Under this agreement, monitoring by Company personnel of the Cuick Trac environment will occur on a 5-days a week (Monday – Friday) basis with service hours of 8:00am-6:00pm CST. Remediation services will be provided only during business hours unless otherwise specifically stated in the SOW. Company will respond to problems, errors, or interruptions in the provision of the Services in the timeframe(s) described below. Severity levels will be determined by Company at its reasonable discretion and in accordance with industry best practices. All remediation services will initially be performed remotely; Company will provide onsite service only if remote remediation is ineffective and, under all circumstances, only if covered under the Service plan selected by Customer.
All time frames are calculated as of the time that Company is notified of the applicable issue / problem by Customer through Company’s designated support portal, help desk, or by telephone. Notifications received in any manner other than described herein may result in a delay in the provision of remediation efforts. Help desk support provided outside of Company’s normal service hours will be billed to Customer at the hourly rate of $130/ hour (2- hour minimum applies), and support provided between 11:00pm-6:00am CST will be billed to Customer at the hourly rate of $500/ hour. For support to locations in significantly different time zones, 2+ days notice for anticipated priority support is recommended. Support requiring on-site visits will be billed to Customer at the flat rate of $2000/ day, plus expenses (based upon the approved United States Federal Government Per Diem rate for that fiscal year), only if pre-approved in writing by Customer.
In the event of a Service Level Default, the corresponding Service Level Credit will be creditable to Customer; provided, however, that in no event will the total amount of Service Level Credits creditable to Customer for a single month exceed the “At Risk Amount” for that month.
If Company believes that a Service Level Default should be excused, then Company will so state in the applicable Service Level Report. In the applicable Service Level Report, Company will also indicate the following:
1. Which Service Levels are affected by the exemptions and the calculation of the actual performance values of the affected Service Levels, both with and without taking into account the effect of the excuses concerned; and
2. All of the circumstances that give rise to the claimed exemption, in sufficient detail to permit Customer to evaluate whether Company’s claim of exemption is valid.
In no event will the total amount of Service Level Credits in a single month exceed, in total, 75 percent of the aggregate amount of all Cuick Trac Enclave Charges for the applicable month (the “At Risk Amount” for the applicable month) within the first year of the Agreement. The At Risk Amount will reduce to 50 percent after the first year.
For purposes of calculating the Service Level Credit, Customer will allocate a certain number of points (“Service Level Credits”) to each of the Service Levels; provided, however, that the aggregate Credits allocated among all Service Levels will not exceed 100.
Service Level Credits will be calculated monthly. Customer will be entitled to a Service Level Credit for each Service Level Default that occurs during such month. Any Service Level Credits will begin to accrue for Service Level Defaults three (3) months after the Service Commencement Date for the applicable Service Level.
For Service Level Defaults, each Service Level Credit is equal to the product of: (1) the Service Level Credits applicable to the affected Service Level, divided by 100, multiplied by; (2) the “At Risk Amount”. Below is a sample calculation.
If Company has failed to meet a Service Level during the prior month; to which Customer has allocated 30 Service Level Credits; and Company’s total Cuick Trac Enclave Charges to Customer for such month for the Services are $10,000, the applicable Service Level Credit would be computed as follows:
(Service Level Credits / 100) X “At Risk Amount” = (30 / 100) X (Cuick Trac Enclave Charges X 75%) = (30 / 100) X ($10,000 * 75%) = $2,250
Service Level Credits will be calculated and paid monthly and adjusted in the invoice for the applicable month.
The Cuick Trac secure virtual enclave requires an active internet service provider (“ISP”) connection for access. Based upon individual needs, it is strongly recommended that Customer obtain a primary and secondary ISP with automatic fail-over to prevent loss of connectivity. Customer understands and agrees that Company has no control over ISP services and shall not be held liable for any loss or work stoppages caused by ISP outages and Company shall be held harmless in the event of any such losses. Any IP addresses provided to Customer by Company during the term of the Agreement are managed by Company and Company will retain these IP addresses after termination of the Agreement, meaning that they may not be transferred or utilized by Customer after termination of the Agreement.
Software that is not on the Cuick Trac approved white-list, but may be in use in the Customer’s networks, will be analyzed for security concerns and explicitly approved on a case-by-case basis. Company cannot and will not provision software that creates unmitigated vulnerability within the environment.
Customer understands and agrees that software that is not part of the Cuick Trac whitelist may pose additional risk to Customer’s environment. To the extent Customer requests Company to implement non-whitelisted software, Customer accepts the incremental risk inherent to such software. The Company is not liable for software implemented at Customer’s request.
Company shall keep all managed and/ or hosted equipment and software current with critical patches and updates (“Patches”) as such Patches are released by the manufacturers of the applicable hardware or software. Patches and updates are developed by third party vendors and, on rare occasions, may cause system instability. Company shall refrain from installing a Patch if Company is aware of technical problems caused by a Patch, or believes that a Patch may render the System, or any portion of the System, unstable or present an information security vulnerability or may otherwise create a NIST 800-171 compliance violation without Customer’s prior consent.
This shows the descriptions of the required Service Levels.
1) Incident Response Time
2) Incident Resolution Time
3) Availability
Ticket Priorities: All tickets are worked from highest priority to lowest priority and from oldest to newest. Service hours are from 8am-6pm CST.
P1 – Priority 1: Critical
Examples of P1:
● Large degradation of service impacting most or all of the business.
● Server Down
● Network Down
● Email Down
● Fire, flood, etc.
P2 – Priority 2: High Priority
Examples of P2:
● Backups failing ≥ 3 days in a row
● Company communications, IE email, being down
● Critical use workstation down
● Customer has requested service be completed within 24 hours
● Ticket has been open for more than 60 days
P3 – Priority 3: Medium Priority
Examples of P3:
● Backups failing ≥ 2 days in row
● New user provisioning
● One or more users productivity is hindered
● Problem is inconveniencing multiple users
● Workstation down
● Customer has requested service be completed within 48 hours
● Ticket has been opened for more than 30 days
P4 – Priority 4: Low Priority
Examples of P4:
● Any item not having met the criteria for P1, 2, or 3 and not specifically requested by the Customer to be higher priority than to be done on a monthly maintenance period
● Scheduled work for the Customer
● Monthly maintenance, updates, etc.
