Incident response

How to Communicate Incidents to Customers

By the Opsentry team · June 10, 2026 · 8 min read

During an outage, your customers aren't grading your architecture — they're grading your communication. Teams recover from incidents with their reputation intact, or even improved, when they communicate early, honestly, and on a predictable rhythm. This guide covers when to post, what to say at each stage, and gives you templates to copy.

The first rule: acknowledge before you understand

The most common mistake is waiting to post until you know what's wrong. From the inside, that feels responsible. From the outside, it's indistinguishable from not knowing your service is down — and customers fill silence with their own theories, support tickets, and screenshots on social media.

Post within minutes of confirming impact, even though all you can honestly say is:

"We're investigating reports of errors affecting the API. Updates to follow within 30 minutes."

That single sentence does three jobs: it tells customers you know, it tells them you're working, and it tells them when to expect more. Nobody expects a root cause in the first ten minutes. They expect a heartbeat.

Use the four stages customers already understand

The investigating → identified → monitoring → resolved progression has become an industry convention, which is precisely its value — no one has to learn your vocabulary.

Investigating

You've confirmed impact but not cause. Say what's affected and what isn't, and commit to a next update time.

"We're investigating elevated error rates on the Payments API beginning 14:02 UTC. Checkout may fail for some customers. Dashboards and data are unaffected. Next update by 14:30 UTC."

Identified

You know the cause and you're fixing it. Plain language, no jargon, a realistic ETA only if you have one.

"We've identified the cause as a failed database failover and are restoring the primary. We expect recovery within 45 minutes. Next update by 15:15 UTC or sooner."

Monitoring

The fix is in and metrics look healthy, but you're watching before calling it done. This stage exists so "resolved" stays meaningful — nothing burns trust like resolving an incident twice.

"A fix has been deployed and error rates returned to normal at 15:05 UTC. We're monitoring for the next 30 minutes before resolving."

Resolved

State the full impact window honestly and, for significant incidents, promise the post-mortem.

"This incident is resolved. The Payments API experienced elevated errors from 14:02 to 15:05 UTC; about 12% of checkout requests failed during that window. We'll publish a post-incident review within 5 business days. We're sorry for the disruption."

Write like a human under oath

Severity sets the tempo

SeverityExampleFirst postUpdate cadence
CriticalFull outage, data riskWithin 10 minutesEvery 30 minutes
MajorCore feature degradedWithin 15 minutesEvery 60 minutes
MinorEdge feature, workaround existsWithin 30 minutesOn material change

Decide these thresholds before you need them. Mid-incident is the worst time to debate whether something is "major."

Make the status page the single source of truth

Incident communication scattered across email threads, tweets, and support macros drifts out of sync within the hour. Put every update on your public status page first, and let subscriptions (email, webhooks) fan it out from there. Support answers "is it down?" with a link; engineering posts once instead of five times; and after resolution, the timeline doubles as the public record your post-mortem links to.

After the incident: the follow-up is the trust-builder

For major incidents, publish a short post-incident review within a week: what happened, the timeline, the impact, and — most importantly — what you're changing so it doesn't recur. Customers don't expect zero incidents. They expect evidence that each one made you better. Teams that publish honest post-mortems consistently report that customers cite them as a reason for increased confidence.

Opsentry gives you the machinery for all of this — incident management with severity and staged statuses, timestamped public updates, subscriber notifications, and a branded status page — wired directly to external monitoring so detection and communication are one workflow, not two. It's free while in early access.

Related reading: uptime monitoring best practices for SaaS teams and SLA vs SLO vs SLI, explained.