I’ve been communicating with a number of standards organisations on the status of Cloud Governance in different jurisdictions. With the portability of cloud workloads, the governance model should be handled on a global level and the standards institutions are moving quickly to set up a framework with a number of national and global bodies.
One of the most interesting pieces of work I have been sent is from the Chartered Institute for IT. The document sent to me (PDF linked here) is a response to questions raised by the European Commission for Cloud Computing in 2011.
I’ve pulled out some quotes from the document that have provided me some food for thought.
The cloud concept is straightforward and the potential cost benefits are staggering, yet progress has been hindered by the ability of society need for reassurance to embrace new business models and commercial software suppliers to operate in a truly multinational domain
In response to a question on the rights and responsibilities of both user and provider.
User confidence and awareness will improve through the demonstration of workable/scalable multi-tenancy clouds used by multiple organisations. The deployment of the eGovernment and eSciene infrastructures will provide examples of best practice, as well as help potential users and providers to identify potential obstacles when using cloud.
In response to a question on the role of eGovernment in the cloud.
… standard ratified models and agreements covering the different aspects of delivery and various levels of cover should be incorporated into the cloud strategy. These standards would mean that it would be up to the user and provider to agree which they want/need to apply to the particular service they are procuring/providing.
… standard flow down models and agreements that would enable a user to have the confidence that they are fully covered if they procure a service from a third party
… the presence of proformer (pre-agreed) data transfer and ownership agreements that stand up to EU legislation. This would help to remove one of the key barriers to cloud adoption and therefore should be included in the final version of the strategy.
In response to a question on cloud governance requirements
The Institute believes that for cloud to become a success then efforts will need to be made to encourage confidence among users. Cloud computing has long been criticised as limiting the freedom of users and making them dependent on the cloud computing provider. Users will need to be reassured that they are not going to get locked into services which are not flexible to meet changes within their business.
In response to a question on the limitations of cloud computing today
The PDF is well worth a read and I really hope to see some of the recommendations made in the document come into practice.