How Should a Customer Approach Statements of Work for Outsourcing Deals?

Transcription

1 Hw Shuld a Custmer Apprach Statements f Wrk fr Outsurcing Deals? Martin Ctterill, Justin Crnish and Brian Meenagh 1. What is the Frame f Reference fr Scpe? 1.1 The first step in writing a statement f wrk, r a services descriptin, is t cnsider the nature f the relevant utsurcing deal. Bradly, the deal will invlve either an envirnment r a prcess and there are key differences between the ways the custmer shuld describe the tw. 1.2 The statements f wrk fr Infrmatin Technlgy Outsurcing (ITO) deals generally invlve an envirnment. Examples f ITOs include distributed cmputing, server prcessing, netwrk maintenance, and the maintenance and develpment f applicatins. While there will be prcesses invlved in ITOs, the general scpe f the wrk will fcus mre n a specific envirnment. 1.3 By cmparisn, Business rcess Outsurcing (BO) generally invlves a prcess. BOs can include, fr example, finance and accunting prcesses, tax cmpliance r the prcurement and HR functins f a business. 1.4 Where the deal fits n the spectrum between an envirnment and a prcess will determine hw the custmer shuld apprach it, including hw the deal is priced, what service levels can be btained and ultimately what risk the custmer can pass t the supplier. The main areas f fcus and the different pririties between the statements f wrk written fr either an envirnment r a prcess can be summarised as fllws: Envirnments arameters: Services: Service levels: arameters f the envirnment including, e.g., netwrk end pints, gegraphic scpe and in scpe equipment and/r sftware End-t-end respnsibilities, with tuch pints against which the custmer r ther third party suppliers will interface Aspects which, if changed, will frce a change in the custmer s systems Services t be perfrmed by the supplier t supprt the envirnment rcesses t be implemented by the parties t manage the services Availability Respnse times Time t fix Service requests

2 rcesses arameters: Start pint f the prcess End pint f the prcess and definitin f successful cnclusin Hand-ffs and custmer-retained steps Services: Service lines within each prcess Service levels: Time t cmplete Accuracy (all utcmes r samples) 2. Defining the Scpe f the Statement f Wrk General Rule: Describe What nt Hw 2.1 The starting pint fr describing services in a statement f wrk is t ensure that it describes what services the custmer wishes t acquire, and nt hw they will be perfrmed. This general rule is imprtant because what the custmer is buying rarely changes substantially during the life f a deal, but hw it is delivered will change dramatically year-t-year, requiring cnstant renegtiatin and change t the relevant agreement. The custmer shuld require the supplier t mve with the times and autmate and/r implement efficiency as much as pssible. If in the statement f wrk the custmer describes hw the services will be perfrmed, it will restrict a supplier s flexibility and ability t prvide services in an innvative and effective way. 2.2 There are, hwever, sme ntable exceptins when it is beneficial and necessary t describe the hw. This is the case when the custmer is dealing with situatins that invlve: Services that need t interface with the custmer s prcesses r systems Regulatry issues, e.g., financial cntrls that must be cmplied with t ensure regulatry cmpliance and timing requirements mandated by the law Security requirements and business cntinuity specificatins Custmer plicies that dictate a certain way f ding things, e.g., system change prcesses Use Respnsibility Matrices with Care 2.3 Statements f wrk are smetimes based arund respnsibility matrices. These can be useful but they shuld be used with care. It is imprtant t keep in mind the fllwing pints: arties shuld never have jint respnsibility. Jint respnsibility means neither party has respnsibility It is never clear what assist r supprt means. If a party is nly respnsible fr part f a service, an additinal rw shuld be created t describe that element Tables are generally pr at describing envirnment services. They are quite useful fr describing prcesses that invlve sme steps t be perfrmed by the custmer Tables shuld be used selectively as just ne part f the statement f wrk the custmer shuld nt try t create ne huge table. If tables are t be used, the custmer shuld create intrductins t each ne 2.4 The first rw f the fllwing table is an example f what t avid in a respnsibility matrix, where stands fr perfrm and A fr assist. In the first rw, the supplier and custmer

3 have jint respnsibility fr managing and administering the sftware distributin. It is unclear what is meant by assist and, as nted abve, jint respnsibility generally means neither party has respnsibility. It is better, therefre, t describe the functin with greater specificity. The secnd and third rws are mre specific and designate respnsibility entirely t the supplier. The wrk will mre likely be cmpleted with this type f descriptin and designatin. Functin Supplier Custmer Manage and administer the sftware distributin Cntrl sftware licenses Administer license, maintenance and supprt agreements A Determining the Scpe 2.5 The custmer shuld seek t capture as much scpe as pssible in the statement f wrk. The supplier, n the ther hand, will want t have great precisin abut exactly what it has t d. 2.6 Given this tensin, it is imprtant that the custmer clearly identifies a brad scpe in the statement f wrk up frnt; therwise, it may end up paying fr it fr the rest f the deal. It is equally imprtant when drafting statements f wrk t address the meaning f including (i.e. it shuld be defined as meaning including withut limitatin ). An example f language that fllws this apprach is set ut belw: Supplier will perfrm incident management services s as t restre nrmal service peratin as sn as pssible after the ccurrence f an incident with minimum interruptin r disruptin t the recvery service and in any event, in accrdance with the erfrmance Standards. Supplier s incident management respnsibilities will include: a. detecting and recrding Incidents b. classifying each Incident and prviding initial supprt c. investigating and diagnsing the Incident d. reslving the Incident e. clsing the Incident f. wning, mnitring, tracking and cmmunicating in respect f the Incident thrughut the steps specified in sectins (1) (5) 3. Aim fr Technlgy Neutrality in the Statement f Wrk 3.1 Mst IT departments will have limited visibility regarding many f the technlgies that may be available t be used in five years time. Hwever, they generally will have dcumented all f the technlgy they currently deply, and manage change frm this base. When preparing a statement f wrk the custmer shuld seek t avid using the cntract as a technlgy radmap r strategy dcument and create statements f wrk that are nt tied t particular technlgies and allw change t ccur in the underlying tls withut requiring a cntract change t implement r, wrse, a rewrite. 3.2 The ntable exceptin t this is in shrt-term deals where the implementatin f a particular platfrm is central t the deal: fr instance, BO deals that have majr platfrm rll-uts where it is in the client s interest t get technical as t what it is receiving. Even then, cnsider

4 the ptential change paths (e.g., applicatin prtability if a new perating system is rlled ut r ther related technlgies change). 3.3 As a separate issue, the custmer shuld als be clear abut what is included in the supplier s charges fr refresh and upgrading f tls and technlgies. Des the supplier have t keep the sftware upgraded t the latest (n) r n mre than ne behind (n-1) versin? Des the supplier have t replace equipment every X years r nly as necessary t cmply with the service levels r t ensure that the equipment is within manufacturer s supprt? Hw much influence des the custmer want n these decisins? 4. Using ITIL and Other Standards 4.1 There are a number f existing standards that can usefully be drawn n when creating statements f wrk. The best knwn is ITIL (the IT infrastructure library) which is a standardised descriptin f hw IT departments shuld perate. Created by a UK gvernment bdy, ITIL prduces a series f bks that describe different aspects f IT. It is nw an internatinal standard that many IT departments are adpting. 4.2 When preparing a statement f wrk the custmer may be able t draw n standardised ITILcmpliant language t help build the crss-functinal parts f statements f wrk, including: Incident management rblem management Capacity management Cnfiguratin management Service desk Such language may exist in previus statements f wrk that the custmer has prepared r may be prvided by the custmer s external advisrs. 4.3 Other relevant standards that culd be used include: etom (fr netwrk build, peratin and maintenance deals) Cbit (fr cntrls particularly relevant fr cmpliance utsurcing) Capability Maturity Mdel (CMM) fr applicatin develpment 4.4 The custmer shuld nte, while ITIL can be useful, it is nt a replacement fr crafting a scpe dcument. ITIL describes prcesses and practice; it des nt describe bligatins in a manner fit fr a cntract. 5. Getting Off the Blank age 5.1 rducing a statement f wrk can be challenging where the custmer is seeking t dcument the relevant envirnment and/r prcess fr the first time. A useful first step is t wrk frm any system diagrams, prcess maps r flw diagrams. These dcuments ften shw the key elements in the relevant envirnment and/r prcess and the interrelatinship between them. Frm these maps and diagrams the custmer can then generate a set f discrete scpe tpics. Anther gd starting pint is t use the peratinal level metrics that are ften used by internal departments t generate reprts t senir management. 5.2 Under each tpic, the custmer shuld then list all the key tasks that are t be undertaken by the supplier. This list will prvide breadth t the identified scpe tpics. The final step is then t scpe ut the glue that jins all these discrete tpics. Fr example, the task list might specify that the supplier is respnsible fr generating valuatins fr unit prices, but wh signs it ff? Wh mnitrs quality? Wh applies the valuatins t the units and wh reprts this t the unit hlders?

5 5.3 By way f reference, the list belw identifies sme f the mst cmmnly-used verbs in statements f wrk and can be used as a checklist t trigger thughts in preparing statements f wrk frm scratch: repare Assemble Evaluate Cmpile Review Develp Apprve Implement Test rvide Reprt Cmplete Execute Ensure Maintain Mnitr Install 6. Summary The creatin f statements f wrk that describe the custmer s technical and peratinal requirements and the parameters f the relevant envirnments and prcesses are essential t aviding arguments as t scpe with the supplier fllwing cmmencement f the relevant services. Latham & Watkins has prepared standardised ITIL-cmpliant language that can be used by the custmer t quickly prepare statements f wrk and address the challenges identified abve. lease cntact justin.crnish@lw.cm if yu wuld like t receive further infrmatin r discuss this tpic further. Disclaimer: Middle East & Africa Technlgy, I and Surcing Fcus is made available by Latham & Watkins fr educatinal purpses nly as well as t give yu general infrmatin and a general understanding f the law, nt t prvide specific legal advice. Yur receipt f this cmmunicatin alne creates n attrney client relatinship between yu and Latham & Watkins. Middle East & Africa Technlgy, I and Surcing Fcus shuld nt be used as a substitute fr cmpetent legal advice frm a licensed prfessinal attrney in yur jurisdictin. CONTACT Justin Crnish Alice Marsden Brian Meenagh justin.crnish@lw.cm alice.marsden@lw.cm brian.meenagh@lw.cm