When people leave, knowledge shouldn't walk out with them. Here's how to capture day-to-day operational data as a transferable, AI-ready knowledge base.
A proactive audit framework for ops leaders who want to find and fix people-dependent bottlenecks before they become crises.

Key person risk is the operational exposure your organization takes on when critical knowledge, processes, or relationships depend on a single individual. It's not the same as talent risk (the risk of losing a high performer) or succession planning (who should lead next). Key person risk is narrower and more immediate: it's the set of processes, decisions, and relationships that can only function while a specific person is present.
Think about the person on your team who knows how to run payroll when the system does something strange, or the one who manages the vendor relationship that nobody else has ever touched. When they're on vacation, work slows. When they leave, work stops — sometimes for days or weeks while others piece together what they actually did.
The defining characteristic of key person risk is invisibility. Unlike budget risk or delivery risk, single points of failure don't appear on dashboards. They're discovered when they fail. That's what makes a proactive audit so valuable: you're mapping the dependency landscape before a departure forces you to discover it under pressure.
Most organizations don't notice their key person dependencies until someone resigns. There are a few structural reasons for this.
Competence masks fragility. When a person is very good at their job, the process looks smooth. The invoices go out on time. The vendor renewals get handled. The monthly report lands in everyone's inbox. The smoothness obscures the fact that none of it would happen without that one person's tacit knowledge.
Long tenure deepens the dependency. The longer someone has been doing a job, the more accumulated shortcuts, workarounds, and undocumented decisions they carry. A three-year veteran isn't just doing a documented process — they're doing a documented process plus dozens of adjustments they made along the way that never made it into any documentation.
Documentation happens reactively. Most organizations document processes during onboarding or offboarding — meaning the documentation always lags reality. Between those events, the gap between what's written and what's actually happening grows continuously.
There's no forcing function. Talent risk gets discussed because headcount is expensive. Dependency risk doesn't have an obvious budget line. Unless someone is actively looking for it, it doesn't get surfaced.
A key person risk audit doesn't require a consultant or a formal program. It requires a systematic way to look at your operations and ask: what would break, and for how long, if this person were unreachable for two weeks?
Here's a practical approach that works for teams of 10 to 200:
The output is a ranked list: here are our highest-risk process dependencies, and here is what we'd need to do to mitigate each one. That list drives your remediation roadmap.
While every organization is different, certain categories of key person dependency appear repeatedly across operations teams:
Identifying dependencies is the first half. Fixing them is the second. The remediation options are practical and don't require restructuring your team.
1. Document from the person doing the work, not the person managing them. The most accurate process documentation is written by the person who runs the process. Managers observing from above miss the edge cases, the exception handling, and the informal decisions. Shadow documentation — where a second person follows the primary owner through the process once — captures that tacit knowledge far more reliably than asking someone to write a summary. For a deeper guide on building this kind of documentation into your operations, see How to Build an Operations Playbook Your Team Will Use.
2. Require named backup ownership for every recurring task. Every process that appears in your operations should have two names attached to it: a primary owner and a backup. The backup doesn't need to be an expert — they need to be informed enough to run the process and know who to call if something unusual happens. This is a structural change to how work is assigned, not a documentation project.
3. Treat operational documentation as a continuous output, not a project. One-time documentation efforts decay immediately. Within six months, the documented process and the actual process have diverged again. The only way to keep documentation current is to make it a byproduct of doing the work — which means the work structure itself has to generate knowledge, not rely on people remembering to update a wiki. This is the difference between institutional knowledge that survives turnover and documentation that becomes stale.
The goal of key person risk management isn't to make everyone interchangeable — it's to make your operations resilient. You want specialists who are excellent at their roles. You want the processes those specialists run to survive a departure, not their expertise.
That requires a different approach to how operational work is structured. When tasks are assigned with explicit owners, recurring processes run from templates that capture how the work is done, and documents are tied to the work that created them, the knowledge base grows as a byproduct of operations — not as a separate documentation effort that nobody has time for.
Sintris is built around this model. Instead of asking teams to separately document what they do, Sintris captures the structure of how work is assigned, what templates define the process, what documents get produced, and who owns what — continuously, as work happens. When an audit surfaces a dependency, the remediation path is clear: move the process onto a template, assign a backup owner, and let the documentation accumulate through normal operations.
If you're carrying key person dependencies you'd like to close, see how Sintris structures operational knowledge capture — or explore which plan fits your team.
More from the Sintris blog.
When people leave, knowledge shouldn't walk out with them. Here's how to capture day-to-day operational data as a transferable, AI-ready knowledge base.
A well-built operations playbook doesn't live in a forgotten Notion page — it lives inside your team's actual workflow. Here's the framework for building one that sticks.
New on operational intelligence, knowledge, and risk — Monday, Wednesday, and Friday.