Lessons Learned Process
What This Requires
Capture and share lessons learned from incidents, audits, and projects: what worked well, what didn't, and recommendations for improvement. Publish to knowledge base quarterly. Incorporate into training and runbooks.
Why It Matters
Organizations that learn from mistakes improve faster. Sharing lessons prevents others from repeating same errors.
How To Implement
Capture Mechanism
After incidents, audits, or project completion, conduct retrospective. Use template: (1) What Went Well, (2) What Didn't Go Well, (3) Action Items. Document in ticket or wiki.
Quarterly Synthesis
Every quarter, review all retrospectives. Synthesize common themes (e.g., "inadequate testing", "unclear runbooks"). Write summary with top 5 lessons and recommendations.
Publication
Publish to internal wiki or knowledge base. Tag by domain (Govern, Build, Secure, Deploy, Monitor, Improve). Make searchable.
Integration
Update training materials with lessons (e.g., add case study to security training). Update runbooks with new procedures (e.g., add pre-deployment checklist item). Track updates in version control.
Evidence & Audit
- Lessons learned template
- Retrospective records from incidents and projects
- Quarterly synthesis reports
- Published lessons in knowledge base
- Training and runbook updates referencing lessons