields, it’s routine to look back at past events to learn lessons that can be applied in the future. The Army conducts after-action reports, secret agents get debriefed, and football teams review game film.

However, in the world of Business Continuity (BC) and IT/Disaster Recovery (IT/DR), such post-event reviews are surprisingly rare.


This is regrettable because a major disruption, while definitely a pain in the neck, is also a golden learning opportunity.

Don’t you think, after a disruption wreaks havoc on your organization, that you should at least try to get something positive out of it afterward by mining the event for useful insights?

Also, a disruption can reveal many gaps and weaknesses in your readiness that really should be closed to prevent an equal or worse problem from occurring in the future. The best way to find and fix these is by a systematic analysis after the event.

For all these reasons, I strongly recommend that companies that emerge from a significant business disruption conduct a formal review of the incident after the dust settles.

Specifically, I recommend they conduct what’s known as a Post-Incident Analysis (PIA).

Related on BCMMETRICS: What’s Up, Doc? When and How to Perform a Current State Assessment


A PIA is the reconstruction of an incident to assess the chain of events that took place, the methods used to control the incident, and how the actions of your organization as well as those of outside entities such as emergency services and third-party vendors contributed to the eventual outcome.

A PIA is not a forum for criticizing anyone’s performance during the incident or second-guessing any actions that were taken.


Conducting a PIA can bring many benefits to an organization just emerging from a business disruption. These include:

  • Creating a comprehensive record of the incident from which departmental procedures and recovery plans can be evaluated.
  • Allowing an assessment of response and company response areas under actual conditions.
  • Providing an assessment of the communications carried out during the event with internal and external stakeholders.
  • Supplying an assessment of the organization’s safety practices and related procedures.
  • Giving an assessment of the training needs for department personnel.
  • Providing an assessment of the organization’s working relationships with outside agencies.
  • Allowing an assessment of the organization’s alternate work sites and strategies.


What should the PIA meeting and report cover? The following areas should be addressed, at a minimum:

  • Date and time of the incident. The date and time the event occurred.
  • Location of incident. The location and address of the incident.
  • Type of incident. Include a brief description of the type of event (fire, flood, workplace violence, power failure, etc.) that required the activation of the Business Continuity Plan (BCP).
  • Situation upon activation of the BCP process. Include a brief description of the situation encountered by the first personnel assessing or arriving on the scene. The type of personnel responding should be listed.
  • The final outcome of the incident. List the extent of damage and impact to business operations. Also, include personal injuries or casualties if applicable.
  • Strategy. List the strategies chosen to respond and recover from the event. For each strategy, list what the strategy entailed (e.g., close off the building and relocate affected staff) as well as the results of implementing each strategy.
  • Common obstacles. List those problems encountered by more than one department or Incident Commander (IC) that may indicate a need for a review of department procedures or training or recovery plans.
  • Recommendations. List any recommendations for correction or reduction of these obstacles.
  • Operational successes. Look at what operations worked well and why. Consider strategies and results, not only at the IC level but also at the department level, if appropriate. This helps reinforce procedures and tactics that were successful so they may be applied to similar situations in the future.
  • Stakeholder communication. Review the process of internal and external communications used during the incident.
  • Were communications adequate, proactive, and regularly updated?  Were the appropriate stakeholders communicated with during and after the event?
  • Incident organizational chart. Using a simple organizational chart, show lines of authority and responsibility. Identify the span of control. This allows for a more formal review of the BCP process in order to identify the positive aspects and correct deficiencies.


The final PIA report should be formally reviewed and approved by the appropriate parties to ensure accuracy and comprehensiveness.

Ideally, the PIA should be completed within 14 days of the incident, while memories are fresh and the needed records and source materials readily available.

All participants in the analysis process must be truthful and candid in an effort to determine operational or management areas that must be improved.

Note also that it is important to remember that the purpose of the PIA report is not to criticize or discipline any person or to second-guess any action taken during the event.


A major business disruption is as much fun as a case of the measles. However, organizations can find the silver lining in the cloud by conducting a Post-Incident Analysis.

By conducting a PIA meeting and writing a PIA report as described above, you can identify what you are doing right and also where your gaps and vulnerabilities lie.

This information can help you improve your business recovery plans and strategies moving forward, increasing the resilience of your organization and better-protecting everyone who depends on it.


For more information on this and other hot topics in business continuity and disaster recovery, check out the following recent posts on BCMMETRICS and MHA Consulting.

Michael Herrera is the Chief Executive Officer (CEO) of MHA. In his role, Michael provides global leadership to the entire set of industry practices and horizontal capabilities within MHA. Under his leadership, MHA has become a leading provider of Business Continuity and Disaster Recovery services to organizations on a global level. He is also the founder of BCMMETRICS, a leading cloud based tool designed to assess business continuity compliance and residual risk. Michael is a well-known and sought after speaker on Business Continuity issues at local and national contingency planner chapter meetings and conferences. Prior to founding MHA, he was a Regional VP for Bank of America, where he was responsible for Business Continuity across the southwest region.

One thought on “When the Dust Settles: How to Learn from a Business Disruption

Comments are closed.

Business continuity consulting for today’s leading companies.

Follow Us

© 2024 · MHA Consulting. All Rights Reserved.

Learn from the Best

Get insights from almost 30 years of BCM experience straight to your inbox.

We won’t spam or give your email away.

  • Who We Are
  • What We Do
  • Blog