CIO Specialist Advisory LLP                                                Leveraging excellence and value through collaboration
DD Mishra, Partner, CIO Specialist Advisory, shares  some key tips on IT SLAs and some of the best practices which can lead to better negotiation or management. As per Mr Mishra, SLAs should be taken seriously and managed properly for a better working relationship and business efficiency. 

Service Level Agreements are designed to drive service performance from providers. Sometimes overdrive to get stringent or relaxed SLAs, poor governance of SLAs, ambiguity in SLA contracts and inability to identify win-win situations from demand and supply side leads to catastrophic consequences for business and IT in many IT outsourcing deals. Most often I see we miss business in our IT SLA decisions. Since SLAs are much debated topic, I thought of sharing my views on this subject with the intent to uncover some good practices for a healthy debate. 

SLA for business performance: IT SLAs should have direct or indirect relation with business performance. If changes in the SLA do not create any business impact, is it worth measuring it? If changes to the SLA, creates lesser business impact, it may become a candidate for negotiation/renegotiation if the expected level is difficult or expensive to maintain and outweighs the benefits from investment.

Number of SLAs: The number of SLAs should be few which are just sufficient to measure every aspect of the service. The number can be optimised by reducing redundancy. For example, if you have outsourced Applications & Infrastructure to the same provider, by measuring application performance, we can also understand server and network performance; hence there is no need to define Server and Network performance SLAs in addition. Too many SLAs not only consume lot of bandwidth, it does not help in driving the right performance either by diverting our attention. We can keep server & network performance as a part of infrastructure monitoring metrics rather than SLA in the above situation.

Divide SLAs between Critical & Key: Penalize provider for missing those SLAs which impact the business most. Dividing penalty amount into huge number of SLAs will lower the impact of penalties across important ones. By categorising SLAs into Key and Critical, we can penalize for critical and keep the key SLAs under close monitoring without penalty with a provision of shifting some of the SLAs from Key to Critical and vice versa during review periods.

SLA Slabs: At times an absolute number for an SLA target may not help. Under such circumstances, creating slabs for those SLAs could be a better alternative. The slab has to be carefully designed keeping end customers in mind. For example, if you have generally X number of records to be processed on a particular day of month but at times you get X+D which is higher, provider may try to guarantee a target looking at the worst case. Customer can get a better SLA by putting slabs e.g for first X records it should be 2 hours and the X+D can complete in 3 hours 30 mins with 99.9% target or something like first 90% in 2 Hours and 100% in 3 hours 30 mins. This can be a better bet for business than getting 99.9% in 3 hours 30 mins.

Provide escape route from defaultsMistakes can happen but there should be mechanism for correcting those mistakes in a relationship. If SLA defaults happen, the mechanism to recover the penalty back should be available as a part of the SLA contract. For example, one can put exceeding the targets by X% in next 3 months after the first default; will put the provider on the toes to fix the issue. Overall, the enhanced target should be achievable. Penalty can never be a revenue stream as for every dollar obtained from penalty; the loss to business due to SLA defaults is manifolds.

Automation: SLA measurements should be automated and driven by tools. This reduces chances of error and reduces stress on manpower needed, time frame of producing SLAs and debate around its accuracy. The automation should be kept as an obligation on the provider within first few months of outsourcing for all SLAs where it is possible.

Grouping of SLAs: SLAs can be grouped in Pools under various categories such as Security, Availability, Performance, Business, Regulatory, Compliance, Customer etc. and accordingly one can allocate priority for the pools and factor pool contribution into calculation of SLA penalty. This helps in holistically managing the parameters and capability to tune the expectations as per needs.

SLA Improvement: SLA improvements should be clearly defined and should follow a time bound roadmap. The improvements should result in business benefits. It is imperative here that quite often the improvement does not mean revision of targets but other parameters as well. For example, rather than improving % of closure of calls within specified time of X hours, a better improvement could be to reduce the window of X hours to X- D.

Regulatory & Compliance SLAs: The SLAs which are regulatory & compliance related to continue in business needs should be should be at a higher performance level than what is required by agencies or external. The SLA contract or MSA should have provision of passing any fine or penalty which customer may have from such failures to comply where failures can be attributable to the provider.

Tuning SLAs:  SLAs, irrespective of the categories, are important for business and should be met. The customer should make provision for calibration from time to time by reducing or increasing the impact of SLAs through calibration processes where it becomes necessary. This should be used very carefully and preferably during the improvement phase yearly or half yearly using proper governance mechanism. In addition, SLAs should be reviewed over a period for their relevance.

In conclusion, there are several ways of making better alignment with good SLA negotiations and creating a win-win situation. The SLAs should be SMART – Simple, Measurable, Achievable, Realistic and Timely for a better relationship with provider. Since SLAs have direct impact on relationship with provider and connected to business efficiency, it is imperative to manage them well through better governance.

Leave a Reply.