Skip to content
Log in

P1/P2/P3/P4 severity tiers

Definition

A common four-level severity classification used in SLA structures. P1 (Critical) carries the shortest time windows; P4 (Low) carries the longest. The exact definitions of each tier, and the SLA targets attached to them, vary by organisation but must be documented in the IR plan.

Related terms

Contact tree
A structured list of individuals and teams to notify during an incident, showing the order of contact and the conditions under which...
Escalation criteria
The documented conditions that require an analyst to transfer an incident to a higher tier or to external stakeholders. Examples include: severity...
Handoff package
The bundle of information an analyst prepares before transferring an incident to a higher tier. Contents include incident ID, timeline, severity, containment...
Service-level agreement (SLA)
A policy or contractual commitment defining how quickly the SOC must perform specific actions (acknowledge, escalate, contain, resolve) for incidents of each...
SLA breach
An instance where a required action was not completed before its SLA timer expired. Each breach is recorded against the incident ticket...

Explained in

  • Escalation Procedures and SLA ManagementA common four-level severity classification used in SLA structures. P1 (Critical) carries the shortest time windows; P4 (Low) carries the longest. The exact de...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account