Incident Overview
An incident overview should provide concise, high-level information about the nature of the incident. You can think of this as the “elevator pitch” of what occurred. The goal is to give users the details they need to check for downstream impacts.
What happened? Provide a brief description of the incident and its impact. Honesty and transparency are critical - owning the failure will earn empathy from your community while withholding information will cause distrust.
When did it occur? Specify the date and time of the incident.
Who does it impact? Identify the individuals, groups, or systems impacted and how the incident affects them. This information will guide your users as they resolve outstanding issues and seek additional support.
How (and why) did it happen? Provide a detailed analysis of the factors that contributed to the incident. Open communication will show users that you understand the problem, have the ability to solve it, and can be trusted to prevent future issues.
Resolution Details
Ideally, the issue gets resolved before your users are aware of it. If this is the case, clearly outline the incident's timeline as part of your response strategy.
Resolution summary: Describe how the issue was resolved.
Resolution process: Outline the specific steps taken to address the issue.
Resolution timeline: Specify the date and time of resolution, as well as the overall duration of the incident.
Ongoing Management
If the issue is ongoing, make it clear that you’re committed to resolving it. Outline what actions are being taken, how and when users will receive updates, and the expected timeline for resolution.
Unresolved issue management: If the issue remains unresolved, outline ongoing efforts to address and resolve it.
Expected resolution date: Specify the anticipated timeline for resolving the issue.
Ongoing communication: Explain how and when users will receive updates on the issue.
Preventive Measures
Provide insights into how you plan to prevent similar issues from occurring in the future. Doing this will help you reestablish trust and user confidence.
Preventive actions: Detail the steps taken or planned to prevent similar incidents in the future.
Timeline for prevention: Provide an estimated timeline for implementing preventive measures.
Incident Response: Communication Strategy
While communicating the facts of the incident is an essential first step, you can do even more to re-establish trust with your users and reduce negative sentiment toward your company. Remember, honesty and transparency are paramount when working with your developer community.
Acknowledge the failure: Take responsibility for the incident and acknowledge any shortcomings that led to it.
Make it personal: When possible, tailor messages to individual users with specifics about how the incident impacted them.
Apologize: Offer a sincere apology for the consequences of the incident.
Improvement actions: Highlight the actions taken (or planned) to improve future interactions and prevent similar incidents.
Reinforce company values: Reiterate your company’s commitment to its users and core values.
Meet them where they live: Draft messages in forms suited to the channels where you will most likely reach your users (like email, Reddit, or Slack). It is always best to post information broadly across multiple channels.
Support and Resources
One of the worst things you can do is leave your users in the dark. Show up for your developer community by providing access to resources and opening lines of communication. Let users know you’re there for them and can still be relied on as a trusted partner.
Support channels: Provide information on how affected individuals can seek additional support or have their questions answered. It’s also helpful to provide a location where they can subscribe to receive notifications of future incidents.
Example of an Effective Incident Response
Bored Ape Yacht Club notified users about a significant incident involving the potential loss of data. Although it’s a brief message, they were prompt, clear on the resolution, and provided instructions for further support.
1,800 "likes" isn’t exactly what you’d expect from a post about a security breach, but it reflects an understanding of what their users needed to hear. This type of response is exactly what you’re looking for.