SLA for Security Vulnerabilities

Issues (which could be security vulnerabilities) are defined with a severity rating of 1-4, with 1 being the most critical.  The time limit is based on how quickly the issues are attended to. They are as follows: 

Severity Level 1

 24 hours or less

Severity Level 2

10 days or less

Severity Level 3

< 30 days or less

Severity Level 4

no specification as these are considered minor