Incident Recovery Communication

Build me a recovery communication automation in Tracecat. While recovery runs, post a status update on a fixed cadence built from the case task board: what is restored, what is in progress, and the next expected milestone. Send the internal version to Slack and Teams, and keep a tighter executive version that goes out when milestones complete rather than on the clock. First help me understand how this maps to RC.CO-03 and why a steady drumbeat stops the side-channel rumor mill during recovery. Ask me which audiences need which level of detail. Talk me through cadence: too frequent numbs people, too sparse breeds panic.

Build me a public communication workflow in Tracecat. During recovery, have an agent draft public status updates using only facts marked approved on the case, in our public messaging style from Notion templates. Route every draft through comms and legal approval in Slack, record who approved each release, and publish only through the approved channel. First help me understand how this maps to RC.CO-04 and why public messaging discipline during recovery protects both customers and counsel. Ask me who holds approval authority and what our approved channels are. Talk me through what the agent must never include, like unconfirmed root cause or blame.

Build me a customer communication workflow in Tracecat. Maintain the list of customers affected by the incident as a case table, tier them by impact, and have an agent draft per-tier recovery updates in Gmail that stay consistent with the internal status and the public statement. Hold sends for approval and log every message per customer for the post-incident record. First help me understand how this maps to RC.CO-03 and why customer updates must never contradict the public line. Ask me how we identify which customers were affected. Talk me through update frequency for heavily impacted versus lightly impacted customers.