Your SLA is the single most important document in your MSP relationship. It defines what you get, what the MSP must deliver, and what happens when they fail. Most businesses sign their SLA without reading it properly. Here is how to negotiate one that actually protects you.
Understanding SLA Basics
An SLA (Service Level Agreement) sits within your Master Services Agreement (MSA) and defines:
- Response times — How quickly the MSP acknowledges your ticket
- Resolution times — How quickly the MSP fixes your issue
- Uptime guarantees — The percentage of time your systems must be available
- Escalation procedures — What happens when issues are not resolved within targets
- Penalties — Consequences when the MSP fails to meet its commitments
The MSP's standard SLA is written to protect the MSP, not you. Your job is to negotiate terms that are fair and enforceable. Use our Contract Clause Analyser to scan your SLA for problematic language before you start negotiating.
Step 1: Understand the Current Terms
Before negotiating, read the existing SLA thoroughly. Pay attention to:
How response and resolution times are defined. There is a critical difference between:
- Business hours (9am–5pm, Monday–Friday) — A 4-hour response time means you could wait until the next business day if you report an issue at 4:30pm on Friday
- Calendar hours (24/7) — A 4-hour response time means the MSP must respond within 4 hours regardless of when the issue occurs
Many MSPs define response times in business hours, which dramatically inflates the actual wait time.
What counts as a "response." Does an auto-generated ticket acknowledgment count as a response? Or does it require a human engineer to actively engage with your issue? The difference matters enormously.
Step 2: Classify by Severity
A well-structured SLA uses severity levels to differentiate between a minor issue and a critical outage:
| Severity | Description | Response Target | Resolution Target |
|---|---|---|---|
| P1 (Critical) | Business-stopping outage | 15 minutes | 4 hours |
| P2 (High) | Major functionality impaired | 1 hour | 8 hours |
| P3 (Medium) | Minor issue, workaround available | 4 hours | 2 business days |
| P4 (Low) | Cosmetic or informational | 8 hours | 5 business days |
Negotiation tips: - Push for calendar-hour response times for P1 and P2 issues - Define what constitutes each severity level specifically — vague definitions let the MSP downgrade your tickets - Ensure resolution targets count actual fix time, not just "workaround provided"
Step 3: Define What "Response" Means
This is where many SLAs are weakest. A "response" should mean:
- A human engineer has acknowledged the issue
- Initial triage has been performed
- You have been given a realistic timeline for resolution
- A named engineer is assigned to your ticket
Red flags: - "Automated acknowledgment constitutes initial response" — This means nothing - "Response means the ticket has been logged" — Same problem - "First response may be via email" — Phone or live chat is faster for critical issues
What to demand: Response means a qualified engineer has actively engaged with your issue and provided a meaningful status update.
Step 4: Negotiate Escalation Procedures
When the MSP fails to meet its targets, there must be a clear escalation path:
Level 1: Engineer's manager is notified Level 2: MSP's operations director is contacted Level 3: MSP's executive leadership is engaged Level 4: Contract remedies are triggered
Key provisions: - Escalation should be automatic, not something you have to request - Each escalation level should have a defined response time (e.g., manager responds within 30 minutes of escalation) - The SLA should specify what happens at Level 4 — typically service credits or financial penalties
Step 5: Service Credits for Missed SLAs
Service credits are financial penalties the MSP pays when they miss SLA targets. They are your primary enforcement mechanism.
Common structures: - Percentage discount on monthly fees — e.g., 5% credit for each missed P1 target - Cumulative caps — Some SLAs cap total credits at 25–50% of monthly fees - Minimum thresholds — Credits may only apply after multiple missed targets
Negotiation tips: - Push for uncapped credits, or at minimum, a higher cap (50%+ of monthly fees) - Ensure credits apply per incident, not per month — a month with five missed targets should generate five credits - Require automatic credit application (not a manual claim process) - Negotiate credits for both response time AND resolution time misses
What is reasonable: A well-negotiated SLA should result in credits of 10–25% of monthly fees for significant P1 failures. If the MSP pushes back hard on credits, they are telling you they do not expect to meet their own targets.
Step 6: Define Exclusions Carefully
MSP SLAs typically list exclusions — scenarios where SLA targets do not apply. Common exclusions include:
- Force majeure (natural disasters, power outages)
- Client-caused issues (employees breaking things)
- Scheduled maintenance
- Third-party vendor outages (Microsoft, ISP)
Negotiation tips: - Limit force majeure to genuinely extraordinary events, not routine power outages - Define scheduled maintenance windows specifically (e.g., Sunday 2am–6am only) - Push back on blanket "third-party outage" exclusions — the MSP should have redundancy plans - Require the MSP to notify you in advance of scheduled maintenance
Step 7: Reporting and Transparency
An SLA is meaningless if you cannot verify compliance. Demand:
- Monthly SLA reports showing response and resolution times for each ticket
- Uptime reporting for all managed systems
- Incident reports for any P1 or P2 issues
- Audit rights — The ability to independently verify SLA compliance
Red flag: If the MSP says "we track SLA internally but do not provide regular reports," that is a problem. Transparency builds trust; opacity hides failure. For a full list of contract warning signs, see our MSP Contract Red Flags checklist.
Step 8: Review and Update Mechanism
Technology and business needs change. Your SLA should be reviewed annually and updated as needed. Include:
- An annual review clause (not just at renewal)
- A process for adjusting severity definitions as your environment changes
- A mechanism for adding new systems or services to the SLA
Common SLA Red Flags
Watch for these warning signs in the MSP's standard SLA:
- All response times in business hours — This lets the MSP delay critical responses over weekends
- "Best efforts" language — "We will use best efforts to resolve your issue" is not a commitment
- No escalation procedures — If there is no path when things go wrong, you are stuck
- Service credits capped at 10% — This is too low to incentivise the MSP to perform
- Broad exclusions — If everything is excluded, nothing is covered
- No reporting obligations — You cannot enforce what you cannot measure
- Unilateral amendment clauses — "We may update these terms with 30 days' notice" — this lets the MSP change the rules after you sign
Final Advice
The SLA negotiation is your best opportunity to establish expectations before the relationship begins. Once you have signed, changing terms requires mutual agreement — and the MSP has little incentive to renegotiate.
Invest the time upfront. Read every clause. Ask questions about anything unclear. And if the MSP is unwilling to negotiate on key terms, that tells you how they will behave when something goes wrong.
The best SLA is one that both parties want to meet — and that gives the client meaningful recourse when the MSP falls short.
Want to benchmark your MSP relationship? Run our MSP Health Score to see how your provider stacks up across contract, service, and value metrics.
Related Reading
- MSP Contract Red Flags: What to Watch For Before You Sign
- MSP Contract Checklist: 15 Clauses Every Agreement Must Include
- How to Choose an MSP: The Complete Due Diligence Guide
Was this helpful?