The 5 Whys of Root Cause Analysis and How They Can Benefit Your Business


Mitesh PatelFounder of Fifosys

Thursday, January 23, 2020

It’s pretty much inevitable that you’ll encounter problems during your day-to-day operations. Nevertheless, it’s crucial that the impact of any issues is minimized and that you don’t experience multiple re-occurrences of the same problems, leading to a loss of productivity and overall profitability.

Article 3 Minutes
The 5 Whys of Root Cause Analysis and How They Can Benefit Your Business
  • Home
  • IT
  • Leadership
  • The 5 Whys of Root Cause Analysis and How They Can Benefit Your Business

For this reason, knowing how to perform a root cause analysis is essential, as this will ensure you can get to the very heart of any problem and prevent it from happening again. One of the best practices to adopt is the 5 Whys technique and in this article, we’ll explain what this actually means and how the approach can benefit your business.

The value of the 5 whys

A root cause analysis (RCA) helps organizations understand the actual origin of a problem, rather than simply finding a superficial solution. This not only allows for a greater understanding, but also enables businesses to prevent future problems of the same kind.

The basic premise of the 5 whys technique is that you can reach the root cause of most problems by asking "why?" five times. To provide an example, imagine a situation where a business finds that it can’t process a number of orders due to a ransomware attack. Asking "why?" five times gets you to the root cause:

The problem: A number of orders from customers were not processed on time.

Why? #1 - Several employees were unable to access their accounts.

Why? #2 - We experienced a ransomware attack, which locked the employees out.

Why? #3 - An employee clicked on a malicious link in an email.

Why? #4 - They failed to spot the signs that it was malicious.

Why? #5 - Root cause: Our cyber security awareness training is not good enough.

In this example, the business found that the root cause of the problem was its failure to provide employees with adequate cyber security awareness training. By equipping employees with the necessary skills and information to recognize malicious links within emails and avoid them, the chances of a re-occurrence can be drastically reduced.

In 2002, Donald Rumsfeld helped to popularize the idea of:

  • "known knowns" (the things you know that you know)
  • "known unknowns" (the things you know you don’t know)
  • "unknown unknowns" (the things you don’t realize you don’t know).

The great thing about the 5 Whys technique is it can potentially be applied to all of these situations.

With that being said, there are certain limitations to the 5 Whys method. Perhaps the main one is that it can sometimes cause organizations to stop before they actually reach the root cause. For this reason, it is important that you to do not stick rigidly to asking "why?" five times only, even when a sixth "why?" could get you to the root of the problem.

Retrospective troubleshooting

Ultimately, a root cause analysis is about retrospective troubleshooting. However, to actually perform this kind of troubleshooting, it’s imperative that you collect the relevant data and have continuous access to it. This is where working with a company offering managed NOC services can really pay off.

In particular, you’ll need to make sure your processes are appropriately logged and that proactive monitoring is in place. A well-respected company offering quality IT support services should be able to provide this kind of continuous monitoring of core business services, as well as overall system performance.

Because retrospective troubleshooting relies on your data being accessible at all times, it’s important to have a robust disaster recovery solution in place. Again, a managed service provider can help. In particular, you need to know that your data is being backed up regularly and that it can be restored quickly. This will then allow you to access the information needed to actually perform a root cause analysis, even in the middle of a crisis.

Mitesh Patel

Upon completing a master’s in computer science, Mitesh founded Fifosys in 2001 to provide managed IT services in London. He has a reputation for straight talking, delivering focused and effective directives to his clients. Mitesh has an in-depth understanding of both operational and transformational IT projects, and provides the best cyber security in London. He also acts as a mentor, guiding junior aspirants commencing their business career.


Join the conversation...