There are several types of Service Level Agreements that may be found in any organization:
- Service-based SLA – covers the service for all customers of that service. From a security standpoint, a service-based SLA may be applied to general admissions into the building or to ensure the minimal level of awareness and compliance in conducting safe business transactions.
- Customer-based SLA – covers the requirements of a single customer. For security, this may translate into defining special requirements and security relationships with customers of the business, or individual departments within the organization. Departments like Finance and Research and Development may have more stringent requirements for security than Customer Support. Different classifications of information may contribute to different SLAs being applied.
- Multi-level SLA – A three-layer structure for adopting agreements. The levels are corporate, customer, and service. The corporate level covers all generic concerns and requires less frequent changes. Customer level relates to a specific customer or business unit regardless of the service provided, while the service level relates to a specific service for a specific customer.
SLAs should be clear and concise and leave no room for interpretation. They do not define how a service is provided, only the result of the service.
for more information about Information Security, and to be well prepared for your CISM exam – sign up for the CISM exam preparation course:
**For Instant Access, follow these simple steps
1. Go here
2. choose your username and password and create your account
3. confirm your registration, log in and receive your enrollment key to your exam preps instantly upon confirmation of your paypal transaction **