Welcome to this, the sixth edition of The ISO27000 Newsletter, designed to keep you abreast of news and developments with respect to the ISO 17799 information security standard.
The information contained is free to our subscribers and provides guidance on a range of practical issues, plus commentary on recent Information Security incidents.
MORE ON SERVICE LEVEL AGREEMENTS - THE SLA
Service Level Agreements are covered in the fourth chapter of ISO/IEC 17799 and it is important that both the Supplier and the Buyer of IT and other services fully understand the implications and responsibilities inherent in such agreements.
Aservice level agreement is effectively a proxy contract that the two parties have negotiated and signed, specifying the terms and conditions under which the service delivery is to be applied.
Both parties must clearly understand their respective roles and responsibilities in respect of the delivery of these services and this information is usually included the SLA. The Supplier and the Buyer are identified together with a statement of expectations and abilities. The Purchaser/User should also fully understand the cost of receiving these services and the basis for the calculation of those costs. The Supplier is accountable for the quality and performance levels of the services and the service availability.
A comprehensive and interactive electronic guide to simplify the preparation and understanding of SLAs is now available. Further information can be found at: http://www.service-level-agreement.net