When firms opt to outsource sections of their IT infrastructure, they should carefully manage their service-level agreements to achieve the maximum benefit.

Firms are increasingly outsourcing parts of their IT infrastructure. The benefits may include lower in-house support costs as well as access to expensive infrastructure and support services. However, unless firms take care in negotiating and monitoring their service-level agreements (SLAs) with outsourcers, there is a danger that the outsourced services will be less than satisfactory. Indeed, outsourced services could prove less reliable and more expensive than in-house systems.

Given these facts, analysts say that time and money spent on controlling SLAs can reap rewards. IT consultancy Meta Group suggests that firms should spend around seven to eight percent of the cost of any outsourcing deal on overseeing the contract.

Too often, managers assume that once they have negotiated an outsourcing contract they can forget about it until the next review period, said Tom Scholtz, senior programme director for service management strategies at Meta Group. Once SLAs are agreed, some IT departments assume they are being met and so fail to put adequate checks in place. It should be noted that monitoring is not only useful for external SLAs: there is a lot of scope for monitoring to improve the efficiency of in-house systems. Nearly eight out of 10 businesses are not in a position to measure the cost of poor IT performance, despite the fact that 97 percent regard IT as critical to the success of their organisation, according to research from analyst firm IDC.

Scholtz said haste in outsourcing can encourage mistakes, making effective management of contracts almost impossible. Taking the trouble to get details right can save a lot of time and money later.

Piecemeal approach
Scholtz argued that IT managers should consider piecemeal rather than wholesale outsourcing. He pointed out that many firms are tempted to outsource projects that are complicated ­ to bring in external skills ­ but this approach can make firms overly dependent on external companies. He added that it is essential for IT managers to be in the driving seat when outsourcing, but whether they actually are depends largely on what they choose to outsource. "Never outsource what you don't understand," said Scholtz. "If you don't understand it, how do you possibly agree meaningful SLAs?"

The performance of outsourcers against SLAs should be reviewed and adjusted as part of an ongoing process, said Scholtz. Managers should devote their resources to monitoring outsourcers' performance and constantly check it against SLAs. Doing this could save a lot of money in the long run. Scholtz said that devoting seven to eight percent of the contract's value in terms of man-hours is not unreasonable, and there should be an emphasis on monitoring performance and efficient record-keeping. "You should agree the targets for levels of customer satisfaction and how it will be measured," said Scholtz. "For example, it's a good idea to introduce biannual surveys or questionnaires to measure the effectiveness of your CRM [customer relationship management] or helpdesk system."

The management of SLAs may require checks by staff, but tools can be used to carry out some monitoring automatically. One option is to use service-level management tools ­ available from companies such as Tivoli and ClariTeam ­ which provide software designed to analyse the performance and quality of IT service providers. Such tools can offer an objective measurement of performance, without relying on the word of a service provider who might try to cover up SLA breaches.

Negotiating an SLA with clearly defined service expectations and penalties may be particularly important to companies that are outsourcing their servers to Web hosts or carrier hotels, sometimes referred to as co-location sites. Around 37 percent of European firms now use Web hosting services, compared with 18 percent in the US.

"The customer has the right to expect a defect-free service ­ and therefore co-location agreements must guarantee uptime ­ and a damages provision for when services fail," said Bruce Dear, president of law firm KLegal. "The customer should also reserve the right to withhold payment while services failures persist."

Network monitoring company Iowatch recently reported that 85 percent of ISPs breach their SLAs every month, with the result that UK firms could be entitled to a total of £30m of credit annually in compensation. Iowatch's technology monitors the always-on connections on leased lines by using ping messages to poll external servers to detect failures.

Iowatch research revealed that 25 percent of businesses currently experience more than five minutes of downtime every day, which exceeds the amount of downtime permitted in a whole year in a 99.9 percent uptime SLA. Furthermore, in a month, an alarming 82 percent of connections experienced enough downtime to breach a 99.9 percent SLA.

Room for negotiation

Helen Kist, managing director of Iowatch, said the negotiation of the initial terms of SLAs is key to effective management. "IT managers need to allow themselves room to negotiate on penalties for SLA breaches," she said. "They should take advantage of these provisions and ensure that the penalties provide adequate recompense, relative to the significance of the breach to the business."

Scholtz pointed out that there are three key elements to consider when negotiating an SLA: technical considerations, quality of service and end-user satisfaction. There is a temptation to include only the most easily identifiable metrics, but it is important to find measurements that adequately gauge quality of service and end-user satisfaction.

"We advocate a balanced approach," he said. The danger of relying on technical measures for SLAs is that they are not ultimately a measurement of end-user experience. While an outsourced helpdesk might seem to be providing value for money by its rapid call answering, the measurement becomes irrelevant if the quality of advice to the end-user is poor. A common failing of SLAs is to focus on technological issues ­ such as processor use ­ which are not ultimately assessments of service provision.

When setting about establishing an SLA, considerations such as performance and availability of service should be taken into account, along with quality of service issues such as level of help-desk responsiveness and customer satisfaction, Scholtz said.

He added that some service providers are reluctant to include measurements such as customer satisfaction in their agreements because of a perception that people were more likely to complain than to compliment.However, one way around this problem is to agree how satisfaction will be measured. "By measuring satisfaction through monitoring programmes such as biannual surveys, providers can be assured that the results are not skewed," said Scholtz.

Although ISPs tend to make amends for poor service by offering free service provision, Kist revealed that some offenders have offered cash compensation. "We already have an example of a company that got money back from an ISP for persistent SLA breaches," she said.

Automatic monitoring tools are one option for firms wanting to enforce SLAs. Another is to use undercover staff to test the service at end-user level. Some companies farm out this monitoring activity to a third party. Spot checks can involve submitting dummy orders for goods on e-procurement systems or just testing the quality of service provision. "There are companies that do Web site performance monitoring and pretend to buy certain items for hours and hours on end," said Scholtz.

IDC's research demonstrates that senior managers outside the IT department prefer service-level agreements to be measured in a way that shows the impact on the overall business process ­ rather than traditional IT performance metrics such as response times and uptime. Eighty-two percent of organisations said they would prefer to have SLAs specified in terms of end results for the business process.

"The future will be characterised by specific selective outsourcing," said Scholtz. Meta predicts that during 2001 to 2002, IT vendors will increasingly fix prices according to pre-agreed service levels. "But the trend for wholesale outsourcing is a dying one."

Studies carried out by analyst firm Forrester Research indicate that by 2002, 42 percent of companies will be outsourcing four or more processes, compared with just 26 percent in 2000. Only four percent of firms said they do not expect to use any external help. Clearly, SLAs will be important for the majority of IT managers.

And what better way is there of demonstrating the effectiveness of IT management than receiving cash compensation from under-performing contractors?

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.