Hi Thomas,
Thanks for the info, its all very enlightening.
Not many freelancers like us understand how important the contract is.
Do you have a sample contract doc that we can use to tailor our own?
been researching about it for some time now.
Simiyu
--- On Thu, 7/9/09, Thomas Kibui <thomas.kibui@gmail.com> wrote:
From: Thomas Kibui <thomas.kibui@gmail.com>
Subject: [Security Forum] Writing Professional Engagement Contracts
To: security@lists.my.co.ke, skunkworks@lists.my.co.ke
Date: Thursday, July 9, 2009, 6:48 AMHello People, 2 cents ... For quite some time now I have come across technical proposal contracts, consultancy engagement contracts, Service level agreements and Statement of Works documents that are very poorly written. They normally leave the the provider or consultant or consultancy firm in a massive material and/or financial exposure because of the unlimited liability that is created in the agreement on the document. Badly written contracts can also result in one having his or her professional
indemnity insurance policy getting nullified.
First, let me talk about some of the legal buzz words that appear on contract documents ... “Damages” – are compensation for loss suffered owing to a breach of contract, a tort (civil wrong as opposed to a criminal wrong), or breach of some duty or responsibility that is mandated by a statute or act of parliament (e.g. product liability to a consumer) committed by some person or company. Different points of view may arise as to how much damages for a certain case can be but generally the principle is to put the innocent party, to the extent that money can achieve it, in the position as if it had not been subjected to the loss. Damages can also be general, nominal, special or exemplary (as a punishment) depending on jurisdiction.. (geographical , functional etc etc)
“Warranties, conditions, obligations, liabilities and covenants” are simply provisions which when breached give rise to a claim for damages or compensation. These are normally subject to legal rules relating to damages such as mitigating (reducing) your losses
“Indemnities and guarantees” – are promises to do something (usually pay money) on the happening of a specified event.These are meant to hold a party harmless from all risk associated with the specified event. Indemnities are therefore much wider and involve more risk for the consultant.
"Direct v/s Indirect losses" - We often hear talk about direct and indirect or consequential losses or damages. These are widely misunderstood (even among our learned friends - the lawyers cum politicians) and have different meanings in different jurisdictions. Commonly (but incorrectly), there is a tendency to differentiate the two types in terms of the cost of re-instatement or fixing the part that has failed as against purely financial losses such as lost revenues or profits that the customer could have earned had, if for example, the defective software continued to work properly. However, this is often not the correct distinction legally. Under Common law, which was adapted in Kenya, for example, purely financial losses (such as lost profits) can still be classed as “direct” losses so long as they result or “flow” directly from the breach”.
Having said that ... a professional should try to limit his /her liability as much as possible. Many jurisdictions prohibit the total exclusion of certain types of liability on the grounds of public policy (e.g. liability for death or personal injury which is as a result of the professional's negligence). It is usual to acknowledge liability for these injuries ... BUT liability for loss of profits, revenue, business and data (“indirect”) should be excluded in the contracts at all times. This is because large claims/losses are very possible here. The customer can always mitigate against such losses by for example paying for redundancy or backing -up or seeking alternative services.Including indirect liability is almost like underwriting/insuring the customer’s business.
All remaining liability (“direct”) should be capped. eg.. capping the losses to the value of the consultancy fees or a % of it.The amount of the cap is normally a variable for negotiation. I am not a lawyer but I believe that a professionally written agreement document should follow the below basic principles..
- Cover Page .. with a clear title that indicates what the document is all about, customer name, provider's name , logos are optional, Date is optional, one could include a professional picture to make it colorful..
- General Information .. Here put in customer details, the customer SPOC contact details, the provider's SPOC contact details, date, document version, contract reference number or code
- Financial Proposal .. here include the prices, clearly indicating the currency, the assumed exchange rate and the payment model, eg One time payment, recurring payment, payment by milestone, or whatever mode u want. Always separate the professional fees from the other charges that are incurred in the engagement. EG "Security consultancy fees = 200,000 ,, Internet access fees = 12,000, travel and accommodation = 30,000. Consultants who incur travel and accommodation expenses should always include a clause indicating that any unforeseen extra expenses that may be incurred in the cause of engagement will be charged to the customer .. something like The foregoing travel and accommodation fees reflects an estimate of activities required to
perform the work under this contract, which may vary from the actual time spent, and travel expenses incurred . Unless expressly agreed otherwise, charges shall be incurred on the basis of actual time spent and travel and will be charged to the customer at cost.
- Description of Product / Service.. Here start with an executive summary of what the deal is all about then describe the product or service as you normally do.
- Contractual Terms and Conditions .. this is where most of us get a D minus ... This section is the "legal" part of the document if you could call it so .. This section should have the following...
- A general section with clauses that talk about how payment will be done, the effective date of the contract (eg this contact is effective upon signature), change management and its impact on charges, , assumptions and references to other binding documents if they exist... a previous contract
- A section on limited liability that completely absolves the provider from liability from in-direct losses and capping liability from direct losses.
- A confidentiality clause that protects both parties from disclosure of confidential information to third parties .. this is self explanatory ..
- A clause stating the governing law, the language to be used and the place of arbitration that will be used in case of a dispute This becomes important when u are doing a deal in a foreign country ..eg lets say you were contracted to inspect the UN firewalls in Addis Ababa .. and somehow y'all disagreed .. you will be in more trouble if you had not on the onset argued that you would sign the agreement in Kenya, use Kenya laws, use the English language in a Kenyan court to resolve the dispute ... Can you imagine a Kenyan trying to describe an exploit in Amharic .... :-) (no offense to the Ethiopians)
- Lastly a signature section saying something like "by signing below, Customer confirms that Provider may commence the work detailed in this agreement and that all its internal requirements for authorizations have been complied with" __________ (customer name, date etc) ___________________ (provider name, date).
Thats my 2 cents .. i hope it helps .. feel free to add your thoughts too ..
|