Reply To: Security Assessment SLA


I have concerns about the SLA process. The ones I’ve read so far are too general with a significant amount of boilerplate language simply carried from one SLA to the other. Although I understand that the timeline was set by President Frank for SLA generation, it’s not clear to me that the President set the timeline for the comment period. It seems highly unlikely that busy IT employees have the time to read, consider, and respond to these critically important documents. Several of the SLAs will need tweaked to satisfy specific departmental needs and that language needs built into every SLA produced during this process. However, my biggest concern is the lack of consequences if the terms of the SLA are not met. I attended an IT UNM meeting last fall where the CIO spoke about SLAs back when SLA generation was to be a collaborative effort with involvement from IT Agents and others from the UNM IT community. When asked about consequences if the SLA terms were not met, the CIO’s response was that people would lose their jobs. Perhaps the CIO didn’t anticipate that meeting attendees would have questions about consequences but such a superficial reply to a serious question is troubling to me. The bottom line is that there needs to be specific, well-defined consequences for not meeting the SLA terms for both the customer and Central IT on every SLA.
This particular SLA has serious issues and needs work but others have commented on the specifics. I simply don’t have time to do so right now and therefore am limiting my comments to the overall process.

  • This reply was modified 8 years ago by cdean.