What is the definition for Priority 1 (P1) and Priority (P2) incidents?

592 views8 Comments

CTO in Banking, 51 - 200 employees
It usually comes down to impact and urgency of the incident. 

Depending on the framework: P1 is critical, P2 is high. 


P1 may mean full organisation impact (or entire user / clientbase). 
P2 may mean multiple departments within an organisation (or severe degradation of services).

Managing Director in Software, 1,001 - 5,000 employees
Similar to other respondents here, but this is how I look at it...basically how does the incident affect the business/organization.  
P1 - Urgent/Critical; affecting several users or the full enterprise; or, negatively affecting the ability to transact time-sensitive business that would have substantial bottom-line impact to the business.
P2 - High/Very Important; affecting one or more users that prevents or negatively impacts business operations.  
1 1 Reply
CEO in Software, 11 - 50 employees

Agreed with

CEO in Services (non-Government), 2 - 10 employees
I think the P1 and P2 have been defined very well by my peers. So I am not going to do this again. However, I will add that in most organizations P1 and P2 are treated the same way. They are together called Major Incidences. A Major Change Incident Manager gets involved to manage the changes and do a RCA
Director IT Administration in Education, 501 - 1,000 employees
P1 incidents are the most critical incidents that require immediate action to contain and resolve the issue and prevent further damage or loss.

P2 incidents are significant incidents that require prompt attention to mitigate the risk of data loss or disruption to business operations.

Both P1 and P2 incidents follow established incident management procedures to prioritize resources, coordinate efforts among different teams, and communicate updates to stakeholders until the incident is resolved.
VP of Engineering in Banking, 201 - 500 employees
You can define them pretty much you want based on your context. There is no one-size-fits-all definition.

The classification is usually based on business impact/severity and the urgency of the issue. P1 has higher severity & urgency than P2. In some companies, they can also have P0.
Board Member in Healthcare and Biotech, 1,001 - 5,000 employees
Beyond the classical definitions that have already been provided, let me add a twist.

CEO/Board member impact due to unavailability of any technology service is P1 in most companies, for the rest of the CXOs it could be P2. 

Director of Technology Strategy in Services (non-Government), 2 - 10 employees
An impact/urgency matrix can help give a clear view of this, with the weighting on impact as they both may be as urgent as each other.

A P1 incident affects a large number of users, systems, or services and may result in widespread disruption of business operations.
A P2 incident may affect a smaller number of users, systems, or services, and may result in localized disruption of business operations.

In my experience, people can fixate on the number of users and disregard something that only impacts 3 people.

But if those 3 people are the only 3 doing a specific process, and the process is critical, then it might warrant as a p1. 

Content you might like

Yes, I still use it personally16%

Yes, my organization still uses it32%

Yes, I still use it both personally and professionally14%

No, I've stopped using it14%

No, I've never used it24%



IaC User Data10%

Configuration Framework (Puppet/Chef)44%

Custom Post Provision (AWS SSM)25%

EC2 Image Builder/Packer16%

Other (comment below)3%