• United States

Components of an outsourcing contract, Part 1

Mar 08, 20063 mins

* What should be in an outsourcing contract?

In last week’s newsletter I discussed assignment clauses in contracts. This is only one minor, albeit important, section of an outsourcing contract. So I thought it would be good to provide an overview of the common parts of an outsourcing contract for those who may be facing this for the first time. Even a high level overview of outsourcing contracts will take more space than I have here, so consider this Part 1, with the remainder to be covered next week.

Scope of Service

This section should clearly describe the rights and responsibilities of the parties to the contract. The first thing to think about is how to define your requirements in the contract. While many service providers find this troubling (as I did when I was the vendor), attaching the RFP and the vendor response can be a good starting point. If the procurement was well run, the requirements and the vendor’s description of how they intend to meet those requirements will be well documented. Vendors don’t like to do this because it puts them in an interesting situation to have the sales language incorporated into the contract. A more legitimate concern is that often times the scope of things explored in an RFP is not the final scope of work to be priced and contracted. So often, the RFP contains too much information to be useful in the contract. A better way is to use the RFP as a guideline to write the actual requirements section for the contract. Other considerations include:

* Descriptions of required activities, timeframes and who is responsible.

* Be clear about integration requirements to other systems.

* Obligations of the vendor including services to be performed, training of employees, customer service processes and reporting requirements.

* Obligations of the customer, including types of personnel and skill requirements.

* Change management practices to add or modify services under the agreement.

Performance Standards

This section defines the minimum service-level requirements and remedies for failing to meet the standards. These standards are commonly called service-level agreements (SLA). Penalties associated with failing to meet the SLAs will also be addressed here.

Security and Confidentiality

This can include the safe handling of data, confidentiality of the client’s plans, activities and their customer data, as well as defining the vendors practices with their staff. This can include requiring the vendor to control access to certain areas of the operation or certain data, requiring the vendor to have non-disclosure agreements with their employees and sub-contractors, as well as requiring the vendor to disclose security or confidentiality breaches.


The client may wish to define certain controls such as record maintenance timeframes, notification of material changes to personnel, approval of personnel assigned, and/or insurance coverage requirements. If applicable, compliance with regulations should be defined as well.


The contract can specify audit frequency, who will pay for the audits, reporting available, and types of audits (e.g. financial, security or internal control). This section may also define timeframes and documentation concerning the resolution of any audit deficiencies.

Next week I will continue this overview of outsourcing contract terms.