As proposed by the North American Electric Reliability Corp., the new critical infrastructure protection (CIP) standards charge utilities with identifying their own critical assets and related...
Outsourcing, Reliability, and IT: When will the Three Meet?
maintenance, additional SLAs can be defined in terms of metrics, including efforts to rework secondary defects, percentage of service requests completed on time, overrun on service requests, and capacity utilization by category of service requests.
Going for Gold: Defining Priorities Is Key
Based on the dimensions of criticality, priority, service hours, and response time, it is a good idea to segregate different parts of the CIS suite into categories of gold, silver, and bronze service levels. For example, an online CIS application used by CSRs and requiring the most up-time may be classified as gold. Certain weekly or month-end jobs where near perfect up-time is not required may be classified as silver, and in-house IT tools for development or maintenance that are not customer-facing could be classified as bronze.
It is worth emphasizing that classifying applications into service-level groups varies throughout the industry. An over-cautious approach results in a higher-cost and lower added value to the customer, while cutting corners can compromise the reliability of the system. The contribution of an experienced outsourcing service provider becomes very critical in defining such a framework.
Moreover, planning involves defining the SLAs. How does a CIS manager ensure that the plan works operationally? For every application an escalation hierarchy should be defined to ensure that incidents are escalated in a timely fashion. An incident escalation hierarchy should include both the client organization and the organization of its outsourcing partner. A rigid escalation hierarchy ensures that adequate attention to SLA compliance has been given. The mode of escalation should be agreed upon based on cost and outsourcing partner experience in providing the agreed service.
The challenge to working the plan lies in how well the SLAs have been drafted and how well they work operationally. An SLA that works in theory but is unreasonable operationally because of politics or organizational structure will need to be reworked. Another important aspect of keeping SLAs working operationally is performing periodic reviews. Reviews between the CIS manager and outsourcing partner management ensure that SLAs are kept up-to-date and functioning.
A CIS manager and an outsourcing partner can agree to a set of SLAs ensuring service reliability of a CIS application, but without commitments from the underlying infrastructure team, the outsourcing partner may not be able to meet its agreements. Dependencies on an outsourcing partner's SLAs must be identified. For example, an agreement to support a client's CIS residing on their mainframe commits the outsourcing partner to respond to an incident within 10 minutes at least 90 percent of the time. Mainframe uptime is ensured to be above 95 percent. Likewise, the link to connect the outsourcing partner to the client's mainframe, such as a leased line, remote access, Citrix solution, terminal server, or PCAnywhere also must have a higher standard of reliability.
This becomes even more important when the outsourcing partner is offshore and working across different time zones. Regular services such as database administration or systems programming, which are deemed to be present during regular business hours, may not be present at the same level during night hours when