This Agreement represents a Service Level Agreement (“SLA” or “Agreement”) between the buyer and Cloud Services provider.
The purpose of this agreement is to facilitate implementation of Cloud Measures at the buyer’s premises. The service provider would provide the required equipment and personnel for the mentioned shifts as per the requirements of the buyer.
This Agreement outlines the scope of work, Stakeholder’s obligation and general terms and conditions of all services covered as they are mutually understood by the stakeholders.
The Agreement remains valid until superseded by a revised agreement mutually endorsed by the stakeholders.
The four main stakeholders associated with this SLA are:
1) Service Provider(s)
2) Buyer
3) Paying Authority
4) Statutory/Compliance Authority
The responsibilities and obligations of the stakeholders have been outlined in this document. The document also encompasses payment terms and penalties in case of non-adherence to the defined terms and conditions. It is assumed that all stakeholders would have read and understood the same before signing the SLA.
Objective and Goals
The objective of this Agreement is to ensure that the proper elements and commitments are in place to provide consistent delivery of service to buyer by service provider.
The goals of this Agreement are to:
The agreement can also be modified on the mutual agreement of all the involved stakeholders
Thus, the agreement will act as a reference document that both the parties have understood the aforementioned terms and conditions and have agreed to comply by the same.
Cloud service offerings for a combination of the Deployment Models (Public Cloud, Virtual Private Cloud and Government Community Cloud): Infrastructure as a Service (IaaS)
Cloud service provider must comply to the requirements in the offerings of Infrastructure as a Service as mentioned by Meity:
The Service as a Minimum should include the following:-
Inclusions in IAAS packages as per Meity guidelines |
|
DDOS Protected Internet |
Included |
VLAN |
Included |
Shared- Load Balancing |
Included |
Shared Networking- Switching & Routing |
Included |
Managed Firewall |
Included |
Database & Operating System Managed Services |
Included |
The payment will happen monthly, quarterly, or annually as selected in the Service Order.
The monitoring software would help monitor the actual hours of usage in the selected time period and the billing would be adjusted as per actual usage for that billing cycle.
The deviation of usage hours mentioned during purchasing the service and the actuals should be within 25%.
Eligibility Criterion for Service Provider is as mentioned by MeitY
For the Departments to ensure that the Cloud Service Providers adhere to the Service Level Agreements, this section describes the Penalties which may be imposed on CSPs. In case these service levels cannot be achieved at service levels defined in the agreement, the departments should invoke the performance related penalties. Payments to the SP to be linked to the compliance with the SLA metrics laid down in the agreement.
Service Levels |
||||
NO. |
Measurement |
Target Uptime |
Severity |
Penalty |
1 |
Availability of Critical Services (e.g., Register Support Request or Incident; Provisioning / De-Provisioning; User Activation / DeActivation; User Profile Management; Access Utilisation Monitoring Reports) over User / Admin Portal and APIs (where applicable) |
Within 15 Minutes after the approval of the request by the concerned Authority |
Non Critical |
Level 1- 0.25% of <Periodic Payment> for every hour up to the maximum capping of 5 hours. Level 2- Beyond 5 hours, 0.5% of <Periodic Payment> for every 1 hour |
2 |
Uptime of cloud Solution- Storage, Network, Virtualisation Layer, Virtual Operating System, Cloud Security Layer |
99.75% |
Critical |
Default on any one or more of the provisioned resource will attract penalty of 0.5% of <Periodic Payment> on fall of every 0.25% below 99.75%. |
3 |
Security Breach |
|
|
10% of the Contract Amount or termination as deemed fit by the Buyer Department along with Legal Action |
4 |
Data Loss |
|
|
1% of the bill amount per incident |
5 |
Cumulative Penalty |
|
|
Cannot exceed 10% of the contract value after which the contract stands cancelled |