How to Effectively
Evaluate an IT Contract
BY JASON KEEN & DAVID MIDDLETON
From job contracts to bank loan agreements, CFMs spend
countless hours and dollars reviewing contracts and each
has its own set of evaluation criteria.
Technology contracts are no different: They often contain
specific terms that are helpful and terms to watch for during
the evaluation process. While technology contracts may not
require as much due diligence as a job contract, contractors
should ensure the terms are favorable since company data or
operations are often at stake.
Almost every common technology product or service
requires a contract, including enterprise resource planning
(ERP) systems, cloud hosting, software product licenses,
Building Information Modeling (BIM), Customer Relationship
Management (CRM) systems, networks, threat prevention
software (e.g., virus software, firewalls), technology support, phone systems, mobile devices, Computer Maintenance
Management Systems (CMMS), and scheduling systems.
But this list only represents a fraction of available technology
solutions. With the increase of technology’s role in business,
the quantity and complexity of such contracts will continue
What sets a technology contract apart from other agreements? Let’s look at an ERP contract as an example. The
ERP is one of the most important systems to a company.
It contains a wealth of data: job cost, payables, payroll, HR,
general ledger, and financials. The accessibility, availability,
and security of such data as well as the systems that contain
the data are unique to technology contracts.
This article will focus on what questions contractors should
ask around these three key areas and will provide tips for
negotiating price before entering into a contract with a technology vendor. (Given that each technology vendor has its
own unique set of contract terms, the specifics of each type
are beyond the scope of this article.)
Every technology contract involves data: Some vendors
house data, others provide a means to transport data, and
others secure the data. Here are some key questions to ask
regarding data in the contract language:
• Which party owns the data?
• What type of access does the contractor have to the
• What type of access does the vendor have to the data?
• What type of requirements exist for working with and
accessing the data?
• Which party can modify the data?
• How can the data be modified?
• In what format is the data stored?
These types of questions are mostly applicable to software
that creates or houses data; they are not as relevant for
contracts that move or secure data (e.g., network provider
or firewall contracts).
Let’s use the previous example of purchasing an ERP to
review data accessibility-related items in a contract. Be sure to
ask about the infrastructure that houses the data. If the data
resides in a proprietary database, then issues with sharing and
integrating the data with other software may arise. Along the
same lines, ensure the contract language states that the data
stored in the system belongs to the contractor, and that the
vendor may not obtain or use the data for its own purposes.
A contractor should also determine if it can directly access
the database or if indirect data access is the only option. If
the contractor has direct access to the database, then custom
reports and integrations can occur, allowing for automation
and process streamlining. However, if the contractor does not
have direct database access, then it would not be able to create automations and custom reports without first exporting
the data, which requires extra time and resources.