Practical Guide To Cloud Service Agreements CSCC
User Manual: Pdf
Open the PDF directly: View PDF
Page Count: 42
- Practical Guide to Cloud Service Agreements Version 2.0
- Contents
- Revisions Much has changed in the realm of cloud computing service agreements since the original Practical Guide to Cloud Service Level Agreements whitepaper was published in April, 2012. Version 2.0 of the document includes the following updates:
- Terminology changes have been made; specifically, the term service level agreement (SLA) has been replaced by cloud service agreement (CSA) to reference the broad agreement that is established between cloud customers and providers. The term SLA is n...
- The Current CSA Landscape section has been updated substantially to reflect current market dynamics.
- All ten steps in the Guide for Evaluating Cloud Service Agreements section have been updated to reflect current best practices. Significant changes have been made to steps 1, 5 and 9.
- Introduction The Practical Guide to Cloud Service Agreements provides a practical reference to help enterprise information technology (IT) and business decision makers analyze cloud service agreements (CSAs) from different cloud service providers. Th...
- The Current CSA Landscape CSAs are a set of documents or agreements that contain the terms governing the relationship between the cloud customer and the cloud service provider. Because the cloud computing market is still developing, cloud customers sh...
- Guide for Evaluating Cloud Service Agreements Before getting to the point of evaluating any CSA, customers must first perform a number of strategic steps (develop a comprehensive business case and strategy, select cloud service and deployment models, ...
- Step 1: Understand Roles & Responsibilities From the cloud service customer perspective, one of the significant areas of risk involved with cloud computing is associated with the division of activities and responsibilities between the cloud service cu...
- Step 2: Evaluate Business Level Policies Customers must consider the policy and compliance requirements relevant to them when reviewing a CSA since there are interdependencies between the policies expressed in the CSA and the business strategy and pol...
- Step 3: Understand Service and Deployment Model Differences Services offered by cloud providers typically fall into one of the three major groups of service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Se...
- Step 4: Identify Critical Performance Objectives Performance goals within the context of cloud computing are directly related to the efficiency and accuracy of service delivery by the cloud provider. Typical performance considerations include availa...
- Step 5: Evaluate Security12F and Privacy Requirements Security controls in cloud computing are, for the most part, no different than security controls in any IT environment. However, because of the cloud service models employed, the operational model...
- Step 6: Identify Service Management Requirements The fundamental goals of any cloud computing environment are to reduce cost, improve flexibility and increase reliability of the delivery of a service. Critical to meeting these goals is a uniform, str...
- Step 7: Prepare for Service Failure Management Service failure management outlines what happens when the expected delivery of a cloud service does not occur. Cloud service capabilities and performance expectations should be explicitly documented in ...
- Step 8: Understand the Disaster Recovery Plan Disaster recovery is a subset of business continuity and focuses on processes and technology for resumption of applications, data, hardware, communications (such as networking), and other IT infrastructure...
- Step 9: Develop an Effective Governance Process The use of cloud services by a cloud service customer means that the customer organization is placing some parts of its IT operations – and hence part of it business processes - in the hands of outside ...
- Step 10: Understand the Exit Process An exit clause should be part of every CSA and describes the details of the exit process including the responsibilities of the cloud provider and consumer in case the relationship terminates prematurely or otherwise.
- Summary of Keys to Success Table 10 summarizes the critical keys to success for any customer organization evaluating and comparing CSAs from different cloud providers.
- Works Cited
- Additional References Cloud Security Alliance. Security Guidance for Critical Areas of Focus in Cloud Computing Version 3.0 (2011). http://www.cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf