Guide To Service Contracts

The ever changing compliance landscape has forced organisations globally to reassess strategies and policies for complex and secure information management. Yet an increasing number of organisations – from large to small – are effectively jeopardising much of that investment because they are not taking business risk seriously or misunderstanding the dangers.

Why are so many organisations carelessly accepting the promises of low cost network and hardware maintenance suppliers without checking either references, or the support service provider’s ability to deliver? In an environment where some companies estimate the cost of downtime at $1 million per hour and compliance implications of network failure are potentially devastating, how can companies justify their failure to undertake the simple due diligence required to ensure significant IT investment is appropriately supported and maintained?

It would seem a logical conclusion that organisations need to opt for an IT maintenance provider that can truly support business requirements - from prioritising emergency support for business-critical applications to ensuring rapid access to engineering resources and appropriate spare parts. The acronym REAL can be used to remember the four key stages of due diligence:

R – Research – Ensuring clear financial accounting practices are being carried out by potential suppliers is an essential step when carrying out supplier evaluations and due diligence.

E – Engineering resource - Don’t forget to assess the level of qualifications and accreditations a provider has. Many companies make extraordinary claims about their engineering resource when in reality they have a fraction of the numbers.

A – Accreditation – Another key criterion is the level of investment a provider puts in spares. Find out about the locations of spares as well as engineers. Only then will it become clear if a two-hour response is really viable. Go visit spares locations – seeing is believing!

L – Look into - undertake regular assessments. Due diligence should not be a one-off process. Avoid tie-ins that make breaking a contract expensive. Read all of the small print and if it’s not easy to walk away – don’t sign.

It is only with this information that organisations and their service providers can work together to develop contracts that match business needs and ensure resources are allocated to provide the appropriate level of support that matches the company’s exposure to risk. Key issues such as the way in which engineers are alerted to call out, the process for engineer dispatch both during and outside standard working hours and, ability to deliver software upgrades, should also be a fundamental component of the assessment. As should the business continuity and disaster recovery procedures.

Perhaps some blame can be laid at the fault of the major IT vendors here. While they are extremely rigorous in the due diligence processes they go through prior to accrediting distributors and dealers, they are failing to address the industry’s rogue elements that are fundamentally undermining the overall quality of service delivered.

In the end, however, the responsibility lies with every UK organisation to take a more robust look at the quality of service on offer. In a litigious and compliance-centric environment, managing risk has become a key objective. However, when it comes to supporting the critical IT infrastructure, is reducing the annual spend by 20% really a low-risk strategy? Or is it a short-sighted approach that could fundamentally jeopardise the business?