Found under Settings → Organization → SLA Policies, this section defines how long your organization has to investigate and resolve incidents by severity before triggering SLA alerts.
Overview
The SLA Policies page allows administrators to define time-based remediation goals for each incident severity level:
Critical, High, Medium, and Low.
These service-level agreements determine how long your team has to close an incident before it is considered out of compliance. Each policy entry defines:
- Severity: The classification of the incident.
- Days to Remediate: The number of calendar days allowed to contain or resolve incidents of that severity.
Default values:
| Severity | Default Remediation Window |
|---|---|
| Critical | 30 days |
| High | 90 days |
| Medium | 180 days |
| Low | 365 days |
How It Works
When a new incident is created, Scout automatically applies an SLA policy based on its assigned severity. The system calculates a due date by adding the defined remediation window to the incident’s creation timestamp.
For example:
A High severity incident created on November 1 with a 90-day SLA will breach on January 30 if it remains unresolved.
If an incident is still open after its SLA due date, it transitions to a breached status and is flagged within dashboards and reports for visibility.
Why It Matters
SLA policies ensure your organization responds to incidents consistently and within defined timelines. They provide measurable benchmarks for accountability, reporting, and compliance tracking.
Strong SLA adherence helps your team:
- Prioritize resources toward the most critical issues
- Maintain consistency in response performance
- Meet obligations in frameworks like SOC 2, ISO 27001, or FedRAMP
- Demonstrate operational maturity during audits or assessments
Tips and Best Practices
- Tailor SLA durations to your organization’s risk tolerance and team size.
- Use shorter windows for Critical and High incidents to encourage faster response.
- Track compliance on the Dashboard → Critical Incident Resolution card.
- Periodically review SLA effectiveness and adjust policies as your response capabilities evolve.
- All changes are logged in the Audit Log for traceability and compliance documentation.
SLA policies apply automatically to new incidents. Adjusting a policy will not retroactively change due dates for existing incidents.