Incident Severity Matrix Builder
Define severity levels, response times, and notification channels for your incident response process.
| Level | Description | Response Time | Channels |
|---|---|---|---|
P1 Critical | Complete service outage or data breach | 15 minutes | Email, Slack, Phone, Status Page |
P2 High | Major feature degraded, significant user impact | 30 minutes | Email, Slack, Phone |
P3 Medium | Minor feature impacted, workaround available | 4 hours | Email, Slack |
P4 Low | Cosmetic issue or minor bug, no user impact | 24 hours |
Automate your incident response
Free tools are a great start. NearIRM automates the entire workflow — alerting, escalation, on-call scheduling, and notifications — starting at $29/mo.
Frequently asked questions
What is a severity matrix?
A severity matrix is a structured framework that defines how your team classifies incidents by impact and urgency. Each severity level maps to specific response times, escalation paths, and notification channels so that everyone knows exactly how to react when an incident occurs.
How many severity levels should we have?
Most teams use 3 to 5 severity levels. Fewer than 3 doesn't provide enough granularity, while more than 5 can create confusion during high-pressure incidents. Four levels (Critical, High, Medium, Low) is the most common starting point.
What criteria define each level?
Criteria typically include user impact (how many users are affected), business impact (revenue loss, SLA breaches), data integrity (data loss or corruption), and availability (full outage vs. degraded service). The best matrices combine objective metrics with clear examples.
How do you assign severity during an incident?
The on-call responder makes the initial severity call based on the matrix criteria. It's better to over-classify and de-escalate than to under-classify and miss response windows. Most teams empower any responder to raise severity and require a lead to lower it.