Updating your master and service agreements should be a regular activity for MSPs, especially if you haven’t done it recently. For those of you who dread reviewing your legal documents, here are some helpful hints and reasons for how and why you should do this.
Service Catalog Updates
Most MSPs have frequent changes (at least annually) to their service delivery catalog. If you haven’t changed your service catalog in at least a year, you’re probably outdated and risk becoming irrelevant, but that’s a different article.
Updates to your service catalog need to be reconciled with your agreements to ensure you are updating response times, accurate limitations of liability and scope, etc.
There are few places on Earth not currently impacted by changes to data privacy laws. Data privacy laws like GDPR, CCPA, and general data breach notification requirements, do have a direct impact on the vast majority of MSPs practicing in those regions.
Your MSP legal documents need to reflect how your organization demonstrates compliance with these laws, what you offer, and what you do not offer, and articulate where the risk is and how it is spread between MSP, external service provider, and customer.
Lastly, your agreements should provide an unambiguous statement about risk and how it is handled in the managed services relationship. Through the use of cyber MSP insurance, a well crafted legal document, and an easy to understand and definale service catalog, risk can be more easily communicated to customers.
While it does not have to be a complete re-writing of your legal documents, you should have a regular review to make sure you are not missing something important.