The Lowdown on IT Managed Services Agreements: Essentials and Advantages

What is An IT Managed Services Agreement?

An IT Managed Services Agreement is a type of service agreement commonly used when a business seeks support services for its IT network. The IT Managed Services Agreement forms the basis of the relationship between parties to the agreement. Service providers to businesses using an IT Managed Services Agreement can be: (1) a managed services provider, (2) a value-added reseller, and/or (3) an IT consultant.
An IT Managed Services Agreement is generally an important step for businesses seeking to have the technical support services for their IT networks provided by a third-party service provider. For example, a restaurant may enter into an IT Managed Services Agreement with a managed services provider in order to outsource the management and support of their computer systems. The restaurant may want to lease computing equipment , software and/or digital storage, and use those resources for its day-to-day business. The managed services provider can then bill the restaurant on a per-use basis for the technology, as well as for troubleshooting and other support services.
IT Managed Services Agreements are virtually a necessity for organizations that do not have – or want – in-house IT support. IT Managed Services Agreements generally provide for one of two support concepts: (1) break-fix; or (2) managed services or managed systems. From a service provider perspective, break-fix support is similar to the typical hourly or project-based consulting engagement that many businesses are familiar with, while managed systems provide for ongoing services on a monthly subscription or other regular interval billing basis.

Basic Elements of An IT Managed Services Agreement

An IT Managed Services Agreement should engage the regulated party and their senior management in the design and definition of specific outcomes, deliverables and risks. A regulated party would be well-advised to present the Managed Services Agreement for approval to its Board, even if the Board does not have full power over procurement and engagement or designation of a service provider.
Specifically, a Managed Services Agreement should include details on the following items:
Service Scope & Performance Boundaries
It is essential that the services to be provided are clearly documented and that this forms a key component of the Managed Services Agreement. The parties should separately address what is included in the scope of service and what is not – the latter should normally be described only in general terms. The focus should be on commercial (rather than legal) language and structure.
In addition to addressing what is included within the Managed Services Agreement, it is important to clarify what is excluded from the scope of the service. They are different matters. A party contemplating entering into a Managed Services Agreement should consider what services are key to the service provided by the regulated party and whether the ongoing delivery of the same is under threat from the service being delivered or the manner in which it is being delivered.
Ideally, the scope of services should be documented in the Managed Services Agreement and key performance indicators ("KPIs") listed that will encompass the service and performance requirements.
Responsibility for Actions of Subcontractors and Personnel
The Managed Services Agreement should specify the circumstances in which an obligation to provide services may be subcontracted and any limitation that may exist in this respect. The Managed Services Agreement should also set out who is liable for acts and omissions of each party’s staff and personnel as well as actions of subcontractors.
Limitations on liability should correspond with the contractual structure adopted for the Managed Services Agreement and should accurately reflect the respective liabilities of the parties. Liabilities should be capped. In the case of services being provided by more than one company, their liability to the other may be joint and several. It is expressly advisable to exclude liability for consequential losses and stipulate what is included in this category; one of the most common categories of loss sought to be excluded from liability in commercial contracts. For example, it is recommended that losses be based on the concept of "consequential loss" generally recognised in commercial contracts.
The Limitation of Liability clause should address third party claims by parties not bound under the Managed Services Agreement.
Monetary Charges
An IT Managed Services Agreement is a contract for the sale of goods and services. Parties are well advised to include provisions in the Managed Services Agreement that specify when payment will be made, how they are calculated, when they are due and when they attract interest for late payment.
Similarly, provisions requiring taxes to be paid, protective rights for rights of offset and parties’ rights to withhold payment should be included.
Duration of Contract
The Managed Services Agreement should stipulate the duration of the agreement, or the trigger events or conditions that would cause it to terminate.

Benefits of An IT Managed Services Agreement

The key benefits of having an IT Managed Services Agreement in place. In short, a good IT Managed Services Agreement is going to save your business money over time, improve the efficiency of your IT provider, and improve your ability to respond to IT security issues. In contrast, an IT Managed Services Agreement that fails to address the key points emphasized in our IT Managed Services Agreements blog post will put your business at risk for unnecessary expense.
What are these key benefits? First, cost savings. A documented IT Managed Services Agreement will document your agreed to IT levels of service, and include a price for those services. With this documentation, your IT provider cannot provide a lower level of service than the agreed to standard without first getting your express consent to do so and, perhaps, an appropriate reduction in the price of those services. An IT Managed Services Agreement that fails to appropriately and clearly capture, price and flexibly allow changes to, agreed to IT Service Levels is subject to abuse by your IT provider and your business will ultimately pay for that abuse.
Second, your IT Provider will more efficiently be able to deploy its resources in a manner that is beneficial to your business. Unlike traditional time and materials approaches to IT services, where unexpectedly long IT problems or increased demand for goods and services from your business leads to excess charges to you, if your IT provider has a managed service agreement with you then they plan for such eventualities and build time and materials work into the monthly price for the IT services you should want from your IT provider. They can do this because they know, in advance, all the IT services that your business generally needs and use. By way of analogy, think of a ship’s captain and crew. To be most efficient, the ship’s captain and crew want to be aware of what the ship will face during a voyage. It is the same for your IT services staff. They have to be aware of, in advance, what the services are that their customers (that’s you) need and will use. Only by building all of those requests and uses into their IT Managed Services Agreements can the IT services company deliver you the greatest potentially IT service "bang for the buck" (or in other words, IT Services which are less costly to your business).
IT Managed Services Agreements also help raise the efficiency of the business using the IT Managed Services. Because the monthly fee is the same regardless of when during the month the IT services are used, there is no detriment to your business requesting its fulfillment in peak billing periods or during light billing periods. For example, a business with a high number of service requests in the first two weeks of the month does not incur extra charges if they need to fulfill an additional service request in the last week of the month, but a business which paid on a fee for individual IT service requests basis would already have used its budget for the month. This is not to say that in an IT Managed Services System no new service requests are fulfilled outside the parameters of the monthly agreement, but in situations as described above, they will eventually be fulfilled under the terms of the IT Managed Services Agreement.

Common Mistakes to Avoid

IT managed services agreements can serve as a force multiplier to a business’ internal capabilities. However, the power of a well-written IT managed services agreement is often undermined by a few crucial missteps that arise as businesses and their legal counsel negotiate such agreements. We highlight below a few of those missteps.
"Throw it over the wall for an answer."
Many businesses, when facing the negotiation of an IT managed services agreement, will start looking for "examples" of similar agreements. The business (or worse yet, the business’ counsel) will then try to modify one of these "examples" of a managed services agreement into their desired form. The problem with this approach is that each IT managed services agreement is unique to its end-user, and utilizing an "off-the-shelf" agreement will often leave key provisions in the agreement unaddressed or inadequately addressed. Every IT managed services agreement should be drafted to address the unique characteristics of the business and offer enough specificity to firmly establish the parameters of the relationship.
The customer of an IT managed services agreement has a right to know the full scope of what they will receive in exchange for what they are paying to the provider. For example, the provider should be required to identify all costs to be paid by the customer, including any costs for services provided outside the scope of the agreement, fees for early termination or breach, and a breakdown of costs for tiered service levels. The fee structure should also stipulate to what extent fees are subject to increases over the term of the agreement. These costs should be itemized and categorized so that the customer is fully aware of the costs involved. Notwithstanding the fee structures that may be envisioned by the parties, the most common costs attributed to managed services include: (1) support of servers, storage, or devices in the data center; (2) system administration for routine maintenance and upgrades; (3) consulting services for development and integration efforts; and (4) billing for requests outside the support agreements.
When things go wrong or don’t go as planned, the business’ IT managed services agreement should clearly establish the standard that the provider must meet as well as the recourse the business has if the standard isn’t met. Without performance metrics, the performance of the provider can’t be measured accurately and appropriately. Thus, the agreement should contain metrics to measure the provider’s performance. In many instances, these measurements will center around several different metrics that will govern the different areas of the managed services agreement. For example, these may include Service Level Agreements (SLAs) for performance levels of hardware, software, and/or network services; SLAs for availability and/or responsiveness of Tier 1 and Tier 2 support (and/or other support), or SLAs on fulfillment of invoicing and requests for service, etc. These SLAs should spell out the exact measurement process, for example, the system availability should be based on 24/7/365 hours, and may be calculated according to the formula: (Total time the service is available – Total time the service is unavailable)/Total time the service is available. If a provider fails to meet an SLA, the managed services agreement should detail the resulting remedies, including credits, reporting, and (if appropriate) penalties.
IT managed services agreements are often closely related to the provider’s service level agreements for the hardware, software and/or network services. For this reason, one of the most common pitfalls in IT managed services agreements is that they are "tied to" the provider’s service level agreements without careful consideration by the business. Careful thought should be given to the manner in which the provider’s service level agreements will impact the business’ IT managed services agreement in terms of available services, monitoring, and general capabilities. For example, many software providers’ SLAs for their software systems are dictated by the hardware or network protocols, and if the business doesn’t take the time to consider the impact of these SLAs, the menu of services stays static, meaning the business does not adapt to changes in internal or external requirements as their technology capabilities fail to keep up with current needs. Careful review of the SLAs in the proposals for each of the components of the IT managed services agreement is an important step in preventing pitfalls in the management and performance of the overall IT managed services agreement.

How to Negotiate a Great Agreement

While you should ideally enter into a well-structured IT Managed Services Agreement in the first instance, in practice, you will likely be able to negotiate enhanced terms in your agreement. Consider the following strategies when negotiating terms with your IT service provider to achieve the best result.
Balanced Flexibility
It is common for IT Managed Services Agreements to include some flexibility provision which allows for the parties to update applicable schedules or other aspects of the agreement from time to time over the term as their business needs evolve. While it is advisable to include a flexibility provision, it is equally important to ensure that it does not apply carte blanche or otherwise extend to matters that are fundamental to your organization’s IT environment.
For example, while plans to move to a new office location or acquire a competitor may well trigger the need to amend an agreement, it may be inappropriate to alter other terms on a ‘without cause’ basis or at the discretion of your IT service provider. Doing so may leave you in a vulnerable position by undermining the ability of your agreement to set clear expectations for the level of services to be provided and the resources necessary to deliver them.
For example, your service provider may provide any IT managed services in-house, or may elect to outsource services to third-party contractors. Such outsourcing can drive down costs for your service provider, but can also erode service quality. It is worth seeking to restrict the ability of your service provider to outsource, or limit outsourcing through a third party to a particular set of trusted providers or only in specified circumstances. In a similar way , you may wish to prevent your service provider from relocating its support staff from your office or otherwise holding them out as its staff.
Predefined service levels
While outsourcing IT services offers reduced costs, it may also raise potential concerns about degradation in service quality. Service level agreements (SLAs) help to establish the scope of services to be provided, when those services will be provided, at what expected quality, and also when the level of service will be reviewed and adjusted. These coffee captures a set of expectations and, where appropriate, penalties for non-performance. Depending on your needs, SLAs can be agreed at the outset or developed over time so that the most important services can be delivered immediately and other services added later.
Well-developed SLAs help to align the process so that it runs smoothly. When negotiating SLAs with your IT service provider, consider setting out the following head of agreement:
Realistic Expectations
Many IT service providers are keenly aware of the value that companies place on IT services. In turn, they often attempt to maximize the cost of their services while pricing themselves within a competitive range of other providers.
While it is advisable to use your agreement and SLAs to accurately reflect realistic demands for service, you will also need to benchmark the schedule of fees provided in your agreement against those of competitors. You may be able to negotiate better terms if you demonstrate why you need lower fees. Note that you may also be able to include service credits as an alternative solution to lowering your fees too much, where the IT service provider can offer additional services or extra resources to cover any shortfall.

Importance of SLAs for Managed Services

Crucial to the execution of any IT managed services agreement are the service level agreements, or SLAs. These take various forms and address a host of standards relating to the performance of the various services covered by the agreement. For example, they may set forth the time in which a response to a user request is required. They may set forth the period of service downtime permitted during a specific period, and perhaps in different areas of service. They may set forth timeframes in which outages or failures in services must be addressed or corrected, or the time in which a service is required to be restored to normal operation following an outage. Service levels may also be expressed as a percentage, e.g. a requirement that services be available at least 99.9% of the time. Frequently, service levels are expressed in terms of key performance indicators, such as response time or application availability, in order to allow easier measurement and tracking.
Violations of the SLAs will commonly trigger a series of remedies, which range from monetary remedies, to service credits, to termination rights. These remedies are more or less focused depending on the severity of the breach, the harm caused by the breach, and the need for continued services.

What to Know About Legal Issues

When drafting or reviewing an IT Managed Services Agreement, there are a number of factors that should be considered to ensure that the agreement meets the needs of the parties from a legal standpoint and that the terms and conditions of the agreement represent, among other things, the requirements of applicable law. It is important to identify and address issues from the onset in the drafting and formulating of the IT Managed Services Agreement in order to avoid disputes that could result from the misalignment of the agreement with applicable standards and regulations that govern the information technology industry as well as both federal and state data protection laws. Depending on the specific nature of the services to be rendered under the IT Managed Services Agreement, the agreement may need to contain additional terms and conditions to provide for compliance with privacy, confidentiality and security laws. Those terms and conditions may include clauses pertaining to data encryption, data breach notification, HIPAA compliance, safe harbor provisions, cross-border data flow and international treaties, standards for protection of information and proprietary data, among other issues. Further, if the service provider’s delivery or performance of IT Managed Services is contingent upon the use of tools and/or support from third parties, or the engagement or utilization of third-party vendors or subcontractors, the IT Managed Services Agreement might impose obligations upon the service provider to provide notice to the client or obtain prior approval from the client before engaging a third-party vendor or subcontractor. These obligations could be further supplemented by requiring the service provider to include the same terms and conditions pertaining to privacy, confidentiality and security in its agreements with their own third-party vendors or subcontractors.

The Future of The IT Managed Services Agreement

As businesses continue to evolve, so too do their IT Managed Services Agreements. Currently, two major trends are driving the future direction of IT Managed Services Agreements: industry consolidation and increasingly sophisticated value-added services.
Industry consolidation is arguably the biggest trend in IT Managed Services. Vendors are continually looking for ways to stay competitive and an effective way to do so is by merging with or acquiring other companies. This is not limited to IT Managed Services – every industry is seeing consolidation at an increasing rate. Whether through a "roll up" by a company seeking to create a powerhouse in an industry or through a merger between companies that are seeking to take advantage of each other’s strengths to provide greater benefit to their clients, consolidation is on the rise. This trend makes it more important than ever that IT Managed Services providers and their clients have appropriate protections in their agreements to account for what will happen as a result of a consolidation. At least one high-profile IT Managed Services provider recently changed the scope of their services to customers following a merger with a much larger competitor. In many urgent situations, businesses cannot afford the time it takes to update an IT Managed Services Agreement.
The benefits achieved by including appropriate protections in an IT Managed Services Agreement when addressing a consolidation far outweigh the costs associated with the inclusion of those provisions. Such issues should not be negotiated and drafted at a time when significant changes are happening within a company. Instead, these issues should already be finalized and included in the IT Managed Services Agreement .
It is also important to talk about an emerging trend in Managed IT Services Agreements: increasingly sophisticated value-added services. As the offerings of IT Managed Services providers continue to expand beyond the traditional offerings of Network Operation Center and Help Desk Services, the benefits of the services are not only driving business to IT Managed Services providers, but such an expansion in service offerings is also a necessity to remain competitive.
Often, these new offerings and services are not included in existing IT Managed Services Agreements or are only addressed through a very short amendment to address the new service. Noting that business relationships and the needs of the parties change, it is very difficult to predict how the IT Managed Services Agreement will be further amended as a relationship evolves. Some IT Managed Services providers have the phenomenon of a Services Addendum, which addresses the specifics of the additional services in a separate and easily updated document. The advantage of such a document is that frequently used terms and conditions are not duplicated, which saves time for all parties and eliminates certain risks associated with using the wrong version of an agreement. Downtime for a Service Addendum is minimal, as it is simply an amendment to the existing IT Managed Services Agreement.
As time moves forward, businesses must continue to reevaluate how their IT Managed Services Agreements are structured and whether they will suit the needs of a changing relationship with their IT Managed Services provider. These issues are important to consider or revisit, especially in businesses where you can almost guarantee that a merger or acquisition will occur at some point in the future.