The defect classification is based on a mandate to repair and the breadth of exposure (who knows about the defect).
The Classification-Aware element of the model groups defects into 3 classes.
Critical Defects
These defects are those that must be resolved to be in compliance with regulatory mandates. These are known defects or internal defects that have been triaged/reviewed and found to be a potential compliance concern.
Reported Defects
Defects reported by a customer. These may have been internal defects, but once a customer becomes aware of the defect there would typically be a heighteneddesire to resolve.
Internal Defects
Defects found in areas unrelated to the Story being tested during a sprint
Regression Defects – Previously released functionality that no longer works as before
A defect reported by internal/external stakeholders (non-GR-customer) post-sprint against any item that is merged to master, regardless of whether that item was deployed, behind a feature flag, or exposed to (but not reported by) customers, is an escaped defect.