Blame culture vs resolution culture: The war room is observability failure, not a people problem

Brett Airey, Managing Director, Splitpoint Solutions.

---

Every IT leader knows the room. A severity-one incident is live, something critical is down, and within ten minutes the call has thirty people on it. Each team is certain it is not their department responsible for the issues. Somebody from the cloud provider has joined and is certain it’s nothing they’re responsible for. The business is asking when it’ll be fixed, and the honest answer, though no one says it out loud, is that nobody yet agrees on what’s actually broken.

We’ve been taught to call this a blame culture, and to fix it with better behaviour: blameless post-mortems, psychological safety, a kinder tone in the war room. All worthwhile. But after enough years of being invited into these rooms, I’ve come to believe we’ve largely misdiagnosed the problem.

The finger-pointing isn’t usually a character flaw. It’s a data flaw.

When teams lack end-to-end observability of critical infrastructure and applications, blame rushes in to fill the vacuum. If the network team only has network telemetry, the most truthful thing they can say is “it isn’t us, as far as we can see,” and they’re not lying. They simply can’t see past their own boundary. The same is true for every other team on the call. Each one is defending the edge of their own visibility, and mistaking it for the edge of the problem.

So the war room isn’t thirty people behaving badly. It’s thirty people each holding a piece of information, without seeing the full picture.

This reframes the entire fix. Workshops won’t fix your blame culture, engineering your way out of it by giving everyone the end-to-end picture will. Unified observability shows the request travelling from user, over the network to the application and database, and shows exactly where it slowed or failed, there is nothing left to argue about. This focuses the teams on the potential root cause, and the conversation stops being “it’s not my system” and becomes “there it is, let’s fix it.” The war room becomes a solving room.

This matters more than it might sound, because of where incident time actually goes. The slow part of most major incidents isn’t the repair. Once everyone agrees what’s wrong, the fix is frequently quick and well understood. The slow, expensive part is reaching that agreement: the diagnosis, the correlation, the establishing of a shared truth.

Time spent disputing the unknowns without facts and statistics extends the service outage. Blame doesn’t just bruise morale. It directly extends downtime, and downtime is measured in lost revenue, missed transactions and eroded customer trust. Unified observability is the single most effective way to compress that diagnosis window, because it removes the argument before it starts.

There’s a layer of this that South African enterprises feel acutely, because so much of our IT operations runs through outsourced partners and managed service providers. Outsourcing is often a sensible commercial decision. But it quietly changes the shape of the war room, because now some of the people holding a critical piece of information don’t work for you.

Here’s the uncomfortable truth: outsourcing transfers the execution of the work. It does not transfer the accountability for the outcome. When the service is down, your customers don’t care which contract the failing component sits under. And the painful reality is that SLAs are typically written around uptime and response times, not end user experience and coordination across vendor boundaries. Each provider’s contract looks complete in isolation, while the gaps between them go unowned. The finger-pointing simply moves from between your internal teams to between your suppliers, and it’s slower, because now it has contracts attached.

This is why “we outsourced it” is not an accountability strategy. Partners, left to their own devices, police themselves, and they will each, quite reasonably, defend their own boundary. The organisation that owns the outcome needs its own independent observability across the whole environment: not to catch partners out, but to hold a neutral source of the truth that doesn’t belong to any single vendor’s dashboard. When everyone is looking at the same independent data, the conversation with a supplier stops being “prove it wasn’t you” and becomes “here’s where it happened, let’s sort it.”

A resolution culture isn’t built on better intentions. It’s built on better observability. The teams, and the supplier relationships, that resolve fastest are the ones where nobody can hide in a blind spot, because there are no blind spots left to hide in.