Reduce Risk With Rock-Solid Service-Level Agreements

Hold Service Providers more accountable to their contractual obligations with meaningful SLA components & remedies

EXECUTIVE BRIEF

Analyst Perspective

Reduce Risk With Rock-Solid Service-Level Agreements

Every year organizations outsource more and more IT infrastructure to the cloud, and IT operations to managed service providers. This increase in outsourcing presents an increase in risk to the CIO to save on IT spend through outsourcing while maintaining required and expected service levels to internal customers and the organization. Ensuring that the service provider constantly meets their obligations so that the CIO can meet their obligation to the organization can be a constant challenge. This brings forth the importance of the Service Level Agreement.

Research clearly indicates that there is a general lack of knowledge when comes to understanding the key elements of a Service Level Agreement (SLA). Even less understanding of the importance of the components of Service Levels and the Service Level Objectives (SLO) that service provider needs to meet so that the outsourced service consistently meets requirements of the organization. Most service providers are very good at providing the contracted service and they all are very good at presenting SLOs that are easy to meet with very few or no ramifications if they don’t meet their objectives. IT leaders need to be more resolute in only accepting SLOs that are meaningful to their requirements and have meaningful, proactive reporting and associated remedies to hold service providers accountable to their obligations.

Ted Walker

Principal Research Director, Vendor Practice

Info-Tech Research Group

Executive Brief

Vendors provide service level commitments to customers in contracts to show a level of trust, performance, availability, security, and responsiveness in an effort create a sense of confidence that their service or platform will meet your organization’s requirements and expectations. Sifting through these promises can be challenging for many IT Leaders. Customers struggle to understand and evaluate what’s in the SLA – are they meaningful and protect your investment? Not understanding the details of SLAs applicable to various types of Service (SaaS, MSP, Service Desk, DR, ISP) can lead to financial and compliance risk for the organization as well as poor customer satisfaction.

This project will provide IT leadership the knowledge & tools that will allow them to:

• Understand what SLAs are and why they need them.
• Develop standard SLAs that meet the organization’s requirements.
• Negotiate meaningful remedies aligned to Service Levels metrics or KPIs.
• Create SLA monitoring & reporting and remedies requirements to hold the provider accountable.

This research:

1. Is designed for:
• The CIO or CFO who needs to better understand their provider’s SLAs.
• The CIO or BU that could benefit from improved service levels.
• Vendor management who needs to standardize SLAs for the organization IT leadership that needs consistent service levels to the business
• The contract manager who needs a better understanding of contact SLAs
2. Will help you:
• Understand what a Service Level Agreement is and what it’s for
• Learn what the components are of an SLA and why you need them
• Create a checklist of required SLA elements for your organization
• Develop standard SLA template requirements for various service types
• Learn the importance of SLA management to hold providers accountable
3. Will also assist:
   • Vendor management
   • Procurement and sourcing
   • Organizations that need to understand SLAs within contract language
   • With creating standardized monitoring & reporting requirements
   • Organizations get better position remedies & credits to hold vendors accountable to their commitments

Reduce Risk With Rock-Solid Service-Level Agreements (SLAs)

Hold service providers more accountable to their contractual obligations with meaningful SLA components and remedies

The Problem

IT Leadership doesn't know how to evaluate an SLA.

Misunderstanding of obligations given the type of service provided (SAAS, IAAS, DR/BCP, Service Desk)

Expectations not being met, leading to poor service from the provider.

No way to hold provider accountable.

Why it matters

SLAS are designed to ensure that outsourced IT services meet the requirements and expectations of the organization. Well-written SLAs with all the required elements, metrics, and remedies will allow IT departments to provide the service levels to their customer and avoid financial and contractual risk to the organization.

The Solution

1. Understand the key service elements within an SLA
• Develop a solid understanding of the key elements within an SLA and why they're important.
2. Establish requirements to create SLA criteria
• Prioritize contractual services and establish concise SLA checklists and performance metrics.
3. Manage SLA obligations to ensure commitments are met
   • Review the five steps for effective SLA management to track provider performance and deal with chronic issues.

Service types

• Availability/Uptime
• Response Times
• Resolution Time
• Accuracy
• First-Call Resolution

Agreement Types

• SaaS/IaaS
• Service Desk
• MSP
• Co-Location
• DR/BCP
• Security Ops

Performance Metrics

• Reporting
• Remedies & Credits
• Monitoring
• Exclusion

Example SaaS Provider

• Response Times ✓
• Availability/Uptime ✓
• Resolution Time ✓
• Update Times ✓
• Coverage Time ✓
• Monitoring ✓
• Reporting ✓
• Remedies/Credits ✓

SLA Management Framework

1. SLO Monitoring
• SLOs must be monitored by the provider, otherwise they can't be measured.
2. Concise Reporting
• This is the key element for the provider to validate their performance.
3. Attainment Tracking
• Capturing SLO metric attainment provides performance trending for each provider.
4. Score carding
• Tracking details provide input into overall vendor performance ratings.
5. Remedy Reconciliation
   • From SLO tracking, missed SLOs and associated credits needs to be actioned and consumed.

Executive Summary

Your Challenge

To understand which SLAs are required for your organization and how they can differ depending on the service type. In addition, these other challenges can also cloud your knowledge of SLAs

• No standardized SLA documents, Service levels, or metrics
• Dealing with lost productivity & revenue due to persistent downtime
• Understanding SLA components and what service levels are requires for a particular service
• How to manage the SLA and hold the vendor accountable

Common Obstacles

There are several unknowns that SLA can present to different departments within the organization:

• Little knowledge of what service levels are required
• Not knowing SLO standards for a service type
• Lack of resources to manage vendor obligations
• Negotiating required metrics/KPIs with the provider
• Low understanding of the risk that poor SLAs can present to the organization

Info-Tech's Approach

Info-Tech has a three-step approach to effective SLAs

• Understand the elements of an SLA
• Create Requirements for your organization
• Manage the SLA obligations

There are some basic components that every SLA should have – most don’t have half of what is required

Info-Tech Insight

SLAs need to have clear, easy to measure objectives to meet your expectations and service level requirements, including meaningful reporting and remedies to hold the provider accountable to their obligations.

Your challenge

This research is designed to help organizations gain a better understanding of what an SLA is, understand the importance of SLAs in IT contracts, and ensure organizations are provided with rock-solid SLAs that meet their requirements and not just what the vendor wants to provide.

• Vendors can make SLAs weak and difficult to understand; sometimes the metrics are meaningless. Not fully understanding what makes up a good SLA can bring unknown risks to the organization.
• Managing vendor SLA obligations effectively is important. Are adequate resources available? Does the vendor provide manual vs. automated processes and which do you need? Is the process proactive from the vendor or reactive from the customer?

SLAs come in many variations and for many service types. Understanding what needs to be in them is one of the keys to reducing risk to your organization.

“One of the biggest mistakes an IT leader can make is ignoring the ‘A’ in SLA,” adds Wendy M. Pfeiffer, CIO at Nutanix. “

An agreement isn’t a one-sided declaration of IT capabilities, nor is it a one-sided demand of business requirements,” she says. “An agreement involves creating a shared understanding of desired service delivery and quality, calculating costs related to expectations, and then agreeing to outcomes in exchange for investment.” (15 SLA mistakes IT leaders still make | CIO)

Common obstacles

There are typically a lot of unknowns when it comes to SLAs and how to manage them.

Most organizations don’t have a full understanding of what SLAs they require and how to ensure they are met by the vendor. Other obstacles that SLAs can present are:

• Inadequate resources to create and manage SLAs
• Poor awareness of standard or required SLA metrics/KPIs
• Lack of knowledge about each provider’s commitment as well as your obligations
• Low vendor willingness to provide or negotiate meaningful SLAs and credits
• The know-how or resources to effectively monitor and manage the SLA’s performance

SLAs need to address your requirements

55% of businesses do not find all of their service desk metrics useful or valuable (Freshservice.com)

27% of businesses spend four to seven hours a month collating metric reports (Freshservice.com)

Executive Summary

Info-Tech’s Approach

• Understand the elements of an SLA
  • Availability
  • Monitoring
  • Response Times
  • SLO Calculation
  • Resolution Time
  • Reporting
  • Milestones
  • Exclusions
  • Accuracy
  • Remedies & Credits
• Create standard SLA requirements and criteria
  • SLA Element Checklist
  • Corporate Requirements and Standards
  • SLA Templates and Policy
• Effectively Manage the SLA Obligations
  • SLA Management Framework
    • SLO Monitoring
    • Concise Reporting
    • Attainment Tracking
    • Score Carding
    • Remedy Reconciliation

Info-Tech’s three phase approach

Reduce Risk With Rock-Solid Service-Level Agreements

Phase 1

Understand SLA Elements

Phase Content:

• 1.1 What are SLAs, types of SLAs, and why are they needed?
• 1.2 Elements of an SLA
• 1.3 Obligation management monitoring, Reporting requirements
• 1.4 Exclusions
• 1.5 SLAs vs. SLOs vs. SLIs

Outcome:

This phase will present you with an understanding of the elements of an SLA: What they are, why you need them, and how to validate them.

Phase 2

Create Requirements

Phase Content:

• 2.1 Create a list of your SLA criteria
• 2.2 Develop SLA policy & templates
• 2.3 Create a negotiation strategy
• 2.4 SLA Overachieving discussion

Outcome:

This phase will leverage knowledge gained in Phase 1 and guide you through the creation of SLA requirements, criteria, and templates to ensure that providers meet the service level obligations needed for various service types to meet your organization’s service expectations.

Phase 3

Manage Obligations

Phase Content:

• 3.1 SLA Monitoring, Tracking
• 3.2 Reporting
• 3.3 Vendor SLA Reviews & Optimizing
• 3.4 Performance management

Outcome:

This phase will provide you with an SLA management framework and the best practices that will allow you to effectively manage service providers and their SLA obligations.

Insight summary

Overarching insight

SLAs need to have clear, easy-to-measure objectives to meet your expectations and service level requirements, including meaningful reporting and remedies to hold the provider accountable to their obligations.

Phase 1 insight

Not understanding the required elements of an SLA and not having meaningful remedies to hold service providers accountable to their obligations can present several risk factors to your organization.

Phase 2 insight

Creating standard SLA criteria for your organization’s service providers will ensure consistent service levels for your business units and customers.

Phase 3 insight

SLAs can have appropriate SLOs and remedies but without effective management processes they could become meaningless.

Tactical insight

Be sure to set SLAs that are easily measurable from regularly accessible data and that are straight forward to interpret.

Tactical insight

Beware of low, easy to attain service levels and metrics/KPIs. Service levels need to meet your expectations and needs not the vendor’s.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

SLA Tracker & Trending Tool

Track the provider’s SLO attainment and see how their performance is trending over time

SLA Evaluation Tool

Evaluate SLA service levels, metrics, credit values, reporting, and other elements

SLA Template & Metrics Reference Guide

Reference guide for typical SLA metrics with a generic SLA Template

Service-Level Agreement Checklist

Complete SLA component checklist for core SLA and contractual elements.

Key deliverable:

Service-Level Agreement Evaluation Tool

Evaluate each component of the SLA , including service levels, metrics, credit values, reporting, and processes to meet your requirements

Blueprint objectives

Understand the components of an SLA and effectively manage their obligations

• To provide an understanding of different types of SLAs, their required elements, and what they mean to your organization. How to identify meaningful service levels based on service types. We will break down the elements of the SLA such as service types and define service levels such as response times, availability, accuracy, and associated metrics or KPIs to ensure they are concise and easy to measure.
• To show how important it is that all metrics have remedies to hold the service provider accountable to their SLA obligations.

Once you have this knowledge you will be able to create and negotiate SLA requirements to meet your organization’s needs and then manage them effectively throughout the term of the agreement.

InfoTech Insight:

Right-size your requirements and create your SLO criteria based on risk mitigation and create measurements that motivate the desired behavior from the SLA.

Blueprint benefits

IT Benefits

• An understanding of standard SLA service levels and metrics
• Reduced financial risk through clear and concise easy-to-measure metrics and KPIs
• Improved SLA commitments from the service provider
• Meaningful reporting and remedies to hold the provider accountable
• Service levels and metrics that meet your requirements to support your customers

Business Benefits

• Better understanding of an SLA framework and required SLA elements
• Improved vendor performance
• Standardized service levels and metrics aligned to your organization’s requirements
• Reduced time in reviewing and comprehending vendor SLAs
• Consistent performance from your service providers

Measure the value of this blueprint

1. Dollars Saved
• Improved performance from your service provider
• Reduced financial risk through meaningful service levels & remedies
• Dollars gained through:
  • Reconciled credits from obligation tracking and management
  • Savings due to automated processes
2. Time Saved
• Reduced time in creating effective SLAs through requirement templates
• Time spent tracking and managing SLA obligations
• Reduced negotiation time
• Time spent tracking and reconciling credits
3. Knowledge Gained
   • Understanding of SLA elements, service levels, service types, reporting, and remedies
   • Standard metrics and KPIs required for various service types and levels
   • How to effectively manage the service provider obligations
   • Tactics to negotiate appropriate service levels to meet your requirements

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

Guided Implementation

"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way wound help keep us on track."

Workshop

"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

Consulting

"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks are used throughout all four options.

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between three to six calls over the course of two to three months.

Phase 1 - Understand

• Call #1: Scope requirements, objectives, and your specific SLA challenges

Phase 2 - Create Requirements

• Call #2: Review key SLA and how to identify them
• Call #3: Deep dive into SLA elements and why you need them
• Call #4: Review your service types and SLA criteria
• Call #5: Create internal SLA requirements and templates

Phase 3 - Management

• Call #6: Review SLA Management Framework
• Call #7: Review and create SLA Reporting and Tracking

Workshop Overview

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

Reduce Risk With Rock-Solid Service-Level Agreements

Phase 1

Phase 1

Understand SLA Elements

Phase Steps

• 1.1 What are SLAs, the types of SLAs, and why are they needed?
• 1.2 Elements of an SLA
• 1.3 Obligation management monitoring, Reporting requirements
• 1.4 Exclusions and exceptions
• 1.5 SLAs vs. SLOs vs. SLIs

Create Requirements

Manage Obligations

1.1 What are SLAs, the types of SLAs, and why are they needed?

SLA Overview

What is a Service Level Agreement?

An SLA is an overarching contractual agreement between a service provider and a customer (can be external or internal) that describes the services that will be delivered by the provider. It describes the service levels and associated performance metrics and expectations, how the provider will show it has attained the SLAs, and defines any remedies or credits that would apply if the provider fails to meet its commitments. Some SLAs also include a change or revision process.

SLAs come in a few forms. Some are unique, separate, standalone documents that define the service types and levels in more detail and is customized to your needs. Some are separate documents that apply to a service and are web posted or linked to an MSA or SSA. The most common is to have them embedded in, or as an appendix to an MSA or SSA. When negotiating an MSA it’s generally more effective to negotiate better service levels and metrics at the same time.

Objectives of an SLA

To be effective, SLAs need to have clearly described objectives that define the service type(s) that the service provider will perform, along with commitment to associated measurable metrics or KPIs that are sufficient to meet your expectations. The goal of these service levels and metrics is to ensure that the service provider is committed to providing the service that you require, and to allow you to maintain service levels to your customers whether internal or external.