TBI‘s Cloud Acquisition Services can support your organization in three ways:
- Strategic support, to help your organization understand how cloud acquisition and provisioning differs from traditional IT acquisition and how to adapt your processes to the cloud;
- Tactical support, at every step of your acquisition process supporting your organization to become cloud savvy;
- Consulting support, to help your staff design acquisition processes, standards, and templates for cloud computing acquisitions for the long term.
Each acquisition service will help your organization begin the journey from a focus on traditional acquisitions to cloud acquisitions, and allow your organization to use cloud computing effectively to drive the achievement of your mission and goals. The procurement methodology required to purchase cloud often needs to change from practices that are focused on a traditional hardware, software and support model to an on-demand service model. Areas like contract negotiations, contract clauses, and interpretations of policy must be addressed so that organizations can take full advantage of cloud computing.
Examples of new or modified practices that are needed include:
- Dealing with variable service levels –addressing changing demands and how to deal with these versus traditional technology purchases and target delivery dates
- The need for custom services – an ability to assess what is really custom versus what can be leveraged that is a standard commodity technology
- Rapidly released code changes versus timed releases – Dealing with a more rapid pace of change, more customer centric delivery, and a different model of choice
- Pricing models – fixed price versus cost plus versus pay as you use
- What technologies to specify in proposals – more expertise in cloud computing and technical research prior to RFI issuance
- Common cloud definitions and tools to speed contract negotiations
- Leveraging of standard cloud definitions like those defined in FedRamp for security and SLAs
- Standard service language and definitions for cloud computing categories (e.g., similar to IBM’s platinum, gold, silver, bronze levels of service)
- Standards for cloud data protection
- Standards for cloud data storage (e.g., physical locations)
- New skills for procurement staff around cloud.
TBI’s Cloud Acquisition Services are composed one or more of the following elements, tailored to your specific environment and needs:
- Strategy Development – clear understanding of the goals and objectives behind additions and changes to cloud acquisitions processes – objectives, constraints and drivers
- Standards – the establishment of standards across language, requirements for specific cloud components, leveraging of organizational policies to foster reuse and to remove some of the complexity in cloud acquisition processes
- Business Case & Financial Management– a high level view of a business case and a cost model that has been tailored to the specific characteristics of cloud computing and can be used across units
- Risk Management– clarification around strategic and tactical risks and specific approaches that are standard in both descriptions and language to clarify the risks and mitigate.
- Security – standards around security requirements that relate to access controls, data protection, where data can be housed, and alignment of specific types of cloud computing to security requirements
- Organizational Change & Process Analysis – assess acquisition processes to determine where the opportunities exist to streamline, based on the characteristics of a cloud computing acquisition
- Vendor Analysis – mechanisms to leverage credible information around vendor cloud capabilities
- Marketing & Demand Management – mechanisms to keep abreast of changes in cloud computing and how these relate to the demand for new cloud computing services
- Program Management, Program Governance, PMO – management structures to ensure the completion an acquisition request from inception to fulfillment.
TBI Cloud Acquisition Services can answer the following types of questions:
- Do we understand when we can use standard IT procurement processes, versus when it is advantageous to have a process that has cloud specific attributes (e.g., pay-per-use, elastic service levels, team-level provisioning, etc.)?
- Have we established standards for reusable requirements such as access controls, encryption, and data storage locations?
- Do we understand how to differentiate when we need to specify a cloud technology by product name, versus describing the functionality that is required by our customer?
- Do we understand how we can use existing policy documents (e.g., FedRamp) to avoid writing potentially variant requirements for the vendor?