AI Post-Mortems with Human Sign-Off
Auto-assembled draft, human review-and-sign-off, full audit log of every edit. Ship a real post-mortem in 30 minutes instead of next week, and get a defensible record while you do it.
Why post-mortems break
The pattern at almost every company: an incident resolves on Friday afternoon, the post-mortem is "scheduled for next week," next week becomes the week after, and by the time the doc finally circulates everyone's forgotten the exact sequence of events. Action items are vague because the details are vague. The lessons don't transfer because nobody can remember them clearly enough to write them down.
The honest reason it happens: post-mortem authoring is a 4-6 hour task and engineers are tired by Friday afternoon. Auto-assembly cuts the bulk of those hours by stitching together what already exists, the incident timeline, the agent ledger, the chat transcript, the deployment history, into a draft a human can ship after 30 minutes of review.
Auto-assembled draft
The draft has six sections. (1) Summary, one paragraph generated from the incident timeline, customer impact data, and the resolution action that closed the incident. (2) Timeline, every event in chronological order, sourced from the agent ledger, the incident channel, and the deployment log. (3) Customer impact, affected services, error rate over time, estimated customer-facing minutes lost. (4) What we did, sequence of remediation actions with timestamps and outcomes. (5) Root cause, the agent's best hypothesis, marked as "draft, requires human verification." (6) Action items, extracted from the chat transcript with assignees suggested.
Each section is editable and each edit is tracked. The draft is a living document until it's signed off. The model used to generate the prose is configurable per tenant, most teams stick with our defaults; some teams running on-prem use a self-hosted model with a different prompt template.
One section we deliberately don't auto-write: the "what we learned" reflection. That section stays empty in the draft because it has to come from the engineers in the room. The draft inserts a blank with a one-line prompt and refuses to ship without it filled in.
The review surface
The reviewer sees the draft on the left and the source-of-truth on the right. Every claim in the draft has a "show source" link, click "the database failed over at 02:14" and the right pane jumps to the relevant ledger entry with the timestamp highlighted. Every claim is sourced; nothing is invented; if the model can't ground a claim, it doesn't make the claim.
The review surface tracks three states per section, green (engineer reviewed and confirmed), yellow (engineer edited), red (engineer rejected, section will be rewritten or deleted). A post-mortem can't be signed off until all sections are green or yellow. Red sections block sign-off until they're addressed.
Two reviewers are required by default, the on-call engineer and one other engineer or manager. The two-reviewer rule catches solo over-confidence; the second reviewer almost always edits the root-cause section to be more precise. We've found this pattern across dozens of beta-tenant post-mortems.
The audit log
Every edit is logged. Who, when, which section, what the before-and-after text was. The log is append-only and exposed via API for compliance teams who need to demonstrate the post-mortem process is rigorous. Export to PDF includes the audit log as an appendix; export to Markdown includes it as a separate file.
The audit log matters most for high-severity incidents that go to customer review or regulatory review. "We have a process and here's the evidence the process was followed" is meaningfully easier to defend than a Google Doc with no version history. Several beta tenants in regulated industries cited the audit log as the deciding factor for adopting Nova post-mortems vs their previous process.
Action items that stick
The hardest part of any post-mortem is the action items, and the saddest part is that most of them never ship. We integrate action-item extraction with your task tracker (Linear, Jira, Asana). Items in the draft become tickets in the tracker on sign-off, with the post-mortem link and the relevant timeline excerpt pre-populated. Each item has an owner and a due date.
The follow-up matters more than the extraction. Nova tracks the action items it created and surfaces overdue ones in a weekly digest. Items that are overdue by more than 30 days get bumped to the team lead; items overdue by 90 days get escalated. The escalation isn't punitive, it's a forcing function for the conversation about whether the item still matters or whether the team's understanding of the system has changed enough that the item is moot.
The shortest version of all of this. Auto-assembly turns 4-6 hours into 30 minutes. Sign-off keeps a human accountable. The audit log makes the process defensible. Action-item tracking makes the lessons stick. Each piece is small; the combination is the difference between a post-mortem culture that works and one that doesn't.