Document title

IFCA Corporate SLA

Document link

https://confluence.ifca.es/display/IC/Corporate+Level+SLA

Last Document Revision

 

Status

FINAL

Glossary of terms

For the purpose of this SLA, the following terms and definitions apply:

  • The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

General

This Corporate Service Level agreement (SLA) is valid for all IT services provided by the IFCA Advanced Computing and e-Science group, if no other agreements are in place. The Corporate Level SLA may be extended or replaced by specific SLAs.

1 - The services

Service delivery & operating times

IT services are in general delivered during 24 hours per day, 7 days per week (i.e. 365 days or 8,760 hours), to seamlessly support business operations. Planned and announced interruptions may reduce the effective operating time of a service.

2 - Service hours & exceptions

Overall availability target

For each service provided, the minimum annual availability target is 99%, independent from the criticality of the service. This means that in one year, the service must not be unavailable for more than 87 hours, if the effective operating time is 8,760 hours. Planned and agreed interruptions (e.g., for maintenance) are not considered as unavailability, since they are not part of the effective operating time. We target 99% availability time, but we do guarantee it, therefore we not exclude lower levels of availability.

Planned interruptions & incidents

For planned interruptions and (unplanned) incidents, the following targets apply:

High-criticality services

  • Maximum of 4 planned interruptions per year.
  • Maximum duration of planned interruption: 1 day.
  • Support and incident handling between 9:00 and 17:00 on business days.
  • Target resolution time in case of incidents: less than 1 working day.

All other services

  • Support and incident handling between 9:00 and 17:00 on business day.
  • Target resolution time in case of incidents: depending on the individual priority according to incident prioritization guidelines – up to 3 business days (less than 2 or 1 business days in more urgent cases).

Any planned interruption will be announced in advance via IFCA Status Website 1 and agreed communication channels.

Any incident reported through approved channels will be acknowledged and reacted upon next business day (target reaction time). To accelerate the response to critical incidents, users recognizing a potentially critical or major incident are obliged to report this incident through dedicated emergency channels, allowing for a target reaction time of less than 60 minutes.

3 - Support

Support is provided via the IFCA Helpdesk 2, which is the single point of contact for users for support requests and incident handling.

Service communication support is available all bussiness days from 09:00 to 17:00.

Incident handling

Disruptions to the agreed service functionality or quality will be handled according to an appropriate priority based on the impact and urgency of the incident. The IFCA will endeavour to resolve incidents within five working days.

Response and resolution times are provided as service level targets (see section "Service level targets").

Fulfilment of service requests

In addition to resolving incidents, standard service requests (e.g. change or information request, documentation) will be fulfilled through the defined support channels in section "Support". Response and fulfilment times are provided as service level targets (see section "Service level targets").

4 - Service level targets

The following are the target service level targets for all services: 

Service level parameter

Target

Overall service availability

99%, no access <3 days a year

Response time for a support request

Next Business Day

Target resolution time for a support request

5 working days

5 - Limitations & constraints

The provisioning of the service under the agreed service level targets is subject to the following limitations and constraints:

  • Support is provided in following languages: English, Spanish.
  • Downtimes caused due to upgrades for fixing critical security issues are not considered SLA violations.
  • Failures in the normal operation of the service caused by failures in service provided by the Customer are not considered SLA violations.
  • Force Majeure. A party shall not be liable for any failure of or delay in the performance of this Agreement for the period that such failure or delay is due to causes beyond its reasonable control, including but not limited to war, strikes or labor disputes, embargoes, government orders, natural phenomena or any other force majeure event.
  • The file system provides internal redundancy to the failure, implementing a RAID DDP, but there is always the possibility of a disaster. No backups are made, unless it is an explicit condition of the project coditions. Please make your own backups.

6 - Information security & data protection

The following rules for information security and data protection apply:

  • The users are responsible for the security of the personal password, digital certificate and any other electronic credentials used to access the IFCA services.
  • The user accounts are personal and are not transferable nor shareable. The users SHALL NOT share their credeintials with third party under any circumstances, even if the requester is part of IFCA staff.
  • The users must report immediately any security incident like a lost or stolen password, a suspicious access, etc.
  • The users are responsible for the security of the program/data/services executed/stored/offered including but not limited to permission rights, access control lists, open ports, etc.
  • Assertion of absolute security in IT systems is impossible. The Provider is making every effort to maximize security level of users data and minimalize possible harm in the event of an incident.
  • The Provider will define and abide by an information security and data protection policy related to the service being provided.

7 - Responsibilities

The responsibilities of the Customers and Users are:

  • Provide feedback on the quality of the service received as described in the corresponding CRM.
  • Raise any issues deemed necessary to the attention of the Provider.
  • Respond to incident and problem records from the Provider in a timely manner.
  • Promote an adequate and fair usage of IFCA services, including but not limited to hardware, software and middleware. In particular it is strictly forbidden to try any action that may impact its performance and/or is not indicated in this SLA, including "stress tests" or "benchmarking exercises".
  • Ensure that any program/data/service using the IFCA services is under the terms of this SLA.
  • Comunicate if any of his organization users accessing the IFCA services are no longer part of his organization, or should not have access to the services anymore.
  • The Customer commits to acknowledge IFCA in the scientific publications benefiting from the Service and will provide during Agreement review (yearly) list of scientific publications benefiting from the Service.
  • The data stored in the system by the Customer must not cause any legal violation due to the content type (such as copyright infringement, dual use, illegal material).

References

  1. IFCA Status Website:   https://status.ifca.es/ (1)

  2. IFCA Helpdesk:   https://support.ifca.es/ (2)