A Service Level Agreement (SLA) defines the terms under which your managed IT provider will support you: response times, resolution targets, availability guarantees, and what happens when they fall short. The gap between a well-written SLA and a vague one can be the difference between a provider accountable to outcomes and one that can always claim they technically complied.
What SLAs should cover
Response time — how quickly the provider acknowledges a ticket. A 15-minute response time SLA means someone reviews and responds to your ticket within 15 minutes of submission. Response time is not resolution time.
Resolution targets — how quickly issues are resolved, typically tiered by severity:
| Priority | Typical response | Typical resolution target |
|---|---|---|
| P1 — Critical (business down) | 15 min | 4 hours |
| P2 — High (significant impairment) | 30 min | 8 hours |
| P3 — Medium (standard issue) | 2 hours | 24 hours |
| P4 — Low (minor/cosmetic) | 4 hours | 72 hours |
Providers that publish only a single response time for all incidents should be asked how they handle emergencies.
Coverage hours — when the SLA applies. A "24/7 support" SLA that only guarantees response during business hours for non-critical issues is different from one with true round-the-clock commitment. Read carefully.
Uptime guarantees — for infrastructure or hosted services managed by the provider, what availability percentage do they commit to? 99.9% uptime allows 8.7 hours of downtime per year. 99.99% allows 52 minutes.
Service credits — what happens if the provider misses SLA targets? Meaningful SLAs include automatic credits or remediation obligations when targets are breached. An SLA with no enforcement mechanism is aspirational, not contractual.
Red flags in SLA language
"Best efforts" or "commercially reasonable" — these phrases allow providers to claim compliance regardless of actual performance. Meaningful SLAs have specific, measurable numbers.
Carve-outs that swallow the commitment — watch for exclusions like "SLAs do not apply to incidents caused by third-party software, user error, or force majeure." Overbroad exclusions can excuse almost any failure.
No reporting obligation — a provider should report SLA performance to you monthly, automatically. If they only report it when you ask, you're unlikely to get accurate data.
Resolution targets that reset on escalation — some SLAs have resolution clocks that restart each time a ticket is escalated to a new tier. A P1 ticket that gets escalated three times should still meet its original resolution target, not start over.
What to ask before signing
- What percentage of tickets did you resolve within SLA last quarter? (Ask for data, not an estimate.)
- What is your escalation path for a P1 incident at 2 AM on a Saturday?
- How do you notify us when an SLA is at risk of being breached?
- What service credits apply, and how are they calculated?
- What does the onboarding process look like, and how long before our environment is documented?
A provider confident in their performance will answer these questions directly. Evasive or vague answers are informative.
The relationship beyond the SLA
SLAs define minimums. The quality of the actual working relationship with your managed IT provider—how proactively they communicate, whether they understand your business, how they handle ambiguous situations—matters as much as contractual terms.
Reference calls with current clients are more predictive than SLA language. Ask references specifically about how the provider performs under pressure, not just in normal operations.
MicroPro's managed IT agreements include clearly defined, tiered SLAs with monthly performance reporting. Our Managed IT Services and Service Desk operate under defined response and resolution commitments.
MicroPro works with Canadian businesses on cloud, IT, and security. Book a free consultation.