Paging became a category because DevOps broke the old deal
At 02:17, Maya gets paged for Checkout 5xx over the burn-rate threshold. The deploy dashboard is green, synthetic tests are still passing, and the first human hint of trouble is a payment support agent typing, "Cards are timing out again" into the incident room.
Maya is not surprised that a system woke her up. She is surprised that it knew she was the right person, that it waited three minutes for an acknowledgement, that it escalated to Leon when she missed the first call, and that the incident record already has the service, runbook, and dependency graph attached.
That is the part people misread about on-call alerting. Sending a loud notification was never the hard business. The hard business was turning production ownership into something enforceable at 3 a.m., when nobody wants to admit the service they shipped is now a customer-facing emergency.
The category was created because DevOps changed who owned production faster than companies changed how they found the owner during a failure. Incident management became a market when the old operations deal collapsed: one central team could no longer absorb every page, and product teams could no longer pretend their code stopped being theirs after merge.
DevOps made ownership local, but failure stayed global
In the old model, the operations team ran the machines, guarded the deploy window, and took the first punch when something broke. It was slow, political, and full of handoffs, but the failure path was legible. If the database fell over at midnight, everyone knew which team would be awake.
Then the Cart team owned Cart, the Payments team owned Payments, and the Search team owned Search. That was the right direction. The people who understood the code needed to own the consequences of running it.
But a checkout outage does not respect org charts. At 04:06, the Inventory service starts returning stale availability after a cache migration. Checkout latency spikes, Payments sees retries, Support gets refund complaints, and the executive dashboard turns red. Which team is on call: Inventory, Checkout, Platform, or the poor engineer who last touched the deploy pipeline?
This is the ownership routing problem. DevOps pushed accountability to service teams, but accountability without a live routing table is just a value statement. The category formed around a boring but decisive question: when this symptom fires, which human is actually responsible for the next ten minutes?
That is why reliability tools in this space were never only alert senders. They became maps between services, schedules, escalation policies, runbooks, dependencies, and incident roles. The valuable object was not the notification; it was the binding between production reality and human obligation.
Email alerts failed because they had no consequences
Every company has a fossil layer of alerting before it gets serious. A shared mailbox called production-alerts. A chat room where disk warnings scroll by all day. A wiki page listing "primary" and "backup" engineers that was accurate for about nine working days.
The Search team at a mid-sized retailer had a latency alert that fired every night during reindexing. It went to a shared inbox. Priya filtered it after the third week, Ben assumed Priya was watching it, and the engineering manager only noticed the pattern after conversion dipped during a holiday campaign.
The problem was not alert fatigue in the abstract. The problem was consequence-free notification. An alert that does not require acknowledgement, does not escalate, and does not create a visible record is not an operational signal. It is a suggestion.
On-call alerting became its own category when teams accepted that alerts need teeth. A page says, "A customer-impacting condition exists, and the company is now asking this named person to respond." If that person cannot respond, the obligation moves. That movement is the product.
This is also why naive in-house paging scripts age badly. The first version sends a text. The second version adds retries. The third version needs overrides for vacations, audit trails for missed acknowledgements, escalation chains for executives, maintenance windows, service ownership, and reports that explain why the Database team is getting destroyed every Tuesday.
You can write the first version in an afternoon. You inherit the rest for years.
Incident management starts after the wake-up
Many teams buy or build on-call alerting because nobody answered the last critical alarm. Six months later, they discover that waking someone up was the clean part. The messy part begins when three teams join, nobody knows who is incident commander, Support is asking what to tell customers, and the first status update is already late.
At 09:41 on a Monday, the Identity service starts rejecting valid sessions after a certificate rotation. The first page goes to Identity, then Platform joins because the rotation job is theirs, then the Mobile team joins because users think the app is broken. The incident room has twelve engineers and no decisions.
This is where incident management separated from plain alerting. Once a page is acknowledged, the system needs to preserve context, assign roles, track decisions, timestamp customer impact, and keep stakeholders from interrupting the people doing diagnosis. Without that structure, the loudest person becomes incident commander by accident.
The common mistake is treating incident management as a documentation layer. It is not. It is a control surface for attention during a scarce-attention event.
A good incident record answers questions the responders cannot afford to answer repeatedly. What changed? Who owns the next action? Has customer communication gone out? Are we mitigating or still diagnosing? What will we say if the CFO asks whether revenue is affected?
The category expanded because outages are not only technical failures. They are coordination failures under time pressure, with executives, support leaders, account managers, and engineers all competing for the same narrow channel of truth. The tooling followed the social shape of the outage.
The category survived because it exposes management debt
The counterintuitive part is that mature on-call systems often make reliability look worse before they make it better. Missed acknowledgements become visible. No-owner services stop hiding. The engineer who has been quietly absorbing half the company’s pages shows up in the data.
Managers sometimes call this noise. It is not noise. It is the bill for an operating model that was being paid with favors, memory, and heroics.
One platform lead I worked with insisted their Kubernetes cluster had "shared ownership." In practice, shared ownership meant Nina got paged for every node pressure incident because she knew where the bodies were buried. Once the schedule and escalation reports made that visible, the debate changed from "Nina is amazing" to "Why does one engineer hold the production memory for five teams?"
This is why leaders resist the data even when they asked for it. On-call reports turn staffing gaps, unclear service boundaries, and bad architecture into names and timestamps. They make it harder to run reliability as vibes.
That exposure is the real reason the category matters to DevOps. DevOps promised that teams would own what they run. On-call and incident management systems provide the receipt. If ownership is fake, the pages prove it.
The implication is uncomfortable for CTOs and engineering managers: buying reliability tools will not create production ownership where the org refuses to define it. The tools can enforce the contract, display the violations, and reduce the coordination tax. They cannot decide which team owns the orphaned billing reconciler that only breaks on month-end close.
Final thoughts
The paging category was not created because engineers needed a louder alarm clock. It was created because distributed ownership needs machinery, and the old combination of goodwill, shared inboxes, and tribal memory could not survive DevOps at scale.
If your production system cannot name the accountable human during failure, you do not have ownership. You have architecture with wishes attached.