Recent Blog Posts

June 03, 2017

Root Cause Analysis Template

Root Cause Analysis

Root Cause Analysis(RCA) is a step by step process used to understand the underlying root cause of an issue or incident or anything that should not have occurred in the first place.

Download This Template Now!
rca template, root cause analysis excel template, root cause analysis format
Root Cause Analysis Template

Best Practices for Root Cause Analysis

  1. Always start documenting the root cause by using root cause analysis excel template as soon at it has occurred or you are informed. If you leave it for too long then people might forget the details of what happened and how it happened.
  2. Pick your team carefully as the last thing you want is to manage conflicts.
  3. Start filling the RCA form ASAP even if some information is missing at least have the draft started.
  4. Conduct an initial meeting to understand first-hand experience from impacted people.
  5. Make sure you have a mechanism in place to follow-up on action items by having an action plan.
  6. Do a dry run or share the report with key stakeholders so that you can get early feedback.
  7. Ensure you get the required approvals before closing the analysis.
  8. Give importance to all the perspectives - Technology, Marketing, Finance etc.
  9. If possible include a team member from different areas of the company.
  10. Always be sensitive about people involved as the reason to do the root cause analysis is to make sure similar issues do not happen again and not punish the people involved.
simple root cause analysis template, Root Cause Analysis Impact
Root Cause Analysis Impact

About the Root Cause Analysis Excel & PPT Template

The root cause analysis excel template is aimed at capturing all the key information related to an event or issue.
  • Event - Clearly define an event name. Keep it short and nice.
  • Date and Time - Specify when the event occurred. If multiple times then mention all the times.
  • Impact Assessment - This section should document what actually happened in much detail. Also, mention the impact the issue had on business in detail. Don't worry about the exact times as you will be documenting that in the timeline section.
  • Previous Occurrences - Mention if there were any previous occurrences of similar issues. You need to be accurate with this information because the senior management is sure to ask tough questions when they come to know this had happened in the past and the root cause has not been fixed.
  • Timeline of events - This section will capture what actually happened with time details. Document only high-level phases with time stamps.
  • Analysis Approach - Document how you approached the analysis. Explain briefly what are the different steps you took to conduct analysis.
  • Action Items - These are actions of tasks coming out of the root cause analysis.  Each action should a have a target date and individual names associated with it.  Also, ensure that reminders have been set for these action items.
  • Residual Risks - Document the risks which will continue to exist after the incident. Also, document if the risk will be mitigated by a closing of any action item. Assigning a right risk rating is also important.
  • Last but not the least ensure the report is signed off by appropriate authority.
Residual Risks, rca template
Residual Risks

Example of Root Cause Analysis in IT

Event : Security Breach
Date & Time : 13-June-2017, Friday 1:00 PM
Manager : Swapnil Wale


  • 13-June-2017,   12:45 PM : During a routine system upgrade some of our security protocols were not followed which lead to our network being exposed.
  • 13-June-2017,   1:00 PM : Possible hackers breached into out network and were able to get access to our customer database.
  • 13-June-2017,   1:20 PM : Internal staff were alerted to a potential intruder. Upon getting the alert our internal network was shutdown to avoid further loss.
  • 13-June-2017,   1:30 PM : Security Manager was informed about the incident. Security manager then alerted senior management and logged security breach incident.

Impact Assessment

During a routine system upgrade some of our security protocols were not followed which lead to our network being exposed.

Possible hackers breached into out network and were able to get access to our customer database. Customers have been informed about the security breach. IT team is in the process of identifying the affected customers.
  • Customer Impact : High
  • Brand Impact : High
  • Contractual Impacts : Low
  • Financial Impact : Medium
  • Productivity Impact : Low
  • Data Loss : Low
  • Privacy Breach : High

Action Items

  • Review our systems upgrade procedure to find gaps. 
  • Review internal processes to ensure IT Team needs to know communication plan when incidents occur. 
  • Implement system changes to enhance security protocol to make our security robust.

Residual Risks

  • Until the polices and procedures are not updated there will be a risk of security breach happening again - Critical
  • As IT Team is still analyzing the impact the severity of the impact assessment could change. The severity could either go up or down depending on the outcome - Medium.
Download This Template Now!

No comments