Now Advisory · Buyer side guide · 2026 edition
ServiceNow limitation of liability: a buyer side analysis
A buyer side analysis of the ServiceNow limitation of liability clause: how the cap and exclusions shift risk onto the buyer, and the redlines that rebalance it.
Section 01Why the limitation of liability clause deserves a buyer side review
A ServiceNow limitation of liability clause sets the ceiling on what the vendor can be made to pay if something goes wrong, and it sits at the centre of how risk is allocated in the agreement. Read carelessly, it caps the vendor exposure at a fraction of the fees while leaving the buyer carrying the larger share of any loss. This clause analysis sets out how the limitation works, where the imbalance sits, and the redline guidance that brings the allocation back toward fair.
We are independent advisors with no vendor partnership and nothing to resell, so the analysis is buyer side and direct. For the wider method start with the ServiceNow contract terms pillar, and where the clause needs a full read against your paper our ServiceNow contract review service does that line by line. Final contract language should be reviewed by counsel. The guidance here is commercial advisory, not legal advice.
Section 02How the limitation of liability clause works
A limitation of liability clause does two things. It caps the total amount either party can recover from the other, usually as a multiple of the fees paid over a defined period, and it excludes certain categories of loss altogether, typically indirect, consequential and lost profit damages. Together these set the financial boundary of the relationship.
The clause defines three things that decide its effect: the size of the cap, the period the cap is measured against, and which losses are excluded or carved back in. A cap set at one year of fees behaves very differently from one set at the fees paid since inception, and an exclusion of all indirect loss behaves differently from one with carve outs for data breach or confidentiality.
The mechanism is reasonable in principle, because no vendor accepts unlimited exposure for a subscription product. The risk for the buyer is in the defaults, where the cap is low, the excluded categories are broad, and the carve backs that should protect the buyer for the events that matter most are missing.
Section 03Where the risk in a limitation of liability clause sits
The first risk is the size of the cap. A cap set at the fees paid in the prior twelve months can be small relative to the harm a serious failure could cause, leaving the buyer to absorb the difference. The second is the measurement period, where a cap tied to a short look back understates exposure on a multi year agreement.
The third risk is the breadth of the exclusions. A clause that excludes all indirect and consequential loss with no carve backs leaves the buyer unprotected for the very losses a software failure tends to produce. The fourth is mutuality, where the cap and the exclusions are written to bind the buyer more tightly than the vendor, so the protection runs one way.
Together these defaults shift risk onto the buyer in the scenarios that matter most. A clause that looks balanced on its face can, through a low cap and broad exclusions, leave the customer carrying the consequences of a failure the vendor caused. The clause should therefore be read alongside the ServiceNow indemnification clause, which interacts with it directly.
Section 04Limitation of liability clause analysis: reading the language
Read the clause for the cap and its basis. Language that caps liability at the fees paid in the prior twelve months is the line to test, because on a large multi year agreement that figure may be far below the harm a serious failure could cause. Prefer a cap measured against a longer period or set at a multiple of annual fees for the events that warrant it.
Read for the excluded categories. A blanket exclusion of indirect, consequential and special damages should carry carve backs for the losses that matter, such as those arising from a data breach, a confidentiality failure or a breach of the security commitments. Read for super caps, the higher ceilings that apply to defined serious events, and check that they exist for data and security.
Finally, read the clause for mutuality. The cap and the exclusions should bind both parties on the same terms, not bind the buyer more tightly than the vendor. A clause that protects the vendor from your claims while leaving you exposed to theirs is the imbalance to correct first.
Section 05Limitation of liability clause redline guidance
Raise the cap so it bears a sensible relationship to the harm a failure could cause, measured against a longer period than a single trailing year on a multi year agreement. Negotiate a super cap, a higher ceiling, for defined serious events such as a data breach or a breach of the security and confidentiality commitments, so the most damaging failures are not capped at the lowest figure.
Carve the events that matter back out of the blanket exclusion, so indirect loss arising from a data breach or a confidentiality failure is recoverable rather than excluded. Make the cap and the exclusions mutual, binding both parties on the same terms. These changes move the clause from a one sided ceiling toward a fair allocation of risk.
Run these redlines inside the wider negotiation rather than as a standalone legal exercise, so the commercial trade offs stay visible. The clause interacts with exit and recovery terms, so read it alongside our analysis of the ServiceNow termination clause. Final contract language should be reviewed by counsel.
Section 06The limitation of liability clause under the 2026 commercial model
The 2026 model replaced the five legacy tiers, Standard, Pro, Pro Plus, Enterprise and Enterprise Plus, with Foundation, Advanced and Prime, and bundled AI across all of them with metered assists. The arrival of bundled AI raises the stakes on the liability clause, because automated and agentic actions taken by the platform create new categories of potential harm that the cap and exclusions were not written to address.
Where AI driven actions touch customer data or take automated decisions, read the clause for whether the cap and the carve backs reach AI related loss. A clause drafted before bundled AI may exclude exactly the losses an automated action could cause, so the carve backs for data and security should be confirmed to cover AI driven events, not just human or system errors.
Settle the clause against the new model rather than carrying forward language written for a platform without bundled AI. As metered assists put more automated action into the product, the liability allocation should reflect the new surface of risk, and the moment to address that is in the negotiation, not after an incident.
Section 07Common limitation of liability drafting variations to watch
Limitation clauses vary most in the cap basis and the super caps, and the difference is large. A single cap at trailing annual fees with no super caps concentrates all risk under one low ceiling, while a structure with a general cap plus higher super caps for data and security spreads the protection where it is needed. Prefer the structured version.
Watch for asymmetric drafting, where the buyer payment obligations are carved out of the cap so the vendor can always recover fees in full, while the buyer claims remain capped. The carve out for a party own payment obligations is standard, but it should be mutual and clearly bounded rather than a back door to one sided exposure.
Check how the clause treats the indemnities. Indemnity obligations are often carved out of the general cap, and where they are, confirm the carve out runs both ways and sits at a level that matches the risk. A liability clause read in isolation from the indemnities can look balanced while the real allocation sits elsewhere.
Section 08Folding the limitation of liability clause into the renewal runway
The clause review belongs at the start of the renewal runway. Four quarters out, read the clause and map the cap, the measurement period and the exclusions. Two quarters out, draft the redlines, prioritising the super caps for data and security and the carve backs that matter most. One quarter out, negotiate the clause inside the main renewal so the risk allocation and the commercial terms move together.
Held this way, the clause stops being a ceiling the buyer noticed only after an incident and becomes a deliberate allocation of risk the buyer shaped. An independent advisor who has read this clause across hundreds of enterprise agreements shortens the work, because the pattern of where the allocation favours the vendor is already known.
The aim is one renewal where the liability clause reflects the real risk the buyer carries, by design rather than by default. To pressure test your specific language and the renewal behind it, book a renewal assessment call with our advisory team. Final contract language should be reviewed by counsel.
FAQFrequently asked questions
What is a ServiceNow limitation of liability clause?
It is the clause that caps what each party can recover from the other and excludes defined categories of loss such as indirect and consequential damages. Its effect depends on the size of the cap, the period it is measured against and which losses are carved back in, which is why it should be read and redlined rather than accepted. Final contract language should be reviewed by counsel.
Where does a limitation of liability clause expose buyers?
In a cap set too low against the harm a failure could cause, in a short measurement period on a multi year agreement, and in broad exclusions with no carve backs for data breach or confidentiality failures. Asymmetric drafting that binds the buyer more tightly than the vendor is the fourth common exposure.
How do you rebalance a limitation of liability clause?
Raise the general cap and measure it against a sensible period, add super caps for serious events such as a data breach, carve the losses that matter back out of the blanket exclusion, and make the cap and exclusions mutual. Confirm the carve backs reach AI driven events under the 2026 model.
Are limitation of liability terms negotiable with ServiceNow?
The cap level, the super caps and the carve backs are commonly negotiated on enterprise agreements based on benchmark observations across real renewals. The figures involved are typical negotiated ranges used as internal leverage rather than published official list prices.