25.8 VITA recommendations for a successful IT contract

25.8.4 Source code escrow

If there is a potential need to obtain source code for an application if the supplier is unable to support it (bankruptcy, cessation of support of the product, etc.), the contract should provide for a source code escrow. Source code escrow provisions should identify the escrow agent, when must supplier make escrow deposits (initial and on-going), the triggers under which the escrow agent will release the source code to the agency (insolvency, failure to support, sunset of the application, breach by supplier, etc.) and any and all payment terms. Source code escrow must contain all documentation and runtime files necessary for compilation. Testing of the deposited source code (including later release versions) is strongly recommended. The supplier will have its own agent and escrow agreement form. Agencies should carefully review any such agreement before incorporating it into the contract or signing it. Ideally, an escrow agreement should be negotiated prior to contract execution so the agency can uphold its best interests on behalf of the Commonwealth. Visit SCM's website at this URL: SCM Policies & Forms and select "Guidance on Source Code Escrow" from the Tools menu for additional information and language related to escrow.