Upgrading a large complex portion of a company’s (“Newco’s”) IT infrastructure can be a daunting task.  However, as its business grows, Newco will want and need to add new capabilities and enhance existing service offerings.  Here is a brief overview of some strategies for helping Newco navigate the process including software and hardware procurement, finding the right systems integrator, negotiating Service Level Agreements (“SLAs”), and ensuring timely on-budget implementation.  

Software and Hardware Procurement

Newco will want to work closely with the Systems Integrator (“SI”) during the procurement process in order to lay the foundation for successful negotiation of the various vendor agreements and implementation.  It will give Newco insight into the players, products, and scope of the upgrade, and put Newco in a position to apply and integrate specific data points into its agreements.  Newco wants to ensure that its procurement experts are not just seeking the newest software and hardware on the market, but rather specific solutions that meet Newco’s needs and helps Newco meet its primary goals and objectives.  Otherwise, contract negotiations will be less valuable.

When counseling Newco on software and hardware procurement, I focus on understanding the scope and requirements for the new IT network, ensuring protection of the data residing on the existing IT infrastructure, structuring transactions that facilitate seamless transition to the new IT systems, and creating legal obligations that require vendors and consultants to carefully manage IT assets and provide support services that comport with the highest industry standards.  Procurement is a complex process with lots of moving parts, and Newco must work diligently to ensure that it is involved early and often so that the contracts effectively outline procurement objectives in detail, create accountability, define remedies, and establish a clear set of deliverables from service providers, vendors and consultants.  

Systems Integrator Services

As with procurement, Newco will also want to be involved in the process of evaluating and choosing the SI. The SI will be responsible for orchestrating and implementing all of the various hardware, software, networking and storage products Newco chooses during procurement from multiple vendors. Newco will want to see a specific integration plan from the SI and integrate that plan into the SI engagement agreements. Will Newco need to design and build a customized architecture? Will Newco need to integrate new with existing hardware infrastructure? Will Newco be purchasing pre-packaged or customized software?  These are all questions that need to be addressed before agreements are signed.  

The key to a successful SI engagement is (1) ensuring that the SI is legally obligated and contractually bound to optimize the lengthy and complex procurement, implementation, and integration process; (2) outlining the SI’s responsibilities for administering, overseeing and supervising the IT service providers; (3) measuring SI’s performance against well-defined criteria; and (4) obligating SI to actively and effectively communicate with, and facilitate communication by and among, Newco and the various software and hardware vendors, suppliers, contractors, and consultants.  Moreover, the SI’s pitch to Newco needs to match its process as provided for in the SI Managed Services Agreement.

How does the SI’s process ensure quality control over implementation, software and hardware testing and acceptance; strict adherence to vendor and consultant representations and warranties; facilitate workflows; and achieve milestones outlined and defined in the various agreements with vendors and consultants?  Does the SI have its own systems integration software including a shared dashboard with Newco that enables simultaneous viewing and tracking of deliverables?  Ultimately, Newco must develop an intimate understanding of the SI’s toolkit in order to lay the foundation for successful contract negotiations with the SI.  

Service Level Agreements

The SLAs should include not only a description of the services to be provided and their expected service levels, but also metrics by which the services are measured, the duties and responsibilities of the vendors and consultants, the remedies or penalties for breach, and a protocol for adding, removing and modifying metrics as the procurement and implementation process unfolds.  SLAs should outline the specific services to be provided, what, if anything will be excluded, conditions of service availability, standards such as time window for each level of, responsibilities of each party, escalation procedures, and cost/service trade-offs.

SLAs should also include measurement standards and methods, reporting processes, contents and frequency, a dispute resolution process, and an indemnification clause protecting Newco from third-party litigation resulting from service level breaches.  Newco will want to draft carve-outs for limited liability provisions in the SLAs related to indemnification obligations, breaches of confidentiality, gross negligence, and intentional misconduct.  At their core, SLAs should be a reflection of Newco’s technical goals (i.e. availability levels, throughput, jitter, delay, response time, scalability requirements, new feature introductions, new application introductions, security, manageability, etc.), and any constraints or limitations on such goals. The SI will need to prepare software application profiles in order to help define the corresponding scope of the IT network’s service level requirements.

Ultimately, the hardware and IT infrastructure need to support all software application requirements without suffering a downgrade in any network services.  The SLAs must articulate the convergence and interplay between Newco’s business requirements, the proposed software application profile, and corresponding IT network requirements such as bandwidth, delay, and jitter.  In addition, it is crucial that the SI, vendors and consultants all understand the potential impact on Newco and its customers of any network downtime.  Availability and performance standards (i.e. round-trip delay, jitter, maximum throughput, bandwidth commitments, overall scalability, etc.) in the SLAs will create the legal thresholds for the service expectations of Newco.  Moreover, service level definitions in the SLA are worthless unless Newco is able to collect metrics and monitor compliance.  

Linking Payment Terms to Deliverables

In the various Statements of Work attached to the Services Agreements, whether fixed fees or time and materials, Newco will want clearly defined deliverables with corresponding milestones, an acceptance process for each deliverable, and payment terms tied to the acceptance of those deliverables.  A Change Order process is also helpful in avoiding “scope creep” and forcing service providers to stay on budget.  

Specific Language To Hold SI And Contractors Accountable For Project Schedule And Budget

Newco’s agreements with SI and contractors must always have timelines for deliverables, definitions of scope of supply of services and products tied to a specific cost structure, and requirements for active and ongoing communication about status.  

Allowable Uses For Contingencies

The various risk factors that cannot otherwise be accounted for in a clearly defined statement of work and corresponding fee structure should be clearly outlined in the applicable agreements. Unpredictable costs should be de minimus if Newco has chosen the right products and team to implement them. Material and reasonably unpredictable scope of work errors and miscalculations and unforeseeable implementation issues should be the triggers for use of contingencies.  Costs associated with a vendor’s estimating inaccuracies and “scope creep” due to underbidding should not trigger release of any contingency set-asides.  The contingency clause should also describe the process by which contingency funds may be accessed, and the paperwork and approvals needed to use contingency funds.  

Privacy

Finally, Newco must incorporate information security and privacy protections into every aspect of the IT infrastructure upgrade.  This is especially important in light of the evolving body of consumer-oriented privacy laws and regulations governing outsourcing transactions including, but not limited to, the California Consumer Privacy and Protection Act of 2018.