MSP Terms + Conditions
Last revised: May 26th, 2025
1. PURPOSE
Provider agrees to deliver Managed Security & Compliance Services to Client in accordance with the terms of this Agreement to support Client’s governance, risk, and compliance obligations.
2. SERVICES PROVIDED
Provider will deliver the selected Managed Services based on the selected package (Lite, Espresso, or Luxe):
For full bundle details please refer to: https://www.grcconcierge.com/mspofferings
Included Monthly Service Hours:
Each program tier includes dedicated monthly hours for compliance support and advisory:
Lite: 9 hours/month with a GRC Engineer
Espresso: 15 hours/month with a GRC Engineer
Luxe: 20 hours/month with a GRC Engineer and 6 hours/month with a vCISO
These hours are intended for flexible use across documentation, audits, vendor reviews, tooling support, and advisory tasks. Unused hours do not roll over unless otherwise agreed in writing.
Renewal of Scope:
Any additional services outside the managed service offering will require a separate agreement.
Renewal of Scope:
Any additional services outside the managed service offering will require a separate agreement.
3. TERM & TERMINATION
The initial term of this Agreement is 12 months from the Effective Date, with automatic renewal for successive 12-month terms unless either party provides 60 days' written notice of non-renewal.
Either party may terminate this Agreement with 60 days' written notice for convenience.
Termination for cause may occur immediately if there is a material breach of the Agreement, including failure to meet service obligations.
4. FEES & PAYMENT TERMS
Payments are due within 30 days of the invoice date.
Late payments may incur interest at 1.5% per month.
5. CLIENT RESPONSIBILITIES
Provide access to necessary systems, tools, and documentation required for service delivery.
Designate a primary point of contact for compliance-related matters.
Ensure timely responses to Provider’s requests for information or approvals.
6. SERVICE LEVEL AGREEMENT (SLA)
Support Hours: Monday – Friday, 9 AM – 5 PM EST.
Response Times:
High Priority (Security Incident): Response within 2 hours.
Medium Priority (Compliance Support): Response within 1 business day.
Low Priority (General Inquiry): Response within 2 business days.
7. Authorization to Use Third-Party Software Tools
By signing this Agreement, Client authorizes Provider to utilize trusted third-party software tools (“Authorized Tools”) to perform services under this Agreement, including but not limited to vulnerability scans, penetration tests, and related security assessments.
Provider represents that:
All Authorized Tools used are industry-recognized and comply with applicable data protection and cybersecurity regulations.
Scans and tests will be conducted in a secure, controlled, and ethical manner.
Data collected through these tools will be used solely for the purpose of delivering services outlined in this Agreement and will be handled in accordance with Section 8 (Confidentiality).
Client acknowledges that some tools may operate from cloud-based or external infrastructures and consents to such usage as necessary to deliver the services.
8. Operating Name
The parties acknowledge that WCS North America Inc. is operating under the brand name “GRC Concierge” for the purposes of this Agreement. All obligations, liabilities, and rights under this Agreement shall be binding upon and enforceable with WCS North America Inc.
9. CONFIDENTIALITY
All parties agree to maintain the confidentiality of all non-public information shared during the engagement, in accordance with applicable data protection laws.
10. LIABILITY LIMITATIONS
Provider’s liability under this Agreement shall not exceed the total fees paid by Client in the preceding [6] months.
Provider shall not be liable for indirect, incidental, or consequential damages.
11. GOVERNING LAW & DISPUTE RESOLUTION
This Agreement shall be governed by the laws of Ontario, Canada. Any disputes shall be resolved through mediation before proceeding to litigation.
Upon signing of contract, the parties hereto have executed this Agreement.