Information Technology Reference
In-Depth Information
construct, the new approach to accounting for cloud and management of
IT resources, new roles, skills and competencies.
Change will be part of the business alignment exercise or
organizational
readiness
building block in the plan and important work package in the
cloud program or project management. The plan should outline the required
change, goals and objectives and critical success factors, impact of change,
and strategies for implementation. The key activities involve change plan-
ning (change plan), change enablement, change management, and embed-
ding the change.
A change and capability maturity assessment early on will help determine
readiness factors, qualified and quantified, as well as potential constraints
and risks, identified and planned. These form important deliverables of the
change/transformation plan.
Change management is a structured approach to transitioning the enter-
prise, teams, individuals, and culture from the as-is state to the desired tar-
get (
to-be
) state. It aims to align the enterprise and strategies with the target
architecture through identifying, characterizing, and addressing issues
relating to communications, process and system design, workforce manage-
ment, performance management, and overall governance features that can
help to support the organizational and other changes as a result of adopting
cloud.
20.4.3.3 Risk Analysis
Cloud adoption comes with its bag of issues, risks, and security concerns. It
is important to perform risk assessment to identify and validate potential
issues and consolidate appropriate mitigation strategies. This will form an
integral part of the transition plans that will feed into the cloud project man-
agement. The business and technology drivers for cloud have to be assessed
against the risk factors at the earlier stages of the process. The risks can be
business, organizational, systems, data, or people related.
Risk mitigation strategy may leverage existing enterprise's governance
and capabilities or may require extending or developing capacity and
competencies.
As far as security of the cloud is concerned, there is a requirement to
implement updated security strategies and governance framework needed
to govern cloud operations and services to ensure their long-term stability.
Some examples of technical consideration may include policies in relation
to service availability, service scalability, performance management, service
security policies, acceptable usage, auditing, and data retention.
There are two broad categories of risk:
1. Delivery risk: entails risk of not delivering the required or expected
capabilities, for instance, unproven technology provision, reliance
of vendors, lack of clarity of scope and deliverables, provider or
Search WWH ::
Custom Search