Meaningful security SLAs

Abstract

Service Level Agreements (SLAs) are the de facto method of managing IT Outsourcing (ITO) contracts. Negotiated during pursuit (pre-sales) phase and then used as a dashboard for performance management during delivery the SLA ultimately becomes both the lever and the measurable for revenue and margin performance on a contract. That SLAs should be meaningful, both for customers and vendors as defined by some objective criteria, seems obvious but evidence from procurement failures for large IT systems suggests otherwise. As a consequence of bringing a rigorous and analytical approach to negotiating meaningful SLAs for ITO deals we have encountered on two occasions a customer requirement for a performance oriented security SLA that was not meaningful by our definition. This has inspired an investigation into the possibility of offering alternative security SLAs that we believe would be meaningful to both HP and customers with potential for improved operational visibility into the cost of delivery that also differentiates HP’s offering.