The Geldards 10 point guide to improving your IT Contracts
In this short guide, Partner & IT specialist Justin Harrington sets out the key steps all organisations need to consider to get your IT contracts right.
Business reliance on technology and information has never been greater with the rate of change increasing. Service innovation and automation offers innumerable benefits and organisations that are slow to adopt new technology risk a dangerous loss of competitive edge. However, with these benefits come increased cost, complexity and risk and the consequences of poor IT procurement and implementation are common and enough to keep CEOs, FDs and IT Directors awake at night.
While software and tech/BPO outsourcing agreements may differ in how or what they are supplying, a number of common issues frequently arise in negotiations of all software related agreements.
See our ten tips for improving your IT contracts below.
1. Specification, specification, specification!
One of the biggest errors we see is going out to contract with an inadequate specification of what you expect the supplier to do. Without a clear specification the supplier will not be able to adequately scope the work or price it with any precision. It also gives rise to lack of clarity and debate or argument at a later stage as to the scope of the supplier’s obligation.
2. Clarity – know what you want and what you need
Clarity is important not just in respect of the specification. Customers need to have thought through what sort of software/IP licences they need and for what purpose. Suppliers should likewise consider what is a standard licence and what they will reserve the right to charge extra for.
3. Ignore data at your peril
Fortunately, most are aware of GDPR and the implications of getting personal data wrong in terms of penalties, but also reputational damage. What they may not consider is how data is used, who uses it and where it may be accessed from (e.g. in the course of provision of remote support). These all have implications which need to be reflected in the contract.
4. Deal with the risk
For suppliers, but also for customers, they will want to ensure that their liability clauses have appropriate caps. Suppliers will want to ensure all their risks have some form of cap (even if, in some cases, it’s a higher cap for certain categories of loss), whereas customers will want to ensure that a cap on the supplier’s liability does not effectively transfer risk onto them (for example in respect of a cap on IP infringement).
5. Plan your entry and your exit
The two key phases in any project are implementation (when most IT projects are at highest risk) and on exit (where, despite recent regulatory interventions in some industry sectors, many contracts tend to be light on detail). Both require thought and consideration of the steps that will apply which should be detailed in the agreement.
6. Anticipate and plan for change
Virtually all IT contracts will change over time. Change can be bureaucratic and drawn out (in some cases for good reason – e.g. to ensure appropriate scrutiny) or alternatively, change can be flexible to deal with a dynamic environment. Both customer and supplier need to consider where their services lie along this spectrum and prepare a change procedure that reflects this.
7. Practice the black arts of SLAs
Service levels and credits are sometimes perceived as a black art; in practice it’s about clarity and thinking through the consequences . Being clear what a service level applies to and what constitutes non-compliance is key. The next stage is to determine what is the consequence of non-compliance. Is it a service credit, or some other remedy such as the attendance by senior personnel of the supplier or escalation within the supplier. You should also be clear what happens if the service failure recurs and what sort of service level failure constitutes a material breach.
8. Plan for when things go wrong – security & business continuity
Every contract that uses personal or financial data or is otherwise critical to a customer’s business, needs to ensure security standards and procedures are complied with and set out how business continuity will be maintained if things go catastrophically wrong. On larger deals, we would expect a free standing schedule on security and business continuity.
9. The customer is still King
From both parties’ perspectives you need to be clear as what is expected of the customer. Clearly the customer will need to pay for any services provided, but if the supplier is expecting data or anything else from the customer it is in every one’s interest to ensure they are aware of this and the timescales expected.
10. Pragmatism delivers acceptable agreements
Finally, we’d suggest you try and be realistic and pragmatic with your contacts. As a customer, do you really need to own IP in any new software developed by the supplier? How realistic is it that you will be able to use this IP given that the supplier will usually own IP in the underlying software.