The Business

How to write an IT service-level agreement

A service-level agreement manages expectations and improves communication when you’re starting your relationship with a customer as well as when things go wrong.


Since pointing fingers confers no practical benefit — even if it’s emotionally satisfying — what everyone needs to know in such a situation is who is going to fix whatever’s wrong, and how soon.

This is the moment when the relationships among customer, consultant and suppliers come under greatest stress. The key to getting through it, and having a satisfied customer at the end, is having a service-level agreement in place that spells out clearly what everyone can expect of each other. The best thing about SLAs: they can be negotiated when there’s no urgency and everyone is calm and thinking clearly.

“You can use it as a sales tool as well, because it shows you have thought about it,” says Kathryn Harding, professional services manager with security distributor Computerlinks. Computerlinks has three documents it gives to customers. First, a set of terms and conditions covers liability issues. A double-sided support certificate has a couple of paragraphs outlining what the customer gets, including service hours and the phone numbers to call. And the seven-page SLA explains exactly what is being delivered to the customer.

It sounds complicated, but as Harding points out, they are used by different people. “The service level is separate from fees, cancellation terms, intellectual property, liability issues,” she says. Those elements instead appear in the company’s T&Cs, which are with the resellers and small consultants who pay Computerlinks, even if those services are ultimately delivered to customers, who may also need to sign them. “With security testing,” she says, “it’s essential that the customer has signed these”. The support certificate typically goes to technicians, or in some businesses key users, who make the phone calls and use the support services.

Out of control
Few suppliers can control everything they supply well enough to offer an SLA on all of it. Chris Comley, owner of Wizards, a small network consultancy that supplies broadband to small businesses, believes his company can’t honestly offer an SLA on broadband.

“Technically speaking, BT does, but what it offers is so vague and woolly that it’s easier to say there are no guarantees than to encapsulate it in one of our own. We do offer an SLA for our hosting service.” He tries to make plain to customers where the limits are.

“We have to exclude from our hosting SLA anything that Telecity or Redbus says it can’t offer and that might go wrong.” That includes loss of power, for example. “The list of things between the hosting centre and broadband providers won’t cover adds up to quite a lot.” Ultimately, the SLA he offers customers is largely made up of exclusions culled from the SLAs of the sources of the services Wizards sells, plus a provision that Wizards provides no compensation to anyone whose account is in arrears. “We didn’t have that checked by a lawyer,” he admits.

He frequently tells customers who require absolutely uninterrupted broadband service to either buy a more expensive leased line with guaranteed response times or source a second broadband connection as a backup. When they do, he says, “They’re not getting a better SLA — they’re understanding what the SLA is telling them.”

Like a lot of small consultancies, Comley pulled his SLA together out of other similar documents he’s seen from suppliers. By contrast, the 85-person network support and maintenance consultancy Networks First not only wrote two of its own — one for partner suppliers and the other for the customers it serves — but rewrote them to earn the Plain English Campaign’s Crystal mark.

Networks First sends out a checklist with the contract plus an explanation of the escalation process. Managing director Peter Titmus says, “The main thing we say is to try and get the contract as explicit as possible about what you’re trying to do. It can make them quite wordy.”

It’s all, he says, part of an ongoing communications programme. “The biggest problem we have is that what we maintain doesn’t go wrong very often — but when it does the repercussions can be huge.” Therefore the goal is to ensure that customers understand clearly what both sides are obliged to provide. “For example,” he says, “the liability is on them to have backups in place so that when the supplier attends the backup is ready to run. We treat the contract as a manual for the relationship, and that’s done us a lot of favours.”

The human factor
Peter Scargill, national IT director for the Federation of Small Businesses, takes a similar view: “It’s very easy to get tied down with these documents as a legal document to get out of the way, but actually they are part of the human interaction between customer and supplier.” He notes that particularly in Web development it’s very easy (“I’m as bad as anybody,” he admits) for the customer to start saying, “Wouldn’t it be nice if…?” part way through the project. “You convince yourself it’s part of the original project, and they’re saying we’ll have to fit it in. Unless it’s written down in clear, readable form, that’s when relationships go AWOL.”

Scargill, accordingly, doesn’t like complicated contracts. “It’s more important that the people involved both understand.” Instead of five pages of legalese, he says, “I want to see clear, humanly readable bullet points. This is what we’ll give you; if you want more, this is what it will cost; here’s how we’ll fit it in.”

A significant problem, he adds, is that, “Some of the stuff in the SLA is going to be completely unreadable to non-technical people. That’s the nature of IT.”

But getting the SLA right is important for keeping things from going wrong. Start by analysing the situation and working out which are the most critical pieces of infrastructure. Maybe the company can survive if the Web site goes down for a day but will stop cold if it loses email. “Group parts of the business [together] and look at acceptable down times for each of those,” says Scargill. Next identify the single points of failure and make sure those are understood. Under his watch, the FSB has moved from being a paper-based organisation to a fully electronic one, and as soon as you do that, “It’s not good enough to say ‘you hope the BT line doesn’t go down’.”

Once you start looking for those points of failure, he says, “you find you have loads of them.” Writing an SLA therefore becomes an exercise in defining the kind of service that’s needed and in disaster prevention, rather than simply drafting a contract. It may even lead to some change in infrastructure, or extra services to give the business what it really needs.

Managing expectations
In the end, it all comes back to managing expectations — and keeping them on track. Mike Bryett, director of consultancy Bryett Enterprise, says one of the company’s first mistakes was around managing out-of-hours support. “When we first started, I almost overemphasised the fact that we might be available 24 hours. And if customers are regularly phoning in support requests in the evening and getting answered, after a few months it becomes the normal expectation for us to be there”.

Today, he says, “our standard response time is a four-hour window, but internally we try for an hour. We don’t communicate that to the customer because it increases expectations”.

Bryett’s company’s SLA is taken from Microsoft’s template, though it also has terms and conditions to cover Web site design. More individually, it also includes networking documentation, an overview of how the customer’s network is set up and configured, what wireless networks, printers, and other equipment are in place.

A key part of the SLA, he says, is “not overextending ourselves.” The company studies where the majority of its workload is focused, and re-evaluates customer needs if too much time is being devoted to recurring problems. “Mainly it can be solved by extra training. But there’s a three-point rule; if something happens more than three times it needs looking into, or changing, and we communicate that to customers”.

Expensive at any price
Peter Titmus, managing director of Networks First, believes customers should do the same kind of due diligence on suppliers that they would on auditing a company they’re considering buying.

“You need to understand the whole picture,” he says. “We get a number of people who report that they have resources that they haven’t. It only becomes apparent when you’ve reported a fault in the middle of the night and they can’t do it. The supplier wins — the money is in the bank — and you won’t realise until there have been four to five failures. If an SLA matters to your organisation, you should do due diligence.” Networks First has found itself competing against people who exaggerate their abilities in order to win business. “We have seen competitors make outrageous claims,” he says, “and we’re bigger than they are and could never take it on.” One competitor claimed it could cover all of Ireland with a four-hour response time. “They said they could do it. The customer didn’t do due diligence. They were let down time and again.” All SLAs need clauses that penalise the service provider for failing to deliver what was promised. Typically, the customer gets between 10 and 20% of the contract value back. But, Titmus says, in the customer examples above the failing service provider can make money even after paying out the penalties – and most customers will stay until renewal even if they’re unhappy.

“So dubious suppliers make a lot of money out of it, knowing full well that customers won’t come down hard on them.” Titmus finds it especially annoying because, he claims, the due diligence required isn’t that hard to do. “Go to their site, get them to show the resources they’ve got, understand their financial stability. Do they have cash in the bank or are you lending them money to build their business and not getting the benefit?” If you try to cut corners at that stage and you get burned, he cautions, “you realise how expensive it’s been”.

It isn’t enough to make promises; an SLA, as Harding says, “needs to reflect what you can actually achieve”. And that’s something you want your customers to know from the beginning of your relationship.

Further information:

Network Fish IT Support Service Level Agreement


Show other articles by this author

Share |
Write comment
security image
smaller | bigger



Subscribe and get the magazine in the post before it's online

Subscribe and get access to all of the back issues

To read a sample eMagazine - March 2010



You want the PCs you support to have the right time for more reasons than keeping the users happy; for one thing, if every PC has a slightly different time, finding which version of a file was updated most recently gets much more complicated. Get your head around the Windows Time Service at, get the commands for making a PC get its time from the domain at and if you want a an alternative time server use to get the time from a random time server in the NTP Pool Project (read about the project at read more


Unified communications


The #1 Bestseller for Only 77p