Why SLAs Matter and How To Make Them Work Better

It's 2AM, systems are down and your IT services provider is fast asleep. If you don't have a clearly defined SLA from the outset, it could be you who's in for the nightmare. 

Over the last several weeks my family and I have been living through some pretty substantial home improvement projects. The updates were needed and the results have turned out well so far, but the work has dragged on much longer than expected. In the majority of cases, the delays have had nothing to do with us. The contractor has continually run into problems, causing him to either show up late, need to leave early or sometimes, not show up at all. Added up, it has pushed the originally promised delivery time back nearly two weeks. It's made me wish I would have laid out some SLA terms with him before signing the contract.

Of course, SLAs, or Service Level Agreements, aren't typically included in the services we engage with in our personal lives. Good luck holding the restaurant liable for slow service, or the train operator for missing the arrival schedule. SLAs just aren't a factor in the majority of personal service transactions we encounter. If you're unhappy enough with the deliver of service, you simply don't use that provider again. There's no place for metrics and time guarantees on when exactly my morning paper will arrive or when the doctor will finally call me in from the waiting room... although, I do recall getting a free pizza or two after the thirty-minute mark threshold was crossed.  

But SLAs are a part of the delivery of IT services. And if you're engaged with an IT Services Provider, it's important that you have a well defined one in place. Let's break down the key components of a Service Level Agreement and what IT leadership should do to ensure the business is covered.

Breaking Free From The Flat-Rate Managed Services Model

The following is based, in part, on CIO's Service-Level Agreements 101 by Lauren Gibbons Paul

What is an SLA? 
A Service Level Agreement (SLA) is a of contract between an IT services provider, (either in-house or external) and the customer. SLAs dictates the quality and type of service that will be provided to the customer in exchange for a fee. SLAs also provide the remedy, such as a reduced fee structure, that will apply in the case of a service outage. So, for example, if the contract specifies 99.9999 percent up-time and that is not met, the customer would have the right to reduce its bill by an agreed-on percentage— for example, “If the network is down for an hour, the customer is entitled to a 10 percent rebate of its monthly network service fees; if the network is down for two hours, the customer is entitled to a 20% rebate of its monthly network service fees” and so on.
SLAs are important because they set the tone for the relationship between the parties and will govern if and when things break down. A “good” SLA is a balance between being thorough and clear on one side, while not being overly onerous on the service provider on the other.
Why are they important to have? 
It is as important to have an SLA as it is to have a contract for business arrangements of all types— because it constitutes a single document that contains the terms of the agreement as understood by both parties. With the SLA in place, it is much more difficult for either party to claim ignorance if the agreement breaks down. CIOs should expect to have an SLA (reviewed by their legal counsel) in place for every significant service relationship they have.
Who should create the SLA?
Most service providers will offer a standard SLA as part of the work agreement. Ideally, you should use that as a starting point. Give their SLA to your in-house counsel department, if you have one, and let counsel make adjustments that are favorable to your side. Or add some provisions that reflect your priorities. If time is of the essence, however, you may have to use the service provider's standard SLA.
What makes up an SLA? 
An SLA can comprise a few short pages up to a few hundred pages. The basic components are a statement of the parties' intent, an outline of the responsibilities of each party (including acceptable performance parameters with applicable metrics), a statement on the expected duration of the agreement, a description of the applications and services covered by the agreement, procedures for monitoring the service levels, a schedule for remediation of outages and associated penalties, and problem-resolution procedures.
How do you ensure Service Levels are being met? 
Most service providers (especially in cases where high availability is critical, such as network services) make reports available, often on a Web portal. There, you can see how your application or system is faring, whether service levels have been maintained and whether you are owed any rebates for service outages. If the service being provided is mission-critical (that is, your business is in jeopardy if the SLAs are not met), you will want to consider using an SLA management tool or monitoring service.
What are SLA metrics? 

SLA metrics are the criterion defined between the customer and service provider which define the quantitative target(s) that must be achieved for the service provided. Failure to achieve these targets results in the service provider being liable to the customer for the prescribed remedy, 

Examples of metrics include:

Response time- This is the amount of time the service provider must respond to service incidents and requests. Individual metrics are usually defined for the time for initial response, the time to plan a resolution, and the time for resolution delivery.  These metrics may also be influenced by a severity prioritization schedule which each incident or request is categorized by.   

Defect rates- These are counts or percentages that measure the errors in major deliverables, including number of production failures per month, number of missed deadlines, number of deliverables rejected (reworks), and so on.

Technical quality- In the case of outsourced application development, this includes measurements of the technical quality of application code, normally produced by commercial tools that look at items such as program size, degree of structure, degree of complexity and coding defects.

Service availability- This indicates the amount of time/window of time that the services managed by the outsourcer are available, ranging from online application availability to delivery of reports by a specified time of day. Measures can be reported positively or negatively and usually incorporate some level of tolerance (for example, online application availability 99 percent of the time between the hours of 8:00 am and 6:00 pm).

Service satisfaction- This relates to the client's level of satisfaction with the perceived level of service provided by the outsourcer captured for each major function through internal and/or external surveys. Ideally, these surveys are conducted periodically by a neutral third party. Although subjective, they are a good double check on the validity of the other SLA metrics.

What are the typical up-time provisions for an IT network services provider?

When it comes to hosted network services, most companies will need at least 99 percent up-time; many providers will offer 99.9 percent up time or higher. It is important to understand exactly what this means, as 99.9 percent up-time equates to 43.2 minutes of unplanned downtime per month. For many enterprises, that level of availability is not acceptable. It is a common practice for a provider to offer nearly 100 percent up-time for certain business-critical applications, but you must be prepared to pay for this guarantee. Many providers offer different levels of up- time guarantees, priced accordingly.

Should SLAs be review periodically?

In a word, yes. The service-level commitments contained in the SLA are developed from estimates of current and desired service levels that are subject to fluctuation. Accordingly, the SLA should be viewed as a dynamic document and should be periodically reviewed and changed when the following events occur:

    • The environment has changed
    • The client's expectations and/or needs have changed
    • Workloads have changed
    • Better metrics, measurement tools and processes have evolved.

A well laid out SLA should be a tool which not only sets out expectations for both the customer and provider, but also helps to facilitate healthy discussion between the two parties. Regular performance reviews can serve as a jumping off point to ensure the service provider is aligned with the customer's future goals as well as lead to positive process enhancements. As with any agreement, the better the terms and expectations are defined for each party prior to beginning the relationship, the easier communication should be when things don't go as expected.
As for the Service Level Agreements we're able to establish in our personal lives, I think it's probably too late to get my current home improvements contractor to sign off on one. Too bad for me. At least there's always Dominos.  
Breaking Free From The Flat-Rate Managed Services Model