Time
1 hour 4 minutes
Difficulty
Advanced
CEU/CPE
1

Video Transcription

00:00
in this lesson, we'll talk about defining deadlines in relation to incidents, severity,
00:06
creating as L A's or service level agreements
00:09
and meeting and reporting on performance against s Always
00:14
when a severity one incident is declared in what time frame does the incident need to be resolved?
00:23
The answer is it depends and it will differ for each organization.
00:28
Case management requires that expected time to resolution for each level of incident be defined and understood by all stakeholders.
00:37
If a severity one incident has no defined resolution time, there is no way for practitioners to know when they need to fix an issue.
00:46
If a severity one incident has no defined resolution time, there is no way for practitioners to know by when they need to fix an issue.
00:55
S L A's or service level agreements our commitments to specified performance indicators.
01:00
For example, an S L. A. For a priority. One incident, maybe an agreement to have incidents off this level resolved within one hour of being reported
01:11
so a priority to incident may have an agreed time to resolution of four hours.
01:18
An example matrix for SLS is shown here,
01:21
having well defined and agreed upon metrics for the resolution of cases is useful in terms of having events and incidents remediated in a timely manner.
01:30
Statistics such as meantime to resolution MTT are, among others, should be recorded for each case so that analysis can be performed and performance against SL is measured to determine where there may be room for improvement in the case management process.
01:47
What is MTT are
01:52
MTT up is meantime to resolution, which is an important metric in enterprise security case management.
01:57
In this lesson, we covered defining deadlines in relation to incidents, severity,
02:04
creating s always or service level agreements, as well as meeting and reporting on performance against a size.

Up Next

Enterprise Security Case Management

In this online course about Enterprise Security Case Management, you will learn about tools and techniques which help cybersecurity practitioners manage evidence and related case data to preserve their integrity.

Instructed By

Instructor Profile Image
Seth Enoka
Consultant
Instructor