authorityrail.com / trust / incident-response
// Trust Center

Incident Response Framework

AuthorityRail's operational doctrine: Detection → Classification → Communication → Recovery. The same SEV ladder used internally is published here so customers and auditors can verify alignment with the response actions they observe.

Last revised: 2026-05-17 · Version v1.0

Severity ladder

SEVDefinitionCustomer notification SLARCA SLA
SEV-1Core execution authority surface broken or compromised. Mass DENY, signing failure, security incident with customer data exposure.< 1 hour5 business days
SEV-2Single non-gate service down with degraded impact, or sustained gate performance degradation. Partial outage.< 4 hours10 business days
SEV-3Single-customer impact, minor degradation, non-customer-facing internal issue.< 24 hours (direct)Internal log; published only if customer requests
SEV-4Cosmetic, minor, no customer impact.Monthly summary if relevantNone

How customers are notified

Detection layer

Recovery layer — runbooks

Five critical runbooks are maintained against the highest-impact failure modes:

Disaster recovery

Supabase Point-In-Time Recovery (PITR) targeted for activation per Sprint Closure #5 (Pro tier upgrade pending). Restore drill documented in docs/operations/disaster-recovery/supabase-pitr-restore-drill-2026-05-17.md.

Until PITR activation: Supabase managed backups on the AR-managed project. Multi-region active-active deployment is sequenced for Q1 2027 per the operational maturity gap analysis.

Postmortem doctrine

Every postmortem is blameless. The single on-call (today: Sammy Jones, founder) is one person; the goal is to make the system harder to break next time, not to assign fault. Postmortems use the canonical template at docs/operations/incident-response/rca-template.md.

Status page state mapping

Related documents

This page describes AuthorityRail's incident response framework. The internal operational doctrine is maintained at docs/operations/incident-response/ in the AuthorityRail repository. The two are kept in sync; this page is the canonical public version.