Drive innovation and empower your workforce through responsible adoption of the cloud

Governing the cloud

  • Share

Once an emerging technology, cloud computing services have arrived, and they are here to stay.

Cloud allows for increased business agility, faster speed to market, lower information technology costs and happier customers.

According to our survey, cloud adoption increased nearly 100% from 2010 to 2012. Yet, within many organizations, IT has been reluctant to embrace cloud as a viable solution.

Undeterred, business units are often going it alone, procuring cloud services without IT’s involvement. The result is a shadow IT environment that is tough to manage, difficult to operate and nearly impossible to secure.

Organizations seeking to take advantage of cloud computing to create a more nimble, digitally integrated business environment are quickly learning that cloud services need to be adopted as an integral part of the organization’s existing operating model. However, this can create unforeseen risks if businesses do not simultaneously develop a cloud governance model to establish standards for the business to follow and create clear direction and consistency in managing cloud services.

1. What’s the issue?

Business units within organizations — from sales and marketing to HR and supply chain — see the advantages of cloud computing services. And they are using them, with or without IT’s help.

When business functions adopt the cloud without IT’s involvement, the organization often ends up with multiple business units contracting with multiple vendors without understanding the risks or requirements. At the same time, IT lacks the visibility to efficiently and effectively manage these disparate cloud environments, creating unnecessary complexity and cost for the organization.

So what does an organization need to do to develop a cloud strategy that delivers the benefits it seeks?

Business units and IT need to be able to have an open, honest conversation about needs, capabilities and resources necessary to meet the business’s objectives and expectations.

Next, the organization will want to consider the way in which cloud is used in the context of the overall IT operating structure.

Without alignment, or a clear cloud governance model to guide the integration, organizations may not realize many of the benefits they seek. In fact, they may be creating complexity and confusion rather than interoperability and simplicity.

2. Why now?

Every organization uses services delivered from the cloud, whether it knows it or not. If CIOs want to have a seat at the boardroom table, they need to develop a strong point of view that embraces cloud services as a way of supporting the business.

IT needs to be a partner in every aspect of cloud services, from contract negotiation to establishing key performance indicators to vendor management. This shift in responsibilities contributes to IT’s changing role from operators of technology to governors of systems and processes.

And it requires establishing a cloud governance model that everyone must follow. Otherwise, the business will move forward on its own and IT will lose sight of this changing environment and become irrelevant to the business.

3. How does this affect you?

In large organizations, the proliferation of cloud services without IT oversight creates growing security, privacy and financial risks to the organization. Worse yet, it introduces complexity, cost and confusion.

Implementing a cloud governance model will enable IT and the business to collaborate in defining the right strategy for and configuration, migration, management and disposition of cloud services. Governing these areas will help IT successfully manage the cloud entities in use and turn it into an organizational advantage rather than a liability.

However, many IT functions will need to acquire new skills as they transition from operators and tacticians to vendor managers and governors. These skills include understanding not only contractual obligations and service management, but also new and emerging technologies and processes that may help to better manage cloud services.

4. What’s the fix?

A cloud governance model will need to span the three pillars of people, process and technology and encompass the entire cloud life cycle, from identification and configuration to migration, management and decommission.

Cloud governance model

EY chart – Cloud governance model

A robust cloud governance model should also address six domains that span the entire cloud lifecycle:

  • Finance management. Integrating cloud services will shorten financial and business planning cycles. Organizations should consider appointing a cloud finance subject matter professional who understands the total cost of ownership of cloud services, can track service consumption and can provide cost transparency.
  • Cloud service provider management. It’s imperative for organizations to have a properly integrated business ecosystem that enables providers and consumers to work within well-defined boundaries. Organizations should understand who is accountable for managing cloud services within the organization and establish a framework by which IT and the business have a clear understanding of the performance metrics and contract requirements with cloud vendors.
  • Portfolio management. Governing a cloud portfolio necessitates understanding the organization’s cloud landscape and implementing a repeatable and standardized process for cloud investments. Organizations should consider aligning their organizational portfolio more broadly to determine additional opportunities and risks associated with adding a cloud portfolio.
  • Integration/interoperability. Organizations will want to implement a comprehensive set of governance procedures to provide integration and interoperability from resource and technology perspectives.
  • Architecture. Organizations need to clearly articulate the vision and goals of stakeholders through the cloud enterprise architecture.
  • Operations. To sustain cloud service operations, organizations should establish service desk training to address and direct cloud-specific support issues to the appropriate resources to deliver a seamless user experience. Clear organization and assignment of authority will set the scope for the appropriate control, escalation and exception management systems.

Using the cloud governance model as a foundation, organizations can create a governance framework to:

  • Assess and monitor to understand the organization’s current cloud landscape
  • Design and enhance by focusing on how an organization should govern its cloud solutions to minimize risk and maximize the true potential of cloud services
  • Build and operationalize by creating the processes, metrics and reporting to manage a cloud model and enable IT and the business to make informed decisions

5. What’s the bottom line?

Organizational roles and responsibilities are shifting to meet the demand of a highly complex, competitive market environment.

To keep pace with the digital evolution, IT has to shift from its traditional role as a system operator to strategic advisor and solution manager.

Cloud’s ubiquity, combined with its ease of procurement and deployment by anyone in the business, makes the role of IT as a partner to the business rather than a barrier absolutely imperative.

One clear step organizations can make to solidify this partnership is to create a cloud governance model by which everyone must abide. The result is a “cloud-first” culture that fits within the organization’s existing architecture, generates cost efficiencies and significantly lowers risk.