A few years ago, I worked for Aprisma, the company that's best known for its Spectrum network management product. At the time, Aprisma had outsourced its VPN to a service provider to provide access to the corporate network for remote offices and traveling employees.When Aprisma negotiated a service-level agreement with the VPN vendor, it insisted on service-level objectives (SLO) that specified certain levels of availability and performance, to which the provider agreed. The SLA specified financial penalties in the form of service rebates for SLA-violations not to exceed the total monthly fee.After a year of receiving service from the provider, Aprisma's CIO gleefully told me that she had never had to pay the VPN service vendor's monthly fee - ever! The reason was that the provider repeatedly failed to achieve the SLOs specified in the SLA, resulting in service rebates month after month. One would think, after a few months, that Aprisma would have canceled the contract with the vendor for non-performance and simply found another company to provide the service, but it did not. Why?The answer is that the levels of service being provided were actually acceptable - I can vouch for that, as I used the system every day and never had a problem with it that I can remember. The provider's fatal mistake was in not making absolutely sure that it could meet the SLOs in the agreement, and also in forgetting that it was doing business with a network management software vendor that could easily verify the service provider's compliance with the agreement. That brings up an interesting point - service consumers should leverage their investments in management technologies to verify their provider's compliance with the SLAs, as there may be some free service to be had simply by holding their feet to the fire.I believe that many service providers create SLAs without making sure that they are realistic, and many service consumers lack the technical sophistication to validate if the SLOs are actually being met, instead trusting the data gathered by the provider. This is a common problem with SLAs that are written at an elemental level instead of guaranteeing levels of service from the end-user perspective (see https:\/\/www.nwfusion.com\/newsletters\/asp\/2004\/0830out1.html for more information on end user-based SLAs).This is an incredibly flawed business model, as no service provider can stay in business long without receiving revenue from its customers. It's like getting a bad meal from a restaurant, and when you complain about it, the manager gives you a coupon for a free meal. Do you _really_ want another meal, free or otherwise, unless there is empirical evidence that they have rectified the problem?This typifies a real problem in the service provider\/service consumer model today: poorly written SLAs based on unachievable SLOs can be disastrous for the vendor, resulting in significant financial losses when adequate levels of service are actually being provided. The reverse also holds true - SLOs that are vague or difficult to measure are not worth the paper they are written on. It is critical to both the service provider and the consumer to ensure that the SLA they agree upon provides a business-relevant level of service to the consumer that can be easily measured and verified by both parties.I welcome your ideas, suggestions and comments on the subject of outsourcing; my e-mail address is below. Thanks for reading.