A concise, practical guide for classifying product defects.
In addition to Priority (P0โP4)โwhich determines when we fix an issueโwe also use Severity (A/B/C) to express the defectโs impact on users and the system. Using both helps the team triage quickly and consistently.
- Why Severity and Priority?
- Definitions at a Glance
- Severity Levels
- How Severity Maps to Priority
- How to Choose Quickly (Rubric)
- Severity = Impact (how bad the problem is for users/system)
- Priority = Urgency (how soon we should fix it)
In practice, we use both: high-severity issues tend to receive higher priority, but not always (e.g., a severe bug in a rarely used, temporarily disabled feature might not be P0).
- Severity (A/B/C): Ranges from system-level failures and security risks (A) to visual/wording issues (C).
- Priority (P0โP4): Scheduling lever from โfix immediatelyโ (P0) to โnice to haveโ (P4).
Severe, system-level impact or security risk. Requires immediate attention to avoid major business impact.
Definition
- Severely disrupts normal product use
- Causes support escalations or security exposure
- Must be fixed immediately
Examples
- Authentication bypass allows entry without valid credentials
- Payment completes but is not recorded, creating financial risk
- API responds with sensitive personal data (e.g., credit card data leakage)
- System crashes under sustained load, blocking all users
Functional deviations that disrupt key workflows but have workarounds; notable performance degradations.
Definition
- Feature does not behave as expected
- Affects primary business flows; workaround or manual steps exist
- Includes performance issues impacting user experience
Examples
- Filters apply but results are incorrect, forcing manual verification
- Reservation list takes >20 seconds to load, delaying operations
- Branch management page shows incorrect info until refresh
- Export occasionally fails and requires multiple retries
UI or wording issues that do not affect core functionality or business decisions.
Definition
- Localized UI or copy inconsistencies
- Does not impact core function or cause misinterpretation
- Optimization-level; can be scheduled later
Examples
- โSubmittingโฆโ label persists briefly though the action succeeded
- Typo in modal title: โConfimโ instead of โConfirmโ
- Card color/style deviates from design spec
- Long branch names truncate visually but remain clickable
This table shows common pairings. Product/engineering may adjust based on context, release stage, customer commitments, and risk.
| Severity | Definition | Typical Priority | Examples |
|---|---|---|---|
| ๐ด A (Critical) | System-breaking, security, or data integrity issues | P0 / P1 | System crashes, payment loss, security holes |
| ๐ก B (Serious) | Major functional deviation or performance degradation with workaround | P1 / P2 | Wrong filter results, slow loads, export flakiness |
| ๐ต C (Non-critical) | UI/copy defects; no functional impact | P3 / P4 | Typos, style mismatches, truncated text |
- Does it block all users or expose data/security? โ Severity A
- Does it break a key flow but has a viable workaround? โ Severity B
- Is functionally OK but visually or copy-wise off? โ Severity C
When uncertain, escalate one level during triage and adjust after impact verification.