Cloud-Based ICT Services Checklist
|
|
- Derek Richardson
- 8 years ago
- Views:
Transcription
1 Cloud-Based ICT Services Checklist Guideline A non-exhaustive list of considerations to be made when evaluating, purchasing, implementing and managing cloud-based ICT services. Keywords: Cloud-based ICT services; cloud services; ICT procurement; digital design; service design; ICT expenditure; information management; information security; privacy; recordkeeping; compliance; audit; business continuity; disaster recovery; evaluation Identifier: CS-GUIDE-01 Version no.: 1.0 Status: Issued Issue date: July 2014 Date of effect: July 2014 Next review date: July 2015 Authority: Victorian Government CIO Council Issuer: Victorian Government Chief Technology Advocate Except for any logos, emblems, trademarks and contents attributed to other parties, the policies, standards and guidelines of the Victorian Government CIO Council are licensed under the Creative Commons Attribution 3.0 Australia License. To view a copy of this license, visit
2 Overview VICTORIAN GOVERNMENT CIO COUNCIL This document provides a non-exhaustive checklist of considerations to be made when evaluating, purchasing, implementing and managing cloud-based ICT services ( cloud services ). Each checkpoint item is explained (see Checklist explanation). Context Cloud services are an important innovation in the provision of ICT services. Engineered for sharing, they enable a large and diverse customer base to use a standardised service without the need for each customer to individually buy, install and customise hardware and software 1. Cloud services also give users ready access to advanced functionality and high quality operations along with shorter project timelines and, when managed properly, significant benefits and less risk in comparison to traditional dedicated ICT solutions. Enterprise-grade cloud offerings now exist across the full spectrum of ICT services. However, some constraints apply. First, the cloud services market is rapidly evolving and comprises vendors and services of varying quality and appropriateness for government use. Secondly, not all workloads, categories of information or applications are appropriate for delivery as cloud services. Consequently, agencies should approach cloud services aware of both the opportunities and the risks, and taking note of procurement and risk management practices. Cloud services checklist The following checklist is a non-exhaustive list of considerations agencies should make prior to committing to a cloud service. 1 Has there been a frank assessment of the current ICT environment? 2 Are there clear business outcomes and priorities? 3 Have you assessed and categorised your data for suitability? 4 Do you understand the relevant data sovereignty risks? 5 Can you adopt a more flexible approach to your requirements? 6 Can your risk analysis processes accommodate cloud services? 7 Can your procurement strategy accommodate cloud services? 8 How will you fund your cloud implementation? 9 Have you completed formal data security and privacy impact assessments? 10 Have you gathered intelligence from other users? 11 Have you established how the service cost is determined and how it can be influenced? 12 Can you trial the service before purchase? 13 Does your cloud services agreement adequately address your circumstances? 14 Have you assigned roles and responsibilities for the storage and retrieval of your data? 15 Have you planned for service failure? 16 Have you considered your future needs? 17 Have you considered your potential roll-out plan? 1 See Appendix A for further information on the nature of cloud services. Cloud-Based ICT Services Checklist (CS CHECKLIST 01) v1.0 July 2014 / page 2
3 Checklist explanation 1. Has there been a frank assessment of the current ICT environment? The starting point for any evaluation of a cloud service should always be to form a realistic appreciation of the strengths and weaknesses of the existing approach to sourcing and managing ICT capabilities. In particular this evaluation should include a frank assessment of the agency s track record for ICT project delivery and the sustainability and security of the agency s ICT environment. This is an essential precursor to making pragmatic and honest assessments of the benefits, costs and risks of different sourcing options. 2. Are there clear business outcomes and priorities? A sound understanding of the agency s desired outcome(s), or end state, is crucial to the assessment of whether cloud services are appropriate for the given situation. Knowing, and prioritising, what is needed allows providers and purchasers alike to determine the most appropriate solution for the purpose. This exercise includes establishing information such as who will use the service (in terms of types or classes of user, or specific groups), in what numbers and at what frequency/volume. 3. Have you assessed and categorised your data for suitability? Privacy laws and other information management obligations dictate that not all categories of information are appropriate for all types of cloud services. Consequently, agencies must analyse and categorise their data and satisfy themselves that the use of a cloud service will not put them at risk of breaching their legal, reputational and internal obligations. Crucially, agencies must consider any auditing requirements imposed on the data that will be stored in a cloud service. Particularly, thought must be given to how readily that data can be queried/retrieved/tested for compliance purposes, and where necessary discuss these needs with the service provider. 4. Do you understand the relevant data sovereignty risks? Critical to any decision to engage a particular cloud service is to know where the data resides. There should be an awareness that some cloud service providers: store their client data in locations other than where their business is or appears to be based; move data without notice from location to location to accommodate operational issues such as load balancing; and/or simply resell the cloud service of another provider, further distancing the control of the data from the owner. The difficulties with data not residing in Victorian or Australian jurisdiction are complex, and depend on the type of data stored and any legal or reputational overlay that may apply to that data. It is out of the scope of this guideline to provide advice in this area, 2 however an evaluation of the provider s storage arrangements needs to be undertaken before any decision to proceed with a given cloud service. 2 See Appendix B, Data sovereignty for further information. Cloud-Based ICT Services Checklist (CS CHECKLIST 01) v1.0 July 2014 / page 3
4 5. Can you adopt a more flexible approach to your requirements? Generally, cloud services particularly public cloud services 3 are unlikely to be tailored to meet the specific needs of a customer. In some circumstances this may well mean that certain organisational needs are unable to be met by particular cloud services. However, this restriction can also be viewed as a catalyst for agencies to hone the requirements of the organisation so that they can utilise cloud services and receive the benefits that they offer. Consequently, agencies requirements definition exercises may need to evolve. For example, agencies may need to establish a process whereby they iteratively question their requirements, and determine any available compromises, before and after approaching candidate cloud services. 6. Can your risk analysis processes accommodate cloud services? Proposals for cloud services should always be evaluated against relevant risk analysis processes and suitable mitigation strategies should be implemented. There should be recognition that cloud services present new challenges for risk management. For example, existing procurement policies and risk management processes can often focus on minimising the risk of making a bad decision, whereas cloud services may call for a more expansive analysis for example an assessment of the risk of failing to make a good decision, or the risk of failing to make a decision at all. Cloud services are subject to many different points of view as to their risks and benefits. Engage with prospective stakeholders early and closely manage their perceptions and queries. Further: ensure that the desired business outcomes and priorities are clearly stated; communicate the facts on the current state of their ICT environment, and how it relates to those desired outcomes and priorities; proactively socialise key research and case studies; showcase successful cloud services; and, subject cloud services to professional ICT project management processes, i.e. ensure good planning with a focus on outcomes and pragmatic, but effective, risk management. 7. Can your procurement strategy accommodate cloud services? Cloud services require extra care when aligning with existing Victorian Government Purchasing Board procurement rules (for example, the as-a-service model defies easy quantification of contract value). Similarly, more agile, iterative, approaches to sourcing ICT capabilities also do not fit well with formal request for proposal (RFP) and tendering processes. Consequently, agencies may need to assess and possibly adjust their procurement strategy to balance the business value of cloud services with the necessary compliance measures. 8. How will you fund your cloud implementation? It is important to note that whilst government ICT solutions have traditionally involved capital investment, cloud services are accommodated in operating expenses. These funding implications must be understood before engaging with a cloud services provider. This step is important because in some instances capital expenditure may be easier to secure than operational expenditure, and vice versa. Particularly, chief financial officers may need to be involved to engineer solutions to these types of challenges. 3 See Appendix A for a definition of public cloud services. Cloud-Based ICT Services Checklist (CS CHECKLIST 01) v1.0 July 2014 / page 4
5 9. Have you completed formal data security and privacy impact assessments? No matter how urgent the business need, or how compelling the offering is, agencies should always consider undertaking formal data security and privacy impact assessments before engaging with cloud services. These assessments will ensure that the relevant risks can be identified and actively managed through appropriate process, information management, operational and contractual mitigations. The process should be informed by an appreciation of the agency s desired outcomes and priorities and the pragmatic cost/benefit/risk compromises involved in the procurement. 10. Have you gathered intelligence from other users? As the government engages with cloud services in a range of different settings, a body of knowledge as to functionality, quality and reliability will begin to form. Consequently, before any interaction with cloud service providers, prospective purchasers should turn to other agencies to gather intelligence and possibly learn about alternatives. This engagement may also expose opportunities to, for example, re-use procurement and implementation materials, create sharing arrangements and possibly purchase services off existing contracts. Equally, agencies should recognise that any engagement they have with a cloud service will generate information that may be useful to others. To that end, documenting at least basic information about their interactions with cloud service providers is encouraged. 11. Have you established how the service cost is determined and how it can be influenced? Cloud services tend to be priced at the sustainable total cost of their operation, with an allowance to keep the service functionally relevant over time. This pricing formula can make cloud services appear expensive relative to other sourcing approaches. However, particular variables can impact on this equation and make cloud services more, or less, appealing from a cost perspective. For example, the number of users and transaction volumes can shape overall costs. For this reason, prospective purchasers should consider a range of usage models to evaluate the effect of pricing under different circumstances and how those results relate to the budget allocated for the service. 12. Can you trial the service before purchase? A key difference between cloud services and traditional ICT capabilities is that cloud services are generally available for near immediate use. This ready availability often means that purchasers of cloud services can seek a trial of the prospective cloud service and even apply real world scenarios to the trial (using caution always with the type of data that is used and the terms of the trial). This more agile approach may also allow more flexibility to trial multiple services, affording the decision-maker the chance to contrast and compare across a variety of offerings. 13. Does your cloud services agreement adequately address your circumstances? Vendors of cloud services often present standard form agreements to prospective purchasers. Unsurprisingly, these agreements can tend to focus on protecting the supplier s interests, and may not provide adequate assurance for a government agency. Agreements with cloud service suppliers should be closely scrutinised, and where the terms are not appropriate for the purchaser, a negotiation of terms may be necessary. The extent of Cloud-Based ICT Services Checklist (CS CHECKLIST 01) v1.0 July 2014 / page 5
6 that negotiation is a matter for the relevant agency, taking into account their particular circumstances. However, at a minimum, the points raised by this guideline, and other relevant government materials, should be addressed in any final written agreement. 14. Have you assigned roles and responsibilities for the storage and retrieval of your data? Because data is stored in, and reliant on, the cloud service provider s particular facilities, agencies must form adequate plans to get their data into and out of those facilities. Moreover, they should ensure that between themselves and the provider it is clear who has responsibility for what in those processes, and where costs lie. With respect to data retrieval, unexpected circumstances can arise, e.g. the provider ceases to operate (in an orderly or disorderly fashion) or one or both parties wish to terminate the relationship. Plans as to how to retrieve the relevant data on the realisation of these situations (and any other reasonably conceivable situation) should be developed before any decisions to pursue a particular cloud service. 15. Have you planned for service failure? A cloud service is essentially an arms-length outsourcing arrangement which, by its nature, involves the risk of interruptions to supply and/or the supplier ceasing operations permanently. In order to manage those risks, all purchasers of cloud services should have a plan to address those eventualities. Any such plan should be appropriate for the degree of reliance on the continuous availability and performance of the service, and should form part of the broader business continuity planning for the agency. Where possible this kind of plan should be adequately tested to the extent possible. 16. Have you considered your future needs? Over time, implementations of cloud services can evolve from small, possibly experimental, beginnings to become mission-critical applications. This possibility must be anticipated when partnering with a cloud service provider, with agencies carefully considering the capacity of the provider to evolve with their future needs (e.g. increase in users, consistent operational performance, and ability to meet evolving information security requirements). Recent quality certifications achieved by the vendor may provide indicators. 17. Have you considered your potential roll-out plan? Cloud services are well suited to starting with small, evaluative implementations, which may then be progressively iterated when the agency is satisfied of their suitability. The benefit of this approach is that business feedback from each of the iterations informs the next, and that feedback in turn benefits the entire rollout. At some point, larger scale rollout can then be accelerated on the back of that testing and the lessons that have been learned and resolved. This approach can considerably reduce the risks of project failure and deliver business outcomes more quickly. Agencies planning to utilise cloud services can advise stakeholders of this to manage expectations about the way the service will be rolled out. Cloud-Based ICT Services Checklist (CS CHECKLIST 01) v1.0 July 2014 / page 6
7 Appendix A: What are cloud services? Cloud services defined VICTORIAN GOVERNMENT CIO COUNCIL There are many definitions of cloud services. The US National Institute of Standards and Technology (NIST) definition is commonly used in government cloud policy documents. This section provides an articulation of the commonly regarded characteristics of cloud services. Cloud computing Cloud computing refers to the underlying technologies and methods that are the building blocks of cloud services. These include, for example, virtualisation, automation, self-service provisioning, usage-based service metering and charging, multi-tenant infrastructure and application architectures, web services, service oriented architecture (SOA) and application program interfaces (APIs). Cloud services Cloud services are a form of outsourced shared services, created using cloud technologies and methods (see cloud computing, above). The distinction between cloud computing and cloud services is important. While it may be relatively straightforward for any organisation to implement cloud computing technologies, the creation and operation of a reliable and trustworthy cloud service is a significantly more difficult, and expensive, proposition, involving appropriate organisation, process, people and culture. Cloud services are also revolutionary because they represent a dramatic change in the way ICT capabilities are both provided and sourced as shared services. They represent an opportunity to shift how these capabilities are purchased and/or consumed, which in turn can lead to extraordinary organisational change. Cloud services may comprise a wide spectrum of ICT functionality, which typically fall under three categories: Software-as-a-service (SaaS): the provision of a fully operational application as a cloud service via a web browser and web services Platform-as-a-service (PaaS): the provision of an application development and operation environment as a cloud service Infrastructure-as-a-service (IaaS): the provision of computing and storage infrastructure as a cloud service This categorisation demonstrates how cloud offers customers the ability to source and consume rather than buy and control. Whilst the distinction between the IaaS, PaaS and SaaS categories is not always clear, in general terms, customers purchase: IaaS to access less costly, more flexible, ICT infrastructure; PaaS to enable faster and less costly development and operation of bespoke applications; and, SaaS to enable faster and less costly implementation and operation of standardised out of the box business applications. Delivery of cloud services: public, private and beyond Traditionally, cloud services have been described as either public or private (and more recently, as hybrid, comprising elements of public and private). Public cloud services are large scale global or national shared services where all customers consume standardised functionality on common terms and conditions. These services are usually accessed via a web browser and the public internet. Private cloud services are shared services with resources dedicated to a particular customer or community of customers. Private cloud services may be delivered in-house or externally provided and may be accessed via the public internet or via a secure Cloud-Based ICT Services Checklist (CS CHECKLIST 01) v1.0 July 2014 / page 7
8 private network. A private cloud service may include functionality and/or contractual terms and conditions that are substantially tailored to an individual customer s needs. In practice the distinction between public and private is becoming less clear, and less useful, as the range and maturity of services evolves. To this end, public and private may be viewed as ends of a continuum rather than discrete service variants. Today, a single provider can deliver services using different models, more-public or more-private, depending on customer needs. The fullest benefits of the cloud services model arise at the public cloud end of the continuum. Bearing this in mind, agencies are advised to avoid simplistic assumptions based on public versus private cloud distinctions in particular the assumption that a private cloud service is always safer than a public cloud service should be challenged. Instead, agencies might focus on understanding the actual trustworthiness and functionality of a particular cloud service, keeping in mind always the question: all things considered, will this service achieve better business outcomes than the alternatives? Enterprise-grade cloud services It is important to acknowledge that not all cloud services providers, and not all cloud service offerings, are suitable for use by large enterprises such as government agencies. Indeed, many cloud services are targeted purely at the consumer and small-medium business markets and the degree to which these services meet the needs of larger organisations varies. In general terms, enterprise-grade cloud services may be distinguished by characteristics such as the: trustworthiness/credibility/financial strength of the provider organisation; operational maturity, historical performance and resilience of the service; depth and breadth of the customer base; forward roadmap of service enhancements; provider s achievement of quality and security accreditations; geographic location of data centres; availability and quality of customer support services; and willingness of the provider to agree to non-standard contractual terms and conditions. Whether a cloud service is appropriate for a specific enterprise purpose is a decision for the relevant agency. All usual benefit and risk assessments should be applied, to both the service provider and the specifics of the services being considered. Cloud-Based ICT Services Checklist (CS CHECKLIST 01) v1.0 July 2014 / page 8
9 Appendix B: Reference and toolkits Victorian Government Policies and Guidelines Victorian Government Procurement VICTORIAN GOVERNMENT CIO COUNCIL Procurement Reform Procurement Reform Statement Policies, Guides & Tools Victorian Government ICT Strategy Policies, Standards & Guidelines Information Privacy The Information Privacy Principles (IPP) Guidelines to the IPP Privacy Impact Assessments guide Requirements for health records Health Privacy Principles (46kB PDF) Australian Government Policies & Guidelines National Cloud Computing Strategy, Department of Communications y_html Cloud Computing Policy and Guides, Australian Government Information Management Office agict.gov.au/policy-guides-procurement/cloud The Data Centre as a Service Multi Use List Fact Sheet, Department of Finance agict.gov.au/policy-guides-procurement/data-centres/data-centre-as-a-service-dcaas-multi-use-listmul-fact-sheet/ Cloud Computing Security Considerations, Department of Defence (Australian Signals Directorate) Privacy Law Reform, Office of the Australian Information Commissioner Privacy Resources, Office of the Australian Information Commissioner Individual healthcare identifiers Compliance obligations for state and territory healthcare providers, Office of the Australian Information Commissioner individual-healthcare-identifiers-compliance-obligations-for-state-and-territory-healthcare-providers Cloud-Based ICT Services Checklist (CS CHECKLIST 01) v1.0 July 2014 / page 9
10 Other State Government Jurisdictions VICTORIAN GOVERNMENT CIO COUNCIL NSW Government ICT Strategy Resources finance.nsw.gov.au/ict/resources NSW Government Cloud Services Policy and Guidelines NSW Procurement Reform Strategic Directions Statement Cloud Service Providers Codes of Practice Cloud Computing Consumer Protocol - Discussion Paper, Australian Computer Society New Zealand Cloud Computing Code of Practice Data sovereignty Data Sovereignty and the Cloud report, University of New South Wales (Cyberspace Law & Policy Community) United States Government Cloud IT Services, U.S. General Services Administration Federal Cloud Computing Strategy, CIO.gov cio.gov/wp-content/uploads/downloads/2012/09/federal-cloud-computing-strategy.pdf (918kB PDF) The Federal Risk and Authorization Management Program (FedRAMP), CIO.gov cloud.cio.gov/fedramp Information Technology Reform: Progress Made but Future Cloud Computing Efforts Should be Better Planned (Report), U.S. Government Accountability Office UK Government Government Service Design Manual, gov.uk Further information For further information regarding this guideline, please see contact information at Version history Version Date TRIM ref Details 0.1 September 2013 D11/ Initial Draft 0.9 Sep 2013 May 2014 D11/ Version for initial noting by the CIO Council July 2014 For release Cloud-Based ICT Services Checklist (CS CHECKLIST 01) v1.0 July 2014 / page 10
Cloud Computing in a Government Context
Cloud Computing in a Government Context Introduction There has been a lot of hype around cloud computing to the point where, according to Gartner, 1 it has become 'deafening'. However, it is important
More informationData Protection Act 1998. Guidance on the use of cloud computing
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
More informationCloud Computing and Records Management
GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version
More informationAustralian Government Cloud Computing Policy
Australian Government Cloud Computing Policy Maximising the Value of Cloud VERSION 2.1 JULY 2013 AGIMO is part of the Department of Finance and Deregulation Contents Foreword 3 Introduction 4 Policy 5
More informationARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.
ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION. Table of contents 1 Introduction...3 2 Architecture Services...4 2.1 Enterprise Architecture Services...5 2.2 Solution Architecture Services...6 2.3 Service
More informationThe Cadence Partnership Service Definition
The Cadence Partnership Service Definition About Cadence The Cadence Partnership is an independent management consultancy, specialising in working with a wide range of organisations, solving complex issues
More informationAustralian Government Cloud Computing Policy
Australian Government Cloud Computing Policy Maximising the Value of Cloud VERSION 2.0 MAY 2013 AGIMO is part of the Department of Finance and Deregulation Contents Foreword 3 Introduction 4 Australian
More informationTasmanian Cloud & Government use of public cloud services
Tasmanian Cloud - Networking Tasmania Pre- Tender Consultation Tasmanian Cloud & Government use of public cloud services Scoping and implementation discussion paper Department of Premier and Cabinet Office
More informationNSW Government. Data Centre & Cloud Readiness Assessment Services Standard. v1.0. June 2015
NSW Government Data Centre & Cloud Readiness Assessment Services Standard v1.0 June 2015 ICT Services Office of Finance & Services McKell Building 2-24 Rawson Place SYDNEY NSW 2000 standards@finance.nsw.gov.au
More informationCloud Computing Strategy. an addendum to the. Queensland Government. ICT Strategy 2013 17. Queensland Government
Department of Science, Information Technology, Innovation and the Arts Queensland Government Cloud Computing Strategy an addendum to the Queensland Government ICT Strategy 2013 17 Supporting Queensland
More information6 Cloud strategy formation. 6.1 Towards cloud solutions
6 Cloud strategy formation 6.1 Towards cloud solutions Based on the comprehensive set of information, collected and analysed during the strategic analysis process, the next step in cloud strategy formation
More informationCloud Computing in the Victorian Public Sector
Cloud Computing in the Victorian Public Sector AIIA response July 2015 39 Torrens St Braddon ACT 2612 Australia T 61 2 6281 9400 E info@aiia.com.au W www.aiia.comau Page 1 of 9 17 July 2015 Contents 1.
More informationThe Human Capital Management Systems Business Case A Checklist to assist agencies developing a business case
The Human Capital Management Systems Business Case A Checklist to assist agencies developing a business case Final version for release Human Capital Management See more at psc.nsw.gov.au/hcm Index - Business
More informationThe Scottish Wide Area Network Programme
The Scottish Wide Area Network Release: Issued Version: 1.0 Date: 16/03/2015 Author: Andy Williamson Manager Owner: Anne Moises SRO Client: Board Version: Issued 1.0 Page 1 of 8 16/04/2015 Document Location
More informationShared service centres
Report by the Comptroller and Auditor General Cabinet Office Shared service centres HC 16 SESSION 2016-17 20 MAY 2016 4 Key facts Shared service centres Key facts 90m estimated savings made to date by
More informationSelecting a Content Management System
9 9 SELECTING A CONTENT MANAGEMENT SYSTEM Selecting a Content Management System Better Practice Checklist Practical guides for effective use of new technologies in Government www.agimo.gov.au/checklists
More informationConnect Renfrewshire
How the council will use its information and technology assets to achieve successful change Contents Strategy Context 2 Digital Delivery and Citizen Engagement 4 Operational Excellence and Transformation
More informationThe rise of the hybrid network model
The rise of the hybrid network model Hybrid networks offer the promise of greater flexibility and capacity, improved application performance and cheaper price points than traditional Wide Area Networks
More informationData centre strategies for business growth in a hybrid cloud world
Data centre strategies for business growth in a hybrid cloud world A joint report from Pacnet and CIO Custom Solutions Group October 2014 Introduction The data centre has become an integral part of the
More informationChanging attitudes to ERP How cloud is disrupting traditional approaches to ERP deployment
Changing attitudes to ERP How cloud is disrupting traditional approaches to ERP deployment Introduction Cloud is fast becoming a viable option for businesses looking to implement a new enterprise resource
More informationNSW Government. Cloud Services Policy and Guidelines
NSW Government Cloud Services Policy and Guidelines August 2013 1 CONTENTS 1. Introduction 2 1.1 Policy statement 3 1.2 Purpose 3 1.3 Scope 3 1.4 Responsibility 3 2. Cloud services for NSW Government 4
More informationehealth Architecture Principles
ehealth Architecture Principles Version 3.0 June 2009 Document Control Details Title: ehealth Architecture Principles Owner: Head of Architecture and Design, Scottish Government ehealth Directorate Version:
More informationRole Description Enterprise Architect and Solutions Delivery Manager
Role Description Enterprise Architect and Solutions Delivery Manager Cluster Agency Division Location Classification/Grade/Band Kind of Employment NSW Health Cancer Institute NSW Information Technology
More informationDigital Continuity Plan
Digital Continuity Plan Ensuring that your business information remains accessible and usable for as long as it is needed Accessible and usable information Digital continuity Digital continuity is an approach
More informationNew ways of working in EDRMS
New ways of working in EDRMS Objective Corporation Limited (OCL) have been meeting with a wide cross-section of state and territory government senior managers, ie Deputy Directors General, Executive Directors,
More informationMapping and Geographic Information Systems Professional Services
Mapping and Geographic Information Systems Professional Services G-Cloud Services RM 1557 Service Definition Esri UK GCloud 5 Lot 4 Specialist Services Government Procurement Service Acknowledgement Esri
More informationCloud Computing in a Regulated Environment
Computing in a Regulated Environment White Paper by David Stephenson CTG Regulatory Compliance Subject Matter Expert February 2014 CTG (UK) Limited, 11 Beacontree Plaza, Gillette Way, READING, Berks RG2
More informationSpecialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services
Specialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services Page 1 1 Contents 1 Contents... 2 2 Transcend360 Introduction... 3 3 Service overview... 4 3.1 Service introduction... 4
More informationCloud Adoption Study Cloud computing is gaining momentum
Cloud Adoption Study Cloud computing is gaining momentum Contents 4 Cloud is gaining momentum due to its business impact. 6 Public SaaS dominates the cloud offerings 7 Market understanding is lacking
More informationCloud Computing Best Practices. Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service
Cloud Computing Best Practices Cloud Computing Best Practices Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service Overview Cloud Computing
More informationUoD IT Job Description
UoD IT Job Description Role: Projects Portfolio Manager HERA Grade: 8 Responsible to: Director of IT Accountable for: Day to day leadership of team members and assigned workload Key Relationships: Management
More informationCloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems
eenviper White Paper #4 Cloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems 1 Executive Summary Cloud computing could revolutionise public services
More informationSpecialist Cloud Services Lot 4 Cloud EDRM Consultancy Services
Specialist Cloud Services Lot 4 Cloud EDRM Consultancy Services Page 1 1 Contents 1 Contents... 2 2 Transcend360 Introduction... 3 3 Service overview... 4 3.1 Service introduction... 4 3.2 Service description...
More informationBringing Together the Essential Elements of Private Cloud
White Paper Bringing Together the Essential Elements of Private Cloud Introduction: The Growing Need for Cloud-Based Services It s no secret that many types and sizes of businesses are moving to cloud
More informationEmbracing SaaS: A Blueprint for IT Success
Embracing SaaS: A Blueprint for IT Success 2 Embracing SaaS: A Blueprint for IT Success Introduction THIS EBOOK OUTLINES COMPELLING APPROACHES for CIOs to establish and lead a defined software-as-a-service
More informationNSW Government. Cloud Services Policy and Guidelines
NSW Government Cloud Services Policy and Guidelines August 2013 CONTENTS 1. Introduction 2 1.1 Policy statement 3 1.2 Purpose 3 1.3 Scope 3 1.4 Responsibility 3 2. Cloud services for NSW Government 4 2.1
More informationTHE QUEST FOR A CLOUD INTEGRATION STRATEGY
THE QUEST FOR A CLOUD INTEGRATION STRATEGY ENTERPRISE INTEGRATION Historically, enterprise-wide integration and its countless business benefits have only been available to large companies due to the high
More informationChoosing a global cloud infrastructure provider
IMAGE: ANIMIND/FOTOLIA.COM Choosing a global cloud infrastructure provider Top considerations for choosing a global cloud infrastructure provider A guide for enterprises considering IaaS services, by Lisa
More informationCloud Procurement Discussion Paper. For Comment
Cloud Procurement Discussion Paper For Comment AUGUST 2014 Acronyms Acronym AGIMO ASD DCaaS MUL IaaS NIST PaaS RFT SaaS SCS Definition Australian Government Information Management Office Australian Signals
More informationCloud Computing. P a n a g i o t i s F o u z a s I T S o l u t i o n s M a n a g e r
C l a s s i f i c a t i o n I S O 2 7 0 0 1 : P u b l i c Cloud Computing Prospects & Challenges P a n a g i o t i s F o u z a s I T S o l u t i o n s M a n a g e r 1 OUTLINE Cloud Definition and Classification
More informationThe NREN s core activities are in providing network and associated services to its user community that usually comprises:
3 NREN and its Users The NREN s core activities are in providing network and associated services to its user community that usually comprises: Higher education institutions and possibly other levels of
More informationSelecting a project management methodology
VICTORIAN GOVERNMENT CIO COUNCIL Project Management Selecting a project management methodology Guideline This guideline provides advice for selecting and tailoring a project management methodology. Keywords:
More informationIBM & Cloud Computing. Smarter Planet. John Easton UK & Ireland Cloud Computing Technical Leader
Cloud Getting hold Computing of the cloud: for a & Cloud Computing Smarter Planet John Easton UK & Ireland Cloud Computing Technical Leader Copyright Corporation 2010 Cloud is important to Corporation
More informationSoftware as a Service Offers Broadening Appeal for Small and Medium-Sized Discrete Manufacturers
Software as a Service Offers Broadening Appeal for Small and Medium-Sized Discrete Manufacturers WHITE PAPER Sponsored by: SAP Simon Ellis November 2010 IDC MANUFACTURING INSIGHTS OPINION Software as a
More informationCloud Computing. What is Cloud Computing?
Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited
More informationSECURE CLOUD SOLUTIONS FOR YOUR BUSINESS.
SECURE CLOUD SOLUTIONS FOR YOUR BUSINESS. 2015 Learning Possibilities Ltd, 506 Centennial Park, Centennial Avenue, Elstree, Herts, WD6 3FG Email: info@cloudpossibilities.com Telephone: +44 (0) 20 8236
More informationDigital Asset Manager, Digital Curator. Cultural Informatics, Cultural/ Art ICT Manager
Role title Digital Cultural Asset Manager Also known as Relevant professions Summary statement Mission Digital Asset Manager, Digital Curator Cultural Informatics, Cultural/ Art ICT Manager Deals with
More informationProfile. Business solutions with a difference
Profile Business solutions with a difference Overview ITeM Group was founded in 1999 and has a successful history of delivering IT solutions in Australia, New Zealand, Indonesia, China and Canada. We specialise
More informationTypes of Cloud Computing The Cloud Computing stack is currently defined by three levels: SaaS, PaaS and IaaS.
Cloud computing is commonly defined as the delivery of computing as a service rather than a product, whereby shared resources, software and information are provided as a utility (like the electricity grid)
More informationPublic Sector Hosting April 2015
Public Sector Hosting April 2015 Secure Cloud solutions with guaranteed UK data sovereignty. Cloud computing for the public sector Public sector organisations are increasingly driven to improve operational
More informationCloud Computing in Higher Education: A Guide to Evaluation and Adoption
Cloud Computing in Higher Education: A Guide to Evaluation and Adoption Executive Summary Public cloud computing delivering infrastructure, services, and software on demand through the network offers attractive
More informationLeveraging the Private Cloud for Competitive Advantage
Leveraging the Private Cloud for Competitive Advantage Introduction While it is universally accepted that organisations will leverage cloud solutions to service their IT needs, there is a lack of clarity
More informationService Management and ICT Monitoring and Reporting Advisory and Implementation Services
Service Management and ICT Monitoring and Reporting Advisory and Implementation Services G-Cloud Service 1 1. An overview of the G-Cloud Service Arcus can assist you with a review and advice on the effectiveness
More informationDeveloping SAP Enterprise Cloud Computing Strategy
White Paper WFT Cloud Technology SAP Cloud Integration Service Provider Developing SAP Enterprise Cloud Computing Strategy SAP Cloud Computing is a significant IT paradigm change with the potential to
More informationSecurity in the Cloud: Visibility & Control of your Cloud Service Providers
Whitepaper: Security in the Cloud Security in the Cloud: Visibility & Control of your Cloud Service Providers Date: 11 Apr 2012 Doc Ref: SOS-WP-CSP-0412A Author: Pierre Tagle Ph.D., Prashant Haldankar,
More informationHow To Transform Information And Communication Technology
TRANSFORMING LOCAL GOVERNMENT ICT Building the infrastructure that will enable cloud computing EMC Perspective THE IMPORTANCE OF STRONG FOUNDATIONS All successful building and development initiatives share
More informationIn-House Counsel Day Priorities for 2012
In-House Counsel Day Priorities for 2012 Cloud Computing the benefits, potential risks and security for the future Presented by Anthony Willis Group Head IP and Technology Thursday 1 March 2012 WIN: What
More informationCloud Computing. Bringing the Cloud into Focus
Cloud Computing Bringing the Cloud into Focus November 2011 Introduction Ken Cochrane CEO, IT/NET Partner, KPGM Performance and Technology National co-leader IT Advisory Services KPMG Andrew Brewin Vice
More informationHow to ensure control and security when moving to SaaS/cloud applications
How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk
More informationMicrosoft appreciates the opportunity to respond to the Cloud Computing Consumer Protocol: ACS Discussion Paper July 2013 (the protocol).
Microsoft Submission to ACS Cloud Protocol Discussion Paper General Comments Microsoft appreciates the opportunity to respond to the Cloud Computing Consumer Protocol: ACS Discussion Paper July 2013 (the
More informationDocument management concerns the whole board. Implementing document management - recommended practices and lessons learned
Document management concerns the whole board Implementing document management - recommended practices and lessons learned Contents Introduction 03 Introducing a document management solution 04 where one
More informationGOVERNING THE CLOUD PARADOX
GOVERNING THE CLOUD PARADOX Balancing Flexibility and Oversight By Stanton Jones, Emerging Technology Analyst, ISG www.isg-one.com INTRODUCTION Large global organizations seeking to add cloud-based capabilities
More informationHow cloud computing can transform your business landscape
How cloud computing can transform your business landscape Introduction It seems like everyone is talking about the cloud. Cloud computing and cloud services are the new buzz words for what s really a not
More informationMicrosoft Pty Ltd. Australian Financial System Inquiry: Response to request for further submissions
Microsoft Pty Ltd Australian Financial System Inquiry: Response to request for further submissions August 2014 1 Response in relation to Chapter 9 of the Interim Report Microsoft is pleased to respond
More informationRisk Management Policy and Framework
Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871
More informationAppendix A: ICT and Information Management Strategy
Appendix A: ICT and Information Management 2014 2019 Head of Information and Business Change Sarah Caulkin October 2014 1 Version Control: Date Version Author Comments 04/08/14 0.1 Jo Harley First draft
More informationHow To Manage Cloud Management
WHITE PAPER Five Steps to Successful Integrated Cloud Management Sponsored by: HP Mary Johnston Turner May 2011 Robert P. Mahowald IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA 01701 USA
More information1 Introduction. 2 What is Cloud Computing?
1 Introduction Table of Contents 1 Introduction 2 What is Cloud Computing? 3 Why is Cloud Computing important? 4 Why Cloud deployments fail? 5 Holistic Approach to cloud computing implementation 6 Conclusion
More informationopinion piece Cloud Computing The journey begins
opinion piece Cloud Computing The journey begins Many CIOs view cloud computing as their salvation in the current economic downturn, as it promises to deliver IT services to subscribers at a lower cost.
More informationSecure Cloud Computing through IT Auditing
Secure Cloud Computing through IT Auditing 75 Navita Agarwal Department of CSIT Moradabad Institute of Technology, Moradabad, U.P., INDIA Email: nvgrwl06@gmail.com ABSTRACT In this paper we discuss the
More informationCLOUD COMPUTING GUIDELINES FOR LAWYERS
INTRODUCTION Legal practices are increasingly using cloud storage and software systems as an alternative to in-house data storage and IT programmes. The cloud has a number of advantages particularly flexibility
More informationFact Sheet Yellowfin & Cloud Computing
Fact Sheet Yellowfin & Cloud Computing 1 Copyright Yellowfin International 2010 Contents Contents...2 What is Cloud Computing...3 Defining types of Cloud Computing...3 Deployment models: Public, Private,
More informationJISC. Technical Review of Using Cloud for Research. Guidance Notes to Cloud Infrastructure Service Providers. Introduction
JISC Technical Review of Using Cloud for Research Guidance Notes to Cloud Infrastructure Service Providers May, 2010 Introduction Provisioning and maintenance of research computing facilities is a core
More informationIn a dynamic economic environment, your company s survival
Chapter 1 Cloud Computing Defined In This Chapter Examining the reasons for cloud Understanding cloud types Defining the elements of cloud computing Comparing private and public clouds In a dynamic economic
More informationBusiness continuity management policy
Business continuity management policy health.wa.gov.au Effective: XXX Title: Business continuity management policy 1. Purpose All public sector bodies are required to establish, maintain and review business
More informationPrivacy and Cloud Computing for Australian Government Agencies
Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide February 2013 Version 1.1 Introduction Despite common perceptions, cloud computing has the potential to enhance privacy
More informationSelecting the right Cloud. Three steps for determining the most appropriate Cloud strategy
Selecting the right Cloud Three steps for determining the most appropriate Cloud strategy Selecting the most appropriate cloud model can be a challenging process for organisations and IT executives tasked
More informationRequest for Proposal. Supporting Document 3 of 4. Contract and Relationship Management for the Education Service Payroll
Request for Proposal Supporting Document 3 of 4 Contract and Relationship December 2007 Table of Contents 1 Introduction 3 2 Governance 4 2.1 Education Governance Board 4 2.2 Education Capability Board
More informationEnsuring security the last barrier to Cloud adoption
Ensuring security the last barrier to Cloud adoption Publication date: March 2011 Ensuring security the last barrier to Cloud adoption Cloud computing has powerful attractions for the organisation. It
More informationprotect your assets. control your spending
protect your assets. control your spending A European poll on IT asset management practices, commissioned by CA Technologies and conducted at the European Gartner Procurement, Financial and Asset Management
More informationCloud Computing - Benefits and Barriers for Retail Adoption
Original Published Research from Cobweb Solutions - Europe s Leading Cloud Services Provider Cloud Computing - Benefits and Barriers for Retail Adoption 28022011 v1.5 written by Ed Dixon Director of Enterprise
More informationShaping the Cloud for the Healthcare Industry
Shaping the Cloud for the Healthcare Industry Louis Caschera Chief Information Officer CareTech Solutions www.caretech.com > 877.700.8324 Information technology (IT) is used by healthcare providers as
More informationHow cloud computing can transform your business landscape.
How cloud computing can transform your business landscape. This whitepaper will help you understand the ways cloud computing can benefit your business. Introduction It seems like everyone is talking about
More informationSage ERP I White Paper
Sage ERP I White Paper On-Demand or On-Premise: Understanding the Deployment Options for your Business Management System Introduction Does this situation sound familiar? You started out with an off-the-shelf
More informationInfopaper. Demystifying Platform as a Service
Demystifying Platform as a Service The dividing lines between PaaS and IaaS may be blurring, but it s important for outsourcers of IT infrastructure to understand what sets Private PaaS apart from commodity
More informationINTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS
INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing
More informationThe Advantages of a Cloud Based Training and Simulation
Cloud for training and simulation: the right approach Training can no longer be viewed as an add-on or an afterthought. It is an integral part of defence capability: a means not just of improving technical
More informationDevelopment Proposal. Company Name Pty Ltd
Development Proposal Company Name Pty Ltd TITLE Government Community Cloud DATE 11 July 2011 Development Proposal UberGlobal CONTENTS UberGlobal White Paper: Government Community Cloud 3 Background 3 Perspective
More informationModule 1: Facilitated e-learning
Module 1: Facilitated e-learning CHAPTER 3: OVERVIEW OF CLOUD COMPUTING AND MOBILE CLOUDING: CHALLENGES AND OPPORTUNITIES FOR CAs... 3 PART 1: CLOUD AND MOBILE COMPUTING... 3 Learning Objectives... 3 1.1
More informationCapturing the New Frontier:
Capturing the New Frontier: How Software Security Unlocks the Power of Cloud Computing Executive Summary Cloud computing is garnering a vast share of IT interest. Its promise of revolutionary cost savings
More informationManagement of Business Support Service Contracts
The Auditor-General Audit Report No.37 2004 05 Business Support Process Audit Management of Business Support Service Contracts Australian National Audit Office Commonwealth of Australia 2005 ISSN 1036
More informationCloud Computing Consumer Protocol. ACS Cloud Discussion Paper July 2013
Cloud Computing Consumer Protocol ACS Cloud Discussion Paper July 2013 ACS Cloud Protocol Discussion Paper July 2013 2 CONTENTS SECTION PAGE 1. Introduction and Purpose 3 2. Structure and Timelines 3 3.
More informationSimplify And Innovate The Way You Consume Cloud
A Forrester Consulting October 2014 Thought Leadership Paper Commissioned By Infosys Simplify And Innovate The Way You Consume Cloud Table Of Contents Executive Summary... 1 Cloud Adoption Is Gaining Maturity
More informationInformation Communication Technology
Information Communication Technology Strategic Plan 2011 15 BTS11/00102 Commonwealth of Australia 2011 This work is copyright. You may download, display, print and reproduce this material in unaltered
More informationEXIN Cloud Computing Foundation
Sample Questions EXIN Cloud Computing Foundation Edition April 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing
More informationDraft v0.7 July 27th. The Nature of Cloud
Global Security Challenges of Cloud Computing Extended Abstract Sadie Creese and Paul Hopkins International Digital Laboratory, WMG, University of Warwick, UK There is no doubt that cloud computing is
More informationHow To Decide If You Should Move To The Cloud
Can security conscious businesses really adopt the Cloud safely? January 2014 1 Phone: 01304 814800 Fax: 01304 814899 info@ Contents Executive overview The varied Cloud security landscape How risk assessment
More informationADDING CLOUD TO THE SERVICE DELIVERY MIX
ADDING CLOUD TO THE SERVICE DELIVERY MIX Business Drivers and Organizational Considerations By Stanton Jones, ISG, and Kalyan Kumar, HCL www.isg-one.com INTRODUCTION Large global organizations today are
More informationHealth Informatics Service Accreditation Manual. Assessment Process. May 2013, Version 1
Health Informatics Service Accreditation Manual Assessment Process May 2013, Version 1 Contents 1. Contacts... 2 2. Introduction... 3 3. Assessment principles... 6 4. Assessment outcome... 7 5. Planning
More informationQuick Guide: Meeting ISO 55001 Requirements for Asset Management
Supplement to the IIMM 2011 Quick Guide: Meeting ISO 55001 Requirements for Asset Management Using the International Infrastructure Management Manual (IIMM) ISO 55001: What is required IIMM: How to get
More information