A service level agreement (SLA) is a formally defined level of service provided by an organization. Within the context of security management, SLAs may be defined for many activities, including:
Security incident response.
A security team may be required to mobilize within a stated period of time when a security incident has been called.
Security alert delivery
Security alerts, which may be bulletins of threats or vulnerabilities, may need to be delivered to recipients within a stated period of time.
A security investigator may be required to respond to a call for assistance within a stated period of time.
Policy and procedure review.
A security team may be required to periodically review policies, procedures, and other documents at regular intervals. SLAs can be defined for other tactical activities performed by security management and staff.
Published on Wed 02 March 2016 by Derek Packard in Security with tag(s): roles responsibilities