Straight Answers.
No Vendor Spin.

A BAU (Business as Usual) / project boundary is the contractual definition of where managed services end and separately-scoped project work begins. It is one of the most commercially significant provisions in any managed services contract. Without a clearly defined BAU/project boundary, vendors can classify routine operational work as project work and bill separately for it — often generating professional services revenue that equals or exceeds the managed services contract value over a multi-year term.

ARC (Added Resource Charge) and RRC (Reduced Resource Charge) are the commercial mechanisms that govern how pricing changes when consumption volumes rise or fall beyond agreed thresholds. The contracted baseline and deadband define the range within which the monthly fee remains fixed. Outside that range, ARC applies when consumption increases and RRC when it decreases. Poorly designed ARC/RRC structures — particularly symmetric deadbands applied to fixed-floor service towers — are one of the most common sources of commercial disputes in managed services engagements.

Managed services vendors recover significant margin through professional services revenue generated from work that falls outside the managed services scope. The primary mechanisms include: undefined BAU/project boundaries that allow vendors to classify operational work as project work; change orders for moves, adds, and changes not covered by the base contract; transformation and integration work triggered by business events such as acquisitions; and technology refresh projects. In many engagements, professional services revenue over a five-year term exceeds the contracted managed services value — which is why defining the BAU/project boundary precisely is one of the most commercially important things a buyer can do.

The outsourcing generation framework describes where an organisation sits on the maturity curve of technology outsourcing. First-generation organisations are moving from fully in-house IT to their first managed services engagement — they typically have manual processes and high potential for automation-driven savings. Second-generation organisations have completed at least one outsourcing cycle. Third-generation organisations have highly optimised, heavily automated environments with limited remaining savings potential. Understanding your generation position is essential before building a business case, because the savings achievable from outsourcing are directly determined by where you start — not by the vendor's proposal.

Beyond the proposal narrative, buyers should examine: financial stability through three years of audited accounts; actual transition performance from comparable engagements; the specific individuals who will deliver the engagement (not just those presented during the sales process); the automation rate across comparable clients; the professional services rate card and assumptions; the SLA measurement methodology and exclusion clauses; and the BAU/project boundary definition. Generic RFP questions produce generic answers — the most commercially revealing questions are those that ask vendors to commit to specifics they would prefer to leave ambiguous.

An SLA that creates genuine vendor accountability requires four elements: measurement methodology the buyer controls or independently verifies; exclusion clauses narrow enough that real-world incidents are not automatically excluded; remedy structures that escalate proportionally to the severity and persistence of failure; and credit caps high enough to create real financial consequence — typically a minimum of 15% of the monthly fee at the first remedy level, escalating to step-in rights and termination for cause at higher levels. An SLA credit that costs the vendor less than the service improvement it is designed to motivate is not a remedy — it is a cost of doing business.

The provisions most commonly missing include: a precise BAU/project boundary definition with a MAC classification framework; a professional services rate card with capped rates for the contract term; asymmetric deadband structures that distinguish between elastic and fixed-floor service towers; an innovation clause requiring the vendor to invest in continuous improvement; named personnel provisions for key delivery roles; transition assistance obligations that survive contract termination; step-in rights at the buyer's election when performance deteriorates; and explicit AI training data prohibition clauses for AI-enabled services. Contracts written by vendors for vendors rarely include these provisions.

A well-run managed services procurement typically takes 6-9 months from initial requirements definition to contract signature for a mid-market engagement. The timeline breaks down approximately as: environment assessment and requirements definition (4-6 weeks); RFP design and issuance (2-3 weeks); vendor response period (4-6 weeks); evaluation and shortlisting (3-4 weeks); oral presentations and due diligence (2-3 weeks); preferred vendor selection and negotiation (4-8 weeks); contract finalisation (2-4 weeks). Compressed timelines driven by internal deadlines consistently produce worse commercial outcomes — vendors are experienced at using buyer time pressure to reduce negotiating flexibility.

Compliance coverage means the MSSP contractually commits to maintaining your compliance with specific regulatory frameworks — and bears commercial consequences if that compliance is breached. Compliance assistance means the provider helps you work toward compliance but does not guarantee it. Most MSSP standard contracts offer compliance assistance framed in language buyers interpret as coverage. In the event of a compliance failure, a buyer with assistance provisions has no contractual recourse against their MSSP, while a buyer with explicit coverage provisions does.

A fractional CxO is an experienced C-level executive — such as a Chief AI Officer, CTO, CIO, CISO, CFO, CMO, or COO — who works with an organisation on a part-time, embedded basis for a defined number of days per month. Fractional CxO arrangements give organisations access to senior executive leadership without the cost, commitment, or recruitment timeline of a full-time hire. They are particularly valuable during transformation periods, when specific expertise is needed for a defined period, or when an organisation is not yet at the scale to justify a full-time C-level position.

A Fractional AI Officer (CAIO) provides part-time embedded AI leadership covering: AI strategy and roadmap development; vendor evaluation and selection; governance framework design; implementation oversight; regulatory compliance management including EU AI Act requirements; and board-level AI reporting. A Fractional AI Officer brings the commercial and technical depth to AI decisions that most organisations currently lack — including knowledge of how AI vendors structure their commercial models, where training data rights provisions create risk, and what governance structures actually protect organisations when AI systems fail or evolve.

The four signals that indicate a Fractional AI Officer engagement is needed are: AI decisions are being made by IT teams or business unit leaders without a coordinated strategy or governance framework; you are evaluating AI vendors and don't have independent commercial expertise to assess the proposals; AI initiatives are running without delivering clear results and no senior leader owns them; or your board is asking AI governance and competitive positioning questions that require strategic answers rather than IT updates. If any of these describe your situation, the conversation about fractional AI leadership is worth having.

Fractional CxO engagements at Quantum Tech Advisors are structured as monthly retainers with a defined number of embedded days per month agreed upfront based on scope. The day count is adjusted at quarterly review as priorities evolve. Engagements typically run for an initial six-month term with quarterly renewal thereafter. Delivery is a combination of on-site and remote, structured around your leadership calendar and key decision points.

Quantum Tech Advisors offers fractional leadership across six C-level roles. Fractional AI Officer (CAIO) and Fractional CTO engagements are led directly by Kevin Cartwright. Fractional CIO and CISO engagements are also led by Kevin Cartwright directly. Fractional CFO, CMO, and COO engagements are delivered through a curated partner network of senior executives with direct operational experience in each function — introduced and coordinated by Quantum Tech Advisors with the same standard of client obligation.

A full-time CTO or CIO typically costs $250,000–$400,000 in salary and benefits, plus equity, recruiting fees, and onboarding time. A fractional engagement delivers equivalent strategic value for a fraction of that cost — typically 20-40% of the full-time equivalent, depending on the days-per-month commitment and scope. Beyond cost, fractional arrangements offer flexibility that full-time hires do not: scope can be adjusted as the organisation's needs change, and the engagement ends cleanly when the strategic objective is achieved.

Training data rights provisions govern whether the vendor can use your data — including customer interactions, internal documents, and operational data — to train or improve their AI models. Most standard AI services contracts include broad rights for vendors to use client data for model training, often buried in data processing agreements. Buyers who do not explicitly negotiate these provisions out of their contracts may find that their proprietary data and customer information is being used to improve AI systems sold to their competitors. Explicit prohibition language, data segregation requirements, and model ownership provisions are essential in any AI services contract.

The EU AI Act is in force with active implementation timelines running. For organisations buying AI services, the compliance obligations apply regardless of where the vendor is based — if the AI system is used in the EU or affects EU individuals, the Act applies. Key requirements include risk classification of AI systems, conformity assessments for high-risk applications, transparency obligations, and human oversight requirements. Buyers need to ensure their AI services contracts include vendor compliance obligations, audit rights, and clear allocation of responsibility for regulatory compliance — not just vendor assistance toward compliance.

Independent AI vendor evaluation goes significantly beyond reviewing product demonstrations. It includes: commercial model analysis to understand how pricing scales and where lock-in occurs; data rights review to understand what the vendor does with your data; governance framework assessment to understand model ownership, explainability, and audit rights; reference engagement review focused on delivery performance not just capability claims; technical architecture review to assess integration requirements and dependencies; and regulatory compliance verification. Vendors present AI capabilities in the most favourable light — independent evaluation surfaces what they don't volunteer.

A practical AI governance framework for most organisations covers six areas: use case approval — a defined process for evaluating and approving new AI use cases before deployment; data governance — policies for what data can be used in AI systems and under what conditions; vendor management — standards for AI vendor selection, contracting, and ongoing oversight; model management — processes for monitoring AI system performance, identifying drift, and managing updates; ethical use policy — principles governing acceptable AI use including bias monitoring and human oversight requirements; and regulatory compliance — mechanisms for tracking and responding to evolving AI regulation. The framework should be proportionate to the organisation's AI maturity and risk profile.

Technology advisory is independent, vendor-neutral guidance on technology decisions — covering vendor selection, contract negotiation, spend optimisation, and lifecycle management across managed services, cloud, cybersecurity, network, UCaaS, and BPO. The advisory model is compensated by the technology providers whose solutions are selected, not by the client — making the service free to the buyer. The critical question to ask any technology advisor is whether their obligation is genuinely to the client, or whether their compensation structure creates incentives to favour certain providers. An independent advisor will tell you honestly if the right answer is a provider they don't have a relationship with.

CCaaS (Contact Centre as a Service) is a cloud-based technology platform providing contact centre capabilities — routing, IVR, agent desktop, analytics, AI tools — as a managed service. CX outsourcing is a broader commercial arrangement where an external provider takes responsibility for delivering customer experience outcomes, which may include both the technology platform and the human agents who operate it. Buying a CCaaS platform is not the same as buying a CX outcome — organisations that conflate the two often find themselves with excellent technology and poor customer experience results because the operational model was not contracted for outcome delivery.

Objective cloud provider selection starts with a requirements-led assessment — workload characteristics, compliance requirements, existing technology dependencies, geographic data residency needs, and team capability. From that baseline, the evaluation covers: total cost of ownership across a realistic consumption model (not list pricing); migration complexity and timeline for existing workloads; commercial terms including egress costs, commitment discounts, and exit provisions; support model and SLA structure; and ecosystem fit with your existing tooling. Selecting a cloud provider based on brand preference or analyst positioning without a structured requirements-led evaluation consistently produces higher costs and more complex migrations than necessary.

Quantum Tech Advisors is an independent technology advisory firm founded by Kevin Cartwright and based in Asheville, North Carolina. The firm provides three core services: vendor-neutral technology advisory across managed services, cloud, cybersecurity, network, UCaaS, BPO, and AI; fractional CxO leadership including Fractional AI Officer, CTO, CIO, CISO, CFO, CMO, and COO; and managed services procurement consulting including RFP design, vendor evaluation, and contract negotiation. Kevin Cartwright brings 25 years of vendor-side managed services experience — including more than 1,000 RFPs — to engagements that work exclusively for buyers. Quantum Tech Advisors serves clients nationwide from its base in Asheville, NC.

The best time to engage a managed services advisor is before you issue your RFP — ideally 3-6 months before going to market. At this stage an advisor can help you assess your environment honestly, define requirements, design the RFP, and build a scoring framework before vendor proposals arrive. Engaging after proposals are received is still valuable — particularly for commercial review and contract negotiation — but the earlier the engagement, the more commercial leverage the buyer retains. The worst time to engage an advisor is after you have verbally committed to a vendor but before signing — at that point your negotiating position is significantly weakened.

Quantum Tech Advisors works with organisations of all sizes. Our technology advisory and brokerage services are particularly well suited to SMB and mid-market organisations that don't have dedicated internal procurement or technology strategy teams — and who benefit most from the commercial knowledge that large enterprises take for granted. Fractional CxO engagements are typically best suited to organisations with 50-500 employees that need senior leadership capability without the full-time cost. Managed services procurement advisory is relevant to any organisation running a formal vendor selection process, regardless of contract size.

Yes — Quantum Tech Advisors is based in Asheville, North Carolina. We work with local and regional businesses across Western North Carolina and serve clients nationwide. Asheville and the broader WNC region is an underserved market for the calibre of technology advisory and fractional executive leadership that larger metro markets take for granted — and we are committed to making that expertise accessible to local businesses alongside our national client base. If you are an Asheville or WNC business, we welcome the conversation.

The first step is a 30-minute discovery call — no obligation, no sales pressure. We listen to your situation and tell you honestly whether and how we can add value. If we can't help, we'll tell you that and point you in the right direction. You can reach us through the contact form at quantumtechadvisors.com/contact.html, by email at kevin@quantumtechadvisors.com, or by phone at (828) 380-4234.