2Atos Sphere™ Advisory services: Cloud Governance Atos Sphere SAP Regression Testing (SaaS)Product Lifecycle Mgmt.(PLM) on DemandData Mgmt. on demand (PaaS)Atos in a box Workplace (DaaS)Infra-structure Services (IaaS)Atos Worldline (BPaaS)Opportunity AssessmentAwareness WorkshopSecurity and ComplianceBusiness CasePilot ProjectGovernanceBusiness InnovationTransitionSLIDE 27: as a summary, as Stephen explained, it´s showed the Atos Sphere capabilitiesIt´s remarkable that in our AC offerings We need to show our capabilities as a foundation for our Consulting credibility !
3Customer Organisation IntroductionCloud Governance must be aligned to an organisation’s broader IT and corporate governance, and consider the features and benefits that are unique to cloud.Cloud Governance will become an essential component of the overarching corporate and IT governance framework. This will become especially important as services are multi-sourced across a wider pool of providers.Different types of cloud will require different types of governance according to the services being provided. It is the Service Aggregator that orchestrates delivery across these services.In developing the approach to Cloud Governance, consideration needs to be made to:what remains the samewhat will changewhat is completely newAtos Consulting can support clients in establishing appropriate Cloud Governance with respect to:identifying candidate services for the cloudtransitioning services to the clouddelivering services in the cloudCustomer OrganisationValueCreationResourceManagementRiskPerformanceMeasurementCloudGovernanceService AggregatorCloudGovernanceService ProvidersIaaSPaaSSaaSBPaaSExternal Managed ServiceOn PremiseInternal Managed Service
4ChallengesThe application of governance needs to consider the full services lifecycle - design, build and operate. This will include:Identifying candidates for the cloudTransitioning services to the cloudDelivering services in the cloudThere are also unique nuances of cloud that create new challenges:Avoiding legal, commercial and technical lock-in to service providersEnsuring continued compliance to regulatory requirementsEnsuring that opportunities for cost reduction are not achieved at the expense of reduced service quality or increased service riskThe need for the internal IT function to demonstrate its value to a more empowered businessThe need to balance the need for business agility against a cohesive, consistent approach to the use of IT services and resourcesOperating in an evergreen environmentOrganisations will likely have a greater number of suppliers and hence will need to increase capability in terms of multisourcingThese challenges require a change in focus in how one looks at IT service delivery and the governance required for that.
5Cloud: Governance and control As control passes from organisations to external parties, organisations lose the ability to influence directly how those services are delivered. Organisations must shift their attention from how to deliver a service to how to ensure a service is delivered well.Measure TypeInputsOutputsOutcomesControl and Governance MeasuresControlsGovernanceInputsArchitecture definitionCapacity planningConfiguration managementChange managementApplication managementOutputsProduct configurationService definitionService Level AgreementsContractual terms and conditionsOutcomesQuality of service deliveryCost of provisionSpeed of provisionHighCost of deliveryLowExternalPrivate CloudSaas or BPaaSOn PremiseExternal Managed ServiceIaaS or PaaSInternal Managed ServiceInternalPrivate CloudServicesHighLevel of direct controlLow
6What could stop it working? Governance ThemesIt is essential that the governance put in place for cloud is aligned with and embedded in the wider IT and corporate governance approach. Below are the four main themes for consideration in Cloud Governance.ValueCreationWhat can cloud do for us?ResourceManagementHow can we do it?CloudGovernanceRiskManagementPerformanceMeasurementWhat could stop it working?How well is it working?
7Value CreationValueCreationResourceManagementRiskPerformanceMeasurementCloudGovernanceWhat could we do? – Which services are candidates for the cloud?PrinciplesCloud strategy needs to be aligned with and embedded in the broader IT strategyThe impact of procuring a particular cloud service must be considered alongside other integrated services to ensure that benefits are net positive for the end-to-end delivery of those servicesServices will typically be delivered using a hybrid cloud delivery model, possibly in tandem with a conventional managed service delivery modelEvery service to be delivered via cloud infrastructure must have a clearly reasoned business case to justify the method of deliveryDelivering services through the cloud will impact the dynamic between the business and IT. Cloud services offer an opportunity for the business to bypass the IT function if they do not perceive IT to be adding valueConsiderationsPartnering agreements across multiple vendors will need to be established, challenging the traditional customer/supplier modelDoes the nature of cloud offer specific value to the service in question, such as:Direct competitive advantageAbility to innovateDelivery at a lower cost
8Resource ManagementValueCreationResourceManagementRiskPerformanceMeasurementCloudGovernanceHow can we do it? – How will we transition effectively to the cloud?PrinciplesOutcomes must be continually managed to ensure that a service is meeting:the benefits detailed in the business caseremains aligned to the business needremains the best solution in the market place to satisfy the business needGreater emphasis is placed on a Service Aggregator role to integrate multi-sourced best-of-breed servicesGreater significance is placed on commercial and service management skills to manage the mixed ecosystem that cloud representsConsiderationsCharging services back to the business must be transparent and fair, and the methods must be agreed between the business and IT, particularly if total accuracy is to be sacrificed for ease of operationWhere services are charged based on demand, due to the elasticity of cloud services, IT must ensure that demand patterns are forecast in advance so that expenditure does not exceed budgetary constraintsDemand management also has increased importance in supporting the benefit of increased agility – it must be possible to make rapid changes, and where necessary quickly provision new services or decommission redundant services
9Risk ManagementValueCreationResourceManagementRiskPerformanceMeasurementCloudGovernanceWhat could stop it working? – What pitfalls must be avoided?PrinciplesRisk management should be aligned with the broader organisational and IT approach to riskStandards must be developed to make security and service integration easier to manageConsiderationsService assurance: the degree of due-diligence that is required before embarking upon a service transition, which must be proportional to the level of risk involvedBusiness impact: the impact of cloud service delivery on the overall IT strategy and business operating modelCompliance: the impact of regulatory* requirements may not be understood by cloud service providersExit strategy: the contractual provisions and practicalities of terminating the service must be understood prior to finalising the procurementService integration: the feasibility of integrating a particular cloud service to other services, whether they be on-premise or off-premiseData location: whether data can be located outside the home country or the European Economic AreaEvergreen environment: whether an evergreen environment have negative consequences for service deliveryService levels: whether the right SLAs will be guaranteed and, if so, what impact this will have on costBusiness continuity: whether escrow agreements can be made to reduce the impact of a service provider closing down a service or ceasing trading entirely*Data Protection, Information Governance, Financial Regulation etc.
10Performance Measurement ValueCreationRiskManagementResourceManagementHow well is it working? – How will we know if our service is working as expected?CloudGovernancePrinciplesA greater focus must be placed on outcomes rather than inputs because in the cloud a degree of direct influence is lost in return for a lower cost of ownershipThe Service Aggregator is essential in fronting the service portfolio from a delivery and integration perspectiveConsiderationsThe measures in place, whilst market driven, are essentially at the exclusive discretion of the providerMulti-sourcing and the individuality of each provider means establishing a common set of performance measurements will be more difficultInfluence over the provider is significant but crude, so organisations must have a good appreciation for what steps will be taken to manage breaches in service and ultimately when to invoke their exit strategyChecks and measures must be established to determine whether or not the current cloud service remains appropriateAs the cloud market place evolves organisations must regularly assess whether the current incumbent continues to have the best overall product or servicePerformanceMeasurement
11Customer Organisation Service AggregatorThe Service Aggregator holds responsibility for the operational management of cloud and IT governance.Customer OrganisationWithin the cloud ecosystem there will be more service providers, and greater opportunity for more best of breed services.The Service Aggregator will:provide the cohesion across the service providers and services, against a varied service landscapeTake an end-to-end view of service integration and deliveryProvide service reporting holisticallyHold responsibility for ensuring service continuity and alignment to business needSet up appropriately, the Service Aggregator is the lynchpin of the IT services portfolio and is therefore central to effective governanceValueCreationResourceManagementRiskPerformanceMeasurementCloudGovernanceService AggregatorCloudGovernanceService ProvidersIaaSPaaSSaaSBPaaSExternal Managed ServiceOn PremiseInternal Managed Service
12Our servicesAtos Consulting can support clients from a cloud governance perspective across the full IT service lifecycle -Design, Build and Operate.CreationValueManagementResourceRiskMeasurementPerformanceGovernanceCloudIdentifying candidatesfor the cloud“The Business Advisor”Transitioning servicesto the cloud“The Change Manager”Delivering servicesin the cloud“The Trusted Aggregator”Governance ThemesCloud strategy definitionReadinessGovernanceBusiness caseTransition AdvisoryCommercial assuranceTechnical due diligenceTransition planningOperational AssuranceCloud alignmentMarket reviewService assuranceBusiness Change Management
13SummaryMore services will become cloud orientated – therefore we need to think about how these are managed, especially as the nature of cloud leans more towards management than control.With the above in mind cloud governance needs to form an integral part of an organisation’s overall corporate and IT governance – successful governance for cloud is the recognition and hence embedding of cloud into an organisation’s existing governance strategies.The cloud governance approach must be adjustable to different cloud models, i.e. IaaS, PaaS, SaaS and BPaaS.The governance approach needs to consider what remains unchanged, what needs adjustment, and what is new in terms of governance, with respect to the four governance themes of:Value creationResource managementRisk managementPerformance managementEstablishing the right governance is fundamental to organisations considering placing services in the cloud. Atos Consulting can help organisations define the right governance framework to ensure that the appropriate candidates for cloud are identified, transition is successful and services are delivered according to agreed criteria.