(270) 506-5140 CONTACT US
Contract Management

The Basics of Service Level Agreements for Vendor Contracts

Aug 27, 2019 by Branan Cooper

As a professional in third party risk management, you probably hear the term service level agreement, or SLA, for short, often. So, it’s important to understand what they are. To help, we'll go through a few basic points now.  

What’s an SLA? 

A service level agreement (SLA) is "an agreement that sets the expectations between the service provider and the customer and describes the products or services to be delivered, the single point of contact for end-user problems and the metrics by which the effectiveness of the process is monitored and approved.” - Gartner

It's a key component of every contractual relationship with your third parties. The SLA should be developed between two companies – your organization and the third party. Ideally, it will be tailored to the products and services the third party is providing. 

What Do You Include in an SLA?

The SLA should include the following:

  • Metrics
  • Responsibilities
  • Expectations
  • Timing and Frequency

Additionally, spell out very clear expectations on the type of reporting and documentation you’ll receive from the third party. It will always vary based on the type of service. You should request that robust reporting be developed in order to demonstrate that the third party is performing in the expected manner. While it’s certainly your responsibility to track and analyze the reports provided, you shouldn’t need to go and ask for them each time; the third party should be obligated to provide without reminders but you must keep track and follow up if they're not delivered. 

What Do You Do If an SLA Is Broken? 

When something looks amiss, react to it early and inform your board and senior management. Also, be sure you have their support in enforcing the contractual terms, even if that means escalating items to make sure you get them. While things like due diligence and notification of outages or providing of audit reports may be covered in other areas of the contract, it’s not a bad idea to make sure so that, if not, you can add them as an SLA provision. 

Remember that SLAs provide your organization with an opportunity to set standards, require high-quality performance, identify benchmarks, create consistency and more. Therefore, they’re a very important element of any successful third party risk management program. 

Now that you've learned the basics, dive deeper into vendor contract management. Download the eBook.

how to master vendor contract management

Branan Cooper

Written by Branan Cooper

Branan Cooper is the Chief Risk Officer at Venminder. Branan has nearly 30 years of experience in the financial services industry with a focus on the management of operational and regulatory processes and controls—most notably in the area of third party risk and operational compliance. Branan leads the Venminder delivery team as the third party risk management subject matter expert in residence. Branan also serves as an industry thought leader. He's a member of InfraGard and the Professional Risk Management Industry Association (PRMIA). And, he was selected in 2018 as an advisor to the Center for Financial Professionals (CEFPro) and board member for the Global Sourcing Resource Network (GSRN).

Follow Branan Cooper

Subscribe to the Venminder Blog