by David F. Carr

5 Things You Need to Know about Software-as-a-Service Contracts

Oct 12, 2009

How CIOs can guarantee secure SaaS contracts.

Think service. Vendors may “try to squeeze SaaS terms and conditions into a software contract,” says Azzarello Group consultant Nick Goss. A CIO needs to address how this relationship is different. Both established vendors and startups have latched onto SaaS as an easy route to market because it simplifies distribution of code, says Goss. But beware of those who may be “more focused on accruing customers than assuring reliable levels of service,” he warns.

Get guarantees. Harrison Lewis, CIO at the grocery chain Haggen, negotiates application-specific protections. When Haggen signed with a SaaS human resources and payroll vendor, Lewis made the vendor guarantee to support the application for at least 10 years or pay a penalty. He also required software escrow, in case the vendor went out of business. “I’m looking to mitigate the risk, so what I put into the contract are the worst-case scenarios,” Lewis says.

Understand what you are giving up. Lewis notes he no longer has the option of sticking with an older version of the application. “Under SaaS, when the vendor goes to version 10, guess what? Here we go!” he says. So rather than controlling the schedule, he insists on getting adequate notice to address issues such as training.

Watch out for rogue deployments. One CIO Goss knows was embarrassed to find out his firm had adopted a SaaS application for a serious business function without his knowledge. “He only found out about it because someone commented that it wasn’t performing very well,” Goss says. At Haggen, the CFO wouldn’t let such a contract be signed without Lewis’s consent. “If it has any smell of technology, he brings it to me,” he says.

Resistance is futile. SaaS can be a good match for many business goals, so “a CIO trying to stand against this is going to be perceived as showing a remarkable lack of business judgment,” Goss says. “You might as well work out a way for it to happen that makes it safe so it’s not going to come back and bite you.” By becoming an advocate for SaaS where it’s appropriate, you can play a bigger role in selecting the right services and negotiating contracts to make them manageable.