Software development outsourcing: how to avoid contract loopholes

Software development outsourcing: how to avoid contract loopholes
N-iX
2019-06-06T19:36:45+00:00

Signing a contract is the last stage in the vendor selection process. Once you have gone through the vendor evaluation and analysis activities, here comes the final step - forging a contract. To strike a win-win deal, businesses need to scrutinize the contract far and wide remaining no issue unsettl...

Software development outsourcing: how to avoid contract loopholes
By Marta Hlova June 06, 2019

Signing a contract is the last stage in the vendor selection process. Once you have gone through the vendor evaluation and analysis activities, here comes the final step - forging a contract. To strike a win-win deal, businesses need to scrutinize the contract far and wide remaining no issue unsettled.

This article will provide you with a handy checklist for efficient contract signing in IT outsourcing. It will help you prevent bottlenecks in further cooperation with your IT outsourcing vendor. We will discuss the most common types of contracts in software development outsourcing and the aspects you should consider to get the contract right.

Types of software development outsourcing contracts

In the world of IT outsourcing, a contract type depends heavily on the business goals of a client. At large, companies opt for outsourcing partnerships either to extend their software development capabilities, build a software product, or deliver a business solution. The types of contracts in software development outsourcing are based on three main cooperation models: dedicated development team, time & material, and fixed price. Any of these cooperation models may be used to reach various business goals. However, some of them are more effective than others in certain situations.  

types of contract in software development outsourcing

Fixed price contracts work best for small and medium projects with clearly defined requirements. Usually, a client needs to develop a solution, has a certain budget but doesn’t have enough expertise and capacity to do it internally. So the client entrusts the success of the project to a vendor. And the vendor guarantees to deliver on the client’s expectations.

In fact, it is the least flexible model since any deviation from the plan requires the complex process of change request approval. Thus, both parties need to agree on the detailed project scope, requirements, budget, and deadlines from the outset. Moreover, it is a quite expensive model of cooperation because the vendor bears all the risks and is fully responsible for the project success. As long as the majority of businesses today prefer the agile methodology, this type of contract is rarely used.

By contrast, a dedicated development team model is a viable solution for long-term projects with evolving requirements when a client needs to develop a product or extend its software development capabilities. The client receives a team of software development professionals entirely focused on the project, works closely with them to define a project roadmap, either takes part in team management or delegates it to the vendor, and has total control over the software product.

This model is highly flexible and fully adaptable to any changes. Moreover, it leads to the most sustainable results when it comes to software development outsourcing.

As for the T&M model, it is frequently used when a client needs an expert on a temporary basis on a project. Let’s say, you need the expertise of a UX designer, a DevOps engineer or a Solution Architect. As a rule, it doesn’t make sense to allocate these specialists under the dedicated development team model on full-time, because you will suffer unnecessary expenses. So it is more effective to engage these experts part-time and pay only for the work done based on the hourly rate of an IT specialist. This ensures cost-efficiency, transparency and timely delivery of the tasks.

Key points in IT outsourcing contracts you can’t neglect

  • Payment terms

One of the common hang-ups of IT outsourcing contracts is around cost. Both parties should be clear about how, when and where billing occurs. To avoid ambiguity in your contract, you have to define strict deadlines for issuing an invoice and invoice payment. There are many options available based on the type of contract. It simply needs to be articulated in advance.

Sometimes, vendors may require clients to deposit a retainer before work on the project begins. Both the client and the vendor need to be on the same page about this retainer. No one wants a missed payment because of a communication mishap.

Clients also need to be abreast of the consequences outlined in contracts for missing payments. Usually, the vendor reserves the right to stop all services to a client and dissolve a team of IT specialists in case of a payment delay longer than a certain period of time. So pay attention to this term when signing a contract.

  • Liability & Warranties

In IT outsourcing contracts, liability clauses are the most important because they define clear limits of responsibility for both parties. When entering into IT outsourcing agreement, it is essential to pay attention to a liability cap. The liability cap helps to balance the risk between the parties by mutually limiting their liability to each other to a certain amount. It can be either a fixed amount or a percentage of the fee. In fact, the liability cap is a very useful tool for risk management that helps businesses control their maximum potential financial exposure.

Besides that, IT outsourcing contracts often include warranty clauses under which a vendor guarantees that a given piece of software or hardware has a certain level of quality and reliability. Please note that warranty clauses are usually included in the fixed price contracts only, where a vendor takes responsibility for the overall success of a project and guarantees that the project will be delivered within quality expectations. In time & material and dedicated development team contracts, the vendor’s team is responsible only for the timely delivery of tasks according to the requirements set by the client.

  • Notice periods

A notice period is a time frame a client gives to a vendor so that a latter could change the composition of a team. The length of a notice period is a crucial issue since it determines smooth project execution and delivery. In the contract, it is necessary to agree on the reasonable notice periods with a vendor to ensure easy project implementation and handover. Therefore, one should understand the true value of a notice period.

One type of a notice is associated with ramping up and ramping down a team of outsourced developers. For businesses that grow rapidly, it is essential to have the possibility to scale and shrink the team within the shortest time frames. Depending on the tech stack and the local tech talent market, the length of notice period about extending or shrinking a team with one IT specialist may range from 1 to 3 months.

Another type of a notice refers to contract termination. In fact, an early notice from the client about dissolving a team is important for vendors to have time to organize a smooth knowledge transfer. The knowledge transfer process requires a step-by-step approach and may last from one to five months depending on the project scope. As a rule of thumb, the stronger your partnership with a vendor is, the longer notice periods about dissolving a team should be. For contract terms between three and seven years, it is common to have notice periods of between 6 and 12 months.

  • Confidentiality and data protection

A vendor should establish high standards for data protection and security across the enterprise. First of all, IT outsourcing companies should undertake recurrent internal audits of its compliance with the security controls and policies. They shall implement an Information Security Management System which conforms to the requirements of international standards, laws, and regulations. For instance, if a company is ISO/IEC 27001certified, it means it implements a wide range of administrative and technical controls to ensure confidentiality, integrity, and availability of information assets. Another standard, PCI DSS is required to process credit card data. Whereas, compliance with HIPAA is required when working with personal health information.

To ensure data protection and compliance with GDPR, a vendor should consider the deidentification, reidentification, and anonymization of data in big data sets. Vendors should protect data from loss, destruction, falsification, and unauthorized access according to legislative, regulatory, contractual and business requirements. They have to ensure secure log-on procedures, password management, cryptographic keys management, network security, and information asset management. And employees should sign a non-disclosure agreement that prohibits to share business-sensitive information amongst people who are not authorized to have access to it. Moreover, vendors should also ensure the office security to prevent unauthorized visitors from the premises.

  • Intellectual Property rights

Customers often voice concerns about source code ownership when outsourcing software development. To prevent any unexpected IP issues, the contract should explicitly provide for client’s ownership of any intellectual property that is created during the execution of the contract.

Please note that in case of payment delay or when there is a plausible reason to believe that no further payments will be made by the client, vendors usually reserve the right to reuse any deliverables that remain unpaid. However, when all invoices have been paid in full by the client, the vendor has to relinquish this right of reuse and the client shall own all right, title and interest in such deliverables.

  • Non-solicitation clause

People are the most valuable resource for software development outsourcing companies, thus vendors usually indicate high penalties for poaching employees. Non-solicitation penalties are fees that clients pay to a vendor if they hire the vendors’ employees or if a third party (another vendor) hires them. In fact, outsourcing vendors spend a lot of money to hire, train and manage their employees. Therefore, they should be fairly compensated if the employees are hired away from them.

However, if a client wants to relocate employees and further work with them on other projects without the help of a vendor. Both parties can agree on the terms under which a vendor allows direct cooperation between the client and employees. All this should be clearly presented in the contract. So don’t overlook this clause when negotiating a contract with a software development outsourcing vendor.

  • Jurisdiction

The market for software development outsourcing services has gone global. IT outsourcing contracts are often international, where a client and a vendor are based in different countries. So one of the main cornerstones of your contract with an IT outsourcing vendor is the jurisdiction to which it is subjected. It's extremely important for the parties to negotiate what will be the governing law of the contract as well as what dispute resolution process will look like, should the case be. The parties may go to the local court or opt for international arbitration in countries such as Paris, Vienna or others that provide neutral forums for dispute resolution.

Closing notes

It is hard to select the right software development outsourcing company, but what is more challenging is to negotiate and sign a solid business agreement. A poorly assembled contract may have a detrimental impact on your business leading to unexpected outsourcing bills, loss of control over the quality, and compromised information security. To avoid running such risks, both parties should thoroughly negotiate an IT outsourcing agreement paying special attention to such aspects as payment terms, liability, notice periods, confidentiality, IP rights, non-solicitation terms, the governing law and a forum for dispute resolution.

Depending on the type of contract, some of the clauses regarding these issues may vary. Thus, you should carefully review the contract to weed out all the gotchas from the outset. So the process of rigorous contract negotiation is worth all the effort since it provides transparency and safety into customer-vendor relationships.

HAVE A QUESTION?

SPEAK TO AN EXPERT

SHARE:
By Marta Hlova June 06, 2019

Related Articles

About N-iX

N-iX is an Eastern European provider of software development services with 900+ expert software engineers onboard that power innovative technology businesses. Since 2002 we have formed strategic partnerships with a variety of global industry leaders including OpenText, Novell, Lebara, Currencycloud and over 50 other medium and large-scale businesses. With delivery centers in Ukraine, Poland, Bulgaria, and Belarus, we deliver excellence in software engineering and deep expertise in a range of verticals including finance, healthcare, hospitality, telecom, energy and enterprise content management helping our clients to innovate and implement technology transformations.

Connect with our experts
Get in touch