A structured msp agreement is an operational control, not a legal formality.
Legal Disclaimer: The sample clauses in this guide are illustrative examples for educational purposes only. They are NOT legal advice and do NOT create an attorney-client relationship. Contract enforceability depends on your jurisdiction, client type, and specific circumstances. Always have a qualified attorney review and adapt any agreement language before using it with clients.
It defends gross margin and stops churn by standardizing scope, security, and pricing. This guide provides clause-level blocks to adapt with counsel, plus a packaging map to align service tiers. This is informational only, not legal advice. All sample clauses are illustrative — they are NOT a substitute for advice from a qualified attorney. Have a licensed lawyer review and adapt any language to your jurisdiction and circumstances before using it.
Start by locking scope to what you can actually deliver at each package.
1. Standardize Scope to Prevent Margin Leakage
Vague scope is the root cause of service disputes, margin leakage, and client churn. Your managed services agreement must define deliverables through operational reality, not sales brochure promises that delivery teams cannot meet.
Define your offering via a Schedule of Services incorporated by reference. This schedule details inclusions, exclusions, dependencies, and supported environments, controlling if conflicts with sales proposals arise. Every package should reference this section, customized only by package-specific addenda. Run a quarterly review to keep these services aligned with reality.
```text
Scope of Services. Services are limited to the Schedule of Services (the "Schedule") incorporated by reference. The Schedule controls over sales materials. MSP may update the Schedule with 30 days' notice. Material reductions trigger a customer termination right; otherwise, continued use constitutes acceptance.
```
2. Draw Hard Lines Between Remote Support and Projects
Vague remote support definitions in your managed services contract kill gross margins. When clients expect migrations under a flat fee, engineering capacity collapses and write-offs pile up. Clear boundaries protect your capacity.
In-Scope (Steady-State):
Per-user remote helpdesk troubleshooting
Workstation OS patching and updates
Basic firewall rule modifications
Antivirus and backup status monitoring
Standard onboarding and offboarding
Out-of-Scope (Projects):
Physical office moves and site buildouts
Post-merger infrastructure integrations
Server migrations to cloud hosts
Major application upgrades
Custom scripting and database development
The "No Implied Projects" Rule: Recurring fees cover steady-state maintenance, not transformations.
```text
Out-of-Scope Work: Services not explicitly listed require a signed Statement of Work (SOW). Urgent out-of-scope work is billed at standard emergency rates ($250/hr).
```
3. Operationalize Out-of-Scope Work to Capture Extra Margin
Unapproved quick fixes trigger billing disputes and erode margins. To protect your gross-profit payback, the managed IT agreement must define authorized contacts and channels like ticket portals or purchase orders. Reference your rate card to handle after-hours multipliers, emergency responses, and onsite minimums, turning out-of-scope requests into predictable revenue.
```text
Authorization of Extra Work. MSP has no obligation to perform out-of-scope work without approval from an Authorized Contact. Time is billed in 15-minute increments. Estimates are non-binding unless included in a signed Statement of Work.
```
Link these rules to your packaging. For tiers with included hours, specify how overages bill automatically. This stops your delivery team from improvising margin-destroying exceptions.
4. Protect Your Margins with a Defensible Price Adjustment Clause
To prevent margin erosion and avoid the trap of locked-in rates, your managed services agreement must include simple, enforceable pricing terms.
Ensure your agreement outlines two key mechanisms:
An annual adjustment capped at 5% or CPI, applied on the anniversary with 60 days' notice.
A pass-through provision to adjust for material vendor cost increases.
```text
Price Adjustments. MSP may increase fees annually by up to 5% or CPI change, upon 60 days’ notice. If Client rejects the increase, they may terminate at renewal. Vendor licensing increases pass through directly with 30 days’ notice.
```
Caps and clear notice windows protect retention by avoiding surprise hikes. Use this clause alongside our defensible pricing and visibility system to secure your margins.
5. Mandate a Security Baseline to Eliminate Toxic Liability
Clients who refuse critical cybersecurity controls represent your highest liability and churn risks. A modern managed IT contract must treat cybersecurity as a strict contractual requirement, not a negotiable upsell.
Every agreement must mandate a minimum security baseline:
Multi-factor authentication (MFA) and strict admin access rules
Patched operating systems and immutable backups
Standardized incident notification obligations
If a client declines these terms, they must sign a formal waiver, or face scope limitations and contract termination.
```text
Security Baseline and Waiver. Client must maintain MSP's minimum security baseline. Refusal may significantly limit MSP liability for related incidents (subject to applicable law), reduces service obligations, and may constitute grounds for termination. Review enforceability with your attorney — outcomes vary by jurisdiction.
```
This baseline protects your delivery capacity and makes premium, security-first packages commercially credible.
6. Limit Liability to Secure Your Balance Sheet
A managed services agreement is not an insurance policy, and aggressive liability posturing only stalls deals. Protect your business by capping total liability to fees paid in the prior 6 to 12 months. Explicitly exclude consequential damages like lost profits and business interruption, alongside third-party criminal acts. Note that this sample is not legal advice.
```text
Limitation of Liability. MSP’s total liability is capped at recurring fees paid by Client in the 12 months preceding the event. Neither party is liable for indirect, consequential, or business interruption damages. This cap excludes damages from MSP’s willful misconduct or third-party criminal acts.
```
Pair this cap with a customer requirement to maintain active cyber insurance. Your role is system recovery, not underwriting their operational downtime.
7. Align Your SLAs with Packaging and Enforceability
An unmeasurable SLA destroys your margins. Your msp agreement must define what starts the clock, what pauses it, and how response times map to your packaging tiers.
Map your delivery capabilities directly to a three-tier model:
Core: Next business day response, 8x5 coverage.
Plus: 4-hour high-severity response, 8x5 coverage.
Secure: 1-hour critical response, 24x7 coverage.
The SLA clock must only start upon receipt of a valid ticket. It must pause while waiting on client response, vendor action, or credential access.
```text
SLA targets vary by package tier. Remedies are limited to service credits capped at 10% of the monthly fee. The clock begins upon receipt of a valid ticket and pauses while awaiting Client response, vendor action, or administrative access.
```
8. Define Clear Renewal, Termination, and Suspension Mechanics
An operational managed services agreement protects your delivery margins and cash flow. To recover onboarding costs, align your minimum contract term with your upfront setup expenses. Lock in accounts using auto-renewing 12-month terms with a 60-day notice window.
Set a clear enforcement ladder for non-payment. Mandate payment on undisputed invoice portions, and establish a strict notice, cure, and suspension sequence.
```text
Term & Suspension. This Agreement auto-renews for 12-month terms unless written notice is given 60 days before term end. MSP may suspend services on 5 days' notice if undisputed fees remain unpaid 15 days past due. Re-onboarding requires a $500 fee. MSP may suspend services with reasonable notice upon detecting a security compromise — review the scope of any suspension right with counsel, as enforceability varies by jurisdiction.
```
How to Design a Service Plan for Your Managed IT Company
Service packages fail when sales, operations, and the contract describe three different services. Align your delivery with your managed IT agreement using this six-step execution workflow.
How Do I Inventory Services and Group My Packaging Tiers?
Step 1: Inventory what you actually do today. Create a complete service catalog by documenting every task your engineering team performs. Exclude any task you cannot track inside your PSA ticketing system.
Step 2: Group services into three defined tiers. Categorize deliverables into Core, Plus, and Secure packages based on cost-to-serve and client risk profiles.
What Inclusions and SLA Rules Must Each Tier Contain?
Step 3: Define SLAs, coverage hours, and exclusions. Detail specific response thresholds and explicit out-of-scope limitations for each tier to prevent scope creep.
Step 4: Map tiers to the schedule of services. Insert these standard packages directly into your contract as fixed templates. Append package addenda and reject custom, one-off arrangements.
How Do I Align Sales Quoting Rules with Contract Terms?
Step 5: Build matching quoting rules. Force your sales cycle to reflect your contract clauses regarding authorized contacts, change control, and the formal project scoping process.
Step 6: Set a quarterly review cadence. Schedule recurring operational audits to adjust pricing for vendor cost increases and to update your cybersecurity baseline.
If you want your packaging and managed services agreement to support pipeline growth, visibility, and price integrity, book a diagnostic session with NUOPTIMA.