Skip to content
Log in

Service-level agreement (SLA)

Definition

A policy or contractual commitment defining how quickly the SOC must perform specific actions (acknowledge, escalate, contain, resolve) for incidents of each severity class. SLA targets are usually expressed as time-to-action from the moment the incident is confirmed.

Related terms

Contact tree
A structured list of individuals and teams to notify during an incident, showing the order of contact and the conditions under which...
Escalation criteria
The documented conditions that require an analyst to transfer an incident to a higher tier or to external stakeholders. Examples include: severity...
Handoff package
The bundle of information an analyst prepares before transferring an incident to a higher tier. Contents include incident ID, timeline, severity, containment...
P1/P2/P3/P4 severity tiers
A common four-level severity classification used in SLA structures. P1 (Critical) carries the shortest time windows; P4 (Low) carries the longest. The...
SLA breach
An instance where a required action was not completed before its SLA timer expired. Each breach is recorded against the incident ticket...

Explained in

  • Escalation Procedures and SLA ManagementA policy or contractual commitment defining how quickly the SOC must perform specific actions (acknowledge, escalate, contain, resolve) for incidents of each s...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account