|
Outsourcing business continuity services to an external services provider (ESP) makes good financial and organizational sense — but only if enterprises carefully negotiate their service contracts.
Important Contract Negotiation Issues
Syndication vs. Dedicated Services
The syndication or subscription approach to disaster recovery — in which the ESP sells access to disaster recovery resources (e.g., data centers, workplaces, servers, disk space and network capacity) to multiple enterprise clients — is usually more economical than dedicated in-house services maintained by the enterprise itself. ESPs can deliver dedicated resources to a given enterprise — and indeed many of the newer styles of service dictate this approach — but at substantially higher cost.
This risk-sharing syndication approach does have certain disadvantages: If a regional disaster affects multiple clients sharing the same resources, the ESP cannot guarantee access to any particular client. The ESPs manage this potential risk carefully, by limiting the total subscribers to a given resource, as well as the total subscribers in a given locality. The major vendors have multiple recovery locations, and Gartner knows of no instances of clients being turned away — even in extreme cases, such as the attack on the World Trade Center on 11 September 2001. Nonetheless, enterprises must:
- Check for any exclusion zones. Contracts should specify the locations of clients subscribing to the same resources, as well as the total number of subscribers.
- Ensure that all stakeholders are satisfied with the risk that invocation of disaster recovery services is not guaranteed. Any contractual penalties for service providers that fail to meet their obligations are usually minimal compared with the potential consequences for the client. Enterprises should closely examine insurance policies backing any ESP claims of unlimited liability.
Contract Duration
Three-year contracts are advisable for most enterprises. Shorter-term contracts are likely to be too expensive, because they require the ESPs to meet their profit-margin targets much more quickly. Longer-term contracts usually cause enterprises to pay substantially more than the market rate after the third year. This is because the market rate for these services has declined by an average of between 10 percent and 20 percent annually in recent years, largely due to declining hardware costs and more-efficient operations. The ESPs, therefore, make most of their profit toward the end of a contract. ESPs typically offer significantly better prices for longer-term contracts; the monthly or annual fees for a three-year contract may cost from 12 percent to 25 percent more than an equivalent five-year contract. The best way for an enterprise to mitigate the risk of paying prices above market rate is to restrict the length of the contract.
Competitive Bidding
Enterprises should always solicit bids from at least two ESPs. This is especially true when contracts are due for renewal. (Enterprises should carefully monitor the automatic or default renewal clauses that are standard in most contracts, which require the client to actively terminate the contract.) The temptation to simply renew the contract can be overwhelming, because of the acknowledged difficulty and risk of switching ESPs, and because the ESP may offer a significant reduction from previous rates. "Comparison shopping" is, however, likely to result in much lower costs — a consideration that more than justifies the time, expense and inconvenience of the competitive bid process.
Annual Increases
Many standard contracts allow the ESP to increase fees by between 5 percent and 8 percent annually. These stipulations are unacceptable and should be removed from all contracts.
Declaration and Occupancy Fees
Some vendors charge declaration fees (i.e., one-off charges payable by the enterprise in the event of a disaster). These fees vary significantly among providers, and are highly negotiable. The ESP often claims that the declaration fees and subsequent occupancy fees (i.e., the daily use charges incurred during a disaster) will be covered by the enterprise's insurance. This is usually true, but enterprises should check their insurance policies carefully, because they may have substantial deductibles or may not cover 100 percent of these fees, and coverage may not extend beyond the first few weeks after the disaster. Depending on their insurance coverage, enterprises may choose either to accept declaration fees (in return for lower daily-use fees) or eliminate them (and accept higher daily-use fees).
Pricing Structures
Some vendors prefer to offer a bottom-line price without explaining the pricing structure. It is usually impractical for the vendor to offer an individual cost per server or platform; however, enterprises should require that proposals be structured as schedules, usually based on technology type, service or enterprise location. This approach offers enterprises greater visibility of cost structures, and enables them to estimate the cost of adding or removing schedules.
Addition of New Resources
Some suppliers would like enterprises to add new resources to existing contracts, each with its own termination date. Gartner strongly advises against this practice because it makes competitive bidding on the entire scope of disaster recovery services impossible. If enterprises wish to add resources, the contract period for these resources should end at the same time as the overall contract. Enterprises may pay higher prices for these additions — because the contract term is shorter — but they will benefit from more-straightforward renewal processes.
Termination Clauses
As with any service contract, the enterprise must analyze risk i.e., what could happen that would require significant changes to, or termination of, the contract. Consequently, the enterprise should consider exit strategies. Most vendors' standard contracts carry highly punitive early-termination provisions (typically requiring payment of the entire remaining value of the contract). The enterprise should negotiate a buy-out schedule that makes early termination a viable option. Additional clauses should be added to cover significant potential changes in enterprise operations — e.g., outsourcing all or part of its data center operations, being acquired, closing an office, or completely abandoning a given technology, such as mainframes. Contracts should provide for a nominal termination penalty under such circumstances, following a reasonable notification period (at least 90 days).
Test Time
The single most important factor affecting ESPs' costs is test time. For this reason, ESPs attempt to limit test time — typically to 48 hours per platform. This is likely to be completely inadequate, especially for enterprises that are changing vendors or implementing disaster recovery services for the first time. Enterprises should examine their test requirements, but Gartner estimates that 72 hours should be considered the minimum test time, and that 96 hours or more may be required (especially in rapidly changing environments). Once the amount of test time has been agreed, the enterprise should determine the cost of additional test time before signing the contract. Reducing test time will significantly reduce contract costs; however, it will also significantly reduce the effectiveness of recovery procedures.
The most significant cause of enterprise frustration with disaster recovery ESPs is the scheduling of tests, particularly when the test integrates multiple technologies and requires multiple, contiguous eight-hour time slots. The parties should agree on a schedule — or, at minimum, the service levels associated with scheduling — before the contract is signed. This requires planning by the enterprise but will prevent later frustration. Most standard contracts guarantee only a single eight-hour time slot, which is rarely adequate. The enterprise should specify its requirements in advance and include them in any contract.
Standard business continuity ESP contracts contain many provisions that may prove unnecessarily costly to enterprise clients — and unnecessarily obstructive to the recovery of business processes. Enterprises that pay close attention to their contracts will benefit from lower overall costs and better business continuity services.
|
