After building up its internal incident response documentation for several years, the enterprise incident resolution service PagerDuty open-sourced the documentation so the community can better prepare for various incidents.
The PagerDuty Incident Response Documentation is a collection of best practices for how to prepare new employees for on-call responsibilities, as well as how to handle incidents that might occur. The documentation also includes “lessons learned the hard way, along with the training material for getting you up to speed quickly,” wrote senior engineer of security and incident response at PagerDuty, Rich Adams.
(Related: The continuing problem of application security)
According to him, not enough companies talk to their employees about internal processes and how to handle major incidents, and sometimes it’s “considered taboo to even mention the word ‘incident’ in any sort of communication.”
Open-sourcing the documentation allows on-call practitioners and those involved in operational incident response processes to better prepare and “decrease your response time for major incidents by building on the knowledge [PagerDuty] internally developed over the years,” wrote Adams.
Included in the documentation is go on-call, and definitions of severities, like SEV-1 and SEV-5. For instance, a SEV-3 is considered a major incident, whereas a SEV-5 is less severe and does not impact the system. The documentation also includes incident call etiquette, as well as how to run a post mortem (a detailed description of what went wrong during an incident). Adams wrote that the documentation also includes PagerDuty’s security incident response process.
He also said that the documentation isn’t an exact replica of PagerDuty’s internal documentation, as some information has been removed or changed. Essentially, only information specific to the company or proprietary information has been omitted. The rest of the documentation includes principles and processes instead of the specific tools that PagerDuty utilizes, according to him.
PagerDuty customers and other companies that want to use the documentation in their own organization can fork the repository here.