Risk mitigation for IT contractors

The world is a risky place, especially the world of business. If you buy or sell or offer services or products to others in exchange for money, then you better have all your bases covered in case something blows up or goes wrong! IANAL and I really don’t like jokes about the legal profession — except maybe this one — since making fun of another profession might come back on me someday knowing how the karma of the universe tends to work. But knowing the law, or at least knowing how to minimize the risk of getting into legal trouble or getting sued or even going to jail, is important enough that all of us working in the IT profession — and much more so for us who sign contracts to provide or acquire products and services from other companies or individuals.

IT contractors risk
Shutterstock

I had to learn this the hard way when I worked as an IT contractor doing work-for-hire projects for large companies. Some of the contracts I was asked to sign were longer than 20 pages! And the language — well, don’t get me started on that as legalese — which the Oxford Languages Dictionary defines as “the formal and technical language of legal documents that is often hard to understand” and which is clearly an understatement — is like learning how someone speaks from another planet.

Of course, lawyers are known for their adherence to rigorous, standardized language reason for a reason. But sometimes, they carry this to the extreme. A friend of mine who is a high-powered corporate lawyer once told me about an all-night session he had in the conference room of a windowless downtown office building where they literally battled for hours where a comma should be properly placed in a sentence of a contract two parties were negotiating.

I mean, really. Isn’t there an easier way to make a living?

How can an IT contractor mitigate risks?

Nevertheless, it’s important for those of us involved in IT contracting, whether on the side of providing services to others or on the customer side of the equation, to know what should be included in a contract to reduce exposure to liability and ensure a mutually beneficial relationship for the parties involved. That’s why if this is you, I highly recommend the book A Guide to IT Contracting: Checklists, Tools, and Techniques (2nd Edition) from CRC Press (2021). This book is a gold mine of valuable information that can help you mitigate your risks if you work as an IT contractor or if your organization plans on contracting with a vendor offering services or products you need for your environment. The book was written by Michael Overly, who, first of all, is a partner in a law office that has over 1,000 lawyers in 25 offices across the United States, Mexico, Europe, and Asia, and who, second of all, also holds a number of highly regarded IT certifications including CISSP, CIPP, CISA, CRISC, and ISSMP. It’s unusual to find someone who displays unqualified expertise in both IT and the legal profession, and the author certainly demonstrates it in this book.

IT Contractors

The chapters in this book cover the full range of various kinds of IT contracting scenarios, including agreements concerning software licensing, professional services, service level, tech support, marketing, nondisclosure, IP protection, and so on. Specialized industry areas such as the health care and financial sectors where stringent regulations are involved are also covered in detail, as is working with OEMs and social media companies.

Each chapter begins with a detailed checklist that can help you make sure everything is covered and nothing is missing from the agreement you’re writing up or are being asked to sign. Introductory material then follows about the specific kind of agreement being considered in the chapter geared toward helping you make sure that you understand the nature and intent of such IT contractor agreements. This is important, by the way, since agreements are often mislabeled or misconstrued because of the complexities of IT systems and software. For example, what is presented to you as a licensing agreement may actually be more properly considered a cloud services agreement. Having a clear understanding of what is being agreed to is essential to minimize the risks associated with signing it. Essential terms that are generally used in the agreement under consideration by the chapter are explained next and in simple and easy-to-understand language rather than legalese — though you should still read each sentence carefully to make sure you understand the precise wording the author uses.

A new world

A valuable enhancement to this second edition of the book is the presence of additional material necessitated by changes to the ever-evolving IT landscape. Whether we like it or not as IT professionals, software developers, or service providers, we now live in the Age of the Ever-Changing Product and in the World of Where Is My Data? Cloud Computing and DevOps and the increasingly aggressive and competitive online marketplace all conspire to create additional opportunities for f*ck-ups when contracting IT services and solutions. To survive in such a world — and in whatever living and working in the Metaverse will eventually be like (now than Facebook is the Metaverse) — means learning to avoid and mitigate risk to a new level of degree. And if any resource out there can help you in this regard as a customer or IT contractor, this book is definitely it.

Featured image: Shutterstock

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top