Increasing the capacity of governments to learn from harmful events, such as for instance pandemics, hurricanes, terrorist attacks or large scale accidents, is of importance for civil security and organizational safety (Stern, 1997; Deverell, 2010). A frequently used strategy by governments and public organizations in this regard is to launch a crisis investigation after an event. This chapter deals with such forms of investigations and especially the importance of organizing structures for post hoc crisis investigations. The chapter argues that a lack of structured arrangements regarding post hoc crisis investigations will have negative effects on organizational and governmental lesson drawing from crises, and thus on long term EU civil security. We depart from the premise that taking structured and deliberate steps after crisis events to restore legitimacy and to make sure that historic mistakes are not repeated is an important part of civil security governance (cf. Sulitzeanu-Kenan and Holzman-Gazit, 2013). At the same time, civil security governance can also be seen as a problem for learning. Civil security governance involves a wide variety of actors and confronts ambiguous policy problems and fuzzy boundaries. As such it tends to work against systemization and standardized organisational processes required for effective post hoc crisis investigations.