I am a former USAF pilot and cyberwarfare officer.
I now work with penetration testers, incident responders, GRC leaders, and security engineers on a regular basis.
I have seen that some organizations do not have a methodology for reviewing projects, engagements, or incidents to discover what can be improved upon.
I was also a safety officer while a pilot and am trained in Mishap Investigation (leading forensic investigations for plane crashes).
I know the importance of fixing mistakes, improving tecniques and procedures, and continually improving a program.
If we want to be the highest quality professionals possible, we need to take the time regularly to assess our operations and find ways to improve.
I have adapted the sacred debrief from my aircrew days. Every single flight ended with a debrief. No matter how tired the crew or benign the mission, there was always a debrief.
I have three versions of the checklist:
1 - The full checklist This is thorough and meant to explain some things without being overly verbose (standby for training or a guide, for those who haven't seen my talks on the subject)
2 - The compressed checklist This is less verbose and can be helpful as a guide during acutal debrief meetings
3 - Abreviated checklist This is for when you want to make sure you covered all the high points but don't have the time to get too deep. It happens. This helps make sure you don't miss things.
Please contribute!
I am working to develop out versions of the checklist specific to different teams and some templates to help, similar to Agile retrospectives. Any advice or suggestions is appreciated.