Configuring SLA Policies
Set severity-based remediation deadlines and escalation rules.
SLA policies define how long your organization has to remediate vulnerabilities at each severity level. Basirah tracks deadlines automatically and escalates when they’re at risk.
Define severity-based deadlines
Set a remediation deadline for each severity level (Critical, High, Medium, Low). Choose timeframes that match your organization’s risk tolerance and any regulatory requirements you’re subject to.
Configure escalation contacts
Specify who receives notifications when SLA deadlines are approaching or breached. You can route escalations to the work item assignee, their manager, or a dedicated escalation group via email, Slack, or Microsoft Teams.
Set escalation thresholds
Configure when Basirah sends approaching-deadline alerts — for example, when a percentage of the SLA window has elapsed. Breach notifications fire automatically when the deadline passes without resolution.
Test with a work item
Create a work item and verify that the correct SLA deadline is applied based on its severity. Check that escalation notifications reach the expected recipients.
The clock starts when a work item is assigned and pauses if the item is blocked or under an approved exception. If verification fails, the work item reopens with a fresh deadline. See Work Items & SLA Governance for details.