| | 2.2 Service Level
10. Service Level Agreement | | |
|---|
| 2.2.10 Service Level Agreement | | 1. The parties are (1) the Owner who specifies and owns their own Bespoke Application Service and (2) the Application Service Provider (ASP) who operates the Bespoke Application Service. | | 2. In the eyes of the law, the Owner is known as the data controller and the ASP is known as the data processor. | | 3. The scope of this service level agreement shall encompass:- | | (1) Deployment of the Bespoke Application Service. | | (2) Support of the Bespoke Application Service. | | (3) Operation of the Bespoke Application Service. | | 4. The scope of this service level agreement shall not include the deployment or support any hardware, network or equipment owned or controlled by the Owner. | | 5. Every Owner has the right to specify that they need more or they need less than what is shown in this document. It would be illogical to imagine that all companies need the same service level agreement and that service level agreement does not evolve over time. |
| Deployment | | 1. Both parties agree that the ASP shall provide application deployment without limit as specified by the Owner to match application service business requirements as commercially viable. | | 2. Both parties agree that the ASP shall not distribute any application software and shall not promote the use of any application software. |
| Deployment Service Level | | 1. ASP warrant the Owner that the application design, development and deployment capability is and shall be fit for purpose and of the highest professional quality. | | 2. ASP shall document in the Bespoke Application Service for the Owner all business requirements advised by people for the Owner to approve. | | 3. ASP shall design, develop and deploy to the Owner approved business requirements according to an agreed time line. | | 4. ASP warrant to the Owner that application deployment finances shall be properly recorded and used in accordance with agreed budgets and schedules specified in the attached schedule 808. For example: All deployment requests shall be implemented free-of-charge. | | 5. ASP shall notify the Owner of all application service changes and additions using the Bespoke Application Service. | | 6. ASP warrant to the Owner that application service facilities shall be designed to be used with any Internet browser running on all kinds of desktop, laptop, tablet and smart phone with any operating system - without the need to install any software. | | 7. ASP shall share application deployment information with the Owner in the English language using the Bespoke Application Service. | | 8. ASP shall implement for the Owner facilities to comply with data processing laws, conventions and regulations as needed. | | 9. ASP shall assign a Data Protection Officer for the Owner to direct the strategic Data Protection Impact Assessment (DPIA) in compliance with Information Commissioners Office (ICO) directives. | | 10. ASP shall work with the Owner to effect data migration to build a new database before a new release is implemented. | | 11. ASP warrant to the Owner that application service facilities shall not contain harmful logic or malware such as worms or viruses. | | 12. ASP shall keep proper records of deployment requests using the Bespoke Application Servuce for the Owner. | | 13. ASP shall share with the Owner all application development documents using the Bespoke Application Service. | | 14. ASP warrant to the Owner that any application defect that impact normal operational use shall be remedied within the number of hours specified in the attached schedule 812. For example: All deployment requests shall be responded to within the hour, 80% of all deployment requests shall be resolved in four hours and 95% of all deployment requests shall be resolved with two days. |
| Support | | 1. Both parties agree that the ASP shall provide support for the Owner to match support business requirements as commercially viable. | | 2. Both parties agree that support shall use its best endeavours in a spirit of partnership to resolve peoples issues quickly. | | 3. Both parties agree that all practical steps shall be taken to protect all people from phishing attacks, hacking attacks and malware attacks. |
| Support Service Level | | 1. ASP warrant to the Owner that the support capability is and shall be fit for purpose and of the highest professional quality. | | 2. ASP shall provide to the Owner testing, data quality control, data migration, data retrieval, service restart and technical assistance as needed. | | 3. ASP shall provide to the Owner data replication, data access control, functional access control, data backup, data recovery and technical guidance as needed. | | 4. ASP shall monitor and manage for the Owner primary keys, codes, encoding, encryption and reference data such as country codes as needed. | | 5. ASP shall provide to the Owner management information, data merge, de-duplicate, data import, data export and technical support as needed. | | 6. ASP shall share support information with the Owner in the English language using the Bespoke Application Service. | | 7. ASP shall notify the Owner promptly of all changes to the Bespoke Application Service, unscheduled and scheduled downtime in a timely way. | | 8. ASP shall manage for the Owner Internet protocol address black and white security directories to professional standards. | | 9. ASP shall assign a Request Fulfilment Manager for the Owner to manage first and second level support teams to resolve support requests in a reasonable way. | | 10. ASP shall work with the Owner to determine future capacity requirements, market requirements and technology shifts that may impact on payment schedules. | | 11. ASP shall share help, advice and guidance information with the Owner and all approved people using a knowledge-base of advice via the Bespoke Application Service. | | 12. ASP warrant to the Owner that any support request shall be intelligently responded to within the number of hours specified in the attached schedule 822. For example: All support requests shall be responded to within the hour, 80% of all support requests shall be resolved in two hours and 96% of all support requests shall be resolved with one day. |
| Operations | | 1. Both parties agree that the ASP shall provide Internet operations for the Owner to match Internet operations business requirements as commercially viable. | | 2. Both parties agree that the nature of Internet operations means it cannot be warranted to 100% availability and equipment shall fail from time to time. |
| Operational Service Level | | 1. ASP warrant to the Owner that the operations capability is and shall be fit for purpose and of the highest professional quality. | | 2. ASP shall provide to the Owner with data center management, web-server, encrypted database server, communication server, email server, file transfer server and associated firewall servers as needed. | | 3. ASP shall provide to the Owner data replication, encrypted message switch, security, privacy, anti-malware and associated operational tasks as needed. | | 4. ASP shall monitor for the Owner downtime, scheduled outages, sign-ins, response times, server incidents, operational events and report exceptional behaviours as needed. | | 5. ASP shall provide for the Owner patch management, malware management, threats and hardware hygiene as needed. | | 6. ASP shall process and respond for the Owner all transactions made by approved people in a timely way. | | 7. ASP shall respond for the Owner to all audit and law enforcement requests for data. | | 8. ASP shall provide for the Owner capacity planning, disk space management and ensure that adequate hardware with sufficient capacity is always available. | | 9. ASP shall replicate data for the Owner to multiple secure remote data centers and provide safe encrypted data storage for a period of at least seven years in accordance with the Data Protection Act regulations. | | 10. ASP warrant to the Owner that data centers have an up to date environmental policy and use equipment with due environmental responsibility. | | 11. ASP shall assign a Problem Manager for the Owner to seek out all problems, to minimise impact, to circumvent defects and to prevent problems from reoccurring. | | 12. ASP shall implement for the Owner data policies that prevent data deletion, ensure that every field value change can be tracked back to a person and shall collect infallible daily logs of every transaction request. | | 13. ASP warrant to the Owner that data center physical security is of the highest quality with access control operated to the very best industry practices. | | 14. ASP warrant to the Owner that any defective Internet operational hardware or system software that impacts normal use shall be repaired or replaced within the number of hours specified in the attached schedule 832. For example: All operational requests shall be responded to within the hour, 80% of all operational requests shall be resolved in one hour and 99% of all operational requests shall be resolved with one day. |
|
|