Microsoft launches cloud services due diligence checklist
Microsoft has launched a cloud services due diligence checklist aimed at providing organisations with more standardised procedures for their potential cloud push.
The checklist is based on the emerging ISO/IEC 19086 standard which focuses on cloud service level agreements, and gives structure to organisations of all sizes and sectors to identify their objectives and requirements, before comparing the offerings of different cloud service providers.
“Cloud adoption is no longer simply a technology decision,” Microsoft writes in a page explaining the checklist. “Because checklist requirements touch on every aspect of an organisation, they serve to convene all key internal decision makers – the CIO and CISO as well as legal, risk management, procurement, and compliance professionals.
“The checklist promotes a thoroughly vetted move to the cloud, providing a structured guidance and a consistent, repeatable approach to choosing a cloud service provider,” it adds.
It’s worth noting, as Microsoft does in the document, that the checklist is not intended to be, nor should be considered a substitute for the 19086 standard – its role is to essentially distil the 37 page standard document into two pages – yet it does go through performance, service, data management and governance checks.
In putting the checklist together, Microsoft also cited a Forrester research study which argued that more than 94% of organisations polled would change some terms in their current cloud agreement. Agreements often miss key considerations due to their complex nature, the research notes, while topics cloud buyers regret not having in their agreements are around security, privacy, and awareness around internal key stakeholders.
Earlier this month, Microsoft CEO Satya Nadella told delegates at the company’s Transform conference in London how cloud computing, through powering artificial intelligence and machine learning, was putting technology “in the hands of humanity.” Back in August, the company announced it had obtained ISO 27017 compliance, which gives additional controls specifically relating to cloud services.
You can download the full checklist here.
- » Exploring specific security pain points with enterprise cloud adoption
- » Do cryptographic keys belong in the cloud?
- » Microsoft cites ‘layers’ of Azure and cloud depth in more positive financial results
- » Albertsons cites competition in Microsoft move – but is the retail cloud battle all it seems?
- » How to tackle the multi-cloud security challenge