Software Contracts: 10 Devilish Details - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IT Leadership // CIO Insights & Innovation
09:06 AM
Bennett Quillen
Bennett Quillen

Software Contracts: 10 Devilish Details

Don't sign on that dotted line until you review these critical criteria. Check out part two in our software contract series.

You're about to sign a contract for a core application. You've already reviewed the software's current and future capabilities, performed due diligence on the depth and knowledge of the vendor and its staff, checked references, and assessed the vendor's financial stability.

In my last column, I discussed the key terms and conditions your software vendor must include or define in the contract. So now you're all set to sign on the dotted line, right? Not yet. This column will discuss several other critical criteria you'll need to cover first.

1. Warranties and maintenance liability
What warranties or maintenance guaranties are expressed or implied in the contract? Be certain that they're clearly defined.

2. Regulatory changes and compliance
The contract must explicitly state that the software vendor is responsible for all regulatory compliance within the scope of its application.

[Looking to improve your digital business? Read Top 10 Retail CIO Priorities For 2014. ] 

Remember that such compliance includes state as well as federal regulations. Your vendor might not have previously sold its applications in your state. This requirement is of particular importance with certain kinds of applications, such as payroll, credit card, and consumer-loan processing.

3. Computational errors
The contract should specify responsibility for computational errors (not input errors); for example, incorrect rounding. The contract must define computational errors, how soon your company needs to identify them, and the extent of financial compensation the vendor must pay in the event it makes computational errors.

4. Ownership of code
Does the vendor supply you with only the object code? If so, what's your position of ownership if your vendor reorganizes, files for bankruptcy protection, or goes out of business? Your company must retain complete rights to the source code.

Image: Wikipedia.
Image: Wikipedia.

5. Software interfaces
The contract should clarify the effect, if any, of other software interfaces on the vendor's system. For example, your company might want to develop, internally or through a contract programming firm, its own interfaces to other applications, such as general ledger and customer information systems.

Non-vendor interfaces might nullify parts of the warranty, particularly responsibility for computational errors.

6. Vendor releases
Does the vendor specify the number of releases it will issue during a given period of time? This contract provision usually isn't necessary, as long as the vendor upgrades in a timely manner. However, it's wise to include provisions that the vendor will provide software releases to meet federal and state regulatory changes and to keep current with market conditions.

Who's responsible for installing the releases? This issue is particularly important if your company intends to develop its own interfaces or modify the software. The last thing you want is your version to be "out of sync" with the vendor's standard.

Bennett Quillen, a former CIO for a leading mutual fund processing firm, has more than 35 years of experience in financial industry technology, operations, cash management, and compliance. Today he provides financial institutions with project management and technology advice, ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
2/6/2014 | 6:38:20 AM
Always have a contract checked!
It is always advisable to have a contract checked by qualified lawyers. It doesn't matter if it is a supply, maintenance or developmet (hardware / software) contract - a wrongly worded contract can cost you 1000s or even your business and reputation. Search for 'contract checking services' - it is more cost-effective your might think.
User Rank: Strategist
2/5/2014 | 4:11:36 PM
Re: What About Data Breaches?
Good catch!  Yes; with all the furore over data breaches today, this should be a high profile SLA.  Thanks.  Bennett
User Rank: Ninja
2/5/2014 | 3:48:30 PM
What About Data Breaches?
This is quite the comprehensive checklist that any decision maker in any IT dept. should have handy, but I might also add that it should also include and spell out in no uncertain terms the  client's rights and responsibilities in the event the vendor's servers are hacked and data is breached.  All too often when this happens it is the innocent client (and its clients) who bears the brunt of a breach.  As long as we're spelling out/negotiating a memorandum of understanding between the parties, we may as well add data breaches while we're at it.
IT Careers: Top 10 US Cities for Tech Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/14/2020
Predictions for Cloud Computing in 2020
James Kobielus, Research Director, Futurum,  1/9/2020
What's Next: AI and Data Trends for 2020 and Beyond
Jessica Davis, Senior Editor, Enterprise Apps,  12/30/2019
White Papers
Register for InformationWeek Newsletters
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Flash Poll