Skip to main content
Book a call — £89
Menu

IT Outsourcing Agreement UK: Key Terms Explained

We're not a law firm — we help you find the right legal support. For advice on your situation, speak to a legal adviser or find a solicitor.

Part ofLegal Templates

Written by Brad Askew Solicitor (non-practising)
Brad is on the roll of solicitors of England & Wales but does not hold a practising certificate and does not provide legal advice.
Updated June 2026 · England & Wales
Handing over part or all of your IT function to an external provider is one of the bigger commercial decisions a business can make. Get the contract right and you free up internal resource, tap into specialist skills, and often cut costs. Get it wrong and you can find yourself locked into a supplier who controls systems you depend on every day. An IT outsourcing agreement is the document that sets the ground rules for that relationship, covering what the provider will deliver, how performance is measured, what happens to staff and assets, and how either side can exit cleanly. This guide walks through the main sections you'll encounter, the points most worth negotiating, and the practical questions I see UK businesses wrestle with before they sign. It's aimed at directors, operations leads, and in-house teams who want a straight-talking overview rather than a clause-by-clause legal lecture.

What this document is

An IT outsourcing agreement is a commercial contract between a customer (the business buying the service) and a supplier (the provider taking on the work). It covers the transfer or delivery of IT services, which can range from running a single application, through managed infrastructure and helpdesk support, to full outsourcing of an entire IT department including staff, hardware, and software licences.

These contracts tend to be longer and more detailed than a standard supply agreement because the customer is usually dependent on the supplier for systems that keep the business running. The document typically sets out the scope of services, service levels, pricing, governance arrangements, obligations on both sides, data protection duties under UK GDPR, intellectual property rights, and the terms on which the arrangement can end.

Where staff transfer across with the services, TUPE regulations often apply, which adds another layer of complexity. A well-drafted agreement balances commercial flexibility with enough protection to avoid nasty surprises several years in.

How to use this document

  1. Map what you actually want to outsource. Before drafting anything, list the services, systems, and teams involved. Decide whether you're outsourcing a discrete function like email hosting, or a broader slice such as all end-user support, or the whole IT estate. The clearer your internal picture, the easier it is to describe the scope in the contract and avoid arguments later about what's in and what isn't. 2. Agree service levels and measurement. Service Level Agreements (SLAs) are the backbone of the contract. Work out which metrics genuinely matter to your business, for example uptime, response times, resolution times, and how they'll be measured and reported. Think carefully about service credits or remedies when targets are missed, and make sure the numbers reflect real operational impact rather than arbitrary percentages. 3. Deal with staff, assets, and third-party contracts. If employees will move to the supplier, TUPE is likely to apply and you'll need proper consultation and information-sharing. The agreement should also cover which hardware, software licences, and supplier contracts transfer across, who pays for what, and how any novation or assignment will be handled. This section often gets underestimated and causes the most friction during transition. 4. Build in governance and change control. Long-term IT contracts never sit still. Agree how the parties will meet, who sits on steering or operational committees, how changes to services or pricing get approved, and how disputes are escalated. A sensible governance model prevents minor issues from becoming relationship-ending problems and gives both sides a forum to adapt as the business evolves. 5. Plan the exit before you sign. The single most important section is often the one people think about last. Termination assistance, data return, knowledge transfer, and cooperation with any replacement supplier should all be pinned down at the start, when you have negotiating leverage. Without clear exit terms, you can find yourself stuck with a provider simply because leaving is too painful.

Common questions

If you're dealing with this kind of situation, speak to an experienced legal adviser who can walk you through it — from £89.

Common questions

Q What's the difference between full and selective IT outsourcing?
Full outsourcing means handing over your entire IT function, including people, equipment, and operations, to a single supplier. Selective outsourcing covers one part of the estate, such as cloud hosting, cybersecurity monitoring, or helpdesk. Most UK businesses start with selective arrangements and expand over time. The contract structure is broadly similar, but full outsourcing involves much more detail around staff transfers, asset migration, and transition planning.
Q Does TUPE apply when we outsource IT services?
It often does. The Transfer of Undertakings (Protection of Employment) Regulations can apply where an identifiable group of staff is assigned to the work being outsourced. Affected employees generally transfer to the new provider on their existing terms. Getting TUPE wrong creates real legal and financial risk, so it's worth taking specialist employment input early rather than assuming the regulations don't bite.
Q Who owns the data and any software developed during the contract?
Ownership depends on what the agreement says, so this needs negotiating rather than leaving to chance. Customer data almost always stays with the customer, and the supplier is given limited rights to use it to deliver the services. Intellectual property in bespoke developments, configurations, or tooling varies. Some contracts give ownership to the customer, others grant a perpetual licence instead. Clarity here avoids awkward conversations at exit.
Q How long should an IT outsourcing agreement run for?
Terms commonly sit between three and seven years, with break points or renewal options along the way. Longer terms can unlock better pricing because the supplier recovers transition costs over more years. Shorter terms give you flexibility if the market or your needs change. Build in review points so pricing, scope, and service levels can be refreshed without having to tear up the whole contract.
Q What happens to our data protection obligations?
Under the UK GDPR and Data Protection Act 2018, the customer usually remains the data controller and the supplier acts as a processor. The contract must include specific processor terms covering security, subprocessing, international transfers, breach notification, and return or deletion of data at the end. The Information Commissioner's Office publishes guidance on what processor contracts need to contain, and this is an area regulators look at closely.
Q Can we terminate early if the supplier performs poorly?
Only if the contract lets you. Most agreements allow termination for material breach, insolvency, or persistent failure to meet service levels, but the thresholds and notice periods vary widely. Termination for convenience, which lets you walk away without cause, usually comes with a fee. Review these clauses carefully before signing because they determine how trapped you are if the relationship goes wrong.
Q How should pricing be structured?
Common models include fixed fees, time and materials, consumption-based pricing (pay for what you use), and hybrid arrangements. Each has trade-offs. Fixed fees give budget certainty but can be inflexible. Consumption pricing matches cost to actual use but makes forecasting harder. Whichever model you pick, include clear rules on indexation, benchmarking against the market, and how additional or reduced services affect the charges.
If you're dealing with this kind of situation, speak to an experienced legal adviser who can walk you through it — from £89.

Sources

This guide is based on primary UK law and official guidance.

Brad Askew, Solicitor (non-practising)

Written & reviewed by

Brad Askew Solicitor (non-practising)

Brad is on the roll of solicitors of England & Wales but does not hold a practising certificate and does not provide legal advice. LegalDocuments.co.uk is not a law firm and does not provide regulated legal advice.

Full profile →SRA register ↗
Legal disclaimer
This article is for general information only. It is a tool to help you find your way — not legal advice, and not a substitute for speaking to a qualified adviser about your situation.