Why Contract Review Is a Commercial Priority
Enterprise software contracts are not standard legal documents with minimal commercial implications. They are commercial instruments that determine your total cost of ownership, your operational flexibility, and your exposure to financial risk for the entire contract term — often 3–5 years.
Most organisations treat contract review as a legal exercise: the lawyers check for liability caps, governing law, and indemnification. Commercial and procurement teams often assume legal review catches the important issues. It doesn't — because most of the clauses that create financial exposure are technically legal; they're just commercially toxic.
The IT contract negotiation strategy that produces the best outcomes treats contract review as a commercial exercise first and a legal one second. The questions are: what does this clause allow the vendor to do, how likely are they to do it, and what does it cost us if they do?
Free Guide
IT Vendor Contract Clauses Checklist
22 must-have contract clauses for enterprise software deals — covering pricing caps, audit rights, and exit provisions.
The Core Problem: Vendor contracts are designed to maximise vendor flexibility and minimise buyer flexibility. Every clause that seems neutral or standard was written by someone whose job is to protect vendor interests. Your job is to find which ones create unacceptable commercial risk — and fix them before you sign.
The 12 Red Flags to Catch Before Signing
Uncapped Price Escalation Clauses
Language such as "prices may be adjusted annually in line with market conditions" or "vendor reserves the right to adjust pricing with 30 days notice" gives the vendor unlimited pricing authority at renewal. This is how $2M contracts become $4M contracts three years later.
Negotiate explicit escalation caps — typically CPI (Consumer Price Index) or a fixed percentage, whichever is lower, with a hard maximum of 3–5% annually. See our detailed guide on negotiating price escalation caps.
Auto-Renewal with Long Notice Periods
"This agreement automatically renews for successive one-year terms unless either party provides written notice of non-renewal not less than 180 days prior to the end of the current term." Six months notice to cancel means you must start your renewal evaluation 7–8 months before expiry or you lose all leverage.
Stay Ahead of Vendors
Get Negotiation Intel in Your Inbox
Monthly briefings on vendor pricing changes, audit trends, and contract tactics. Unsubscribe any time.
No spam. No vendor affiliations. Buyer-side only.
Push for 30–60 day notice periods and removal of auto-renewal entirely, or replace it with explicit renewal confirmation requirements. This is critical to maintaining negotiation optionality.
Broad Audit Rights
"Vendor may audit Customer's use of the Software at any time with 5 business days notice." Broad audit rights are the primary mechanism for post-sale revenue recovery. They also create significant operational disruption and can be used as commercial leverage when you're trying to negotiate a renewal.
Limit audit frequency (once per 12 or 24 months), require minimum notice periods (30–60 days), cap retroactive liability periods (12–24 months), require that auditors are independent third parties, and prohibit use of audit findings as justification for price increases in current-term negotiations.
Assignment and Change of Control Clauses
"This Agreement may not be assigned by Customer without Vendor's prior written consent." If you're ever acquired, merge with another company, or undergo corporate restructuring, this clause gives the vendor grounds to terminate your contract or demand commercial renegotiation as a condition of consent.
Negotiate mutual assignment restrictions (vendor also needs your consent for assignment) and carve out intra-group transfers, mergers, and acquisitions. Limit vendor's ability to withhold consent without cause.
Unilateral Terms Modification
"Vendor reserves the right to modify these terms upon 30 days notice. Continued use of the software constitutes acceptance." This language — common in SaaS agreements — allows vendors to change material terms, including pricing, usage restrictions, and data rights, without genuine consent.
Require mutual written agreement for all material changes. Define "material" specifically to include pricing, data rights, feature availability, and usage restrictions. For enterprise agreements, this should be non-negotiable.
Data Portability and Deletion Gaps
Contracts that don't specify data return formats, timelines, or costs create vendor lock-in as a contractual reality. If you can't export your data in a usable format, switching becomes practically impossible regardless of your commercial motivation.
Require contractual commitments to data export in standard formats within specified timeframes (typically 30 days of termination), at no additional cost, with secure deletion confirmation. Include provisions for data access during any wind-down period.
Indirect Use / Third-Party Access Definitions
Particularly relevant for Oracle and SAP — broad definitions of "use" that include indirect access via integrations, third-party tools, or partner systems. You may be running software in a technically compliant way while your integration architecture creates audit exposure worth millions.
Define indirect use explicitly, specify which integration scenarios are covered within your licence, obtain written confirmation of compliant deployment before signing, and include contractual protection against retroactive indirect use claims for the current architecture.
Termination for Convenience Restrictions
Many enterprise contracts don't include termination for convenience rights for the buyer, or limit them to specific windows. If you can't exit the contract without cause, you're locked in regardless of vendor performance, product quality, or business change.
Negotiate mutual termination for convenience rights with defined notice periods (90–180 days) and reasonable wind-down provisions. For multi-year contracts, consider termination for convenience after year one or two with graduated penalties.
Weak SLA Remedies
"In the event of a service level failure, Customer's sole remedy shall be a service credit equal to one day's subscription fee." SLA credits that represent fractions of daily subscription cost provide no real incentive for the vendor to maintain service levels and no real relief for the buyer when they're breached.
Negotiate meaningful credit percentages (typically 10–25% of monthly subscription per breach event), monthly caps on total credits (30–50%), and termination rights for persistent SLA failure. See our guide on SLA negotiation in software contracts.
Intellectual Property Assignment Overreach
"Customer grants Vendor a perpetual, irrevocable licence to all data, content, and configurations created using the Software for the purpose of product improvement and model training." This clause, common in AI-enabled SaaS tools, gives vendors rights to your proprietary business data and competitive intelligence.
Require explicit opt-out from training data programmes, limit vendor use of your data to service delivery only, require deletion of any training data derived from your usage upon termination, and include confidentiality protections that cover derived insights.
Benchmark and MFN Exclusions
Some contracts explicitly prohibit benchmarking the vendor's pricing against market alternatives, or contain "most favoured customer" language with so many exceptions that it provides no real protection. These clauses are designed to prevent exactly the competitive pressure that drives good pricing.
Remove anti-benchmarking restrictions entirely. If MFN clauses are offered, require that they cover like-for-like commercial terms with minimal exceptions, with an obligation to apply lower pricing within 30 days of discovery.
Liability Cap Asymmetry
"Vendor's liability shall not exceed the fees paid in the prior 3 months." A 3-month liability cap on a $5M annual contract means the vendor's exposure for catastrophic failure — data loss, security breach, extended outage — is capped at roughly $1.25M. For enterprise buyers, this is completely disproportionate to actual risk.
Negotiate minimum 12-month fee liability caps as a floor, with carve-outs for uncapped liability on data breaches, gross negligence, and wilful misconduct. For critical systems, consider requiring appropriate insurance coverage as a contract condition.
How to Use This Checklist in Negotiation
The 12 flags above are not equally dangerous — the risk depends on your vendor, your contract value, and your usage pattern. Prioritise based on likelihood of harm and financial exposure. An uncapped escalation clause on a $10M Oracle contract is a first-priority issue. An anti-benchmarking clause on a $50K SaaS tool is a fifth-priority issue.
The best approach is to run this checklist during contract review alongside your legal team, score each flag by likelihood and impact, and bring the top 3–5 issues into commercial negotiation explicitly. Framing them as commercial risks — not legal objections — is generally more effective and keeps the conversation with business stakeholders who have authority to move.
For guidance on the broader negotiation approach, read our IT contract negotiation strategy guide. For the psychological dimension of pushing back on vendor standard terms, see psychology of software negotiation.
Important: This checklist covers commercial risk, not legal advice. Always involve qualified legal counsel in enterprise contract review. The goal of commercial review is to identify the clauses that create financial exposure before legal finalisation — not to replace legal analysis.
Have Concerns About Your Software Contracts?
IT Negotiations conducts independent contract risk reviews for enterprise buyers — identifying and resolving commercial red flags before you sign. Our advisors have reviewed contracts across all major enterprise software vendors.
Talk to an Advisor →