What is an SLA in IT support
In this guide & where to go next
Part of the Managed IT Services in Canada series. Related: What Is Patch ManagementQuestions To Ask A Managed It Provider
Want it handled? IT Cares — hands-on managed IT across Canada.
An SLA (service-level agreement) in IT support is a documented contract that defines the specific, measurable service levels a provider commits to — such as response times, resolution targets, uptime guarantees, and support hours. It sets clear expectations and accountability between you and your IT provider, so "fast support" becomes a defined obligation rather than a vague promise.
What an SLA actually defines
An SLA turns intentions into measurable commitments. A well-written IT support SLA typically specifies:
- Response time — how quickly the provider acknowledges a new issue, usually tiered by severity.
- Resolution time — the target window to actually fix or restore service.
- Uptime / availability — guaranteed system or service availability, often expressed as a percentage like 99.9%.
- Support hours and coverage — business hours, extended, or true 24/7.
- Escalation paths — how unresolved issues move up to senior staff.
By putting numbers to each, an SLA removes ambiguity. Both sides know exactly what "good service" means and how it will be measured.
Response time versus resolution time
One of the most common points of confusion is the difference between response and resolution. They are not the same, and conflating them leads to disappointment.
Response time is how long until someone acknowledges your issue and begins working on it. Resolution time is how long until the problem is actually fixed. A provider might guarantee a 15-minute response to a critical outage but a multi-hour resolution target, because complex problems take time to diagnose and repair.
When reviewing an SLA, confirm both metrics are defined and understand that resolution targets are usually "best-effort" estimates for complex issues rather than hard guarantees. A provider that only commits to response time, with nothing about resolution, is offering less than it appears.
Severity tiers and prioritization
Not every issue deserves the same urgency, and good SLAs reflect that through severity tiers. A typical structure looks like this:
- Critical / P1 — a full outage or business-stopping issue (e.g., servers down, no one can work). Fastest response.
- High / P2 — major impairment affecting many users but with a workaround.
- Medium / P3 — a problem affecting a single user or a non-urgent function.
- Low / P4 — minor requests, questions, or scheduled changes.
Each tier carries its own response and resolution targets. This ensures that a company-wide outage jumps the queue ahead of a single password reset, allocating the provider's attention where business impact is greatest.
Penalties, exclusions, and reporting
A meaningful SLA also defines what happens when targets are missed and what falls outside the agreement.
- Penalties or service credits — many SLAs offer credits if the provider repeatedly misses targets, giving them real accountability.
- Exclusions — events outside the provider's control, such as third-party outages or issues caused by unsupported client changes, are typically excluded.
- Reporting — regular reports showing actual performance against SLA targets let you verify you are getting what you pay for.
Always read the exclusions carefully. An SLA with impressive headline numbers but sweeping exclusions or no reporting mechanism offers little real protection. The strongest SLAs pair clear targets with transparent reporting and genuine consequences.
FAQ
What does SLA stand for in IT support?
SLA stands for service-level agreement. It is a documented contract between you and your IT provider that defines specific, measurable service commitments — such as response times, resolution targets, uptime guarantees, and support hours — along with how performance is measured and what happens if the provider falls short.
What is a good SLA response time?
It depends on severity. For a critical, business-stopping outage, a strong SLA often guarantees response within 15 to 60 minutes. Lower-priority issues may have response targets of several hours or the next business day. What matters most is that the targets are defined per severity tier and match your business needs.
Is response time the same as resolution time?
No. Response time is how quickly the provider acknowledges and begins working on your issue, while resolution time is how long until it is actually fixed. Complex problems can have a fast response but a longer resolution target. A good SLA defines both so expectations are clear on each.
What happens if a provider misses its SLA?
Many SLAs include penalties or service credits when targets are repeatedly missed, giving the provider real accountability. The agreement should also define exclusions for events outside the provider's control. Reviewing these terms, along with regular performance reporting, ensures the SLA offers genuine protection rather than just impressive-sounding numbers.