I’m torn between 45-60 min deep checks per request (docs, usage history, quick calls) and pushing faster with a strict checklist so folks aren’t waiting weeks; if the queue triples, which model actually holds up? If you’ve tried both, did rapid approvals bite you later, or did deep dives just stall legit projects?
Do a 15-min risk triage (owner keys, upgradeability, recent deploys, usage spikes) and save the 45-60 min deep dive for yellow/red; pair it with a 7-day probation and auto-revoke triggers so speed doesn’t bake in long-tail risk. When our queue tripled this kept median under 24h and the few reversals came from probation alerts, not user reports.
When our queue tripled, a 12-15 min triage plus a 7‑day probation held up: about 20% got escalated to deep dives and median turnaround dropped from 4.5 days to 8 hours. Rapid approvals only stung us once - a proxy could flip fee params; a watcher on owner/implementation changes and 24h volume spikes caught it and we revoked in 31 minutes. If you go this route, pre‑commit revoke triggers and comms upfront - do you already track signer rotation and upgrade events?