MSP Selection & Contract Review – Cloud IT Manager

ITSM · MSP Selection & Contract Review

Don't Sign
Until Someone's
Read the Small Print.

MSP contracts are written to protect the provider. We have decades of experience spotting the exclusions, ambiguities, and grey areas that turn into expensive surprises — and we help you navigate them before you sign.

Get Independent Advice
Contract Review — Risk Summary 6 issues found
Service Levels 2 issues
⚠️Response time undefined for P2 incidentsGap
⚠️SLA credits capped at 5% of monthly feeReview
P1 response: 1 hour — clearly definedClear
Scope & Exclusions 3 issues
⚠️Security patching not included in base feeGap
⚠️Out-of-hours support excluded — addendum requiredGap
⚠️Vendor liaison scope is ambiguousClarify
Exit & Data 1 issue
⚠️Data return timeline on exit not specifiedGap
Notice period: 90 days — reasonableClear
Reviewed by Cloud IT Manager Action required before signing

The Problem

MSP contracts are written
to protect the MSP.

Most MSP proposals look comprehensive at a glance. But the detail — the exclusions, the caveats, the definitions of "reasonable endeavours" — is where the real picture emerges.

By the time most organisations discover the gaps, they're already locked in. A service credit worth 5% of a monthly fee doesn't come close to covering the cost of an outage. An ambiguous scope clause means the work you assumed was included is now a billable project.

We've seen these patterns across decades of IT contract management. We know where to look — and what to push back on.

Common Contract Red Flags
📄

Vague scope definitions — "reasonable support" means whatever they decide it means

⏱️

SLAs without teeth — credits so small they're not worth claiming, and breach definitions buried in schedules

🔒

Undefined security responsibilities — who's accountable for patching, MFA, and incident response?

🚪

Painful exit terms — data return timelines not specified, knowledge locked away, 6-month notice periods

💸

Hidden charging triggers — "moves, adds, changes" and project work excluded from the base fee

⚖️

Liability caps that limit your recourse to a fraction of what a serious incident would actually cost

What We Do

Two ways we help you get this right

Whether you're choosing a new MSP or reviewing an existing contract, we give you independent, experienced advice.

🔍

MSP Selection Support

We help you define what you actually need before you go to market — so proposals are evaluated against your real requirements, not the MSP's preferred narrative.

Define service scope, response expectations, and escalation paths based on your environment
Document security responsibilities — who owns patching, MFA, incident response, access management
Specify tooling and reporting requirements so visibility is built in from the start
Review and compare proposals objectively — cutting through marketing language to what's actually on offer
Produce a weighted scorecard so the decision is evidence-based and defensible
⚖️

Contract Review & Risk Reduction

We review MSP contracts in detail — identifying what's clear, what's ambiguous, and what needs to change before you sign or renew.

Identify exclusions and gaps in scope — what you think is covered but isn't
Assess SLA definitions — are response and resolution targets realistic and enforceable?
Review security obligations — data handling, breach notification, access controls, sub-processors
Examine exit terms — notice periods, data return, knowledge transfer, and lock-in risk
Translate technical and legal wording into plain English so you can make an informed decision

What We Check

Every clause that matters

These are the areas we review in every MSP contract — and where we most commonly find issues.

📋

Scope of Services

What exactly is included? What's expressly excluded? Where are the grey areas that will become disputes?

⏱️

SLAs & Response Times

Are targets realistic? How is "incident" defined? What happens when SLAs are missed — and is the remedy meaningful?

🔒

Security Responsibilities

Who owns patching, MFA enforcement, access reviews, and incident response? Is it explicit or assumed?

💸

Charging & Extras

What triggers additional charges? Are moves, adds, changes, and projects included — or chargeable by default?

🚪

Exit & Transition

What's the notice period? What happens to your data, tooling, and documentation when you leave?

⚖️

Liability & Indemnity

What's their maximum liability? Does it bear any relation to the actual cost of a serious incident or breach?

📊

Reporting & Visibility

What reporting is provided? At what frequency? Is there a minimum standard for transparency and performance data?

🔗

Sub-contractors & Third Parties

Who else touches your systems? Under what terms? Are security and data handling obligations passed down?

What Good Looks Like

With us vs without us

The difference independent contract review makes — before you sign.

Area Without Independent Review With Cloud IT Manager
Service Scope Assumed from the proposal summary — exclusions discovered later Scope mapped line by line. Gaps identified and negotiated before signing
SLA Enforcement Credits too small to matter. Breach definitions vague enough to avoid SLA definitions reviewed. Remedies assessed for practical value. Wording tightened
Security Responsibilities Split assumed — often wrong. Gaps only found after an incident Explicit ownership mapped across patching, access, monitoring, and IR
Exit Terms Difficult exit discovered when you try to leave. Data locked, transition expensive Exit terms understood upfront. Data return, notice, and transition documented
Additional Charges Surprise invoices for work assumed to be included Charging triggers identified. Scope of base fee clearly defined
Provider Selection Chosen on price or relationship. Requirements not clearly defined Requirements documented. Proposals scored objectively. Right provider chosen

* Based on common patterns observed across years of IT contract management and MSP reviews

Why Independent

No vendor relationships.
No preferred suppliers.

We're not a reseller, a broker, or an MSP ourselves. We don't earn referral fees or have commercial relationships with providers we might recommend.

That means our advice is genuinely independent. We're on your side — helping you choose the right provider and understand what you're signing, not steering you towards a particular outcome.

Our goal isn't to slow the process down or make it more complicated. It's to make sure you go in with clear eyes — and avoid the issues that stem from unclear expectations and poorly defined contracts.

🎯

Vendor Neutral

We don't recommend providers we have a commercial relationship with. Our advice is based solely on what fits your requirements.

🔍

Decades of Experience

We've reviewed contracts across industries and provider types. We know where the risks hide and what good looks like.

🗣️

Plain English

Technical and legal wording translated into decisions you can actually make — no ambiguity, no unnecessary jargon.

Practical & Fast

We don't slow the process down. We provide focused, actionable advice that protects you without dragging things out.

How We Work

From brief to confident decision

A straightforward process — whether you're selecting a new MSP or reviewing an existing contract.

01

Understand Your Situation

We start by understanding your environment, your current supplier relationships, and what you're trying to achieve — so our advice is relevant and proportionate.

  • Current IT setup, team, and supplier landscape
  • What's working, what isn't, and what you need to change
  • Timeline, budget, and decision-making process
02

Define Your Requirements (Selection)

If you're selecting a new MSP, we help you build a clear requirements document — covering scope, SLAs, security responsibilities, tooling, reporting, and escalation. This becomes the basis for evaluating proposals.

  • Service scope and exclusions defined upfront
  • Security responsibilities mapped explicitly
  • Evaluation scorecard and weighting agreed
03

Review the Contract

We review the full contract and schedules — identifying gaps, ambiguities, unfair terms, and areas that need clarification or renegotiation before you commit.

  • Clause-by-clause review against your requirements
  • Risk summary in plain English — not a legal opinion
  • Priority list of changes to negotiate
04

Support Negotiation & Decision

We support you through negotiation — helping you push back effectively, understand what's reasonable to ask for, and make a final decision with confidence.

  • Negotiation brief — what to ask for and why
  • Assessment of revised terms
  • Final recommendation based on the full picture
"The best time to review an MSP contract is before you sign it. The second best time is before you renew it."

Got a contract you want us to look at?

Whether you're evaluating proposals, about to sign, or wondering if your current MSP contract is actually protecting you — get in touch and we'll give you an independent view.

Contact Us