A service-level agreement (SLA) (service-level agreement) – service-level agreement (DNO) or product-level agreement (PLA), is a type of agreement in which agreements are made between the supplier and the buyer of a service or product.
Agreements are made about the performance indicators and quality requirements of the service or product to be provided, so that these can be tested later. An SLA describes the rights and obligations of both parties. An SLA can exist as an agreement between both external (supplier) and internal (customer) parties within an organization.
Supplementary to the SLA, an Agreements and Procedures File (DAP) can be drawn up, containing agreements about the manner of cooperation between provider and customer.
SLAs are mainly applied in the IT sector. In addition, SLAs are also applied in other service sectors, such as telecommunications, healthcare, facilities management and the security sector.
What is an SLA?
An SLA is an agreement, usually in writing, between a supplier and a buyer of certain services and/or products (see figure 1). In addition to the description of the services to be provided, an SLA also contains the rights and obligations of both the provider and the customer with regard to the agreed quality level (service level) of the services and/or products (services) to be provided.
An SLA can have the status of a contract, but it does not have to be. In general, an SLA has the status that the users assign to it. This means that an SLA can be used, for example, between organizations as a formal contract, with all the associated legal properties. On the other hand, an SLA can also be used to document agreements within one organization, without a special status being linked to it. In the latter case, the SLA can generally be simpler in design and it will suffice to provide a description of the services to be provided and a small number of administrative aspects, such as validity period, reporting, work consultation and the passing on of costs. With the help of an SLA, it is thus achieved that the buyer and supplier have the same picture of the products and services to be delivered.
It is also essential for an SLA that it is agreed (implicitly or explicitly) that certain services will not be provided. Both parties have an interest in this, as extra performance usually also costs extra money. For example, a computer will never be available 100% of the time, and the step from 99% to 99.9% is usually very expensive.
Drawing up an SLA The process leading to an SLA between a provider and a recipient of services is as follows. In principle, the initiating step to arrive at an SLA lies with the intended customer of the services. In a written request, he/she will formulate which services he needs and which preconditions apply. Such a request is referred to as Service Level Request (SLR). In response to the SLR, the intended provider prepares a draft SLA, also known as a Proposal. If necessary, both parties can still negotiate, after which the SLA is agreed. The SLA is then approved by both parties. It is not enough to draw up an SLA once. Every organization is subject to changes over time, which will have an impact on the agreements made, which are laid down in one or more SLAs. An SLA should therefore be evaluated on a regular basis. If it appears that the content of the SLA no longer corresponds to the actual performance of the services described therein, the services must be corrected again to the agreed level, or the SLA must be adjusted. An adjustment of the agreements in an SLA can be initiated by both the provider and the customer by submitting a Request For Change (RFC). If necessary, the provider can propose a change by immediately offering a new concept SLA to the customer. An SLA describes the performance requirements for the services to be provided. Critical performance indicators (KPI) are used to formulate these requirements: each performance requirement is translated into one or more performance indicators. A standard is then determined for each performance indicator, which must not be exceeded. Performance indicators used in an SLA must be verifiable. This requires that each performance indicator itself meets five requirements, the so-called meta requirements:
- Validity: The performance indicator must be a measure of the performance (requirement) in which insight is required.
- Validity: The performance indicator must be applicable in the situation in which it is applied.
- Clarity: The performance indicator should only be interpreted in one way.
- Measurability: The performance indicator’s readings must be quantitatively quantifiable (there must be a measurement scale for the indicator).
- Comparability: The metrics of the same performance indicator in different situations should be comparable.
Ultimately, a standard must be determined for each performance indicator, in other words a value that may not be exceeded. A standard can be a minimum (for example for availability) or a maximum (for example for delay). In addition to the performance requirements set for the services to be provided, an SLA also describes the restrictions that apply to the buyers of the services. Examples of restrictions are: a maximum number of concurrent users or transactions, timely notification of problems or changes, and so on. Restrictions are formulated in the form of requirements that customers must adhere to. These requirements (analogous to the performance requirements) must also be translated into performance indicators. A standard is then determined for each performance indicator, which must not be exceeded.
The content of an SLA The precise content of an SLA strongly depends on the services to be provided and the way in which the provider and the customer of these services deal with each other. However, general guidelines can be given for its structure. An SLA consists of the following parts:
- A description of the parties involved. For each of the parties this means stating the name and location of the organization. In addition, it must be indicated here who is authorized to negotiate the content of the SLA, and who acts as contact person.
- A place for signing, which makes the statement of approval visible.
- A (brief) characterization of the agreement, with a description of its scope. This can be supplemented with a description of the history of the agreement by indicating when which change proposals (RFCs) were processed in the agreement.
- A description of the services to be provided, in which the following matters are formulated:
- The functionality of the services:
- The features offered;
- The opening times;
- Any user support and training;
- The performance requirements set for the service:
- Response time;
- Troubleshooting and maintenance rounds;
- Calamity scheme;
- The restrictions that apply:
- Maximum number of (simultaneous) users;
- Maximum number of transactions;
- A description of the relevant administrative aspects:
- The validity period of the SLA;
- The scheme used for extending the validity period;
- The regulation that is used for changes to the SLA;
- The system used to determine the costs and the way in which the costs are charged;
- The arrangement used for escrow;
- The scheme that is used for the settlement of disputes and the description of any third party that can play a role in this;
- The liability of both parties;
- A description of circumstances in which force majeure can be invoked; Indicating the reports that are mandatory and which frequency applies;
- Work consultation that is implemented and who is part of it;
- A confidentiality clause;
- A penalty clause;
- Any attachments.
- On the one hand, these can be explanations in which matters are defined or elaborated in such a way that differences in interpretation are prevented.
- On the other hand, these can be things that must be able to change, without the entire SLA having to be re-approved.
- The functionality of the services:
The evaluation of an SLA
In an SLA, performance indicators and associated standards are formulated for the performance requirements that the services to be provided must meet. If all associated standards are met for a particular requirement, then that requirement is met. In order to determine the extent to which the standards are met, the performance indicators are measured several times over time. In this way, measurement values are determined for each performance indicator, which can be compared with the standard. Deviations from the standard can be incidental in nature, but also structural. The extent to which incidental deviations are acceptable depends on the performance indicator and the situation. No generally applicable statements can be made for this.
As a supplement to the SLA, the SeLA was created (Hillenius). In addition to the service, the desired experience of the customer is also recorded. The advantage of this addition is that the focus is not only on performance indicators, but also on the customer’s experience. This experience can generally be determined on the basis of the core value of an organization. The customer chooses an organization for a specific reason. If the core value (promise) cannot be found in the service provision, there will be a reduction in quality perception. In a SeLA, the technical, functional and relational quality is established.
With backup, in IT security, we mean a disaster recovery process or, in particular, the securing of information in an IT system through the creation of redundancy of the information itself (one or more backup copies of the data, for example your letters, photo’s or even gmx mail), to be used such as data recovery in case of accidental or intentional malicious events or simple system maintenance.
The concept of backup applies to everything that is computer in the proper sense of the term and therefore also to, for example: satellite navigators, audio or video players, mobile phones, smartphones, laptops and tablets, various electronic devices containing software. For the devices, the backup also applies to the configuration (the settings and customization file): for example a common router or a firewall, but also the common on-board computer of a vehicle, or in the network, a switch. The backup process is a fundamental aspect of managing a computer: in case of breakdowns, tampering, theft, loss, attacks by malware, vulnerabilities in the system, etc., it is ensured that a security copy of the information exists. Thus ensuring a logical / physical redundancy of the data. Having a dedicated software or software included in your operating system, the backup can be performed manually, i.e. launched by the user when needed, or set automatically: in this second case it is the application that with a set periodicity (for example once a day or a week) starts the process.
Another programming possibility is “on event” (the classic case is when new software is installed or when some hardware parameter goes beyond an alarm threshold). In addition, other advanced features can be established if made available by the software used: selection of folders / files or volumes, type of excluded files, and many others. Applications often use the term job or the like to indicate the specific backup execution, at a given moment in time (history), (scheduled or automatic or manual / on demand): in practice, a specific backup session, for example your outlook backup. Most of the current operating systems for personal computers integrate some backup program to be configured, but only specially equipped servers normally contain an automatic native service with relative dedicated memory. The result of a backup performed using dedicated software is always a compressed file, often with proprietary or non-standard extensions, possibly stored in variously named folders and sometimes accompanied by other small configuration files.
Want more info about Service Level Agreement?