1 / 28

Cloud Contracting Discussion October 28, 2011

Cloud Contracting Discussion October 28, 2011. Corporate Contracts' history. Background. Founded in 2000 by Executives from Principal Financial Group Unique Experience Building a World Class IT and Strategic Sourcing Process Headquartered in Des Moines, IA

tiponya-gonzalez
Télécharger la présentation

Cloud Contracting Discussion October 28, 2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cloud Contracting Discussion October 28, 2011

  2. Corporate Contracts' history Background Founded in 2000 by Executives from Principal Financial Group Unique Experience Building a World Class IT and Strategic Sourcing Process Headquartered in Des Moines, IA 10+ years of growth and profitability from 2000 through 2011 11180 Aurora Ave. Urbandale, IA 50322

  3. Speaker: Randy Roth Background

  4. License Models • SaaS • Subscription • Term • Perpetual • ****** • Hosted/ASP • Cloud

  5. Is SaaS Good or Bad? • Neither • Depends on company’s needs • Can Product be easily replaced? • Mission Critical? • Mission Important? • Expense vs. Capital • Is it a panacea? • Enter agreement with eyes open and negotiate reasonable agreement.

  6. Gartner Debunks SaaS Myths • Staffing Myth – Can you really reduce headcount? Not FTE • Rapid Release Myth – Releases are on service provider’s schedule. • Shelfware Myth – Most service provider’s still require a large # of seats up front. • Pay For What you Use Myth – See Shelfware Myth above – generally rigid contracts. • The TCO Myth – May be cheaper the first couple of years.

  7. Cloud Terms • Perpetual license/hosted environment vs. SaaS Subscription/term license • Mission Critical? • Mission Important? • # of interfaces • Type of data to be stored

  8. Cloud Terms Level of the company as Licensee Some companies want holding company only Others want all subsidiaries and affiliates as licensee This Master Agreement (hereinafter referred to as “Agreement”) is effective as of _____________, 201_ and is made and entered into by and between Company, Inc. and its Affiliates (hereinafter referred to as “Customer”) PREAMBLE vs. This Master Agreement (hereinafter referred to as “Agreement”) is effective as of _____________, 201_ and is made and entered into by and between Company Holding Company, Inc. (hereinafter referred to as “Customer”) 11180 Aurora Ave. Urbandale, IA 50322

  9. Cloud Terms • Relationship of Agreement and Order Form. • Agreed-upon terms and conditions • incorporated into Order Forms executed by the parties. • Each Order Form is a separate agreement which incorporates all agreement terms. • The provisions of this Agreement shall control over any conflicting provisions in an Order Form. SAVE YOURSELF FROM YOURSELF

  10. Cloud Terms • Grant of License. service provider grants to Customer: • A nonexclusive, worldwide, transferable, royalty-free, irrevocable (during the term) license to use the Software (“License”). • Subject only to limited restrictions, Customer may: • (a) permit use of the Software by authorized persons including auditors, temporary personnel, contracted personnel, customers, consultants and Licensors • (b) permit use of the Software by third parties performing services on behalf of Customer (Outsource/hosted) LICENSE GRANT SaaS suppliers may insist that a license grant is not needed. However, you need to assure your business can operate effectively without being out of compliance with the software (Service). This lays it out such that your rights are assured.

  11. Cloud Terms • Acceptance. • Acceptance Period. Customer will have ninety (90) days (an “Acceptance Period”) from the date of delivery of the Software to determine whether the Software complies in all material respects with this Agreement, the Order Form and the Specifications. • Acceptance Test. Upon completion of the evaluation, Customer shall notify service provider whether Customer has accepted the Software (or any Upgrade) (“Accept”) or whether it has identified nonconformities (“Reject”). In the event that Customer Rejects the Software, Customer shall provide service provider with a written list of items that must be corrected. service provider shall thereafter… • Make sure that it rolls… find a problem, fix a problem… Up to XXX days, then Licensee may terminate and receive refund. ACCEPTANCE

  12. Cloud Terms • Perpetual vs. SaaS • Perpetual should have no termination provision. • SaaS, either party can terminate agreement which will terminate the license. TERMINATION…

  13. Cloud Terms • Customer Networks. • If access to Customer’s Networks is required in order for service provider to fulfill its obligations to Customer, then Customer shall determine the nature and extent of such access. If remote access to Customer’s Networks is given to service provider, then any and all information relating to such remote access shall be considered Customer’s Confidential Information. In addition, any and all access to Customer Networks shall be subject to the following: • Customer’s Networks will be used solely … • Without limiting any of its other rights, Customer shall have the right to restrict and monitor the use of the Customer Networks, and to access, seize, copy and disclose any information, data or files developed, processed, transmitted, displayed, reproduced or otherwise accessed in conjunction with such use… NETWORK ACCESS

  14. CIO Top Priorities 2010 Cloud Terms • Warranties • No litigation • No conflict • No 3rd party fees • Performance • Non-infringement • Services • Compatibility • Undisclosed restrictive code • *Electronic Self-Help* • Harmful code • No Open Source

  15. Cloud Terms • Infringement Indemnity. • Several licensors have refused to indemnify in recent history. INDEMNIFICATION

  16. Cloud Terms Limitation of Liability. NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR OTHER ECONOMIC LOSS ARISING UNDER THIS AGREEMENT. THIS LIMITATION OF LIABILITY WILL APPLY REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT OR TORT, INCLUDING NEGLIGENCE AND INDEPENDENT OF ANY FAILURE OF ESSENTIAL PURPOSE OF THE REMEDIES PROVIDED HEREUNDER, AND SHALL APPLY WHETHER OR NOT A PARTY HAS BEEN APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. FURTHERMORE, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR DIRECT DAMAGES IN EXCESS OF… NOTWITHSTANDING THE FOREGOING, THE PARTIES ACKNOWLEDGE AND AGREE THAT THE PROVISIONS OF THIS SECTION 17 SHALL NOT APPLY TO 1) ANY BREACH BY A PARTY OF ITS OBLIGATIONS UNDER SECTION 14 (WARRANTIES); 2) SERVICE PROVIDER’S OBLIGATIONS UNDER SECTION 15 (CONFIDENTIALITY); 3) SERVICE PROVIDER’S OBLIGATIONS UNDER SECTION 16 (INDEMNITY); 4) SERVICE PROVIDER’S BREACH OF THE SERVICE PROVIDER’S SELF-HELP PROVISION OF THIS AGREEMENT OR 5) DAMAGES TO ONE PARTY CAUSED BY THE INTENTIONAL MISCONDUCT OR GROSS NEGLIGENCE OF THE OTHER PARTY. LOL * NOT LAUGH OUT LOUD

  17. Cloud Terms • Sensitivity of data to be stored off-site. • Personally Sensitive Information (PSI) • Personal Health Information (PHI) • Non-Public Personal Information (NPPI) • Personal Identification Codes (PIC) • Privacy Laws • Health Insurance Portability and Accountability Act (HIPAA) • Gramm-Leach-Bliley Act • Establish ownership of data and how it is to be treated upon termination. DATA PROTECTION

  18. Cloud Terms • Disaster Recovery – require warranty that they’ll maintain a plan and 24 hour full performance of services. • Back-up and Protection of Data and Materials – Require off-site backup and storage on a daily basis. • Reconstruction of Data – service provider should promptly reconstruct all lost data at service provider’s expense. • Business Continuity – Require a BC plan to be in place at all times. May consider making it a part of the agreement. • Ownership and Treatment of Data – Define company’s ownership of the data, that there is no inherent license to service provider of any data. • Physical Security of Data – service provider must physically secure all tangible and electronic data. • Personally Sensitive Data – Add an add’l level of security for all PSI. • Leaks – If data is leaked or suspected of being leaked, service provider must at its own expense, notify and cooperate with authorities and customers. DATA PROTECTION – CON’T

  19. Cloud Terms • Need to keep systems running if terminated. • Customer is harmed if Service Provider fails to provide assistance. • Service Provider needs to continue performance levels. • Requires specific performance. • Service Provider assumes an independent obligation to continue performance even in an alleged breach by company. • Require for a minimum of 120 days. TRANSITION ASSISTANCE/CONTINUATION OF PERFORMANCE

  20. Cloud Terms • Establishes expected service levels • Lays out SLDs (Service Level Defaults) • Service Credits for lack of hitting service levels • Require Root Cause Analysis • Continuous Improvement SERVICE LEVEL AGREEMENT

  21. Cloud Terms • Customer has right to audit Service Provider’s provision of services. • 2 days notice • Includes everything related to the service: • the data center • data center processes, • backup procedures • disaster recovery procedures • data handling procedures • Company data, • any and all records supporting the delivery of Services • security procedures. AUDIT RIGHTS

  22. Cloud Terms • External auditor’s report on processes surrounding the service. • Statement on Standards for Attestation Engagements • If service affects the financial statement of your company, this should be required. • SSAE 16 effective as of June 15, 2011 and should now be expected as a part of an outsourced service. • http://www.ssae16.org/white-papers/ssae-16-vs-sas-70--what-you-need-to-know-and-why.html SAS 70 / SSAE 16

  23. Cloud Terms Governing Law. This Agreement shall be governed by the substantive laws of the state of ____________, without reference to conflict of law principles. However, if any version of the Uniform Computer Information Transaction Act (UCITA) is enacted as part of the law of the aforementioned state, said statute shall not govern any aspect of this Agreement or any license granted hereunder, and instead the law as it existed prior to such enactment shall govern. ANTI-UCITA

  24. Cloud Terms • Entire Agreement. Reject the use of • Pre-printed terms and conditions on POs • all terms of any “shrinkwrap”, “clickwrap”, “browsewrap” or other service provider license form not signed by an authorized officer of Customer. ENTIRE AGREEMENT

  25. Cloud Terms Waiver of Jury Trial.  Each of the parties hereby unconditionally waives any right to a jury trial with respect to and in any action, proceeding, claim, counterclaim, demand, dispute or other matter whatsoever arising out of this agreement. WAIVER OF JURY TRIAL

  26. Questions? Randy Roth randy@corporatecontracts.com (515) 309-5600

More Related