What if product or execs demand a risky change during a blackout window?

Escalate via the defined exception path: a short decision brief, explicit risk acceptance by a business owner, and time‑boxed rollout with abort criteria. If your policy‑as‑code blocks it, leaders must change the policy in Git—with an ADR—so the exception is auditable. Side‑stepping the guardrail is how trust dies.

How do we measure psychological safety without a year of surveys?

Use behavioral proxies: dissent rate in PRs and design docs, number of aborts executed by criteria, count of unique commenters in decision briefs, and post‑incident participation. Pair with DORA and SLO burn to prove business impact. Run a lightweight quarterly pulse (5 questions) to validate trends.

Won’t these rituals slow us down?

They replace chaos with speed. The five‑minute preflight and canned comms are cheaper than a 3‑hour incident. Progressive delivery plus kill switches means you ship more often with smaller blast radius. Clients typically see deployment frequency up while change failure rate and MTTR drop.

We’re a regulated enterprise. Will auditors accept this?

Yes—auditors love repeatable controls. CODEOWNERS, PR templates, OPA gates, decision briefs, and incident retros provide evidence of oversight, separation of duties, and change control. We’ve passed SOX, SOC2, and PCI audits using this exact approach.

Where do we start if we can only change one thing?

Ship the PR template and enforce CODEOWNERS/branch protections tomorrow. It forces the right conversations and creates an artifact trail auditors and leaders respect. Then add progressive delivery and policy gates over the next sprint.

Culture · Oct 22, 2025 · 9 minute read

Stop Hoping, Start Shipping: Psychological Safety for High‑Stakes Technical Decisions

The calm, repeatable way to make scary calls without wrecking trust, burning error budgets, or playing Slack roulette at 2 a.m.

Alex Mercer

Partner, GitPlumbers

20 years shipping and rescuing distributed systems at scale. Ex-Netflix platform, ex-Stripe SRE. Built incident command, SLOs, and delivery guardrails in shops ranging from Fortune 50 to Series B chaos.

Psychological safety in engineering isn’t about being nice. It’s about making it safe to do the right thing when it’s expensive.

Back to all posts

Stop Hoping, Start Shipping: Psychological Safety for High‑Stakes Technical Decisions

Key takeaways

Implementation checklist