01Name the live workflows, agents, integrations, approval queues, dashboards, prompts, logs, and environments covered by the service level agreement.
02Define business hours, urgent contact paths, holiday coverage, after-hours limits, and which incidents qualify for emergency response.
03Classify incidents by business impact: stopped workflow, unsafe output, failed integration, approval bottleneck, degraded quality, or non-urgent request.
04Set target first response, investigation update, mitigation, fix, and owner-review expectations for each severity level.
05Name who can pause an agent, disable an action, lower permissions, switch to manual fallback, or require extra review after an incident.
06Separate included tuning from billable changes such as new integrations, new workflows, permission expansion, reporting changes, and scope growth.
07Require regular reporting on incidents, support effort, correction patterns, quality, exception rate, cost, uptime, adoption, and ROI.