Defines the specific responsibilities of the service provider and sets the customer expectations.
Source(s):
CNSSI 4009-2015
A service contract between an FCKMS service provider and an FCKMS service-using organization that defines the level of service to be provided, such as the time to recover from an operational failure or a system compromise.
Source(s):
NIST SP 800-152
under Service Level Agreement (SLA)
Represents a commitment between a service provider and one or more customers and addresses specific aspects of the service, such as responsibilities, details on the type of service, expected performance level (e.g., reliability, acceptable quality, and response times), and requirements for reporting, resolution, and termination.
Source(s):
NIST SP 800-47 Rev. 1
under service-level agreement