In PKF Avant Edge, one of the things we’ve been asked to do is to provide advisory and implementation on policies and procedures. We find a lot of companies have sound policies governing internal processes, but not so sound policies governing third-party providers. Some have not even heard of a Service Level Agreement (SLA) before, and when asked when would the vendor respond to their IT issues, they blissfully responded, “Maybe tomorrow. Sometimes next week.”

In many cases, the promise of a cheap service provider, whether supporting your network, your server or devices or simply IT infra; is enough for the company. As long as they pay RM1000 less a month, that’s all that matters. Is it? What if you get crap service? What if the provider is unable to support certain things? What if there are variation orders for additional tasks not provided for?

This is where proper third party governance comes in. It’s invariably a critical process we look at in all our IT audit exercises. No use strengthening internally when your dependence on external parties are not properly structured!

What is a Service Level Agreement?

A service level agreement is a contract between a service provider and a customer that specifies what the services are being provided by the service provider. The services can be measured, justified and compared to those who are providing the same services.


The benefits of SLA:

  1. A proper SLA helps to strengthen communication, so that the parties come to better understand each other’s need, priorities and concerns.
  2. The SLA process facilitates the identification and discussion of expectations. Therefore, the two parties will achieve shared expectations about services and service delivery.
  3. With shared understanding about needs and priorities .An SLA and the communication process involved helps to minimize the number and intensity of conflicts.
  4. SLA provides mechanism for periodic review and modifications to services, expectations and responsibilities due to changing circumstances.
  5. With the presence of an agreement, SLA provides a consistent, on-going and mutually agreed to basis for assessing the service effectiveness.

The key components to SLA:

  1. List the exact services being provided so that customer will not expect more than the expected services listed in the SLA.
  2. Let the customer know what they should expect from you and what you expect from them.
  3. SLA give customers a timetable to let them know how long it will take the service provider to get back with them via phone call, email or whatever agreed upon method is.
  4. Let the customer know what is the procedure for any disagreement and how exactly it is handled will gives the customer peace of mind.
  5. The SLA let you know when you’re expected to pay and if you don’t pay by that time, what the repercussions will be.

Popular metrics used in Customer service:

  1. Turn Around Time: The time it takes you to complete any given task.
  2. Time Service Factor: A percentage of calls answered within a defined timeframe.
  3. Average Speed to Answer: This is self-explanatory, the amount of time it takes to have a call answered by your customer service agents.
  4. Abandonment Rate: Percentage of calls abandoned while they are waiting to be answered.

Why do SLAs fail?

  1. Service providers want to create an SLA to suppress customer complaints. Conversely, customers want to use an SLA to blow the service provider whenever service slips.
  2. The process of communicating and building the foundation for a win-win relationship is essential to the success of SLA. It is much more than just filling in the SLA template. If the relationship is lacking, even the best-written document will be worthless.
  3. Both parties must be involved in the formulation of an SLA. If one party attempts to control the process, member of the other party may resist its provision even if they might otherwise support them.
  4. A common misconception is that once the SLA document is complete, the job is done. As a result, an SLA that is not managed fails upon implementation.

So please, if you haven’t done so, ask yourself: “Did we formalise our relationship with the service provider? Has an NDA been singed? Are proper SLAs measurements in place?”. Gone are the days of a handshake agreement. We now need proper documentary proof to govern how we run our businesses.