Information and communication technology (ICT) outsourcing contracts enable a client to transfer responsibility for internal business functions to a third party service provider. Predominantly, the focus is on transferring non core, non revenue producing activities to a service provider that will enable the client to either save costs, transfer risk and/or leverage the skill set of the supplier. Within this scenario, it is not uncommon for the service provider to purchase assets of the client, manage third party contracts and/or hire additional subcontractors in order to perform the agreed services.
Within the ICT industry, such areas that may be outsourced include, infrastructure development, network management, business continuity, application development, software support or maintenance, and end user support.
A key intention of each party to an outsourcing engagement is that the relationship will be one that is maintained over a medium to long term, with a focus on the provision of continuous deliverables rather than a single deliverable arrangement.
As a result, the parties will need to negotiate at the outset, provisions that will anticipate the likely effect of an evolving medium to long term relationship. Such issues to consider may include, but are not limited to:
- defining the scope of the services provided and the subsequent association to the rights and obligations of the client, service provider and associated third parties (including related bodies corporate and subcontractors);
- ensuring the protection of corporate assets (including staff wellbeing, intellectual property and revenue);
- allowing for effective process control to manage the performance, compliance and dispute resolution of the rights and obligations of either party;
- ensuring the negotiation of an acceptable risk liability profile to each party;
- allowing for the possibility and management of scope and requirement change during the evolution of the relationship over the term; and
- accurately defining the measurement, monitoring and reporting obligations of either party to ensure performance.
The aim of each party should be to ensure that their requirements are achieved, and associated risk managed appropriately, during the evolution of the contractual relationship over a medium to long term.
2. Contract Process
The following article identifies topics of concern that should be addressed legally (and commercially) within the anticipated scoping of an ICT outsourcing contract.
During contractual negotiations, both parties will attempt to obtain the full advantage of the relationship and minimise the subsequent risk profile. As a result of the evolution of the relationship over time, there is a need that both parties ensure that:
- work is performed in accordance with pre-set milestones and timelines;
- the outsourcing process and relationship is capable of innovation and re-alignment to achieve productivity and/or cost gains; " there is sufficient transparency and accountability of both parties;
- the life cycle of the outsourcing contract can be sufficiently managed; and
- changes in scope can be agreed and actioned.
The importance of legal advice during this process is to maintain and ensure that the parties will have an acceptable governing structure to operate appropriately over a period of time and that appropriate levels of risk and reward are apportioned correctly.
In order to manage this, a number of areas should be considered by the parties that might have differing levels of impact, these include (but are not limited to):
- scope of support and maintenance;
- relationships with subcontractors;
- service level agreements;
- scope and change control; and
- suspension and termination events.
3. Items to Consider During the Negotiation Phase
When negotiating the effect of warranties, the parties should consider:
- The extent of express warranties (including warranties applicable to hardware, software and associated professional services).
- The extent, implication and exclusion of warranties implied by law (as well as a supplier's obligations regarding warranties that might be implied by law for example under the Trade Practices Act 1974 (Cth)).
- The limitations, exclusions and caveats pertaining to the warranties;
- Whether or not the warranties will be time bound:
- The standards that will be warranted, for example
- re. software – whether the software will be free from viruses and/or material defects; whether it will conform to specifications; and whether it will be error free;
- re. hardware – whether manufacturer warranties are provided; and how warranties will be implemented (ie. return to base); and
- re. services – whether the service provider will perform the work in a professional and workmanlike manner; and whether the service provider warrants a number of resources or qualifications.
- The parties may also seek to make warranties regarding compliance with all relevant laws or professional codes, as well as indicating any possible conflicts of interest. In such a case, it may be relevant that the parties have prior notice of any documentation, codes or practices before warranting compliance.
(b) Scope of Support and Maintenance
In identifying the scope of support (including professional services to the provision help desk support) or maintenance (including software updates and/or upgrades), the parties will need to consider their positions on some of the following items:
- What is excluded from the scope of support (eg. non-licensed software, modifications made without the service provider's consent);
- Will support be provided where software and/or hardware is used in conjunction with non-supplier provided components?
- Will support only be provided if an issue is reported within a certain time period;
- Can only select individuals make a support call?
- Are only a certain number of support calls allowed to be made within a particular time?
- Will support be provided for any accidents, negligence or unusual use or stress?
- Will support be provided for defects that may have been easily preventable by the client?
- Are updates included? Are upgrades included? What are the specific definitions of each?
- Will training or installation services for updates and/or upgrades be provided? Will they be free of charge or chargeable?
(c) Relationships with sub-contractors
The management of third party subcontractors or recipients of services will need to be defined at the onset, this could be vital so that the service provider is ensuring adequate cost structures for proposed recipients, and the client is aware of any third parties who may also perform aspects of the services. Such items of consideration may include:
- What services are being provided by third party subcontactors?
- Which entities will be the intended recipients of the services/licenses/hardware? (are they related bodies corporate or listed third parties?)
- Does either party have a right to vet the other's party's subcontractors or other recipients?
- How do these third parties interact with the parties to the contract?
- Will the warranties and liabilities of either party extend to the acts/obligations of the third parties?
- Will the third parties be liable for any breach of their obligations? Or will the client/service provider?
- Will the service provider be managing any third party contracts under which the client is a party? If so:
- has this been factored into the pricing?
- does the supplier accept the liabilities originally agreed by the client?
- can these contracts be assigned to the supplier?
- do licensing or intellectual property rights provisions need to be amended?
- do the contracts present an unacceptable risk profile to the supplier?
- has this been factored into the pricing arrangements of the service provider?
(d) Service Level Agreements
A common component of outsourcing contracts are the associated service level agreements that stipulate the service timeframes, responsibilities and associated penalties that entail where a service provider is unable or unwilling to perform to agreed requirements. Items for consideration during this phase include:
- What are the response times required by the client?
- Are there locations for delivery of certain services?
- Are there notification requirements that the client must adhere to?
- Must the service provider aim to constantly improve the timeframes over time?
- Must the service provider increase the response levels over time?
- Do the response levels pertain to logging the call, responding to the call or resolving the issue?
- Are support services to be provided remotely?
- Will the client be required to fill in satisfaction surveys?
- Must a service provider give notice of an adverse impact if it can't, or perceives it won't, be able to comply with service levels?
- Which party will determine priority levels?
- Will performance rewards be payable to the service provider?
(e) Scope and Change Control
It is expected, that over the term of the contract, the scope and/or requirements of the parties will change due to surrounding factors. With this in mind, items to consider include:
- Which party may initial change control procedures?
- Does the supplier need to prepare forecasts or anticipate requirements and report this to the client?
- Are timelines imposed on change control process? (ie. notice, response and final version)
- Who has financial responsibility for planning proposed change or scope controls?
- Can the cost of the services be increased as a result of change? Or is there a minimum threshold that must be reached before the price can be increased?
- Which party is responsible for implementing changes? And for documenting change control?
- What occurs when a change control request has an adverse impact on the current arrangements of the parties?
(f) Suspension and Termination Events
In every contract there will be appropriate provisions that deal with either party's right to suspend and/or terminate the contract for breaches by the other party, or due to the influence of uncontrollable outside events. In this scenario, there are a number of significant factors for either party to consider:
- What are the triggers to suspension and/or termination? Including:
- Material and/or minor persistent breach?
- Persistent breach of one issue or of various issues?
- Breach of policies and/or codes of conduct?
- Force majeure events?
- Breach of warranties?
- Bankruptcy, insolvency, administration?
- Time of the essence provisions?
- Change of Control
- Is notice required to suspend? How long?
- Is notice required for breaches enabling termination? Can termination be immediate or after a period of time?
- Where the services have been suspended – what will allow re-provision? Who determines this? Who bares the cost of re-institution?
- Are performance rewards still payable during suspension?
- Are service charges still payable during suspension?
- How long must suspension last until a party is entitled to terminate?
- If the service provider terminates – what happens to managed third party contracts?
- Can the service provider simply exit or must it re-transition the services to another service provider? How would this be achieved? Who bares the cost?
- How is the return of confidential information treated?
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.