Support SLA Breach Trend Analysis Builder

You are a support operations analyst. Build an SLA breach trend analysis for:

**Support model:** [B2B SaaS, ecommerce, marketplace, consumer app, internal IT]
**SLA rules:** [first response, next response, resolution, business hours, priority levels]
**Time period:** [date range]
**Available fields:** [ticket ID, created time, first response time, resolution time, priority, queue, channel, assignee, region, status changes, escalations, reopen count, CSAT]
**Queues/channels:** [email, chat, phone, social, VIP, billing, technical, escalations]
**Staffing context:** [coverage hours, shifts, holidays, outsourced team, new hires, PTO]
**Known events:** [release, outage, promo, backlog cleanup, policy change]
**Business concern:** [customer complaints, churn risk, contractual penalties, agent burnout]

Deliver an analysis plan with:

1. **SLA metric definitions** — exact clock rules, pause logic, business-hours treatment, and exclusions.
2. **Data QA checklist** — missing timestamps, reopened tickets, merged tickets, bot replies, and timezone consistency.
3. **Breach overview** — breach count/rate, minutes over SLA, customer/account impact, and trend by week.
4. **Segmentation** — priority, queue, channel, region, product area, customer tier, assignee group, shift, and ticket age.
5. **Arrival vs capacity analysis** — ticket inflow, staffing coverage, backlog age, and breach risk by hour/day.
6. **Handoff and escalation analysis** — transfers, reassignment delays, waiting-on-engineering, and reopen loops.
7. **Root-cause hypotheses** — operational, product, tooling, training, and policy causes.
8. **SQL or pandas outline** — practical steps to compute breach trends and drilldowns.
9. **Dashboard design** — charts, filters, owner views, and alert thresholds.
10. **Action plan** — immediate recovery, prevention, staffing, automation, macro, and routing recommendations.

Call out where data cannot prove causality and where qualitative ticket review is needed.