How to write an IT service-level agreement

A service-level agreement (SLA) is a document that clearly lays out your responsibilities as a client's managed services provider. Learn how to write an SLA to protect your managed services business by avoiding confusion with customers that can lead to expensive lawsuits.

Writing an IT service-level agreement (SLA) is important if you're rolling out a services-based line of business, such as managed services. Whereas many resellers may have previously acted only as intermediary between their customers and vendors, more and more are providing service directly -- or at least rebranding services from a managed service provider (MSP) as their own.

This closer, longer-term relationship means you'll have to draft an SLA to define exactly what you should and shouldn't be expected to do for your clients. An SLA may even be a prerequisite to getting your company insured.

What is an SLA?

An SLA essentially serves to protect you by limiting your liability, according to Charles Weaver, president of the MSP Alliance, a Chico, Calif., association for MSPs. Because SLAs spell out what is expected of both parties, they not only protect you in lawsuits, but help prevent them in the first place and can resolve disputes that might otherwise hurt the business relationship. Writing an IT service-level agreement lets both parties know what to expect, so you can resolve disagreements before they become heated.

If you subcontract any work, the SLA should also specify this and explain how your client's data can be shared with third parties. This can be especially important if a client has to comply with regulations, like HIPAA or Sarbanes-Oxley, that restrict how information can be shared.

SLAs can also make your job easier by restricting your client's ability to hire outside consultants to work on the machines you are hired to cover. These clauses aren't meant to lock your client in, but to protect you from having to fix problems an outside party introduces. Another common clause limits your liabilities to the amount your client has paid you, said Rob Scott, a partner with Scott & Scott LLP, a Dallas law firm specializing in IT law.

A typical approach is to draft two documents. The first is a master services agreement (MSA), which defines your services and liabilities in general terms; this will be the same for all your clients. The second is the SLA itself, which is specific to each client and lists exactly what you're expected to do -- such as how many and which servers you will cover, and what you're expected to do with them.

Writing an IT service-level agreement

The first step to writing an SLA is to determine what services you want to offer in layman's terms, Weaver said. The SLA will simply formalize those offerings. You should hire a lawyer to draft the MSA and SLA, since they are legally binding documents. If possible, you should hire a lawyer who understands your business, Scott said; for instance, if you're an MSP, a lawyer specializing in MSPs would be best. But since the documents are essentially contracts, the most important core skill is an understanding of contract law, Weaver said.

The MSA and SLA should cost roughly $3,500, Scott said. Scott provides an MSA verbatim to each client, as well as a "check-the-box" template for SLAs. This template allows his clients to write service-level agreements for their own clients without having to consult him each time; they just check off the appropriate boxes and fill in values for each client's specific needs, Scott said.

Next Steps

Outcome-based contracts: Be careful what you wish for

Dig Deeper on MSP business strategy