Oversight provides IOD as a Software as a Service (SaaS) offering, complete with the required hosting and support services as simply and as consistently as possible. Oversight reserves the right to modify this IOD Hosting Guide from time to time; provided, however, such modifications will not adversely affect the Services. Modifications will be posted to http://www.oversightsystems.com/exhibit-1 and a notice will be given to Client by its Account Manager.
- 12 x 5 access to product experts in our Customer Support Center via telephone and email
- 24 x 7 Customer Support Center access for production-down incidents
- Proactive support incident management
- Product updates, including functionality enhancements
- Defect resolution and problem correction
- On-line support and training resources
- SSAE-16 certified including vendors
- Web access to the IOD Service
- Access control ensuring segmentation of data by customer
- Automatic Data acquisition and relevant contingencies in the case of transmission failure
- Business Continuity and Disaster Recovery services
Client Support Center
Customers have two methods of creating, modifying and monitoring a support incident with the Customer Support Center (“CSC”):
|Direct Dial||+1 770-984-4656|
*Note: Production Down and critical severity issues must be called into the CSC for Service Level credit purposes.
CSC standard hours of operation are Monday through Friday (US national holidays excluded), from 8:00 A.M. to 8:00 P.M. Eastern Time (US).
When you have a question or encounter a problem or error, contact the CSC. All contact with the CSC is logged in Oversight’s call tracking system. Each issue is assigned a unique Incident Number that enables the CSC to track and communicate the status and progress of the incident. The CSC works to proactively manage the incident.
Incident Severity and Response Targets
Upon communication of the request, the CSC engineer will work with the customer to assign an appropriate severity level, based on how the incident impacts the customer’s business operations.
Incident Workaround and Resolution Targets
When an incident is reported, Oversight’s objective is to find a satisfactory solution as soon as possible.
The following table outlines the expected initial response and workaround/resolution targets for the different levels of severity:
Initial Response Target
Workaround / Resolution Target
0 - Production Down
Service* is not available.
1 - Critical
Severe impact on customer operations that cannot be circumvented, or where the fault prohibits customer from performing a critical business function.
1 business day
2 - High
Serious problem where service is partially interrupted or impaired, but can be circumvented.
3 - Medium
Problem has medium impact on business function, and can be circumvented.
4 - Low
Problem has low impact on business function, and can be circumvented.
*Does not apply to Development or Test systems
Incident Initial Response Target – Oversight will meet the Incident Initial Response Target 95% of the time. Production Down and critical severity issues must be called into the CSC to meet response targets.
After Hours Support
Outside the 12x5 support period, customers may contact the CSC at any time. Severity 0 (Production Down) incidents called in during non-business hours will receive an initial response within an hour; other contacts made during non-business hours will be responded to the next business day, based on severity.
Proactive Incident Updates
Customers will receive ongoing progress updates on each outstanding incident. The Oversight CSC expert assigned to the incident will monitor and communicate to the customer the progress of resolution, based on the assigned severity level. Regular proactive communication will continue until a resolution is reached. The following table outlines the timeline for proactive contact:
|Severity of Business Issue||Workaround Target|
|0 - Production Down||Hourly|
|1 - Critical||Every 8 business hours*|
|2 - High||Every 2 business days*|
|3 - Medium||Every 5 business days*|
|4 - Low||As required|
*If requested by the customer
Oversight and Client Responsibilities
- Handling of Non-Defect Requests
Client suggestions for enhancements or improvements to functionality are appreciated and will be forwarded to the Oversight’s Product Management team for consideration in future releases.
- Notice of Emergency Maintenance
Oversight will use reasonable efforts to provide 24 hours prior notice for emergency maintenance to the Service. The notice will specify the expected duration and impact of the outage.
- Software Support
Oversight will determine which version of Oversight software that is used. Oversight will proactively provide software defect resolution and periodic point release updates containing all generally available error corrections.
- Providing Designated Support Contacts
The customer will be asked to designate named contacts that have the ability to add, modify or disable authorized users from the Service.
- Provide Acceptable Input Data
When Data is provided in a means other than by an established Oversight partner connector, Client is responsible for providing correct, consistent and complete Client input data that can be successfully processed by the Service. Approved methods are:
- Secure File Transfer Protocol (SFTP) directly to Oversight
- Client authorizing its financial institution or card provider to SFTP data directly to Oversight
- Utilizing an Oversight Partner Connector
- Problem Description
If an issue is reported to the CSC, Oversight requires a clear and definitive description of the problem. This includes describing what was expected to happen, what is actually happening, and why it is considered to be a problem. Information describing the situation in which the problem occurs is also needed.
Oversight Hosting Services
Service Availability and Business Continuity
Oversight uses industry standard technology and solid operational processes and procedures dedicated to provide business continuity and maintain availability of the Insights On Demand Service. Oversight will perform daily and weekly back-ups of Data. Daily back-ups are stored on site and weekly backups are securely transferred from the primary data center from which the Service is provided to the Disaster Recovery (DR) site. Oversight reserves the right to delete Data sixty days following termination of this Agreement without further notice to Client.
Oversight performs system and software maintenance during periods when users will not be substantially impacted, typically at night or on weekends. Oversight’s planned standard maintenance windows are each week 12:01 a.m. through 4:00 a.m. Saturday Eastern time and during the third week of each month between 6:00 P.M. Saturday and 6:00 A.M. Sunday, Eastern time (US). Planned standard maintenance activity and planned outages are not included in calculation of availability. Oversight reserves the right to do emergency maintenance for events such as correcting significant security vulnerabilities or other catastrophic issues affecting multiple customers.
Data Availability within the Service
As long as Customer is current on a subscription for the applicable Service, (i) exceptions and the data that generated the exception(s) will be available within the Oversight Service for five (5) years from the original transaction date; and (ii) data that did not generate an exception will be available for eighteen (18) months from its original transaction date (collectively, the “Data Availability Period”). After expiration of the Data Availability Period, Data may be purged from the Oversight Service.
Oversight Service Level Targets
Oversight’s Service will meet the following service level targets. Unless otherwise specified, availability service levels will be measured monthly.
- Insights On Demand Services Availability – Will be available to users 99% or more of the time measured monthly excluding planned outages. The Service is considered to be Available when any authorized user can successfully log-in and perform a reasonable portion of the available user actions.
- Incident Initial Response Time – Oversight will meet the Incident Initial Response Time 95% of the time measured monthly.
- Disaster Recovery Response Time – Oversight will restore system operations within 5 business days of initiating Disaster Recovery. Oversight maintains a Business Continuity Plan that covers non-disaster situations and a Disaster Recovery Plan that covers disaster situations.