Service Level Agreement (SLA)
This Service Level Agreement ("SLA") describes service availability targets, support hours, response targets, maintenance practices, and service credits (if applicable). This SLA is incorporated into and subject to our Terms of Service and any Order / Statement of Work (SOW). If there is a conflict, the SOW prevails.
1. Scope
1.1 Services covered by this SLA
This SLA applies only to the services listed in your Order/SOW, which may include:
- Managed Endpoint Security / Managed EDR (as applicable)
- System & Network Monitoring (as applicable)
- Firewall configuration & hardening (as applicable)
- Compliance reporting deliverables (as applicable)
- Backup & Disaster Recovery (as applicable)
- CyberMark customer portal (if provided)
1.2 Services NOT covered by this SLA
Unless explicitly stated in your Order/SOW, this SLA does not cover:
- Internet/ISP outages, power failures, or customer network failures
- Customer-managed systems, unsupported operating systems, or devices not enrolled/covered
- Third-party vendor outages outside CyberMark's direct control (unless included in service credits under this SLA)
- Incidents caused by customer actions or insecure configurations not managed by CyberMark
- Security incidents on the public internet that do not impact CyberMark's own service delivery platform
Important: Cybersecurity reduces risk; it cannot guarantee prevention of all attacks, breaches, or downtime.
2. Definitions
- Business Hours: Mon–Fri, 9:00am–5:00pm NZT/NZDT (Pacific/Auckland), excluding public holidays in New Zealand.
- Support Request / Ticket: a request logged via support email/helpdesk/portal.
- Response Time: time from ticket creation to first human response from CyberMark support.
- Resolution Time: time from ticket creation to a fix, workaround, or agreed next step (not always possible to guarantee).
- Monthly Uptime Percentage: (Total Minutes in Month − Downtime Minutes) / Total Minutes in Month × 100
- Downtime: total minutes the CyberMark customer portal is unavailable to the Customer due to a service issue within CyberMark's control (excluding SLA exclusions and planned maintenance).
3. Support Channels
Customers can contact CyberMark via:
- Support email: [email protected]
- Helpdesk/portal: [support portal URL]
- Phone (if applicable): [phone number]
4. Support Hours and Coverage
4.1 Standard support
Standard support is provided during Business Hours, unless your plan includes an extended or 24/7 option.
4.2 24/7 monitoring add-on (only if purchased)
If you have purchased 24/7 security monitoring as an add-on, then after-hours monitoring and alert triage apply only as described in your Order/SOW. This does not automatically mean 24/7 "hands-on remediation" unless explicitly included.
5. Severity Levels and Targets
Severity is determined by CyberMark based on impact and urgency.
Severity definitions
- Sev 1 — Critical: Major service outage or security issue significantly impacting service delivery or many endpoints with no workaround.
- Sev 2 — High: Significant degradation or high-risk issue impacting multiple systems; workaround may exist.
- Sev 3 — Medium: Limited impact; non-urgent issue with workaround available.
- Sev 4 — Low: General questions, minor issues, requests, or cosmetic problems.
Response targets (Standard support)
| Severity |
Target first response |
Update frequency target |
| Sev 1 (Critical) |
within 4 business hours |
every 1 business day (or as agreed) |
| Sev 2 (High) |
within 1 business day |
every 2 business days |
| Sev 3 (Medium) |
within 2 business days |
weekly (or as agreed) |
| Sev 4 (Low) |
within 3 business days |
as needed |
Response targets (If 24/7 monitoring add-on is purchased)
| Severity |
Target first response |
Update frequency target |
| Sev 1 (Critical) |
within 2 hours |
every 4–8 hours (as appropriate) |
| Sev 2 (High) |
within 6 hours |
daily |
| Sev 3 (Medium) |
next business day |
weekly (or as agreed) |
| Sev 4 (Low) |
within 2–3 business days |
as needed |
Notes:
- These are targets, not guarantees of resolution time.
- Resolution depends on the issue type, third-party dependencies, and customer responsiveness.
6. Customer Portal Uptime (if provided)
6.1 Uptime target
CyberMark targets 99.5% monthly uptime for the CyberMark customer portal, excluding planned maintenance and SLA exclusions.
6.2 Planned maintenance
Planned maintenance may occur to improve performance and security. We will provide advance notice when reasonably possible:
- Standard maintenance notice: at least 48 hours (where practical)
- Emergency maintenance: may occur with shorter notice to address urgent security or reliability issues
- Preferred window: Sat/Sun 10:00pm–4:00am NZT/NZDT
7. Backup & Disaster Recovery Service Targets (if purchased)
If you purchase Backup & Disaster Recovery, CyberMark will:
- Monitor backup job status (as per plan)
- Investigate failed jobs during support hours (or 24/7 if included)
- Provide restore assistance as per your plan/SOW
Important: Restore outcomes depend on factors including the state of the source system, encryption keys, and data corruption prior to backup completion.
8. Compliance Reporting Service Targets (if purchased)
If you purchase Compliance Reporting, CyberMark will:
- Deliver reports aligned to the framework(s) and scope agreed in your Order/SOW
- Request required inputs and confirm assumptions with you
- Provide a delivery timeline as agreed in writing (email/SOW)
Delays may occur if required information is not provided by the Customer on time.
9. SLA Exclusions
SLA targets and service credits do not apply to issues caused by:
- Customer misconfiguration, unsupported systems, or unmanaged changes
- Customer's ISP, power failure, or local network failure
- Outages or incidents at third-party providers outside CyberMark's reasonable control
- Force majeure events (natural disasters, war, widespread internet failures)
- Scheduled/planned maintenance (as defined above)
- Suspension due to non-payment or breach of Terms
10. Service Credits (portal uptime only, if applicable)
10.1 When credits apply
If the customer portal uptime falls below the monthly target due to issues within CyberMark's control, you may be eligible for service credits.
10.2 Credit schedule
| Monthly uptime |
Service credit |
| ≥ 99.5% |
0% |
| 99.0% – 99.49% |
5% of monthly portal-related fees |
| 98.0% – 98.99% |
10% of monthly portal-related fees |
| < 98.0% |
20% of monthly portal-related fees |
Notes:
- Credits apply only to fees directly related to the portal/service affected (as determined by CyberMark in good faith).
- Credits are applied to a future invoice and are not cash refunds unless required by law.
10.3 How to claim
To claim a credit, you must email [email protected] within 14 days after the end of the month in which the downtime occurred, with:
- Your organisation name
- The month in question
- A brief description of the impact you experienced
10.4 Sole remedy
Service credits under this SLA are your exclusive remedy for portal uptime failures, to the maximum extent permitted by law.
11. Escalation
If you need to escalate an issue:
- Reply to your ticket and request escalation
- Email [email protected] with "Escalation" in the subject
12. Customer Responsibilities that Affect SLA
To help CyberMark meet SLA targets, you agree to:
- Provide at least one technical contact and one backup contact
- Respond to requests for information/approval within a reasonable time
- Maintain supported device/OS requirements and connectivity for managed endpoints
- Ensure CyberMark has the access agreed in your Order/SOW (e.g., agent deployment approval)
13. Changes to this SLA
We may update this SLA from time to time. The updated version will be posted on our website and the "Last updated" date will change. For material changes affecting existing customers, we will provide reasonable notice (where practical).
14. Contact