This SLA Agreement (January 2024)
This Service Level Agreement (SLA) is made by CoreRecon (“Service Provider”) for the provision of cybersecurity services to [Client’s Name] (“Client”), effective as of [Effective Date]. This SLA outlines the scope of cybersecurity services, performance metrics, response times, and mutual responsibilities to ensure the protection of the Client’s digital infrastructure and data.
1. Scope of Cybersecurity Services
CoreRecon commits to providing the following services under the terms of this SLA:
- 24/7 monitoring and threat detection
- Rapid incident response and recovery
- Regular vulnerability assessments and remediation planning
- Application and network security services
- Compliance management and advisory
- Cybersecurity training and awareness programs
2. Service Availability and Reliability
- CoreRecon guarantees a service availability of 99.9%, excluding planned maintenance windows, which will be communicated to the Client in advance.
- Maintenance activities are scheduled during the least impactful hours to the Client’s operations, with prior notification of at least 48 hours.
3. Incident Response Times
CoreRecon classifies incidents based on severity levels and commits to the following response and resolution times:
- Critical Severity (Severity 1): Response within 1 hour, aim to resolve within 4 hours.
- High Severity (Severity 2): Response within 4 hours, aim to resolve within 24 hours.
- Medium Severity (Severity 3): Response within 24 hours, aim to resolve within 3 business days.
- Low Severity (Severity 4): Response within 48 hours, aim to resolve within 5 business days.
4. Performance Metrics
CoreRecon adheres to the following performance metrics:
- Incident detection and response accuracy: 98% accuracy rate
- Recovery time objective (RTO) for critical systems: 4 hours
- System uptime commitment: 99.9%, excluding scheduled maintenance
5. Reporting and Communication
- CoreRecon provides monthly security reports detailing incident logs, system updates, vulnerability assessments, and actionable insights.
- Immediate notification to the Client in case of critical incidents, with ongoing updates until resolution.
6. Confidentiality and Data Security
- CoreRecon upholds strict confidentiality and data security policies, ensuring the protection of the Client’s data in compliance with applicable regulations and standards.
7. Review and Adjustments
- This SLA is subject to annual review or as agreed upon by both parties to adapt to changing requirements or service improvements.
- Adjustments to this SLA require written consent from both CoreRecon and the Client.
8. SLA Breaches and Remedies
- In case of failure to meet the agreed-upon service levels, CoreRecon will provide service credits or other compensation, detailed in an annexed schedule or as follows in the MSA or terms of conditions.
- The remedies for specific breaches will be outlined in a compensatory clause within the MSA agreement and depending on the client’s needs and follow-throughs, will determine the responsibility of each party.
9. Termination
- This SLA may be terminated by either party with written notice of 60 days in advance if service levels are consistently not met, subject to the terms defined in the Master Services Agreement (MSA).
10. Governing Law
This SLA and any disputes arising from it are governed by the laws of the State of Texas.