Skip to content
Log in

Contact tree

Definition

A structured list of individuals and teams to notify during an incident, showing the order of contact and the conditions under which each person or group is activated. Also called an escalation tree or call tree. Must be kept current; stale contact trees are a common cause of delayed escalation.

Related terms

Escalation criteria
The documented conditions that require an analyst to transfer an incident to a higher tier or to external stakeholders. Examples include: severity...
Handoff package
The bundle of information an analyst prepares before transferring an incident to a higher tier. Contents include incident ID, timeline, severity, containment...
P1/P2/P3/P4 severity tiers
A common four-level severity classification used in SLA structures. P1 (Critical) carries the shortest time windows; P4 (Low) carries the longest. The...
Service-level agreement (SLA)
A policy or contractual commitment defining how quickly the SOC must perform specific actions (acknowledge, escalate, contain, resolve) for incidents of each...
SLA breach
An instance where a required action was not completed before its SLA timer expired. Each breach is recorded against the incident ticket...

Explained in

  • Escalation Procedures and SLA ManagementA structured list of individuals and teams to notify during an incident, showing the order of contact and the conditions under which each person or group is ac...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account