General SOW Requirements and Considerations

Scope of Project – This is a high level overview of the project to be accomplished. It’s an assertion of
what the customer seeks and a confirmation of what the provider offers.

Example: Customer desires and vendor provides site monitoring and maintenance that include remote
network equipment monitoring and alerting, remote and on-site repair and maintenance, and on-site
outage response services in Houston, Dallas and El Paso.

Roles and Responsibilities – This is where the document establishes both customer roles and
responsibilities and vendor roles and responsibilities.

Example:

- Customer Roles and Responsibilities

o Site access at all three locations
o Purchase and delivery of network equipment
o Configuration design for all network equipment
- Vendor Roles and Responsibilities
o Respond to network outages in accordance with SLA’s
o Respond to customer requests in accordance with SLA’s
o Provide any network drawing updates as changes occur

Deliverables – This is usually a list of relevant tangible items from vendor to customer that may
generate a payment and are very specific to tracking progress on the project. However, not all
deliverables are associated with a payment.

Examples:
 Conduct site inventory and provide updated inventory list and schematics.
 Weekly status reports.

Schedule – A timeline of the project with critical milestones/deliverables noted.

Example(s): This could be as detailed as a Microsoft Project schedule, or it may be as simple as a start
and end date. A Schedule may include a list of deliverables with dates (e.g., “Deliver three security
forums and three web forums prior to June 15, 2014.”)

Service Levels/Service Level Agreements (SLAs) – Service Levels enable the customer to specify service
level expectations for the services being performed. Service Levels may be tied to response times for
service, uptime of a network, mean time to repair (MTTR), or similar measures.

Examples:
 Vendor will respond to outages within two hours of notification.
Vendor will provide a status within 4 hours of outage notification.
Acceptance Criteria – Acceptance criteria enables the customer to define what is required for
deliverables or milestones to be approved for payment or for the vendor to move on to the next step of
the project.

Examples:
 Customer must approve in writing any updates to the network diagram drawings.
Customer will verify and approve in writing any updates to site inventory lists.

Pricing and Payment Schedules/Milestones – Pricing and Payment Schedules/Milestones may be tied to
Deliverables as noted above, but may also be tied to completion of phases of a project as long as vendor
demonstrates task completion and tracking toward project goal.

Example: Project phases that may generate payments:

- Report of current business practices

o May include personnel interviews, write ups, review of IT platforms, etc.
- Gap analysis report
o This would include the vendor tasks of identifying the end goal of the customer,
analyzing current systems and processes, and drafting the gap report.
- Final assessment report

Assumptions – This is a list of assumed actions that may be directly or indirectly related to the project
that either the customer or the vendor want to note in writing before the project starts.

Examples:
 Assume all equipment to be inventoried will be on respective site.
 Customer will procure all necessary equipment for project.

General Items for Consideration

 Have appropriate Contract and Legal representation participate in the SOW process.
 Have a non-technical staff member review the SOW for clarity of language.
 Relevant requirements from applicable Texas Administrative Code standards (e.g., 1 TAC 202
Information Security Standards, Texas Government Code 2054 Subchapter M, 1 TAC 206; and, 1
TAC 213, Electronic and Information Resources (EIR) Accessibility)

DIR Tele Managed Service Contracts SOW Requirements and Processes:

- Vendors are to submit two monthly reports to DIR by the 10th of each month
o High Probability Prospects Report
o Sales Activity Report
- SOW’s are to be submitted to DIR for review and approval
o Vendor’s responsibility
o Submitted to [email protected]
o DIR has 15 business days to review and approve

To view the Managed Services for Telecommunications Contracts visit the DIR website and search for
“Managed Services for Telecommunications”.
Effective SOW’s for Deliverables Based IT Services (DBITS)

Features of DBITS Contracts - Contracts with multiple vendors in up to nine (9) Technology Categories.
Each customer issues SOW to contracted vendors. Each SOW may ONLY be for up to $10 million
including renewals, amendments and extensions.

 Benefits to Customers and Vendors

o Shortened lead times
o Reduced cost
o Flexibility to meet individual customer needs

 DBITS Technology Categories

o Application Development
o Application Maintenance and Support
o Business Intelligence (BI) and Data Warehouse
o Enterprise Resource Planning (ERP)
o Independent Verification and Validation (IV&V)
o Information Technology Assessments and Planning
o Project Management
o Service Oriented Architecture (SOA)
o Technology Upgrade/Migration and Transformation

To view definitions of DBITS Technology Categories visit our DBITS page (Click on “Available
Deliverables-Based IT Services”).

 DBITS SOW Template – Appendix C

o Customers complete the SOW template
o Vendors provide written response (Vendors may only respond to SOWs for the
Technology Categories awarded under their contract)
o Customers may include additional terms and conditions and negotiate T&C’s to
meet specific business needs – any T&C’s negotiated shall not weaken or
conflict with the DIR contract
o Vendor shall provide services in accordance with its DIR contract and the
Customer’s SOW

 DBITS SOW Considerations – Each of these elements are described in the DBITS SOW
example – Appendix C.
o Each of these elements should be considered and defined within the SOW so
that there is no question on the outcome of expectations
 For example: under the deliverables submission/format – describe the
adequate time for review and acceptance of the deliverable. Another
area to consider adequate time for review and acceptance would be for
invoices/payments
 For example: additional terms and conditions that do not weaken the
contract T&C’s could be that the vendor is required to sign a non-
 disclosure agreement (NDA). Another area to consider would be explicit
security requirements a customer has policies for.

 Deliverables – Defining and Describing

o Consider defining deliverables within each phase of a project. For example:
 Phase 1 – Project Initiation Phase
 Deliverable: Project plan (including GANTT chart, all steps/tasks,
review and revision timeframes
 Deliverable: One (1) project kick-off meeting on customer site
 Deliverable: Monthly project reports

 Phase 2 – Business Process Analysis

 Deliverable: Business requirements document
 Deliverable: Technology assessment report

 Phase 3 - Design and Development

 Deliverable: System Design Document (SDD) for the data flow
 Deliverable: PDF entry forms for data input
 Deliverable: Data flow implementation guide
 Deliverable: Test plan

 Phase 4 – Migration and Data Flow

 Deliverable: Production setup plan and schedule
 Deliverable: Migration task list for installs
 Deliverable: Production system installed, tested and validated

 Phase 5 – Conduct End-User Training

 Deliverable: End user training documents
 Deliverable: Training plan
 Deliverable: User training sessions
 Effective SOWs for Cloud Services

I. Overview of Cloud Contracts

A. Cloud Services Categories

1. Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer

(DIR Customer) is to provision processing, storage, networks, and other
fundamental computing resources where the consumer is able to deploy and run
arbitrary software, which can include operating systems and applications. The
consumer does not manage or control the underlying cloud infrastructure but has
control over operating systems, storage, deployed applications, and possibly
limited control of select networking components (e.g., host firewalls).

2. Cloud Platform as a Service (PaaS). The capability provided to the consumer (DIR
Customer) is to deploy onto the cloud infrastructure consumer-created or acquired
applications created using programming languages and tools supported by the
provider.

3. Cloud Broker. A cloud broker is an entity that manages the use, performance and
delivery of cloud services, and negotiates relationships between cloud providers
and cloud consumers. A cloud broker acts as the intermediary between consumer
and provider and will help consumers through the complexity of cloud service
offerings and may also create value-added cloud services.

4. Cloud Assessment. The purpose of the cloud assessment is to assist an

organization in establishing a strategy and roadmap for moving applications to the
cloud. The assessment will enable the customer to identify candidates for cloud
services, identify risks and benefits based on a set of criteria such as operational
readiness, security, application characteristics, complexity, cost, etc. The cloud
assessment may be provided as a service, as a tool to be used by the customer or a
combination.

B. Current Cloud Contracts

To view the Cloud Services Contracts, visit the DIR website and search for any of the four
cloud categories: Infrastructure as a Service, Platform as a Service, Cloud Broker and Cloud
Assessment.

II. SOW Templates

For Cloud Services, it is particularly important to have Vendors sign a Non-Disclosure Form
since much of what they review will include sensitive network data.

A. Cloud Assessment
The goal of the Cloud Assessment Services Sample SOW is to help agencies determine
the criteria for a Cloud Assessment. Items for potential review include applications to
be assessed for possible transfer to the Cloud and functions to be assessed for capacity
 to implement and use defined cloud services. In most cases, the Cloud Assessment will
result in a report for the Customer to use to determine whether or not to use cloud
services. Possible items for report inclusion include a cost/benefit analysis and a risk
assessment.

B. Cloud Services – IaaS, PaaS, Cloud Broker

The goal of the Cloud Services Sample SOW is to help customers determine the technical
requirements and associated items to address when to obtaining cloud services.
1. Cloud Service Issues/Considerations
a) Technical Requirements – Includes Disaster Recovery/Backup/Security/Location
of Data/Privacy. Also customer loaded software.
b) Service Level Agreements (SLAs) – Many DIR Contracts include approved vendor
service agreements with agreed upon minimum SLAs.
i. Customers should determine their acceptable level of downtime and match
that to the appropriate service provider.
1. Some providers are flexible and can tailor their offerings to meet
customer needs. The increased ability for customization generally
comes at an increased cost.
2. Some providers are less flexible but have a lower cost.
c) Acceptance Criteria
i. Acceptance Criteria can be diverse depending on the Cloud Service
1. For some Cloud Services, there is a defined period of acceptance.
2. For other Cloud Services, provisioning through a self-service portal
equals acceptance/billing commencement.
d) Customer Reporting Requirement
i. Table 8 lists Sample Reports. Vendors have varying levels of possible
reporting customization.