Application Risk-Tiering guide
Tier | Criteria | ADR policy |
Tier 1 — Critical | Revenue-generating, customer-facing, handles PII/PCI/PHI, regulatory scope | Block mode (after validation). All alerts → SIEM. Highest SLA. |
Tier 2 — Important | Internal apps with sensitive data, partner-facing, support critical processes | Monitor mode initially → Block after validation. High-severity alerts → SIEM. |
Tier 3 — Standard | Internal tools, low-sensitivity data, limited blast radius | Monitor mode. Critical alerts only → SIEM. |