SLA policies set the targets. Escalation rules decide what happens when those targets are missed. Misconfigured escalations either let breaches go silent or page the head of support every Saturday morning.
Where escalation lives
Admin, SLA Policies, edit a policy, scroll to “Escalation.” Escalation is configured per SLA target: first response, resolution, or both. You can stack multiple escalation levels with different recipients and time offsets.
The time offsets are relative to the SLA target, not the ticket creation time. “30 minutes before breach” fires 30 minutes before the SLA clock runs out, factoring in business hours.
Three-level pattern that works
Level 1, 30 minutes before breach: notify the assigned agent and their group lead. This is the chance to fix it without manager involvement.
Level 2, at breach: notify the group manager and reassign to a backup agent.
Level 3, 60 minutes after breach: notify the head of support and tag the ticket with escalated. This drives the after-action review.
Skip level 1 and you turn every escalation into a manager problem. Skip level 3 and breached tickets disappear from leadership visibility.
Severity-based rules
Build separate SLA policies per priority. Urgent tickets escalate at 15 minutes pre-breach with a phone call (via Twilio integration). Low priority tickets escalate at breach only, no off-hours notification.
The match rule for urgent SLA: priority is Urgent AND source is Email or API. Phone-channel urgent goes to a different SLA with a five-minute first-response target and an immediate page.
Quiet hours and on-call
Escalation respects business hours by default. If your SLA is 24x7, configure an on-call schedule using a third-party (PagerDuty, Opsgenie) and route the escalation webhook to them. Native Freshdesk on-call rotation is limited to round-robin between named agents, which does not handle weekly rotations cleanly.
For business-hours-only SLAs, escalation pauses outside business hours. A ticket that breaches at 6pm Friday escalates at 9am Monday, not over the weekend. Confirm this matches the customer’s expectation before launch.
Notification fatigue
If three agents and two managers all get every escalation email, the channel becomes noise. Use Slack/Teams routing instead of email for level 1 and 2. Reserve email for level 3 where the audit trail matters.
Tag escalated tickets visibly on the ticket list view with a colored label so agents can prioritize without opening each ticket.
Avoiding loops
Reassigning a ticket on escalation can restart the SLA clock if your SLA policy uses “Time since last assignment” as the trigger. Use “Time since ticket creation” or “Time since first agent assignment” to keep the clock continuous.
Reporting on escalations
Build a weekly report: count of tickets escalated by level, by group, by category. A spike in level 3 escalations signals either a staffing gap or a process failure upstream. Treat the trend, not the individual ticket.
What to do this week
Audit your highest-priority SLA policy. Confirm it has a level 1 escalation 30 minutes pre-breach. If it does not, add one and watch breach rate drop within two weeks.
