SLAs in Practice
What is the difference between SLAs and KPIs?
It is important to use and apply consistently the details of the SLA agreement. Service-level achievement must be reported and reviewed between the customer and the supplier. If there are any failures to fulfill the agreed service levels, there is a possibility of breaching them, or when either party has failed to fulfill their responsibilities documented in the SLA, then they must agree on actions to be taken to investigate and resolve the reasons. If there are penalties for failure, then they must be routinely applied. One of the most common reasons for failure in SLAs with external suppliers is inconsistently ensuring the details of the SLA agreement actually occur. This includes preparing reports in the agreed format and delivered according to the schedule and applying any penalties whenever failures trigger them. If this is not done, then the supplier is more likely to challenge the customer when it eventually decides to apply the service level agreement. If both parties recognize issues with the agreement, then the SLA can be amended using the same approach as for its creation.
What is the role of SLAs in a business?
Users expect to know what levels of service they will receive. They may not be interested until they experience issues, but it is still good practice to include them in an SLA, ensuring the contents are presented in a manner users can understand. SLAs help a business to manage its suppliers, by establishing their expected performance. There is a risk to a business that publishes its SLAs to external customers without ensuring the service levels can be fulfilled. Customers will consider these service levels as promises, and will quickly become dissatisfied if they fail. Even one failure can result in lost customer loyalty.
SLAs in the digital age
SLAs in the digital age
When a business provides the same online services to multiple individual customers and users outside the organization, for example, a financial institution providing online banking services, there will usually be a single SLA for all customers, describing the services and targets they will receive. It will not be possible to obtain agreement from all of these customers, so an SLA of this type is typically agreed with a representative, such as the internal product owner in the business for those services. If there is a user group for the services, then they should be consulted about the requirements for the service levels; however, it can be challenging to obtain consensus and agreement of the final SLA.
SLAs and services provided from the cloud
Suppliers that provide commodity services via the cloud should still use SLAs, as these provide their customers with a guarantee of the level of service they can expect. This can give them a competitive advantage. Most cloud providers offer the same standard SLA with common service levels to all customers. Some offer enhanced levels of support in tiered “Gold/Silver/Bronze” SLAs, where the customer receives improved service levels if the customer pays a larger fee. Customers who purchase cloud services must generally accept the offered service levels. A cloud supplier is unlikely to customize an SLA just for them.
Reinventing the SLA
Some organizations focus on the service-level achievement of their individual IT services rather than the service customers actually receive. This often leads to what is called the “Watermelon” effect, where the SLA metrics show all is well (“Green”), but the customer is unhappy (“Red”). A typical example is when service reports show all service levels are being fulfilled even though the services had unplanned downtime during the workday. This is usually because the service levels have been designed from an IT perspective, looking at one IT service at a time. This can be avoided with a technique known as “Outside in.” SLAs should be initially designed from the customer perspective, looking at the services it consumes and its business requirements for good service. The service levels for the IT and related services, such as the service desk, should then be designed to fulfill these business requirements. This results in service levels that reflect both the customer experience and the individual IT and other services that create the experience.
Using SLAs to manage the risk of non-compliance with data protection laws
Service level agreements can help you comply with data protection laws, such as GDPR. As well as specifying targets for traditional ITSM service levels, such as availability, SLAs should also include targets for other types of requirements, including security. Having a target allows you to measure compliance. This could be as simple as a service level for responding to subject-access requests, such as when an individual wants to know the stored data about them. This is particularly important if you are using external suppliers to deliver your business services.