Desktop version

Home arrow Computer Science

  • Increase font
  • Decrease font


<<   CONTENTS   >>

Collecting Basic Deal Information

Checklist

Basic Principles

□ Marshal basic information

□ Value of proposed transaction?

□ Term of agreement?

□ Criticality of technology to business?

□ Unique regulatory issues?

□ Other foundational information?

□ Circulate a “deal memo”

□ Circulate a “term sheet”

Describe the Engagement

□ What is the deal about?

□ Business advantage from contract?

□ Use nontechnical English

Useful Life

□ Anticipated duration of contract

□ Desired renewal terms

□ Duration of services rendered

□ License for years or perpetual?

□ Renewal rights

□ Costs for renewal

Expected Fees

□ Compensation to vendor

□ Breakdown of first-year fees

  • - License
  • - Professional services
  • - Implementation
  • - Customization
  • - Hardware
  • - Telecommunication

□ If no fees, good faith estimate

□ When to use customer’s form

Performance

□ Customer-facing application?

□ Location for service performance?

□ Offshore vendor?

□ Vendor uses offshore partners/affiliates?

□ Vendor uses subcontractors? If so, who?

□ Location for vendor performance?

□ Vendor provides hosting services?

Intellectual Property

□ Will the customer want to own vendor-created IP?

□ Vendor cannot share with competitors?

□ Vendor cannot share with industry?

□ Vendor has access to sensitive IP?

Personal Information

□ Vendor access to personally identifiable information?

□ What information is at risk?

□ Financial account information?

□ Health information?

□ Social Security Numbers?

□ Legal and regulatory requirements

□ Transmission across international borders

Information Security

□ Vendor access to sensitive customer data?

□ Cloud computing—based service?

□ Hosting service?

□ Is vendor sole custodian of customer data?

Unique Issues

□ Vendor’s financial situation is suspect

□ Vendor is subject of litigation

□ Vendor had recent security breach

□ Performance constraints

□ Substantial regulatory/compliance issues

Overview

Before any proposed technology contract can be reviewed, certain basic information about the deal must be marshaled. This includes the value of the proposed transaction, the term of the agreement, the criticality of the technology to the business, how long to implement, unique regulatory issues (e.g., is sensitive personally identifiable data at risk?), and other foundational information. While this process may seem self-evident, it is common for businesses to rush forward in the review of a proposed technology contract without this critical information.

In our experience, moving forward without a clear understanding of the “deal” can result in misunderstandings with the vendor, failure to achieve an adequate and appropriate contract, delays in negotiations, and increased costs. For example, it would likely not be appropriate to require the same level of contractual protection in a $20,000 off-the-shelf license agreement as one would require in a $20 million custom software development deal for a critical client-facing application. Similarly, it would probably not be fruitful to propose extensive information security language in a contract that does not involve highly sensitive information. Finally, it would be all but impossible to impose one-off service level obligations in a small, noncritical Application Service Provider (ASP) deal, but those obligations may well be entirely appropriate in a large-scale transaction.

While the foregoing may seem obvious, we frequently see businesses proposing contract terms that are inappropriate for the contemplated engagement. In most cases, the problem arises from a failure to assess the transaction adequately from the outset. Tire reason for that failure is almost always a lack of clear foundational information about the transaction.

In this chapter, we identify key areas for which information should be obtained and understood before any review of draft contracts commences. By assessing this information, businesses can make more informed decisions about their proposed technology engagements and ensure their contracts are appropriate to those engagements. This list is not intended to be exhaustive. Other issues unique to a particular transaction or business should be added and, of course, the vendor should conduct appropriate due diligence.

Many businesses now require the foregoing information to be recorded in an internal “deal memo” and circulated to all relevant stakeholders (e.g., risk management, legal counsel, information security, and, of course, senior decision-makers). The deal memo is different from and should not be confused with a “term sheet,” which is designed to summarize the business terms of the deal. The term sheet will be circulated between the vendor and the customer. The deal memo is intended to be a purely internal document to educate relevant company stakeholders regarding the transaction. An example deal memo is provided at the end of the chapter.

 
<<   CONTENTS   >>

Related topics