Feeds

AGIMO's final cloud guidance released

Urges modest pilots when first vaporising IT

  • alert
  • submit to reddit

Application security programs and practises

The Australian Government Information Management Office has released its final Guide to Implementing Cloud Services (PDF).

The document advises caution, suggesting that when considering cloud government agencies need to remember that “Like any new delivery model, a first step is to target low risk, low value applications or pilots from which the organisation can measure actual costs and benefits, gain insights and draw lessons for future endeavours.”

Other than that exhortation, the Guide appears largely uncontroversial and seldom if ever goes beyond common sense.

The section on risk, for example, offers the following checklist to consider:

  • Quality – does the cloud solution meet stakeholder needs;
  • Financial – does the cloud solution provide value for money;
  • Organisational – does the cloud solution work within the agency’s culture;
  • Integration – can the cloud solution meet objectives without business or technical integration difficulties;
  • Compliance – does the cloud solution comply with agency’s legal, regulatory and policy obligations;
  • Business Continuity – can the cloud solution recover from outages or disaster situation; and
  • External – is the Cloud Service Provider performance adequate.

Much of the Guide is filled with similarly anodyne advice, which AGIMO says is intended “as an aid for experienced business strategists, architects, project managers, business analysts and IT staff to realise the benefits of cloud computing technology.”

To be fair, the Guide does point out that AGIMO and other agencies have published more detailed guidance on the nuances needed to ensure cloud usage is secure and sensible. Those other sources of guidance are linked to within the complete Guide. ®

The Power of One eBook: Top reasons to choose HP BladeSystem

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.