Key Takeaways
  • A maintenance contract is a service commitment with defined scope, response times, and exclusions, not a guarantee that nothing will fail.
  • Most disputes arise because expectations were never aligned: the client assumed coverage the contract did not include.
  • Every contract must clearly state what is covered, how fast a technician will attend, and who pays for replacement parts.
  • Preventive maintenance visits should be at minimum twice a year for commercial premises; a single annual visit is insufficient for multi-system sites.
  • The siren battery, backup power supplies, and communication path are the components most commonly omitted from basic PM checklists; confirm they are explicitly included.
  • Documentation after every visit; a signed service report listing every device inspected, every fault found, and every action taken; is not optional for MCST-managed or regulated facilities.

Why a maintenance contract is not the same as a warranty

Most property owners only discover what their maintenance contract covers after something goes wrong. A CCTV recorder fails. An intercom stops working. An access control door refuses to unlock. At that point they discover that the response time is longer than expected, that replacement parts are not included in the agreement, or that the system in question was excluded from the scope entirely.

Securevision engineer reviewing security system maintenance agreement with facilities manager at Singapore commercial property

A maintenance contract is not a warranty. A warranty is a manufacturer's commitment that a product will perform to its specification for a defined period. A maintenance contract is a service commitment; it defines what a contractor will do, how quickly they will respond, and what is excluded from their obligation. The distinction matters because most disagreements between building owners and security contractors arise not from bad faith but from misaligned expectations that were never clarified before the contract was signed.

In Singapore, where facilities managers and MCST councils often inherit contracts signed by previous teams years earlier, it is worth spending thirty minutes reading the current agreement before a fault occurs, not after. The three questions that every maintenance contract must be able to answer clearly are: what exactly does each preventive maintenance visit cover, what is the on-site response time for a critical fault, and who bears the cost of replacement parts. If those three questions cannot be answered from the document in front of you, the contract needs further review before the next renewal.

KEY POINT

Most maintenance contract disputes arise not because the contractor failed to perform, but because the client assumed the contract covered something it did not. Scope, response commitments, and parts policy must all be explicit; vague language such as "maintenance as required" or "response as soon as practicable" creates ambiguity that rarely resolves in the client's favour.

Scheduled preventive maintenance; what each visit should cover

Preventive maintenance is the proactive component of any maintenance contract; work performed on a defined schedule regardless of whether anything has failed. Its purpose is not to fix problems but to identify them before they become operational failures. A security system that is checked regularly will develop fewer unexpected faults, last longer, and perform more reliably when it is actually needed.

Securevision engineer performing scheduled preventive maintenance check on CCTV system at Singapore commercial building

For a CCTV system, a well-structured preventive maintenance visit should include camera lens cleaning, housing inspection, verification that every channel is recording correctly, a hard drive health check, confirmation of retention period against the current resolution settings, remote access and app connectivity testing, and a firmware version review. A visit that only checks whether cameras display live images has confirmed one function and ignored the rest.

For an access control system, the visit should cover reader cleaning and functional testing across all credential types, a credential database backup, door hardware inspection covering locks, closers, and hinges, a controller diagnostic, backup battery testing on all door power supplies, and an audit log review for anomalous patterns. For a burglar alarm system, it should include a walk-test of every detector zone, door and window contact inspection, siren and strobe testing, control panel battery assessment, and a supervised communication path test with the monitoring centre. For an intercom system, the visit should cover camera and speaker cleaning, a full call-journey test from entrance panel to indoor monitor and mobile app, door release relay testing, and power supply inspection.

PLANNING POINT

For most commercial premises in Singapore, a minimum of two preventive maintenance visits per year is the standard we recommend. A single annual visit is insufficient for a multi-system site; too many things can change in twelve months, and too many faults can develop without detection. Properties with high footfall, 24-hour operations, or critical security requirements should consider quarterly visits.

The scope of each preventive maintenance visit should be documented in the contract as a checklist, not as a general description. "Maintenance of CCTV system" is not a scope statement. A scope statement names every function to be tested, every component to be inspected, and every document to be produced at the end of the visit. When evaluating competing maintenance proposals, compare checklists, not prices.

Corrective maintenance and response SLAs

Corrective maintenance is the reactive component; what happens when something breaks. This is where most maintenance contracts are weakest, and where the difference between a professional agreement and a casual service arrangement becomes most apparent.

The contract must specify response time clearly. Response time is the period between a fault being reported and a technician arriving on site, not the time to a phone call, not the time to an acknowledgement, and not business hours only if the site operates around the clock. Common response tiers for Singapore commercial sites are a four-hour critical response for systems whose failure directly affects safety or operations; a door access system at a childcare centre, a CCTV system at a 24-hour logistics hub; a next-business-day standard response for most commercial faults, and a 48-to-72-hour non-critical response for minor faults that do not affect security or operations.

Securevision technician arriving on site for corrective maintenance call at Singapore commercial building

Resolution time is distinct from response time and must also be addressed in the contract. A technician may arrive on site within four hours but require a replacement part that takes three working days to source. The contract should specify what interim measures will be provided while awaiting final resolution; a loan camera, a temporary bypass with documented approval, or an alternative access arrangement. A contract that defines response time but says nothing about resolution or interim measures has addressed only the first step of the fault-handling process.

For critical sites, the contract should also define an escalation path; the named contact at engineering management level who can be reached if a fault cannot be resolved at technician level, and the timeframe within which that escalation must occur. Verbal commitments to escalation are not enforceable. The escalation chain should be named in writing and reviewed at each contract renewal to ensure the contacts remain current.

KEY POINT

Response time and resolution time are not the same thing. A four-hour response SLA guarantees a technician on site; it does not guarantee the fault will be resolved within four hours. Both commitments should be stated separately in the contract, along with what interim provision the contractor will make if resolution requires parts that are not immediately available.

Parts and labour; what is typically excluded

Most maintenance contracts cover labour but exclude replacement parts. This is standard practice and is not unreasonable in itself; hardware that fails due to age, end of component life, or external damage is the owner's responsibility. What matters is that the exclusions are fully understood before a fault occurs, not discovered during one.

Beyond the straightforward labour-only position, many contracts contain additional exclusions that warrant careful attention. Damage from lightning strike or power surge is routinely excluded under an act-of-God clause. In Singapore, where lightning exposure is among the highest in the world, this is a material exclusion; adequate surge protection on NVRs, alarm panels, and access control infrastructure is a reasonable precaution that reduces both the risk of damage and the likelihood of a disputed claim. Vandalism and accidental damage are almost always excluded; verify whether your property insurance covers these categories.

Software and firmware issues represent a significant exclusion that is easy to overlook in a networked IP security system. Some contracts explicitly exclude software-related faults. In a modern integrated system, firmware bugs, video management software crashes, remote access failures, and network configuration problems are among the most common service calls, and some are difficult to classify cleanly as hardware or software. If the contract excludes software-related faults without defining what that means precisely, seek clarification before signing. Consumables; batteries, fuses, cleaning materials; are routinely excluded and should be budgeted for separately.

Securevision's View

The exclusions section of a maintenance contract deserves as much attention as the scope section. We have seen situations where a client discovered that surge damage, software faults, and consumables were all excluded; meaning the contract covered labour for a technician to attend and diagnose, but almost nothing beyond that. Read the exclusions before you read the price. The cheapest contract is rarely the best value when a critical system fails.

Remote health checks

A growing number of maintenance contracts now include a remote health-check component; an automated or periodically reviewed check of device status, storage health, and network connectivity, conducted without a site visit. For Singapore commercial sites, this typically means a monthly or quarterly report confirming how many cameras are online, current NVR storage utilisation, any failed recording alerts, and access control communication status.

Remote health checks serve a specific and valuable purpose that on-site preventive maintenance visits cannot fully address: they catch faults that develop between scheduled visits. A CCTV hard drive that begins accumulating bad sectors in week three of a twelve-week interval between visits will fail before the next scheduled inspection. A remote check would catch the early warning indicators; elevated error rates, reduced write speed, storage utilisation anomalies; before the drive fails completely.

Remote health checks do not replace on-site preventive maintenance. They cannot clean a camera lens, test a door release relay, or perform a walk-test of alarm zones. They complement on-site visits by providing continuous visibility of system health between those visits, particularly for recording, storage, and connectivity status; the functions most likely to fail silently without generating a visible fault at the premises.

PLANNING POINT

When reviewing a maintenance proposal that includes remote health checks, ask what specifically is monitored, how frequently reports are generated, and what the contractor's obligation is when a remote check identifies an anomaly. A remote health-check provision that generates a monthly PDF report but places no response obligation on the contractor when an issue is flagged is of limited practical value.

Documentation and reporting

A professional maintenance contract should produce signed documentation after every visit. At minimum, this means a service report listing every device inspected, every fault found, every remedial action taken, and every recommendation made for follow-up. The report should be signed by both the attending technician and the site representative before the technician leaves. Verbal reports and unsigned job sheets are not adequate substitutes, particularly for sites with compliance or audit obligations.

For MCST-managed developments, ISO-certified organisations, and MOM-regulated workplaces, this documentation forms part of the facility management audit trail. If a security incident occurs and the MCST's maintenance records are incomplete, the council's ability to demonstrate that it discharged its obligations under the Building Maintenance and Strata Management Act (BMSMA) may be compromised. The documentation requirement is not administrative formality; it is evidence of due diligence.

The cumulative maintenance record also serves a practical operational function: it preserves knowledge about the system that would otherwise leave with departing staff. Security systems often remain in service for ten years or longer. During that period, facilities managers change, MCST council members rotate, and staff who knew the system configuration move on. We regularly attend sites where nobody currently on staff knows where the NVR is located, what the system password is, or which contractor installed a particular subsystem. A properly maintained service record; held both by the client and the contractor; eliminates this problem and makes future troubleshooting significantly faster.

KEY POINT

A maintenance contract that does not include a documentation requirement is a contract that leaves the client with no evidence of what was done and no record of what was found. For any site with compliance obligations; MCST, regulated facility, certified organisation; signed post-visit service reports are non-negotiable.

What a well-structured contract looks like

A well-structured maintenance agreement for a Singapore security system will contain a defined scope of all systems covered, listed by type and quantity with serial numbers or asset tags where available. It will state the preventive maintenance visit frequency and describe precisely what each visit covers for each system type. It will set out corrective maintenance response SLAs tiered by fault severity, with a clear definition of what constitutes a critical fault versus a standard or non-critical one. It will state the parts policy explicitly; whether parts are included, client-chargeable at cost, or client-chargeable at cost plus a handling margin. It will include a remote monitoring or health-check provision if applicable. It will define the documentation requirement for every visit. It will name an escalation contact for critical faults that cannot be resolved at technician level. And it will include a contract review clause, typically annual, to allow the scope to be adjusted as the site evolves.

What the contract should not contain is language that creates ambiguity about any of the above. Phrases such as "regular maintenance as required", "response as soon as practicable", and "parts subject to availability" are common and should be replaced with specific commitments before the document is signed. These phrases do not protect the contractor; they simply create disputes that neither party benefits from resolving after the fact.

It is also worth reviewing the device inventory that forms the basis of the contract scope. We regularly encounter contracts where the inventory was accurate at the time of signing but has not been updated to reflect site expansions, system replacements, or new installations in the years since. A maintenance contract whose scope does not reflect the actual installed system provides protection for a site that no longer exists. Ask for the inventory to be reviewed and updated at every contract renewal, and confirm that any significant site changes trigger a scope amendment mid-term.

Securevision's View

The purpose of a maintenance contract is to ensure security systems remain dependable throughout their operational life, not to create paperwork. When evaluating a maintenance agreement, focus less on the monthly fee and more on the specificity of the scope, the clarity of the response commitments, and the completeness of the exclusions list. A contract that costs slightly more but defines everything clearly is almost always better value than one that is cheaper but vague. Clarity protects both parties because everyone knows exactly what is expected when something goes wrong.

In Short

A security system maintenance contract is a service commitment, not a warranty and not a guarantee that nothing will fail. What it should guarantee is that scope, response times, parts policy, and documentation requirements are all defined clearly before a fault occurs. The three questions to ask before signing any maintenance agreement are: what exactly does each preventive maintenance visit cover, what is the on-site response time for a critical fault, and who pays for replacement parts. If those questions cannot be answered from the document, the contract is not ready to sign.

Share
Ler Wee Meng
Ler Wee Meng; Founder & CEO, Securevision Pte Ltd. BEng (NUS) · LLB (University of London) · years in security systems integration.
About Securevision ↗
Security Planning Maintenance Contract SLA MCST

Frequently asked questions

Why do I need a maintenance contract? Can I not simply call a contractor when something breaks?

You can, but reactive-only servicing has a significant weakness: many security system faults are not immediately visible. A CCTV recorder may stop writing to disk while cameras continue displaying live images. An intercom may still ring while the door release function has failed. An access control backup battery may have no residual capacity without generating a keypad fault. Preventive maintenance identifies these hidden failures before an incident reveals them.

How often should preventive maintenance visits be carried out?

For most commercial premises in Singapore, a minimum of two preventive maintenance visits per year is the standard we recommend. A single annual visit is insufficient for a multi-system site; too many things can change and too many faults can develop undetected in a twelve-month interval. High-footfall, 24-hour, or regulated facilities should consider quarterly visits.

Are replacement parts included in a maintenance contract?

Not usually. Most maintenance contracts cover labour for preventive and corrective visits but exclude the cost of replacement hardware. Parts are typically charged at cost, or at cost plus a handling margin, when required. This is standard practice; what matters is that the policy is stated explicitly in the contract before a fault occurs, not discovered during one.

What is the difference between response time and resolution time?

Response time is the period between a fault being reported and a technician arriving on site. Resolution time is how long it takes to fully rectify the fault. A technician may arrive within four hours but require a replacement part that takes three working days to source. Both should be addressed in the contract, along with what interim measures the contractor will provide while awaiting parts.

What does a critical fault mean in the context of a maintenance SLA?

The definition of a critical fault should be stated in the contract and will vary by site. Common examples include a complete access control failure at a main entry point, a CCTV system outage at a 24-hour facility, or a burglar alarm that cannot arm or communicate. For sites with life-safety implications; childcare centres, nursing homes; any system directly related to emergency response may also qualify as critical. The classification should reflect the operational reality of your site, not a generic industry template.

Is surge damage covered under a maintenance contract?

Almost never. Damage from lightning strike or power surge is routinely excluded under act-of-God provisions. In Singapore, where lightning exposure is among the highest in the world, this is a material exclusion. Surge protection on NVRs, alarm panels, and access control infrastructure is a practical precaution that reduces both the risk of damage and the likelihood of a claim being disputed. Verify separately whether your property insurance covers surge-related equipment damage.

What documentation should I receive after a maintenance visit?

At minimum, a signed service report listing every device inspected, every fault identified, every action taken, and every recommendation made for follow-up. The report should be signed by both the attending technician and the site representative. For MCST-managed developments and regulated facilities, these records form part of the audit trail demonstrating that maintenance obligations have been discharged.

What should I check when reviewing a maintenance contract I inherited?

Start with the device inventory; confirm it reflects the systems currently installed, not the systems that were in place when the contract was originally signed. Then check the PM visit frequency and scope, the response SLA tiers and how critical faults are defined, the parts policy, and the exclusions list. Finally, confirm that the escalation contact named in the contract is still the correct person and that their details are current.

What are remote health checks and do I need them?

Remote health checks are automated or periodically reviewed checks of device status, storage health, and network connectivity conducted without a site visit. They are particularly useful for catching recording failures, storage capacity issues, and connectivity drops between scheduled PM visits. They do not replace on-site maintenance but complement it by providing continuous visibility of the functions most likely to fail silently, especially CCTV recording and network connectivity.

Can a maintenance contract be amended if the site expands?

Yes, and it should be. A maintenance contract whose scope does not reflect the actual installed system provides protection for a site that no longer exists. Any significant addition of equipment, change of system configuration, or new installation should trigger a scope amendment. Most professional maintenance agreements include a contract review clause, typically annual, for exactly this purpose. If yours does not, request one at the next renewal.

Does an MCST have a legal obligation to maintain its security systems?

The Building Maintenance and Strata Management Act (BMSMA) imposes on MCSTs a duty to properly maintain common property, which includes security infrastructure installed in common areas. While the Act does not prescribe specific maintenance intervals for security systems, an MCST that cannot demonstrate a reasonable maintenance programme; evidenced by signed service records; may face difficulty defending its position if a security incident leads to a dispute about whether the installed systems were operational and properly maintained at the time.