Services Agreement Template

Department of Finance and
Deregulation
Australian Government Information
Management Offi ce
GATEKEEPER PKI FRAMEWORK

SERVICES AGREEMENT TEMPLATE
February 2009
Department of Finance and Deregulation

Australian Government Information Management Office
Commonwealth of Australia 2009
This work is copyright. Apart from any use as permitted under the Copyright Act
1968, no part may be reproduced by any process without prior written permission
from the Commonwealth.
Requests and inquiries concerning reproduction and rights should be addressed to
the Commonwealth Copyright Administration, Attorney-Generals Department,
Robert Garran Offices, National Circuit, Barton ACT 2600 or posted at
http://www.ag.gov.au/cca
2
Services Agreement Template

Relationship Certificate
February 2009

February 2009
CONTENTS
1.
Services Agreement [title]..........................................5
2.
Recitals.....................................................................5
3.
Definitions, Interpretation and Scope..........................5
4.
3.1.
Definitions
3.2.
Interpretation
3.3.
Scope of Agreement
Rights and Obligations...............................................6

4.1.
Provision of Services
4.2.
Additional Services
4.3.
Fees and Payment Terms
5.
Applicable Law...........................................................6
6.
Term of Agreement....................................................6
7.
Warranties.................................................................7
7.1.
General Warranties
7.2.
Gatekeeper Warranties
7.3.
Special Warranties
8.
Limitation of Liability.................................................9
9.
Confidential Information.............................................9
10.
Privacy......................................................................9
11.
Minimum Insurance Requirements..............................9

11.1.
Minimum level of insurance
10
11.2.
Evidence of insurance
10
11.3.
Absence of insurance
10
12.
Variation of Agreement............................................10
13.
Assignment and Novation.........................................10

13.1.
No assignment without consent
10
13.2.
No assignment without approval of the Gatekeeper

Competent Authority
10
No obligation to consent to novation
10
13.3.
14.
Waiver.....................................................................10
15.
Entire Agreement.....................................................11
16.
Notices....................................................................11
16.1.
Addresses of the parties
11
16.2.
Change of address
11
4

February 2009
16.3.
17.
18.
Deemed receipt of communications
11
Termination.............................................................11
17.1.
Termination for default
11
17.2.
Termination on notice
12
17.3.
Effect of termination
12
Dispute Resolution...................................................12
Schedule 1: Addresses of the Parties..................................13

Schedule 2: Services to be provided...................................14
Schedule 3: Fees...............................................................15
Schedule 4: Service Level Agreement.................................16
Schedule 5: Signing Page...................................................17

February 2009
1. Services Agreement [title]

Service Agreement dated: [insert date]
Between
[Insert name of the Agency1]
And
[Insert name and ACN/ABN of the Service Provider] (the Service
Provider)
Recitals
2.
[Insert recitals basic objectives or context of the agreement]
Definitions, Interpretation and Scope
3.
1.1.
Definitions
[Insert definitions of key words in this agreement]

[Parties are encouraged to utilise the Gatekeeper Glossary as a guide
to definitions of common terms in PKI. However, it is likely that terms
will have to be defined within this agreement.]
1.2.
Interpretation
In this Agreement, unless the contrary intention appears:

a) clause headings are for convenient reference only and have no
effect in limiting or extending the language of the provisions to

which they refer;
b) words in the singular number include the plural and vice versa;
and
c) where a word or phrase is given a particular meaning, other parts
of speech and grammatical forms of that word or phrase have

corresponding meanings.
1.3.
Scope of Agreement
[Insert a description of the limits of this Agreement e.g. what type of

services are covered or excluded. For example, the Service Provider
may only be providing digital certificates and some basic certificate
administration (renewal and revocation), and other aspects of
certificate management (e.g. help desk) may be excluded]
In the Special Category of the Framework this may be a Relationship Organisation.

6

February 2009
4.
Rights and Obligations
[This is the core of the Services Agreement. It is likely to vary to a

great degree, as the range of potential services is so large. Therefore
this document includes a reference to a Services to be Provided
Schedule.]
[This section must comply with the Gatekeeper Core Obligations
Policy.]
1.4.
Provision of Services
The Service Provider will provide the Services requested by the

[Agency] as described in Services to be Provided Schedule [XX]
in accordance with the terms and conditions specified herein and in
accordance with the Services Level Agreement Schedule [XX]
throughout the term of this Agreement.
The Service Provider will provide the Services in accordance with the
Service Providers Gatekeeper Approved Documents. [This is a
condition of the Gatekeeper Head Agreement.]
1.5.
Additional Services
Any services in addition to the standard services outlined in the

Services to be Provided Schedule [XX] will be provided by the
Service Provider under a Statement of Work to be agreed by the
parties.
1.6.
Fees and Payment Terms
The Agency shall pay fees for the services provided hereunder as set
forth in the Fee Schedule [XX] and subject to the payment terms
outlined in the Fee Schedule [XX].
5.
Applicable Law
This Services Agreement shall be subject to the laws in the [insert

name of appropriate jurisdiction].
6.
Term of Agreement
[Insert a description of the term of the agreement, eg

commencement date and length of agreement. For an ongoing
agreement the renewal process should be described.]
[Sample text for an ongoing agreement if relevant:
This Services Agreement commences on the Commencement Date
and, subject to this Services Agreement, continues from Year to Year.
Either Party may give written notice to the other not less than [XX}
Business Days before any anniversary of the Commencement Date
that this Services Agreement is not to be renewed and this Services
Agreement shall accordingly expire on that anniversary of the
Commencement Date.]
7

February 2009
7.
Warranties
1.7.
General Warranties
[Insert a description of any general warranties required in the

Agreement. These might include warranties that no services supplied
will breach of third party intellectual property or legal judgments. This
section might also include a warranty that the Service Provider will
notify the Agency if it becomes aware of any potential breaches.]
1.8.
Gatekeeper Warranties
[Insert applicable warranties that arise from Gatekeeper Core

Obligations Policy for Service Providers. These will depend on the
nature of the Services being provided. In deployments the
warranties from the Gatekeeper Core Obligations Policy that are
relevant are those that apply to CAs and RAES (where relevant). The
headings appear in the table below. The full text of the Gatekeeper
Core Obligations Policy warranties should be inserted as relevant.]
Service Providers
Party
CA
Warranties
Certificate Policies (CP)
Certificate Generation
Key Generation
Possession of Private Key
Certificate Revocation
Certificate Repository/Directory
CA Termination
RAES
Evidence of Identity (EOI)

Certificate Revocation Requests
Certificate Generation
Certificate Repository/Directory
RAES Termination
[Insert applicable warranties that arise from Gatekeeper Core

Obligations Policy for the Agency. In Relationship Certificate
deployments the warranties from the Gatekeeper Core Obligations
Policy that are relevant to Agencys appear in the table below
(headings only). The full text of the Gatekeeper Core Obligations
Policy should be inserted as relevant.]

February 2009
Agency / Relationship Organisation

Party
Warranties
Relationship Organisation Evidence of Identity (EOI)

(RO)
Notify when Certificate is
(In Relationship
compromised
Certificate deployments it Requirement to advise Subscribers
will also be the
of certain obligations
responsibility of the RO to
pass on some warranties Secure storage of keys
to Subscribers typically Comply with limits on use
by adding these
requirements to existing Notify when Certificate is
compromised
user agreements).
Agency/RO also acting as Verify that certificate use is within
a Relying Party
limits
(In some deployments the Verify that certificate is valid (not
Agency will also be a
revoked)
Relying Party)
compromised
Relying Parties
Verify that certificate use is within

limits
Verify that certificate is valid (not
revoked)
compromised
1.
1.9.
Special Warranties
[Insert any special warranties that apply to this particular type of

service. These might arise from the specific characteristics of the
certificate type]
Special circumstances (Special Category only):
Party
Warranties
Hosted Certificate
Relevant Party
(From the Hosted Certificate Policy

Specification)
(These special warranties

must be applied to the
appropriate party in
accordance with the
Hosted Certificate Policy
Specification).
Host security obligations

Use requires direct request from the
Subscriber
Notify where Certificate is
compromised
9

February 2009
Limitation of Liability
8.
[The relationship between this clause, the Gatekeeper Core

Obligations Policy, the liability guidelines and the warranties section
(above) are complex. The current draft provides a fairly simple
approach to managing liability in a Relationship certificate
deployment.]
The aggregate liability of either Party for all Causes of Action is limited
to [insert $ amount per period or per event] during the term of this
Services Agreement.
[Also, consider the inclusion of an aggregate cap for multiple events.]
This limitation does not apply in relation to liability for:
a)
personal injury, including sickness and death;
b)
loss of, or damage to, tangible property; or
c)
an indemnity provided under this Services Agreement.
In no event shall a Party that incurs liability for a Cause of Action be

liable for any indirect or consequential loss or damage or loss of
revenue, profits, goodwill, bargain or opportunities or loss or
corruption of data or loss of anticipated savings incurred or suffered
by the other Party whether caused by negligence or otherwise or
whether or not the first Party was or should have been aware of the
possibility of such loss or damage.
In this clause, Cause of Action means a breach of this Services
Agreement or any other common law or equitable statutory cause of
action arising out of the operation of this Services Agreement.
This clause survives the expiry or termination of this Services
Agreement.
9.
Confidential Information
[Insert requirements for the treatment of confidential information

may require the creation of a schedule of confidential information for
both parties and a cross reference to the schedule.]
10.
Privacy
[Insert privacy requirements. It is a requirement of the Gatekeeper

Head Agreement to repeat the full relevant detailed privacy provisions
as set out in that agreement for all subsequent contracts entered into
by the Service provider.]
10

February 2009
11.0Minimum Insurance Requirements

1.10.
Minimum level of insurance
[Insert description of minimum insurance required]
1.11.
Evidence of insurance
[Insert description of evidence of minimum insurance required]
1.12.
Absence of insurance
The Service Provider will immediately advise the Agency if at any time
during the term of this Services Agreement the Service Provider
ceases to have the benefit of an insurance policy as required in clause
[cross reference to above clauses], whether through cancellation,
lapse or otherwise.
12.
0Variation of Agreement
This Services Agreement shall only be varied by way of a deed of

variation signed by the parties.
13.
1.13.
0Assignment and Novation

No assignment without consent
Neither party shall assign the whole or part of this Services

Agreement without the prior written consent of the other party, which
shall not be unreasonably withheld.
1.14. No assignment without approval of the Gatekeeper

Competent Authority
Neither party shall assign the whole or part of this Services
Agreement without the prior written approval of the Gatekeeper
Competent Authority, in accordance with the Head Agreement
between the Service provider and the Gatekeeper Competent
Authority.
1.15.
No obligation to consent to novation
Where the Service Provider proposes to enter into an arrangement

that will require novation of this Services Agreement, it shall consult
with the Agency within a reasonable period prior to the proposed
novation. The Agency shall not be obliged to consent to any
novation.
14.
0Waiver
The failure of either party to enforce this Services Agreement shall in

no way be interpreted as a waiver of its respective rights under the
Services Agreement.
11

February 2009
15.
0Entire Agreement
This Services Agreement constitutes the entire agreement between

the parties and supersedes all prior representations, agreements,
statements and understandings relating to its subject matter, whether
verbal or in writing.
12

February 2009
0Notices
16.
1.16.
Addresses of the parties
A notice or other communication is properly given or served if the

party delivers it by hand, posts it or transmits it by electronic mail or
facsimile, to the address of the relevant officer, marked to their
attention, as set out in Address Schedule [XX] to this Agreement.
Change of address
1.17.
Each party shall advise the other of any change in the address or the
identity of the relevant officer.
1.18.
Deemed receipt of communications
A notice or other communication is deemed to be received if:

a)
sent by post, at the time it would have been delivered in the

ordinary course of the post to the address to which it was
sent; or
b)
sent by facsimile, at the time which the facsimile machine to

which it has been sent records that the communication has
been transmitted satisfactorily (or, if such time is outside
normal business hours, at the time of resumption of normal
business hours);
c)
sent by electronic mail, only in the event that the other party
acknowledges receipt by any means;
d)
sent by any other electronic means, only in the event that the
other party acknowledges receipt by any means; or
e)
delivered by hand, the party who sent the notice holds a

receipt for the notice signed by a person employed at the
physical address for service.
17.
1.19.
0Termination
Termination for default
[This section should define those breaches that would be considered

default, any rectification requirements, and the process for
terminating the agreement following default, failure to rectify, or
other causes.]
1.20.
Termination on notice
This Services Agreement may be terminated during the term of the

Agreement by either party upon giving [insert period] days notice of
the termination to the other.
13

February 2009
1.21.
Effect of termination
If this Services Agreement expires or is terminated:

a)
The accrued rights of the parties; and
b)
A Contract created under this Services Agreement
Remain unaffected except to the extent that the expressly agree

otherwise.
18. Dispute Resolution

[This section might include any dispute resolution processes that the
parties agree to utilise]
14

February 2009
Schedule 1: Addresses of the Parties

Address of the Agency
Physical address
Postal address
Phone number
Fax number
Email address
Address of the Service Provider

Physical address
Postal address
Phone number
Fax number
Email address
15

February 2009
Schedule 2: Services to be provided

Scope
This Services to be Provided Schedule details the agreed Services
to be provided under this Services Agreement.
Definitions
[Insert any appropriate definitions not covered elsewhere in the
agreement]
Table of Services
[Insert detailed table of Services including sub-categories of services
to be provided.]
Services [Example only]
Certificates
Certificate details
Number of Certificates (bulk purchase of
Certificates is possible under the push
model in a deployment)
Certificate Issue Exact role of Service Provider in certificate

issuance (multiple models available in
deployments)
Certificate
Renewal and
Revocation
Exact role of Service Provider in certificate

renewal and revocation (multiple models
available in deployments)
Certificate
Management
Bulk certificate management arrangement

or per seat life cycle arrangement
Validation
Service
CRL or OCSP arrangements, receipt

requirements etc.
Tokens
Some deployments may include the

provision of tokens as part of the service
Type of tokens, number of tokens etc.
Token
Management
Where relevant, management of token

issuance and renewal, including lost and
malfunctioning tokens may be part of the
service
Help Desk
Division of help desk responsibilities

between the Service Provider and the
Agency (phone, web, SMS etc.)
Records
The service may include records
Management and management and reporting requirements
Reporting
16

February 2009
Installation
software
The service may include the provision of

installation software (e.g. CD ROMs)
Training
The service may include the provision of

basic training (e.g. installation training for
users)
17

February 2009
Schedule 3: Fees
Scope
This Fees Schedule details the fees and fee payment terms for the
Services.
Definitions
agreement]
Currency
[Insert currency in Australian dollars for calculation of all fees]
Terms of payment
[Insert terms of payment and consequences for late payment]
Taxes
[Insert any specific terms relating to taxes]
Table of fees
[Insert detailed table of fees that apply to each component of the
services.]
18

February 2009
Schedule 4: Service Level Agreement

Scope
This Service Level Agreement Schedule details the system
availability and customer support terms for the Services.
Definitions
agreement]
Service Availability
This can be described in a table. Issues to cover will vary depending
on the Services, but might include:
Minimum availability
Measurement
Scheduled down time arrangements
Customer Support
This can be described in a table. Issues to cover will vary depending
on the Services, but might include:
Severity Measurement
Response times
Escalation
19

February 2009
Schedule 5: Signing Page

In witness whereof the parties to this Services Agreement have
executed the Agreement as at the date first written.
Signed for and on behalf of the [Agency]
By [insert name of the
Agency]
[signature of Agency
representative]
In the presence of [insert

name of witness]
[signature of witness]
Execution by the Service Provider (where the Service

Provider is a corporation)
[insert name of Service
Provider]
[affix common seal below]
[insert ACN/ABN]
At [insert name of city or
town]
In the State of [insert name of
state or territory]
By [insert name of director]
[signature of director]
In the presence of [insert
name of secretary or other
permanent officer]
20

February 2009
Execution by the Service Provider (where the Service Provider

is a natural person)
Provider]
[insert ACN/ABN]
At [insert name of city or town] In the State of [insert name of

state or territory]
By [insert name of director]
[signature of director]
In the presence of [insert name

of witness not a party to this
Services Agreement]
Execution by the Service Provider (where the Service Provider
is a partnership)
Provider]
[insert RBN, ABN or partnership

number]
At [insert name of city or town] In the State of [insert name of

state or territory]
By [insert name of partner]
[signature of partner]
In the presence of [insert name

of witness not a party to this
Services Agreement]
21

February 2009

Services Agreement Template

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Services Agreement Template

Uploaded by

Copyright:

Available Formats

Department of Finance and

GATEKEEPER PKI FRAMEWORK

Department of Finance and Deregulation