Microsoft launches cloud services due diligence checklist

(c)iStock.com/cruphoto

Microsoft has launched a cloud services due diligence checklist aimed at providing organisations with more standardised procedures for their potential cloud push.

The checklist is based on the emerging ISO/IEC 19086 standard which focuses on cloud service level agreements, and gives structure to organisations of all sizes and sectors to identify their objectives and requirements, before comparing the offerings of different cloud service providers.

“Cloud adoption is no longer simply a technology decision,” Microsoft writes in a page explaining the checklist. “Because checklist requirements touch on every aspect of an organisation, they serve to convene all key internal decision makers – the CIO and CISO as well as legal, risk management, procurement, and compliance professionals.

“The checklist promotes a thoroughly vetted move to the cloud, providing a structured guidance and a consistent, repeatable approach to choosing a cloud service provider,” it adds.

It’s worth noting, as Microsoft does in the document, that the checklist is not intended to be, nor should be considered a substitute for the 19086 standard – its role is to essentially distil the 37 page standard document into two pages – yet it does go through performance, service, data management and governance checks.

In putting the checklist together, Microsoft also cited a Forrester research study which argued that more than 94% of organisations polled would change some terms in their current cloud agreement. Agreements often miss key considerations due to their complex nature, the research notes, while topics cloud buyers regret not having in their agreements are around security, privacy, and awareness around internal key stakeholders.

Earlier this month, Microsoft CEO Satya Nadella told delegates at the company’s Transform conference in London how cloud computing, through powering artificial intelligence and machine learning, was putting technology “in the hands of humanity.” Back in August, the company announced it had obtained ISO 27017 compliance, which gives additional controls specifically relating to cloud services.

You can download the full checklist here.

Related Stories

Leave a comment

Alternatively

This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.

imoyse9061ad3e9cd0405c
14 Nov 2016, 4:39 p.m.

Any guidance to help end consumers better adopt and perform diligence on cloud services is welcomed. I do feel though from 10 years dealing with end users in cloud, that this summarised version needs some prior baseline knowledge to use effectively. For a smaller business, this list alone does not provide enough basic guidance and explanation to help those trying to make a decision. It's not about purely having a list of questions, but understanding the questions, why you are asking them and being able to assimilate what the answers mean.

Reply